packages icon indicating copy to clipboard operation
packages copied to clipboard

Published 20 hours ago verified publisher icon openwrt

freeradius3: drop libpcre2 dependency + bump 3.2.3

Open Ansuel opened this issue 1 year ago • 5 comments

Commit https://github.com/openwrt/packages/commit/19ec30255f1379cb2d25f7ace22523039cc8aa67 ("freeradius3: switch to pcre2") was entirely wrong. Freeradius3 have support for PCRE2 from release 4.0.0 alpha and won't be backport to 3.x. The CI test were successful just because libpcre2 was set as a dependency so libpcre header were never included in staging_dir and autoconfig disabled pcre support silently.

On buildbot or other buildroot with mixed libpcre and libpcre2, freeradius will find the pcre header and enable it.

Freeradius3 team said that if pcre library is not found the posix variant is used. To actually enforce this cause, we need to configre freeradius to explicily disable libpcre support even if found.

Fixes: https://github.com/openwrt/packages/commit/19ec30255f1379cb2d25f7ace22523039cc8aa67 ("freeradius3: switch to pcre2") Signed-off-by: Christian Marangi [email protected]

Bump freeradius3 to release 3.2.3.

Refresh patches and manually rebase the openssl support one and the hostname patch.

Ansuel avatar Nov 01 '23 14:11 Ansuel

@BKPepe saddly... the correct fix... https://github.com/openwrt/packages/pull/22576

Also took chance to bump the package as i was testing if new version had pcre support and was a pitty to just drop the refreshed patches.

Ansuel avatar Nov 01 '23 14:11 Ansuel

@BKPepe any change we can merge this? (and backport?) I think freeradius is a pretty used package and noticing some complain this doesn't work.

Ansuel avatar Nov 09 '23 15:11 Ansuel

@BKPepe any change we can merge this? (and backport?) I think freeradius is a pretty used package and noticing some complain this doesn't work.

Does this still require openssl-legacy? There is an --enable-fips-workaround configure flag that is supposed to switch to internal MD4/MD5 that I was hoping would make it so legacy was not needed. I just testing it on 3.0.26 but this is better. I'd vote for bumping to 3.2.3 and stop working on the 3.0.

protectivedad avatar Nov 23 '23 02:11 protectivedad

My apologies, I didn't notice this PR when I opened #22666 - it seemed like a very easy thing to fix.

I think it would still be worthwhile to update the package to the latest version.

jefferyto avatar Nov 23 '23 08:11 jefferyto

Any news about this getting merged?

trippleflux avatar Mar 12 '24 10:03 trippleflux