Linus Nordberg [Thu, 26 Apr 2012 08:12:36 +0000 (10:12 +0200)]
Add an error code.
Also add error text for missing RSE_CRED.
Linus Nordberg [Thu, 26 Apr 2012 08:10:33 +0000 (10:10 +0200)]
Don't resolve DNS names in rs_peer_set_address().
It simply stores (a copy of) hostname and service name in PEER.
Linus Nordberg [Thu, 26 Apr 2012 08:08:59 +0000 (10:08 +0200)]
Use rs_strdup().
Linus Nordberg [Thu, 26 Apr 2012 08:03:42 +0000 (10:03 +0200)]
Add util.h and util.c.
Linus Nordberg [Thu, 26 Apr 2012 07:48:36 +0000 (09:48 +0200)]
Follow name change of rs_resolv().
Linus Nordberg [Wed, 25 Apr 2012 15:45:24 +0000 (17:45 +0200)]
Add missing radsec.h.
Linus Nordberg [Wed, 25 Apr 2012 15:41:27 +0000 (17:41 +0200)]
Postpone resolving of DNS names of server.
We used to resolve DNS names when reading configuration. We now do it
in event_init_socket() and cache the result in the connection object.
The imminent need for changing this is to keep host names around for
X509 certificate verification (CNAME and subjectAltName). This will
also help later when we implement server failover (and later, when
people want to do more dynamic configuration, f.ex. NAPTR).
Linus Nordberg [Wed, 25 Apr 2012 15:33:40 +0000 (17:33 +0200)]
Update HACKING.
Linus Nordberg [Wed, 25 Apr 2012 13:23:06 +0000 (15:23 +0200)]
Missing response packet in rs_conn_receive_packet doesn't have to be a bug.
Linus Nordberg [Wed, 25 Apr 2012 13:22:36 +0000 (15:22 +0200)]
Fix a comment.
Linus Nordberg [Mon, 23 Apr 2012 12:44:49 +0000 (14:44 +0200)]
Conditionally compile TLS-PSK code (--enable-tls-psk).
Also, allow for PSK-only configuration, i.e. don't barf on missing cert stuff.
Linus Nordberg [Thu, 19 Apr 2012 09:23:06 +0000 (11:23 +0200)]
Don't say RADPROT_TLS when we mean RAD_TLS.
RADPROT_TLS is legacy from radsecproxy and will go away.
It happens to be defined to 1, the same as RAD_TLS, so it happens to work.
Linus Nordberg [Wed, 1 Feb 2012 12:54:05 +0000 (13:54 +0100)]
Clarify comments about PSK string encoding.
Linus Nordberg [Tue, 31 Jan 2012 14:03:59 +0000 (15:03 +0100)]
Get the test suite going again.
Linus Nordberg [Tue, 31 Jan 2012 12:15:20 +0000 (13:15 +0100)]
Implement TLS-PSK.
Linus Nordberg [Thu, 26 Jan 2012 15:55:22 +0000 (16:55 +0100)]
Free the transport credentials struct.
Linus Nordberg [Tue, 24 Jan 2012 13:51:22 +0000 (14:51 +0100)]
Bump library interface revision.
Should really have been done as part of bumping the library version
(0.0.2.dev in configure.ac).
Linus Nordberg [Tue, 24 Jan 2012 12:17:40 +0000 (13:17 +0100)]
Be user friendly in example program.
Linus Nordberg [Tue, 24 Jan 2012 12:17:12 +0000 (13:17 +0100)]
Move a comment, for clarification.
Linus Nordberg [Tue, 24 Jan 2012 12:16:26 +0000 (13:16 +0100)]
Add TLS PSK configuration options.
Linus Nordberg [Thu, 19 Jan 2012 08:11:48 +0000 (09:11 +0100)]
Cosmetic changes.
Language and typos in a README.
Linus Nordberg [Thu, 19 Jan 2012 08:10:07 +0000 (09:10 +0100)]
Cosmetic changes.
Better names of formal arguments in test program.
Linus Nordberg [Wed, 4 Jan 2012 09:05:41 +0000 (10:05 +0100)]
Avoid unused variable warning when building without DEBUG.
Spotted by Sam Hartman.
Linus Nordberg [Wed, 14 Dec 2011 17:13:21 +0000 (18:13 +0100)]
Fix a typo in a comment.
Linus Nordberg [Fri, 14 Oct 2011 14:01:24 +0000 (16:01 +0200)]
Change version 0.0.2-dev --> 0.0.2.dev.
Sam Hartman: "I propose changing the version from 0.1-dev or whatever
to 0.1.dev or whetever because RPM versions (and really debian
versions too) cannot contain dashes"
Linus Nordberg [Wed, 5 Oct 2011 07:11:29 +0000 (09:11 +0200)]
Get rid of warning for strict aliasing breakage.
Linus Nordberg [Thu, 22 Sep 2011 10:30:12 +0000 (12:30 +0200)]
event_enable_debug_mode() must be called at most once.
Linus Nordberg [Mon, 18 Jul 2011 11:34:49 +0000 (13:34 +0200)]
Export only symbols listed in radsec.sym.
Linus Nordberg [Mon, 18 Jul 2011 11:17:04 +0000 (13:17 +0200)]
Treat warnings as errors when compiling libradsec.
Linus Nordberg [Mon, 4 Jul 2011 14:47:33 +0000 (16:47 +0200)]
Refine HACKING slightly.
Linus Nordberg [Sun, 3 Jul 2011 08:38:53 +0000 (10:38 +0200)]
Cleanup conf.c.
Don't promote a pointer to a boolean in if clauses.
Compare strcmp to 0.
Linus Nordberg [Sun, 3 Jul 2011 08:36:08 +0000 (10:36 +0200)]
Handle all libconfuse parse errors.
Linus Nordberg [Sun, 3 Jul 2011 08:13:51 +0000 (10:13 +0200)]
Handle configuration errors better.
Linus Nordberg [Sat, 2 Jul 2011 12:16:01 +0000 (14:16 +0200)]
Remove spurious comment.
rs_resolv() doesn't have a connection to push an error on and should
indeed return a struct rs_error.
Linus Nordberg [Sat, 2 Jul 2011 12:07:29 +0000 (14:07 +0200)]
Resolve IPv6 addresses too.
Linus Nordberg [Mon, 23 May 2011 08:07:32 +0000 (10:07 +0200)]
lib/rsp_tlscommon.c: Include sys/types.h before netinet/in.h.
Linus Nordberg [Wed, 18 May 2011 07:35:07 +0000 (09:35 +0200)]
Compile on BSD.
Thanks to Luke Howard for reporting.
Linus Nordberg [Fri, 1 Apr 2011 18:54:10 +0000 (20:54 +0200)]
examples/client.conf: Correct key file.
Linus Nordberg [Fri, 25 Mar 2011 16:58:23 +0000 (17:58 +0100)]
Don't install example programs.
Linus Nordberg [Fri, 25 Mar 2011 15:07:12 +0000 (16:07 +0100)]
Add cert 3 ("client cert") with key.
Linus Nordberg [Fri, 25 Mar 2011 15:06:10 +0000 (16:06 +0100)]
demoCA: Rename c1key --> c2key to match certificate file name.
Linus Nordberg [Fri, 25 Mar 2011 12:47:32 +0000 (13:47 +0100)]
Add tests/demoCA and use certs and key in there for the examples.
Linus Nordberg [Thu, 24 Mar 2011 16:24:14 +0000 (17:24 +0100)]
Change version to libradsec-0.0.2-dev.
Linus Nordberg [Thu, 24 Mar 2011 16:22:38 +0000 (17:22 +0100)]
Ready for libradsec-0.0.1.
Linus Nordberg [Thu, 24 Mar 2011 15:29:48 +0000 (16:29 +0100)]
Harmonise with radsecproxy licensing.
Dual license the library by adding GPL v2 or later.
Change the 2-clause BSD to a 3-clause.
Linus Nordberg [Thu, 24 Mar 2011 15:26:55 +0000 (16:26 +0100)]
Update README and HACKING.
Linus Nordberg [Mon, 21 Mar 2011 13:58:52 +0000 (14:58 +0100)]
Define RS_FREERADIUS_DICT and use it when missing "dictionary" in config.
Linus Nordberg [Mon, 21 Mar 2011 13:32:31 +0000 (14:32 +0100)]
Memory alloc/free cleanup for contexts.
(rs_context_create): Don't touch *ctx on failure. Keep allocation and
zeroing of allocated memory together.
(rs_context_destroy): Fix typo.
(rs_context_destroy): Don't rs_free the context since it's allocated
with calloc.
Linus Nordberg [Mon, 21 Mar 2011 13:17:55 +0000 (14:17 +0100)]
(rs_context_destroy): Use free() rather than rs_free() for realm->name.
Linus Nordberg [Mon, 21 Mar 2011 12:33:22 +0000 (13:33 +0100)]
API AND CONFIG CHANGE: rs_context_create() doesn't take DICT any more.
Use rs_context_create() to read FreeRADIUS dictionary, possibly by
taking dict file from configuration file.
CONFIG CHANGE: s/config/realm/g.
Linus Nordberg [Tue, 15 Mar 2011 09:43:22 +0000 (10:43 +0100)]
Don't touch TLS specific things w/o RS_ENABLE_TLS.
Linus Nordberg [Mon, 14 Mar 2011 14:20:52 +0000 (15:20 +0100)]
Verify result in example program. Also, don't leak a package.
Linus Nordberg [Mon, 14 Mar 2011 14:20:17 +0000 (15:20 +0100)]
[TLS] Do free SSL and SSL_CTX objects.
Linus Nordberg [Mon, 14 Mar 2011 12:32:59 +0000 (13:32 +0100)]
(rs_packet_destroy): Free unconditionally.
Linus Nordberg [Mon, 14 Mar 2011 12:27:39 +0000 (13:27 +0100)]
Remove struct rs_attr and all use of it.
A new API for attributes will be added once we've decided how to deal
with RADIUS packets internally. For now, removing the half baked
wrapping seems more sensible than trying to free rs_attr objects and
their VALUE_PAIR's.
Linus Nordberg [Mon, 14 Mar 2011 12:23:24 +0000 (13:23 +0100)]
Add short blurb about bug hunting in HACKING.
Linus Nordberg [Sun, 13 Mar 2011 23:45:18 +0000 (00:45 +0100)]
Avoid potential double free.
(udp_init): Set conn.rev = NULL in fault case.
Linus Nordberg [Sun, 13 Mar 2011 23:44:00 +0000 (00:44 +0100)]
[UDP] Free the event base _after_ freeing the read and write events.
Duh!
Linus Nordberg [Sun, 13 Mar 2011 23:27:54 +0000 (00:27 +0100)]
Remove unused resp_msg from struct request.
Linus Nordberg [Sun, 13 Mar 2011 23:26:05 +0000 (00:26 +0100)]
Add rs_request_get_reqmsg() and update documentation.
Linus Nordberg [Sun, 13 Mar 2011 23:22:41 +0000 (00:22 +0100)]
Don't free connection on error, just close it.
Linus Nordberg [Sun, 13 Mar 2011 14:30:36 +0000 (15:30 +0100)]
[UDP] Free read/write events when destroying connection.
Linus Nordberg [Sun, 13 Mar 2011 14:28:17 +0000 (15:28 +0100)]
Don't double free in example code.
Linus Nordberg [Sun, 13 Mar 2011 14:28:06 +0000 (15:28 +0100)]
Change user name in example code.
Linus Nordberg [Sun, 13 Mar 2011 14:27:48 +0000 (15:27 +0100)]
Formatting changes.
Linus Nordberg [Sun, 13 Mar 2011 14:26:31 +0000 (15:26 +0100)]
Add Doxygen documentation for public API.
Linus Nordberg [Sat, 12 Mar 2011 13:43:36 +0000 (14:43 +0100)]
Update README and HACKING.
Linus Nordberg [Sat, 12 Mar 2011 11:41:19 +0000 (12:41 +0100)]
Merge branch 'udp' into libradsec.
Linus Nordberg [Sat, 12 Mar 2011 00:03:43 +0000 (01:03 +0100)]
Fix crash bug in _rs_peer_destroy().
Don't expect a peer to always have a connection.
Linus Nordberg [Fri, 11 Mar 2011 12:19:39 +0000 (13:19 +0100)]
Free the realm name which is strdup'd when config is read.
Linus Nordberg [Fri, 11 Mar 2011 12:19:01 +0000 (13:19 +0100)]
Do free the connection object.
Linus Nordberg [Fri, 11 Mar 2011 12:18:44 +0000 (13:18 +0100)]
Handle an ENOMEM case in conf.c.
Linus Nordberg [Thu, 10 Mar 2011 09:56:08 +0000 (10:56 +0100)]
Remove -Werror since we still have some warnings in radsecproxy.
Linus Nordberg [Thu, 10 Mar 2011 07:08:32 +0000 (08:08 +0100)]
[UDP] Don't crash on second packet.
[UDP] Set the user_data member for the write callback in
rs_packet_send() -- the one from udp_init() doesn't do much good at
this point.
Linus Nordberg [Wed, 9 Mar 2011 23:20:25 +0000 (00:20 +0100)]
Don't miscompile without --enable-tls.
Include err.h and debug.h even w/o RS_ENABLE_TLS.
Linus Nordberg [Wed, 9 Mar 2011 23:16:59 +0000 (00:16 +0100)]
Disable DEBUG.
Linus Nordberg [Wed, 9 Mar 2011 22:10:08 +0000 (23:10 +0100)]
Change default configuration to do RadSec rather than UDP.
Linus Nordberg [Wed, 9 Mar 2011 22:09:26 +0000 (23:09 +0100)]
Get UDP working.
For UDP, activate retransmit timer before receiving rather than
sending makes the event loop break nicely after sending a message
(which is important for blocking mode). Not quite sure that this is
really accurate wrt to retransmission timing though but it should do
for now.
For UDP, set the user_data member for the read callback in
rs_conn_receive_packet -- the one from udp_init() doesn't do much good
now.
For UDP, implement receiving message.
Add compat_recv().
Linus Nordberg [Wed, 9 Mar 2011 18:51:59 +0000 (19:51 +0100)]
Don't add Message-Authenticator more than once.
Retransmiting the packet showed that we added another
Message-Authenticator attribute every time we sent it.
Linus Nordberg [Wed, 9 Mar 2011 18:49:54 +0000 (19:49 +0100)]
Formatting changes.
Linus Nordberg [Wed, 9 Mar 2011 12:12:20 +0000 (13:12 +0100)]
Remove superfluous assignment.
This is done in rs_packet_create().
Linus Nordberg [Wed, 9 Mar 2011 11:48:00 +0000 (12:48 +0100)]
Add missing header files.
Linus Nordberg [Wed, 9 Mar 2011 09:24:22 +0000 (10:24 +0100)]
Use retransmisison timer in request object.
Linus Nordberg [Wed, 9 Mar 2011 09:18:06 +0000 (10:18 +0100)]
Add retransmission timer support (UDP).
Linus Nordberg [Wed, 9 Mar 2011 09:16:27 +0000 (10:16 +0100)]
Add RSE_DISCO.
Linus Nordberg [Wed, 9 Mar 2011 09:14:20 +0000 (10:14 +0100)]
Rename and move around a few helper functions.
Linus Nordberg [Wed, 9 Mar 2011 09:10:04 +0000 (10:10 +0100)]
Don't make UDP write event persistant.
rs_packet_send() adds the event again when there's a packet to send
and the write callback does the same if it doesn't drain the queue.
Linus Nordberg [Tue, 8 Mar 2011 13:29:39 +0000 (14:29 +0100)]
Add (disabled) linkage to libefence.
Linus Nordberg [Tue, 8 Mar 2011 13:29:09 +0000 (14:29 +0100)]
Zap a double free.
Linus Nordberg [Tue, 8 Mar 2011 13:27:59 +0000 (14:27 +0100)]
Update rs_err_msg() prototype.
Also, rename enum rs_err_code to not collide with the function named
the same.
Linus Nordberg [Tue, 8 Mar 2011 13:24:30 +0000 (14:24 +0100)]
examples/client-blocking: pull out the error before freeing conn.
Linus Nordberg [Tue, 8 Mar 2011 12:37:46 +0000 (13:37 +0100)]
Timeout implemented in request objects, supported by TCP.
TODO: UDP.
Linus Nordberg [Tue, 8 Mar 2011 12:32:10 +0000 (13:32 +0100)]
Clean up struct rs_error somewhat.
More to be done here!
Linus Nordberg [Tue, 8 Mar 2011 12:20:20 +0000 (13:20 +0100)]
Don't return -1 to user but rather an error code.
NOTE: Changes rs_conn_receive_packet() and rs_packet_send() only.
Linus Nordberg [Tue, 8 Mar 2011 09:51:41 +0000 (10:51 +0100)]
Crash bug. Zap a double free.
The config object owns peer.secret so don't free it.
Linus Nordberg [Mon, 7 Mar 2011 14:26:12 +0000 (15:26 +0100)]
examples/client-blocking.c: Clean up and improve error handling.
Linus Nordberg [Mon, 7 Mar 2011 14:25:33 +0000 (15:25 +0100)]
Requests are now high level, i.e. not for user doing the dispatching.
Linus Nordberg [Mon, 7 Mar 2011 14:23:40 +0000 (15:23 +0100)]
Move verification of response packets up to a level where it makes sense.
Replace the user_dispatch_flag on connections with
conn_user_dispatch_p().
Remove the 'original' member from packet and instead have an upper
layer verify.
Rename packet valid_flag --> received_flag to reflect that we don't
verify.
Move _close_conn() --> conn_close().
Move packet flags into a single unsigned int, for portability.
(_read_packet): Don't verify packet.
(rs_conn_receive_packet): Don't touch PKT_OUT if there isn't a packet.
(rs_conn_receive_packet): Verify packet using packet_verify_response().
Linus Nordberg [Mon, 7 Mar 2011 08:53:40 +0000 (09:53 +0100)]
Formatting changes.
Linus Nordberg [Mon, 7 Mar 2011 08:38:01 +0000 (09:38 +0100)]
Remove lib/radsec.h.
1. Two radsec.h is icky.
2. Its contents fit nicely in send.c.