Adding metadata

4 files changed, 2 insertions, 168 deletions

diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest
index 484c3c9eebf9..68b5c2da2a13 100644
--- a/net-dialup/freeradius/Manifest
+++ b/net-dialup/freeradius/Manifest
@@ -1,2 +1,2 @@
-DIST freeradius-server-3.2.6.tar.bz2 3500878 BLAKE2B 0af7cdf7fb784f2d5019f3bcb06d1d44dca046c9a4513d780ab032367001b6a67e9ea17a3a5b4609b9d7b936647e60c96e35188ba9644c4360071ac8d021bd58 SHA512 3fdd0c1bf82cf7ea2e9ee46cda1061ef06c97eddd70b75be17f05d9dc13771b339d01f140b4288632700d6315c1ac506d225d1e83a179b6f7e8338e2ae42d7e8
 DIST freeradius-server-3.2.7.tar.bz2 3517595 BLAKE2B cd523fbc01e82d87f0944926612223ee2acafc008f0f50447c35263b5dcdd36c8f00c54dde1102a3987b45a7e67426c99a7aee692cf59983c80ead111a2188dd SHA512 c4a13471844ab4ce041db1567e2827370433725beadfbf425d2522b0bf9a4def8ebd41d3c4f45ad350dacdf86bc5bf3952d519d84672c7dde25a12005a009ae5
+DIST freeradius-server-3.2.8.tar.bz2 3671952 BLAKE2B 6266c00c68cbb02de65f88d976453fdcdda552d7554199030640f9bcd60f208afaf75aaac8fbf0a2eea0022eb23ad7b809cb910d48618261ea9f52100732c469 SHA512 31db199c3847bfdb80b726e16cece0d660bd741fae0fca8ba96aaaee30972c657438c4e1fdaa7ef070f84d8b7889a8da8db1defc542b0c0e18f247156f17e0ae
diff --git a/net-dialup/freeradius/files/freeradius-3.0.22-systemd-service.patch b/net-dialup/freeradius/files/freeradius-3.0.22-systemd-service.patch
deleted file mode 100644
index 04223657d5f5..000000000000
--- a/net-dialup/freeradius/files/freeradius-3.0.22-systemd-service.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-diff --git a/debian/freeradius.service b/debian/freeradius.service
-index 378702d184..ee33c2a294 100644
---- a/debian/freeradius.service
-+++ b/debian/freeradius.service
-@@ -7,7 +7,6 @@ Documentation=man:radiusd(8) man:radiusd.conf(5) http://wiki.freeradius.org/ htt
- Type=notify
- WatchdogSec=60
- NotifyAccess=all
--EnvironmentFile=-/etc/default/freeradius
- 
- # FreeRADIUS can do static evaluation of policy language rules based
- # on environmental variables which is very useful for doing per-host
-@@ -25,16 +24,15 @@ MemoryLimit=2G
- # Ensure the daemon can still write its pidfile after it drops
- # privileges. Combination of options that work on a variety of
- # systems. Test very carefully if you alter these lines.
--RuntimeDirectory=freeradius
-+RuntimeDirectory=radiusd
- RuntimeDirectoryMode=0775
- # This does not work on Debian Jessie:
--User=freerad
--Group=freerad
--# This does not work on Ubuntu Bionic:
--ExecStartPre=/bin/chown freerad:freerad /var/run/freeradius
-+User=radius
-+Group=radius
- 
--ExecStartPre=/usr/sbin/freeradius $FREERADIUS_OPTIONS -Cx -lstdout
--ExecStart=/usr/sbin/freeradius -f $FREERADIUS_OPTIONS
-+ExecStartPre=/usr/sbin/radiusd $RADIUSD_OPTIONS -Cx -lstdout
-+ExecStart=/usr/sbin/radiusd -f $RADIUSD_OPTIONS
-+ExecReload=/bin/kill -HUP $MAINPID
- Restart=on-failure
- RestartSec=5
- 
-@@ -42,7 +40,7 @@ RestartSec=5
- NoNewPrivileges=true
- 
- # Allow binding to secure ports, broadcast addresses, and raw interfaces.
--#CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SETUID CAP_SETGID CAP_CHOWN CAP_DAC_OVERRIDE
-+CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SETUID CAP_SETGID CAP_CHOWN CAP_DAC_OVERRIDE
- 
- # Private /tmp that isn't shared by other processes
- PrivateTmp=true
-@@ -60,10 +58,10 @@ ProtectKernelTunables=true
- SystemCallArchitectures=native
- 
- # We shouldn't be writing to the configuration directory
--ReadOnlyDirectories=/etc/freeradius/
-+ReadOnlyDirectories=/etc/raddb/
- 
- # We can read and write to the log directory.
--ReadWriteDirectories=/var/log/freeradius/
-+ReadWriteDirectories=/var/log/radius/
- 
- [Install]
- WantedBy=multi-user.target
diff --git a/net-dialup/freeradius/files/freeradius-3.2.0-tls.patch b/net-dialup/freeradius/files/freeradius-3.2.0-tls.patch
deleted file mode 100644
index e9872e17861e..000000000000
--- a/net-dialup/freeradius/files/freeradius-3.2.0-tls.patch
+++ /dev/null
@@ -1,108 +0,0 @@
-diff -urN freeradius-server-release_3_2_0.orig/src/main/tls.c freeradius-server-release_3_2_0/src/main/tls.c
---- freeradius-server-release_3_2_0.orig/src/main/tls.c	2022-04-22 21:31:30.751233686 +0200
-+++ freeradius-server-release_3_2_0/src/main/tls.c	2022-04-22 21:36:59.077211775 +0200
-@@ -684,7 +684,7 @@
- 				/*
- 				 * Swap empty store with the old one.
- 				 */
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- 				conf->old_x509_store = SSL_CTX_get_cert_store(conf->ctx);
- 				/* Bump refcnt so the store is kept allocated till next store replacement */
- 				X509_STORE_up_ref(conf->old_x509_store);
-@@ -1423,7 +1423,7 @@
- 					if ((SSL_version(tls_session->ssl) > tls_session->conf->max_version) &&
- 					    (rad_debug_lvl > 0)) {
- 						WARN("TLS 1.3 has been negotiated even though it was disabled.  This is an OpenSSL Bug.");
--						WARN("Please set: cipher_list = \"DEFAULT@SECLEVEL=1\" in the tls {...} section.");
-+						WARN("Setting cipher_list in the tls {...} section might help.");
- 					}
- #endif
- 					break;
-@@ -1779,7 +1779,7 @@
- 	 *
- 	 * Change suggested by @t8m
- 	 */
--#if OPENSSL_VERSION_NUMBER >= 0x10101000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
- 	if (FIPS_mode() > 0) {
- 		WARN(LOG_PREFIX ": Ignoring user-selected DH parameters in FIPS mode. Using defaults.");
- 		file = NULL;
-@@ -2024,7 +2024,7 @@
- 	return 0;
- }
- 
--#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- static SSL_SESSION *cbtls_get_session(SSL *ssl, unsigned char *data, int len, int *copy)
- #else
- static SSL_SESSION *cbtls_get_session(SSL *ssl, const unsigned char *data, int len, int *copy)
-@@ -2408,7 +2408,7 @@
- 	return 0;
- }
- 
--#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L
- static SSL_SESSION *cbtls_cache_load(SSL *ssl, unsigned char *data, int len, int *copy)
- #else
- static SSL_SESSION *cbtls_cache_load(SSL *ssl, const unsigned char *data, int len, int *copy)
-@@ -2944,7 +2944,7 @@
- 	char		cn_str[1024];
- 	char		buf[64];
- 	X509		*client_cert;
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- 	const STACK_OF(X509_EXTENSION) *ext_list;
- #else
- 	STACK_OF(X509_EXTENSION) *ext_list;
-@@ -3162,7 +3162,7 @@
- 	}
- 
- 	if (lookup == 0) {
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- 		ext_list = X509_get0_extensions(client_cert);
- #else
- 		X509_CINF	*client_inf;
-@@ -3215,7 +3215,7 @@
- 				value[0] = '0';
- 				value[1] = 'x';
- 				const unsigned char *srcp;
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
- 				const ASN1_STRING *srcasn1p;
- 				srcasn1p = X509_EXTENSION_get_data(ext);
- 				srcp = ASN1_STRING_get0_data(srcasn1p);
-@@ -3307,13 +3307,13 @@
- 	 */
- 	if (depth == 0) {
- 		tls_session_t *ssn = SSL_get_ex_data(ssl, FR_TLS_EX_INDEX_SSN);
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- 		STACK_OF(X509)* untrusted = NULL;
- #endif
- 
- 		rad_assert(ssn != NULL);
- 
--#if OPENSSL_VERSION_NUMBER >= 0x10100000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
- 		/*
- 		 *	See if there are any untrusted certificates.
- 		 *	If so, complain about them.
-@@ -4240,7 +4240,7 @@
- 	 *	send it flowers and cake.
- 	 */
- 	if (min_version <= TLS1_1_VERSION) {
--#if OPENSSL_VERSION_NUMBER >= 0x10101000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
- 		int seclevel = SSL_CTX_get_security_level(ctx);
- 		int required;;
- 
-@@ -4345,7 +4345,7 @@
- 	 *	disable early data.
- 	 *
- 	 */
--#if OPENSSL_VERSION_NUMBER >= 0x10101000L
-+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
- 	SSL_CTX_set_max_early_data(ctx, 0);
- #endif
diff --git a/net-dialup/freeradius/freeradius-3.2.6.ebuild b/net-dialup/freeradius/freeradius-3.2.8.ebuild
index 7123ea4dd080..9afffde24e77 100644
--- a/net-dialup/freeradius/freeradius-3.2.6.ebuild
+++ b/net-dialup/freeradius/freeradius-3.2.8.ebuild
@@ -1,4 +1,4 @@
-# Copyright 2021-2024 Liguros Authors
+# Copyright 2021-2025 Liguros Authors
 # Distributed under the terms of the GNU General Public License v2
 EAPI=8
 
@@ -73,7 +73,6 @@ REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
 QA_SONAME="usr/lib.*/libfreeradius-.*.so"
 
 PATCHES=(
-	"${FILESDIR}"/${PN}-3.0.22-systemd-service.patch
 	"${FILESDIR}"/mppe_keys_c.patch
 )