aland [Fri, 16 Feb 2007 09:31:34 +0000 (09:31 +0000)]
When we have a tunneled MS-CHAP2-Success attribute, it goes
into an Access-Challenge, so for "use_tunneled_reply" to work,
we have to remember the reply, and later grab it when sending
the final EAP-Success
aland [Thu, 15 Feb 2007 12:51:37 +0000 (12:51 +0000)]
Handle Client-Error code. If the client sends us one, we stop
talking EAP-SIM.
This closes #419
aland [Wed, 14 Feb 2007 15:44:22 +0000 (15:44 +0000)]
Port OpenSSL locking mutexes from the CVS head
aland [Tue, 13 Feb 2007 13:35:11 +0000 (13:35 +0000)]
Note recent changes
aland [Tue, 13 Feb 2007 13:31:38 +0000 (13:31 +0000)]
Permissions are now 750 for directories, and 644 for files
aland [Tue, 13 Feb 2007 13:28:39 +0000 (13:28 +0000)]
Pull fixes from the head
aland [Tue, 13 Feb 2007 09:37:12 +0000 (09:37 +0000)]
Port Status-Server requirements for Message-Authenticator
from CVS head
aland [Tue, 13 Feb 2007 08:47:50 +0000 (08:47 +0000)]
Free all REQUEST's on exit
aland [Mon, 12 Feb 2007 16:01:10 +0000 (16:01 +0000)]
Pull 1.7 -> 1.8 patch from CVS head
aland [Mon, 12 Feb 2007 09:59:05 +0000 (09:59 +0000)]
Added 'base' and 'variables' to a CONF_SECTION, which are added
by cf_section_parse. Now, when someone calls cf_section_free(),
the strings allocated from cf_section_parse() are automatically
free'd, too.
For now, we only do this for the base variables in mainconfig.
If we enable this for all of the modules, we first have to
update all of the modules to NOT explicitely call free() on
the strings allocated by cf_section_parse().
aland [Mon, 12 Feb 2007 09:55:24 +0000 (09:55 +0000)]
Added undocumented '-m' so that for debugging, CTRL-C does
a clean exit && clears up memory
aland [Mon, 12 Feb 2007 09:22:23 +0000 (09:22 +0000)]
free another tree
aland [Fri, 9 Feb 2007 15:56:11 +0000 (15:56 +0000)]
Be more aggressive about freeing memory on clean exit.
This should help track down memory leaks, if any
aland [Fri, 9 Feb 2007 15:42:03 +0000 (15:42 +0000)]
Free memory on detach
aland [Fri, 9 Feb 2007 15:33:21 +0000 (15:33 +0000)]
Free more stuff on exit
aland [Fri, 9 Feb 2007 15:33:11 +0000 (15:33 +0000)]
Define dict_free
aland [Fri, 9 Feb 2007 15:32:24 +0000 (15:32 +0000)]
When a duplicate attribute is found, delete the old one
aland [Fri, 9 Feb 2007 15:06:01 +0000 (15:06 +0000)]
Fix lrad_hash_table_free()
aland [Fri, 9 Feb 2007 13:01:40 +0000 (13:01 +0000)]
Don't allow radius_dir to be globally writable
Relax the checks on global readability
aland [Fri, 9 Feb 2007 10:51:46 +0000 (10:51 +0000)]
Added new attributes from bug #417
aland [Fri, 9 Feb 2007 10:43:52 +0000 (10:43 +0000)]
increase size of buffer to allow longer SQL qeuries
Thise closes bug #405
aland [Fri, 9 Feb 2007 10:39:11 +0000 (10:39 +0000)]
use correct lineno
We could really use a cf_item_lineo()
aland [Fri, 9 Feb 2007 10:27:57 +0000 (10:27 +0000)]
Cleaned up exec stuff, to make it more like the CVS head,
and to fix other errors (sigh)
aland [Thu, 8 Feb 2007 14:05:52 +0000 (14:05 +0000)]
If a packet is too long, truncate at the last good attribute
aland [Thu, 8 Feb 2007 10:24:35 +0000 (10:24 +0000)]
Don't leave 'vp' pointing to a deleted attribute
pnixon [Sun, 4 Feb 2007 15:28:46 +0000 (15:28 +0000)]
Apply SUSE's edir.patch to explicitly set edir_account_policy_check=no. Wont affect no edir users and saves a patch for SUSE
pnixon [Sun, 4 Feb 2007 15:10:11 +0000 (15:10 +0000)]
Applied radiusd-pamd.diff. thanks to SUSE
pnixon [Sun, 4 Feb 2007 14:39:50 +0000 (14:39 +0000)]
Add -pie patch thanks to SUSE
aland [Tue, 30 Jan 2007 13:11:54 +0000 (13:11 +0000)]
Updated for latest changes
aland [Tue, 30 Jan 2007 13:04:40 +0000 (13:04 +0000)]
Don't start if the config files are globally readable or writable.
Writable means that anyone can execute programs as the server.
Readable means that anyone can read the shared secrets, and spoof
the server
aland [Tue, 30 Jan 2007 13:00:44 +0000 (13:00 +0000)]
Die if we see globally writable dictionaries. That lets any
user control the server
aland [Tue, 30 Jan 2007 12:58:23 +0000 (12:58 +0000)]
Increase the size of the value buffer to allow parsing octet
strings of "0x" + (253 * 2) bytes
aland [Tue, 30 Jan 2007 10:55:00 +0000 (10:55 +0000)]
Add ASN dictionary, and include it
aland [Sun, 28 Jan 2007 08:09:18 +0000 (08:09 +0000)]
file dictionary.asn was added on branch branch_1_1 on 2007-01-30 10:54:59 +0000
aland [Fri, 26 Jan 2007 09:38:38 +0000 (09:38 +0000)]
use strNcpy, not strncpy, and use the size of the output buffer,
rather than the size of the input buffer
aland [Wed, 24 Jan 2007 12:24:49 +0000 (12:24 +0000)]
Fix longstanding bug where the session wasn't being properly
terminated on SSL error. Instead, it continued, but set a bad
pointer, causing a server crash.
aland [Thu, 18 Jan 2007 14:01:19 +0000 (14:01 +0000)]
Remove old text, and clarify other text
pnixon [Wed, 10 Jan 2007 16:07:18 +0000 (16:07 +0000)]
teach sqlippool to report if it allocated and IP or not via return code. Closed bug 414
pnixon [Fri, 5 Jan 2007 15:27:05 +0000 (15:27 +0000)]
Add X-Ascend-Session-Svr-Key to table to allow Packet of Disconnects
aland [Fri, 5 Jan 2007 00:10:39 +0000 (00:10 +0000)]
notes about existing users
aland [Thu, 4 Jan 2007 23:48:53 +0000 (23:48 +0000)]
Noted changes to rlm_pap
aland [Thu, 4 Jan 2007 23:42:11 +0000 (23:42 +0000)]
Updated version number
aland [Tue, 19 Dec 2006 00:37:15 +0000 (00:37 +0000)]
Note changes to rlm_pap
aland [Tue, 19 Dec 2006 00:35:57 +0000 (00:35 +0000)]
Updated functionality for rlm_pap
pnixon [Tue, 12 Dec 2006 12:10:30 +0000 (12:10 +0000)]
oops. invalid syntax.. Test things before you commit to cvs peter!
aland [Sat, 9 Dec 2006 00:17:36 +0000 (00:17 +0000)]
Defined Cleartext-Password and Password-With-Header, taken
from the CVS head
aland [Thu, 30 Nov 2006 00:33:08 +0000 (00:33 +0000)]
Added recent notes
aland [Wed, 29 Nov 2006 22:59:48 +0000 (22:59 +0000)]
Vista workarounds
aland [Tue, 28 Nov 2006 18:59:50 +0000 (18:59 +0000)]
Print out more information about bad packets
aland [Tue, 28 Nov 2006 18:24:24 +0000 (18:24 +0000)]
Updated names so that upper/lower case matches. Patch from
Daniel Larsson
aland [Mon, 27 Nov 2006 20:44:19 +0000 (20:44 +0000)]
Pull -r1.23 -> -r1.24 from CVS head
aland [Sun, 26 Nov 2006 19:54:00 +0000 (19:54 +0000)]
Parse a VALUE as an integer only if ALL of its characters
are decimal digits
aland [Sun, 26 Nov 2006 19:50:14 +0000 (19:50 +0000)]
VALUEs can only be defined for 'string' and 'octets' type.
The 'octets' isn't really allowed, but is there until we support
BYTE and SHORT types, for dictionary.cablelabs
aland [Sun, 26 Nov 2006 19:48:10 +0000 (19:48 +0000)]
ATTRIBUTEs of type STRING shouldn't have VALUEs
aland [Sun, 26 Nov 2006 19:44:55 +0000 (19:44 +0000)]
Correct definitions for stats, from
http://www.juniper.net/techpubs/software/erx/junose60/unisphere6-0.dct
aland [Sun, 26 Nov 2006 19:29:19 +0000 (19:29 +0000)]
Include dictionary.sofaware
aland [Sun, 26 Nov 2006 18:21:02 +0000 (18:21 +0000)]
As posted to the list by Jacques Bourdeau
aland [Wed, 22 Nov 2006 17:00:01 +0000 (17:00 +0000)]
Permit EAP-Message and State from the home server, so that
EAP works. Bug noted by Stefan Winter
nbk [Mon, 20 Nov 2006 13:45:25 +0000 (13:45 +0000)]
Update the types that were mistakenly inversed. (closes: #401)
Thanks to Andrea Scharfe <schmedi@gmail.com>
nbk [Sun, 19 Nov 2006 18:46:31 +0000 (18:46 +0000)]
Pull from CVS head:
Patch to allow /var/run to be a tmpfs.
nbk [Sun, 19 Nov 2006 18:25:40 +0000 (18:25 +0000)]
Update for 1.1.4
nbk [Sat, 18 Nov 2006 15:43:45 +0000 (15:43 +0000)]
Update for 1.1.4.
nbk [Sat, 18 Nov 2006 15:03:39 +0000 (15:03 +0000)]
Fix a corner case where the proxy port isn't set either in
radiusd.conf or in proxy.conf.
Bug reported by Tomas Martisius <tomas@puga.vdu.lt>
See http://bugs.debian.org/388024
nbk [Sat, 18 Nov 2006 14:45:17 +0000 (14:45 +0000)]
Pull from CVS head:
Add a new "reply-name" directive to choose the attribute which will
contain the remaining value for the counter in the reply packet when
the user is successfully authorized. (closes: #403)
nbk [Sat, 18 Nov 2006 13:05:08 +0000 (13:05 +0000)]
Pull from CVS head:
Add a new "-f" option to read the password from a file,
instead of command line. (closes: #395)
nbk [Sat, 18 Nov 2006 12:58:34 +0000 (12:58 +0000)]
Pull from CVS head:
Add a new "-f" option to read the password from a file,
instead of command line. (closes: #395)
aland [Fri, 17 Nov 2006 00:01:18 +0000 (00:01 +0000)]
Corrected typo
aland [Thu, 16 Nov 2006 00:50:23 +0000 (00:50 +0000)]
More attributes, from bug #408
aland [Thu, 16 Nov 2006 00:47:36 +0000 (00:47 +0000)]
Check return code of malloc
aland [Thu, 16 Nov 2006 00:44:56 +0000 (00:44 +0000)]
Check return code of malloc in testing code
aland [Wed, 15 Nov 2006 17:35:20 +0000 (17:35 +0000)]
Corrected typo
pnixon [Tue, 14 Nov 2006 00:35:20 +0000 (00:35 +0000)]
Implement draft-schulzrinne-sipping-radius-accounting-00.txt
pnixon [Mon, 13 Nov 2006 23:57:31 +0000 (23:57 +0000)]
dictionary.digest should actually be dictionary.rfc4590
pnixon [Mon, 13 Nov 2006 17:08:13 +0000 (17:08 +0000)]
Incorrect attribute name as reported by "Duane Cox"
aland [Thu, 26 Oct 2006 17:13:04 +0000 (17:13 +0000)]
Removed double free. This fixes bug #404
fcusack [Tue, 24 Oct 2006 05:36:08 +0000 (05:36 +0000)]
import from HEAD
add new header ident.h
fcusack [Tue, 24 Oct 2006 05:33:01 +0000 (05:33 +0000)]
add new header ident.h
fcusack [Tue, 24 Oct 2006 05:15:45 +0000 (05:15 +0000)]
import from HEAD
prevent rcsid from being optimized out
fcusack [Tue, 24 Oct 2006 04:45:13 +0000 (04:45 +0000)]
import from HEAD:
s/bad state/bad radstate/ to be clear that it's not token state
fcusack [Tue, 24 Oct 2006 04:40:58 +0000 (04:40 +0000)]
import from HEAD:
remove trailing "\n" from some radlog() calls
fcusack [Tue, 24 Oct 2006 04:38:04 +0000 (04:38 +0000)]
import from HEAD:
otp_putfd(): add disconnect arg, to allow just mutex release, avoiding
fd leak in radiusd and otpd
otp_verify(): otp_putfd(fdp, 0) on successful return, otp_putfd(fdp, 1)
on 2 error return cases that we missed
fcusack [Tue, 24 Oct 2006 04:34:24 +0000 (04:34 +0000)]
typo
fcusack [Tue, 24 Oct 2006 04:33:53 +0000 (04:33 +0000)]
no longer used
fcusack [Tue, 24 Oct 2006 04:20:54 +0000 (04:20 +0000)]
document rlm_otp fd leak fix
fcusack [Tue, 24 Oct 2006 04:02:37 +0000 (04:02 +0000)]
otp_putfd(): add disconnect arg, to allow just mutex release, avoiding
fd leak in radiusd and otpd
otp_verify(): otp_putfd(fdp, 0) on successful return, otp_putfd(fdp, 1)
on 2 error return cases that we missed
fcusack [Tue, 24 Oct 2006 03:19:06 +0000 (03:19 +0000)]
remove trailing "\n"s from some radlog() calls
aland [Fri, 20 Oct 2006 18:41:11 +0000 (18:41 +0000)]
fix stdarg.h
pnixon [Fri, 20 Oct 2006 15:14:03 +0000 (15:14 +0000)]
Cleanup
fcusack [Fri, 20 Oct 2006 05:12:08 +0000 (05:12 +0000)]
file ident.h was added on branch branch_1_1 on 2006-10-24 05:15:45 +0000
fcusack [Fri, 20 Oct 2006 05:12:07 +0000 (05:12 +0000)]
prevent rcsid from being optimized out
fcusack [Thu, 19 Oct 2006 07:56:10 +0000 (07:56 +0000)]
no longer appropriate
fcusack [Thu, 19 Oct 2006 07:55:56 +0000 (07:55 +0000)]
typo
aland [Wed, 18 Oct 2006 21:51:16 +0000 (21:51 +0000)]
Send MS-CHAP2-Success, which makes EAP-TTLS/MSCHAP work.
This closes bug #402
aland [Wed, 18 Oct 2006 21:49:47 +0000 (21:49 +0000)]
Send MS-CHAP2-Success, which makes EAP-TTLS/MSCHAP work
This closes bug #402
aland [Wed, 18 Oct 2006 21:11:09 +0000 (21:11 +0000)]
Print ntlm_auth failure reason in Module-Failure-Message
This closes bug #398, in this branch
aland [Wed, 18 Oct 2006 21:03:11 +0000 (21:03 +0000)]
Added preliminary code to support Firebird. Untested!
This closes bug #378
aland [Wed, 18 Oct 2006 19:15:14 +0000 (19:15 +0000)]
Pull notes from CVS head
aland [Wed, 18 Oct 2006 19:12:20 +0000 (19:12 +0000)]
Check return codes. This fixes bug #394
pnixon [Sat, 14 Oct 2006 16:02:53 +0000 (16:02 +0000)]
Further cleanup of the config file
aland [Mon, 9 Oct 2006 21:01:50 +0000 (21:01 +0000)]
re-arrange the "apply priority" code so that it does so properly
Update the debug printing so that it prints the childs name,
and not the parents name