Alan T. DeKok [Tue, 10 Mar 2009 16:05:41 +0000 (17:05 +0100)]
Updated timestamp
Alan T. DeKok [Tue, 10 Mar 2009 16:04:05 +0000 (17:04 +0100)]
Fix data types. Patch from John Dennis
Alan T. DeKok [Tue, 10 Mar 2009 16:03:20 +0000 (17:03 +0100)]
otp.conf is no longer here. It's in raddb/modules
Alan T. DeKok [Tue, 10 Mar 2009 16:03:09 +0000 (17:03 +0100)]
Fixed typo
Alan T. DeKok [Tue, 10 Mar 2009 12:28:26 +0000 (13:28 +0100)]
And now 2.1.5
Alan T. DeKok [Tue, 10 Mar 2009 11:31:05 +0000 (12:31 +0100)]
Automate more work
Alan T. DeKok [Tue, 10 Mar 2009 11:30:52 +0000 (12:30 +0100)]
Note changes for 2.1.4
Alan T. DeKok [Tue, 10 Mar 2009 08:46:28 +0000 (09:46 +0100)]
Note 2.1.4
Alan T. DeKok [Tue, 10 Mar 2009 08:18:11 +0000 (09:18 +0100)]
Note duplicate clients
Alan T. DeKok [Tue, 10 Mar 2009 03:01:26 +0000 (04:01 +0100)]
Silently ignore duplicate clients
Alan T. DeKok [Tue, 10 Mar 2009 02:54:14 +0000 (03:54 +0100)]
Check for including the same file twice.
Alan T. DeKok [Mon, 9 Mar 2009 07:05:05 +0000 (08:05 +0100)]
Note recent changes
Alan T. DeKok [Mon, 9 Mar 2009 07:04:56 +0000 (08:04 +0100)]
Minor cleanups
Alan T. DeKok [Mon, 9 Mar 2009 07:04:18 +0000 (08:04 +0100)]
More explanations to help end users
Alan T. DeKok [Sun, 8 Mar 2009 11:20:14 +0000 (12:20 +0100)]
Pop it rather than just peeking it
Alan T. DeKok [Sun, 8 Mar 2009 11:13:56 +0000 (12:13 +0100)]
Install control-socket by default
Alan T. DeKok [Sun, 8 Mar 2009 09:44:37 +0000 (10:44 +0100)]
Print more debugging to tell people how to fix problems
Alan T. DeKok [Sun, 8 Mar 2009 07:40:17 +0000 (08:40 +0100)]
Updated copyright year
Alan T. DeKok [Sun, 8 Mar 2009 07:40:00 +0000 (08:40 +0100)]
Re-write instructions for clarity
Alan T. DeKok [Fri, 6 Mar 2009 08:38:43 +0000 (09:38 +0100)]
Scan src/lib, too
Alan T. DeKok [Fri, 6 Mar 2009 07:36:53 +0000 (08:36 +0100)]
More assertions
Alan T. DeKok [Fri, 6 Mar 2009 07:36:24 +0000 (08:36 +0100)]
Skip creation of zero-sized VSAs
Alan T. DeKok [Fri, 6 Mar 2009 07:31:46 +0000 (08:31 +0100)]
Added scan targets for LLVM checker
Alan T. DeKok [Fri, 6 Mar 2009 01:56:57 +0000 (02:56 +0100)]
Hackery to delete dynamic clients.
Rather than freeing them, we put them onto a queue (in the client_free
routine). We then periodically check the queue to see if we need
to flush it...
Alan T. DeKok [Thu, 5 Mar 2009 16:10:30 +0000 (17:10 +0100)]
Note reject changes
Alan T. DeKok [Thu, 5 Mar 2009 14:55:26 +0000 (15:55 +0100)]
Don't double free memory on response to ping
Alan T. DeKok [Wed, 4 Mar 2009 12:52:35 +0000 (13:52 +0100)]
Simplified use of syslog options
Patch from Hermann Lauer
Alan T. DeKok [Wed, 4 Mar 2009 12:38:03 +0000 (13:38 +0100)]
Cleaned up code based on report of crash.
Added additional notes on coa
moved "check for reply" in received_proxy_response to earlier,
as it shouldn't be done later.
Simplified check for CoA divorce. This is the code that crashed
(still no idea why), but the new code should do the intended checks,
without the un-intended side effects
Alan T. DeKok [Wed, 4 Mar 2009 11:55:42 +0000 (12:55 +0100)]
Free CoA only if it doesn't have an event associated with it
Alan T. DeKok [Mon, 2 Mar 2009 09:31:16 +0000 (10:31 +0100)]
Keep track of total responses for clients, too
Alan T. DeKok [Mon, 2 Mar 2009 09:25:44 +0000 (10:25 +0100)]
Clarify help on stats
Alan T. DeKok [Sun, 1 Mar 2009 07:41:22 +0000 (08:41 +0100)]
Fixed typo
Alan T. DeKok [Sun, 1 Mar 2009 07:40:10 +0000 (08:40 +0100)]
Re-write documentation for people who don't read it
Alan T. DeKok [Sat, 28 Feb 2009 08:33:29 +0000 (09:33 +0100)]
Mark data to be freed
Alan T. DeKok [Sat, 28 Feb 2009 08:30:28 +0000 (09:30 +0100)]
Allow injection of packets via radmin
inject to auth 127.0.0.1 1812
inject from 127.0.0.1
inject file input output
Allows you to test policies by injecting packets as if they came
from a particular client. This should ONLY be used in debugging mode.
Alan T. DeKok [Thu, 26 Feb 2009 16:55:23 +0000 (17:55 +0100)]
Point to correct buffer
Alan T. DeKok [Thu, 26 Feb 2009 15:15:34 +0000 (16:15 +0100)]
Export packet code table
Chris Moules [Thu, 19 Feb 2009 15:38:43 +0000 (15:38 +0000)]
Update debian patch for changes to radiusd.conf logic.
Alan T. DeKok [Thu, 19 Feb 2009 14:48:04 +0000 (15:48 +0100)]
Added constraint
Noted by Sebastian Heil
Alan T. DeKok [Thu, 19 Feb 2009 14:20:21 +0000 (15:20 +0100)]
Differentiate "no result" from "too many results"
Chris Moules [Wed, 18 Feb 2009 12:48:52 +0000 (12:48 +0000)]
Patch so that the "allocate-find" ippool lookup will match "expiry_time" when is NULL. This is its default state, so unless otherwise set, you will never get a IP from the pool.
Chris Moules [Wed, 18 Feb 2009 12:44:38 +0000 (12:44 +0000)]
Fix typo in MySQL ippool.conf and revert change from privous patch that modified one too many statements with "IS NULL" => "= NULL". One of these was in a WHERE clause where the "IS NULL" syntax is correct and needed.
Chris Moules [Tue, 17 Feb 2009 14:19:20 +0000 (14:19 +0000)]
Fix typo
Alan T. DeKok [Tue, 17 Feb 2009 13:14:18 +0000 (14:14 +0100)]
Fixed debug message. Noted by Dave Anderson.
Alan T. DeKok [Tue, 17 Feb 2009 13:13:07 +0000 (14:13 +0100)]
WiMAX needs OpenSSL for proper functionality
Alan T. DeKok [Tue, 17 Feb 2009 13:11:31 +0000 (14:11 +0100)]
Remove broken macro.
C preprocessor directives aren't allowed in macros
Alan T. DeKok [Tue, 17 Feb 2009 13:09:30 +0000 (14:09 +0100)]
This was moved earlier
Alan T. DeKok [Tue, 17 Feb 2009 13:07:32 +0000 (14:07 +0100)]
Answer vmps reconfirmation request
Patch from Hermann Lauer.
Alan T. DeKok [Tue, 17 Feb 2009 13:06:59 +0000 (14:06 +0100)]
Sample logrotate script
Alan T. DeKok [Sun, 15 Feb 2009 11:05:55 +0000 (12:05 +0100)]
Added sample commands
Alan T. DeKok [Sun, 15 Feb 2009 10:49:36 +0000 (11:49 +0100)]
Added "help -r"
This prints *all* of the available help
Alan T. DeKok [Sun, 15 Feb 2009 10:31:23 +0000 (11:31 +0100)]
Set Accounting-Response in post-proxy fail
Alan T. DeKok [Sun, 15 Feb 2009 08:29:45 +0000 (09:29 +0100)]
Allow the detail poll interval to be configurable
Alan T. DeKok [Sun, 15 Feb 2009 08:04:10 +0000 (09:04 +0100)]
More documentation
Alan T. DeKok [Sun, 15 Feb 2009 08:00:28 +0000 (09:00 +0100)]
Documentation for raddebug
Alan T. DeKok [Sun, 15 Feb 2009 07:44:38 +0000 (08:44 +0100)]
Minor cleanups
Added -d and usage
Alan T. DeKok [Fri, 13 Feb 2009 20:49:22 +0000 (21:49 +0100)]
Command to print debugging from a running server.
Very useful!
Alan T. DeKok [Fri, 13 Feb 2009 15:08:27 +0000 (16:08 +0100)]
Fix handling of "debug file [filename]"
Make filename optional, which means "no debug file".
Re-arrange how we handle the pointers, to avoid threading issues
Alan T. DeKok [Fri, 13 Feb 2009 15:06:07 +0000 (16:06 +0100)]
Suppress LF's if there's no output
Alan T. DeKok [Fri, 13 Feb 2009 14:08:14 +0000 (15:08 +0100)]
Change detail polling interval from 1s to 10s
This lowers the noise in debugging mode. It shouldn't affect performance.
Alan T. DeKok [Wed, 11 Feb 2009 17:39:21 +0000 (18:39 +0100)]
Fixed typo
Alan T. DeKok [Tue, 10 Feb 2009 08:48:17 +0000 (09:48 +0100)]
More instructions on DHCP
Alan T. DeKok [Tue, 10 Feb 2009 08:08:13 +0000 (09:08 +0100)]
Moved otp.conf to modules/otp
Alan T. DeKok [Thu, 5 Feb 2009 15:22:10 +0000 (16:22 +0100)]
Add "require message authenticator" config to home servers
Alan T. DeKok [Thu, 5 Feb 2009 15:11:06 +0000 (16:11 +0100)]
Move "allocate request->proxy" to home_server_ldb
In preparation for other work
Alan T. DeKok [Thu, 5 Feb 2009 11:05:38 +0000 (12:05 +0100)]
Moved checks for detail to home_server_ldb
Rather than proxying to a home server, and THEN deciding it
wasn't a good idea, we simply skip that home server during
the process of trying to find one.
Alan T. DeKok [Tue, 3 Feb 2009 14:15:03 +0000 (15:15 +0100)]
Corrected typo. Noted by Chris Moules
Alan T. DeKok [Tue, 3 Feb 2009 13:39:41 +0000 (14:39 +0100)]
Fixed name
Alan T. DeKok [Tue, 3 Feb 2009 13:33:53 +0000 (14:33 +0100)]
Note issue as reported in bug #622
Alan T. DeKok [Tue, 3 Feb 2009 13:33:29 +0000 (14:33 +0100)]
Free insthandle if there's no detach function
Alan T. DeKok [Tue, 3 Feb 2009 13:32:23 +0000 (14:32 +0100)]
Corrected typo
Alan T. DeKok [Tue, 3 Feb 2009 13:22:03 +0000 (14:22 +0100)]
Cleaned up source code && updated "configure"
Alan T. DeKok [Tue, 3 Feb 2009 10:26:34 +0000 (11:26 +0100)]
New module as supplied by Siemens
Alan T. DeKok [Tue, 3 Feb 2009 09:54:32 +0000 (10:54 +0100)]
Revert "Change default hash function to SHA1. MD5 is broken."
This reverts commit
340f01028f6f2dc8fa18336c9448f2787fc8de0f.
However, many versions of OpenSSL don't include SHA support,
so doing this would break the default install. <sigh>
Alan T. DeKok [Mon, 2 Feb 2009 10:24:51 +0000 (11:24 +0100)]
Note recent changes
Alan T. DeKok [Mon, 2 Feb 2009 09:47:40 +0000 (10:47 +0100)]
Expose more functions
Based on a patch from Chris Moules
Alan T. DeKok [Mon, 2 Feb 2009 09:31:04 +0000 (10:31 +0100)]
Load anonymous pools by type, not hard-coded to CoA
Alan T. DeKok [Sun, 1 Feb 2009 18:13:37 +0000 (19:13 +0100)]
Updated copyright date
Alan T. DeKok [Sun, 1 Feb 2009 18:13:06 +0000 (19:13 +0100)]
Updates for 2009
Alan T. DeKok [Fri, 30 Jan 2009 10:24:11 +0000 (11:24 +0100)]
Added UNUSED
Alan T. DeKok [Fri, 30 Jan 2009 10:23:13 +0000 (11:23 +0100)]
Save string for regexes
Alan T. DeKok [Fri, 30 Jan 2009 10:20:32 +0000 (11:20 +0100)]
Simplified patch from b4c873
Arnaud Ebalard [Fri, 30 Jan 2009 10:16:37 +0000 (11:16 +0100)]
Fix broken EAP-TLS (bug introduced 2008/08/24 by
b51a3a82)
Thu, 29 Jan 2009 16:31:10 +0100
To: aland <aland@deployingradius.com>
CC: Axel Tillequin <axel.tillequin@eads.net>, FreeRadius developers mailing list <freeradius-devel@lists.freeradius.org>
Hi,
As explained in previous mails of the thread, FreeRadius EAP-TLS support
is broken (the EAP encapsulated TLS ChangeCipherSpec and TLS Finished
messages are not sent). Bisecting the issue led me here:
commit
b51a3a82edb797f5d0a2758bd1a38359d6f66803
Author: Alan T. DeKok <aland@freeradius.org>
Date: Sun Aug 24 10:04:55 2008 +0200
Clean up debug && log messages
AFAICT, the test that prevented eaptls_ack_handler() to return
EAPTLS_SUCCESS *before* flushing remaining local messages
(i.e. returning EAPTLS_REQUEST so that they be sent to the peer to
complete the TLS handshake) was removed in that commit.
The patch below is against current git tree. With Axel, we tested the
fix with 2.1.3: it corrects the issue.
Cheers,
a+
Signed-off-by: Arnaud Ebalard <arno@natisbad.org>
Tested-by: Axel Tillequin <axel.tillequin@gmail.com>
Alan T. DeKok [Fri, 30 Jan 2009 10:13:48 +0000 (11:13 +0100)]
Corrected typo
Alan T. DeKok [Thu, 29 Jan 2009 11:54:00 +0000 (12:54 +0100)]
Chop ethernet frame to 253 rather than rejecting the packet
Alan T. DeKok [Wed, 28 Jan 2009 15:25:21 +0000 (16:25 +0100)]
Corrected typo
Alan T. DeKok [Wed, 28 Jan 2009 13:59:42 +0000 (14:59 +0100)]
Corrected MySQL syntax to = NULL
Alan T. DeKok [Tue, 27 Jan 2009 09:14:02 +0000 (10:14 +0100)]
Added freeswitch dictionary
Alan T. DeKok [Wed, 21 Jan 2009 13:32:29 +0000 (14:32 +0100)]
Look for setuid, too
Alan T. DeKok [Wed, 21 Jan 2009 10:13:24 +0000 (11:13 +0100)]
If we're at EOF, the socket will never be ready
So check for EOF in more places
Alan T. DeKok [Mon, 19 Jan 2009 15:15:08 +0000 (16:15 +0100)]
Notes on MySQL
Alan T. DeKok [Mon, 19 Jan 2009 13:51:19 +0000 (14:51 +0100)]
Try to work around transactional issues...
Alan T. DeKok [Mon, 19 Jan 2009 12:41:34 +0000 (13:41 +0100)]
Clean up CoA origination to not depend on CoA
This makes the patch a little cleaner
Alan T. DeKok [Sun, 18 Jan 2009 16:16:10 +0000 (17:16 +0100)]
Removed extraneous line
Alan T. DeKok [Sun, 18 Jan 2009 15:13:13 +0000 (16:13 +0100)]
CoA is in request->proxy, not request->packet
Alan T. DeKok [Tue, 13 Jan 2009 13:01:14 +0000 (14:01 +0100)]
Note restrictions on detail file usage
Alan T. DeKok [Mon, 12 Jan 2009 13:32:10 +0000 (14:32 +0100)]
Commented out SQL modules by default.
Unlike the EAP module, they need *additional* things to be configured
before they will work. So you can't just build the server with SQL
support, and then start it. You need to edit sql.conf, etc.
In the interest of making the server start quickly in debugging mode,
the SQL module configurations are now commented out.
Alan T. DeKok [Mon, 12 Jan 2009 09:14:12 +0000 (10:14 +0100)]
Change default hash function to SHA1. MD5 is broken.
Alan T. DeKok [Mon, 12 Jan 2009 09:13:14 +0000 (10:13 +0100)]
More updates
Alan T. DeKok [Mon, 12 Jan 2009 09:12:05 +0000 (10:12 +0100)]
run_dir depends on ${name}, too