Alan T. DeKok [Wed, 22 Aug 2012 07:58:09 +0000 (09:58 +0200)]
Nuke the '[' on expansion
Alan T. DeKok [Tue, 21 Aug 2012 13:35:31 +0000 (15:35 +0200)]
Note recent changes
Alan T. DeKok [Tue, 21 Aug 2012 13:33:50 +0000 (15:33 +0200)]
Accounting only needs select, insert, update
Not delete. Not table mods
Alan T. DeKok [Tue, 21 Aug 2012 13:32:47 +0000 (15:32 +0200)]
e table name, not "radius.table"
Alan T. DeKok [Tue, 21 Aug 2012 13:31:09 +0000 (15:31 +0200)]
Use max_queue_size when initializing the queues
Alan T. DeKok [Mon, 20 Aug 2012 09:29:09 +0000 (11:29 +0200)]
Clarify error message
Alan T. DeKok [Mon, 13 Aug 2012 13:19:32 +0000 (15:19 +0200)]
Commented out "unix" (radwho) and "radutmp"
These are used less and less.
Arran Cudbard-Bell [Mon, 20 Aug 2012 14:27:15 +0000 (15:27 +0100)]
Remove Client-IP-Address so Acct-Unique-Session-ID stays constant, if request is routed via load balancer
Alan T. DeKok [Fri, 10 Aug 2012 09:19:51 +0000 (11:19 +0200)]
Add accounting-on / off statements
Alan T. DeKok [Thu, 9 Aug 2012 15:54:54 +0000 (17:54 +0200)]
Produce warnings on OpenSSL problems, rather than crash.
Alan T. DeKok [Thu, 9 Aug 2012 13:03:18 +0000 (15:03 +0200)]
Updated example
Matthew Newton [Sun, 8 Apr 2012 21:02:55 +0000 (22:02 +0100)]
don't chgrp syslog
Alan T. DeKok [Tue, 7 Aug 2012 13:01:09 +0000 (15:01 +0200)]
Note recent changes
Arran Cudbard-Bell [Fri, 10 Aug 2012 07:25:53 +0000 (00:25 -0700)]
Merge pull request #75 from fajarnugraha/v2.1.x-redhat-2.2.0
Fix redhat package to build and run cleanly for 2.2.0
Fajar A. Nugraha [Fri, 10 Aug 2012 06:59:31 +0000 (13:59 +0700)]
redhat:add '--with-system-libltdl' to fix build error on RHEL6
Fajar A. Nugraha [Fri, 10 Aug 2012 06:17:13 +0000 (13:17 +0700)]
redhat:fix extra files caused by incorrect patch backup option
Fajar A. Nugraha [Fri, 10 Aug 2012 06:15:20 +0000 (13:15 +0700)]
redhat:include new raddb/modules/* in spec
Fajar A. Nugraha [Fri, 10 Aug 2012 06:05:16 +0000 (13:05 +0700)]
redhat:force-enable rlm_wimax since '--with-modules="rlm_wimax"' is not enough
Fajar A. Nugraha [Fri, 10 Aug 2012 05:54:27 +0000 (12:54 +0700)]
redhat:import debian/patches/dhcp_sqlippool-comment-out-mysql.diff
Fajar A. Nugraha [Fri, 10 Aug 2012 05:51:03 +0000 (12:51 +0700)]
redhat:adjust version number in freeradius.spec
Fajar A. Nugraha [Fri, 10 Aug 2012 04:39:39 +0000 (11:39 +0700)]
redhat:remove patches already applied upstream
Removed:
* redhat/freeradius-man.patch
* redhat/freeradius-perl.patch
* redhat/freeradius-unix-passwd-expire.patch
Modified:redhat/freeradius.spec
Fajar A. Nugraha [Fri, 10 Aug 2012 04:31:04 +0000 (11:31 +0700)]
redhat:certs already use default_md=sha1, so remove it from patch
Fajar A. Nugraha [Fri, 10 Aug 2012 04:25:08 +0000 (11:25 +0700)]
Import freeradius-2.1.12-3.el6.src.rpm
Import spec and additional files from freeradius-2.1.12-3.el6.src.rpm
to redhat/
Arran Cudbard-Bell [Thu, 9 Aug 2012 13:04:09 +0000 (15:04 +0200)]
Fix typo
Arran Cudbard-Bell [Tue, 7 Aug 2012 07:13:40 +0000 (00:13 -0700)]
Merge pull request #74 from fajarnugraha/v2.1.x-debian-package-fix
Fix debian package to work even without freeradius-mysql
Fajar A. Nugraha [Tue, 7 Aug 2012 06:30:28 +0000 (13:30 +0700)]
Fix debian package to work even without freeradius-mysql
Added a patch to comment-out the line referencing mysql on
modules/dhcp_sqlippool in the default debian package.
This is needed so that by default users installing "freeradius"
package can always start the server, even without
"freeeradius-mysql" package installed.
Alan T. DeKok [Thu, 2 Aug 2012 16:29:18 +0000 (09:29 -0700)]
Rename confusing attr
Alan T. DeKok [Wed, 1 Aug 2012 22:56:50 +0000 (15:56 -0700)]
Ignore regex comparisons, too
Alan T. DeKok [Wed, 1 Aug 2012 22:55:26 +0000 (15:55 -0700)]
V6-enable the log filename
Alan T. DeKok [Wed, 1 Aug 2012 22:53:49 +0000 (15:53 -0700)]
Remove extraneneous assert
Arran Cudbard-Bell [Wed, 1 Aug 2012 18:05:10 +0000 (19:05 +0100)]
Script to convert ISC dhcp lease files into sqlippool entries.
Alan T. DeKok [Mon, 30 Jul 2012 22:47:12 +0000 (15:47 -0700)]
Next update time may be NULL
Alan T. DeKok [Mon, 30 Jul 2012 16:48:20 +0000 (18:48 +0200)]
Check for NULL parameters to functions
Alan T. DeKok [Mon, 30 Jul 2012 16:48:04 +0000 (18:48 +0200)]
Check for NULL parameter
Alan T. DeKok [Mon, 30 Jul 2012 16:39:25 +0000 (18:39 +0200)]
Fix warnings found by llvm scan
Alan T. DeKok [Mon, 30 Jul 2012 16:35:34 +0000 (18:35 +0200)]
Remove extraneous initialization
Alan T. DeKok [Sat, 28 Jul 2012 14:32:19 +0000 (10:32 -0400)]
Call globfree() if glob() returns error.
Closes bug #207.
glob may PARTIALLY fill out the data before returning error
(sigh)
Alan T. DeKok [Sat, 21 Jul 2012 00:29:43 +0000 (20:29 -0400)]
Fix typo
Alan T. DeKok [Sat, 21 Jul 2012 00:07:18 +0000 (20:07 -0400)]
Simplify diameter_verify
It now verifies ONLY the format of the diameter attributes.
It does NOT verify the attribute #, vendor #, etc. The diameter2vp
function now does that.
Ensure that attributes of length > 253 are silently ignored, rather
than causing failure
Alan T. DeKok [Fri, 20 Jul 2012 23:29:34 +0000 (19:29 -0400)]
Be more forgiving about decoding data in TTLS tunnels
Allow unknown / invalid attrs as "raw" attributes.
Decode byte, short, IPv6*
Alan T. DeKok [Thu, 19 Jul 2012 14:11:53 +0000 (10:11 -0400)]
Note MySQL fixes
Alan T. DeKok [Thu, 19 Jul 2012 13:37:56 +0000 (09:37 -0400)]
Fix typo
Arran Cudbard-Bell [Wed, 18 Jul 2012 21:52:05 +0000 (23:52 +0200)]
Set InnoDB as the default on accounting and postauth tables.
Arran Cudbard-Bell [Wed, 18 Jul 2012 21:50:28 +0000 (23:50 +0200)]
Add unique index constraint on acctuniqueid so that the alternate query fires correctly.
Arran Cudbard-Bell [Wed, 18 Jul 2012 11:51:02 +0000 (13:51 +0200)]
Note one letter expansions
Alan T. DeKok [Sun, 15 Jul 2012 17:09:35 +0000 (13:09 -0400)]
Note recent changes
Alan T. DeKok [Fri, 6 Jul 2012 16:16:31 +0000 (12:16 -0400)]
Leave static variable alone. Closes bug #207
Alan T. DeKok [Thu, 21 Jun 2012 13:42:12 +0000 (09:42 -0400)]
Free the correct data
Alan T. DeKok [Mon, 18 Jun 2012 14:25:53 +0000 (16:25 +0200)]
Fix typo
Alan T. DeKok [Mon, 18 Jun 2012 13:34:06 +0000 (15:34 +0200)]
Note Juniper is now allowed
Alan T. DeKok [Sat, 16 Jun 2012 07:35:11 +0000 (09:35 +0200)]
Added checks for juniper
Alan T. DeKok [Sat, 16 Jun 2012 07:24:27 +0000 (09:24 +0200)]
Fix typo in help text
Alan T. DeKok [Fri, 15 Jun 2012 15:15:36 +0000 (17:15 +0200)]
Print out results of check. Exit with return code of check
Alan T. DeKok [Wed, 13 Jun 2012 19:18:02 +0000 (21:18 +0200)]
Fix bug
Alan T. DeKok [Wed, 13 Jun 2012 08:41:51 +0000 (10:41 +0200)]
Clarify error messages
Alan T. DeKok [Tue, 12 Jun 2012 17:36:19 +0000 (19:36 +0200)]
New dictionary
Alan T. DeKok [Mon, 4 Jun 2012 12:51:26 +0000 (14:51 +0200)]
Clearer instructions
Alan T. DeKok [Mon, 4 Jun 2012 12:44:44 +0000 (14:44 +0200)]
More bad user names
Arran Cudbard-Bell [Thu, 12 Jul 2012 20:40:17 +0000 (21:40 +0100)]
Use minute for the default detail writer/reader
Arran Cudbard-Bell [Thu, 12 Jul 2012 20:25:43 +0000 (21:25 +0100)]
Backport Minute and Request ID expansions
Arran Cudbard-Bell [Fri, 29 Jun 2012 14:48:45 +0000 (15:48 +0100)]
Use radmin for hupage
Arran Cudbard-Bell [Thu, 28 Jun 2012 08:21:08 +0000 (10:21 +0200)]
Update v2.1.x
Arran Cudbard-Bell [Wed, 27 Jun 2012 22:57:18 +0000 (00:57 +0200)]
Should insert CUI into request list.
Arran Cudbard-Bell [Fri, 15 Jun 2012 15:22:54 +0000 (17:22 +0200)]
Add gitignore
Arran Cudbard-Bell [Fri, 15 Jun 2012 15:18:02 +0000 (18:18 +0300)]
Actually output stuff on check, and return exit code
Arran Cudbard-Bell [Fri, 15 Jun 2012 14:18:54 +0000 (17:18 +0300)]
Fix typo
Arran Cudbard-Bell [Fri, 15 Jun 2012 10:52:10 +0000 (13:52 +0300)]
Update v2.1.x
Arran Cudbard-Bell [Fri, 15 Jun 2012 10:48:58 +0000 (12:48 +0200)]
Add SMF manifest for solaris
Alan T. DeKok [Tue, 29 May 2012 08:35:12 +0000 (10:35 +0200)]
Check return codes from rediswho_command()
Alan T. DeKok [Tue, 29 May 2012 08:28:17 +0000 (10:28 +0200)]
Added database selection capability to rlm_redis
Alan T. DeKok [Tue, 29 May 2012 08:26:03 +0000 (10:26 +0200)]
Move error condition to top of "connect" function.
If we get a connection error, exit the function quickly.
The tail of the function should always be "everything succeeded"
Alan T. DeKok [Tue, 29 May 2012 08:20:49 +0000 (10:20 +0200)]
Close the connection, instead of free'ing it.
The next line uses the connection. So free'ing it is bad.
Alan T. DeKok [Tue, 29 May 2012 08:18:47 +0000 (10:18 +0200)]
If there's a lifetime, set the "connected" time
Alan T. DeKok [Mon, 28 May 2012 15:42:06 +0000 (17:42 +0200)]
FNV-1a: xor then multiply, not multiply then xor
it has much better properties
Alan T. DeKok [Sat, 26 May 2012 08:32:58 +0000 (10:32 +0200)]
VP may be NULL
Alan T. DeKok [Tue, 22 May 2012 15:26:40 +0000 (17:26 +0200)]
WARN if the query strings look to be too long
Alan T. DeKok [Wed, 9 May 2012 12:58:25 +0000 (14:58 +0200)]
Added installation of rad_counter
Alan T. DeKok [Wed, 9 May 2012 12:56:20 +0000 (14:56 +0200)]
Utilities are nust "foo" and not "foo.pl"
Alan T. DeKok [Mon, 7 May 2012 16:33:31 +0000 (18:33 +0200)]
oreect Message-Authenticator calculation for CoA packets.
Patch from Jouni Malinen.
Alan T. DeKok [Sun, 29 Apr 2012 08:16:44 +0000 (10:16 +0200)]
Allow referencing tags in xlat
%{Tunnel-Type:1} works, and is the same as
%{Tunnel-Type:1[0]}
All of the other expansions now work, too
Alan T. DeKok [Sun, 29 Apr 2012 07:23:23 +0000 (09:23 +0200)]
As posted to the Wiki
Alan T. DeKok [Thu, 26 Apr 2012 11:30:31 +0000 (13:30 +0200)]
Note that raddebug can be used
Alan T. DeKok [Sun, 22 Apr 2012 19:54:25 +0000 (21:54 +0200)]
Don't use SQL modules in the default config
Alan T. DeKok [Sun, 22 Apr 2012 15:20:07 +0000 (17:20 +0200)]
Fix typo
Alan T. DeKok [Sun, 22 Apr 2012 08:34:14 +0000 (10:34 +0200)]
Move / add header files
Includes belong AFTER the main includes, not before
Alan T. DeKok [Tue, 17 Apr 2012 16:10:13 +0000 (18:10 +0200)]
Organize and note recent changes
Arran Cudbard-Bell [Tue, 17 Apr 2012 09:35:02 +0000 (11:35 +0200)]
Quieten rollback git reset calls
Arran Cudbard-Bell [Sun, 15 Apr 2012 18:53:16 +0000 (20:53 +0200)]
Add git post-receive hook for configuration updates
Alan T. DeKok [Sun, 15 Apr 2012 12:07:01 +0000 (14:07 +0200)]
LDAPS port is 636, not 689
Alan T. DeKok [Sun, 15 Apr 2012 12:04:16 +0000 (14:04 +0200)]
Document "port" entry for LDAP
Alan T. DeKok [Fri, 13 Apr 2012 14:58:54 +0000 (16:58 +0200)]
Added "instance" to xlat_unregister
This is so that on HUP, a module can re-register, and over-ride
the old value. When the old module is deleted, it de-registers
its xlat. But because the instance is now different, it doesn't
delete the *new* xlat
Alan T. DeKok [Thu, 12 Apr 2012 15:54:43 +0000 (17:54 +0200)]
Don't complain if we find an NT-Password
just like we suppress complains for finding a User-Password
Alan T. DeKok [Mon, 9 Apr 2012 08:45:37 +0000 (10:45 +0200)]
Make dhcp relaying fail gracefully
If there's no UDPFROMTO, then don't compile in DHCP relaying
Alan T. DeKok [Fri, 6 Apr 2012 13:17:12 +0000 (15:17 +0200)]
Re-order LIBS <-> -lpthread
-lpthread MAY need other libraries. So adding it first is a good idea.
Alan T. DeKok [Thu, 5 Apr 2012 15:49:20 +0000 (17:49 +0200)]
Added dictionary.terena
Alan T. DeKok [Tue, 3 Apr 2012 10:22:06 +0000 (11:22 +0100)]
Allow for new state transition on failure
if our RESPONSE gets a FAILURE message, it means that the
supplicant doesn't like our password. Rather than complaining
about unexpected response, just send failure.
Alan T. DeKok [Wed, 28 Mar 2012 15:14:56 +0000 (17:14 +0200)]
There might not be a reply
Bjørn Mork [Tue, 27 Mar 2012 08:57:36 +0000 (10:57 +0200)]
Decode encrypted VSAs in requests
Incoming CoA requests can contain encrypted VSAs. At least one
vendor is known to use this. These VSAs must be decrypted before
being proxied to enable the server to re-encrypt them using
the correct home server secret.
Fix by attempting to decode any encrypted request attribute using
a static vector of \0 bytes.
This also fixes debug logging of encrypted request attributes.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Alan T. DeKok [Thu, 15 Mar 2012 21:37:22 +0000 (17:37 -0400)]
Added "Interim-Update" as a copy of "Alive"
Alan T. DeKok [Thu, 15 Mar 2012 13:03:22 +0000 (09:03 -0400)]
Set "close on exec" flag
Just to be safe.