Phil Mayers [Fri, 24 Jun 2011 14:46:18 +0000 (15:46 +0100)]
examples of Doxygen on the source base
Alan T. DeKok [Fri, 24 Jun 2011 10:41:17 +0000 (12:41 +0200)]
fclose() frees buffers, too
Alan T. DeKok [Tue, 21 Jun 2011 12:17:19 +0000 (14:17 +0200)]
Simplify TCP socket timers.
All timers are now handled by one function, which makes it easier
to understand.
Alan T. DeKok [Tue, 21 Jun 2011 10:28:33 +0000 (12:28 +0200)]
TCP connections don't ping home servers.
Instead, we should send pings per CONNECTION, not per SERVER.
Alan T. DeKok [Tue, 21 Jun 2011 10:26:34 +0000 (12:26 +0200)]
Program name isn't available here
Will fix it later
Alan T. DeKok [Tue, 21 Jun 2011 09:23:56 +0000 (11:23 +0200)]
If a child process gets a signal to exit, then just exit.
Alan T. DeKok [Tue, 21 Jun 2011 09:22:36 +0000 (11:22 +0200)]
Print out *which* program is causing the delay
Alan T. DeKok [Tue, 21 Jun 2011 07:06:38 +0000 (09:06 +0200)]
Fix > vs >= bug
Alan T. DeKok [Mon, 20 Jun 2011 14:57:14 +0000 (16:57 +0200)]
Don't go too far ahead
if (..){
is OK. The previous code skipped over the curly brace, assuming
that it was there... the code to check for syntax errors assumed
that the curly brace was not skipped over. This change fixes
that conflict
Alan T. DeKok [Sun, 19 Jun 2011 10:02:41 +0000 (12:02 +0200)]
Start of work to remove need for libtool && libltdl
For now, we rely on gcc to do most of the heavy lifting for us.
This hinders portability, but people can always fall back to
libtool.
Alan T. DeKok [Sun, 19 Jun 2011 08:37:44 +0000 (10:37 +0200)]
More hacks to make dlopen() work natively
Alan T. DeKok [Thu, 16 Jun 2011 10:53:37 +0000 (12:53 +0200)]
Be more stringent about unexpected text
Alan T. DeKok [Wed, 15 Jun 2011 09:39:54 +0000 (11:39 +0200)]
Releases don't get replied to
Alan T. DeKok [Wed, 15 Jun 2011 08:49:58 +0000 (10:49 +0200)]
Document "max_outstanding" for home servers
Alan T. DeKok [Wed, 15 Jun 2011 08:34:21 +0000 (10:34 +0200)]
Look inside of virtuals for homes
This allows home servers to be tied to virtuals
Alan T. DeKok [Wed, 15 Jun 2011 08:31:31 +0000 (10:31 +0200)]
Tie virtual servers to home servers
If a home is defined in a virtual, proxying from that
virtual will use globally defined homes, OR homes specific
to that virtual
Alan T. DeKok [Wed, 15 Jun 2011 08:21:51 +0000 (10:21 +0200)]
Track parent virtual server in home server.
This will eventually let home servers be defined for each
virtual server. Right now, it doesn't yet work.
Alan T. DeKok [Wed, 15 Jun 2011 08:00:29 +0000 (10:00 +0200)]
Make home servers unique by source IP, too
Alan T. DeKok [Tue, 14 Jun 2011 06:10:28 +0000 (08:10 +0200)]
Allow policies by section
authorize {
foo
}
will look for first:
policy {
foo.authorize {
...
}
}
and then
policy {
foo {
...
}
}
This allows section-specific overrides for policies and modules.
Alan T. DeKok [Mon, 13 Jun 2011 09:31:47 +0000 (11:31 +0200)]
Allow policies to refer to modules of the same name
policy {
files {
files
...
}
}
Means that you can over-ride the behavior of the "files" module,
and add anything else you need.
Alan T. DeKok [Sun, 12 Jun 2011 04:41:57 +0000 (06:41 +0200)]
New modules && configs for v2.1.11
Alan T. DeKok [Fri, 10 Jun 2011 13:17:45 +0000 (15:17 +0200)]
Convert BEGIN-TLV to tlv.attr
Alan T. DeKok [Fri, 10 Jun 2011 13:16:16 +0000 (15:16 +0200)]
Fix data types
Alan T. DeKok [Fri, 10 Jun 2011 12:52:57 +0000 (14:52 +0200)]
Make "cadir" and "certdir" globals
Alan T. DeKok [Wed, 8 Jun 2011 16:07:35 +0000 (18:07 +0200)]
Remove unnecessary assertion
Alan T. DeKok [Tue, 7 Jun 2011 21:30:31 +0000 (23:30 +0200)]
Fix build issues
Alan T. DeKok [Tue, 7 Jun 2011 16:51:48 +0000 (18:51 +0200)]
Make the certificates on initial install
So that the server doesn't block when it first starts up
Alan T. DeKok [Tue, 7 Jun 2011 16:51:22 +0000 (18:51 +0200)]
Don't look for eap.conf, etc.
they've been moved to the "modules" directory
Alan T. DeKok [Tue, 7 Jun 2011 09:18:44 +0000 (11:18 +0200)]
Fix typo. Closes bug #150
Alan T. DeKok [Sun, 5 Jun 2011 16:15:05 +0000 (18:15 +0200)]
Note existence of "inner-tunnel"
So that people remember to edit it, too
Alan T. DeKok [Fri, 3 Jun 2011 08:27:11 +0000 (10:27 +0200)]
Split request_receive() into two functions.
One is for sockets, and enforces limits, duplicates, etc.
The other allocates the request and inserts it into the queue,
independent of limits. This is called directly by the detail
file reader
Alan T. DeKok [Fri, 3 Jun 2011 08:23:48 +0000 (10:23 +0200)]
Make RADCLIENT always have stats structures
It's simpler.
Alan T. DeKok [Fri, 3 Jun 2011 08:19:58 +0000 (10:19 +0200)]
Removed unused prototypes
Alan T. DeKok [Fri, 3 Jun 2011 08:19:01 +0000 (10:19 +0200)]
Fix GCD code for new process functionality
Alan T. DeKok [Fri, 3 Jun 2011 08:08:58 +0000 (10:08 +0200)]
Updated year
Alan T. DeKok [Tue, 31 May 2011 19:21:23 +0000 (21:21 +0200)]
Added MS-CHAP-V2
Alan T. DeKok [Tue, 31 May 2011 18:39:42 +0000 (20:39 +0200)]
Last set of vp_print fixes
Alan T. DeKok [Tue, 31 May 2011 11:20:12 +0000 (13:20 +0200)]
Move \t into vp_print, just like the last commit
Alan T. DeKok [Tue, 31 May 2011 07:32:20 +0000 (09:32 +0200)]
vp_print should add a "\n" to the end
All callers already do this, so it's best to move that code
into vp_print
Alan T. DeKok [Mon, 30 May 2011 15:14:18 +0000 (17:14 +0200)]
Revert most of the "checked_write" code.
It apparently caused crashes on some machines. This code
reverts (mostly) back to the original code which worked, but
it should also notice when the disk is full, and return FAIL
Alan T. DeKok [Sat, 28 May 2011 15:58:09 +0000 (17:58 +0200)]
Added support for "break"
Alan T. DeKok [Sat, 28 May 2011 10:48:25 +0000 (12:48 +0200)]
Make copy of "foreach" variable
This lets it be deleted or modified in the loop, without changing
the value of the variable being looped over.
i.e. the variable being looped over can't be modified. But the
underlying attribute can be deleted or free'd, and the server
won't crash
Alan T. DeKok [Sat, 28 May 2011 08:36:11 +0000 (10:36 +0200)]
Make debug output easier to read.
Print group names, value of "foreach" variables, and change
punctuation to whitespace (which is easier to read)
Alan T. DeKok [Fri, 27 May 2011 12:49:17 +0000 (14:49 +0200)]
Document the "locking" configuration item
Alan T. DeKok [Fri, 27 May 2011 11:08:03 +0000 (13:08 +0200)]
Fix typo
Alan T. DeKok [Fri, 27 May 2011 10:58:39 +0000 (12:58 +0200)]
Added "foreach" to unlang
There's no "break" yet.
Alan T. DeKok [Fri, 27 May 2011 08:47:09 +0000 (10:47 +0200)]
Make home server coa config match raddb/proxy.conf
Alan T. DeKok [Thu, 26 May 2011 11:59:10 +0000 (13:59 +0200)]
Bump buffer size for regex matches
Alan T. DeKok [Thu, 26 May 2011 08:54:25 +0000 (10:54 +0200)]
Terminate string when using %{Attribute-Name[*]}
Alan T. DeKok [Wed, 25 May 2011 12:56:02 +0000 (14:56 +0200)]
Fix API for 3.0
Alan T. DeKok [Wed, 25 May 2011 12:42:34 +0000 (14:42 +0200)]
Handle CHAP-Challenge
Alan T. DeKok [Wed, 25 May 2011 10:31:25 +0000 (12:31 +0200)]
Use rlm_redis CFLAGS and LDFLAGS
This lets the module build
Alan T. DeKok [Wed, 25 May 2011 09:46:06 +0000 (11:46 +0200)]
Mark "replicate" as stable
Alan T. DeKok [Wed, 25 May 2011 09:43:35 +0000 (11:43 +0200)]
Ensure AF for src IP matches AF for dst IP
Alan T. DeKok [Wed, 25 May 2011 09:43:12 +0000 (11:43 +0200)]
Make it build && work.
Apparently infinite loops are bad. Who knew?
Alan T. DeKok [Wed, 25 May 2011 08:52:35 +0000 (10:52 +0200)]
Make errors more prominent
Alan T. DeKok [Wed, 25 May 2011 08:21:41 +0000 (10:21 +0200)]
Initial version of rlm_replicate
Allows replication of packets (send without response),
to multiple destinations.
Alan T. DeKok [Tue, 24 May 2011 12:35:40 +0000 (14:35 +0200)]
This attribute is string. Closes #160
Alan T. DeKok [Mon, 23 May 2011 14:06:50 +0000 (16:06 +0200)]
Print, parse, and encode, decode "long" attributes
Alexander Clouter [Mon, 23 May 2011 10:43:04 +0000 (11:43 +0100)]
debian/patches/dialupadmin-help.diff wrong filename
'dpkg-buildpackage -b -us -uc -rfakeroot' grumbles as the following file
no longer exists. The patch fixes things, but it might be worth
'resync'ing as the large upstream Debian resync was Dec 2009 (
5ed6809a).
Signed-off-by: Alexander Clouter <alex@digriz.org.uk>
Alan T. DeKok [Mon, 23 May 2011 10:15:09 +0000 (12:15 +0200)]
Set limits on string/octet attributes
Alan T. DeKok [Mon, 23 May 2011 09:32:44 +0000 (11:32 +0200)]
Added dependencies so "make attrs" will automagically make radattr
Alan T. DeKok [Sat, 21 May 2011 06:53:19 +0000 (08:53 +0200)]
Catch more corner cases
Memory leak in esoteric circumstances.
"long" data wasn't handled properly.
Alan T. DeKok [Fri, 20 May 2011 13:48:50 +0000 (15:48 +0200)]
Build client certs for TLS
Alan T. DeKok [Fri, 20 May 2011 08:11:32 +0000 (10:11 +0200)]
Don't build radeapclient for now
Alan T. DeKok [Fri, 20 May 2011 07:38:48 +0000 (09:38 +0200)]
Added deprecated flag to old config variables
Alan T. DeKok [Thu, 19 May 2011 10:16:28 +0000 (12:16 +0200)]
Build without TLS
Alan T. DeKok [Thu, 19 May 2011 05:25:54 +0000 (07:25 +0200)]
Add installation rule for man page
Alan T. DeKok [Wed, 18 May 2011 12:32:53 +0000 (14:32 +0200)]
Added deprecated flag to variables
So that people will ugprade their configuration
Alan T. DeKok [Wed, 18 May 2011 11:22:18 +0000 (13:22 +0200)]
Cleaned up the "checked write" code a fair bit
Alan T. DeKok [Wed, 18 May 2011 09:38:05 +0000 (11:38 +0200)]
Move the "install binaries" code to rules.mak
This simplifies the sub-makefiles, and means it's harder
to get things wrong
Alan T. DeKok [Mon, 16 May 2011 12:23:04 +0000 (14:23 +0200)]
Removed unused variable
Alan T. DeKok [Mon, 16 May 2011 12:21:34 +0000 (14:21 +0200)]
Fix issues bound by clang
Alan T. DeKok [Mon, 16 May 2011 12:17:40 +0000 (14:17 +0200)]
Removed duplicate code
Alan T. DeKok [Mon, 16 May 2011 12:16:07 +0000 (14:16 +0200)]
Ensure we initialize all entries
Alan T. DeKok [Fri, 13 May 2011 14:58:16 +0000 (16:58 +0200)]
Support outer.control in dynamic xlat
Ruslan Shevchenko [Tue, 10 May 2011 19:15:26 +0000 (22:15 +0300)]
added support of dhcp to rlm_ippool
Alan T. DeKok [Fri, 13 May 2011 11:44:35 +0000 (13:44 +0200)]
Set "last packet" entry for all sockets
This will help us track TCP connections
Alan T. DeKok [Fri, 13 May 2011 09:05:08 +0000 (11:05 +0200)]
Create TLS-* attrs only for EAP, not RadSec
Alan T. DeKok [Fri, 13 May 2011 08:50:40 +0000 (10:50 +0200)]
Put checks for non-threaded TLS in a better place.
The TLS code requires threads to work.
Alan T. DeKok [Fri, 13 May 2011 08:44:18 +0000 (10:44 +0200)]
RadSec sockets don't have a user identity
Alan T. DeKok [Fri, 13 May 2011 08:38:53 +0000 (10:38 +0200)]
Add support for -P
Phil Mayers [Tue, 19 Apr 2011 14:34:27 +0000 (15:34 +0100)]
add mschap docs
Phil Mayers [Tue, 19 Apr 2011 14:24:11 +0000 (15:24 +0100)]
DEBUG message changes to make it more obvious which authentication has failed if we are proxying PEAP/TTLS inner
Phil Mayers [Tue, 19 Apr 2011 14:23:08 +0000 (15:23 +0100)]
re-work rlm_eap_mschapv2 state machine - handle mschapv2 password changes
Phil Mayers [Tue, 19 Apr 2011 14:20:46 +0000 (15:20 +0100)]
save the new challenge in MS-CHAP-Error, to allow authentication retries to succeed
Phil Mayers [Tue, 19 Apr 2011 14:16:27 +0000 (15:16 +0100)]
add support for MS-CHAPv2 password changes to rlm_mschap
Phil Mayers [Tue, 19 Apr 2011 14:10:11 +0000 (15:10 +0100)]
split exec functionality into 3 parts
Dante [Thu, 12 May 2011 13:04:54 +0000 (15:04 +0200)]
Glue TLS code into listen.c
Alan T. DeKok [Thu, 12 May 2011 13:04:43 +0000 (15:04 +0200)]
Add rules for attribute encodings
Alan T. DeKok [Thu, 12 May 2011 13:04:19 +0000 (15:04 +0200)]
Define EAP-MD5-Password
In preparation for removing radeapclient
Alan T. DeKok [Thu, 12 May 2011 10:27:59 +0000 (12:27 +0200)]
Add needed variable
Alan T. DeKok [Thu, 12 May 2011 08:38:03 +0000 (10:38 +0200)]
Hack radeapclient to make it build.
People should be using eapol_test instead. It's SO much better.
We probably also need to make radclient handle EAP-MD5, for
simplicity of testing
Alan T. DeKok [Thu, 12 May 2011 08:26:05 +0000 (10:26 +0200)]
"invalid attribute" means "create raw"
Alan T. DeKok [Thu, 12 May 2011 08:24:56 +0000 (10:24 +0200)]
CUI is allowed to have zero-length
Alan T. DeKok [Wed, 11 May 2011 19:07:34 +0000 (21:07 +0200)]
Now that log_packet_header is documented, make sure it works
Alan T. DeKok [Wed, 11 May 2011 15:41:29 +0000 (17:41 +0200)]
Updated documentation and samples
Handle IPv6 in detail filename.
Document "log_packet_header"
Dante [Wed, 11 May 2011 15:30:11 +0000 (17:30 +0200)]
Add preliminary support for TLS socket send/receive
The code is not yet integrated into listen.c. That will be
another step
Alan T. DeKok [Wed, 11 May 2011 15:28:28 +0000 (17:28 +0200)]
Move more code into server core
Alan T. DeKok [Wed, 11 May 2011 15:23:38 +0000 (17:23 +0200)]
Include version number in configuration file