Alan T. DeKok [Sun, 13 Mar 2011 17:50:54 +0000 (18:50 +0100)]
Revert "Fix typos and regenerate for 2.1.11"
This reverts commit
2d0c5fa94938f727b4f37fb7399b777437171eeb.
Alan T. DeKok [Sun, 13 Mar 2011 09:12:11 +0000 (10:12 +0100)]
Complain about duplicate virtual servers, too
Alan T. DeKok [Sun, 13 Mar 2011 09:02:33 +0000 (10:02 +0100)]
Look for duplicate module definitions.
Doing an O(N^2) search over the modules{} section. If the same module
is defined twice, print an error detailing *both* locations where it
occurs, and exit.
This helps prevent broken configurations by disallowing the server
from loading two conflicting module definitions
Alan T. DeKok [Sun, 13 Mar 2011 09:02:06 +0000 (10:02 +0100)]
Added cf_section_find_name2() API
This lets us find the next section by name1 and name2
Alan T. DeKok [Fri, 11 Mar 2011 09:49:43 +0000 (10:49 +0100)]
Added dictionary from Moonshot project
Alan T. DeKok [Sun, 13 Mar 2011 09:14:30 +0000 (10:14 +0100)]
Added duplicate names for simplicity
byte == uint8
short == uint16
integer == uint32
signed == int32
Alan T. DeKok [Sat, 5 Mar 2011 07:07:14 +0000 (08:07 +0100)]
Hack to let developers catch bad dictionaries
uses fprintf to print warning messages when the attributes are
illegally defined in the IANA standard space
Alan T. DeKok [Sat, 5 Mar 2011 06:55:14 +0000 (07:55 +0100)]
Move references to illegal dictionaries to raddb/dictionary
The main dictionary files should NOT be edited. Ever. So placing
the "illegal" attributes in a file which can be edited is a good idea.
Alan T. DeKok [Sat, 5 Mar 2011 06:50:37 +0000 (07:50 +0100)]
Added license text
Alan T. DeKok [Sat, 5 Mar 2011 06:48:17 +0000 (07:48 +0100)]
Fix typo
Alan T. DeKok [Sat, 5 Mar 2011 06:31:39 +0000 (07:31 +0100)]
Regen configure scripts
Alan T. DeKok [Sat, 5 Mar 2011 06:20:21 +0000 (07:20 +0100)]
Look for <openssl/hmac.h>
Alan T. DeKok [Fri, 4 Mar 2011 14:07:56 +0000 (15:07 +0100)]
Mark pointer NULL when it's free
Alan T. DeKok [Thu, 3 Mar 2011 14:25:59 +0000 (15:25 +0100)]
Use 3.0 API
Alan T. DeKok [Thu, 3 Mar 2011 14:22:26 +0000 (15:22 +0100)]
udpfromto doesn't seem to work for DHCP.
It should really be replaced on sending by using an ethernet socket
Alan T. DeKok [Tue, 1 Mar 2011 15:58:57 +0000 (16:58 +0100)]
Be more forgiving about policy parsing
Alan T. DeKok [Tue, 1 Mar 2011 12:28:23 +0000 (13:28 +0100)]
Fix typo
Alan T. DeKok [Tue, 1 Mar 2011 09:04:24 +0000 (10:04 +0100)]
Allow SQLite to do non-NAS select queries
Adrien Demarez [Thu, 3 Mar 2011 07:22:04 +0000 (08:22 +0100)]
Fixes to make debian build for 3.x
Alan T. DeKok [Mon, 28 Feb 2011 16:46:35 +0000 (17:46 +0100)]
API fixes for 3.0
Alan T. DeKok [Mon, 28 Feb 2011 16:45:17 +0000 (17:45 +0100)]
API fxes for 3.0
Alan T. DeKok [Mon, 28 Feb 2011 16:28:14 +0000 (17:28 +0100)]
Use 2.2 API
Alan T. DeKok [Mon, 28 Feb 2011 14:01:15 +0000 (15:01 +0100)]
Vendors using "format=1,1" can have attributes of type "tlv"
They're now encoded properly. Previously, they were decoded properly,
but not encoded.
Alan T. DeKok [Mon, 28 Feb 2011 13:59:06 +0000 (14:59 +0100)]
Vendors can only use the TLV format if they follow the specs
"format=1,1" are allowed to use TLVs. Other vendors are not.
Except WiMAX, because they're special.
Alan T. DeKok [Mon, 28 Feb 2011 13:58:33 +0000 (14:58 +0100)]
Comment out DHCP dictionary by default.
it should only be enabled if the server does DHCP.
Alan T. DeKok [Mon, 28 Feb 2011 10:00:14 +0000 (11:00 +0100)]
Added sample of using global / static variables
Alan T. DeKok [Wed, 23 Feb 2011 10:04:31 +0000 (11:04 +0100)]
Use rad_digest_cmp() to avoid timing attacks
Alan T. DeKok [Wed, 23 Feb 2011 10:01:17 +0000 (11:01 +0100)]
Use rad_digest_cmp() to avoid timing attacks
Alan T. DeKok [Wed, 23 Feb 2011 10:01:02 +0000 (11:01 +0100)]
Use rad_digest_cmp() to avoid timing attacks
Alan T. DeKok [Wed, 23 Feb 2011 09:59:55 +0000 (10:59 +0100)]
Expose digest_cmp function
So that it can be used in other places to avoid timing attacks
Alan T. DeKok [Wed, 23 Feb 2011 08:46:30 +0000 (09:46 +0100)]
Updated license to LGPL rather than GPL
The "lib" directory and everything it needs have been lgpl for a long time.
Alan T. DeKok [Wed, 23 Feb 2011 08:26:03 +0000 (09:26 +0100)]
Corrected license to LGPL rather than GPL
Alan T. DeKok [Sun, 20 Feb 2011 08:39:57 +0000 (09:39 +0100)]
Print error if we can't send a packet in rad_send()
Alan T. DeKok [Fri, 18 Feb 2011 14:44:20 +0000 (15:44 +0100)]
Use new format for %{..:-...}
Alan T. DeKok [Fri, 18 Feb 2011 09:37:17 +0000 (10:37 +0100)]
Added radtee
Shamelessly taken from http://horde.net/~jwm/software/misc/comparison-tee
Alan T. DeKok [Fri, 18 Feb 2011 09:29:24 +0000 (10:29 +0100)]
Use newer expansion
Alan T. DeKok [Fri, 18 Feb 2011 09:25:07 +0000 (10:25 +0100)]
Basic configure scripts
Alan T. DeKok [Fri, 18 Feb 2011 12:20:02 +0000 (13:20 +0100)]
API fixes for 3.x
Alan T. DeKok [Fri, 18 Feb 2011 09:01:11 +0000 (10:01 +0100)]
Make CoA proxying work again.
Only set the reply code if it isn't meant to be proxied.
Alan T. DeKok [Fri, 18 Feb 2011 08:26:31 +0000 (09:26 +0100)]
Make query lengths match rlm_sql
Closes bug #139
Alan T. DeKok [Thu, 17 Feb 2011 11:05:54 +0000 (12:05 +0100)]
Better fixes for bug #141
Alan T. DeKok [Mon, 14 Feb 2011 14:27:40 +0000 (15:27 +0100)]
Suppress messages if thread pool is ~full.
If it's full and all threads are buys, we shouldn't try to create spare
threads.
Alan T. DeKok [Mon, 14 Feb 2011 14:03:48 +0000 (15:03 +0100)]
Fix typos and regenerate for 2.1.11
Alan T. DeKok [Mon, 14 Feb 2011 14:03:00 +0000 (15:03 +0100)]
Generated for 2.1.11
Chris Mikkelson [Tue, 15 Feb 2011 21:21:28 +0000 (15:21 -0600)]
Update DHCP code to reflect valuepair API changes.
Alan T. DeKok [Thu, 17 Feb 2011 09:30:18 +0000 (10:30 +0100)]
Fix the tests
Alan T. DeKok [Thu, 17 Feb 2011 09:29:41 +0000 (10:29 +0100)]
Note 3.0
Alan T. DeKok [Fri, 11 Feb 2011 10:12:28 +0000 (11:12 +0100)]
Ignore socket if address families don't match. Closes bug #143
Manual pull of
995b62f847b93ca217d35c1bbbbe8dcc5157635f
Alan T. DeKok [Thu, 10 Feb 2011 15:20:39 +0000 (16:20 +0100)]
No DB handles is an error, not an informational message.
Alan T. DeKok [Thu, 10 Feb 2011 15:13:59 +0000 (16:13 +0100)]
Fixed typo
Alan T. DeKok [Thu, 10 Feb 2011 13:41:38 +0000 (14:41 +0100)]
Fixed onoff query
Alan T. DeKok [Thu, 10 Feb 2011 12:35:52 +0000 (13:35 +0100)]
Enable udpfromto() for IPv6
On the theory that it will work, or that some magic will get it to work
Alan T. DeKok [Thu, 10 Feb 2011 12:34:20 +0000 (13:34 +0100)]
Try to fix udpfromto for IPv6
Alan T. DeKok [Thu, 10 Feb 2011 09:49:03 +0000 (10:49 +0100)]
Change the rules for sending DHCP responses
giaddr -> giaddr
broadcast -> broadcast
nak -> broadcast
!ciaddr -> broadcast
ciaddr -> ciaddr BUT
if the request was not *from* ciaddr, we need to send a "raw"
response.
Many DHCP clients can handle a broadcast DHCP OFFER / ACK when first
assigning an address. Some clients expect a response unicast to
their MAC address.
Alan T. DeKok [Wed, 9 Feb 2011 10:53:50 +0000 (11:53 +0100)]
Allow spaces and CRs
Now that the underlying redis escape function handles spaces and
control characters
Alan T. DeKok [Wed, 9 Feb 2011 10:52:39 +0000 (11:52 +0100)]
Added escape function
The rules for redis escaping aren't overly clear. So we escape
control characters, spaces, and the backslash.
Ken-ichirou MATSUZAWA [Tue, 8 Feb 2011 12:19:10 +0000 (21:19 +0900)]
fix freeing eap_handler as opaque (and typo)
Hello,
I hope this would be hint for fixing segfault and
better solution.
Thanks.
Subject: [PATCH 1/2] freeing EAP opaque with one arg
Alan T. DeKok [Wed, 2 Feb 2011 09:14:01 +0000 (10:14 +0100)]
Added sample for dynamic clients from LDAP
Alan T. DeKok [Sat, 29 Jan 2011 14:44:25 +0000 (15:44 +0100)]
Fix compile warnings and check for !vp
Alan T. DeKok [Fri, 28 Jan 2011 11:14:03 +0000 (12:14 +0100)]
Check return value of lseek correctly
Alan T. DeKok [Thu, 27 Jan 2011 14:33:32 +0000 (15:33 +0100)]
Add %{string:...} for printable data
Alan T. DeKok [Thu, 27 Jan 2011 14:33:17 +0000 (15:33 +0100)]
make fr_print_string return the string length
Alan T. DeKok [Tue, 25 Jan 2011 16:20:54 +0000 (17:20 +0100)]
Clarify parse error for ascend attributes
Printing to the same string we're reading from is a bad idea.
B. Candler [Mon, 24 Jan 2011 13:18:08 +0000 (14:18 +0100)]
This patch adds a 'key' parameter to rlm_fastusers, in the same way as
rlm_files has.
Closes bug #126
Alan T. DeKok [Mon, 24 Jan 2011 13:03:44 +0000 (14:03 +0100)]
Fixed mismatch
Alan T. DeKok [Thu, 20 Jan 2011 15:01:17 +0000 (16:01 +0100)]
Add $(LIBRADIUS) to allow it to link
Alan T. DeKok [Thu, 20 Jan 2011 09:00:38 +0000 (10:00 +0100)]
Update ignore files
Alan T. DeKok [Thu, 20 Jan 2011 08:52:20 +0000 (09:52 +0100)]
Use _sysconfdir instead of /etc
It allows the config files to be placed anywhere, instead of
a hard-coded path
Alan T. DeKok [Wed, 19 Jan 2011 16:25:10 +0000 (17:25 +0100)]
Call write() rather than fwrite()
It returns real errors...
Alan T. DeKok [Thu, 20 Jan 2011 09:26:03 +0000 (10:26 +0100)]
Updated as per recent WiMAX specs
Alexandre Chapellon [Tue, 18 Jan 2011 13:57:05 +0000 (14:57 +0100)]
Update to work with more recent versions of Oracle
Alan T. DeKok [Tue, 18 Jan 2011 09:09:36 +0000 (10:09 +0100)]
Move request STOP logic from threads into event code
Alan T. DeKok [Tue, 18 Jan 2011 09:09:07 +0000 (10:09 +0100)]
More sanity checks on attribute numbers
Alan T. DeKok [Tue, 18 Jan 2011 09:08:52 +0000 (10:08 +0100)]
Enable building without DHCP
Gabriel Blanchard [Fri, 14 Jan 2011 06:14:29 +0000 (07:14 +0100)]
fixes seg fault whenever the redis server goes down
Alan T. DeKok [Thu, 13 Jan 2011 23:14:18 +0000 (00:14 +0100)]
API fixes for 2.2
Alan T. DeKok [Thu, 13 Jan 2011 23:10:42 +0000 (00:10 +0100)]
Sample configuration for the "redis" module
Alan T. DeKok [Thu, 13 Jan 2011 23:09:57 +0000 (00:09 +0100)]
Added password support (untested)
Alan T. DeKok [Thu, 13 Jan 2011 22:51:28 +0000 (23:51 +0100)]
More fixes
Gabriel Blanchard [Thu, 13 Jan 2011 22:47:27 +0000 (23:47 +0100)]
Sample configuration for the rediswho module
Gabriel Blanchard [Thu, 13 Jan 2011 22:35:00 +0000 (23:35 +0100)]
radwho using the redis database.
Gabriel Blanchard [Thu, 13 Jan 2011 22:09:35 +0000 (23:09 +0100)]
Module which connects to a redis server.
Alan T. DeKok [Thu, 13 Jan 2011 10:12:53 +0000 (11:12 +0100)]
File contents .php3 -> .php
Alan T. DeKok [Thu, 13 Jan 2011 10:11:07 +0000 (11:11 +0100)]
Renamed *.php3 to *.php
Alan T. DeKok [Tue, 11 Jan 2011 12:22:09 +0000 (13:22 +0100)]
Added more sample policies
Alan T. DeKok [Tue, 11 Jan 2011 10:56:54 +0000 (11:56 +0100)]
Fixed typo
Alan T. DeKok [Tue, 11 Jan 2011 08:54:40 +0000 (09:54 +0100)]
Allow hints && huntgroup files to be NULL
Alan T. DeKok [Sat, 8 Jan 2011 08:55:52 +0000 (09:55 +0100)]
Removed notes on CVS
Alan T. DeKok [Tue, 11 Jan 2011 15:12:55 +0000 (16:12 +0100)]
Removed last use of explicit module configuration
Alan T. DeKok [Tue, 11 Jan 2011 15:12:30 +0000 (16:12 +0100)]
Moved sqlippool.conf to modules
Alan T. DeKok [Tue, 11 Jan 2011 15:11:54 +0000 (16:11 +0100)]
Moved sql.conf to raddb/modules
Alan T. DeKok [Tue, 11 Jan 2011 15:11:25 +0000 (16:11 +0100)]
Moved eap.conf to raddb
Alan T. DeKok [Fri, 7 Jan 2011 11:28:56 +0000 (12:28 +0100)]
Fixes as posted by Stefan Winter
just now I have had to upgrade my dialup_admin installation to a machine running PHP5.3, and also noticed numerous PHP errors.
I have fixed the code, see attached patch. It solves the following bugs/deprecated code warnings:
* replace ereg -> preg_match, ereg_replace -> preg_replace, split -> preg_split for PHP5.3 compatibility
* fix LIMIT not working when using MySQL
* add configuration item "timezone" to make PHP 5.1+ happy
and adds one (trivial, one-liner) feature:
* add comparison operators "!=" and "not like" to Accounting
Now, I have an almost error/warning/notice free installation. There is still something bogus around the use of mktime() someplace, but I don't use that part of dialup_admin, so I'll leave that alone.
Alan T. DeKok [Fri, 7 Jan 2011 10:14:06 +0000 (11:14 +0100)]
Fixed typo
Alan T. DeKok [Thu, 6 Jan 2011 10:49:18 +0000 (11:49 +0100)]
Be less aggressive about printing message
If the client re-uses the same RADIUS Id, the "check_handler" callback
will be called. However, it's *not* being called because the RADIUS packet
timed out, so we should *not* print the warning message that the EAP
session didn't finish
Alan T. DeKok [Thu, 6 Jan 2011 10:49:04 +0000 (11:49 +0100)]
Fix compile warnings
Alan T. DeKok [Mon, 3 Jan 2011 20:25:21 +0000 (21:25 +0100)]
Fix fd leak
Alan T. DeKok [Sat, 1 Jan 2011 14:37:33 +0000 (15:37 +0100)]
Add support for Apple Grand Central Dispatch
used when WITH_GCD is defined. If it is defined, then any existing thread
configuration is ignored, and the dispatch system is used instead.
Alan T. DeKok [Thu, 30 Dec 2010 10:04:47 +0000 (11:04 +0100)]
Fixed printing of attributes
Alan T. DeKok [Thu, 30 Dec 2010 09:36:59 +0000 (10:36 +0100)]
Print error when foo=`..` is invalid
It can't occur in the main configuration sections, but it can occur
in an "update" section