aland [Mon, 25 Sep 2000 17:48:23 +0000 (17:48 +0000)]
fixed typos
aland [Mon, 25 Sep 2000 15:44:35 +0000 (15:44 +0000)]
changed hard-coded 0x7f00000001 to INADDR_LOOPBACK, and
ensured that INADDR_{ANY,LOOPBACK,NONE} are defined.
aland [Mon, 25 Sep 2000 15:24:05 +0000 (15:24 +0000)]
if the realm is a LOCAL one, then still add the 'Realm' attribute,
but don't actually proxy the packet, as we'll end up handling
it anyhow.
This allows the administrator to use Proxy-To-Realm := "localrealm",
and NOT have the server send itself packets in an infinite loop.
aland [Fri, 22 Sep 2000 18:11:27 +0000 (18:11 +0000)]
partial update of patch from "Bruno L. F. Cabral" <bruno@openline.com.br>
Untested...
aland [Fri, 22 Sep 2000 18:06:32 +0000 (18:06 +0000)]
removed Cistron spec file.
Added FreeRADIUS spec file, as given by
"Bruno L. F. Cabral" <bruno@openline.com.br>
aland [Thu, 21 Sep 2000 14:50:13 +0000 (14:50 +0000)]
update mkinstalldirs location to coddle dumb OS's
aland [Thu, 14 Sep 2000 18:41:51 +0000 (18:41 +0000)]
ALWAYS look up host names to IP addresses, otherwise stuff really
fails
aland [Thu, 14 Sep 2000 18:14:01 +0000 (18:14 +0000)]
updated 'compat' mode logic to hopefully work a little better.
Bugs noted by "Bruno L. F. Cabral" <bruno@openline.com.br>
aland [Thu, 14 Sep 2000 18:04:35 +0000 (18:04 +0000)]
last change to update new libltdl location
aland [Thu, 14 Sep 2000 15:44:59 +0000 (15:44 +0000)]
updated 'distclean' for new location of libltdl
aland [Thu, 14 Sep 2000 15:28:38 +0000 (15:28 +0000)]
use variables LIBLTDL and INCLTDL, instead of hard-coded paths.
These variables can get updated by the 'configure' scripts,
if the user already has libltdl on their system.
aland [Thu, 14 Sep 2000 15:26:18 +0000 (15:26 +0000)]
moved libltdl up a directory, to keep the GNU libtool
scripts happy
aland [Thu, 14 Sep 2000 15:25:48 +0000 (15:25 +0000)]
find and substitute the variable top_builddir
aland [Thu, 14 Sep 2000 15:19:53 +0000 (15:19 +0000)]
check if libltdl is to be installable, and set LIBLTDL and INCLTDL
to the appropriate paths
aland [Wed, 13 Sep 2000 18:07:19 +0000 (18:07 +0000)]
don't run dynamic log code, as it should be re-written
aland [Wed, 13 Sep 2000 16:27:19 +0000 (16:27 +0000)]
updated to use radlog() instead of log(), to avoid any possible
conflicts with the math library log() function.
aland [Wed, 13 Sep 2000 16:18:35 +0000 (16:18 +0000)]
changed log() to radlog(). Over-loading function names
is probably a bad thing...
aland [Wed, 13 Sep 2000 16:13:33 +0000 (16:13 +0000)]
actually print out the error, if we have a problem in select()
aland [Thu, 7 Sep 2000 20:17:33 +0000 (20:17 +0000)]
a number of more updates to clean up the man pages
aland [Thu, 7 Sep 2000 19:57:57 +0000 (19:57 +0000)]
formatting changes
aland [Thu, 7 Sep 2000 19:45:12 +0000 (19:45 +0000)]
set Auth-Type := again...
aland [Wed, 6 Sep 2000 16:25:47 +0000 (16:25 +0000)]
Cistron 'users' file compatibility mode is off, by default
aland [Wed, 6 Sep 2000 16:25:14 +0000 (16:25 +0000)]
added support for a Cistron 'compat' mode, so that people can
copy over their old 'users' file, and have them mostly work
with FreeRADIUS
aland [Wed, 6 Sep 2000 15:47:37 +0000 (15:47 +0000)]
more documentation, more examples
aland [Tue, 5 Sep 2000 18:00:42 +0000 (18:00 +0000)]
Place-holder file for accounting users file
aland [Tue, 5 Sep 2000 17:56:46 +0000 (17:56 +0000)]
added even more text. It might actually make sense now.
aland [Tue, 5 Sep 2000 17:07:14 +0000 (17:07 +0000)]
more minor updates
aland [Tue, 5 Sep 2000 17:04:53 +0000 (17:04 +0000)]
New documentation describing the format of the 'users' file.
This should help to make some things clearer...
aland [Tue, 5 Sep 2000 16:37:00 +0000 (16:37 +0000)]
added a lot of text describing the format of the configuration
file.
aland [Tue, 5 Sep 2000 16:13:37 +0000 (16:13 +0000)]
updated the Auth-Type attributes to use ':=' and '+=', where
appropriate
aland [Tue, 5 Sep 2000 16:11:17 +0000 (16:11 +0000)]
*add* in the auth-tyep attribute, and don't *over-ride* it.
aland [Tue, 5 Sep 2000 14:40:22 +0000 (14:40 +0000)]
update the configuration file reader to ignore semi-colons
pam [Tue, 5 Sep 2000 07:12:13 +0000 (07:12 +0000)]
Fixed compilation for OpenLDAP _without_ Cyrus SASL libraries
Fixed module operation if only authentication is done via LDAP (no authorization)
Fixed module to support new instance framework
aland [Fri, 1 Sep 2000 19:36:22 +0000 (19:36 +0000)]
configuration option to turn DNS lookups on/off.
Removed the now-redundant command-line option to do the same
thing.
aland [Fri, 1 Sep 2000 19:33:24 +0000 (19:33 +0000)]
configuration option to turn DNS lookups on or off.
aland [Fri, 1 Sep 2000 18:21:44 +0000 (18:21 +0000)]
add port numbers to log messages about requests from/to clients.
e.g. "127.0.0.1:1038", instead of "127.0.0.1"
If we see a duplicate request, then send the duplicate reply
to the port of the *new* request, not the port of the *old* request
aland [Fri, 1 Sep 2000 17:58:25 +0000 (17:58 +0000)]
the setuptimeout() difference MAY be negative, so we short-circuit
if it's <=0, not if it's ==0.
Also, if the smallest is < 0, then we set it to zero.
aland [Fri, 1 Sep 2000 15:38:50 +0000 (15:38 +0000)]
only kill all of the processes in the process group if we're
the process group leader.
aland [Fri, 1 Sep 2000 14:52:14 +0000 (14:52 +0000)]
add destination port to the debugging output, so we can
see where the packet is going.
aland [Fri, 1 Sep 2000 14:43:46 +0000 (14:43 +0000)]
made pairlist_read take a PAIR_LIST **, and return 0/-1 for OK/ERROR
This allows the functions calling it to tell the difference between
an empty PAIR_LIST, and an erroneous one.
aland [Fri, 1 Sep 2000 13:56:25 +0000 (13:56 +0000)]
corrected behaviour of setuptimeout() when the curreq->timestamp
is zero. Bug noted by Alan Curry.
aland [Thu, 31 Aug 2000 21:07:27 +0000 (21:07 +0000)]
Patches from "Alan Curry" <pacman-radius@cqc.com>
I invented a new structure called CONF_ITEM, and made both CONF_SECTION
and CONF_PAIR subclasses (in the C-only libXt/libgtk style) of it. I also
made all the CONF_* structs opaque to everything outside conffile.c, which I
gather was the original intent since everything is using those *_next()
accessor functions instead of walking the ->next list directly.
The semicolon stuff goes away, and now you can mix pairs (including
word-on-a-line-by-itself) with sections, and order is preserved:
aland [Thu, 31 Aug 2000 20:52:36 +0000 (20:52 +0000)]
cleaned up option handling to make somewhat more sense
aland [Thu, 31 Aug 2000 20:40:36 +0000 (20:40 +0000)]
made the dictionary case insensitive, by default. The user
can still over-ride this on the configure line.
Added -D_REENTRANT to CFLAGS, if building with threads. This
tells systems like Solaris to be more careful...
aland [Thu, 31 Aug 2000 20:38:48 +0000 (20:38 +0000)]
made internal version of strncasecmp actually case insensitive
aland [Thu, 31 Aug 2000 20:32:27 +0000 (20:32 +0000)]
made all of the 'strcmp' operations use DICT_STRCMP, which
is case (in)sensitive, depending on the system configuration
aland [Fri, 25 Aug 2000 19:49:19 +0000 (19:49 +0000)]
minor cleanups on code, with more comments, less global variables,
but no functionality changes
aland [Fri, 25 Aug 2000 18:23:59 +0000 (18:23 +0000)]
print out thread numbers, not pthread_id. pthread_id MAY be
a structure/pointer/integer on different platforms, so it's not
safe to print it out like an 'int'.
Each thread now has a unique number assigned to it, and these
numbers are printed out during debugging.
aland [Fri, 25 Aug 2000 15:09:14 +0000 (15:09 +0000)]
renamed a few variables for RFC complicance.
Patch from Alan Curry
aland [Fri, 25 Aug 2000 14:55:56 +0000 (14:55 +0000)]
Patch from "Alan Curry" <pacman-radius@cqc.com>
Allow ';' to denote empty conf-sections.
aland [Fri, 25 Aug 2000 14:48:14 +0000 (14:48 +0000)]
Patches from "Alan Curry" <pacman-radius@cqc.com>
Move the module auth/acct/autz decisions from raddb/modules
to raddb/radiusd.conf.
Add module instantiation, to have future allowances for
multiple versions of the same module, with different configurations.
Associated minor cleanups
aland [Fri, 25 Aug 2000 14:29:20 +0000 (14:29 +0000)]
cleaned up the handling of proxy replies, so that we don't have
un-initialized variables.
Bug found by "Alan Curry" <pacman-radius@cqc.com>
aland [Thu, 24 Aug 2000 21:52:29 +0000 (21:52 +0000)]
converted proxy_setuptimeout() to a *generic* setuptimeout()
function, which waits the maximum amount of time before it wakes
up.
This code is a lot better than the commit from an hour ago.
aland [Thu, 24 Aug 2000 20:00:00 +0000 (20:00 +0000)]
fix the server so that it sleeps for as long as possible
between requests.
i.e. If the proxy code needs servicing in N seconds, sleep for N
seconds. If the master request list needs servicing sooner, then
sleep for less time.
If nothing needs servicing, then sleep forever, until a new
packet comes in.
aland [Thu, 24 Aug 2000 19:38:59 +0000 (19:38 +0000)]
if the packet code is well-known (i.e. a standard), then
rad_recv() and rad_send() now print out the RFC names for the
packet code, instead of 'code=4', etc.
This makes more sense to me.
aland [Thu, 24 Aug 2000 19:23:59 +0000 (19:23 +0000)]
minor re-arrangements
aland [Tue, 22 Aug 2000 14:57:51 +0000 (14:57 +0000)]
added more value names for integer attributes, as taken from rfc2865
aland [Tue, 22 Aug 2000 14:35:27 +0000 (14:35 +0000)]
corrected typo in trusted stuff
aland [Mon, 21 Aug 2000 19:30:15 +0000 (19:30 +0000)]
corrected typos
aland [Mon, 21 Aug 2000 19:28:42 +0000 (19:28 +0000)]
don't smash the operators any more. pairmove() now does the
right thing.
aland [Mon, 21 Aug 2000 19:28:04 +0000 (19:28 +0000)]
cleaned up code a little.
Removed overflow/invalid memory access from pairmove2().
aland [Mon, 21 Aug 2000 18:58:48 +0000 (18:58 +0000)]
allow += in check item lists, too
aland [Mon, 21 Aug 2000 18:49:55 +0000 (18:49 +0000)]
when doing a pairmove(), the relational operators >=, <=, etc.
are all equivalent to +=. This isn't perfect, but it's better
than what we had before, I think.
aland [Mon, 21 Aug 2000 18:46:54 +0000 (18:46 +0000)]
added the libdir definition
aland [Mon, 21 Aug 2000 17:44:01 +0000 (17:44 +0000)]
Allows realms to work in "trusted" mode.
Patch from Kotrekhov Andrey <kota@at.com.ua>
aland [Mon, 21 Aug 2000 14:48:13 +0000 (14:48 +0000)]
follow the libltdl instructions a little better, by properly
initializing everything.
Use lt_dlopenext() instead of lt_dlopen(). This means we can do
lt_dlopenext("rlm_foo"), and have libltdl append the correct
'.so', '.a', '.o', '.dll', or whatever, so we don't have to be
aware of it.
aland [Mon, 21 Aug 2000 14:31:58 +0000 (14:31 +0000)]
don't do internal module handling any more. libltdl does that
aland [Mon, 21 Aug 2000 14:30:52 +0000 (14:30 +0000)]
we don't handle static/compile-time modules ourselves any more.
libltdl takes care of that now.
aland [Mon, 21 Aug 2000 14:28:36 +0000 (14:28 +0000)]
allow libltdl to decide which paths to search when looking
for a module. This allows us to just do lt_dlopen("rlm_foo"),
and have libltdl do the Right Thing.
Set the ltdl search path to radlib_dir, so the modules are looked
for THERE, and NOWHERE else. This is important for security,
and for keeping everything grouped together.
Removed internal handler for static modules. ltdl can handle
those for us, too.
Removed checks for leading underscores in symbolic names. ltdl
handles that, too.
aland [Fri, 18 Aug 2000 18:36:51 +0000 (18:36 +0000)]
remove extraneous ntohl(), from a patch by Alan Curry.
aland [Fri, 18 Aug 2000 17:31:22 +0000 (17:31 +0000)]
Patch from "Alan Curry" <pacman-radius@cqc.com>
2. Make cf_section_parse always fill in default values for variables that
aren't present in the config file. This fixes the bug where you set a
variable to an odd value, then delete it from the config file and HUP
doesn't notice the change.
aland [Fri, 18 Aug 2000 16:50:38 +0000 (16:50 +0000)]
added line numbers to configuration sections and value-pairs.
Standardized the error messages, and added filename/line numbers
to them.
aland [Fri, 18 Aug 2000 16:26:41 +0000 (16:26 +0000)]
Patch from "Alan Curry" <pacman-radius@cqc.com>
1. Fix conffile parser so it isn't so goofy
miquels [Fri, 18 Aug 2000 11:35:44 +0000 (11:35 +0000)]
* Added trailing semicolons to function defs in src/include/missing.h
aland [Thu, 17 Aug 2000 20:48:48 +0000 (20:48 +0000)]
additional documentation (i.e. comments) as to what the tokens are
aland [Thu, 17 Aug 2000 18:41:50 +0000 (18:41 +0000)]
don't do proxy checks if the request is finished, but still hanging
around until it's cleaned up.
patch by "Alan Curry" <pacman-radius@cqc.com>
aland [Thu, 17 Aug 2000 14:51:00 +0000 (14:51 +0000)]
do NOT send a proxy retry packet if we've received the proxy
reply. Bug found by Kotrekhov Andrey <kota@at.com.ua>
Make a few more functions 'static', as they're not needed anywhere
else.
Minor clean-ups and corrections.
aland [Wed, 16 Aug 2000 17:11:10 +0000 (17:11 +0000)]
removed comment about the secret not working
aland [Wed, 16 Aug 2000 17:10:49 +0000 (17:10 +0000)]
actually go parse the proxy/realm secret.
Bug pointed out by Kotrekhov Andrey <kota@at.com.ua>
aland [Wed, 16 Aug 2000 16:59:04 +0000 (16:59 +0000)]
increased the size of the log buffer, to allow more logging messages
(e.g. Exec-Program-Wait 4k stuff) to work.
aland [Wed, 16 Aug 2000 14:34:55 +0000 (14:34 +0000)]
updated pairread() so that it allows empty strings for string
values.
aland [Wed, 16 Aug 2000 14:34:28 +0000 (14:34 +0000)]
do NOT return EOL if the parsed string is empty. An empty string
is *still* a valid string, and is *very* different from EOL on
input.
Bug found by Alan Curry.
aland [Tue, 15 Aug 2000 18:49:00 +0000 (18:49 +0000)]
remove extra calls to sig_cleanup(). They shouldn't be there.
Don't do waitpid() in sig_cleanup() if the server is running
with threads. It's not necessary, as there are no child processes.
Bug pointed out by Dmitry Panov <dmitry@tsu.tula.ru>
aland [Tue, 15 Aug 2000 15:29:38 +0000 (15:29 +0000)]
define socklen_t as 'int', if the system doesn't have it.
aland [Sat, 12 Aug 2000 18:20:27 +0000 (18:20 +0000)]
Patch from "Alan Curry" <pacman-radius@cqc.com>
Allows autoconf to create raddb/radiusd.conf from a '.in' file.
This causes it to use local path names for the configuration
variables, which are more likely to be correct than hard-coded ones.
aland [Sat, 12 Aug 2000 18:10:20 +0000 (18:10 +0000)]
Patches for CFLAGS to use -pthread and -D_THREAD_SAFE for *BSD,
from Adrian Pavlykevych <pam@polynet.lviv.ua>
aland [Fri, 11 Aug 2000 14:07:54 +0000 (14:07 +0000)]
ensure that libtool installs the radiusd binary, as it does
magic stuff on the installation.
Bug fix by "Alan Curry" <pacman-radius@cqc.com>
aland [Thu, 10 Aug 2000 17:53:37 +0000 (17:53 +0000)]
explicitely clear out entries in REQUEST structure, once it's
free'd
aland [Tue, 8 Aug 2000 21:06:28 +0000 (21:06 +0000)]
corrected typo
aland [Tue, 8 Aug 2000 21:04:02 +0000 (21:04 +0000)]
don't bother using MODULE_* stuff any more, libtool should
take care of that.
error out if we're using threads, and there's not <pthread.h>
aland [Tue, 8 Aug 2000 17:08:41 +0000 (17:08 +0000)]
added debugging message about initializing the thread pool.
aland [Thu, 3 Aug 2000 20:54:21 +0000 (20:54 +0000)]
remove another reference to DYNAMIC_MODULES
bug pointed out by Alan Curry.
aland [Sun, 30 Jul 2000 17:44:45 +0000 (17:44 +0000)]
remove DYNAMIC_MODULES checking. libtool should do this.
aland [Fri, 28 Jul 2000 21:10:23 +0000 (21:10 +0000)]
added strsep(), which is a thread-safe replacement for strtok(),
and which also can do things that strtok() cannot. We should
be moving away from strtok().
aland [Fri, 28 Jul 2000 12:43:52 +0000 (12:43 +0000)]
removed all knowledge about dlopen() and friends from the
configuration process. We now rely on libltdl to do that work
for us.
The HOPE is that this change will make the server portable to
systems with bizarre shared library implementations.
aland [Fri, 28 Jul 2000 12:41:24 +0000 (12:41 +0000)]
removed all dependencies on dlopen() and friends. Replaced them
with references to lt_dlopen(), which claims to be more portable.
aland [Fri, 28 Jul 2000 12:40:36 +0000 (12:40 +0000)]
include libltdl in the compiler includes, and include libltdl.la
in the final radiusd executable.
aland [Thu, 27 Jul 2000 19:05:31 +0000 (19:05 +0000)]
cleaned up the proxy_retry() function so that it (hopefully)
does exactly the same thing, but now has comments, and a lot
fewer levels of indentation.
aland [Thu, 27 Jul 2000 19:04:34 +0000 (19:04 +0000)]
removed the #if 0 stuff, as the code I wrote was broken,
and Alan Curry's comments were correct.
aland [Thu, 27 Jul 2000 18:46:32 +0000 (18:46 +0000)]
Patches from "Alan Curry" <pacman-radius@cqc.com>
8. Small fixes that are *not* just repeats of things I've sent before:
Reactivate the proxy retransmission code, which is dead code in CVS
since it operates on the the old proxy_requests list which no longer has
any requests added to it ever!
Make distclean a little more clean (I had to clean and diff this tree 8
times and it was getting annoying).
Various cosmetic changes