aland [Mon, 31 Dec 2007 03:31:16 +0000 (03:31 +0000)]
Common headers
aland [Mon, 31 Dec 2007 03:26:59 +0000 (03:26 +0000)]
Add common header to configuration files for "look and feel"
aland [Mon, 31 Dec 2007 03:03:22 +0000 (03:03 +0000)]
Update copyrights for the new year
aland [Mon, 31 Dec 2007 02:57:41 +0000 (02:57 +0000)]
-y is no longer supported. This closes #499
aland [Sun, 30 Dec 2007 08:41:41 +0000 (08:41 +0000)]
Corrected typo
aland [Sat, 29 Dec 2007 12:43:56 +0000 (12:43 +0000)]
include new field
aland [Sat, 29 Dec 2007 05:01:45 +0000 (05:01 +0000)]
Clean up example
aland [Sat, 29 Dec 2007 04:59:00 +0000 (04:59 +0000)]
Make (!foo) work, which is easier to understand than (!(foo))
flush buffers on "print" statement
pay attention to "debug_print", which was previously ignored
aland [Sat, 29 Dec 2007 04:39:31 +0000 (04:39 +0000)]
Set default site for config file
aland [Sat, 29 Dec 2007 04:38:19 +0000 (04:38 +0000)]
Print passwords if we have them
aland [Sat, 29 Dec 2007 04:33:26 +0000 (04:33 +0000)]
rlm_policy has been marked stable. Let's document it's
configuration
aland [Fri, 28 Dec 2007 21:12:08 +0000 (21:12 +0000)]
Added key (which is clear-text... what are they thinking?)
This closes #498
aland [Fri, 28 Dec 2007 21:08:39 +0000 (21:08 +0000)]
Decrement references and free memory on error
aland [Fri, 28 Dec 2007 21:02:14 +0000 (21:02 +0000)]
free memory on error
aland [Fri, 28 Dec 2007 20:58:42 +0000 (20:58 +0000)]
Free memory *after* using it, not before
aland [Fri, 28 Dec 2007 20:50:19 +0000 (20:50 +0000)]
free module structure on error
aland [Fri, 28 Dec 2007 20:48:45 +0000 (20:48 +0000)]
Free listen structure on error
aland [Fri, 28 Dec 2007 20:46:40 +0000 (20:46 +0000)]
free vp on error
aland [Fri, 28 Dec 2007 20:45:37 +0000 (20:45 +0000)]
use new cf_log_info.
free(rc) on error
aland [Fri, 28 Dec 2007 20:42:58 +0000 (20:42 +0000)]
strdup may return NULL
aland [Fri, 28 Dec 2007 20:40:22 +0000 (20:40 +0000)]
Free policy on parse error
aland [Fri, 28 Dec 2007 20:39:30 +0000 (20:39 +0000)]
Fix compiler warnings
aland [Fri, 28 Dec 2007 20:33:50 +0000 (20:33 +0000)]
Close fp on error
aland [Fri, 28 Dec 2007 18:19:38 +0000 (18:19 +0000)]
EAP-IKEv2 is type 49, not 47
make EAP-IKEv2-AuthType integer, not string
aland [Fri, 28 Dec 2007 08:16:13 +0000 (08:16 +0000)]
<sigh> Don't use AC_MSG_ERROR. It's stupid.
aland [Thu, 27 Dec 2007 22:36:21 +0000 (22:36 +0000)]
Don't need config.h
aland [Thu, 27 Dec 2007 22:35:16 +0000 (22:35 +0000)]
Based on Apple's patches to 1.1.4, with changes so that
it might build. (untested)
Much unused code has been deleted. Configure script has been
regenerated.
aland [Thu, 27 Dec 2007 22:10:27 +0000 (22:10 +0000)]
Added minor documentation for rlm_policy
aland [Thu, 27 Dec 2007 21:43:13 +0000 (21:43 +0000)]
It's in wide use in a number of places.
aland [Thu, 27 Dec 2007 21:42:49 +0000 (21:42 +0000)]
Patch from Joe Maimon to add more functionality
aland [Thu, 27 Dec 2007 14:08:37 +0000 (14:08 +0000)]
Add EAP-IKEv2 attributes to the dictionary
aland [Thu, 27 Dec 2007 14:03:54 +0000 (14:03 +0000)]
Add EAP-IKEv2
aland [Thu, 27 Dec 2007 14:02:59 +0000 (14:02 +0000)]
Added sample EAP-IKEv2 configuration.
It's weird... very weird.
aland [Thu, 27 Dec 2007 11:16:17 +0000 (11:16 +0000)]
Added ikev2 from eap-ikev2.sourceforge.net/
Note that chunks of the code are copied from elsewhere in
FreeRADIUS, without properly acknowledging copyright. This has
been addressed in this checkin.
Other issues that need fixing:
- remove // comments
- fix variables declared in the middle of a function
- remove "getusersfile" function. It is *completely*
unnecessary
- code formatting and cleanups
The configuration has NOT been added. That will be done
in a separate commit
aland [Thu, 27 Dec 2007 09:17:22 +0000 (09:17 +0000)]
Remove support for deprecated command-line options
aland [Thu, 27 Dec 2007 05:51:08 +0000 (05:51 +0000)]
Move log_foo into log { foo .. } for clarity.
Allow old-style log_foo for backwards compatibility.
aland [Thu, 27 Dec 2007 05:46:20 +0000 (05:46 +0000)]
Make the log directory only if we're not in debugging mode
aland [Thu, 27 Dec 2007 05:44:40 +0000 (05:44 +0000)]
Removed useless message
aland [Thu, 27 Dec 2007 05:41:40 +0000 (05:41 +0000)]
Replaced DEBUG2 stuff with log of config/modules, to make it
clear what's going on, and to have one point of control for
logging information
aland [Wed, 26 Dec 2007 16:34:07 +0000 (16:34 +0000)]
Added new "policy.conf" to permit simplified configuration of
policies
aland [Wed, 26 Dec 2007 16:12:42 +0000 (16:12 +0000)]
Virtual modules that are groups to themselves are called
"policies"
aland [Wed, 26 Dec 2007 16:05:23 +0000 (16:05 +0000)]
Don't get excited if virtual modules have only one name.
Handle them as simple groups.
aland [Wed, 26 Dec 2007 15:29:44 +0000 (15:29 +0000)]
document escaping of strings
aland [Wed, 26 Dec 2007 03:38:26 +0000 (03:38 +0000)]
Not needed any more
aland [Tue, 25 Dec 2007 08:31:01 +0000 (08:31 +0000)]
No one is using this module. It doesn't build, and it
implements an *old* version of the specification, not the final
one. As a result, it shouldn't be here.
aland [Tue, 25 Dec 2007 08:28:43 +0000 (08:28 +0000)]
Free memory after use. Patch from Jouni Malinen, with
minor edits
aland [Tue, 25 Dec 2007 08:26:25 +0000 (08:26 +0000)]
Free memory after we're done using it, not before.
Patch from Jouni Malinen
aland [Tue, 25 Dec 2007 08:21:56 +0000 (08:21 +0000)]
Corrected typo. Patch from Jouni Malinen
aland [Tue, 25 Dec 2007 08:19:38 +0000 (08:19 +0000)]
Call va_end() after va_start(). Patch from Jouni Malinen
aland [Tue, 25 Dec 2007 08:18:56 +0000 (08:18 +0000)]
Free packet on return. Patch from Jouni Malinen
aland [Tue, 25 Dec 2007 08:17:26 +0000 (08:17 +0000)]
Free packet on OOM
pnixon [Sun, 23 Dec 2007 16:22:11 +0000 (16:22 +0000)]
Reformat
pnixon [Sun, 23 Dec 2007 13:54:55 +0000 (13:54 +0000)]
Fix paths to work with new layout
aland [Thu, 20 Dec 2007 15:33:03 +0000 (15:33 +0000)]
Use less data from the PRNG when creating State.
aland [Tue, 18 Dec 2007 08:15:11 +0000 (08:15 +0000)]
Use new wpabuf API for handling buffers.
Correctly initialize handler
Check for more corner cases
aland [Tue, 18 Dec 2007 01:30:48 +0000 (01:30 +0000)]
First RFC!
aland [Mon, 17 Dec 2007 16:16:14 +0000 (16:16 +0000)]
updated "last updated" field
aland [Mon, 17 Dec 2007 16:12:33 +0000 (16:12 +0000)]
Fixed typos and cross-references
aland [Mon, 17 Dec 2007 14:57:20 +0000 (14:57 +0000)]
Free memory
aland [Mon, 17 Dec 2007 12:30:42 +0000 (12:30 +0000)]
Casts to quiet compiler
aland [Mon, 17 Dec 2007 12:29:30 +0000 (12:29 +0000)]
Use FR_DIR_SEP
aland [Mon, 17 Dec 2007 12:22:50 +0000 (12:22 +0000)]
Added vp_print_name(). Made vp_prints() use it if !name
Made paircreate() use it, too.
aland [Mon, 17 Dec 2007 10:43:38 +0000 (10:43 +0000)]
Use radius_pairmake, not pairmake.
#ifdef __APPLE__
aland [Mon, 17 Dec 2007 10:32:30 +0000 (10:32 +0000)]
Added more 'const'
aland [Mon, 17 Dec 2007 07:49:42 +0000 (07:49 +0000)]
Fix compiler warnings
aland [Mon, 17 Dec 2007 07:45:46 +0000 (07:45 +0000)]
Added more 'const'
aland [Mon, 17 Dec 2007 07:39:31 +0000 (07:39 +0000)]
Added more 'const'
aland [Mon, 17 Dec 2007 07:38:37 +0000 (07:38 +0000)]
Fix compiler warnings
aland [Mon, 17 Dec 2007 06:45:34 +0000 (06:45 +0000)]
Require client cert for TLS
aland [Sun, 16 Dec 2007 08:37:56 +0000 (08:37 +0000)]
Catch and deny multiple levels of TLS nesting
aland [Sun, 16 Dec 2007 08:31:30 +0000 (08:31 +0000)]
Re-arranged and re-named code to convert VP's to EAP packets,
and vice-versa.
Removed complaints about TLS inside of TLS methods, as it now
works
Relaxed restrictions on matching EAP sessions.
aland [Sun, 16 Dec 2007 08:26:56 +0000 (08:26 +0000)]
If we're inside of a TLS tunnel, don't require a client
certificate. I'm not sure how the user gets authenticated,
but it's what hostapd does...
aland [Sun, 16 Dec 2007 07:33:52 +0000 (07:33 +0000)]
Added python
aland [Sat, 15 Dec 2007 21:43:45 +0000 (21:43 +0000)]
Fix more warnings
aland [Sat, 15 Dec 2007 21:26:51 +0000 (21:26 +0000)]
get rid of more warnings
aland [Sat, 15 Dec 2007 21:25:46 +0000 (21:25 +0000)]
get rid of warning messages
aland [Sat, 15 Dec 2007 21:10:48 +0000 (21:10 +0000)]
Corrected typo
aland [Sat, 15 Dec 2007 21:03:34 +0000 (21:03 +0000)]
More 'const' fixes
aland [Sat, 15 Dec 2007 20:45:09 +0000 (20:45 +0000)]
Added more 'const'
aland [Sat, 15 Dec 2007 20:41:39 +0000 (20:41 +0000)]
get rid of more warnings
aland [Sat, 15 Dec 2007 20:40:01 +0000 (20:40 +0000)]
More 'const'
aland [Sat, 15 Dec 2007 20:39:45 +0000 (20:39 +0000)]
Added more 'const'
aland [Sat, 15 Dec 2007 19:40:30 +0000 (19:40 +0000)]
Moved #ifdef's to before where they're used
Added more #ifdef's to define things only if they're used
aland [Sat, 15 Dec 2007 18:10:53 +0000 (18:10 +0000)]
fix compile warnings
aland [Sat, 15 Dec 2007 18:01:32 +0000 (18:01 +0000)]
Fixed structure from char* to const char*, and added
initializers.
aland [Sat, 15 Dec 2007 17:05:46 +0000 (17:05 +0000)]
Cleaned up conf file reading, continuation handling, etc.
aland [Sat, 15 Dec 2007 15:29:26 +0000 (15:29 +0000)]
removed dependency on strtok
aland [Sat, 15 Dec 2007 15:18:57 +0000 (15:18 +0000)]
Pulled from GNU. This closes bug #496
aland [Sat, 15 Dec 2007 15:13:29 +0000 (15:13 +0000)]
Allow tunnel password encrypted attributes in
Accounting-Request, Disconnect-Request, and CoA-Request, too
aland [Sat, 15 Dec 2007 14:56:10 +0000 (14:56 +0000)]
Fixes to allegedly make it work on more systems
aland [Thu, 13 Dec 2007 17:55:00 +0000 (17:55 +0000)]
The last change seems to break things. Don't use it...
aland [Thu, 13 Dec 2007 14:45:35 +0000 (14:45 +0000)]
Initialize fake->client, too. If not done, this affects
TTLS and PEAP
aland [Thu, 13 Dec 2007 14:40:46 +0000 (14:40 +0000)]
Fixed typo. it's &&, not &
aland [Thu, 13 Dec 2007 10:03:25 +0000 (10:03 +0000)]
Document %{mschap:User-Name}
aland [Tue, 11 Dec 2007 13:43:37 +0000 (13:43 +0000)]
Notes on eap2
aland [Tue, 11 Dec 2007 13:17:55 +0000 (13:17 +0000)]
Don't load TLS if it's not necessary.
aland [Tue, 11 Dec 2007 10:53:30 +0000 (10:53 +0000)]
Allow configuration file to control what EAP types are permitted
outside of the tunnel
aland [Tue, 11 Dec 2007 07:58:34 +0000 (07:58 +0000)]
Added second EAP module which uses the hostap libeap to do it's
work.
Some issues:
- you have to build hosteap/eap_example/libeap.so yourself
- if libeap.so is build with TLS, this module REQUIRES tls
(certs, etc) and WILL NOT run without it
- you CANNOT control inner or outer tunneled methods, except
by editing the source to this module and (perhaps) the
hostap Makefiles
- the "inner tunnel" sessions are NOT run through a virtual
server as with rlm_eap. This MUST be fixed for production use
- as a result, the inner tunnele sessions CANNOT be proxied,
and they CANNOT have a separate policy applied to them
- you MUST set "Auth-Type = eap2" manually.
- you will have to edit this Makefile yourself to get it to
build. No "configure" script is supplied
aland [Mon, 10 Dec 2007 16:07:30 +0000 (16:07 +0000)]
Now that we have request->client, we don't need client_find()
as much
aland [Sun, 9 Dec 2007 22:17:51 +0000 (22:17 +0000)]
let's free memory...