aland [Wed, 20 Apr 2005 19:54:27 +0000 (19:54 +0000)]
define struct in6_addr if it's not defined. This lets the server
implement IPv6 for packets it's handling, even if it can't listen
on IPv6 sockets natively
This change will probably break the build for the next little while,
until the #ifdef AF_INET6 stuff gets cleaned up...
aland [Wed, 20 Apr 2005 00:04:20 +0000 (00:04 +0000)]
If we have AF_INET6, use new API's to look up IPv6 addresses
in the configuration files
aland [Wed, 20 Apr 2005 00:01:23 +0000 (00:01 +0000)]
Use new API for hostname lookups
aland [Tue, 19 Apr 2005 23:55:41 +0000 (23:55 +0000)]
Do DNS lookups (or not) for IPv6 names, too
aland [Tue, 19 Apr 2005 23:50:39 +0000 (23:50 +0000)]
Call new functions to do DNS lookups
aland [Tue, 19 Apr 2005 23:42:47 +0000 (23:42 +0000)]
Look the server up with IPv6 aware code, too
aland [Tue, 19 Apr 2005 23:40:37 +0000 (23:40 +0000)]
Now builds with new IPv6 code.
Doesn't handle IPv6 clients, though. That can be fixed later.
aland [Tue, 19 Apr 2005 23:38:49 +0000 (23:38 +0000)]
Don't use ip_getaddr, use new ip_hton
aland [Tue, 19 Apr 2005 23:33:44 +0000 (23:33 +0000)]
check for getaddrinfo() && getnameinfo(), which both beat the
pants off of gethostbybname() & friends
raghu [Tue, 19 Apr 2005 22:07:41 +0000 (22:07 +0000)]
Initialize salen before calling getsockname
aland [Tue, 19 Apr 2005 21:31:37 +0000 (21:31 +0000)]
configure gets excited about $@, and tries to replace the @
with some intepreted string, which nukes the -L && -lradius
lines.
aland [Tue, 19 Apr 2005 21:21:12 +0000 (21:21 +0000)]
Massive change to add foundational support for IPv6.
Most of the code is still hard-coded to use IPv6, and there are
assertions sprinkled throughout which will cause the server to
die if IPv6 is used. However, the data structures are there,
and most of the support functions. The next step is updating
the client code to look for IPv6 clients, and to listen on IPv6
sockets.
radiusd & radclient work. radrelay & radsqlrelay build.
Most of the modules work. rlm_sql doesn't (as yet).
aland [Tue, 19 Apr 2005 20:52:12 +0000 (20:52 +0000)]
compiler warnings & fixes
aland [Tue, 19 Apr 2005 20:51:26 +0000 (20:51 +0000)]
typo
aland [Tue, 19 Apr 2005 20:50:54 +0000 (20:50 +0000)]
document radwho && radzap changes
aland [Tue, 19 Apr 2005 20:25:55 +0000 (20:25 +0000)]
One-character fix for typo
aland [Tue, 19 Apr 2005 20:11:37 +0000 (20:11 +0000)]
req is a REQUEST*, not a RADIUS_PACKET*.
Free it via request_free(), and not rad_free()
aland [Tue, 19 Apr 2005 16:54:57 +0000 (16:54 +0000)]
Fix brackets. Bug noted by Richard Arkner
kkalev [Tue, 19 Apr 2005 13:27:30 +0000 (13:27 +0000)]
In time2strclock also show days if applicable
aland [Tue, 19 Apr 2005 00:38:27 +0000 (00:38 +0000)]
C++ comments are bad
aland [Tue, 19 Apr 2005 00:11:24 +0000 (00:11 +0000)]
Removed unused variables
aland [Mon, 18 Apr 2005 20:50:22 +0000 (20:50 +0000)]
libtool to build, libtool to install
aland [Mon, 18 Apr 2005 19:00:24 +0000 (19:00 +0000)]
corrected typo in last commit
aland [Mon, 18 Apr 2005 18:51:00 +0000 (18:51 +0000)]
Make SERVER_OBJS depend on INCLUDES, and clean up other includes
aland [Mon, 18 Apr 2005 17:26:32 +0000 (17:26 +0000)]
Delete dependency on configure.ac, which isn't in the package.
The "makefile" tries to re-build "configure", and then runs it
again, after it was already configured & the makefile built.
WTF kind of drugs are these guys on?
aland [Fri, 15 Apr 2005 20:38:20 +0000 (20:38 +0000)]
Fixed typo in comment
kkalev [Fri, 15 Apr 2005 15:55:28 +0000 (15:55 +0000)]
Add a ?> at the end of user_admin.php3
kkalev [Fri, 15 Apr 2005 07:14:55 +0000 (07:14 +0000)]
Fix a bug with user_admin and da_sql_limit
aland [Fri, 15 Apr 2005 00:36:38 +0000 (00:36 +0000)]
configure in libltdl, if LIBLTDLPATH is set
raghu [Fri, 15 Apr 2005 00:32:59 +0000 (00:32 +0000)]
Add files which help libltdl to build
aland [Thu, 14 Apr 2005 23:25:49 +0000 (23:25 +0000)]
Hack AC_LIBLTDL_INSTALLABLE so it sets LIBLTDLPATH (or not)
and we don't get the crap of libltdl/ NOT being configured, but
the Make.inc thinking it was, and trying to build in there.
Did I mention I hate autoconf?
kkalev [Thu, 14 Apr 2005 23:17:21 +0000 (23:17 +0000)]
Fix a small bug in lib/sql/drivers/mysql/functions.php3
kkalev [Thu, 14 Apr 2005 13:46:04 +0000 (13:46 +0000)]
Fix a small typo
kkalev [Thu, 14 Apr 2005 13:43:01 +0000 (13:43 +0000)]
Use the correct max results variable in lib/*/find.php3
fcusack [Thu, 14 Apr 2005 08:31:18 +0000 (08:31 +0000)]
Change x99_pw_valid() to x99_pwe_cmp(), and coalesce args into a
struct to support upcoming cardops layer.
fcusack [Thu, 14 Apr 2005 07:43:53 +0000 (07:43 +0000)]
restore data zero-ing removed in 1.41; parser works differently
now so data must be zeroed beforehand
nbk [Wed, 13 Apr 2005 18:16:25 +0000 (18:16 +0000)]
Free the avp if we return without adding it in the packet
fcusack [Wed, 13 Apr 2005 18:12:27 +0000 (18:12 +0000)]
compiler warnings
fcusack [Tue, 12 Apr 2005 07:52:54 +0000 (07:52 +0000)]
pull in changes from pam_x99_auth
aland [Tue, 12 Apr 2005 00:37:03 +0000 (00:37 +0000)]
'exit 1' to 'exit $?', which is better
aland [Mon, 11 Apr 2005 23:39:39 +0000 (23:39 +0000)]
Initialize wait_mutex, not queue mutex
aland [Mon, 11 Apr 2005 23:11:55 +0000 (23:11 +0000)]
deleted unused code
aland [Mon, 11 Apr 2005 21:22:10 +0000 (21:22 +0000)]
'exit 1' to 'exit $?', which is better
aland [Fri, 8 Apr 2005 23:52:08 +0000 (23:52 +0000)]
'static' to 'static const'
aland [Fri, 8 Apr 2005 23:38:13 +0000 (23:38 +0000)]
'static' to 'static const'
aland [Fri, 8 Apr 2005 23:25:53 +0000 (23:25 +0000)]
'static' to 'static const'
aland [Fri, 8 Apr 2005 23:18:57 +0000 (23:18 +0000)]
'static' to 'static const'
aland [Fri, 8 Apr 2005 23:13:29 +0000 (23:13 +0000)]
'static' to 'static const'
aland [Fri, 8 Apr 2005 21:15:11 +0000 (21:15 +0000)]
Added CVS Id
aland [Fri, 8 Apr 2005 21:14:35 +0000 (21:14 +0000)]
radzap is now a shell-script wrapper around radwho && radclient.
As a nice side benefit, radzap actually works.
The one problem is that it's command-line arguments aren't backwards
compatible. Oh well..
kkalev [Fri, 8 Apr 2005 16:02:54 +0000 (16:02 +0000)]
Update ippool configuration with the key directive
kkalev [Fri, 8 Apr 2005 16:00:42 +0000 (16:00 +0000)]
Instead of nas/port keep an MD5 of an xlated string as the key. Also update
rlm_ippool_tool to support the new format.
This closes Bug #42
Code changes were funded by Airdesk Inc.
aland [Thu, 7 Apr 2005 22:36:29 +0000 (22:36 +0000)]
Updated for latest functionality
aland [Thu, 7 Apr 2005 22:22:53 +0000 (22:22 +0000)]
Added support for server name of "-", and looking for
Packet-Dst-IP-Address in the VP's
aland [Thu, 7 Apr 2005 22:14:15 +0000 (22:14 +0000)]
Added URL & CVS Id
aland [Thu, 7 Apr 2005 22:12:21 +0000 (22:12 +0000)]
Added dictionary.waverider, as posted to the list, with some edits
aland [Thu, 7 Apr 2005 18:57:30 +0000 (18:57 +0000)]
Minor fixes to "zap" functionality, and documentation
aland [Thu, 7 Apr 2005 18:45:06 +0000 (18:45 +0000)]
Escape '"' when printing. It's weird that this wasn't caught
before....
aland [Wed, 6 Apr 2005 23:15:55 +0000 (23:15 +0000)]
Let's print the correct values for attributes...
aland [Wed, 6 Apr 2005 22:43:41 +0000 (22:43 +0000)]
Tiny code changes turn radwho into a radzap clone, minus
the radclient portions. Now "radwho -Z .... | radclient" is the
equivalent of radzap. Nice.
aland [Wed, 6 Apr 2005 17:41:45 +0000 (17:41 +0000)]
Added RADIUS attribute output, so we can make "radzap"
a shell script wrapper around radwho
aland [Wed, 6 Apr 2005 16:36:08 +0000 (16:36 +0000)]
-l hasn't worked for years now. Delete it.
Rename -h to -S. -h should be "help"
aland [Wed, 6 Apr 2005 00:54:05 +0000 (00:54 +0000)]
radwho no longer calls read_mainconfig(), which makes it a little
easier to use radwho(), without that function trying to open
sockets, etc.
It also means that it becomes easier to make 'radzap' a shell-script
wrapper around radwho & radclient, which would result in less code
kkalev [Tue, 5 Apr 2005 13:32:23 +0000 (13:32 +0000)]
Count online users correctly (through a separate query) in user_finger.
kkalev [Mon, 4 Apr 2005 11:31:55 +0000 (11:31 +0000)]
Fix a typo
nbk [Sun, 3 Apr 2005 17:35:24 +0000 (17:35 +0000)]
Add a test to prevent division by zero.
Bug reported by Jakub Wartak.
fcusack [Fri, 1 Apr 2005 06:21:44 +0000 (06:21 +0000)]
replace a goto label with a conditional block
fcusack [Fri, 1 Apr 2005 06:10:19 +0000 (06:10 +0000)]
remove allocation failure check and data zeroing from 1.38
(allocation cannot fail, data is always set to sane values per config defaults)
aland [Thu, 31 Mar 2005 23:48:58 +0000 (23:48 +0000)]
document redundant-load-balance section.
It's a bad name, but it's clear, and easy to explain.
aland [Thu, 31 Mar 2005 23:12:20 +0000 (23:12 +0000)]
In addition to groups
redundant
load-balance
we now have
redundant-load-balance
which enables simple configuration of the *combination* of
load-balancing and redundancy for more than 2 modules.
e.g. Using just "redundant" and "load-balance", try to configure
the server to handle all of the fail-over and load-balancing cases
for 3 or more equivalent databases. The config files quickly blow
up, due to combinatorics.
This new group name combines the behavior of redundant and
load-balance, with no more configuration complexity of either
one.
aland [Thu, 31 Mar 2005 18:13:02 +0000 (18:13 +0000)]
Quote args to grep, so Solaris grep doesn't get excited.
Patch from Jason Ornstein
aland [Wed, 30 Mar 2005 21:32:55 +0000 (21:32 +0000)]
made xlat_find() check if the "module" is a RADIUS attribute
Made %{1}, etc. work again. The previous re-arrangement of the
code broke it...
aland [Wed, 30 Mar 2005 19:19:49 +0000 (19:19 +0000)]
Move docs to man page
aland [Wed, 30 Mar 2005 00:04:02 +0000 (00:04 +0000)]
One-line fix to auto-discover NS-MTA-MD5 passwords, now that
rlm_pap supports them
aland [Tue, 29 Mar 2005 23:58:20 +0000 (23:58 +0000)]
Added support for NS-MTA-MD5-Passwords. This means we can delete
the rlm_ns_mta_md5 module, which was tiny, anyhow. Moving the
functionality to rlm_pap ensures that all of the "hash" algorithms
are handled in one place, which makes management a little easier.
Testcase:
bob NS-MTA-MD5-Password := "8b29282c41e9ad6b5bcb4527f7c1141fyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"
clear-text password is "bob"
aland [Tue, 29 Mar 2005 23:53:49 +0000 (23:53 +0000)]
return on error, don't call exit()
mgriego [Tue, 29 Mar 2005 21:46:04 +0000 (21:46 +0000)]
Revert to using the pointer names in sizeof's. Be sure to dereference
pointers, though, so the sizes are correct.
aland [Tue, 29 Mar 2005 21:30:43 +0000 (21:30 +0000)]
Don't print warning if we found a passwd
aland [Tue, 29 Mar 2005 21:29:08 +0000 (21:29 +0000)]
print line numbers, too
aland [Tue, 29 Mar 2005 17:50:37 +0000 (17:50 +0000)]
Don't put libtldl in single quotes, it confuses /bin/sh
mgriego [Mon, 28 Mar 2005 22:51:16 +0000 (22:51 +0000)]
Allow for :- default xlat returns for module calls.
mgriego [Mon, 28 Mar 2005 21:20:26 +0000 (21:20 +0000)]
Moved the RLM_INSTALL line to the beginning of the install: block. This
fixes a problem with make install on the rlm_eap module where modules that
depend on libeap are installed before libeap itself, causing make install
to fail.
nbk [Mon, 28 Mar 2005 19:13:39 +0000 (19:13 +0000)]
Re-arrange the states in the loop() function. The transition
becomes STATE_RUN -> STATE_BACKLOG -> STATE_CLOSE
This is the same change made into radsqlrelay.c when fixing the
bug #206
mgriego [Mon, 28 Mar 2005 17:39:03 +0000 (17:39 +0000)]
Remove the EAP submodule locking.
mgriego [Mon, 28 Mar 2005 17:36:52 +0000 (17:36 +0000)]
Changed the malloc's for the inst->conns and inst->apc_conns back to using
sizeof(LDAP_CONN) since sizeof(inst->conns) was only using the size of the
pointer instead of the size of the structure. Not enough memory was being
allocated causing a crash on instantiation of the rlm_ldap module.
phampson [Sat, 26 Mar 2005 16:38:22 +0000 (16:38 +0000)]
Rerun autogen.sh (skipping libtoolize) with autoconf 2.59.
phampson [Sat, 26 Mar 2005 12:46:35 +0000 (12:46 +0000)]
Update Debian build process to link eap types statically against libeap
and rlm_eap_tls as needed.
phampson [Sat, 26 Mar 2005 12:43:49 +0000 (12:43 +0000)]
Don't automatically generate aclocal.m4 every time we autogen, as this
introduces a dependancy on automake.
aclocal.m4 _can_ be regenerated, but must not be committed without the.
first line as in this version.
phampson [Sat, 26 Mar 2005 12:40:15 +0000 (12:40 +0000)]
Make sure autoconf 2.50+ is required here as well. (Already required in
sub-directories w/configure.in)
phampson [Sat, 26 Mar 2005 12:39:19 +0000 (12:39 +0000)]
Escape function names when defining
aland [Sat, 26 Mar 2005 01:17:11 +0000 (01:17 +0000)]
radsqlrelay needs $(INCLTDL)
pnixon [Fri, 25 Mar 2005 17:52:46 +0000 (17:52 +0000)]
Reformat postgresql queries to remove TABS so that they my be copy/pasted directly from logs to psql to make problem solving easier.
pnixon [Fri, 25 Mar 2005 17:10:55 +0000 (17:10 +0000)]
Actually calculate (if AcctStartTime exists) the AcctSessionTime for NASes who do not send AcctSessionTime in Stop packets
mgriego [Fri, 25 Mar 2005 14:41:37 +0000 (14:41 +0000)]
Don't call SSL_CTX_load_verify_locations. This function should only be
used in a client environment as it causes us to load the system's CA list.
In a server environment, we only want to trust *our* CAs. On many systems,
the system CA list contains all known trusted CAs. If we trust these as
a server, we are potentially allowing lots of unknown users who have
legitimate certs from other CAs onto our network.
mgriego [Fri, 25 Mar 2005 14:36:19 +0000 (14:36 +0000)]
POSIX says that if a signal handler returns from handling a SIGSEGV signal,
then the behavior is undefined. On some systems, this results in a SIGSEGV
loop, causing the CPU to go to 100%. Added a case in the singal handler
for SIGSEGV that just exits so that we don't dump core and we don't cause
an infinite loop.
mgriego [Fri, 25 Mar 2005 14:34:06 +0000 (14:34 +0000)]
Implement OpenSSL static locking callbacks. This will allow us to
unserialize access to the EAP submodules. It also ensures that any
other modules that link against OpenSSL (ie ldaps, mysql with SSL, etc)
are truly threadsafe.
phampson [Fri, 25 Mar 2005 14:03:35 +0000 (14:03 +0000)]
-lkstat fix was commited to the (autogenerated) aclocal.m4 by accident.
This is where it belongs.
aland [Thu, 24 Mar 2005 23:38:33 +0000 (23:38 +0000)]
If weird EAP link mode, then link libeap, tls, ttls, and peap
into the server.
aland [Thu, 24 Mar 2005 23:32:04 +0000 (23:32 +0000)]
fix references to record_plus & friends
aland [Thu, 24 Mar 2005 23:04:16 +0000 (23:04 +0000)]
Cleaned up libeap/Makefile, so it uses the module rules.mak,
and not it's own stuff.
Defined magic variable RLM_EAP_LINK_MODE, which should be set
to -static. The server then links, runs, and installs!