aland [Tue, 26 Jul 2005 22:27:23 +0000 (22:27 +0000)]
Ports are unsigned int's
aland [Mon, 25 Jul 2005 20:41:06 +0000 (20:41 +0000)]
Use new realm disable & stuff
aland [Mon, 25 Jul 2005 18:55:44 +0000 (18:55 +0000)]
Make realm_disable() work for all kinds of packets.
nbk [Sun, 24 Jul 2005 19:15:17 +0000 (19:15 +0000)]
Additional Cisco VoIP attributes, as posted to the bugzilla
(closes: #249)
Patch from Ilia Chipitsine <ilia@rediska.ru>
nbk [Sat, 23 Jul 2005 15:41:10 +0000 (15:41 +0000)]
Replace '%{NAS-Port}' with %{NAS-Port:-NULL} because it was
reported on the bugzilla that some NASes (for example AS5350
IOS 12.3.T) don't send the attribute in Accounting-Request
packets. (closes: #223)
Bug found by Ilia Chipitsine <ilia@rediska.ru>
aland [Fri, 22 Jul 2005 23:52:00 +0000 (23:52 +0000)]
Allow Attribute-Name[stuff] to work
aland [Fri, 22 Jul 2005 23:40:44 +0000 (23:40 +0000)]
Check return code for rad_send()
aland [Fri, 22 Jul 2005 23:31:02 +0000 (23:31 +0000)]
Fix test for port over-ride
nbk [Fri, 22 Jul 2005 11:01:55 +0000 (11:01 +0000)]
As iODBC defines success codes other than SQL_SUCCESS, we now
use their macro SQL_SUCCEEDED(). (closes: #138)
Bug found by Jeff Brown <jeff.brn@gmail.com>
aland [Thu, 21 Jul 2005 22:44:39 +0000 (22:44 +0000)]
prefer shortname, and set it if unset
aland [Thu, 21 Jul 2005 22:34:28 +0000 (22:34 +0000)]
Allow multiple "listen" sections to use the same clients section,
by putting the RADCLIENT_LIST ptr into the clients section, via
cf_data_add()
nbk [Thu, 21 Jul 2005 13:10:42 +0000 (13:10 +0000)]
s/mainconfig.client_trees/mainconfig.clients/
nbk [Thu, 21 Jul 2005 08:07:48 +0000 (08:07 +0000)]
Install radsqlrelay, too. (the new Perl version)
aland [Thu, 21 Jul 2005 03:18:16 +0000 (03:18 +0000)]
Document "ipv6addr" in listen{}
Document "clients" in listen{}
aland [Thu, 21 Jul 2005 03:07:28 +0000 (03:07 +0000)]
Added support for per-socket client lists.
Right now, you can only have a global list, OR a per-socket list,
but multiple sockets can use the same list.
aland [Tue, 19 Jul 2005 23:05:55 +0000 (23:05 +0000)]
No more radrelay. Say so.
aland [Tue, 19 Jul 2005 23:05:46 +0000 (23:05 +0000)]
Updates
aland [Tue, 19 Jul 2005 20:57:09 +0000 (20:57 +0000)]
Removed radrelay & radsqlrelay
aland [Tue, 19 Jul 2005 20:37:24 +0000 (20:37 +0000)]
Lower the work we do to find a client.
aland [Tue, 19 Jul 2005 20:15:30 +0000 (20:15 +0000)]
Enable SNMP support for clients again.
aland [Mon, 18 Jul 2005 20:26:38 +0000 (20:26 +0000)]
Call client_free() if client_add() fails.
Update SQL code to call new routines. Untested, though...
aland [Mon, 18 Jul 2005 20:22:20 +0000 (20:22 +0000)]
Move RADCLIENT* in mainconfig to rbtree's. This means that
lookups will be faster for large numbers of clients.
Also, the "client_*()" functions now take a pointer to the
"master client list" struct, which means it should be easier
to allow per-"listen" socket clients.
Caveats are
- the SNMP code does NOT return the list of the clients
This may be easy to fix, though.
- due to allowing network/mask, we always walk through a list
of 128 prefixes, even if only 1-2 are defined. This can be
fixed easily, though.
The SQL code has been updated, but not tested
aland [Wed, 13 Jul 2005 23:34:32 +0000 (23:34 +0000)]
Add note re: RFC compliance
aland [Wed, 13 Jul 2005 23:24:15 +0000 (23:24 +0000)]
Let's document EAP, too
nbk [Wed, 13 Jul 2005 16:51:37 +0000 (16:51 +0000)]
Missing rad_free()
aland [Mon, 11 Jul 2005 20:22:20 +0000 (20:22 +0000)]
Make name lookups case sensitive.
Patch from bug #194
aland [Mon, 11 Jul 2005 17:29:12 +0000 (17:29 +0000)]
Make '-p' work again, and catch some corner cases
aland [Mon, 11 Jul 2005 17:20:20 +0000 (17:20 +0000)]
Initialize modules AFTER forking, which may help some situations.
On SEGV, call _exit(), rather than exit()
aland [Mon, 11 Jul 2005 17:18:37 +0000 (17:18 +0000)]
Be less verbose
aland [Mon, 11 Jul 2005 17:05:46 +0000 (17:05 +0000)]
Don't copy VSA's to an Access-Reject packet
This closes bug #207
nbk [Mon, 11 Jul 2005 13:48:43 +0000 (13:48 +0000)]
It's 'realm->acct_ipaddr' instead of 'realm->ipaddr'.
nbk [Sun, 10 Jul 2005 16:53:00 +0000 (16:53 +0000)]
Allow to cancel proxy of accounting with Proxy-To-Realm := LOCAL
aland [Fri, 8 Jul 2005 18:17:31 +0000 (18:17 +0000)]
New function lrad_hash_fold(). Not used, but it should be...
aland [Fri, 8 Jul 2005 18:16:46 +0000 (18:16 +0000)]
Pull "verify packet" into separate routine, to mirror rad_sign()
aland [Thu, 7 Jul 2005 22:01:33 +0000 (22:01 +0000)]
A bit better checks for packet length.
We could use FIONREAD to get the number of bytes, but that's already
in the RADIUS header. And if the RADIUS header lies to use, we'll
discard the packet anyways...
nbk [Thu, 7 Jul 2005 16:05:39 +0000 (16:05 +0000)]
Remove length restrictions on strings in generate_sql_clients()
function because RADCLIENT data structure was changed to use
malloc'd strings. (see src/include/radiusd.h 1.175)
Bug found by Velikanov <alex@asu.farlep.net>
aland [Thu, 7 Jul 2005 03:05:28 +0000 (03:05 +0000)]
Use MSG_PEEK to get the first 4 bytes of the packet, and malloc()
memory around that. The previous method of allocating a 4k buffer
on the stack, then calling malloc(), and copying the data was
less than efficient.
aland [Thu, 7 Jul 2005 01:46:00 +0000 (01:46 +0000)]
clarify rad_tunnel_pwdecode
aland [Wed, 6 Jul 2005 22:28:06 +0000 (22:28 +0000)]
Re-write rad_pwencode() and rad_pwdecode() to be clearer, so that
they don't call memcpy as much.
aland [Wed, 6 Jul 2005 21:04:00 +0000 (21:04 +0000)]
Added 'text' to top of the files, so editors will know what
to do with them
aland [Wed, 6 Jul 2005 17:12:40 +0000 (17:12 +0000)]
Use 'void *' rather than 'unsigned char *'
aland [Tue, 5 Jul 2005 23:43:27 +0000 (23:43 +0000)]
Use certificate chain. Patch from bug #112, and closes it.
aland [Tue, 5 Jul 2005 20:44:57 +0000 (20:44 +0000)]
Hack to allow it to build
pnixon [Fri, 1 Jul 2005 15:03:37 +0000 (15:03 +0000)]
Also store h323voicequality in SQL. Thanks to Ilia Chipitsine
pnixon [Fri, 1 Jul 2005 15:03:03 +0000 (15:03 +0000)]
Change default servername
nbk [Fri, 1 Jul 2005 08:49:04 +0000 (08:49 +0000)]
Fix the IPv4 addresses comparison in client_find()
aland [Wed, 29 Jun 2005 20:40:09 +0000 (20:40 +0000)]
NetBSD compatibility
aland [Wed, 29 Jun 2005 18:46:17 +0000 (18:46 +0000)]
Added one more (important) call to reap_children
aland [Tue, 28 Jun 2005 00:54:38 +0000 (00:54 +0000)]
Updates, as posted to the list
aland [Tue, 28 Jun 2005 00:44:29 +0000 (00:44 +0000)]
Aruba vendor dictionary, as posted to the list
fcusack [Mon, 27 Jun 2005 11:10:14 +0000 (11:10 +0000)]
soft PIN
nbk [Sat, 25 Jun 2005 22:44:35 +0000 (22:44 +0000)]
Fix quote removal of the value in sql_userparse (closes: #242)
aland [Tue, 21 Jun 2005 16:41:14 +0000 (16:41 +0000)]
Removed errant ^G
aland [Mon, 20 Jun 2005 19:24:56 +0000 (19:24 +0000)]
Properly initialize radlog_dest
nbk [Sun, 19 Jun 2005 17:05:14 +0000 (17:05 +0000)]
Man page for radsqlrelay (the new Perl version)
aland [Sat, 18 Jun 2005 01:24:11 +0000 (01:24 +0000)]
Make parser more forgiving.
Patch from Wolfgang Hottgenroth, to close bug #228
aland [Thu, 16 Jun 2005 17:13:53 +0000 (17:13 +0000)]
Suppress sending rejects *unless* DELAYED_REJECT is set.
Clear DELAYED_REJECT *after* sending the delayed packet
aland [Wed, 15 Jun 2005 23:02:20 +0000 (23:02 +0000)]
Be a little more forgiving about where the time may be
aland [Tue, 14 Jun 2005 23:06:59 +0000 (23:06 +0000)]
Set Session-Timout if we find an expiration attribute.
Hmm... this could also be run in post-auth, too.
aland [Tue, 14 Jun 2005 23:03:04 +0000 (23:03 +0000)]
When parsing dates, if they don't give seconds, that's OK.
aland [Tue, 14 Jun 2005 17:49:22 +0000 (17:49 +0000)]
More random hacking at random pools
aland [Mon, 13 Jun 2005 23:10:31 +0000 (23:10 +0000)]
Put CONF_DATA into rbtree's, too
aland [Mon, 13 Jun 2005 22:30:40 +0000 (22:30 +0000)]
Don't leak CONF_DATA
aland [Mon, 13 Jun 2005 20:36:57 +0000 (20:36 +0000)]
From Shawn K. O'Shea
aland [Mon, 13 Jun 2005 17:08:32 +0000 (17:08 +0000)]
More hacks to random number stuff. We now have lrad_rand_seed(),
which is called from dict.c, with data that's much harder for an
attacker to guess. It's not perfect, but it's better.
nbk [Sat, 11 Jun 2005 21:48:21 +0000 (21:48 +0000)]
Apply a patch from Thor Spruyt (closes: #169)
- Added note about IPASS
- Deprecate realms file (still in, but focus on proxy.conf)
- Added seperate section about accounting logging
- Added seperate section about remote server (config + attrs file)
nbk [Sat, 11 Jun 2005 21:20:21 +0000 (21:20 +0000)]
Add an example for a specific realm
nbk [Sat, 11 Jun 2005 21:17:39 +0000 (21:17 +0000)]
Add an example for the preproxy_users file (closes: #189)
Patch from Thor Spruyt <thor.spruyt@pandora.be>
nbk [Sat, 11 Jun 2005 21:00:56 +0000 (21:00 +0000)]
Error in previous commit: pre_proxy_log should remain the last
module of the pre-proxy section.
nbk [Sat, 11 Jun 2005 17:37:35 +0000 (17:37 +0000)]
Make the file more readable and add a few comments (closes: #172)
Patch from Thor Spruyt <thor.spruyt@pandora.be>
nbk [Sat, 11 Jun 2005 17:21:10 +0000 (17:21 +0000)]
Corrections in the text and a supplementary example (closes: #177)
Based on a patch from Thor Spruyt <thor.spruyt@pandora.be>
nbk [Sat, 11 Jun 2005 16:43:50 +0000 (16:43 +0000)]
Add a module instance attr_filter.pre-proxy (closes: #178)
Patch from Thor Spruyt <thor.spruyt@pandora.be>
nbk [Sat, 11 Jun 2005 16:43:18 +0000 (16:43 +0000)]
Install attrs.pre-proxy, too.
nbk [Sat, 11 Jun 2005 16:42:39 +0000 (16:42 +0000)]
Add an example file for rlm_attr_filter in pre-proxy (closes: #178)
Based on a patch from Thor Spruyt <thor.spruyt@pandora.be>
aland [Fri, 10 Jun 2005 18:57:04 +0000 (18:57 +0000)]
Update random vector & random number code, so that it doesn't
expose the exact data. This makes the random number code a
little slower, but possibly better
nbk [Thu, 9 Jun 2005 15:58:01 +0000 (15:58 +0000)]
radzap is a shell script, therefore it doesn't need libtool
aland [Fri, 3 Jun 2005 17:12:40 +0000 (17:12 +0000)]
Call eaptls_fail on reject, and unknown packet codes from tunneled
session.
Bug noted by Fabien Marotte
aland [Fri, 3 Jun 2005 17:07:37 +0000 (17:07 +0000)]
If the callback fails, do eap_fail() to get an EAP-Failure
message, and return reject. Previously, we just returned a
reject without an EAP-Failure, which would confuse the supplicant.
Bug noted by Fabien Marotte.
aland [Fri, 3 Jun 2005 16:44:43 +0000 (16:44 +0000)]
More docs for peap
nbk [Fri, 3 Jun 2005 11:07:41 +0000 (11:07 +0000)]
Add rlm_sql_log
nbk [Fri, 3 Jun 2005 11:07:18 +0000 (11:07 +0000)]
Add a configuration example for the rlm_sql_log module
aland [Thu, 2 Jun 2005 22:42:23 +0000 (22:42 +0000)]
Use default update function, so we don't core dump when
calling update
aland [Thu, 2 Jun 2005 18:24:43 +0000 (18:24 +0000)]
Updates from Graeme Hinchliffe
aland [Thu, 2 Jun 2005 17:53:12 +0000 (17:53 +0000)]
Add pointer to other docs
aland [Thu, 2 Jun 2005 01:25:36 +0000 (01:25 +0000)]
Add more copyright statements
aland [Wed, 1 Jun 2005 22:59:55 +0000 (22:59 +0000)]
Don't log endless informational messages.
aland [Wed, 1 Jun 2005 22:57:41 +0000 (22:57 +0000)]
Update pointers for proxy types. Whoops...
aland [Tue, 31 May 2005 18:59:14 +0000 (18:59 +0000)]
Move net/if.h
aland [Tue, 31 May 2005 18:48:16 +0000 (18:48 +0000)]
Updates, reformatting, etc
aland [Tue, 31 May 2005 18:39:09 +0000 (18:39 +0000)]
Add re-transmits of accounting packets back in, that was deleted
a few days ago.
Hmm... we still don't update the accounting Id, which is bad, but
no one has ever complained.
aland [Tue, 31 May 2005 17:34:47 +0000 (17:34 +0000)]
Don't send Proxy-State from home server in reply, when we're
the proxy.
Bug found by Fabien Marotte.
nbk [Mon, 30 May 2005 15:10:51 +0000 (15:10 +0000)]
This Perl script tails a SQL logfile and forwards the queries
to a database server.
nbk [Mon, 30 May 2005 13:20:17 +0000 (13:20 +0000)]
Man page for module rlm_sql_log
nbk [Mon, 30 May 2005 13:19:50 +0000 (13:19 +0000)]
Generated from configure.in revison 1.1 using autoconf 2.59
nbk [Mon, 30 May 2005 13:17:55 +0000 (13:17 +0000)]
File necessary to build the module
nbk [Mon, 30 May 2005 13:17:27 +0000 (13:17 +0000)]
This module appends the SQL queries in a log file which is
read later by the radsqlrelay program
aland [Sat, 28 May 2005 00:15:27 +0000 (00:15 +0000)]
More fixes to refresh_request.
FIXME: add accounting retries?
aland [Fri, 27 May 2005 23:55:05 +0000 (23:55 +0000)]
Afte rre-config
aland [Fri, 27 May 2005 23:51:10 +0000 (23:51 +0000)]
re-autogen
aland [Fri, 27 May 2005 23:14:16 +0000 (23:14 +0000)]
See "man radrelay.conf"