aland [Fri, 8 Aug 2003 14:17:09 +0000 (14:17 +0000)]
Added a massively helpful script
aland [Fri, 8 Aug 2003 14:06:36 +0000 (14:06 +0000)]
slight changes to debug messages
aland [Fri, 8 Aug 2003 14:03:47 +0000 (14:03 +0000)]
Try to handle the case where we get an ACK after sending the
last fragment
aland [Thu, 7 Aug 2003 17:14:47 +0000 (17:14 +0000)]
new TLS header file
aland [Thu, 7 Aug 2003 14:39:19 +0000 (14:39 +0000)]
Use appropriate pointer
aland [Wed, 6 Aug 2003 17:33:38 +0000 (17:33 +0000)]
Don't print out CHAP-Password, it's random junk, and the
'received attributes' code already prints it out.
aland [Wed, 6 Aug 2003 17:31:25 +0000 (17:31 +0000)]
Moved definitions to the main radius.h
aland [Wed, 6 Aug 2003 17:30:34 +0000 (17:30 +0000)]
Add useful definitions for MS-CHAP stuff
aland [Wed, 6 Aug 2003 17:30:15 +0000 (17:30 +0000)]
CHAP-Challenge is octets, not printable string
aland [Wed, 6 Aug 2003 17:05:47 +0000 (17:05 +0000)]
Uodate for new prototype of session_zap.
aland [Wed, 6 Aug 2003 17:05:26 +0000 (17:05 +0000)]
Updated for new prototype of session_zap
aland [Wed, 6 Aug 2003 16:53:23 +0000 (16:53 +0000)]
Use proper names, instead of numbers.
Print out a little more debugging information.
aland [Wed, 6 Aug 2003 16:52:50 +0000 (16:52 +0000)]
Updates to NAK handler
Don't allow TLS inside of TLS/TTLS/PEAP.
Print out proper EAP 'code', instead of using 'type'
aland [Wed, 6 Aug 2003 15:31:20 +0000 (15:31 +0000)]
Corrected last commit
Message-Authenticator by itself is OK.
EAP-Message without Message-Authenticator is not.
aland [Tue, 5 Aug 2003 19:32:14 +0000 (19:32 +0000)]
Large changes, in preparation for TTLS & PEAP
The TLS module can now be called from other sub-modules.
aland [Tue, 5 Aug 2003 19:29:57 +0000 (19:29 +0000)]
Large changes & re-arrangements, in preparation (hopefully) for
TTLS & PEAP
aland [Tue, 5 Aug 2003 19:28:50 +0000 (19:28 +0000)]
If we see EAP-Message without Message-Authenticator, don't allow
it to be processed.
This check will no longer be done in the EAP module, which makes
it easier to keep the requests secure, while allowing tunneled
EAP sessions to NOT have a Message-Authenticator, which isn't needed
in a TLS tunnel.
aland [Tue, 5 Aug 2003 19:26:35 +0000 (19:26 +0000)]
Added more Tunnel-Medium-Type values
pnixon [Thu, 31 Jul 2003 22:27:27 +0000 (22:27 +0000)]
Change dummy function to one that actually does something :-)
pnixon [Thu, 31 Jul 2003 22:15:30 +0000 (22:15 +0000)]
Change all INTERVALs to BIGINT as INTERVALS are not compatible with some existing client apps
pnixon [Thu, 31 Jul 2003 22:13:15 +0000 (22:13 +0000)]
Change query to output AcctSessionTime as a BIGINT instead of an INTERVAL
pnixon [Thu, 31 Jul 2003 18:41:44 +0000 (18:41 +0000)]
missing bracket
pnixon [Thu, 31 Jul 2003 13:09:46 +0000 (13:09 +0000)]
Added dummy sql_destroy_socket function to stop crashes on SIGHUP
kkalev [Wed, 30 Jul 2003 22:15:30 +0000 (22:15 +0000)]
Set default values to zero for Acct-Session-Time and Acct-Delay-Time in the DATE_SUB
function in accounting_stop_query_alt
Bug noted by Alexander M. Pravking
pnixon [Wed, 30 Jul 2003 19:24:17 +0000 (19:24 +0000)]
Oracle and Sybase drivers seem to support SQL_DOWN now.
pnixon [Wed, 30 Jul 2003 19:21:19 +0000 (19:21 +0000)]
minor logging update
pnixon [Wed, 30 Jul 2003 19:00:40 +0000 (19:00 +0000)]
Added some comments.
aland [Wed, 30 Jul 2003 15:43:45 +0000 (15:43 +0000)]
Handle EINTR for sem_wait
aland [Tue, 29 Jul 2003 21:00:38 +0000 (21:00 +0000)]
Added place-holder for NAK handler, for unknown types.
EAP does:
client -> server: start
server -> client: give me your identity
client-> server : my identity is "bob"
server -> client: let's use EAP type FOO
client -> server: I don't like EAP type FOO, I want to use EAP type BAR
which means that the FIRST time the server realizes the client wants
an EAP type which the server doesn't support, is in the NAK handler.
At that point, the server's at a bit of a loss for what to do next,
other than reject the request.
aland [Tue, 29 Jul 2003 20:20:07 +0000 (20:20 +0000)]
Added sample config for 'ignore_unknown_eap_types'
There's still the "booting" problem, as the EAP module has a
default EAP type, and the EAP-NAK handler doesn't forward the
unknown EAP types, but it's still a step forward.
aland [Tue, 29 Jul 2003 20:13:25 +0000 (20:13 +0000)]
Add a new configuration entry: ignore unknown EAP types.
If set, then the EAP module's "authorize" section will return
NOOP for unknown EAP types in EAP-Request & EAP-Response packets.
This will allow the server to quietly proxy unknown EAP types.
aland [Tue, 29 Jul 2003 19:51:33 +0000 (19:51 +0000)]
Add new EAP-Type to request->packet->vps, when it has EAP.
This allows other modules to key off of EAP-Type, to make decisions
as to what to do with unknown EAP types.
aland [Tue, 29 Jul 2003 19:42:51 +0000 (19:42 +0000)]
Added EAP-Type, for informational purposes
kkalev [Tue, 29 Jul 2003 18:40:50 +0000 (18:40 +0000)]
In postauth keep the operation mutex until *after* we have found and set
a free entry to active.
aland [Tue, 29 Jul 2003 16:15:01 +0000 (16:15 +0000)]
Added an rcsid
aland [Tue, 29 Jul 2003 16:14:02 +0000 (16:14 +0000)]
In preparation for recursive calls to EAP, the EAP module is made
thread-safe, by the simple expedient of adding a mutex to its
data structure.
If we let the server core handle the mutex, then it will try to
lock that mutex on recursive calls to EAP, which is bad. By handling
the mutex in the module, the module can notice it's a recursive call,
and not lock the mutex.
Of course, we're planning on only the EAP module calling itself
recursively. If other modules do it too, then we'll re-visit
this hack.
aland [Tue, 29 Jul 2003 16:09:49 +0000 (16:09 +0000)]
Got rid of the use of explicit EAP types in the 'type select' code.
Instead, simply key off of the allowed types, and whether or not
such a type has been configured.
aland [Tue, 29 Jul 2003 16:03:26 +0000 (16:03 +0000)]
Added defines for TTLS & PEAP, even though they're not supported.
aland [Tue, 29 Jul 2003 15:15:02 +0000 (15:15 +0000)]
$INCLUDE may return no pairs. Update the code to handle this.
Bug noted by Vic Abell
pnixon [Tue, 29 Jul 2003 09:00:59 +0000 (09:00 +0000)]
Removed some unneeded modules, plus some comment updates
kkalev [Tue, 29 Jul 2003 08:51:42 +0000 (08:51 +0000)]
In accounting_stop_query_alt calculate AcctStartTime from
AcctStopTime - (AcctSessionTime + AcctDelayTime)
pnixon [Tue, 29 Jul 2003 08:44:59 +0000 (08:44 +0000)]
sync with 0.9 branch
pnixon [Tue, 29 Jul 2003 08:38:50 +0000 (08:38 +0000)]
Major changes to clarent parser
pnixon [Tue, 29 Jul 2003 08:13:46 +0000 (08:13 +0000)]
Sync with 0.9 branch
aland [Mon, 28 Jul 2003 17:36:42 +0000 (17:36 +0000)]
Massive changes to clean up the EAP module, in preparation for
what we hope will be TTLS & PEAP. ~20% of the code in the module
is gone, and what's left has more comments, and is simpler, and
cleaner to understand.
There is an 'authorize' section now, in addition to 'authenticate',
in the sub-modules, which may be useful. But isn't used now...
Moved sub-modules from linked list to indexed array. Much faster.
EAP types are looked up by type, not by name. Less code, and faster.
Got rid of 'handler->id', and replaced it with entries inside of
the handler data structure. Got rid of 'generateid' and
'regenerateid' functions, and swallowed them into the functions
which add/find handlers in a list.
Key active EAP sessions off of the first byte of the state, which
is a random number, instead of putting them all in one list. This
decreases the work required to find one session.
Got rid of 'clean list' function, and instead clean the list
as we are looking for a session. Equivalent functionality, less
work, and less code.
Simplify the use of the 'State' attribute. It's now shorter,
which means more NASes will like it.
Cleaned up EAP-MD5, so it's more obvious what it does, and how
it works. It should be used as a template for other EAP modules.
free_opaque takes a ptr, not a ptr to a ptr
run valgrind over the modules, and fixed issues.
EAP-TLS cleanups in instantiation & detaching. (i.e. fix memory
leaks, and other problems)
moved 'add state to reply packet' to the eaplist_add function,
which is the only place where it should be.
Made eaptype_call 'static', as no one outside of eap.c needs it.
MD5, LEAP, & TLS have all been verified to work.
(you were worried, weren't you, considering the length of this
commit message)
kkalev [Mon, 28 Jul 2003 13:17:38 +0000 (13:17 +0000)]
- Make Multilink work this time
- Instead of locking file operations, lock transactions. That means we only keep
one big transaction lock instead of per file locks (mutexes).
kkalev [Sun, 27 Jul 2003 08:42:30 +0000 (08:42 +0000)]
Add debug statements for allowed service type
aland [Thu, 24 Jul 2003 20:32:18 +0000 (20:32 +0000)]
Added gandalf rlan dictionary, from Blaise St-Laurent
aland [Wed, 23 Jul 2003 19:50:38 +0000 (19:50 +0000)]
request_alloc() and request_alloc_fake(), to allocate a REQUEST
structure, and a "fake" one. see session-zap()...
Cleaned up some other code to use the new functions.
aland [Wed, 23 Jul 2003 19:46:18 +0000 (19:46 +0000)]
Removed unused variables
aland [Wed, 23 Jul 2003 19:45:44 +0000 (19:45 +0000)]
Get rid of replication code, as it hasn't been used in a long time
aland [Wed, 23 Jul 2003 19:44:35 +0000 (19:44 +0000)]
Don't send packets which have a sockfd < 0 (see main/session.c,
and the fake 'zap' packet it sends)
phampson [Wed, 23 Jul 2003 15:04:32 +0000 (15:04 +0000)]
Now that 0.9.0's been released, sync changelog and add new entry for CVS version
kkalev [Wed, 23 Jul 2003 14:34:09 +0000 (14:34 +0000)]
* Only delete sessions which are not open in truncate_radacct. Bug noted by Evren Yurtesen <yurtesen@ispro.net.tr>
* Add a user input tag in user_stats.php3
aland [Tue, 22 Jul 2003 18:23:54 +0000 (18:23 +0000)]
Only delete the auto-generated HTML files
aland [Tue, 22 Jul 2003 18:23:28 +0000 (18:23 +0000)]
What the heck... this may be helpful
aland [Tue, 22 Jul 2003 18:16:23 +0000 (18:16 +0000)]
re-arrange, to avoid core dumps.
Bug noted by sten.daniel.sorsdal
aland [Tue, 22 Jul 2003 17:32:33 +0000 (17:32 +0000)]
Use the right variable
kkalev [Tue, 22 Jul 2003 14:56:56 +0000 (14:56 +0000)]
* Use rad_lockfd_nonblock so that we can bail out on a problem
* Always call ms_sleep after we call do_send so that we give the
radius server a chance to breath a little.
kkalev [Sat, 19 Jul 2003 16:29:50 +0000 (16:29 +0000)]
* Make all scripts use the mysql binary instead of DBI and make the sql password even if it is empty
* Make log_badlogins work with usernames containing spaces
kkalev [Fri, 18 Jul 2003 16:21:10 +0000 (16:21 +0000)]
Revert a change made by mistake
kkalev [Fri, 18 Jul 2003 16:18:45 +0000 (16:18 +0000)]
Add 3 more help pages from Stadler Karel <Karel.Stadler@psi.ch> for Service-Type,Framed-Protocol and Filter-ID
pnixon [Thu, 17 Jul 2003 23:21:15 +0000 (23:21 +0000)]
sync up the comments with branch 0.9
pnixon [Thu, 17 Jul 2003 17:56:42 +0000 (17:56 +0000)]
Bring CVS head in sync with 0.9 branch
aland [Wed, 16 Jul 2003 19:49:30 +0000 (19:49 +0000)]
People use this, it's stable.
aland [Wed, 16 Jul 2003 17:35:41 +0000 (17:35 +0000)]
Increase size of fields
aland [Wed, 16 Jul 2003 17:34:35 +0000 (17:34 +0000)]
Pull patches from the branch
aland [Wed, 16 Jul 2003 17:32:48 +0000 (17:32 +0000)]
Pull patches from the branch
Patch from Paul Hampson
phampson [Wed, 16 Jul 2003 16:44:40 +0000 (16:44 +0000)]
Regenerate configure to match current configure.in
phampson [Wed, 16 Jul 2003 16:04:12 +0000 (16:04 +0000)]
Remove untruth entered in the TODO list, regarding stable backport.
pnixon [Wed, 16 Jul 2003 15:18:56 +0000 (15:18 +0000)]
Reformat queries to be multiline
pnixon [Wed, 16 Jul 2003 15:04:17 +0000 (15:04 +0000)]
Update comments to make it clear that raddb/postgresql.conf needs to be replaced for this schema to work.
pnixon [Wed, 16 Jul 2003 15:01:10 +0000 (15:01 +0000)]
Moce strip_dot function from sample file to default schema as it is used by default queries
pnixon [Wed, 16 Jul 2003 14:51:43 +0000 (14:51 +0000)]
rewrite the strip_dot function in Postgres PL instead of Perl
aland [Wed, 16 Jul 2003 14:42:02 +0000 (14:42 +0000)]
memset is your friend. Not all platforms have sa_sigaction
aland [Wed, 16 Jul 2003 14:35:06 +0000 (14:35 +0000)]
Broken whitespace
aland [Wed, 16 Jul 2003 14:33:22 +0000 (14:33 +0000)]
Added more options to calls to oracle functions, which apparently
fix bugs...
Patch from Liyan Tan
aland [Tue, 15 Jul 2003 15:53:18 +0000 (15:53 +0000)]
Only 'make' if there's a 'Makefile'
aland [Tue, 15 Jul 2003 14:19:01 +0000 (14:19 +0000)]
make 'includes' before compiling C files
aland [Tue, 15 Jul 2003 14:18:32 +0000 (14:18 +0000)]
account for ID, too
aland [Tue, 15 Jul 2003 12:34:51 +0000 (12:34 +0000)]
A few more targets
aland [Tue, 15 Jul 2003 12:33:41 +0000 (12:33 +0000)]
add 'include' to the list of make targets
aland [Tue, 15 Jul 2003 12:33:24 +0000 (12:33 +0000)]
We're going to need to install include files eventually, we might
as well have a makefile...
aland [Mon, 14 Jul 2003 17:31:24 +0000 (17:31 +0000)]
check for allocation failures
Patch from Steve G
aland [Mon, 14 Jul 2003 17:27:34 +0000 (17:27 +0000)]
check & memset
kkalev [Sat, 12 Jul 2003 13:52:28 +0000 (13:52 +0000)]
In user_finger page if $user is NULL then set it to
aland [Fri, 11 Jul 2003 19:50:04 +0000 (19:50 +0000)]
check & memset
aland [Fri, 11 Jul 2003 16:00:50 +0000 (16:00 +0000)]
Massive changes to get rid of memory leaks
aland [Fri, 11 Jul 2003 14:12:06 +0000 (14:12 +0000)]
free allocated memory
pnixon [Fri, 11 Jul 2003 12:03:31 +0000 (12:03 +0000)]
Bring the DB schema kicking and screaming into the 21st century..
phampson [Fri, 11 Jul 2003 10:21:53 +0000 (10:21 +0000)]
Install the example sql files into the examples directory using dh_installexamples
wichert [Thu, 10 Jul 2003 21:34:38 +0000 (21:34 +0000)]
Test for gdbm_compat as well
wichert [Thu, 10 Jul 2003 20:50:25 +0000 (20:50 +0000)]
Do everything in a single sed command
wichert [Thu, 10 Jul 2003 20:43:06 +0000 (20:43 +0000)]
Update build-depends for current unstable
kkalev [Thu, 10 Jul 2003 19:51:43 +0000 (19:51 +0000)]
Add Service-Type in user_edit.attrs
aland [Wed, 9 Jul 2003 20:46:42 +0000 (20:46 +0000)]
Don't free memory we didn't allocate
aland [Wed, 9 Jul 2003 20:42:30 +0000 (20:42 +0000)]
export top_builddir
aland [Wed, 9 Jul 2003 19:52:31 +0000 (19:52 +0000)]
destroy sockets...
aland [Wed, 9 Jul 2003 15:56:04 +0000 (15:56 +0000)]
Always free string pointers, to catch stupid modules which don't
initialize memory.
phampson [Wed, 9 Jul 2003 07:59:45 +0000 (07:59 +0000)]
TODO list updates