freeradius3: A couple of small fixes

- Moves /etc/freeradius3/sites-{enabled,available}/inner-tunnel to be part of
  the freeradius3-mod-eap package. This prevents conflicts between
  freeradius3-mod-eap-peap and freeradius3-mod-eap-ttls which both included the
  file before. This fixes LEDE bug FS#678.

- Change the demo cert validity to be 1 year instead of 60 days. Should keep the
  cert valid for the duration of the LEDE release cycle (with some slack). This
  fixes #4239.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>

diff --git a/net/freeradius3/Makefile b/net/freeradius3/Makefile
index 7603e86dfab7c7409a0a3d28801dac0c33c5a588..fc90af2b6358aeca0e463952110b1313ef3ff364 100644 (file)
--- a/net/freeradius3/Makefile
+++ b/net/freeradius3/Makefile
@@ -137,6 +137,8 @@ define Package/freeradius3-mod-eap/conffiles
 /etc/freeradius3/mods-available/eap
 /etc/freeradius3/mods-enabled/eap
 /etc/freeradius3/policy.d/eap
+/etc/freeradius3/sites-enabled/inner-tunnel
+/etc/freeradius3/sites-available/inner-tunnel
 endef
 
 define Package/freeradius3-mod-eap-gtc
@@ -169,11 +171,6 @@ define Package/freeradius3-mod-eap-peap
   TITLE:=EAP/PEAP module
 endef
 
-define Package/freeradius3-mod-eap-peap/conffiles
-/etc/freeradius3/sites-available/inner-tunnel
-/etc/freeradius3/sites-enabled/inner-tunnel
-endef
-
 define Package/freeradius3-mod-eap-tls
   $(call Package/freeradius3/Default)
   DEPENDS:=freeradius3-mod-eap @FREERADIUS3_OPENSSL
@@ -186,11 +183,6 @@ define Package/freeradius3-mod-eap-ttls
   TITLE:=EAP/TTLS module
 endef
 
-define Package/freeradius3-mod-eap-ttls/conffiles
-/etc/freeradius3/sites-available/inner-tunnel
-/etc/freeradius3/sites-enabled/inner-tunnel
-endef
-
 define Package/freeradius3-mod-exec
   $(call Package/freeradius3/Default)
   DEPENDS:=freeradius3

diff --git a/net/freeradius3/patches/001-fix-cert-expiry.patch b/net/freeradius3/patches/001-fix-cert-expiry.patch
new file mode 100644 (file)
index 0000000..b30b012
--- /dev/null
+++ b/net/freeradius3/patches/001-fix-cert-expiry.patch
@@ -0,0 +1,33 @@
+--- a/raddb/certs/ca.cnf
++++ b/raddb/certs/ca.cnf
+@@ -14,7 +14,7 @@ private_key          = $dir/ca.key
+ RANDFILE              = $dir/.rand
+ name_opt              = ca_default
+ cert_opt              = ca_default
+-default_days          = 60
++default_days          = 365
+ default_crl_days      = 30
+ default_md            = sha256
+ preserve              = no
+--- a/raddb/certs/client.cnf
++++ b/raddb/certs/client.cnf
+@@ -14,7 +14,7 @@ private_key          = $dir/ca.key
+ RANDFILE              = $dir/.rand
+ name_opt              = ca_default
+ cert_opt              = ca_default
+-default_days          = 60
++default_days          = 365
+ default_crl_days      = 30
+ default_md            = sha256
+ preserve              = no
+--- a/raddb/certs/server.cnf
++++ b/raddb/certs/server.cnf
+@@ -14,7 +14,7 @@ private_key          = $dir/ca.key
+ RANDFILE              = $dir/.rand
+ name_opt              = ca_default
+ cert_opt              = ca_default
+-default_days          = 60
++default_days          = 365
+ default_crl_days      = 30
+ default_md            = sha256
+ preserve              = no