Alan T. DeKok [Fri, 11 Nov 2011 12:58:50 +0000 (13:58 +0100)]
DEBUG -> RDEBUG
Arran Cudbard-Bell [Sun, 13 Nov 2011 00:10:28 +0000 (01:10 +0100)]
Enable generation of interactive SVG diagrams
Update Doxyfile to latest version
Arran Cudbard-Bell [Sat, 12 Nov 2011 23:19:59 +0000 (00:19 +0100)]
Turn on DOT rendering of Class diagrams
Arran Cudbard-Bell [Sat, 12 Nov 2011 23:13:37 +0000 (00:13 +0100)]
Add certificate files to .gitignore
Arran Cudbard-Bell [Sat, 12 Nov 2011 23:09:38 +0000 (00:09 +0100)]
Add .gitignore to ignore generated doxygen files
Arran Cudbard-Bell [Sat, 12 Nov 2011 19:16:15 +0000 (11:16 -0800)]
Merge pull request #34 from arr2036/valuepair_lists
Valuepair lists
Arran Cudbard-Bell [Fri, 11 Nov 2011 12:50:40 +0000 (13:50 +0100)]
Prevent radius_list_name matching on tags, assume string without preceeding colon and that starts with a lowercase letter is a list
Arran Cudbard-Bell [Thu, 10 Nov 2011 19:19:21 +0000 (20:19 +0100)]
Fixup doxygen comments
Arran Cudbard-Bell [Thu, 10 Nov 2011 19:08:48 +0000 (20:08 +0100)]
Deduplicate attribute name resolution code between valuepair.c and evaluate.c
Alan T. DeKok [Wed, 9 Nov 2011 20:56:48 +0000 (21:56 +0100)]
More reformatting
Alan T. DeKok [Wed, 9 Nov 2011 20:56:48 +0000 (21:56 +0100)]
More minor reformatting
Arran Cudbard-Bell [Wed, 9 Nov 2011 13:01:14 +0000 (14:01 +0100)]
Fixup doxygen comments in exec.c
Arran Cudbard-Bell [Tue, 8 Nov 2011 14:52:56 +0000 (15:52 +0100)]
Mark section_type_value as external (holds string names of the various sections)
Arran Cudbard-Bell [Tue, 8 Nov 2011 14:40:24 +0000 (15:40 +0100)]
Convert bare enums into types, in C they don't do anything, but it does help make the code self documenting
Alan T. DeKok [Mon, 7 Nov 2011 15:19:29 +0000 (16:19 +0100)]
Updated the NAI document
Alan T. DeKok [Sun, 6 Nov 2011 15:48:01 +0000 (16:48 +0100)]
Added new APIs to add / del a connection
So that servers which accept client connections can add
connections to the pool. And clients can delete connections
from the pool if there is an error with the connection.
Also made it a bit more forgiving. If there is not any
"pool" config, use defaults.
Alan T. DeKok [Sun, 6 Nov 2011 14:53:35 +0000 (15:53 +0100)]
Quiet compile warnings
Arran Cudbard-Bell [Mon, 7 Nov 2011 13:57:12 +0000 (14:57 +0100)]
Make fr_tokens available from token.h or libradius.h
Alan T. DeKok [Sun, 6 Nov 2011 10:17:41 +0000 (11:17 +0100)]
Added support for triggers
start/stop connection pool
open/close individual connection
Alan T. DeKok [Sun, 6 Nov 2011 10:02:44 +0000 (11:02 +0100)]
Print WARNING if we fall below "min" connections
We want to close idle sessions, sessions with max lifetime
or max uses. BUT we want to enforce "min". The code will
currently close a connection, notice "num < min", and spawn
a new one. We warn the user that this is happening, so that
they can fix their configuration.
Alan T. DeKok [Sun, 6 Nov 2011 09:55:54 +0000 (10:55 +0100)]
Removed unused variable
Alan T. DeKok [Sun, 6 Nov 2011 09:53:11 +0000 (10:53 +0100)]
We're freeing the connection, so don't use this->next
use this = next instead
Alan T. DeKok [Sun, 6 Nov 2011 09:52:51 +0000 (10:52 +0100)]
Don't unlock the mutex. We didn't lock it
Alan T. DeKok [Sun, 6 Nov 2011 09:21:52 +0000 (10:21 +0100)]
Initialize "last_used" when spawning a new connection
Arran Cudbard-Bell [Sun, 6 Nov 2011 01:17:29 +0000 (02:17 +0100)]
Add cleanup_delay configuration item with a default of five seconds
without this we always end up cleaning up start-spare connections
on the first few requests.
Arran Cudbard-Bell [Fri, 4 Nov 2011 16:12:13 +0000 (17:12 +0100)]
my_request should initially be set to request
Arran Cudbard-Bell [Fri, 4 Nov 2011 13:50:30 +0000 (06:50 -0700)]
Merge pull request #32 from arr2036/valuepair_lists
Add radius_get_vps function to find attribute list based on [outer.][<list>:]<attribute>
Arran Cudbard-Bell [Thu, 3 Nov 2011 16:19:51 +0000 (17:19 +0100)]
Add radius_get_vps function to find attribute list based on <list>:<attribute> attribute identifier format
Alan T. DeKok [Fri, 4 Nov 2011 11:54:52 +0000 (12:54 +0100)]
Turn assert into run-time check
Alan T. DeKok [Thu, 3 Nov 2011 11:26:06 +0000 (12:26 +0100)]
Fix typo
Arran Cudbard-Bell [Thu, 3 Nov 2011 13:08:45 +0000 (06:08 -0700)]
Merge pull request #31 from duchscherd/tamu
Add additional attributes and values for Netbotz Rack Access PX - HID.
Dave Duchscher [Wed, 2 Nov 2011 19:58:41 +0000 (14:58 -0500)]
Add additional attributes and values for Netbotz Rack Access PX - HID.
See: http://nam-en.apc.com/app/answers/detail/a_id/8570/~/how-do-i-configure-radius-authentication-for-my-card-reader-on-the-netbotz-rack
Alan T. DeKok [Tue, 1 Nov 2011 14:00:57 +0000 (15:00 +0100)]
Mkae it build on FreeBSD. Fixes bug #177
Arran Cudbard-Bell [Mon, 31 Oct 2011 10:31:06 +0000 (11:31 +0100)]
Add function to compare substrings to FR_NAME_NUMBER arrays
Arran Cudbard-Bell [Fri, 28 Oct 2011 14:20:51 +0000 (16:20 +0200)]
Make dict_attr_types available from libradius.h so we can do integer to string type conversions
Arran Cudbard-Bell [Fri, 28 Oct 2011 10:12:32 +0000 (12:12 +0200)]
Fix whitespace
Alan T. DeKok [Fri, 28 Oct 2011 09:33:41 +0000 (11:33 +0200)]
Set last_spawned time
Alan T. DeKok [Thu, 27 Oct 2011 07:37:10 +0000 (09:37 +0200)]
Make Session-Timeout the default
by using it in the data structure, rather than checking for it
in the code
Alan T. DeKok [Thu, 27 Oct 2011 07:24:29 +0000 (09:24 +0200)]
Clean upo logic See bug #181
If we're almost at the expiry time, add the next time period ONLY
if the reply is Session-Timeoout.
Alan T. DeKok [Wed, 26 Oct 2011 09:49:20 +0000 (11:49 +0200)]
Convert error messages to debug messages.
If a module returns NOOP, it's not an error
Arran Cudbard-Bell [Wed, 26 Oct 2011 14:57:29 +0000 (16:57 +0200)]
Properly account for trailing double quote when calculating free buffer space for string values
Arran Cudbard-Bell [Wed, 26 Oct 2011 09:44:35 +0000 (11:44 +0200)]
Check for possible value truncation when calling vp_prints_value
This should be fixed in future by performing the checks in vp_prints_value
Arran Cudbard-Bell [Wed, 26 Oct 2011 09:31:10 +0000 (11:31 +0200)]
Add temporary autoconf files to .gitignore
Alan T. DeKok [Wed, 26 Oct 2011 07:26:42 +0000 (09:26 +0200)]
Rearranged code to build with various compile options
WITHOUT_PROXY
WITHOUT_STATS
etc.
The server should build with any combination of the above options.
While they're not commonly used, they are useful. When most
functionality is disabled, the server produces a ~600K statically
linked binary with all of the most common modules.
This is suitable for embedded systems...
Alan T. DeKok [Tue, 25 Oct 2011 12:06:20 +0000 (14:06 +0200)]
Fix session id len
Manual merge of
c7a29290a788b3d1
Alan T. DeKok [Mon, 24 Oct 2011 11:53:27 +0000 (13:53 +0200)]
Only 'integer' and 'string' attributes can have tags
Arran Cudbard-Bell [Mon, 24 Oct 2011 11:20:39 +0000 (13:20 +0200)]
Add function to print VP values as JSON strings
Arran Cudbard-Bell [Tue, 25 Oct 2011 10:57:11 +0000 (12:57 +0200)]
Add .swp files to git ignore
Arran Cudbard-Bell [Tue, 25 Oct 2011 10:52:28 +0000 (12:52 +0200)]
Add loT files to .gitignore
Alan T. DeKok [Mon, 24 Oct 2011 09:52:36 +0000 (11:52 +0200)]
Restrict dictionary names to ones that make sense
No control characters, etc.
The old code allowed ANYTHING as dictionary names, which is bad.
Alan DeKok [Thu, 20 Oct 2011 21:33:59 +0000 (14:33 -0700)]
Merge pull request #26 from philmayers/fix-sess-cache
use the OpenSSL ex_data functions to allocate an index w/ free function t
Phil Mayers [Thu, 20 Oct 2011 20:52:54 +0000 (21:52 +0100)]
use the OpenSSL ex_data functions to allocate an index w/ free function to hold the cached VPs
Alan T. DeKok [Thu, 20 Oct 2011 12:24:09 +0000 (14:24 +0200)]
Tell OpenSSL that the data is gone
Alan T. DeKok [Wed, 19 Oct 2011 15:46:17 +0000 (17:46 +0200)]
Quiet compiler warning
Alan T. DeKok [Wed, 19 Oct 2011 15:43:28 +0000 (17:43 +0200)]
Initialize the structure
Alan T. DeKok [Wed, 19 Oct 2011 15:43:15 +0000 (17:43 +0200)]
Initialize all of the structure
Alan T. DeKok [Wed, 19 Oct 2011 15:39:45 +0000 (17:39 +0200)]
Free memory on error
Alan T. DeKok [Wed, 19 Oct 2011 15:38:56 +0000 (17:38 +0200)]
Free memory on instantiation error
Alan T. DeKok [Wed, 19 Oct 2011 15:37:16 +0000 (17:37 +0200)]
Free memory on error
Alan T. DeKok [Wed, 19 Oct 2011 15:35:56 +0000 (17:35 +0200)]
Close fp on error
Alan T. DeKok [Wed, 19 Oct 2011 15:34:01 +0000 (17:34 +0200)]
Call closedir() on error
Alan T. DeKok [Wed, 19 Oct 2011 15:26:36 +0000 (17:26 +0200)]
Catch case where User-Name may be > 250 octets
Alan T. DeKok [Wed, 19 Oct 2011 15:20:37 +0000 (17:20 +0200)]
Only "string" can have "encrypt=2"
Alan T. DeKok [Wed, 19 Oct 2011 15:08:58 +0000 (17:08 +0200)]
Add FALL-THROUGH for 'case' without 'break'
Alan T. DeKok [Wed, 19 Oct 2011 15:05:25 +0000 (17:05 +0200)]
Unlink file only if it exists
Alan T. DeKok [Wed, 19 Oct 2011 15:04:05 +0000 (17:04 +0200)]
Check auth_pool_name
Alan T. DeKok [Wed, 19 Oct 2011 15:02:06 +0000 (17:02 +0200)]
Add port if it's available
Alan T. DeKok [Wed, 19 Oct 2011 15:01:54 +0000 (17:01 +0200)]
Check passed parameter
Alan T. DeKok [Wed, 19 Oct 2011 14:59:52 +0000 (16:59 +0200)]
Error if there is no detail file listener
Alan T. DeKok [Wed, 19 Oct 2011 14:54:40 +0000 (16:54 +0200)]
Fix sizeof() checks found by coverity
Alan T. DeKok [Wed, 19 Oct 2011 12:04:47 +0000 (14:04 +0200)]
Clean up error message so it makes more sense
Alan T. DeKok [Wed, 19 Oct 2011 08:37:17 +0000 (10:37 +0200)]
Move "free cached VPs" to the correct location
They're freed when SSL says that the session is free'd.
Not when we think we're closing the session.
SSL might cache it.
Arran Cudbard-Bell [Tue, 18 Oct 2011 09:14:59 +0000 (11:14 +0200)]
Re-alphabetise one char expansions
Arran Cudbard-Bell [Tue, 18 Oct 2011 09:06:25 +0000 (02:06 -0700)]
Merge pull request #11 from amne/master
new var in xlat: %G request minute
Alan T. DeKok [Tue, 18 Oct 2011 06:37:21 +0000 (08:37 +0200)]
Switch to SHA1 for message digest
MD5 has been attacked. We shouldn't use it
Alan T. DeKok [Tue, 18 Oct 2011 06:37:05 +0000 (08:37 +0200)]
Update dependencies so that it works in more situations
Alan T. DeKok [Mon, 17 Oct 2011 19:49:08 +0000 (21:49 +0200)]
Release the mutex lock when trying to make a new connection
The DB might be down, and it could take a LONG time to open
a new connection. Instead of holding the mutex lock for long
periods of time, we set a flag saying "spawning", and release
the lock. This lets other threads access the connection pool,
to get open && active connections.
The result is that there are fewer situations where the server
blocks
Alan T. DeKok [Mon, 17 Oct 2011 19:22:09 +0000 (21:22 +0200)]
Add undocumented "lazy init" configuration.
This allows the connection pool to return on init,
even if it's unable to make any new connections. The result
is that the server can start even when the back-end DB is down.
That's nearly always a bad idea, but it's easy enough to do
with the new connection pool code.
Alan T. DeKok [Mon, 17 Oct 2011 19:18:56 +0000 (21:18 +0200)]
Clean up spare connections on release
This mirrors the "spawn new connections on get" functionality.
Also, remember when we last failed to connect. When that happens,
we continue to use existing connections, but we don't open new
connections for one second. This behavior ensures that incoming
requests will still be processed quickly, even when the back-end
database is down.
Alan T. DeKok [Mon, 17 Oct 2011 19:06:48 +0000 (21:06 +0200)]
Remove unused configuration parameters
Alan T. DeKok [Mon, 17 Oct 2011 16:38:23 +0000 (18:38 +0200)]
Alive isn't used. Don't require it
Alan T. DeKok [Mon, 17 Oct 2011 16:20:18 +0000 (18:20 +0200)]
Document new "pool" subsection
Alan T. DeKok [Mon, 17 Oct 2011 16:15:28 +0000 (18:15 +0200)]
Removed knowledge of sqlsocket->id
The drivers have no business using it
Arran Cudbard-Bell [Mon, 17 Oct 2011 15:41:55 +0000 (17:41 +0200)]
Make Class value more unique
Arran Cudbard-Bell [Mon, 17 Oct 2011 15:35:07 +0000 (17:35 +0200)]
Add one char expansion for RADIUS request ID
Alan T. DeKok [Mon, 17 Oct 2011 15:41:25 +0000 (17:41 +0200)]
Added F5 dictionary, as posted to the list
Alan T. DeKok [Mon, 17 Oct 2011 12:44:14 +0000 (14:44 +0200)]
Tie radrelay && detail writer together
So that people can read the documentation and examples
and have it work
Alan T. DeKok [Mon, 17 Oct 2011 14:40:50 +0000 (16:40 +0200)]
Hack to work around race condition
We may give up on a proxied packet (and set proxy_listener = NULL)
just as we're receiving a duplicate packet from the NAS. In that
case, we catch it, and do nothing
Alan T. DeKok [Mon, 17 Oct 2011 11:50:45 +0000 (13:50 +0200)]
Make vp_print_name return size_t
which makes more sense
Alan T. DeKok [Sun, 16 Oct 2011 03:03:34 +0000 (05:03 +0200)]
Fix weird issue where it wouldn't update Stripped-User-Name
suffix
update request {
Stripped-User-Name := "%{Stripped-User-Name}@bar.com"
}
would result in Stripped-User-Name being unchanged.
The code was the same as 2.1.x, which worked.
The new code has the benefit of working, and has one less pass
over the input list
Alan T. DeKok [Sun, 16 Oct 2011 02:32:40 +0000 (04:32 +0200)]
Use new connection pool API
Alan T. DeKok [Sun, 16 Oct 2011 02:21:32 +0000 (04:21 +0200)]
Correct logic in reconnect
Only complain once per second.
Return correct handle
Alan T. DeKok [Sun, 16 Oct 2011 02:13:17 +0000 (04:13 +0200)]
Whitespace && formatting
Arran Cudbard-Bell [Wed, 12 Oct 2011 14:24:28 +0000 (16:24 +0200)]
Assert should be false
Arran Cudbard-Bell [Tue, 11 Oct 2011 20:14:54 +0000 (22:14 +0200)]
Add even more logging, and use unambigous tense for existing messages
Arran Cudbard-Bell [Tue, 11 Oct 2011 15:37:26 +0000 (17:37 +0200)]
Only attempt to closed connections which are unused
Arran Cudbard-Bell [Tue, 11 Oct 2011 15:18:58 +0000 (17:18 +0200)]
Should return connection, not connection struct
Arran Cudbard-Bell [Tue, 11 Oct 2011 15:18:13 +0000 (17:18 +0200)]
Add log messages on connection reservation and release
Arran Cudbard-Bell [Tue, 11 Oct 2011 13:50:13 +0000 (15:50 +0200)]
Ignore libltdl makefile
Arran Cudbard-Bell [Tue, 11 Oct 2011 13:47:13 +0000 (06:47 -0700)]
Merge pull request #22 from arr2036/connection_api
Add additional logging to connection pool api