From 66f193181fbf84fe6c8dcb037af9ea34599f12e9 Mon Sep 17 00:00:00 2001
From: Esaaprilia Salsabila <esaapriliasalsabila@gmail.com>
Date: Fri, 19 Jul 2024 08:27:45 +0800
Subject: [PATCH] freeradius3: update version 3.2.5

Signed-off-by: Esaaprilia Salsabila <esaapriliasalsabila@gmail.com>
---
 net/freeradius3/Makefile                             |  7 +++----
 .../002-disable-session-cache-CVE-2017-9148.patch    |  8 ++++----
 net/freeradius3/patches/010-openssl-deprecated.patch | 12 ++++++------
 3 files changed, 13 insertions(+), 14 deletions(-)

diff --git a/net/freeradius3/Makefile b/net/freeradius3/Makefile
index 775fb7512e..0b37e7b4de 100644
--- a/net/freeradius3/Makefile
+++ b/net/freeradius3/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=freeradius3
-PKG_VERSION:=3.2.4
-PKG_RELEASE:=2
+PKG_VERSION:=3.2.5
+PKG_RELEASE:=1
 
 PKG_SOURCE:=freeradius-server-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://freeradius.org/ftp/pub/freeradius
-PKG_HASH:=fdd476949f3c991c19f14ef7199b522e5204896d139c69946381dce9b8922941
+PKG_HASH:=1e75f5fc1961d9854d1cb3c6921612fbe2b9edb8ee508a5a7cbd69f1e7607115
 
 PKG_MAINTAINER:=
 PKG_LICENSE:=GPL-2.0
@@ -21,7 +21,6 @@ PKG_LICENSE_FILES:=COPYRIGHT LICENSE
 PKG_CPE_ID:=cpe:/a:freeradius:freeradius
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/freeradius-server-$(PKG_VERSION)
-PKG_BUILD_PARALLEL:=0
 PKG_FIXUP:=autoreconf
 PYTHON3_PKG_BUILD:=0
 
diff --git a/net/freeradius3/patches/002-disable-session-cache-CVE-2017-9148.patch b/net/freeradius3/patches/002-disable-session-cache-CVE-2017-9148.patch
index d425318088..bb6787f943 100644
--- a/net/freeradius3/patches/002-disable-session-cache-CVE-2017-9148.patch
+++ b/net/freeradius3/patches/002-disable-session-cache-CVE-2017-9148.patch
@@ -9,7 +9,7 @@ Last-Update: 2020-04-28
 
 --- a/src/main/tls.c
 +++ b/src/main/tls.c
-@@ -954,7 +954,7 @@ after_chain:
+@@ -956,7 +956,7 @@ after_chain:
  	}
  	if (vp) vp->vp_integer = state->mtu;
  
@@ -18,7 +18,7 @@ Last-Update: 2020-04-28
  
  	return state;
  }
-@@ -4517,7 +4517,7 @@ post_ca:
+@@ -4515,7 +4515,7 @@ post_ca:
  	/*
  	 *	Callbacks, etc. for session resumption.
  	 */
@@ -27,7 +27,7 @@ Last-Update: 2020-04-28
  		/*
  		 *	Cache sessions on disk if requested.
  		 */
-@@ -4597,7 +4597,7 @@ post_ca:
+@@ -4595,7 +4595,7 @@ post_ca:
  	/*
  	 *	Setup session caching
  	 */
@@ -36,7 +36,7 @@ Last-Update: 2020-04-28
  		/*
  		 *	Create a unique context Id per EAP-TLS configuration.
  		 */
-@@ -4885,7 +4885,7 @@ fr_tls_server_conf_t *tls_server_conf_pa
+@@ -4883,7 +4883,7 @@ fr_tls_server_conf_t *tls_server_conf_pa
  		goto error;
  	}
  
diff --git a/net/freeradius3/patches/010-openssl-deprecated.patch b/net/freeradius3/patches/010-openssl-deprecated.patch
index 3a7b69b30b..31a5fcadfe 100644
--- a/net/freeradius3/patches/010-openssl-deprecated.patch
+++ b/net/freeradius3/patches/010-openssl-deprecated.patch
@@ -26,7 +26,7 @@
  
  #if OPENSSL_VERSION_NUMBER >= 0x30000000L
  #  include <openssl/provider.h>
-@@ -2998,7 +2999,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
+@@ -2996,7 +2997,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
  	int		my_ok = ok;
  
  	ASN1_INTEGER	*sn = NULL;
@@ -35,7 +35,7 @@
  	VALUE_PAIR	**certs;
  	char **identity;
  #ifdef HAVE_OPENSSL_OCSP_H
-@@ -3089,7 +3090,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
+@@ -3087,7 +3088,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
  	 *	Get the Expiration Date
  	 */
  	buf[0] = '\0';
@@ -44,7 +44,7 @@
  	if (certs && (lookup <= 1) && asn_time &&
  	    (asn_time->length < (int) sizeof(buf))) {
  		memcpy(buf, (char*) asn_time->data, asn_time->length);
-@@ -3102,7 +3103,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
+@@ -3100,7 +3101,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
  	 *	Get the Valid Since Date
  	 */
  	buf[0] = '\0';
@@ -53,7 +53,7 @@
  	if (certs && (lookup <= 1) && asn_time &&
  	    (asn_time->length < (int) sizeof(buf))) {
  		memcpy(buf, (char*) asn_time->data, asn_time->length);
-@@ -3666,10 +3667,12 @@ static int set_ecdh_curve(SSL_CTX *ctx,
+@@ -3664,10 +3665,12 @@ static int set_ecdh_curve(SSL_CTX *ctx,
   */
  int tls_global_init(TLS_UNUSED bool spawn_flag, TLS_UNUSED bool check)
  {
@@ -66,7 +66,7 @@
  
  	/*
  	 *	Initialize the index for the certificates.
-@@ -3769,6 +3772,7 @@ int tls_global_version_check(char const
+@@ -3767,6 +3770,7 @@ int tls_global_version_check(char const
   */
  void tls_global_cleanup(void)
  {
@@ -74,7 +74,7 @@
  #if OPENSSL_VERSION_NUMBER < 0x10000000L
  	ERR_remove_state(0);
  #elif OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-@@ -3794,6 +3798,7 @@ void tls_global_cleanup(void)
+@@ -3792,6 +3796,7 @@ void tls_global_cleanup(void)
  	ERR_free_strings();
  	EVP_cleanup();
  	CRYPTO_cleanup_all_ex_data();