aland [Thu, 14 Apr 2005 23:25:49 +0000 (23:25 +0000)]
Hack AC_LIBLTDL_INSTALLABLE so it sets LIBLTDLPATH (or not)
and we don't get the crap of libltdl/ NOT being configured, but
the Make.inc thinking it was, and trying to build in there.
Did I mention I hate autoconf?
kkalev [Thu, 14 Apr 2005 23:17:21 +0000 (23:17 +0000)]
Fix a small bug in lib/sql/drivers/mysql/functions.php3
kkalev [Thu, 14 Apr 2005 13:46:04 +0000 (13:46 +0000)]
Fix a small typo
kkalev [Thu, 14 Apr 2005 13:43:01 +0000 (13:43 +0000)]
Use the correct max results variable in lib/*/find.php3
fcusack [Thu, 14 Apr 2005 08:31:18 +0000 (08:31 +0000)]
Change x99_pw_valid() to x99_pwe_cmp(), and coalesce args into a
struct to support upcoming cardops layer.
fcusack [Thu, 14 Apr 2005 07:43:53 +0000 (07:43 +0000)]
restore data zero-ing removed in 1.41; parser works differently
now so data must be zeroed beforehand
nbk [Wed, 13 Apr 2005 18:16:25 +0000 (18:16 +0000)]
Free the avp if we return without adding it in the packet
fcusack [Wed, 13 Apr 2005 18:12:27 +0000 (18:12 +0000)]
compiler warnings
fcusack [Tue, 12 Apr 2005 07:52:54 +0000 (07:52 +0000)]
pull in changes from pam_x99_auth
aland [Tue, 12 Apr 2005 00:37:03 +0000 (00:37 +0000)]
'exit 1' to 'exit $?', which is better
aland [Mon, 11 Apr 2005 23:39:39 +0000 (23:39 +0000)]
Initialize wait_mutex, not queue mutex
aland [Mon, 11 Apr 2005 23:11:55 +0000 (23:11 +0000)]
deleted unused code
aland [Mon, 11 Apr 2005 21:22:10 +0000 (21:22 +0000)]
'exit 1' to 'exit $?', which is better
aland [Fri, 8 Apr 2005 23:52:08 +0000 (23:52 +0000)]
'static' to 'static const'
aland [Fri, 8 Apr 2005 23:38:13 +0000 (23:38 +0000)]
'static' to 'static const'
aland [Fri, 8 Apr 2005 23:25:53 +0000 (23:25 +0000)]
'static' to 'static const'
aland [Fri, 8 Apr 2005 23:18:57 +0000 (23:18 +0000)]
'static' to 'static const'
aland [Fri, 8 Apr 2005 23:13:29 +0000 (23:13 +0000)]
'static' to 'static const'
aland [Fri, 8 Apr 2005 21:15:11 +0000 (21:15 +0000)]
Added CVS Id
aland [Fri, 8 Apr 2005 21:14:35 +0000 (21:14 +0000)]
radzap is now a shell-script wrapper around radwho && radclient.
As a nice side benefit, radzap actually works.
The one problem is that it's command-line arguments aren't backwards
compatible. Oh well..
kkalev [Fri, 8 Apr 2005 16:02:54 +0000 (16:02 +0000)]
Update ippool configuration with the key directive
kkalev [Fri, 8 Apr 2005 16:00:42 +0000 (16:00 +0000)]
Instead of nas/port keep an MD5 of an xlated string as the key. Also update
rlm_ippool_tool to support the new format.
This closes Bug #42
Code changes were funded by Airdesk Inc.
aland [Thu, 7 Apr 2005 22:36:29 +0000 (22:36 +0000)]
Updated for latest functionality
aland [Thu, 7 Apr 2005 22:22:53 +0000 (22:22 +0000)]
Added support for server name of "-", and looking for
Packet-Dst-IP-Address in the VP's
aland [Thu, 7 Apr 2005 22:14:15 +0000 (22:14 +0000)]
Added URL & CVS Id
aland [Thu, 7 Apr 2005 22:12:21 +0000 (22:12 +0000)]
Added dictionary.waverider, as posted to the list, with some edits
aland [Thu, 7 Apr 2005 18:57:30 +0000 (18:57 +0000)]
Minor fixes to "zap" functionality, and documentation
aland [Thu, 7 Apr 2005 18:45:06 +0000 (18:45 +0000)]
Escape '"' when printing. It's weird that this wasn't caught
before....
aland [Wed, 6 Apr 2005 23:15:55 +0000 (23:15 +0000)]
Let's print the correct values for attributes...
aland [Wed, 6 Apr 2005 22:43:41 +0000 (22:43 +0000)]
Tiny code changes turn radwho into a radzap clone, minus
the radclient portions. Now "radwho -Z .... | radclient" is the
equivalent of radzap. Nice.
aland [Wed, 6 Apr 2005 17:41:45 +0000 (17:41 +0000)]
Added RADIUS attribute output, so we can make "radzap"
a shell script wrapper around radwho
aland [Wed, 6 Apr 2005 16:36:08 +0000 (16:36 +0000)]
-l hasn't worked for years now. Delete it.
Rename -h to -S. -h should be "help"
aland [Wed, 6 Apr 2005 00:54:05 +0000 (00:54 +0000)]
radwho no longer calls read_mainconfig(), which makes it a little
easier to use radwho(), without that function trying to open
sockets, etc.
It also means that it becomes easier to make 'radzap' a shell-script
wrapper around radwho & radclient, which would result in less code
kkalev [Tue, 5 Apr 2005 13:32:23 +0000 (13:32 +0000)]
Count online users correctly (through a separate query) in user_finger.
kkalev [Mon, 4 Apr 2005 11:31:55 +0000 (11:31 +0000)]
Fix a typo
nbk [Sun, 3 Apr 2005 17:35:24 +0000 (17:35 +0000)]
Add a test to prevent division by zero.
Bug reported by Jakub Wartak.
fcusack [Fri, 1 Apr 2005 06:21:44 +0000 (06:21 +0000)]
replace a goto label with a conditional block
fcusack [Fri, 1 Apr 2005 06:10:19 +0000 (06:10 +0000)]
remove allocation failure check and data zeroing from 1.38
(allocation cannot fail, data is always set to sane values per config defaults)
aland [Thu, 31 Mar 2005 23:48:58 +0000 (23:48 +0000)]
document redundant-load-balance section.
It's a bad name, but it's clear, and easy to explain.
aland [Thu, 31 Mar 2005 23:12:20 +0000 (23:12 +0000)]
In addition to groups
redundant
load-balance
we now have
redundant-load-balance
which enables simple configuration of the *combination* of
load-balancing and redundancy for more than 2 modules.
e.g. Using just "redundant" and "load-balance", try to configure
the server to handle all of the fail-over and load-balancing cases
for 3 or more equivalent databases. The config files quickly blow
up, due to combinatorics.
This new group name combines the behavior of redundant and
load-balance, with no more configuration complexity of either
one.
aland [Thu, 31 Mar 2005 18:13:02 +0000 (18:13 +0000)]
Quote args to grep, so Solaris grep doesn't get excited.
Patch from Jason Ornstein
aland [Wed, 30 Mar 2005 21:32:55 +0000 (21:32 +0000)]
made xlat_find() check if the "module" is a RADIUS attribute
Made %{1}, etc. work again. The previous re-arrangement of the
code broke it...
aland [Wed, 30 Mar 2005 19:19:49 +0000 (19:19 +0000)]
Move docs to man page
aland [Wed, 30 Mar 2005 00:04:02 +0000 (00:04 +0000)]
One-line fix to auto-discover NS-MTA-MD5 passwords, now that
rlm_pap supports them
aland [Tue, 29 Mar 2005 23:58:20 +0000 (23:58 +0000)]
Added support for NS-MTA-MD5-Passwords. This means we can delete
the rlm_ns_mta_md5 module, which was tiny, anyhow. Moving the
functionality to rlm_pap ensures that all of the "hash" algorithms
are handled in one place, which makes management a little easier.
Testcase:
bob NS-MTA-MD5-Password := "8b29282c41e9ad6b5bcb4527f7c1141fyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"
clear-text password is "bob"
aland [Tue, 29 Mar 2005 23:53:49 +0000 (23:53 +0000)]
return on error, don't call exit()
mgriego [Tue, 29 Mar 2005 21:46:04 +0000 (21:46 +0000)]
Revert to using the pointer names in sizeof's. Be sure to dereference
pointers, though, so the sizes are correct.
aland [Tue, 29 Mar 2005 21:30:43 +0000 (21:30 +0000)]
Don't print warning if we found a passwd
aland [Tue, 29 Mar 2005 21:29:08 +0000 (21:29 +0000)]
print line numbers, too
aland [Tue, 29 Mar 2005 17:50:37 +0000 (17:50 +0000)]
Don't put libtldl in single quotes, it confuses /bin/sh
mgriego [Mon, 28 Mar 2005 22:51:16 +0000 (22:51 +0000)]
Allow for :- default xlat returns for module calls.
mgriego [Mon, 28 Mar 2005 21:20:26 +0000 (21:20 +0000)]
Moved the RLM_INSTALL line to the beginning of the install: block. This
fixes a problem with make install on the rlm_eap module where modules that
depend on libeap are installed before libeap itself, causing make install
to fail.
nbk [Mon, 28 Mar 2005 19:13:39 +0000 (19:13 +0000)]
Re-arrange the states in the loop() function. The transition
becomes STATE_RUN -> STATE_BACKLOG -> STATE_CLOSE
This is the same change made into radsqlrelay.c when fixing the
bug #206
mgriego [Mon, 28 Mar 2005 17:39:03 +0000 (17:39 +0000)]
Remove the EAP submodule locking.
mgriego [Mon, 28 Mar 2005 17:36:52 +0000 (17:36 +0000)]
Changed the malloc's for the inst->conns and inst->apc_conns back to using
sizeof(LDAP_CONN) since sizeof(inst->conns) was only using the size of the
pointer instead of the size of the structure. Not enough memory was being
allocated causing a crash on instantiation of the rlm_ldap module.
phampson [Sat, 26 Mar 2005 16:38:22 +0000 (16:38 +0000)]
Rerun autogen.sh (skipping libtoolize) with autoconf 2.59.
phampson [Sat, 26 Mar 2005 12:46:35 +0000 (12:46 +0000)]
Update Debian build process to link eap types statically against libeap
and rlm_eap_tls as needed.
phampson [Sat, 26 Mar 2005 12:43:49 +0000 (12:43 +0000)]
Don't automatically generate aclocal.m4 every time we autogen, as this
introduces a dependancy on automake.
aclocal.m4 _can_ be regenerated, but must not be committed without the.
first line as in this version.
phampson [Sat, 26 Mar 2005 12:40:15 +0000 (12:40 +0000)]
Make sure autoconf 2.50+ is required here as well. (Already required in
sub-directories w/configure.in)
phampson [Sat, 26 Mar 2005 12:39:19 +0000 (12:39 +0000)]
Escape function names when defining
aland [Sat, 26 Mar 2005 01:17:11 +0000 (01:17 +0000)]
radsqlrelay needs $(INCLTDL)
pnixon [Fri, 25 Mar 2005 17:52:46 +0000 (17:52 +0000)]
Reformat postgresql queries to remove TABS so that they my be copy/pasted directly from logs to psql to make problem solving easier.
pnixon [Fri, 25 Mar 2005 17:10:55 +0000 (17:10 +0000)]
Actually calculate (if AcctStartTime exists) the AcctSessionTime for NASes who do not send AcctSessionTime in Stop packets
mgriego [Fri, 25 Mar 2005 14:41:37 +0000 (14:41 +0000)]
Don't call SSL_CTX_load_verify_locations. This function should only be
used in a client environment as it causes us to load the system's CA list.
In a server environment, we only want to trust *our* CAs. On many systems,
the system CA list contains all known trusted CAs. If we trust these as
a server, we are potentially allowing lots of unknown users who have
legitimate certs from other CAs onto our network.
mgriego [Fri, 25 Mar 2005 14:36:19 +0000 (14:36 +0000)]
POSIX says that if a signal handler returns from handling a SIGSEGV signal,
then the behavior is undefined. On some systems, this results in a SIGSEGV
loop, causing the CPU to go to 100%. Added a case in the singal handler
for SIGSEGV that just exits so that we don't dump core and we don't cause
an infinite loop.
mgriego [Fri, 25 Mar 2005 14:34:06 +0000 (14:34 +0000)]
Implement OpenSSL static locking callbacks. This will allow us to
unserialize access to the EAP submodules. It also ensures that any
other modules that link against OpenSSL (ie ldaps, mysql with SSL, etc)
are truly threadsafe.
phampson [Fri, 25 Mar 2005 14:03:35 +0000 (14:03 +0000)]
-lkstat fix was commited to the (autogenerated) aclocal.m4 by accident.
This is where it belongs.
aland [Thu, 24 Mar 2005 23:38:33 +0000 (23:38 +0000)]
If weird EAP link mode, then link libeap, tls, ttls, and peap
into the server.
aland [Thu, 24 Mar 2005 23:32:04 +0000 (23:32 +0000)]
fix references to record_plus & friends
aland [Thu, 24 Mar 2005 23:04:16 +0000 (23:04 +0000)]
Cleaned up libeap/Makefile, so it uses the module rules.mak,
and not it's own stuff.
Defined magic variable RLM_EAP_LINK_MODE, which should be set
to -static. The server then links, runs, and installs!
aland [Thu, 24 Mar 2005 22:58:11 +0000 (22:58 +0000)]
use: LINK_MODE += foo
rather than: LINK_MODE=foo
to allow modules to over-ride link mode
aland [Thu, 24 Mar 2005 19:10:12 +0000 (19:10 +0000)]
Use REQUEST_MAX_REGEX, and fix same regex bug that was fixed
in revision 1.65 of src/main/valuepair.c
aland [Thu, 24 Mar 2005 17:57:18 +0000 (17:57 +0000)]
Replace everything in libltdl, to "upgrade" to a newer version.
"update" libtool to a newer version.
Update the configure scripts to use newer libtool, and libtldl
WARNING: running "autoreconf" (or, I guess aclocal) will
nuke aclocal.m4. "autoreconf" will work, "./configure" will work,
but the "make" process will fail.
We should really figure out WTF is going on, and fix it...
pnixon [Thu, 24 Mar 2005 11:41:00 +0000 (11:41 +0000)]
Add a verbose logging option
pnixon [Thu, 24 Mar 2005 11:09:13 +0000 (11:09 +0000)]
Insert a uniqueid into AcctSessionId field also, as both Postgresql and Oracle have this field set to NUT NULL. (How did this code ever work with PG??)
pnixon [Thu, 24 Mar 2005 09:24:54 +0000 (09:24 +0000)]
Add Oracle comments
pnixon [Thu, 24 Mar 2005 08:53:10 +0000 (08:53 +0000)]
Add Oracle support
pnixon [Thu, 24 Mar 2005 08:35:30 +0000 (08:35 +0000)]
Add support for Oracle
bjordanov [Thu, 24 Mar 2005 08:04:04 +0000 (08:04 +0000)]
Changed SvTRUE(sv) with SvOK(sv). SvTRUE is _NOT_ what we want.
aland [Thu, 24 Mar 2005 00:10:54 +0000 (00:10 +0000)]
Deleted "component_names" and friends from modules.c, which means
we don't need it in modules.h, and modcall.c shouldn't use it,
but should use it's own (already defined) array.
Simplified code, and updated it, based on use of data structures.
Deleting code & duplicate arrays is good.
pnixon [Wed, 23 Mar 2005 20:35:56 +0000 (20:35 +0000)]
Turn off the build dependency for Oracle "Instant Client" rpms when oracle_support == 0
aland [Wed, 23 Mar 2005 19:34:59 +0000 (19:34 +0000)]
More debug messages to clarify what's going on
aland [Wed, 23 Mar 2005 18:38:44 +0000 (18:38 +0000)]
Minor code cleanups. No functional changes
bjordanov [Wed, 23 Mar 2005 13:45:57 +0000 (13:45 +0000)]
Fixed rlm_perl hash issue. Now we support not only character string in scalar value
taken from %RAD_xxx hashes. Before if you want to return an integer value in RAD_REPLY
you have to say $RAD_REPLY{'Port-Limit'} = "1"; now it is possible to do it without ""
ie $RAD_REPLY{'Port-Limit'} = 1;
pnixon [Tue, 22 Mar 2005 06:07:55 +0000 (06:07 +0000)]
Force set NLS_TIMESTAMP_TZ_FORMAT='YYYY-MM-DD HH24:MI:SS.FF TZH:TZM' on every Oracle connect. (If anyone can think of a better way to do this I am all ears)
aland [Tue, 22 Mar 2005 02:00:52 +0000 (02:00 +0000)]
Removed all references to exit() from the file. We now exit
gracefully from these calls.
aland [Tue, 22 Mar 2005 00:58:10 +0000 (00:58 +0000)]
catch another record_init, missed by the previous commit
aland [Tue, 22 Mar 2005 00:57:11 +0000 (00:57 +0000)]
Removed record_* functions from global visibility.
Moved record_init to end of tls_handshake_send, as it is always
called after tls_handshake_send
aland [Tue, 22 Mar 2005 00:53:13 +0000 (00:53 +0000)]
Moved record_* functions to tls_session_t structure, so that
we can (hopefully) remove all inter-module linking.
It's not done yet (and untested), but TTLS should now NOT require
linking against rlm_eap_tls
pnixon [Mon, 21 Mar 2005 22:00:43 +0000 (22:00 +0000)]
Ooops. Add another space.
pnixon [Mon, 21 Mar 2005 21:53:34 +0000 (21:53 +0000)]
Fix calls to da_sql_limit
pnixon [Mon, 21 Mar 2005 21:50:12 +0000 (21:50 +0000)]
Fix the calls to da_sql_limit
aland [Mon, 21 Mar 2005 21:13:06 +0000 (21:13 +0000)]
"exit $?" instead of "exit 1", to keep error codes
aland [Mon, 21 Mar 2005 21:09:22 +0000 (21:09 +0000)]
Stop if we encounter an error
kkalev [Mon, 21 Mar 2005 17:05:17 +0000 (17:05 +0000)]
Rename the badusers date field to incidentdate to avoid reserved words in databases. Bug found by
Peter Nixon
kkalev [Mon, 21 Mar 2005 13:16:58 +0000 (13:16 +0000)]
Create a new function da_sql_limit() and use that to pass LIMIT arguments to the database layer
since the syntax is different between db vendors
pnixon [Mon, 21 Mar 2005 10:35:47 +0000 (10:35 +0000)]
Trim semicolon from the end of the query if it exists.
nbk [Sun, 20 Mar 2005 19:56:23 +0000 (19:56 +0000)]
The "proxy" and "proxy_reply" cases were missing when new_attribute
is set to yes.
pnixon [Sun, 20 Mar 2005 17:34:15 +0000 (17:34 +0000)]
Look for Oracle10g "Instant Client" installed from RPM
pnixon [Sun, 20 Mar 2005 17:07:25 +0000 (17:07 +0000)]
Add native oracle support (Using the PHP OCI8 driver) to dialupadmin