aland [Mon, 29 Oct 2007 07:20:21 +0000 (07:20 +0000)]
More #ifdef's for platforms that need them
aland [Mon, 29 Oct 2007 03:01:28 +0000 (03:01 +0000)]
Wrap include with #ifdef's
aland [Mon, 29 Oct 2007 02:50:07 +0000 (02:50 +0000)]
lockf portability
aland [Wed, 24 Oct 2007 11:04:29 +0000 (11:04 +0000)]
Call OpenSSL_add_all_algorithms()
We still need to call EVP_cleanup() on clean exit, but who's
counting?
aland [Wed, 24 Oct 2007 11:00:23 +0000 (11:00 +0000)]
Look for <openssl/evp.h>, for OpenSSL_add_all_algorithms()
aland [Wed, 24 Oct 2007 07:29:12 +0000 (07:29 +0000)]
Corrected typo
aland [Tue, 23 Oct 2007 13:41:23 +0000 (13:41 +0000)]
Remove Auth-Type example
aland [Tue, 23 Oct 2007 13:06:45 +0000 (13:06 +0000)]
Corrected name
aland [Tue, 23 Oct 2007 07:57:31 +0000 (07:57 +0000)]
Notes on requiring a client certificate
aland [Tue, 23 Oct 2007 04:18:01 +0000 (04:18 +0000)]
Now that we have virtual servers, we don't need vmpsd.conf
aland [Tue, 23 Oct 2007 04:16:12 +0000 (04:16 +0000)]
Updated
aland [Tue, 23 Oct 2007 04:14:19 +0000 (04:14 +0000)]
Copied VMPS stuff to a virtual server
aland [Tue, 23 Oct 2007 04:06:26 +0000 (04:06 +0000)]
Update date
aland [Tue, 23 Oct 2007 04:06:02 +0000 (04:06 +0000)]
We no longer need radrelay.conf, as we have virtual servers.
aland [Tue, 23 Oct 2007 04:03:33 +0000 (04:03 +0000)]
Now that we have virtual servers, we don't need radrelay.conf
any more
aland [Tue, 23 Oct 2007 03:53:18 +0000 (03:53 +0000)]
More samples of using radrelay functionality in 2.0
aland [Mon, 22 Oct 2007 14:48:15 +0000 (14:48 +0000)]
detail file is in ${radacctdir}, not ${confdir}
aland [Mon, 22 Oct 2007 13:09:14 +0000 (13:09 +0000)]
Changed
$INCLUDE ${confdir}/foo
to
$INCLUDE foo
which should be simpler...
aland [Mon, 22 Oct 2007 13:05:04 +0000 (13:05 +0000)]
Allow "local" filenames. e.g.
$INCLUDE foo.conf
is relative to the file that started all of this off. This
change should remove much of the "$INCLUDE ${confdir}/foo",
and make it "$INCLUDE foo", which is more robust in light
of "-d radius_dir" not entirely working...
aland [Mon, 22 Oct 2007 09:30:40 +0000 (09:30 +0000)]
Corrected typos
aland [Mon, 22 Oct 2007 08:40:47 +0000 (08:40 +0000)]
radius_pairmake(), to mirror radius_paircreate().
This is in preparation for eventually using memory pools for
VALUE_PAIR's, which should save at least 10% of CPU time, from
valgrind stats.
aland [Mon, 22 Oct 2007 08:26:59 +0000 (08:26 +0000)]
It's now 2.0.0-beta.
We won't have any more pre-releases before 2.0, and I'm not
going to do major code hacking. I think we're almost done.
aland [Mon, 22 Oct 2007 02:50:45 +0000 (02:50 +0000)]
For authentication logging, log if the request came from an
inner/outer tunnel session
aland [Sun, 21 Oct 2007 06:47:00 +0000 (06:47 +0000)]
Try to open the log file (and complain on error) ONLY if
the log file destination is "files"
aland [Thu, 18 Oct 2007 16:15:51 +0000 (16:15 +0000)]
Check for NULL
aland [Thu, 18 Oct 2007 14:31:59 +0000 (14:31 +0000)]
Document outer.request and outer.reply
aland [Thu, 18 Oct 2007 14:12:49 +0000 (14:12 +0000)]
Allow "update" sections to update outer request, config, and
reply directly. This should simplify many configurations
aland [Thu, 18 Oct 2007 14:11:24 +0000 (14:11 +0000)]
Add %{outer.request:Attribute-Name} and
%{outer.reply:Attribute-Name}
This should make it easier to handle tunneled EAP types
aland [Thu, 18 Oct 2007 12:27:05 +0000 (12:27 +0000)]
Parse clients from the main config section, which initializes
things so that clients can be read from SQL
aland [Thu, 18 Oct 2007 11:59:29 +0000 (11:59 +0000)]
Made a fake client for each detail file
aland [Thu, 18 Oct 2007 11:59:03 +0000 (11:59 +0000)]
Check SNMP pointers, too. Increment accounting counters, rather
than auth counters for accounting packets
aland [Thu, 18 Oct 2007 11:06:41 +0000 (11:06 +0000)]
t may be NULL. This fixes bug #488
aland [Thu, 18 Oct 2007 09:32:37 +0000 (09:32 +0000)]
Removed -pie, as it's a GCC-ism, and isn't necessarily portable.
If it's needed, it can be added via configure checks, etc.
aland [Tue, 16 Oct 2007 15:24:01 +0000 (15:24 +0000)]
Reference mainconfig again
aland [Tue, 16 Oct 2007 11:50:24 +0000 (11:50 +0000)]
Print "Ready to process requests" at L_INFO when starting,
and after a HUP
aland [Tue, 16 Oct 2007 11:49:50 +0000 (11:49 +0000)]
Print that core dumps are enabled
aland [Tue, 16 Oct 2007 09:31:47 +0000 (09:31 +0000)]
Reformatted and clarified text
aland [Tue, 16 Oct 2007 09:18:50 +0000 (09:18 +0000)]
Moved do_snmp back into mainconfig
aland [Tue, 16 Oct 2007 09:14:27 +0000 (09:14 +0000)]
Corrected typo
aland [Mon, 15 Oct 2007 15:43:47 +0000 (15:43 +0000)]
Look for <sys/prctl.h>. Checks for prctl() will come later
aland [Mon, 15 Oct 2007 15:38:38 +0000 (15:38 +0000)]
Clarify code allowing core dumps
aland [Mon, 15 Oct 2007 07:43:33 +0000 (07:43 +0000)]
Define ALL types first, so that config in one section can
reference types defined in another section
aland [Mon, 15 Oct 2007 07:35:11 +0000 (07:35 +0000)]
Define dynamic types (Autz-type foo) etc. before trying to load
the rest of the sections
aland [Sun, 14 Oct 2007 19:11:25 +0000 (19:11 +0000)]
request->proxy may be set for requests with inner tunnel
sessions
aland [Sun, 14 Oct 2007 17:36:05 +0000 (17:36 +0000)]
Cleaned up warning and error messages
aland [Sun, 14 Oct 2007 15:38:11 +0000 (15:38 +0000)]
remove dumb assert
aland [Sun, 14 Oct 2007 14:03:46 +0000 (14:03 +0000)]
Update clients from root_clients, if possible
aland [Sun, 14 Oct 2007 13:22:58 +0000 (13:22 +0000)]
Add "method" to modcallable, so that we can call different
module methods under administrator control
aland [Sat, 13 Oct 2007 12:48:31 +0000 (12:48 +0000)]
If there's no proxy section, use the defaults
aland [Sat, 13 Oct 2007 09:53:06 +0000 (09:53 +0000)]
Corrected fix
aland [Sat, 13 Oct 2007 07:10:45 +0000 (07:10 +0000)]
*ev_p may be NULL.
aland [Fri, 12 Oct 2007 16:08:15 +0000 (16:08 +0000)]
Close ref. Patch as posted to the list by Apple.
aland [Thu, 11 Oct 2007 11:22:47 +0000 (11:22 +0000)]
Fix from bug #483
aland [Thu, 11 Oct 2007 10:11:29 +0000 (10:11 +0000)]
Made it work with non-GNU makes
aland [Wed, 10 Oct 2007 13:17:53 +0000 (13:17 +0000)]
More cleanups and warnings
aland [Tue, 9 Oct 2007 15:00:40 +0000 (15:00 +0000)]
Clean up threads, and add thread pool lock/unlock functions,
in preparation for HUP
aland [Tue, 9 Oct 2007 14:50:08 +0000 (14:50 +0000)]
Clarify thread handling and debug messages
aland [Tue, 9 Oct 2007 14:45:58 +0000 (14:45 +0000)]
Move uid_name and gid_name out of global variable, as they're
only of use to mainconfig.c
aland [Tue, 9 Oct 2007 14:39:36 +0000 (14:39 +0000)]
Increment/decrement refcount on mainconfig, in preparation for
HUP support (some time in the future)
aland [Tue, 9 Oct 2007 14:30:49 +0000 (14:30 +0000)]
Parse, validate, and use "virtual_server" configuration in
home_server_pool. When set, pre/post proxy sections are run
through this virtual server.
Note that we don't do this for realms. It *might* be useful,
but we'll leave it out for now
aland [Tue, 9 Oct 2007 14:25:35 +0000 (14:25 +0000)]
listen / client config changes server -> virtual_server for
clarity. "server = " is also accepted for compatibilty with
2.0-pre*
aland [Tue, 9 Oct 2007 14:15:34 +0000 (14:15 +0000)]
Rename "server_pool" to "home_server_pool". It's clearer
aland [Tue, 9 Oct 2007 14:12:26 +0000 (14:12 +0000)]
Add %{home_server:foo} and %{home_server_pool:foo}
server_pool -> home_server_pool rename will happen in a later
commit
aland [Tue, 9 Oct 2007 14:07:32 +0000 (14:07 +0000)]
Added %{client:foo} expansion
aland [Tue, 9 Oct 2007 13:46:24 +0000 (13:46 +0000)]
Debug print IP addresses.
aland [Tue, 9 Oct 2007 13:44:10 +0000 (13:44 +0000)]
Recommend that people don't use rlm_policy
aland [Tue, 9 Oct 2007 13:43:43 +0000 (13:43 +0000)]
No one uses protocol_filter. It's useless now that "unlang"
is here
aland [Tue, 9 Oct 2007 13:40:14 +0000 (13:40 +0000)]
In preparation for 2.0
aland [Tue, 9 Oct 2007 13:24:22 +0000 (13:24 +0000)]
Add argument to loop exit, and cache FD_SET
aland [Tue, 9 Oct 2007 12:19:55 +0000 (12:19 +0000)]
Whitespace changes (indenting and formatting to meet FreeRADIUS
style)
aland [Tue, 9 Oct 2007 12:12:33 +0000 (12:12 +0000)]
// -> /* ... */
and other ANSI C fixes
aland [Tue, 9 Oct 2007 12:08:48 +0000 (12:08 +0000)]
#if __APPLE__
to
#ifdef __APPLE__
aland [Tue, 9 Oct 2007 12:07:48 +0000 (12:07 +0000)]
Move add_reply to mschap_add_reply, so that the opendir code
can use it
aland [Fri, 5 Oct 2007 07:10:32 +0000 (07:10 +0000)]
As posted to the list
aland [Wed, 3 Oct 2007 13:29:04 +0000 (13:29 +0000)]
More re-arrangements to clarify the code.
Cleaned up debug output so it should be even easier to
understand.
aland [Wed, 3 Oct 2007 12:18:48 +0000 (12:18 +0000)]
Removed useless error message
aland [Wed, 3 Oct 2007 06:33:53 +0000 (06:33 +0000)]
Clean up compiler warnings and remove exit(0)
aland [Wed, 3 Oct 2007 06:29:49 +0000 (06:29 +0000)]
More sanity checks on the module instance handles.
Patch from Stephan Jaeger.
aland [Fri, 28 Sep 2007 12:51:07 +0000 (12:51 +0000)]
Re-arrange code, one less reference to global variables
aland [Fri, 28 Sep 2007 12:50:43 +0000 (12:50 +0000)]
No longer reference mainconfig.clients
aland [Fri, 28 Sep 2007 12:07:04 +0000 (12:07 +0000)]
Removed all references to mainconfig.clients.
aland [Fri, 28 Sep 2007 11:46:58 +0000 (11:46 +0000)]
Moved nearly all remaining code out of radiusd.c, and into
event.c
This means that the main server loop is purely event-driven,
by sockets and by timed events.
There are still a few FIXME's, like adding newly-created proxy
sockets to the event loop, but that shouldn't be hard to fix.
The result is that the code is (again) much easier to
understand. Also, we hope that HUP support will be easier to
add after this change.
aland [Fri, 28 Sep 2007 11:44:08 +0000 (11:44 +0000)]
Added cf_top_section()
aland [Fri, 28 Sep 2007 09:09:58 +0000 (09:09 +0000)]
Added status function to be called just before select()
aland [Thu, 27 Sep 2007 23:37:55 +0000 (23:37 +0000)]
Added socket handling code to the event loop. This should
simplify it somewhat...
aland [Thu, 27 Sep 2007 15:02:41 +0000 (15:02 +0000)]
Added the OpenSER dictionary from their web site.
Commented out (i.e. unused) because of conflicts
aland [Thu, 27 Sep 2007 14:11:00 +0000 (14:11 +0000)]
No need to reset snmp stuff. It's done in radius_snmp_init()
aland [Thu, 27 Sep 2007 14:09:09 +0000 (14:09 +0000)]
Corrected return type of init.
aland [Wed, 26 Sep 2007 16:10:02 +0000 (16:10 +0000)]
Clarify difference between normal and enforcement operators
aland [Wed, 26 Sep 2007 16:00:00 +0000 (16:00 +0000)]
Add == as a filtering operator in unlang, and document it.
It's the opposite of -=
aland [Wed, 26 Sep 2007 13:24:34 +0000 (13:24 +0000)]
Now that we have request->root, we don't need to call
cf_section_find(NULL)
aland [Wed, 26 Sep 2007 13:21:49 +0000 (13:21 +0000)]
Pass the top-level configuration to the thread pool, so that
we can reload things without changing the existing
configuration.
There is still only one thread_pool structure. We may want to
update it to be a pointer, so that we can do atomic swaps...
aland [Wed, 26 Sep 2007 13:00:43 +0000 (13:00 +0000)]
Moved snmp config from global to local variables.
aland [Wed, 26 Sep 2007 12:41:17 +0000 (12:41 +0000)]
Use new request->root variable
aland [Wed, 26 Sep 2007 12:40:45 +0000 (12:40 +0000)]
Add 'mainconfig_t' entry to REQUEST*, so that each request has
its own configuration. This should make HUP easier.
aland [Wed, 26 Sep 2007 10:47:33 +0000 (10:47 +0000)]
Moved mainconfig references to a pointer, in preparation for
making the server HUP-safe
aland [Wed, 26 Sep 2007 10:46:55 +0000 (10:46 +0000)]
Removed unused variable
aland [Wed, 26 Sep 2007 10:43:09 +0000 (10:43 +0000)]
Removed all references to "mainconfig" from realms.c.
realms.c is now HUP-safe. On HUP, it loads its configuration
into a new data structure, and atomically switches between the
old one and the new one.
Right now, it immediately frees the old data structure. It
should really be placed onto a queue for later garbage
collection, as a child thread may be accessing it. That problem
can be solved later.
aland [Tue, 25 Sep 2007 23:55:32 +0000 (23:55 +0000)]
Pass src port to udpfromto, also.
Shorten the time frame for race conditions in the random context
aland [Tue, 25 Sep 2007 21:35:16 +0000 (21:35 +0000)]
We don't need to call openlog() any more.