kkalev [Mon, 25 Nov 2002 16:35:35 +0000 (16:35 +0000)]
* Use CISCO-POP-MGMT-MIB in snmpfinger instead of CISCO-CALL-HISTORY-MIB. Thanks to
Evren Yurtesen <eyurtese@turkuamk.fi> for the suggestion.
* Also do the same in checkrad for cisco routers
kkalev [Sun, 24 Nov 2002 15:08:20 +0000 (15:08 +0000)]
We don't need ORDER BY GroupName in show_groups.php3 since we have GROUP BY
kkalev [Sun, 24 Nov 2002 15:01:36 +0000 (15:01 +0000)]
Work even when register_globals if off. Suggestion from Evren Yurtesen <eyurtese@turkuamk.fi>
Also add an entry in the FAQ about that.
kkalev [Sat, 23 Nov 2002 16:20:17 +0000 (16:20 +0000)]
Fix a typo in sql.attrmap. Fix by Evren Yurtesen <eyurtese@turkuamk.fi>
kkalev [Thu, 21 Nov 2002 23:33:32 +0000 (23:33 +0000)]
* Remove one sql query from user_admin which was not needed.
* Instead of a query like "LIKE 'YYYY-MM-DD%'" use "AcctStopTime >= 'YYYY-MM-DD 00:00:00 AND AcctStopTime
<= 'YYYY-MM-DD 23:59:59'" which will allow us to use sql indexes better.
* Add a few comments in bin/clean_radacct
* Add a new script bin/truncate_radacct which will delete all sessions from the radacct table which
are older than a configurable number of days.
* Add an entry in tuning_guide about creating a multi column index for (UserName,AcctStopTime). This
will really help sql_checksimul and the corresponding queries.
aland [Thu, 21 Nov 2002 19:25:33 +0000 (19:25 +0000)]
Deleted the old (and hokey) 'new_sectiontype_value' function, and
replaced it with a slightly less hokey piece of code.
The sub-sections authtype SQL { redundant { sql1 sql1 } }
now have their Auth-Type values created before the modules are
initialized, so you can do;
authtype MY_NEW_SQL_TYPE { redundant { sql1 sql1 } },
and then in the 'users' file, do:
DEFAULT Auth-Type := MY_NEW_SQL_TYPE,
and it will work. This is a nice, small addition.
Also added Acct-Type parsing, but it doesn't work in modcall, yet
aland [Thu, 21 Nov 2002 19:21:30 +0000 (19:21 +0000)]
When creating a value, ensure that we update the 'attr' field
with the proper value, instead of always setting it to zero.
aland [Thu, 21 Nov 2002 18:58:06 +0000 (18:58 +0000)]
Added definition for Acct-Type
aland [Thu, 21 Nov 2002 17:57:31 +0000 (17:57 +0000)]
Made ALL dictionary lookups case insensitive by default, there's
no point in having it a 'configure' option.
Use the new 'str2int' functions, to determine the attribute type
aland [Thu, 21 Nov 2002 17:46:46 +0000 (17:46 +0000)]
Use new int2str and str2int functions, based on
Wichert Akkerman's patch.
aland [Thu, 21 Nov 2002 17:40:10 +0000 (17:40 +0000)]
Use new int2str function, based on Wichert Akkerman's patch.
aland [Thu, 21 Nov 2002 17:37:16 +0000 (17:37 +0000)]
str2int and int2str, based on Wichert Akkerman's patch.
aland [Thu, 21 Nov 2002 17:10:44 +0000 (17:10 +0000)]
Move libcrypt BEFORE the other libs, as some stupid libraries
supply ANOTHER crypt() function, which doesn't do anything
useful!
Bug found by Josh Wilsdon
aland [Wed, 20 Nov 2002 20:29:35 +0000 (20:29 +0000)]
Alteon web switch dictionary, from Thomas Linden
aland [Wed, 20 Nov 2002 20:28:13 +0000 (20:28 +0000)]
When returning an error while reading a dictionary, ensure that
we close the file pointer, so that we don't leak it.
When parsing a dictionary line, if it doesn't match anything
we know about, then print an error, and fail, instead of
silently igoring it.
aland [Mon, 18 Nov 2002 16:08:17 +0000 (16:08 +0000)]
The head is now 0.9-pre
aland [Mon, 18 Nov 2002 15:37:24 +0000 (15:37 +0000)]
Last set of updates before 0.8
aland [Mon, 18 Nov 2002 15:32:03 +0000 (15:32 +0000)]
Added Oracle queries
fcusack [Fri, 15 Nov 2002 10:20:41 +0000 (10:20 +0000)]
Put detail rotation back in with comments about daily detail files.
pnixon [Thu, 14 Nov 2002 17:38:44 +0000 (17:38 +0000)]
Added ucdsnmp dependency to the SuSE spec file
aland [Thu, 14 Nov 2002 17:08:35 +0000 (17:08 +0000)]
AIX weirdness patch, from Mark E. Jezioro
aland [Thu, 14 Nov 2002 16:32:11 +0000 (16:32 +0000)]
Added note that LEAP is not supported.
cmiller [Wed, 13 Nov 2002 22:22:27 +0000 (22:22 +0000)]
debian: Added Wichert's suggested build-deps: snmp, autoconf.
cmiller [Wed, 13 Nov 2002 22:05:44 +0000 (22:05 +0000)]
Use new config.guess.
cmiller [Wed, 13 Nov 2002 22:03:50 +0000 (22:03 +0000)]
debian: uncomment pesky user & group in default radiusd.conf
kkalev [Wed, 13 Nov 2002 20:57:52 +0000 (20:57 +0000)]
* Now the create user page should work with sql
* Make the default general_lib_type sql instead of ldap
aland [Wed, 13 Nov 2002 18:19:32 +0000 (18:19 +0000)]
Added notes as to where to find the new configuration.
aland [Wed, 13 Nov 2002 16:07:51 +0000 (16:07 +0000)]
Initial nonsense documentation to get around most of the
repeated questions.
kkalev [Wed, 13 Nov 2002 13:12:21 +0000 (13:12 +0000)]
Also show server:port in the user test page (so that it shows when used for server checks)
pnixon [Wed, 13 Nov 2002 10:55:01 +0000 (10:55 +0000)]
Change sql configuration files to correctly honour the radacct table
variables
fcusack [Wed, 13 Nov 2002 04:21:59 +0000 (04:21 +0000)]
authorize module handling doesn't work the way I thought.
Fix multiple instance support to accomodate the way it REALLY works.
fcusack [Wed, 13 Nov 2002 03:23:51 +0000 (03:23 +0000)]
In authorize(), support any Auth-Type that *starts* with
"x99_token", rather than just exactly "x99_token"; to support
multiple instances.
kkalev [Tue, 12 Nov 2002 21:55:12 +0000 (21:55 +0000)]
* Allow selecting a specific access server in the failed logins page
* In the user admin page use AcctStartTime not AcctStopTime when calculating usage for the last 7 days
aland [Tue, 12 Nov 2002 21:13:00 +0000 (21:13 +0000)]
Trying to fix permissions...
aland [Tue, 12 Nov 2002 21:12:38 +0000 (21:12 +0000)]
trying to fix perms...
aland [Tue, 12 Nov 2002 21:11:33 +0000 (21:11 +0000)]
Removed unused file
aland [Tue, 12 Nov 2002 20:22:46 +0000 (20:22 +0000)]
Made Status-Server support configurable, so that people can enable
or disable it as they require.
aland [Tue, 12 Nov 2002 20:15:25 +0000 (20:15 +0000)]
reconnect patch from Peter Nixon
aland [Tue, 12 Nov 2002 17:29:03 +0000 (17:29 +0000)]
If we call do_xlat(), then we HAVE found an xlat for that string,
so we mark 'found', too.
aland [Tue, 12 Nov 2002 17:09:50 +0000 (17:09 +0000)]
Added rlm_always documentation, with examples
aland [Tue, 12 Nov 2002 17:09:14 +0000 (17:09 +0000)]
Added pre/post-proxy, and post-auth handlers.
kkalev [Tue, 12 Nov 2002 09:04:12 +0000 (09:04 +0000)]
When searching a user in ldap through the find page only try to find the users which have a uid attribute (username)
aland [Mon, 11 Nov 2002 21:21:48 +0000 (21:21 +0000)]
Add information on MACOSX, until we support it without any extra
magic.
aland [Mon, 11 Nov 2002 20:22:08 +0000 (20:22 +0000)]
Added CVS 'Id', so we know which version this file is.
aland [Mon, 11 Nov 2002 20:21:19 +0000 (20:21 +0000)]
Added a CVS 'Id' line, so we can know which version this file is.
aland [Mon, 11 Nov 2002 20:20:52 +0000 (20:20 +0000)]
Changed NAS-Port to NAS-Port-Id, to match the schema, and the
other DB's.
aland [Mon, 11 Nov 2002 20:09:07 +0000 (20:09 +0000)]
Moved finish query in sql_xlat, so that the rows aren't freed
until after we've accessed them. Based on a patch from
Malcolm Caldwell
Added 'default' to switch over Acct-Status-Type, so unknown
status types are ignored. Patch from Takahiro Wagatsuma
kkalev [Mon, 11 Nov 2002 16:02:49 +0000 (16:02 +0000)]
Include password.php3 in lib/ldap/password_check.php3
kkalev [Sat, 9 Nov 2002 19:43:13 +0000 (19:43 +0000)]
Fix a bug in lib/defaults.php3 which did not allow the default.vals file to be used correctly
cparker [Fri, 8 Nov 2002 21:48:09 +0000 (21:48 +0000)]
Move 'op' column to between Attribue and Value columns and set it to
be 'NOT NULL' to prevent silly problems with users who don't set an
operator.
cparker [Fri, 8 Nov 2002 21:42:16 +0000 (21:42 +0000)]
Move 'op' column to between Attribue and Value columns and set it to
be 'NOT NULL' to prevent silly problems with users who don't set an
operator.
aland [Fri, 8 Nov 2002 20:45:10 +0000 (20:45 +0000)]
Added big evil annoying stupid error message if the 'op' field
is NULL.
2 lines of text get dumped to 'radius.log' for every such broken
entry in the SQL database, so some admins might even notice, and
fix the problem.
aland [Fri, 8 Nov 2002 18:37:33 +0000 (18:37 +0000)]
Updated queries and schema, based on a patch sent to the list.
pnixon [Fri, 8 Nov 2002 16:08:52 +0000 (16:08 +0000)]
Remove mention of radwatch except to say that it should not be used.
aland [Fri, 8 Nov 2002 16:05:17 +0000 (16:05 +0000)]
Link against the python library
kkalev [Fri, 8 Nov 2002 15:07:09 +0000 (15:07 +0000)]
Fix a parse error in failed_logins.php3
pnixon [Fri, 8 Nov 2002 14:58:30 +0000 (14:58 +0000)]
Patch from Wichert Akkerman to fix a NULL pointer in error logging.
kkalev [Fri, 8 Nov 2002 07:18:13 +0000 (07:18 +0000)]
Fix a few bugs in log_badlogins
pnixon [Thu, 7 Nov 2002 19:53:22 +0000 (19:53 +0000)]
Remove the section for detail files as they should not be rotated here.
pnixon [Thu, 7 Nov 2002 19:37:10 +0000 (19:37 +0000)]
Clean up the spec file ready for FreeRadius 0.8 release
pnixon [Thu, 7 Nov 2002 18:06:18 +0000 (18:06 +0000)]
This makes the logrotation a bit more sane (as per the discussion started by
Frank Cusack on Nov 4 titles "logrotation") as well as adding some extra "nice"
options.
cmiller [Thu, 7 Nov 2002 17:04:33 +0000 (17:04 +0000)]
debian: added libtool as a build-dep (at Wichert's behest)
debian: changed section to "net" (at Wichert's behest)
aland [Thu, 7 Nov 2002 16:18:48 +0000 (16:18 +0000)]
Updated use of autoconf cache
patch from Wichert Akkerman <wichert@wiggy.net>
aland [Thu, 7 Nov 2002 15:56:43 +0000 (15:56 +0000)]
Updated dictionaries from Marko Myllynen
aland [Wed, 6 Nov 2002 16:36:14 +0000 (16:36 +0000)]
Updated from Peter Nixon
cmiller [Wed, 6 Nov 2002 16:11:57 +0000 (16:11 +0000)]
debian: set version number for upcoming release.
debian: removed "conflicts" entry with other radiusd. (Thanks to Toni
Mueller <support@oeko.net> for arguing convincingly.)
aland [Tue, 5 Nov 2002 18:24:54 +0000 (18:24 +0000)]
Re-arranged functions to get rid of compiler warnings.
aland [Tue, 5 Nov 2002 18:14:55 +0000 (18:14 +0000)]
Normalized error messages
aland [Tue, 5 Nov 2002 18:00:45 +0000 (18:00 +0000)]
Normalized error messages
aland [Tue, 5 Nov 2002 17:42:07 +0000 (17:42 +0000)]
Normalized error messages
fcusack [Tue, 5 Nov 2002 10:11:59 +0000 (10:11 +0000)]
Removed radwatch, it's not used any longer. Removed radiusd restart,
this is unnecessary (log files are always reopened for each entry).
Thanks to Karageorgioy Aggelos for some tips.
aland [Mon, 4 Nov 2002 19:36:02 +0000 (19:36 +0000)]
Added /usr/include/pgsql, which works for Suse.
Patch from Peter Nixon
aland [Mon, 4 Nov 2002 17:29:33 +0000 (17:29 +0000)]
Added files from 'suse', to shorten the chain of patches.
fcusack [Mon, 4 Nov 2002 04:02:02 +0000 (04:02 +0000)]
Don't encode MS-CHAP-MPPE-Keys; handled in library.
kkalev [Fri, 1 Nov 2002 21:36:43 +0000 (21:36 +0000)]
Set LDAP version to V3 before binding. Now freeradius should work with openldap21
aland [Fri, 1 Nov 2002 16:35:11 +0000 (16:35 +0000)]
Include netinet/in.h before radius specific stuff
aland [Fri, 1 Nov 2002 16:32:41 +0000 (16:32 +0000)]
Moved core dump handling back to radiusd.c
aland [Fri, 1 Nov 2002 16:16:51 +0000 (16:16 +0000)]
Delete submodules from the list. The modules which DO have
sub-modules should have their own 'stable' list, and process it
themselves. Putting them here just confuses the build rules.
aland [Fri, 1 Nov 2002 15:59:14 +0000 (15:59 +0000)]
Added notes from the list.
aland [Fri, 1 Nov 2002 15:36:58 +0000 (15:36 +0000)]
Added note about SQL configuration
aland [Thu, 31 Oct 2002 17:16:54 +0000 (17:16 +0000)]
Updated with latest set of changes.
aland [Thu, 31 Oct 2002 16:23:32 +0000 (16:23 +0000)]
Use the new mainconfig.clients, instead of the old 'clients'
fcusack [Thu, 31 Oct 2002 10:01:23 +0000 (10:01 +0000)]
only log unknown user events once instead of 4x.
aland [Wed, 30 Oct 2002 20:38:18 +0000 (20:38 +0000)]
Clear the main config, before reading radiusd.conf
aland [Wed, 30 Oct 2002 20:17:36 +0000 (20:17 +0000)]
Made read_radius_conf_file() return the actual CONF_SECTION*
which was read. This makes it easier to do HUP later, and
removes the need for radrelay, radwho, and radzap, to have
access to the radius daemons 'mainconfig' stuff.
aland [Wed, 30 Oct 2002 20:02:39 +0000 (20:02 +0000)]
Made read_radius_conf_file() return the actual CONF_SECTION*
which was read. This makes it easier to do HUP later, and
removes the need for radrelay, radwho, and radzap, to have
access to the radius daemons 'mainconfig' stuff.
aland [Wed, 30 Oct 2002 19:52:55 +0000 (19:52 +0000)]
Delayed commit from yesterday, as part of cleaning up the configuration
handling.
aland [Wed, 30 Oct 2002 18:15:43 +0000 (18:15 +0000)]
After installation, make 'clients' and 'clients.conf' r/w only
by the owner, and non-readable by everyone else.
aland [Wed, 30 Oct 2002 18:01:17 +0000 (18:01 +0000)]
SQL fail-over patch, based on one supplied by
Thomas Jalsovsky.
If we have an error on the SQL select, then do NOT return
RLM_MODULE_OK. Instead, when we log an error, ALSO set the
return code to RLM_MODULE_FAIL, and return that.
This allows one SQL module to fail-over to another, if the DB for
the first one goes down.
aland [Wed, 30 Oct 2002 17:50:47 +0000 (17:50 +0000)]
Don't go into all of the SQL sub-directories. Instead, only go
into the ones with Makefiles.
aland [Wed, 30 Oct 2002 16:05:53 +0000 (16:05 +0000)]
New 'free mainconfig' function, to remove more code from radiusd.c
kkalev [Wed, 30 Oct 2002 08:50:21 +0000 (08:50 +0000)]
Add radiusCheckItem and radiusReplyItem in the ldap schema
fcusack [Wed, 30 Oct 2002 04:35:58 +0000 (04:35 +0000)]
Change ewindow2 logic so that a repeat of the same
password doesn't reset the sequence to the initial state;
instead it just resets the timer. So now, a sequence like
2,2,3 will count as an ewindow2 override. This should help
Windows users, since the failed login dialog is confusing
and encourages sequences like (1,1,2,2,3,3). Previously,
the repeat (1,1) would reset the sequence and the following
2 would not count as an override.
vorlon [Wed, 30 Oct 2002 04:02:08 +0000 (04:02 +0000)]
Update rlm_krb5 configure script to use AC_SMART_CHECK_LIB, needed in
order to build on Red Hat.
aland [Tue, 29 Oct 2002 22:55:25 +0000 (22:55 +0000)]
Massive changes to configuration handling (re-arranging, mostly)
Moved the configuration items and parsing to mainconfig.c
conffile.c now does ONLY handling of CONF_ITEM, CONF_SECTION,
and CONF_PAIR. No more radius config stuff for it.
Ripped the configuration-related code out of radiusd.c, and log.c,
and moved it into mainconfig.c. This should allow us to better
control configuration changes, as they're all together in one
file now.
Moved many 'static' or global variables from radiusd.c into the
mainconfig data structure. This will allow us to better handle HUP
signals in the future, as we can simply allocate a NEW configuration,
without deleting the old one. We can then clean up the old one
later, once the threads/modules/whatever have finished processing
them.
Added 'mainconfig.o' to the list of dependencies for radwho, radzap,
and radrelay. We might have to do some additional sanity checking,
but it appears to work for now.
aland [Tue, 29 Oct 2002 21:05:22 +0000 (21:05 +0000)]
Removed unused variable.
aland [Mon, 28 Oct 2002 21:11:29 +0000 (21:11 +0000)]
Be a little more selective about RADIUS replies. If we get a reply
from an IP:port which wasn't sent the request, then complain
loudly, and exit.
aland [Mon, 28 Oct 2002 20:38:39 +0000 (20:38 +0000)]
Whitespace changes, grammar changes, and additional explanations.
aland [Mon, 28 Oct 2002 20:14:03 +0000 (20:14 +0000)]
Changed default caching of /etc/passwd files to 'no'.
Changed default for radwtmp to NULL (no radwtmp)
Updated handling of radwtmp config, to ignore wtmp if inst->radwtmp
is set to NULL.
aland [Mon, 28 Oct 2002 19:13:31 +0000 (19:13 +0000)]
Moved the 'clients', 'realms', and 'config' variables into the
'mainfconfig' data structure, so everyone can see them.
Moved the signal handling code to be a bit better (yet again)
When receiving a SIGTERM, (or any other fatal signal), try
our best to clean up and exit.