Alan T. DeKok [Tue, 8 Apr 2014 13:22:58 +0000 (09:22 -0400)]
Note recent changes
Arran Cudbard-Bell [Tue, 8 Apr 2014 07:29:19 +0000 (08:29 +0100)]
Refuse to start with OpenSSL 1.0.1 - 1.0.1f
Arran Cudbard-Bell [Tue, 8 Apr 2014 08:39:41 +0000 (09:39 +0100)]
Revert "Patch for OpenSSL insanity"
This reverts commit
a3445ff46490af5b4064347cec76995f902ba5b3.
Alan T. DeKok [Mon, 7 Apr 2014 22:03:42 +0000 (18:03 -0400)]
Patch for OpenSSL insanity
https://www.openssl.org/news/secadv_20140407.txt
Alan T. DeKok [Mon, 7 Apr 2014 21:10:19 +0000 (17:10 -0400)]
Limit output. Fixes CID #1197124
Alan T. DeKok [Mon, 7 Apr 2014 21:08:03 +0000 (17:08 -0400)]
Don't return pointer out of scope.
Fixes CID #1197126
Alan T. DeKok [Mon, 7 Apr 2014 18:28:19 +0000 (14:28 -0400)]
Clean up packets which are ONLY in the proxy hash
Alan T. DeKok [Mon, 7 Apr 2014 18:21:20 +0000 (14:21 -0400)]
De-reference based on proxy, not packet
Alan T. DeKok [Mon, 7 Apr 2014 18:13:18 +0000 (14:13 -0400)]
More generic coa separation
Alan T. DeKok [Mon, 7 Apr 2014 17:59:52 +0000 (13:59 -0400)]
Move #ifdef wrapper. The child state is always updated
Arran Cudbard-Bell [Mon, 7 Apr 2014 17:45:31 +0000 (18:45 +0100)]
We only have child_pid and child_state when building with threads
Arran Cudbard-Bell [Mon, 7 Apr 2014 17:32:14 +0000 (18:32 +0100)]
Fix merge issue...
Arran Cudbard-Bell [Mon, 7 Apr 2014 17:02:35 +0000 (18:02 +0100)]
Move sysresource.h include
Alan T. DeKok [Mon, 7 Apr 2014 16:11:33 +0000 (12:11 -0400)]
More fixes for CoA
When we've proxied it, mark it as no child thread.
When we fail it, set it DONE
Alan T. DeKok [Mon, 7 Apr 2014 16:07:01 +0000 (12:07 -0400)]
Use proper value for DONE
Alan T. DeKok [Mon, 7 Apr 2014 15:56:36 +0000 (11:56 -0400)]
Print message if the CoA server didn't respond
When originating a CoA request
Arran Cudbard-Bell [Mon, 7 Apr 2014 15:54:49 +0000 (16:54 +0100)]
Typo
Arran Cudbard-Bell [Mon, 7 Apr 2014 15:21:26 +0000 (16:21 +0100)]
Move fr_set_dumpable code into debug.c, it's useful for utilities too
Arran Cudbard-Bell [Mon, 7 Apr 2014 15:20:43 +0000 (16:20 +0100)]
If we can figure out which binary is being used for panic_action ensure it's not world writeable to stop exploit vectors involving exec
Alan T. DeKok [Mon, 7 Apr 2014 15:39:15 +0000 (11:39 -0400)]
Doxygen
Alan T. DeKok [Mon, 7 Apr 2014 15:18:28 +0000 (11:18 -0400)]
Note recent changes
Alan T. DeKok [Mon, 7 Apr 2014 15:16:58 +0000 (11:16 -0400)]
Handle more corner cases with CoA cleanups
Alan T. DeKok [Mon, 7 Apr 2014 14:59:57 +0000 (10:59 -0400)]
Better checks for cleaning up requests on exit
Alan T. DeKok [Mon, 7 Apr 2014 14:59:30 +0000 (10:59 -0400)]
radius_copy_packet for coa->packet instead of memcpy.
Avoids talloc errors
Alan T. DeKok [Mon, 7 Apr 2014 14:52:13 +0000 (10:52 -0400)]
Set parent of VP properly.
Alan T. DeKok [Mon, 7 Apr 2014 14:39:36 +0000 (10:39 -0400)]
Enable -D, and document it in -h
Alan T. DeKok [Mon, 7 Apr 2014 13:06:08 +0000 (09:06 -0400)]
Remove pointless debug message
Alan T. DeKok [Mon, 7 Apr 2014 13:03:21 +0000 (09:03 -0400)]
radius_verify() to recursively check talloc relationships
Alan T. DeKok [Mon, 7 Apr 2014 12:54:17 +0000 (08:54 -0400)]
fake->packet has parent fake, not request
Alan T. DeKok [Mon, 7 Apr 2014 12:41:01 +0000 (08:41 -0400)]
Added copy packet functionality
Mainly for CoA. May be useful elsewhere
Alan T. DeKok [Mon, 7 Apr 2014 01:29:20 +0000 (21:29 -0400)]
When separating coa requests, talloc_steal them, too
Arran Cudbard-Bell [Mon, 7 Apr 2014 11:37:56 +0000 (12:37 +0100)]
Update ChangeLog
Arran Cudbard-Bell [Mon, 7 Apr 2014 10:24:47 +0000 (11:24 +0100)]
Use a mutex around writing to the SQL log
fcntl locks aren't reflected internally within the process that created them, even if it's a completely different thread is attempting to log the file descriptor
Arran Cudbard-Bell [Mon, 7 Apr 2014 08:17:43 +0000 (09:17 +0100)]
Print the name of the VALUE_PAIR with the inconsistent value pointer
Arran Cudbard-Bell [Mon, 7 Apr 2014 08:12:42 +0000 (09:12 +0100)]
Formatting
Arran Cudbard-Bell [Sun, 6 Apr 2014 21:24:52 +0000 (22:24 +0100)]
Add special handlers for SIGUSR1 and SIGUSR2
Arran Cudbard-Bell [Sun, 6 Apr 2014 21:00:56 +0000 (22:00 +0100)]
Make pairtypeset private
It's too evil to be in the public name space
Arran Cudbard-Bell [Sun, 6 Apr 2014 20:26:05 +0000 (21:26 +0100)]
Make soft asserts less soft in debug builds
Arran Cudbard-Bell [Sun, 6 Apr 2014 19:51:01 +0000 (20:51 +0100)]
Move more things to doing pairmemcpy instead of calling individual functions
Arran Cudbard-Bell [Sun, 6 Apr 2014 17:19:29 +0000 (18:19 +0100)]
Rename daemon_mode to daemonize to be consistent with radsniff, which also operates as a daemon
Arran Cudbard-Bell [Sun, 6 Apr 2014 09:19:25 +0000 (10:19 +0100)]
CID 1197122
Arran Cudbard-Bell [Sun, 6 Apr 2014 09:16:55 +0000 (10:16 +0100)]
CID 1197124
Arran Cudbard-Bell [Sun, 6 Apr 2014 09:11:10 +0000 (10:11 +0100)]
CID 1197128
Arran Cudbard-Bell [Sun, 6 Apr 2014 08:49:53 +0000 (09:49 +0100)]
Fix coverity scan token
Arran Cudbard-Bell [Sun, 6 Apr 2014 08:16:02 +0000 (09:16 +0100)]
Add note, regarding macro which was removed from libradius.h
Alan T. DeKok [Sun, 6 Apr 2014 01:50:27 +0000 (21:50 -0400)]
Limit zombie period start. Fixes #579
If we've received a packet in the last 1/4 zombie period, don't
go to zombie. If the last packet was earlier than that, set
the zombie period start to that time.
We don't set it to home->last_packet, because that could have
been minutes or hours in the past
Alan T. DeKok [Sat, 5 Apr 2014 17:04:02 +0000 (13:04 -0400)]
Mark zombie alive if it responses to status-server. Fixes #579
Alan T. DeKok [Sat, 5 Apr 2014 16:55:40 +0000 (12:55 -0400)]
note recent changes
Alan T. DeKok [Sat, 5 Apr 2014 15:51:40 +0000 (11:51 -0400)]
If we can't originate the CoA request, just free it
Alan T. DeKok [Sat, 5 Apr 2014 15:43:05 +0000 (11:43 -0400)]
If we're updating a CoA list, auto-create it.
Alan T. DeKok [Sat, 5 Apr 2014 14:14:23 +0000 (10:14 -0400)]
Whoops... not all regexes are precompiled
Alan T. DeKok [Sat, 5 Apr 2014 14:12:09 +0000 (10:12 -0400)]
Allow unpack to take hex data, too
Alan T. DeKok [Sat, 5 Apr 2014 13:46:08 +0000 (09:46 -0400)]
Remove commented-out code
Arran Cudbard-Bell [Sat, 5 Apr 2014 11:07:59 +0000 (12:07 +0100)]
Move comment
Arran Cudbard-Bell [Sat, 5 Apr 2014 11:05:40 +0000 (12:05 +0100)]
Add test for mixing foreaches and regexes
Arran Cudbard-Bell [Sat, 5 Apr 2014 10:08:15 +0000 (11:08 +0100)]
Put old code back which actually worked...
Arran Cudbard-Bell [Sat, 5 Apr 2014 08:24:34 +0000 (09:24 +0100)]
Need rad_assert.h
Arran Cudbard-Bell [Sat, 5 Apr 2014 08:19:41 +0000 (09:19 +0100)]
Use STDIN for STDOUT for PANIC_ACTION in travis
Arran Cudbard-Bell [Sat, 5 Apr 2014 08:12:26 +0000 (09:12 +0100)]
Fix issues in radlog_init
Alan T. DeKok [Sat, 5 Apr 2014 03:14:45 +0000 (23:14 -0400)]
Fix failing tests.
Apparently radclient was fixed to not crash, but unittest wasn't.
So... make the code identical.
Alan T. DeKok [Sat, 5 Apr 2014 03:05:23 +0000 (23:05 -0400)]
Don't call function for 2 lines of code
Alan T. DeKok [Sat, 5 Apr 2014 02:59:55 +0000 (22:59 -0400)]
Move STDIN / STDOUT mangling to radlog_init()
Which means fewer global functions that have only one caller,
and all of the STDIN / STDOUT mangling is now encapsulated in
log.c
Alan T. DeKok [Sat, 5 Apr 2014 02:27:45 +0000 (22:27 -0400)]
Rename "dont_fork" to "daemon_mode"
Positive statements are easier to reason about. This is demonstrated
by the redundant "if (dont_fork == false)" checks, and the check
for foreground_mode which actually checks for daemon mode.
Alan T. DeKok [Sat, 5 Apr 2014 02:27:32 +0000 (22:27 -0400)]
"signal" is a C library function, not a variable
Alan T. DeKok [Fri, 4 Apr 2014 20:34:39 +0000 (16:34 -0400)]
Note recent changes
Arran Cudbard-Bell [Fri, 4 Apr 2014 23:48:04 +0000 (00:48 +0100)]
Restore stderr/stdout before calling panic_action (if in foreground mode)
Rename fr_log_t field dest to dst to match the macros
Arran Cudbard-Bell [Fri, 4 Apr 2014 15:49:24 +0000 (16:49 +0100)]
Don't need to print the talloc message twice
Arran Cudbard-Bell [Fri, 4 Apr 2014 15:49:02 +0000 (16:49 +0100)]
radclient doesn't support xlats, so we need to hack around any filter pairs marked as requiring expansion
Arran Cudbard-Bell [Fri, 4 Apr 2014 15:47:36 +0000 (16:47 +0100)]
Sync master:src/lib/valuepair.c and v3.0.x:src/lib/valuepair.c
Alan T. DeKok [Fri, 4 Apr 2014 15:10:06 +0000 (11:10 -0400)]
Handle syslog, too
Alan T. DeKok [Fri, 4 Apr 2014 14:54:21 +0000 (10:54 -0400)]
Enumerate all of the possibilities for -l FOO and -x
Arran Cudbard-Bell [Fri, 4 Apr 2014 14:35:16 +0000 (15:35 +0100)]
Allow the 'global' packet type in requests to be overridden in radclient
Allow the expected response to be overridden in radclient
Base exit code on lost packets and packets which failed filters instead of receiving Access-Accepts
Alan T. DeKok [Fri, 4 Apr 2014 14:17:11 +0000 (10:17 -0400)]
If log isn't stdout, ALWAYS set stdout to /dev/null
Alan T. DeKok [Fri, 4 Apr 2014 13:43:26 +0000 (09:43 -0400)]
Grab the default group from the main config
Alan T. DeKok [Thu, 3 Apr 2014 20:54:13 +0000 (16:54 -0400)]
Module methods are mod_foo
Arran Cudbard-Bell [Fri, 4 Apr 2014 13:00:32 +0000 (14:00 +0100)]
Doxygen
Arran Cudbard-Bell [Fri, 4 Apr 2014 11:42:14 +0000 (12:42 +0100)]
Set types correctly on talloced VALUE_PAIR buffers
Arran Cudbard-Bell [Fri, 4 Apr 2014 11:39:42 +0000 (12:39 +0100)]
We always need stderr to go to the terminal so we can interact with the debugger
Arran Cudbard-Bell [Fri, 4 Apr 2014 10:51:33 +0000 (11:51 +0100)]
Typo
Arran Cudbard-Bell [Fri, 4 Apr 2014 10:51:21 +0000 (11:51 +0100)]
Use custom callback for talloc aborts to make panic_action work with lldb better
Arran Cudbard-Bell [Fri, 4 Apr 2014 08:59:18 +0000 (09:59 +0100)]
Use batch instead of -silent to avoid interactive prompts in travis GDB...
Arran Cudbard-Bell [Fri, 4 Apr 2014 09:18:43 +0000 (10:18 +0100)]
Sync packet code definitions with master
Arran Cudbard-Bell [Fri, 4 Apr 2014 08:54:30 +0000 (09:54 +0100)]
Reverse arguments to base64 encode/decode functions
Arran Cudbard-Bell [Fri, 4 Apr 2014 07:33:17 +0000 (08:33 +0100)]
Formatting in libradius.h
Arran Cudbard-Bell [Fri, 4 Apr 2014 07:22:13 +0000 (08:22 +0100)]
Check dynamically allocated value buffers in VERIFY_VP macro
Arran Cudbard-Bell [Thu, 3 Apr 2014 17:32:04 +0000 (18:32 +0100)]
Add .gitignore for rlm_unbound
Arran Cudbard-Bell [Thu, 3 Apr 2014 16:09:58 +0000 (17:09 +0100)]
Fix merge issues in configure.ac
Arran Cudbard-Bell [Thu, 3 Apr 2014 14:07:28 +0000 (15:07 +0100)]
Add macro for checking the validity of a radius packet code
Arran Cudbard-Bell [Thu, 3 Apr 2014 13:49:25 +0000 (14:49 +0100)]
Add missing rlm_unbound config.h.in
Alan T. DeKok [Thu, 3 Apr 2014 13:45:51 +0000 (09:45 -0400)]
The character is unsigned. Fixes #578
Alan T. DeKok [Thu, 3 Apr 2014 13:31:55 +0000 (09:31 -0400)]
If we update, return code is updated
Arran Cudbard-Bell [Thu, 3 Apr 2014 12:32:36 +0000 (13:32 +0100)]
Make execinfo check smarter, so it requires the headers and symbols both be present in some form to use execinfo Closes #577
Fix typo in PCRE checks
Conflicts:
configure
configure.ac
Arran Cudbard-Bell [Thu, 3 Apr 2014 04:56:13 +0000 (05:56 +0100)]
FreeBSD fixes
Alan T. DeKok [Thu, 3 Apr 2014 00:43:42 +0000 (20:43 -0400)]
Use the same group as used by the server core
Alan T. DeKok [Thu, 3 Apr 2014 00:43:24 +0000 (20:43 -0400)]
Return noop if we don't do anything
Alan T. DeKok [Thu, 3 Apr 2014 00:33:31 +0000 (20:33 -0400)]
Cleaned up default example
Alan T. DeKok [Wed, 2 Apr 2014 22:09:51 +0000 (18:09 -0400)]
Fix comments
Alan T. DeKok [Wed, 2 Apr 2014 21:14:47 +0000 (17:14 -0400)]
Make the names consistent
Alan T. DeKok [Wed, 2 Apr 2014 14:36:39 +0000 (10:36 -0400)]
Use the dhcp configuration directive
Alan T. DeKok [Wed, 2 Apr 2014 14:36:25 +0000 (10:36 -0400)]
Use the common naming scheme