diff mbox series

freeradius: Update to version 3.2.7

Message ID	20250704101446.8038-16-adolf.belka@ipfire.org
State	Staged
Commit	60797312ac5a16e9e55d214dbd686d2574da2d7e
Headers	From: Adolf Belka <adolf.belka@ipfire.org> To: development@lists.ipfire.org Cc: Adolf Belka <adolf.belka@ipfire.org> Subject: [PATCH] freeradius: Update to version 3.2.7 Date: Fri, 4 Jul 2025 12:14:31 +0200 Message-ID: <20250704101446.8038-16-adolf.belka@ipfire.org> In-Reply-To: <20250704101446.8038-1-adolf.belka@ipfire.org> References: <20250704101446.8038-1-adolf.belka@ipfire.org> Precedence: list Sender: <development@lists.ipfire.org> Mail-Followup-To: <development@lists.ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	freeradius: Update to version 3.2.7 \| freeradius: Update to version 3.2.7

Commit Message

Adolf Belka July 4, 2025, 10:14 a.m. UTC

  - Update from version 3.2.6 to 3.2.7
- Update of rootfile
- Changelog
    3.2.7
	Feature Improvements
	    Print MD5 hash of the configuration files in debug mode This helps people
	     track configuration changes.
	    Add support for IPv6 to "abinary" type. The fields are the same as for
	     "ip", but use "ipv6", and IPv6 formatted addresses.
	    Update radclient to make it clear that Message-Authenticator is added to
	     all Access-Request packets, even if the input file does not contain it.
	    Add support for Subject AltName URI. Closes #5450.
	    Add python_path_mode option to python3 module.
	    Relax checks on OpenSSL minor versions for OpenSSL 3.x.
	    Add API for deleting dynamic home servers.
	    set SO_KEEPALIVE on outbound sockets, so firewalls are less likly to close
	     TCP connections.
	    Allow querying of statistics when home_server has src_ipaddr set. See
	     FreeRADIUS-Stats-Server-Src-IP-Address Fixes #5483.
	    Update dictionary "man" page. Fixes #4346.
	    Change jlibtool to use --show-config, to avoid conflicts with clang
	     --config. Fixes #5442.
	    RADIUS/TLS clients now support a "tls' subsection. For connections from
	     this client, this section is used in preference to the "listen" TLS
	     settings. This allows a server to easily present different identities to
	     different clients.
	    RADIUS/TLS has been updated for TLS-PSK and TLS 1.3. Tested with radsecproxy.
	Bug Fixes
	    For EAP-TLS, send TLS start without a length field Some clients refuse to
	     do EAP-TLS when this field exists.
	    Avoid blocking TLS sockets on corner cases during session setup.
	    Update home server stats.
	    Correct error message about untrusted certs. Fixes #5466.
	    Use PyEval_RestoreThread to swap to main thread Fixes #5111.
	    Don't run Python detach function on config check.
	    Fix a number of issues with TLS connections and
	     "check_client_connections = yes".
	    Be more careful about managing the incoming queue when databases block the
	     server. The server will still be unable to make progress, but it should
	     crash less. Whether or not this is a good thing is unknown.
	    Better handler single-character expansions. Fixes #2216.
	    Correct calculation of EAP length in pre-proxy. Fixes #5486.
	    Don't segfault when using detail listeners. Fixes #5485.
	    Add check for Couchbase v2, rlm_couchbase won't build on v3.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 config/rootfiles/packages/freeradius | 6 ++++++
 lfs/freeradius                       | 6 +++---
 2 files changed, 9 insertions(+), 3 deletions(-)

diff mbox series

Patch

diff --git a/config/rootfiles/packages/freeradius b/config/rootfiles/packages/freeradius
index 3a82e7d9c..d69783b4f 100644
--- a/config/rootfiles/packages/freeradius
+++ b/config/rootfiles/packages/freeradius
@@ -65,6 +65,7 @@  etc/raddb
 #etc/raddb/mods-available/passwd
 #etc/raddb/mods-available/perl
 #etc/raddb/mods-available/preprocess
+#etc/raddb/mods-available/proxy_rate_limit
 #etc/raddb/mods-available/python
 #etc/raddb/mods-available/python3
 #etc/raddb/mods-available/radutmp
@@ -259,6 +260,7 @@  etc/raddb
 #etc/raddb/mods-enabled/pap
 #etc/raddb/mods-enabled/passwd
 #etc/raddb/mods-enabled/preprocess
+#etc/raddb/mods-enabled/proxy_rate_limit
 #etc/raddb/mods-enabled/radutmp
 #etc/raddb/mods-enabled/realm
 #etc/raddb/mods-enabled/replicate
@@ -544,6 +546,9 @@  usr/lib/freeradius/rlm_perl.so
 #usr/lib/freeradius/rlm_preprocess.a
 #usr/lib/freeradius/rlm_preprocess.la
 usr/lib/freeradius/rlm_preprocess.so
+#usr/lib/freeradius/rlm_proxy_rate_limit.a
+#usr/lib/freeradius/rlm_proxy_rate_limit.la
+usr/lib/freeradius/rlm_proxy_rate_limit.so
 #usr/lib/freeradius/rlm_python3.a
 #usr/lib/freeradius/rlm_python3.la
 usr/lib/freeradius/rlm_python3.so
@@ -993,6 +998,7 @@  usr/share/freeradius
 #usr/share/freeradius/dictionary.hillstone
 #usr/share/freeradius/dictionary.hp
 #usr/share/freeradius/dictionary.huawei
+#usr/share/freeradius/dictionary.huawei.v2
 #usr/share/freeradius/dictionary.iana
 #usr/share/freeradius/dictionary.iea
 #usr/share/freeradius/dictionary.infinera
diff --git a/lfs/freeradius b/lfs/freeradius
index 4a267485f..716a8e569 100644
--- a/lfs/freeradius
+++ b/lfs/freeradius
@@ -26,7 +26,7 @@  include Config
 
 SUMMARY    = RADIUS Server
 
-VER        = 3.2.6
+VER        = 3.2.7
 
 THISAPP    = freeradius-server-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -34,7 +34,7 @@  DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = freeradius
-PAK_VER    = 24
+PAK_VER    = 25
 
 DEPS       = libtalloc samba
 
@@ -48,7 +48,7 @@  objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = 0af7cdf7fb784f2d5019f3bcb06d1d44dca046c9a4513d780ab032367001b6a67e9ea17a3a5b4609b9d7b936647e60c96e35188ba9644c4360071ac8d021bd58
+$(DL_FILE)_BLAKE2 = cd523fbc01e82d87f0944926612223ee2acafc008f0f50447c35263b5dcdd36c8f00c54dde1102a3987b45a7e67426c99a7aee692cf59983c80ead111a2188dd
 
 install : $(TARGET)