aland [Thu, 23 Aug 2001 19:30:07 +0000 (19:30 +0000)]
when updating the ut_name utmp entry, do NOT always smash a trailing
zero on the name. The field is fixed width, so it's OK to have
an 8-character username, without a trailing 0.
Bug found by Michael Chernyakhovsky <magmike@mail.ru>
cparker [Thu, 23 Aug 2001 15:05:46 +0000 (15:05 +0000)]
corrected 'u_int8_t' to be 'uint8_t' -cparker
aland [Wed, 22 Aug 2001 19:41:22 +0000 (19:41 +0000)]
If there was an error forking the program, free the strdup'd
exec_program string.
aland [Wed, 22 Aug 2001 17:31:55 +0000 (17:31 +0000)]
Hmm.. let's create logdir && radacctdir on installation, too.
That avoids problems where the default config doesn't work.
aland [Mon, 20 Aug 2001 22:42:38 +0000 (22:42 +0000)]
cleaned up the code, and added more log / debug messages to
rad_check_password.
aland [Fri, 17 Aug 2001 19:45:25 +0000 (19:45 +0000)]
Change instances of 'assert' to 'rad_assert', so that it can
log the error to the standard radius log files.
Patch from Vesselin Atanasov <vesselin@bgnet.bg>
aland [Fri, 17 Aug 2001 19:04:55 +0000 (19:04 +0000)]
Patch to fix segv from Tomas Heredia <tomas@intermediasp.com>
sql_num_fields may return -1 in case of error, so the freeing
loop could cause a seg fault.
aland [Fri, 17 Aug 2001 18:02:59 +0000 (18:02 +0000)]
When sending multiple packets with the same attributes, ensure
that the CHAP-Password attribute is encoded properly, too.
Bug noted by Peter Shin <Peter.Shin@team.ozemail.com.au>
aland [Fri, 17 Aug 2001 14:10:51 +0000 (14:10 +0000)]
We're radiusd, not httpd
aland [Fri, 17 Aug 2001 13:57:37 +0000 (13:57 +0000)]
Corrected speling mistake. :)
aland [Thu, 16 Aug 2001 15:07:22 +0000 (15:07 +0000)]
Added 0.3 pre-release changes
aland [Thu, 16 Aug 2001 15:06:16 +0000 (15:06 +0000)]
Run Exec-Program, or Exec-Program-Wait when we first receive
an accounting packet.
Note that the executed script can add items like Proxy-To-Realm!
Bug found by Michael Chernyakhovsky <magmike@mail.ru>
aland [Thu, 16 Aug 2001 15:01:12 +0000 (15:01 +0000)]
When processing the acct_users file, actually *keep* the reply
pairs, instead of throwing them away.
aland [Wed, 15 Aug 2001 20:45:33 +0000 (20:45 +0000)]
Give functions a return code, even if the last thing they do is call
exit()
aland [Wed, 15 Aug 2001 20:44:44 +0000 (20:44 +0000)]
Updated to NOT leak small amount of memory when the server
first initializes.
pam [Wed, 15 Aug 2001 12:04:41 +0000 (12:04 +0000)]
Small optimization: we don't need get ldap_errno via ldap_get_option() call unless ldap_result() failed.
aland [Tue, 14 Aug 2001 18:48:19 +0000 (18:48 +0000)]
When doing proxying synchronously, we still need to update
the proxy_next_try time, so that we know not to wake up too
early.
Patch from Raghu <raghud@hereuare.com>
aland [Mon, 13 Aug 2001 20:41:59 +0000 (20:41 +0000)]
As posted to the list by Chris Boyd <CBoyd@apogeetelecom.com>
aland [Mon, 13 Aug 2001 20:32:30 +0000 (20:32 +0000)]
Log invalid user for proxy authentication rejects, too.
Bug found by VISP Systems Administration <help@visp.net>
aland [Mon, 13 Aug 2001 14:14:33 +0000 (14:14 +0000)]
If we're logging a message before the logger has been initialized,
dump them to the console, too.
Patch from Vesselin Atanasov <vesselin@bgnet.bg>
aland [Thu, 9 Aug 2001 15:07:32 +0000 (15:07 +0000)]
Minor re-arrangements to Expiration. Attribute 21 is deprecated,
and no longer used, so Expiration is now an internal server attribute.
Registered the handler for expiration at init time, so that we
can check for it when a packet comes in.
Bug noted by Leon Dorfman <leon_dorfman@yahoo.com>. This should
fix bug #141.
aland [Wed, 8 Aug 2001 19:15:51 +0000 (19:15 +0000)]
Checks for ut_xtime. If it doesn't exist, try to define it as
something which may exist.
This change (hopefully) fixes bug #125
aland [Wed, 8 Aug 2001 17:50:55 +0000 (17:50 +0000)]
Use THEMAX instead of MAX, as THEMAX is defined locally, and
MAX may not be.
Bug found by Gerard.Gobillard@alcatel.fr
aland [Wed, 8 Aug 2001 17:32:34 +0000 (17:32 +0000)]
Corrected tpye, and SNMP configuration bug, first noticed by
"Norman Brandinger" <norm@goes.com> on Jun 6.
aland [Wed, 8 Aug 2001 17:21:15 +0000 (17:21 +0000)]
Removed ifdef's around ascend secret stuff. It works.
This closes bug #132
aland [Tue, 7 Aug 2001 21:20:46 +0000 (21:20 +0000)]
Decode the ascend send/receive secrets in rad_decode(), too.
aland [Tue, 7 Aug 2001 20:54:35 +0000 (20:54 +0000)]
Preliminary hack for sending Ascend-Send-Secret attribute.
It really needs work to be robust, and is currently ifdef'd out.
aland [Tue, 7 Aug 2001 20:32:03 +0000 (20:32 +0000)]
Allow reading the shared secret from a file, to make it more secret.
Based on a patch from eravin@panix.com
aland [Tue, 7 Aug 2001 15:22:07 +0000 (15:22 +0000)]
deleted references to HAVE_THREAD_POOL. We now assume that ANY
thread capability means that we're using thread pools.
Deleted old non-pooled thread code, as it was really problematic.
aland [Tue, 7 Aug 2001 15:17:39 +0000 (15:17 +0000)]
Made 'WITH_THREAD_POOL=yes' the default, and removed the configure
optiont to disable thread pools.
Now, if you have threads, you have thread pools. This gets rid of
lots of yucky problems.
aland [Thu, 2 Aug 2001 18:20:48 +0000 (18:20 +0000)]
On accounting, if NO proxy packet, do preacct, acct, and then
if configured to proxy the packet, stop. Otherwise, reply.
On proxy reply packet, don't do any of preacct or acct. Simply
reply to the NAS
aland [Thu, 2 Aug 2001 15:21:14 +0000 (15:21 +0000)]
Hmm... let's bump up the version number (sigh)
aland [Tue, 31 Jul 2001 17:35:03 +0000 (17:35 +0000)]
Patch from rob <rob@work.gb.com> to avoid freeing memory too early
aland [Mon, 30 Jul 2001 20:20:39 +0000 (20:20 +0000)]
Patch for Cisco L2TP tunnels, from Paul Khavkine <paul@colba.net>
aland [Mon, 30 Jul 2001 20:12:11 +0000 (20:12 +0000)]
Deleted references to Cistron, updated in preparation for the 0.2.0
release.
cmiller [Mon, 30 Jul 2001 00:01:59 +0000 (00:01 +0000)]
debian: use debhelper compat 3
debian: remove freerad from shadow group properly, when purging
aland [Sat, 28 Jul 2001 17:59:39 +0000 (17:59 +0000)]
configure with-rlm-krb5-lib/include-dir
aland [Sat, 28 Jul 2001 17:57:41 +0000 (17:57 +0000)]
Corrected typo
aland [Sat, 28 Jul 2001 17:51:11 +0000 (17:51 +0000)]
Added configure options 'with-rlm-FOO-include/lib-dir', so that
lower-level rlm_FOO modules can be configured via the top-level
configuration file. Note that actually configuring rlm-FOO doesn't
do anything. The options are here just to serve as place holders
and documentation for how to configure the lower-level modules.
Note also that few of the lower-level modules look for those
configure options. Adding them is the next step.
aland [Sat, 28 Jul 2001 17:41:51 +0000 (17:41 +0000)]
make thread pools the default, and other minor changes to
support this.
aland [Sat, 28 Jul 2001 17:30:02 +0000 (17:30 +0000)]
Added options 'with-rlm-ldap-lib-dir' and 'with-rlm-ldap-include-dir'
configure directives
aland [Sat, 28 Jul 2001 17:27:42 +0000 (17:27 +0000)]
Added 'reconfig' target so that the configure scripts can be
regenerated via make
aland [Sat, 28 Jul 2001 17:23:22 +0000 (17:23 +0000)]
Added ability to specify addition directories to look via
'smart_try_dir'. It's a bit of a hack...
cparker [Sat, 28 Jul 2001 00:52:00 +0000 (00:52 +0000)]
Updated to use rad_check_return to correctly return RLM_MODULE_REJECT when
Auth-Type = Reject is set in 'authorize' section.
cparker [Sat, 28 Jul 2001 00:50:40 +0000 (00:50 +0000)]
Updated to include prototype for new function in auth.c:rad_check_return
cparker [Sat, 28 Jul 2001 00:42:15 +0000 (00:42 +0000)]
Added new function to 'auth.c' called 'rad_check_return'. This is for use
by modules to check the 'config/check items' for Auth-Type = Reject and
return RLM_MODULE_REJECT instead of RLM_MODULE_UPDATED
aland [Thu, 26 Jul 2001 19:10:19 +0000 (19:10 +0000)]
Preliminary EAP patch from Raghu <raghud@hereuare.com>, step 1
aland [Wed, 25 Jul 2001 18:07:01 +0000 (18:07 +0000)]
Patch based on one from Matthew Sayler <sayler@speedsite.com.
If we're using syslog, it would help to include <syslog.h>
aland [Tue, 24 Jul 2001 16:04:13 +0000 (16:04 +0000)]
Patch from Steve Langasek <vorlon@netexpress.net>.
Kick PAM into shape, so that the radius entries are sent to the
radius configuration, when using syslog. PAM likes to re-do
openlog() with a different facility, which is not a nice thing
to do to people.
aland [Mon, 23 Jul 2001 20:31:38 +0000 (20:31 +0000)]
Update child thread code, so that it minimizes the possible
race conditions.
Note that this code really should go away, as the thread pool
code works, is faster, and has fewer issues.
aland [Fri, 20 Jul 2001 14:28:58 +0000 (14:28 +0000)]
Patch from David Kerry <davidk@navahonetworks.com>
cmiller [Wed, 18 Jul 2001 14:53:14 +0000 (14:53 +0000)]
Parser should be able to handle zero-length strings as values in
assignments. It can't, right now.
pam [Tue, 17 Jul 2001 09:17:00 +0000 (09:17 +0000)]
Quiten one compiler warning
pam [Tue, 17 Jul 2001 09:06:12 +0000 (09:06 +0000)]
Applied patch to ldap_pairget() eliminating ldap_first_attribute(),
ldap_next_attribute() by Kostas Kalevras <kkalev@noc.ntua.gr>
According to him, it also should get rid of memory leak on some platforms.
pam [Tue, 17 Jul 2001 08:42:08 +0000 (08:42 +0000)]
Added check for missing 'server' directive in config section
Added default ldap filter (uid=%u)
Fixed crash in debug message search base DN is not specified in perform_search()
cmiller [Fri, 13 Jul 2001 20:05:44 +0000 (20:05 +0000)]
Clean up better. (Makefiles, and distclean depends on clean.)
cmiller [Fri, 13 Jul 2001 20:04:47 +0000 (20:04 +0000)]
Added Kostas Kalevras' <kkalev@noc.ntua.gr> attr_rewrite module. It's still
experimental, but shows a lot of promise.
cmiller [Fri, 13 Jul 2001 14:11:08 +0000 (14:11 +0000)]
Roland H\"anel <roland.haenel@qsc.de> reported that the LDAP crashes are from
a SIGPIPE that is caused by ldap_unbind_s() trying to shut down the already
broken connection. His fix is to ignore SIGPIPE. (closes: FRBug#118)
cmiller [Thu, 12 Jul 2001 20:13:22 +0000 (20:13 +0000)]
Cosmetic change.
aland [Thu, 12 Jul 2001 15:39:11 +0000 (15:39 +0000)]
quench log messages for unresponsive children
cmiller [Wed, 11 Jul 2001 20:38:08 +0000 (20:38 +0000)]
Test for CC and CPP in the configure scripts, so basic tests work.
cmiller [Wed, 11 Jul 2001 18:20:45 +0000 (18:20 +0000)]
Added AC_PROG_CC to see if it solves DK's problem.
cmiller [Wed, 11 Jul 2001 17:47:56 +0000 (17:47 +0000)]
David Kerry's patch to detect Oracle.
cmiller [Fri, 6 Jul 2001 15:59:33 +0000 (15:59 +0000)]
Fix check for shared library using libtool info, instead of assuming extension
being ".so". (closes: FRBug#121)
cmiller [Fri, 6 Jul 2001 15:57:50 +0000 (15:57 +0000)]
Don't check how GDBM behaves if it's obviously not installed.
cmiller [Fri, 6 Jul 2001 13:22:37 +0000 (13:22 +0000)]
debian: changed mysql package name libmysqlclient6-deb -> libmysqlclient10-deb
cmiller [Fri, 6 Jul 2001 13:11:55 +0000 (13:11 +0000)]
needs_child_cleanup was unreachable, and DS' return prevented >1 child
cleanup.
cparker [Thu, 5 Jul 2001 23:52:14 +0000 (23:52 +0000)]
Patch to correct the behaviour of proxy-acct packets not being
logged locally. Pointed out by: <QinxueC@corp.netzero.net> and
<help@visp.net>.
cmiller [Thu, 5 Jul 2001 21:04:54 +0000 (21:04 +0000)]
Check for location of sem_init symbol, because it's in an odd place on HP/UX.
(closes: FRBug#127)
cmiller [Thu, 5 Jul 2001 19:57:42 +0000 (19:57 +0000)]
Inserted #include to prevent compoler warning of memset()
(David Kerry <davidk@navahonetworks.com>)
cmiller [Thu, 5 Jul 2001 17:03:41 +0000 (17:03 +0000)]
Wrap child spawning and registration in a plain vanilla critical-section
protector. Thanks to Dave Shield for pointing out a race.
cmiller [Thu, 5 Jul 2001 16:00:46 +0000 (16:00 +0000)]
Corrected an interminable loop that happened when an unregistered child exits.
(Dave Shield <D.T.Shield@csc.liv.ac.uk>)
cmiller [Wed, 4 Jul 2001 01:49:36 +0000 (01:49 +0000)]
Integrated phil@bolthole.com's patch for Oracle8i. It's heavily hacked in,
so it may not be correct, still.
cmiller [Wed, 4 Jul 2001 00:51:12 +0000 (00:51 +0000)]
New configure for the autoconfless.
cmiller [Wed, 4 Jul 2001 00:50:18 +0000 (00:50 +0000)]
Testing for libclient8 and libclntsh in addition to liboracleclient in
autoconf code.
This prolly isn't right.
cmiller [Wed, 4 Jul 2001 00:24:36 +0000 (00:24 +0000)]
Removed superfluous AC_DEFINE()
cmiller [Wed, 4 Jul 2001 00:10:08 +0000 (00:10 +0000)]
In preparation for patching how the oracle detection code works, I moved
it into its own configure.in .
cmiller [Tue, 3 Jul 2001 22:19:45 +0000 (22:19 +0000)]
Committed Rob Jones' <rob@work.gb.com> CHAP support in sql patch.
cmiller [Tue, 3 Jul 2001 19:21:30 +0000 (19:21 +0000)]
Assume (correctly) that AV pairs' strings are null-terminated.
cmiller [Tue, 3 Jul 2001 17:53:32 +0000 (17:53 +0000)]
Changed function to test when looking for a working pthreads implementation,
from pthread_create() to pthread_join(). (closes FreeRadiusBug#122)
cmiller [Sun, 1 Jul 2001 23:51:07 +0000 (23:51 +0000)]
Integrated Kostas Kalevras' rlm_counter code, plus sundry fixes.
cmiller [Sun, 1 Jul 2001 19:18:18 +0000 (19:18 +0000)]
Give more useful information (in a clearer format) when debugging
section/module execution flow.
cmiller [Sat, 30 Jun 2001 00:00:55 +0000 (00:00 +0000)]
Alexei Ivanov <radius@novoch.ru> pointed out (in a failed bug report) that
the code didn't agree with the comment. This may fix bug #117.
cmiller [Fri, 29 Jun 2001 23:50:37 +0000 (23:50 +0000)]
Removed 'ifdef' GNUism in top makefile.
pam [Fri, 29 Jun 2001 10:03:52 +0000 (10:03 +0000)]
Document profile support for user object via attribute specified in "profile_attribute" directive.
Code by Kostas Kalevras <kkalev@noc.ntua.gr>
pam [Fri, 29 Jun 2001 10:02:59 +0000 (10:02 +0000)]
Profile support for user object via attribute specified in "profile_attribute"
directive.
Code by Kostas Kalevras <kkalev@noc.ntua.gr>
pam [Wed, 27 Jun 2001 14:57:43 +0000 (14:57 +0000)]
Added "default_profile" directive to ldap section
see comment on rlm_ldap.c v1.44
CVS
pam [Wed, 27 Jun 2001 14:56:00 +0000 (14:56 +0000)]
Added description of "default_profile" directive
see comment on rlm_ldap.c v1.44
pam [Wed, 27 Jun 2001 14:54:19 +0000 (14:54 +0000)]
Added code by Kostas Kalevras <kkalev@noc.ntua.gr> implementing default profile in LDAP for remote access users
pam [Mon, 25 Jun 2001 12:29:32 +0000 (12:29 +0000)]
Added fix by Kostas Kalevras <kkalev@noc.ntua.gr> to replace existing RADIUS-attributes with values specified in LDAP entry.
cmiller [Fri, 22 Jun 2001 12:53:18 +0000 (12:53 +0000)]
debian: add the freerad user into the shadow group, so the daemon can auth
locally. (More may need to be done.)
cmiller [Fri, 22 Jun 2001 01:19:12 +0000 (01:19 +0000)]
Updated log of recent changes.
miquels [Thu, 21 Jun 2001 10:57:23 +0000 (10:57 +0000)]
* src/main/timestr.c: hmm, ifdeffed some more debug stuff that
shouldn't normally be there (plain printf()s!)
miquels [Thu, 21 Jun 2001 10:53:09 +0000 (10:53 +0000)]
* src/main/timestr.c: debugging not meant for end-user
cmiller [Wed, 20 Jun 2001 19:56:28 +0000 (19:56 +0000)]
New file to fix corrupted restored one.
cmiller [Mon, 18 Jun 2001 22:53:52 +0000 (22:53 +0000)]
In GCC 3.0, printf is a macro, so the mid- printf() CPP directives had to be
moved out a level.
cparker [Wed, 13 Jun 2001 14:12:11 +0000 (14:12 +0000)]
removed deprecated proxy attribute filtering explanation.
pam [Wed, 13 Jun 2001 12:13:08 +0000 (12:13 +0000)]
Yet another plug for memory leak.
pam [Wed, 13 Jun 2001 10:46:13 +0000 (10:46 +0000)]
Fixed some memory leaks. Thanks to Peter Foreman <p.foreman@planetmediagroup.nl> for pointing them out.
aland [Fri, 8 Jun 2001 16:50:09 +0000 (16:50 +0000)]
Patch from Eddie Stassen <eddies@saix.net>
Match on the LAST suffix realm, NOT on the first.