aland [Thu, 8 Sep 2005 17:06:21 +0000 (17:06 +0000)]
Added digest test
aland [Thu, 8 Sep 2005 16:38:32 +0000 (16:38 +0000)]
Check buffer len, just to be safe
nbk [Thu, 8 Sep 2005 14:06:25 +0000 (14:06 +0000)]
Include "autoconf.h", too.
aland [Thu, 8 Sep 2005 01:00:03 +0000 (01:00 +0000)]
Added hash table implement that mirrors rbtree stuff, but is
O(1) for insert, delete.
Updated the dictionaries to use the hash table, and tested it.
Got a small performance improvement (5-10%) for some simple cases
nbk [Sun, 4 Sep 2005 16:53:58 +0000 (16:53 +0000)]
Don't use vsprintf() anymore, but the replacement for vsnprintf()
in libradius instead.
aland [Fri, 2 Sep 2005 19:16:27 +0000 (19:16 +0000)]
Clear out socket information after we've allocated it.
In "common_checks()", don't call request_free(), quickly followed
by request_alloc(). Cachegrind analysis indicates that the cost
is pretty high. (like 5% overhead for 20k username/pwd tests)
Instead, keep the old request, and re-zero it out, so that
information isn't being re-used. This appears to make a noticable
difference in response time
aland [Fri, 2 Sep 2005 19:10:36 +0000 (19:10 +0000)]
New function: rl_yank(). It works like rl_delete(), but it
doesn't free the request.
kkalev [Fri, 2 Sep 2005 12:42:25 +0000 (12:42 +0000)]
Change the order of OID's used in snmpfinger for cisco NASes
aland [Thu, 1 Sep 2005 23:25:45 +0000 (23:25 +0000)]
Update the way we handle parsing subsections, to avoid compiler
warnings
aland [Thu, 1 Sep 2005 23:17:20 +0000 (23:17 +0000)]
Updated vp_filter.
Use it in filters
aland [Thu, 1 Sep 2005 22:40:33 +0000 (22:40 +0000)]
octets fixes
aland [Thu, 1 Sep 2005 22:34:11 +0000 (22:34 +0000)]
octets fixes
aland [Thu, 1 Sep 2005 22:28:38 +0000 (22:28 +0000)]
octets fixes
aland [Thu, 1 Sep 2005 22:21:23 +0000 (22:21 +0000)]
Octets fixes.
Use vp_ipv6addr, as it's already in the buffer.
Fix weird code that was using wrong parameters to strNcpy
aland [Thu, 1 Sep 2005 22:16:05 +0000 (22:16 +0000)]
octets fixes
aland [Thu, 1 Sep 2005 22:12:38 +0000 (22:12 +0000)]
More octets fixes
aland [Thu, 1 Sep 2005 22:10:54 +0000 (22:10 +0000)]
Use octets in more places
aland [Thu, 1 Sep 2005 22:10:42 +0000 (22:10 +0000)]
Use vp_octets in more places. "char" may be signed on some platforms,
so doing array[vp->vp_strvalue[0]] may result in negative indices
to arrays
aland [Thu, 1 Sep 2005 21:50:55 +0000 (21:50 +0000)]
s/->strvalue/->vp_strvalue/g
Update libradius.h with a union of data, so that we can move
to vp->vp_ipv6addr, vp->vp_octets, etc.
The surprising thing is that it still builds & works.
aland [Thu, 1 Sep 2005 18:59:10 +0000 (18:59 +0000)]
Churn the random pool less often
aland [Thu, 1 Sep 2005 17:02:44 +0000 (17:02 +0000)]
Don't make values with high bit set, it confuses rad_check_password
nbk [Thu, 1 Sep 2005 16:07:22 +0000 (16:07 +0000)]
#ifdef HAVE_VSNPRINTF isn't needed, as we have a replacement
in src/lib/snprintf.c
nbk [Thu, 1 Sep 2005 15:55:02 +0000 (15:55 +0000)]
snprintf() and vsnprintf() replacements were not compiled if
the autoconf tests didn't find the functions.
aland [Wed, 31 Aug 2005 21:05:38 +0000 (21:05 +0000)]
Don't return NULL from a function that returns 'int'
aland [Wed, 31 Aug 2005 21:02:25 +0000 (21:02 +0000)]
Compiler warning fixes
aland [Wed, 31 Aug 2005 20:49:30 +0000 (20:49 +0000)]
uint8_t fixes
aland [Wed, 31 Aug 2005 20:34:17 +0000 (20:34 +0000)]
Signed/unsigned issues. Use "uint8_t" in more places.
aland [Wed, 31 Aug 2005 16:55:08 +0000 (16:55 +0000)]
Added note on OID for machine authentication
nbk [Wed, 31 Aug 2005 12:49:46 +0000 (12:49 +0000)]
Resize the buffer for the SQL-User-Name, and update the
comments to help people (...) to figure out why there is
no escaping in sql_escape_func().
aland [Tue, 30 Aug 2005 23:05:18 +0000 (23:05 +0000)]
More sanity checks on the dictionary. VSA's can't be tagged, and
only string & integer attributes can be tagged
aland [Tue, 30 Aug 2005 23:03:21 +0000 (23:03 +0000)]
Add "internal" structs for attributes, etc. Use a hash for them,
which makes lookups much faster.
Hmm... we should probably just go to a hash table for ATTRIBUTEs
and VALUEs, as that would be even better..
fcusack [Tue, 30 Aug 2005 22:27:00 +0000 (22:27 +0000)]
fix bug #278: connection status must not be tested until after
acquiring mutex protecting it
aland [Tue, 30 Aug 2005 21:45:07 +0000 (21:45 +0000)]
We don't have differences between vendorpec & vendorcode any more
aland [Mon, 29 Aug 2005 17:03:11 +0000 (17:03 +0000)]
Don't call rad_malloc() from sql_error(), it leaks memory
bjordanov [Mon, 29 Aug 2005 12:44:44 +0000 (12:44 +0000)]
Patches from bug #267 Enhancements for rlm_perl
example.pl - added functions in example for pre_proxy, post_proxy and post_auth
rlm_perl.c - added cleanup for pre_proxy, post_proxy and post_auth
bjordanov [Mon, 29 Aug 2005 12:42:17 +0000 (12:42 +0000)]
Patch from bug #267 Enhancements for rlm_perl
pnixon [Sun, 28 Aug 2005 17:58:44 +0000 (17:58 +0000)]
Add SUSE version tag to rpm packages
nbk [Sun, 28 Aug 2005 12:14:15 +0000 (12:14 +0000)]
Move the "read_groups" and "read_clients" items to the top.
This way, all query definitions are at the bottom, while
config items are at the top of the file. (closes #276)
Patch from Thor Spruyt <thor.spruyt@telenet.be>
nbk [Sun, 28 Aug 2005 11:27:22 +0000 (11:27 +0000)]
Fix a typo in function name. (closes #274)
Patch from Thor Spruyt <thor.spruyt@telenet.be>
nbk [Sat, 27 Aug 2005 16:25:07 +0000 (16:25 +0000)]
Fix ldap_pairget() to copy characters after any space or equal
found in the middle of the string from LDAP. (closes: #261)
As a bonus, add support for the back-quoted strings, too.
(for example Reply-Message := `Hello %{User-Name}`)
nbk [Sat, 27 Aug 2005 12:37:13 +0000 (12:37 +0000)]
Fix typo line 109. (closes: #272)
aland [Fri, 26 Aug 2005 22:02:29 +0000 (22:02 +0000)]
Use per-system max fd to close, rather than hard-coded number
aland [Fri, 26 Aug 2005 22:01:40 +0000 (22:01 +0000)]
Escape more characters
aland [Fri, 26 Aug 2005 19:18:48 +0000 (19:18 +0000)]
Don't add too many attributes
aland [Fri, 26 Aug 2005 18:12:19 +0000 (18:12 +0000)]
Added comments
aland [Fri, 26 Aug 2005 18:02:12 +0000 (18:02 +0000)]
Account for space AND trailing NULL
nbk [Fri, 26 Aug 2005 12:53:55 +0000 (12:53 +0000)]
Fix an off-by-one error in the function getthing().
fcusack [Fri, 26 Aug 2005 04:44:48 +0000 (04:44 +0000)]
typos
fcusack [Fri, 26 Aug 2005 04:32:39 +0000 (04:32 +0000)]
accomodate FR-1.0.5 removal of module init() and destroy() methods:
- otp_rlm.c: remove global rnd_fd fd handle to /dev/urandom
- otp_util.c: call lrad_rand() #if FREERADIUS
aland [Fri, 26 Aug 2005 00:37:32 +0000 (00:37 +0000)]
Zero allocated memory. This should fix bug #271
aland [Thu, 25 Aug 2005 21:11:26 +0000 (21:11 +0000)]
Now that NIL is 'const', do more checks on pointers before
setting ptr->Color == Black.
This was causing core dumps occasionally.
aland [Thu, 25 Aug 2005 00:10:46 +0000 (00:10 +0000)]
Dang typos
aland [Thu, 25 Aug 2005 00:08:09 +0000 (00:08 +0000)]
Don't de-reference a NULL pointer if the auth-type is unknown
nbk [Wed, 24 Aug 2005 16:50:31 +0000 (16:50 +0000)]
Use %S instead of NOW() because the value is wrong when
post-processing the query. (radsqlrelay)
nbk [Wed, 24 Aug 2005 16:34:37 +0000 (16:34 +0000)]
Use the same case-insensitives queries as postgresql.conf
nbk [Wed, 24 Aug 2005 14:23:05 +0000 (14:23 +0000)]
Delete the assertion (reply->value_size < 256) because an
unsigned char is always < 256.
nbk [Wed, 24 Aug 2005 09:21:58 +0000 (09:21 +0000)]
Fix compilation warnings in code from Novell.
aland [Tue, 23 Aug 2005 23:45:58 +0000 (23:45 +0000)]
Make rad_check_password 'static', as no one else needs it
aland [Tue, 23 Aug 2005 22:45:21 +0000 (22:45 +0000)]
Use proper name in #ifdef
nbk [Tue, 23 Aug 2005 15:40:12 +0000 (15:40 +0000)]
The maximum password length is 128, not 253. (closes: #270)
nbk [Tue, 23 Aug 2005 14:03:45 +0000 (14:03 +0000)]
Escape the SQL queries to prevent possible SQL injection
vulnerability.
Bug found by Primoz Bratanic <primoz@slo-tech.com>
nbk [Tue, 23 Aug 2005 10:26:23 +0000 (10:26 +0000)]
If strftime(3) returns 0, the contents of the string array is
undefined, therefore it should not be copied.
Thanks to Primoz Bratanic for spotting this.
nbk [Tue, 23 Aug 2005 09:02:53 +0000 (09:02 +0000)]
Remove 'clients', 'naslist', 'x99.conf' and 'x99passwd.sample'
from the list of files to install.
nbk [Tue, 23 Aug 2005 08:34:55 +0000 (08:34 +0000)]
Fix typo line 781.
aland [Tue, 23 Aug 2005 01:02:18 +0000 (01:02 +0000)]
Migrate subsections, too.
Allow for NULL data in cf_data_add()
Use flag in cf_data_add, so we don't find internal stuff
aland [Tue, 23 Aug 2005 00:16:21 +0000 (00:16 +0000)]
Move crypt.c to src/main. Library functions shouldn't have pthread
stuff in them.
aland [Mon, 22 Aug 2005 22:00:38 +0000 (22:00 +0000)]
Remove more unused, and unnecesary functions
aland [Mon, 22 Aug 2005 21:45:14 +0000 (21:45 +0000)]
Get rid of ip_hostname, which is an old IPv4-only function.
Make ip_ntoh() respect librad_dodns flag
Don't use rad_assert in src/lib/misc.c, it's a server-only function
aland [Mon, 22 Aug 2005 19:12:07 +0000 (19:12 +0000)]
Removed support for old-style "naslist" file, and updated
scripts/clients.pl to convert it, too
aland [Mon, 22 Aug 2005 18:35:49 +0000 (18:35 +0000)]
Removed support for old-style "clients" file, as it makes future
work more difficult.
nbk [Mon, 22 Aug 2005 16:52:52 +0000 (16:52 +0000)]
Add an assertion (n > 0) in strNcpy(), it may help to catch incorrect
use of the function.
nbk [Mon, 22 Aug 2005 14:53:50 +0000 (14:53 +0000)]
Regenerate from configure.in 1.15
nbk [Mon, 22 Aug 2005 14:50:43 +0000 (14:50 +0000)]
Mostly rewrite the autoconf tests for libldap. OpenLDAP
doesn't provide an autoconf test for their libldap, and we
can't reasonably check for all the dependancies for every
version and every set of options.
That's why we just give '-lldap' to the linker, so we don't
mistakenly load the wrong version of the dependant librairies.
(closes: #73)
Static linking with libldap will probably result in unresolved
symbols. It has always been the case, but nobody ever complained
about it.
nbk [Sun, 21 Aug 2005 20:04:18 +0000 (20:04 +0000)]
Replace sprintf(3) by snprintf(3) because they can overflow
the buffer space at lines 347 and 546.
Bug found by Primoz Bratanic <primoz@slo-tech.com>
nbk [Sun, 21 Aug 2005 19:44:53 +0000 (19:44 +0000)]
ctime_r(3) always use 26 characters, and may write beyond the
buffer boundary.
Bug found by Primoz Bratanic <primoz@slo-tech.com>
nbk [Sun, 21 Aug 2005 18:12:28 +0000 (18:12 +0000)]
Fix an off-by-one error in xlat_copy().
Bug found by Primoz Bratanic <primoz@slo-tech.com>
nbk [Sun, 21 Aug 2005 09:41:27 +0000 (09:41 +0000)]
Comply with RFC2865 where username and password are strings
up to 253 characters. We don't need that many in our own users
tables (radcheck, radreply, ...), but we do need this in radacct
and radpostauth because we don't know the maximum length of our
roaming partners. (closes #266)
Thanks to Thor Spruyt for the patch.
nbk [Sat, 20 Aug 2005 15:44:34 +0000 (15:44 +0000)]
RFC2865 states that Nas-Port attribute is 32bits unsigned integer.
PostgreSQL doesn't know unsigned integers.
The PostgreSQL INTEGER type is 32bits signed.
The PostgreSQL BIGINT type is 64bits signed.
Changing the NASPortId field to BIGINT accomodates for 32bits
unsigned values from the Nas-Port attributes. (closes #188)
Thanks to Thor Spruyt for the patch.
nbk [Sat, 20 Aug 2005 00:05:04 +0000 (00:05 +0000)]
Add index examples if case insensitive usernames are used.
Thanks to Alexander Pravking for the suggestion
and thanks to Thor Spruyt for the patch.
aland [Fri, 19 Aug 2005 23:52:33 +0000 (23:52 +0000)]
use PW_TYPE_FILENAME
nbk [Fri, 19 Aug 2005 23:51:35 +0000 (23:51 +0000)]
Use 'lower' instead of 'ilike' or 'strcmp'.
Thanks to Alexander Pravking for spotting this
and thanks to Thor Spruyt for the patch.
aland [Fri, 19 Aug 2005 21:52:30 +0000 (21:52 +0000)]
Correct typo in driver name.
This fixes bug #256
aland [Fri, 19 Aug 2005 21:07:05 +0000 (21:07 +0000)]
Mark filenames in CONF_PARSER as PW_TYPE_FILENAME, so that the
HUP thing (when done) will work.
Update conffile, to free PW_TYPE_FILENAME, too
aland [Fri, 19 Aug 2005 19:47:45 +0000 (19:47 +0000)]
Set authentication vector to zero for more packet types,
as per last commit
aland [Fri, 19 Aug 2005 19:06:12 +0000 (19:06 +0000)]
Calculate Message-Authenticator properly for Accounting-Request
and Accounting-Response packets, as per
draft-aboba-radext-fixes-00.txt.
Bug found by Paolo Rotela
nbk [Fri, 19 Aug 2005 18:59:05 +0000 (18:59 +0000)]
Regenerate from configure.in 1.218
aland [Fri, 19 Aug 2005 18:50:32 +0000 (18:50 +0000)]
Foundation for allowing modules to tell the configuration parser
that a particular configuration item is a filename. If that
happens, then the file is stat'd, so that on HUP, it's stat'd
again, and the module isn't re-initialized.
This is to solve the problem where the configuration section
doesn't change in radiusd.conf, but the files it depends on do
change.
In order to fully integrate this, all modules will have to be
updated to use PW_TYPE_FILENAME for filenames, instead of
PW_TYPE_STRING_PTR.
cf_section_parse_free() hasn't been updated. That will be later.
aland [Fri, 19 Aug 2005 18:47:52 +0000 (18:47 +0000)]
return correct return code on error
nbk [Fri, 19 Aug 2005 17:01:40 +0000 (17:01 +0000)]
Regenerate after changes to acinclude.m4
nbk [Fri, 19 Aug 2005 16:25:32 +0000 (16:25 +0000)]
Try first any user-specified directory, otherwise we may pick up
the wrong version.
aland [Thu, 18 Aug 2005 23:31:21 +0000 (23:31 +0000)]
On HUP, migrate the module configuration from the old CONF_SECTION
to the new CONF_SECTION. This means that (for example), sql doesn't
have to tear down it's sockets & re-build them on HUP. Instead,
it just keeps working.
The code is disabled (#if 0), because many modules depend on files
on the disk, and they should re-read those on HUP, if they've
changed. This additional work requires:
- flag in module_t saying "HUP-safe"
- and the ability for modules to "register" files that they
depend, so that the HUP code can do the stat() itself, and
migrate the CONF_SECTION if nothing has changed
aland [Thu, 18 Aug 2005 23:19:38 +0000 (23:19 +0000)]
Removed extraneous debug message
aland [Thu, 18 Aug 2005 21:37:48 +0000 (21:37 +0000)]
Got rid of read_radius_conf(), as it's no longer needed
bjordanov [Thu, 18 Aug 2005 18:27:58 +0000 (18:27 +0000)]
Moved checking and allocation for interp from init_pool into perl_instantiate.
We needed it here for making an interp for every perl_instance from main interp.
aland [Thu, 18 Aug 2005 18:18:30 +0000 (18:18 +0000)]
Now that we have 1000's of ATTRIBUTE's and VALUE's in the dictionary,
cache the 'mtime' of each file we load, so that on HUP we can
quickly stat() the files, see they're the same, and don't reload
the dictionaries.
This doesn't help programs like radclient, but it doesn't hurt
them, either.
aland [Thu, 18 Aug 2005 17:34:29 +0000 (17:34 +0000)]
Moved call to setup_modules() from server core to read_mainconfig
aland [Thu, 18 Aug 2005 17:22:01 +0000 (17:22 +0000)]
Move modules back to static struct, in preparation for not tearing
down the modules on HUP
aland [Wed, 17 Aug 2005 23:48:26 +0000 (23:48 +0000)]
Re-arrange entries in the module_t structure, and do some
more checking when we load modules.
aland [Wed, 17 Aug 2005 23:47:37 +0000 (23:47 +0000)]
Fix bug
aland [Wed, 17 Aug 2005 23:41:26 +0000 (23:41 +0000)]
Add notes about future FIXME's
projects / freeradius.git / log