kkalev [Fri, 3 Oct 2003 11:45:19 +0000 (11:45 +0000)]
* Replace calls to exit() in counter_instantiate with return -1;
* Fix memory leaks in counter_detach
* Call counter_detach if we fail in counter_instantiate
* More verbose logging when we fail in counter_instantiate
aland [Thu, 2 Oct 2003 20:43:09 +0000 (20:43 +0000)]
Make IPX filters work.
phampson [Thu, 2 Oct 2003 00:44:44 +0000 (00:44 +0000)]
Update to support rlm_ippool.c v1.24's database format.
phampson [Thu, 2 Oct 2003 00:43:20 +0000 (00:43 +0000)]
Add support for adding entries to ippool databases.
phampson [Thu, 2 Oct 2003 00:40:03 +0000 (00:40 +0000)]
Fix uninitialised value of ML-PPP count 'num';
phampson [Wed, 1 Oct 2003 21:45:55 +0000 (21:45 +0000)]
Add database modification support to rlm_ippool_tool
phampson [Tue, 30 Sep 2003 18:58:33 +0000 (18:58 +0000)]
Regenerate from configure.in after addition of rlm_ippool_tool
aland [Tue, 30 Sep 2003 18:57:23 +0000 (18:57 +0000)]
Fixed prototype to be sane, and made some more minor updates
phampson [Tue, 30 Sep 2003 18:57:06 +0000 (18:57 +0000)]
Add rlm_ippool_tool (nee ippool-tool/iptool) to FreeRADIUS.
This is the original version by Edwin Groothuis <edwin@mavetju.org>,
with his kind permission to ship under the GNU GPL.
aland [Tue, 30 Sep 2003 18:38:28 +0000 (18:38 +0000)]
Re-write the "parse generic filter" function, and fixed bugs in
the "print generic filter" code.
kkalev [Tue, 30 Sep 2003 16:36:34 +0000 (16:36 +0000)]
Make it clear that the password_header directive is NOT case insensitive
aland [Tue, 30 Sep 2003 15:38:08 +0000 (15:38 +0000)]
Don't complain if the attribute is known, but isn't in the request
aland [Tue, 30 Sep 2003 15:31:13 +0000 (15:31 +0000)]
Removed non-existent file
aland [Mon, 29 Sep 2003 19:32:49 +0000 (19:32 +0000)]
First pass at re-writing Ascend's horrible code.
It no longer does IPX or "generic" filters, but only IP. The evil
Ascend code is still there, but commented out.
It's now fully thread-safe, which is nice. The printing routines
have also been updated to print the filters in a format which the
parsing routines can understand... previously they didn't do that.
aland [Mon, 29 Sep 2003 15:19:59 +0000 (15:19 +0000)]
Increased the size of the temporary 'send packet' buffer, to allow
RADIUS packets to "overflow" it by one attribute. This makes the
logic to catch the overflow significantly simpler.
i.e. It's easier to post-facto catch an error, than try to figure
out before hand what the code will do.
Once the packet has "overflowed" the 4k boundary, we log an error
message, and return an error, without sending the packet.
Bug found by Nils-Henner Krueger
aland [Mon, 29 Sep 2003 15:04:27 +0000 (15:04 +0000)]
Updated so it works
kkalev [Mon, 29 Sep 2003 14:16:25 +0000 (14:16 +0000)]
Allow for defining the ldap_filter used when searching for a user. The filter supports dynamic variables
like %u (username) and %U (username provided though http auth)
aland [Sat, 27 Sep 2003 15:10:48 +0000 (15:10 +0000)]
memset is your friend.
aland [Sat, 27 Sep 2003 14:53:28 +0000 (14:53 +0000)]
Initialize all entries of the data structure.
Patch from Masao Nishiku.
aland [Fri, 26 Sep 2003 19:06:34 +0000 (19:06 +0000)]
Added more debug messages for people who out-smart themselves,
and wonder why they're confuses.
aland [Fri, 26 Sep 2003 18:59:56 +0000 (18:59 +0000)]
A few more checks to prevent people from doing crazy things
aland [Fri, 26 Sep 2003 18:28:30 +0000 (18:28 +0000)]
Added MS-CHAP rfc
kkalev [Fri, 26 Sep 2003 14:16:41 +0000 (14:16 +0000)]
Compile even if we don't have pthread's
phampson [Thu, 25 Sep 2003 04:13:00 +0000 (04:13 +0000)]
Make wait=no possible, and add an extra check for possibly erroneous configuration
phampson [Thu, 25 Sep 2003 04:11:17 +0000 (04:11 +0000)]
Document 'config' as a valid source/destination for rlm_exec pairs
aland [Wed, 24 Sep 2003 17:48:38 +0000 (17:48 +0000)]
Improved debugging messages...
aland [Wed, 24 Sep 2003 17:35:12 +0000 (17:35 +0000)]
If a request was rejected, do it only once.
aland [Wed, 24 Sep 2003 16:10:45 +0000 (16:10 +0000)]
Added comma
aland [Wed, 24 Sep 2003 14:26:46 +0000 (14:26 +0000)]
Minor update
aland [Wed, 24 Sep 2003 14:12:48 +0000 (14:12 +0000)]
After setting new VP, don't add it to the end of the list.
aland [Wed, 24 Sep 2003 14:03:09 +0000 (14:03 +0000)]
version goes to stdout, not stderr.
Print information about the GPL, too
aland [Wed, 24 Sep 2003 13:56:54 +0000 (13:56 +0000)]
Return OK on success, instead of HANDLED
phampson [Wed, 24 Sep 2003 09:14:01 +0000 (09:14 +0000)]
Really fix the bare %{Attribute-Name} support.
Again thanks to Nicolas Baradakis <nbk@sitadelle.com>
aland [Tue, 23 Sep 2003 18:37:46 +0000 (18:37 +0000)]
Check certificate revocation list
Patch from Masao NISHIKU
aland [Tue, 23 Sep 2003 18:35:18 +0000 (18:35 +0000)]
Check certificate revocation list.
Patch from Masao Nishiku
aland [Tue, 23 Sep 2003 16:20:38 +0000 (16:20 +0000)]
Re-arranged 'enum' definitions to follow C standard, as opposed
to gcc's "well, we knew what you meant..."
kkalev [Tue, 23 Sep 2003 13:59:59 +0000 (13:59 +0000)]
Fix postauth to not leak ip's
Add an extra attribute in each entry <char extra> signifying if we need to delete this
entry in the accounting phase. This is only true in case we are doing MPPP
Various other code changes. Code comments should explain things
Highly experimental at this phase.
3APA3A [Tue, 23 Sep 2003 13:53:38 +0000 (13:53 +0000)]
! NULL terminator added to module_config
kkalev [Tue, 23 Sep 2003 12:09:43 +0000 (12:09 +0000)]
Calculate weekly used time correctly (from Sunday 00:00:00)
phampson [Tue, 23 Sep 2003 11:15:52 +0000 (11:15 +0000)]
Fix really stupid copy-paste mistake (mine).
Pointed out by Nicolas Baradakis <nbk@sitadelle.com>
phampson [Tue, 23 Sep 2003 04:18:03 +0000 (04:18 +0000)]
Add support for post-auth query in rlm_sql
Patch from Nicolas Baradakis <nbk@sitadelle.com>
phampson [Tue, 23 Sep 2003 04:14:33 +0000 (04:14 +0000)]
Update to variable documentation to reflect recent additions
phampson [Tue, 23 Sep 2003 03:53:37 +0000 (03:53 +0000)]
Change %{Attribute-Name} from scanning request valuepairs to processing
request packet. This allows %{Non-Protocol-Attribute} to work.
Thanks to Nicolas Baradakis <nbk@sitadelle.com>
phampson [Tue, 23 Sep 2003 02:46:18 +0000 (02:46 +0000)]
Added support for %{check:Attribute-Name}
kkalev [Mon, 22 Sep 2003 14:15:38 +0000 (14:15 +0000)]
* When we find a broken attribute and strlen(buf) == 0 do fseek(fpos + 1)
* If we don't find an Acct-Status-Type attribute in the record reject it
aland [Fri, 19 Sep 2003 19:19:10 +0000 (19:19 +0000)]
Untested EAP-MS-CHAPv2 module, based on reading of the expired
Internet-Draft, and the xsupplicant code.
Use at your own risk.
aland [Fri, 19 Sep 2003 18:49:20 +0000 (18:49 +0000)]
Added Auth-Type for MS-CHAP
aland [Fri, 19 Sep 2003 18:24:17 +0000 (18:24 +0000)]
Added name & define for EAP-MSCHAP-V2
aland [Fri, 19 Sep 2003 18:05:54 +0000 (18:05 +0000)]
Added mschap error
aland [Fri, 19 Sep 2003 14:38:32 +0000 (14:38 +0000)]
Deleted unnecessary file
phampson [Fri, 19 Sep 2003 04:50:27 +0000 (04:50 +0000)]
Add logrotate file for /var/log/freeradius/radiusd.log
Save config.sub and config.guess so that repeated builds don't get
confused by the symlinks.
phampson [Fri, 19 Sep 2003 04:36:29 +0000 (04:36 +0000)]
Prevent generation of src/modules/rlm_sql/drivers/lib containing the .la
file for the last driver built.
phampson [Fri, 19 Sep 2003 04:01:30 +0000 (04:01 +0000)]
Remove last vestiges of Pre-Acct/Pre-Proxy/Post-Proxy-Type.
phampson [Thu, 18 Sep 2003 18:00:52 +0000 (18:00 +0000)]
Stupid typo fix. (POW_ -> PW_)
phampson [Thu, 18 Sep 2003 17:24:36 +0000 (17:24 +0000)]
Add support for Post-Auth-Type REJECT substanza of post-auth, run when a
request is rejected, rather than skipping post-auth in that situation.
Based on a patch by Nicolas Baradakis <nbk@sitadelle.com>
phampson [Thu, 18 Sep 2003 17:13:41 +0000 (17:13 +0000)]
These aren't supported eiter. They exist, but aren't used when the
modules are called.
cparker [Thu, 18 Sep 2003 16:55:02 +0000 (16:55 +0000)]
Added 'post-proxy' method to 'rlm_attr_filter' and set example
in 'radiusd.conf.in' for including 'attr_filter' in the post-proxy
section of the config.
phampson [Thu, 18 Sep 2003 16:54:08 +0000 (16:54 +0000)]
Correct documentation to reflect server behaviour.
phampson [Thu, 18 Sep 2003 16:32:38 +0000 (16:32 +0000)]
Changelog entries which I forgot to commit at the time.
phampson [Thu, 18 Sep 2003 16:25:05 +0000 (16:25 +0000)]
Update to documentation for the module subgrouping selection attributes.
They mainly refer to Autz-Type exec Acct-Type which already had lots of text.
kkalev [Thu, 18 Sep 2003 15:01:51 +0000 (15:01 +0000)]
Check if request->timestamp - {Acct-Delay-Time} < last_reset
If yes reject the packet since it is very old
aland [Thu, 18 Sep 2003 14:03:02 +0000 (14:03 +0000)]
Minor typo
aland [Wed, 17 Sep 2003 19:08:39 +0000 (19:08 +0000)]
Added 3GPP dictionary.
Updated some types to allow IPv6 addresses, even though we don't
do DNS on them (as of yet)
phampson [Wed, 17 Sep 2003 12:58:33 +0000 (12:58 +0000)]
#elifdef is not a valid preprocessor directive. Replaced with #else\n#ifdef
Patch from Nicolas Baradakis <nbk@sitadelle.com>
aland [Tue, 16 Sep 2003 20:35:53 +0000 (20:35 +0000)]
Don't copy server-side attributes into the tunneled session
aland [Mon, 15 Sep 2003 20:53:45 +0000 (20:53 +0000)]
Hokey hacks for IPv6 address printing & parsing.
Right now, there's no DNS resolution of IPv6 addresses, but
that can be solved later.
aland [Mon, 15 Sep 2003 20:16:53 +0000 (20:16 +0000)]
Patches to print/parse IPv6 interface ID's.
Patch from Hajimu UMEMOTO
Next, we do IPv6 addresses & prefixes...
aland [Mon, 15 Sep 2003 19:44:32 +0000 (19:44 +0000)]
First pass at allowing native support of IPv6 addresses.
Defined new types for it.
Allowed the types to be used in the dictionaries
Have NOT updated the dictionaries
updated rad_decode() to verify new types
aland [Mon, 15 Sep 2003 17:12:45 +0000 (17:12 +0000)]
If we don't have threads, don't use pthread functions
phampson [Fri, 12 Sep 2003 19:25:28 +0000 (19:25 +0000)]
Add LGPL boilerplate for files from which it is missing.
Patch from Nicolas Baradakis <nbk@sitadelle.com>.
kkalev [Fri, 12 Sep 2003 13:38:46 +0000 (13:38 +0000)]
Consider the account locked either if Dialup-Access == FALSE or if it is not set at all
phampson [Thu, 11 Sep 2003 12:48:25 +0000 (12:48 +0000)]
Correct GPL boilerplate in files which had it wrong or with typos.
Patch from Nicolas Baradakis <nbk@sitadelle.com>
phampson [Thu, 11 Sep 2003 00:53:59 +0000 (00:53 +0000)]
Add GNU GPLv2 boilerplate to the top of files which were missing from it.
Patch from Nicholas Baradakis [nbk@sitadelle.com]
aland [Wed, 10 Sep 2003 21:40:07 +0000 (21:40 +0000)]
More RADIUS RFC's
aland [Wed, 10 Sep 2003 21:39:01 +0000 (21:39 +0000)]
New RFC's about RADIUS. 3579 and 3580 to follow when issued.
aland [Wed, 10 Sep 2003 18:57:10 +0000 (18:57 +0000)]
Minor updates
aland [Wed, 10 Sep 2003 14:20:58 +0000 (14:20 +0000)]
attributes of type 'int' require a value
Patch from Peter Stamfest
aland [Fri, 5 Sep 2003 21:51:07 +0000 (21:51 +0000)]
Selected attributes are NEVER copied to the tunnel, by policy.
phampson [Fri, 5 Sep 2003 18:56:23 +0000 (18:56 +0000)]
Update Changelog with 0.9.1 details.
aland [Fri, 5 Sep 2003 18:54:40 +0000 (18:54 +0000)]
Be a little smarter
aland [Thu, 4 Sep 2003 15:50:10 +0000 (15:50 +0000)]
More documentation for TTLS
aland [Thu, 4 Sep 2003 15:46:33 +0000 (15:46 +0000)]
Added new configuration entry to copy some attributes from
outside of the tunnel to inside of the tunnel.
phampson [Wed, 3 Sep 2003 19:10:11 +0000 (19:10 +0000)]
Regenerate after adding <stdio.h> to gethostby{addr,name}-style checks.
phampson [Wed, 3 Sep 2003 19:06:50 +0000 (19:06 +0000)]
Include <stdio.h> when we test for gethostby{addr,name}-style, so that NULL
is acceptable both visually and for code-validators.
Thanks to Oliver Graf <ograf@rz-online.net>
Also, throw some comments in to explain what's going on in those tests.
phampson [Wed, 3 Sep 2003 18:40:50 +0000 (18:40 +0000)]
Correctly skip subdirectories without a Makefile
phampson [Wed, 3 Sep 2003 16:42:01 +0000 (16:42 +0000)]
Don't try to make in directories without a makefile.
Poor man's substitute for a 'stable' file.
cparker [Wed, 3 Sep 2003 15:19:27 +0000 (15:19 +0000)]
Glob patch to change #if to #ifdef when checking variables, so that we
actually check if the variable is defined, rather than if it has a value.
This is more correct syntax, and will quiet compiler warnings on systems
that don't have the headers in questions and thus don't have the variable
defined.
phampson [Wed, 3 Sep 2003 13:15:08 +0000 (13:15 +0000)]
Update to remove documentation directory, now that this is 1.0.0-pre0
cparker [Tue, 2 Sep 2003 21:17:26 +0000 (21:17 +0000)]
Quiet compiler warnings when #if was used in place of #ifdef and the
variable was not defined.
aland [Tue, 2 Sep 2003 20:58:58 +0000 (20:58 +0000)]
Removed unused parameters
aland [Tue, 2 Sep 2003 20:51:30 +0000 (20:51 +0000)]
Don't use warning flags which are too new, and thus not wide-spread
aland [Tue, 2 Sep 2003 18:38:52 +0000 (18:38 +0000)]
Allocate memory only if it wasn't already allocated
aland [Tue, 2 Sep 2003 18:30:29 +0000 (18:30 +0000)]
Implemented sql_destroy_socket
aland [Tue, 2 Sep 2003 15:52:05 +0000 (15:52 +0000)]
Even more warnings for developers, from Steve G.
aland [Tue, 2 Sep 2003 15:03:00 +0000 (15:03 +0000)]
Fix for ac_struct_foo_has_member_bar
Reported by Jan Berkel
phampson [Mon, 1 Sep 2003 15:50:14 +0000 (15:50 +0000)]
Skip ill-formed comparison operators correctly, which removes a warning
about comparing unsigned values to >= 0.
Thanks to Steve Grubb <linux_4ever@yahoo.com>
phampson [Mon, 1 Sep 2003 03:34:02 +0000 (03:34 +0000)]
Add prototypes to prevent compiler warnings.
Patch from Steve Grubb <linux_4ever@yahoo.com>
phampson [Mon, 1 Sep 2003 03:29:38 +0000 (03:29 +0000)]
Make arrays const unsigned char.
Patch by Steve Grubb <linux_4ever@yahoo.com>
phampson [Mon, 1 Sep 2003 03:00:28 +0000 (03:00 +0000)]
Fix redundant check for uint32_t >= 0.
Thanks to Steve Grubb <linux_4ever@yahoo.com>
phampson [Sun, 31 Aug 2003 16:10:41 +0000 (16:10 +0000)]
Deleted rad_assert_fail declaration: This should only be called from
the rad_assert macro in rad_assert.h