mgriego [Fri, 31 Mar 2006 03:59:06 +0000 (03:59 +0000)]
Add cipher_list option for setting the allowed TLS cipher suites.
mgriego [Fri, 31 Mar 2006 03:53:36 +0000 (03:53 +0000)]
Add option to specify TLS cipher list
aland [Thu, 30 Mar 2006 17:59:07 +0000 (17:59 +0000)]
Catch non-files, and complain
bjordanov [Thu, 30 Mar 2006 08:09:49 +0000 (08:09 +0000)]
Add '+=' functionality for the %RAD_REPLY hash used by rlm_perl module
Closed #324
fcusack [Wed, 29 Mar 2006 19:21:23 +0000 (19:21 +0000)]
add undocumented useauthtok option for PAM
aland [Tue, 28 Mar 2006 16:48:39 +0000 (16:48 +0000)]
Updated with more complete instructions on how to use gdb
fcusack [Thu, 23 Mar 2006 15:01:10 +0000 (15:01 +0000)]
FSF address whitespace
fcusack [Thu, 23 Mar 2006 14:53:31 +0000 (14:53 +0000)]
update otp_hotp() to support 6,7,8,9 digit otp's
nbk [Thu, 23 Mar 2006 11:17:31 +0000 (11:17 +0000)]
Restore the previous form of the "libtool --mode=install" command
because it's reported to break building inside a rpmbuild environment.
nbk [Mon, 20 Mar 2006 13:08:11 +0000 (13:08 +0000)]
Update the GPL copy with the new address of the FSF.
http://www.gnu.org/licenses/gpl.txt
bjordanov [Mon, 20 Mar 2006 08:45:52 +0000 (08:45 +0000)]
Polled from branch_1_1 fix for bug #348
pnixon [Sun, 19 Mar 2006 11:01:42 +0000 (11:01 +0000)]
Added optional query. May be usefull to some people
aland [Fri, 17 Mar 2006 19:50:34 +0000 (19:50 +0000)]
Latest set of changes
aland [Fri, 17 Mar 2006 19:49:55 +0000 (19:49 +0000)]
Fix bug #348
aland [Thu, 16 Mar 2006 22:03:11 +0000 (22:03 +0000)]
Pull from the head
aland [Thu, 16 Mar 2006 22:02:13 +0000 (22:02 +0000)]
file dictionary.hp was added on branch branch_1_1 on 2006-03-16 22:03:11 +0000
aland [Thu, 16 Mar 2006 22:02:12 +0000 (22:02 +0000)]
HP Procurve attributes, as given by HP
nbk [Thu, 16 Mar 2006 16:46:19 +0000 (16:46 +0000)]
Update the GPL boilerplate with the new address of the FSF.
pnixon [Wed, 15 Mar 2006 21:25:26 +0000 (21:25 +0000)]
Change from now() to '%S'::timestamp should eliminate skew due to SQL latency.
nbk [Wed, 15 Mar 2006 15:40:13 +0000 (15:40 +0000)]
Update the LGPL copy with the new address of the FSF.
http://www.gnu.org/licenses/lgpl.txt
nbk [Wed, 15 Mar 2006 15:37:54 +0000 (15:37 +0000)]
Update the LGPL boilerplate with the new address of the FSF.
nbk [Wed, 15 Mar 2006 15:37:20 +0000 (15:37 +0000)]
Update the LGPL boilerplate with the new address of the FSF.
aland [Wed, 8 Mar 2006 23:14:14 +0000 (23:14 +0000)]
Removed silly use of magic cvs $ Log $ stuff
aland [Wed, 8 Mar 2006 22:39:51 +0000 (22:39 +0000)]
Minor re-arrangement
aland [Wed, 8 Mar 2006 00:01:48 +0000 (00:01 +0000)]
Updated for latest set of changes
aland [Tue, 7 Mar 2006 23:45:02 +0000 (23:45 +0000)]
Pull fix from CVS head
aland [Tue, 7 Mar 2006 23:44:27 +0000 (23:44 +0000)]
Updates for 7.1.
Patch from bug #315
aland [Tue, 7 Mar 2006 18:46:42 +0000 (18:46 +0000)]
Pull fix from the head
aland [Tue, 7 Mar 2006 18:43:47 +0000 (18:43 +0000)]
Added debug message when setting Auth-Type
aland [Tue, 7 Mar 2006 18:38:17 +0000 (18:38 +0000)]
Pull fix from the head
aland [Tue, 7 Mar 2006 18:38:04 +0000 (18:38 +0000)]
Additional sanity checks
aland [Tue, 7 Mar 2006 18:10:08 +0000 (18:10 +0000)]
Pull CoA fixes from the head
aland [Tue, 7 Mar 2006 18:05:33 +0000 (18:05 +0000)]
Document coa
aland [Tue, 7 Mar 2006 18:04:24 +0000 (18:04 +0000)]
Change CoF-* to CoA-*, because that's the proper name.
Update radclient to allow sending coa requests
update radius.c to clear the request vector, as per RFC 3576.
This closes bug #344
fcusack [Mon, 6 Mar 2006 21:40:56 +0000 (21:40 +0000)]
import from HEAD:
add stdlib.h
fcusack [Mon, 6 Mar 2006 21:40:00 +0000 (21:40 +0000)]
add stdlib.h
aland [Mon, 6 Mar 2006 19:02:54 +0000 (19:02 +0000)]
Pull patches from the head
aland [Mon, 6 Mar 2006 18:57:02 +0000 (18:57 +0000)]
file digest-auth-noalgo was added on branch branch_1_1 on 2006-03-06 19:02:57 +0000
aland [Mon, 6 Mar 2006 18:57:02 +0000 (18:57 +0000)]
file digest-auth-MD5_Sess was added on branch branch_1_1 on 2006-03-06 19:02:57 +0000
aland [Mon, 6 Mar 2006 18:57:02 +0000 (18:57 +0000)]
file digest-auth-MD5 was added on branch branch_1_1 on 2006-03-06 19:02:56 +0000
aland [Mon, 6 Mar 2006 18:57:01 +0000 (18:57 +0000)]
Added tests and updated digest code from Phillippe Sultan
aland [Mon, 6 Mar 2006 18:57:01 +0000 (18:57 +0000)]
file digest-auth_int-noalgo was added on branch branch_1_1 on 2006-03-06 19:02:56 +0000
aland [Mon, 6 Mar 2006 18:57:01 +0000 (18:57 +0000)]
file digest-auth_int-MD5_Sess was added on branch branch_1_1 on 2006-03-06 19:02:56 +0000
aland [Mon, 6 Mar 2006 18:57:01 +0000 (18:57 +0000)]
file digest-auth_int-MD5 was added on branch branch_1_1 on 2006-03-06 19:02:55 +0000
aland [Mon, 6 Mar 2006 18:45:21 +0000 (18:45 +0000)]
Pull attributes from the head
aland [Mon, 6 Mar 2006 18:43:46 +0000 (18:43 +0000)]
Passport 8000 attributes
pnixon [Fri, 3 Mar 2006 14:40:03 +0000 (14:40 +0000)]
This schema change and trigger updates fills in the groupname field (which doesnt come in Accounting packets) by querying the usergroup table.
This makes it easier to do group summary reports, however note that it does add some extra database load to 50% of your SQL accounting queries.
Note: Triggers to databases other than PostgreSQL still need to be written but I have updated all DB schemas for consistency
fcusack [Fri, 3 Mar 2006 00:58:31 +0000 (00:58 +0000)]
import from HEAD:
Make the site transform optional (leave undocumented!).
From Dave Mitchell.
fcusack [Fri, 3 Mar 2006 00:54:44 +0000 (00:54 +0000)]
Make the site transform optional (leave undocumented!).
From Dave Mitchell.
pnixon [Thu, 2 Mar 2006 07:56:06 +0000 (07:56 +0000)]
Opps. Missed MS SQL. Update it to match Postgresql also (Along with previous commit for MySQL and Oracle)
pnixon [Thu, 2 Mar 2006 07:47:42 +0000 (07:47 +0000)]
Bring Oracle and MySQL inline with Postgresl by setting all instances of Acct-Delay-Time to Acct-Delay-Time:-0 so that it defaults to 0 when some stupid NAS don't send it. (Otherwise the query fails)
nbk [Sat, 18 Feb 2006 22:54:35 +0000 (22:54 +0000)]
Pull from CVS head:
Use mutexes only if we have pthread.h (closes: #333)
fcusack [Fri, 17 Feb 2006 01:33:55 +0000 (01:33 +0000)]
import from HEAD:
Append first 2 username chars to challenge. The previous routine
created a fixed challenge, which led to a fixed response, which
was all 0's! Thanks to David Mitchell for spotting this.
fcusack [Fri, 17 Feb 2006 01:33:18 +0000 (01:33 +0000)]
Append first 2 username chars to challenge. The previous routine
created a fixed challenge, which led to a fixed response, which
was all 0's! Thanks to David Mitchell for spotting this.
aland [Thu, 16 Feb 2006 22:17:21 +0000 (22:17 +0000)]
Update date in copyright
nbk [Tue, 14 Feb 2006 15:49:47 +0000 (15:49 +0000)]
Pull from CVS head:
More attributes.
nbk [Tue, 14 Feb 2006 15:43:53 +0000 (15:43 +0000)]
Pull from CVS head:
Include fortinet and nortel dictionaries, too.
nbk [Tue, 14 Feb 2006 15:28:37 +0000 (15:28 +0000)]
Include fortinet dictionary, too.
nbk [Sun, 12 Feb 2006 15:54:56 +0000 (15:54 +0000)]
Update version number, in preparation for 1.1.1 release.
nbk [Sun, 12 Feb 2006 15:52:36 +0000 (15:52 +0000)]
Get downstream changelog and update it for 1.1.1.
nbk [Sun, 12 Feb 2006 11:51:40 +0000 (11:51 +0000)]
Shared secrets can only be 31 characters long.
http://bugs.debian.org/344606
nbk [Fri, 10 Feb 2006 20:15:04 +0000 (20:15 +0000)]
Update usage of $(OPENSSL_LIBS) after change of the Autoconf test.
nbk [Fri, 10 Feb 2006 19:48:04 +0000 (19:48 +0000)]
Pull from CVS head:
Install stand-alone binaries with libtool, too.
nbk [Fri, 10 Feb 2006 19:47:04 +0000 (19:47 +0000)]
Pull from CVS head:
Wipe out last vestiges of static/dynamic rules.
aland [Fri, 10 Feb 2006 17:47:20 +0000 (17:47 +0000)]
More attributes, as found in
http://www.quintum.com/support/xplatform/ivr_acct/webhelp/RADIUS_Interface.htm
by Valts Mazurs
nbk [Fri, 10 Feb 2006 15:12:02 +0000 (15:12 +0000)]
Pull from CVS head:
It's "reject_delay" and not "delayed_reject". (closes: #325)
nbk [Fri, 10 Feb 2006 15:11:20 +0000 (15:11 +0000)]
It's "reject_delay" and not "delayed_reject". (closes: #325)
Problem reported by Deric Sullivan <deric.sullivan@ec.gc.ca>
fcusack [Thu, 9 Feb 2006 23:28:46 +0000 (23:28 +0000)]
import from HEAD:
otp_authenticate(): malloc raw_state before using it
fcusack [Thu, 9 Feb 2006 23:27:08 +0000 (23:27 +0000)]
otp_authenticate(): malloc raw_state before using it
aland [Thu, 9 Feb 2006 17:40:58 +0000 (17:40 +0000)]
Pull fix from the head
aland [Thu, 9 Feb 2006 17:40:33 +0000 (17:40 +0000)]
HA1 is string (32 hex digits), not "octets"
nbk [Thu, 9 Feb 2006 15:02:55 +0000 (15:02 +0000)]
maxfd might have been uninitialized.
nbk [Thu, 9 Feb 2006 14:45:41 +0000 (14:45 +0000)]
The database schema is now at doc/examples/postgresql.sql
nbk [Thu, 9 Feb 2006 14:33:41 +0000 (14:33 +0000)]
The option -DOPENSSL_NO_KRB5 is added by autoconf, therefore we
don't need to add it a second time in the Makefile.
aland [Wed, 8 Feb 2006 23:05:15 +0000 (23:05 +0000)]
Allow multiple references to %{1} & friends.
Patch from Stephan Jaeger
aland [Wed, 8 Feb 2006 22:54:24 +0000 (22:54 +0000)]
Pull digest fix from CVS head
aland [Wed, 8 Feb 2006 22:48:56 +0000 (22:48 +0000)]
Use Digest-HA1 for the encrypted password, not Digest-MD5
fcusack [Wed, 8 Feb 2006 21:44:08 +0000 (21:44 +0000)]
rlm_otp changes
fcusack [Wed, 8 Feb 2006 21:23:27 +0000 (21:23 +0000)]
import from HEAD:
otp_authorize(): fix trivial State to be non-NUL, for Cisco bug
fcusack [Wed, 8 Feb 2006 21:22:10 +0000 (21:22 +0000)]
otp_authorize(): fix trivial State to be non-NUL, for Cisco bug
fcusack [Wed, 8 Feb 2006 21:19:04 +0000 (21:19 +0000)]
import from HEAD:
otp_authenticate(): generate State as ASCII to workaround Cisco bug
fcusack [Wed, 8 Feb 2006 21:15:34 +0000 (21:15 +0000)]
otp_authenticate(): set e_length correctly
fcusack [Wed, 8 Feb 2006 21:11:24 +0000 (21:11 +0000)]
generate State as ASCII to workaround Cisco bug
fcusack [Wed, 8 Feb 2006 19:57:42 +0000 (19:57 +0000)]
import from HEAD:
support cryptocard "phone" modes --- 7 digit mode where user
actually enters the dash
fcusack [Wed, 8 Feb 2006 19:55:53 +0000 (19:55 +0000)]
support cryptocard "phone" modes --- 7 digit mode where user
actually enters the dash
nbk [Wed, 8 Feb 2006 11:13:36 +0000 (11:13 +0000)]
Latest set of changes.
fcusack [Wed, 8 Feb 2006 08:31:51 +0000 (08:31 +0000)]
otp_authorize(): support LP64 when generating State
fcusack [Wed, 8 Feb 2006 08:31:11 +0000 (08:31 +0000)]
otp_authorize(): support LP64 when generating State
fcusack [Wed, 8 Feb 2006 08:29:42 +0000 (08:29 +0000)]
import from HEAD:
otp_authenticate(): expected length of State when not allowing async
became 1 in otp_rlm.c#1.15
fcusack [Wed, 8 Feb 2006 08:19:32 +0000 (08:19 +0000)]
otp_authenticate(): expected length of State when not allowing async
became 1 in otp_rlm.c#1.15
fcusack [Wed, 8 Feb 2006 08:02:34 +0000 (08:02 +0000)]
import from HEAD:
otp_authenticate(): initialize challenge for otp_pw_valid()
fcusack [Wed, 8 Feb 2006 07:47:26 +0000 (07:47 +0000)]
otp_authenticate(): initialize challenge
fcusack [Wed, 8 Feb 2006 05:15:56 +0000 (05:15 +0000)]
import from HEAD:
unconditionally #include <sys/un.h> (bug #314)
fcusack [Wed, 8 Feb 2006 05:11:04 +0000 (05:11 +0000)]
unconditionally #include <sys/un.h> (not required on Solaris, but ok)
fcusack [Wed, 8 Feb 2006 05:08:50 +0000 (05:08 +0000)]
expandtab
aland [Tue, 7 Feb 2006 18:58:06 +0000 (18:58 +0000)]
Replaced INFO level logging with debug logging. 99.9% of people
don't care to see "ack received" in radius.log
nbk [Tue, 7 Feb 2006 16:02:33 +0000 (16:02 +0000)]
net-snmp's ucd-snmp compatibility mode is fixed in CVS, therefore the dpatch
isn't needed anymore.
nbk [Tue, 7 Feb 2006 16:02:19 +0000 (16:02 +0000)]
the libtool problems for modules rlm_eap_{peap,tls,ttls} are fixed in CVS,
therefore the dpatch isn't needed anymore.
nbk [Tue, 7 Feb 2006 16:01:38 +0000 (16:01 +0000)]
Update the dpatch against 1.1.1.
nbk [Tue, 7 Feb 2006 15:59:20 +0000 (15:59 +0000)]
Update the set of patches for 1.1.1.