Alan DeKok [Sat, 8 Oct 2016 13:39:33 +0000 (09:39 -0400)]
Merge pull request #1772 from zmousm/fix-deb-patch
Refresh debian/patches/radiusd-to-freeradius.diff
Alan DeKok [Sat, 8 Oct 2016 13:29:30 +0000 (09:29 -0400)]
Merge pull request #1775 from stapelberg/patch-1
fix: macro `IR(hours|minutes|seconds)' not defined
Michael Stapelberg [Sat, 8 Oct 2016 11:51:51 +0000 (13:51 +0200)]
fix: macro `IR(hours|minutes|seconds)' not defined
Zenon Mousmoulas [Sat, 8 Oct 2016 07:42:13 +0000 (10:42 +0300)]
Refresh debian/patches/radiusd-to-freeradius.diff
dpkg-source aborts due to missing initial spaces and fuzz in one
context line
Alan T. DeKok [Wed, 5 Oct 2016 14:56:33 +0000 (10:56 -0400)]
it's not a warning message
Alan T. DeKok [Tue, 4 Oct 2016 18:43:28 +0000 (14:43 -0400)]
fix warning messages for packet possibly truncated
rely on the "encode" function to display warning messages.
And make the warning messages debug only
Alan T. DeKok [Mon, 3 Oct 2016 15:05:08 +0000 (11:05 -0400)]
check num_rows before using them
Alan T. DeKok [Mon, 3 Oct 2016 13:22:22 +0000 (09:22 -0400)]
Check for expiry only if the password was OK. Fixes #1762
Alan T. DeKok [Mon, 3 Oct 2016 13:15:21 +0000 (09:15 -0400)]
note recent changes
Alan DeKok [Mon, 3 Oct 2016 13:11:05 +0000 (09:11 -0400)]
Merge pull request #1767 from djjudas21/patch-1
Fix typo in %files section to avoid error building RPM
Jonathan [Mon, 3 Oct 2016 10:42:06 +0000 (11:42 +0100)]
Fix typo in %files section to avoid error building RPM
File not found: /home/jg4461/rpmbuild/BUILDROOT/freeradius-3.0.12-2.el7.centos.x86_64/usr/share/man/man1/radcounter.1.gz
Arran Cudbard-Bell [Sat, 1 Oct 2016 12:05:11 +0000 (13:05 +0100)]
Merge pull request #1763 from alanbuxey/patch-1
another typo fix and capitalisations
Alan Buxey [Sat, 1 Oct 2016 11:46:02 +0000 (12:46 +0100)]
another typo fix and capitalisations
Alan T. DeKok [Fri, 30 Sep 2016 11:58:43 +0000 (07:58 -0400)]
update for 3.0.13
Alan T. DeKok [Fri, 30 Sep 2016 11:36:33 +0000 (07:36 -0400)]
add "date" module
Alan T. DeKok [Fri, 30 Sep 2016 11:36:50 +0000 (07:36 -0400)]
bump for 3.0.13
Alan T. DeKok [Thu, 29 Sep 2016 15:19:48 +0000 (11:19 -0400)]
typo
Alan T. DeKok [Thu, 29 Sep 2016 14:55:38 +0000 (10:55 -0400)]
note recent changes.
Alan T. DeKok [Thu, 29 Sep 2016 14:42:58 +0000 (10:42 -0400)]
allow for old-style names, too
Alan T. DeKok [Thu, 29 Sep 2016 14:33:22 +0000 (10:33 -0400)]
simplify debug messages
we don't need 'request %u' in RDEBUG messages
Alan T. DeKok [Thu, 29 Sep 2016 14:25:15 +0000 (10:25 -0400)]
more &
Alan T. DeKok [Wed, 28 Sep 2016 15:16:51 +0000 (11:16 -0400)]
Fix compile without ascend binary. fixes #1761
Alan DeKok [Tue, 27 Sep 2016 19:52:30 +0000 (15:52 -0400)]
Merge pull request #1760 from jrouzierinverse/feature/eap-fast-3.0.x
Fix talloc parenting issue
James Rouzier [Tue, 27 Sep 2016 19:41:16 +0000 (15:41 -0400)]
Fix talloc parenting issue
Alan T. DeKok [Tue, 27 Sep 2016 19:12:23 +0000 (15:12 -0400)]
notes on AD
Alan T. DeKok [Sun, 10 Jul 2016 18:03:18 +0000 (14:03 -0400)]
build headers before scanning
Matthew Newton [Tue, 27 Sep 2016 11:43:09 +0000 (12:43 +0100)]
Merge pull request #1759 from mcnewton/v3.0.x
small dhcpclient man page tweaks
Matthew Newton [Tue, 27 Sep 2016 11:02:32 +0000 (12:02 +0100)]
small dhcpclient man page tweaks
Alan T. DeKok [Mon, 26 Sep 2016 20:39:36 +0000 (16:39 -0400)]
one more check for virtual servers
Alan T. DeKok [Mon, 26 Sep 2016 20:20:30 +0000 (16:20 -0400)]
skip virtual servers in a pool
Alan T. DeKok [Mon, 26 Sep 2016 20:16:49 +0000 (16:16 -0400)]
remove from proxy hash on ping timeout
Arran Cudbard-Bell [Mon, 26 Sep 2016 15:47:51 +0000 (16:47 +0100)]
Don't ignore the fact we've hit vulnerable versions in previous checks
Alan T. DeKok [Mon, 26 Sep 2016 15:06:11 +0000 (11:06 -0400)]
reorder list
Alan T. DeKok [Mon, 26 Sep 2016 15:00:33 +0000 (11:00 -0400)]
one last check to narrow down the possibilities
Arran Cudbard-Bell [Mon, 26 Sep 2016 14:55:28 +0000 (15:55 +0100)]
Merge pull request #1758 from TheMysteriousX/v3.0.x
Check the CVE ID, not the name
Alan T. DeKok [Mon, 26 Sep 2016 14:54:33 +0000 (10:54 -0400)]
Add checks for Linux && OSX
Alan T. DeKok [Mon, 26 Sep 2016 14:54:26 +0000 (10:54 -0400)]
fix typos
Adam Bishop [Mon, 26 Sep 2016 14:52:02 +0000 (15:52 +0100)]
Check the CVE ID, not the name
Alan T. DeKok [Mon, 26 Sep 2016 14:27:25 +0000 (10:27 -0400)]
note recent changes
Alan T. DeKok [Mon, 26 Sep 2016 14:25:39 +0000 (10:25 -0400)]
Use opendir(/proc/self/fd) when we don't have closefrom(). Fixes #1757
Alan T. DeKok [Mon, 26 Sep 2016 12:10:07 +0000 (08:10 -0400)]
added F_MAXFD
Alan T. DeKok [Mon, 26 Sep 2016 12:08:04 +0000 (08:08 -0400)]
added F_CLOSEM, which might work, too
Alan T. DeKok [Mon, 26 Sep 2016 11:53:14 +0000 (07:53 -0400)]
add new man pages
Alan Buxey [Mon, 19 Sep 2016 10:39:02 +0000 (11:39 +0100)]
add man page for dhcpclient
Alan Buxey [Mon, 19 Sep 2016 10:39:54 +0000 (11:39 +0100)]
add man page for rad_counter
Alan T. DeKok [Mon, 26 Sep 2016 11:41:49 +0000 (07:41 -0400)]
update for new CVEs
Alan T. DeKok [Mon, 26 Sep 2016 11:40:04 +0000 (07:40 -0400)]
allow acknowledged CVEs
Alan T. DeKok [Sun, 25 Sep 2016 15:06:11 +0000 (11:06 -0400)]
Don't open new connections when exiting. Addresses #1604.
When we a get a SIGTERM or SIGQUIT, mark "exiting", and stop
returning new connections. Also, don't allow reconnection of
existing connections. This should help with CTRL-C.
Alan T. DeKok [Fri, 23 Sep 2016 19:41:08 +0000 (15:41 -0400)]
parent attributes from the right place.
Alan T. DeKok [Fri, 23 Sep 2016 18:01:08 +0000 (14:01 -0400)]
enable "date" by default
Alan T. DeKok [Fri, 23 Sep 2016 13:56:28 +0000 (09:56 -0400)]
note recent changes
Alan T. DeKok [Fri, 23 Sep 2016 13:55:33 +0000 (09:55 -0400)]
clean up OCSP / verify routines
Alan DeKok [Thu, 22 Sep 2016 23:34:47 +0000 (19:34 -0400)]
Merge pull request #1755 from spaetow/patch-3
Adding ABFAB-specific things to last 3.0.x release.
Alan T. DeKok [Thu, 22 Sep 2016 20:07:24 +0000 (16:07 -0400)]
minor update to rejection message
Alan T. DeKok [Thu, 22 Sep 2016 20:06:54 +0000 (16:06 -0400)]
inner tunnel of EAP-FAST cannot be proxied
Alan T. DeKok [Thu, 22 Sep 2016 15:59:08 +0000 (11:59 -0400)]
Fix tls_global_version_check() function and message
there is now more than one vulnerability in OpenSSL.
Alan T. DeKok [Thu, 22 Sep 2016 15:55:14 +0000 (11:55 -0400)]
simplify code
Alan T. DeKok [Thu, 22 Sep 2016 15:54:55 +0000 (11:54 -0400)]
typo in version string
Alan T. DeKok [Thu, 22 Sep 2016 15:26:58 +0000 (11:26 -0400)]
typo
Alan T. DeKok [Thu, 22 Sep 2016 15:24:14 +0000 (11:24 -0400)]
note OpenSSL breakage
Alan T. DeKok [Thu, 22 Sep 2016 15:22:45 +0000 (11:22 -0400)]
Add more vulnerabilities for OpenSSL
Alan T. DeKok [Thu, 22 Sep 2016 14:40:05 +0000 (10:40 -0400)]
note recent changes
Stefan Paetow [Thu, 22 Sep 2016 13:12:37 +0000 (15:12 +0200)]
Update inner-tunnel
Added the Moonshot (ABFAB) TargetedId generation to the standard distribution. Disabled by default.
Stefan Paetow [Thu, 22 Sep 2016 13:03:49 +0000 (15:03 +0200)]
Create moonshot-targeted-ids
Formally include the three Moonshot TargetedIds in the FreeRADIUS policy space so that it can be updated accordingly as the other policies (and features) progress.
Arran Cudbard-Bell [Wed, 21 Sep 2016 14:41:29 +0000 (18:41 +0400)]
RPM_OPT_FLAGS set by configure macro anyway... We just need to not mess with things.
Arran Cudbard-Bell [Wed, 21 Sep 2016 13:09:32 +0000 (17:09 +0400)]
Explain flags
Alan T. DeKok [Tue, 20 Sep 2016 21:24:39 +0000 (17:24 -0400)]
Don't use -O2 for --with developer on rpmbuild. Fixes #1753
Alan T. DeKok [Wed, 21 Sep 2016 13:46:25 +0000 (09:46 -0400)]
make code match the comments and documentation
Alan T. DeKok [Wed, 21 Sep 2016 13:38:50 +0000 (09:38 -0400)]
Use conf->ocsp_store, as it is always set.
Which helps with RadSec connections
Alan T. DeKok [Tue, 20 Sep 2016 12:06:03 +0000 (08:06 -0400)]
More cleanups
Alan T. DeKok [Tue, 20 Sep 2016 11:55:40 +0000 (07:55 -0400)]
clarify message
Alan T. DeKok [Tue, 20 Sep 2016 11:46:13 +0000 (07:46 -0400)]
remove unnecessary FIXMEs
Alan T. DeKok [Tue, 20 Sep 2016 11:44:41 +0000 (07:44 -0400)]
use defines for shift, instead of hard-coded number
Alan DeKok [Tue, 20 Sep 2016 11:43:13 +0000 (07:43 -0400)]
Merge pull request #1751 from jrouzierinverse/feature/eap-fast-3.0.x
Feature/eap fast 3.0.x
James Rouzier [Mon, 19 Sep 2016 16:31:45 +0000 (12:31 -0400)]
Use the proper eap version
James Rouzier [Mon, 19 Sep 2016 16:31:07 +0000 (12:31 -0400)]
Free list after usage
James Rouzier [Mon, 19 Sep 2016 16:29:46 +0000 (12:29 -0400)]
Remove unused variables
James Rouzier [Fri, 16 Sep 2016 16:27:46 +0000 (12:27 -0400)]
Shift to use the proper attribute id
Alan T. DeKok [Mon, 19 Sep 2016 20:04:55 +0000 (16:04 -0400)]
whitespace and formatting
Arran Cudbard-Bell [Mon, 19 Sep 2016 16:15:52 +0000 (20:15 +0400)]
Merge pull request #1750 from TheMysteriousX/v3.0.x
NULL the configuration item if no trust router is configured
Adam Bishop [Mon, 19 Sep 2016 14:47:20 +0000 (15:47 +0100)]
NULL the configuration item if no trust router is configured
Add a debug message so the user knows the dyanmic realm functionality is disabled
Alan T. DeKok [Mon, 19 Sep 2016 15:23:54 +0000 (11:23 -0400)]
use the correct function API
Alan T. DeKok [Mon, 19 Sep 2016 15:17:34 +0000 (11:17 -0400)]
separate messages for separate error cases
Alan T. DeKok [Tue, 24 Nov 2015 19:15:11 +0000 (14:15 -0500)]
The default rule is "all"
Alan T. DeKok [Mon, 19 Sep 2016 13:29:00 +0000 (09:29 -0400)]
note recent changes
Michael Stapelberg [Sun, 18 Sep 2016 12:01:45 +0000 (14:01 +0200)]
Make.inc.in: use relative include paths
This is necessary for the build to be reproducible (see
https://reproducible-builds.org/ for more details). Some binaries (e.g.
radeapclient or radiusd itself) include the CFLAGS with which they were
built, and hence the build path, which is different on different builds
of the package (at least on Debian).
Michael Stapelberg [Fri, 16 Sep 2016 20:29:07 +0000 (22:29 +0200)]
Don’t install src/tests/rbmonkey
fixes #1735
Michael Stapelberg [Sat, 17 Sep 2016 13:33:44 +0000 (15:33 +0200)]
install.mk: add jlibtool dependency
This commit adds a dependency on ${JLIBTOOL} to all targets using it via
${PROGRAM_INSTALL}.
fixes #1740
Alan T. DeKok [Tue, 24 Nov 2015 19:57:52 +0000 (14:57 -0500)]
Apparently 3.82 leaves the trailing / on for directories
Alan T. DeKok [Tue, 24 Nov 2015 18:15:14 +0000 (13:15 -0500)]
Create the output directory
Alan T. DeKok [Tue, 17 Nov 2015 19:55:36 +0000 (14:55 -0500)]
Automatically create install directories.
And make executables / libraries have order dependence on
install directories
Arran Cudbard-Bell [Mon, 19 Sep 2016 09:52:47 +0000 (13:52 +0400)]
Call pthread_setspecific for every thread that calls fr_thread_local_init, not just the first one. Otherwise, the value associated with the key is NULL and the destructor isn't called.
Alan T. DeKok [Fri, 16 Sep 2016 13:36:26 +0000 (09:36 -0400)]
formatting
Alan DeKok [Fri, 16 Sep 2016 13:34:19 +0000 (09:34 -0400)]
Merge pull request #1730 from jrouzierinverse/feature/eap-fast-3.0.x
Use the virtual_server defined in the eap fast config
Alan T. DeKok [Fri, 16 Sep 2016 13:12:23 +0000 (09:12 -0400)]
move sig rule to template
Matthew Newton [Thu, 15 Sep 2016 21:12:57 +0000 (22:12 +0100)]
make it clearer how to enable check-eap-tls
James Rouzier [Thu, 15 Sep 2016 16:39:57 +0000 (12:39 -0400)]
Use the virtual_server defined in the eap fast config
Arran Cudbard-Bell [Thu, 15 Sep 2016 03:09:11 +0000 (23:09 -0400)]
Add rlm_eap_fast.so to spec file
Alan T. DeKok [Wed, 14 Sep 2016 15:59:55 +0000 (11:59 -0400)]
releases are now signed by packages@freeradius.org
Alan T. DeKok [Wed, 14 Sep 2016 15:25:44 +0000 (11:25 -0400)]
note recent changes