Arran Cudbard-Bell [Mon, 30 Nov 2015 03:12:44 +0000 (22:12 -0500)]
Some compilation fixes for trusty tapier
Alan T. DeKok [Wed, 2 Dec 2015 18:21:17 +0000 (13:21 -0500)]
Dynamically check Auth-Type values
Alan T. DeKok [Wed, 2 Dec 2015 15:46:05 +0000 (10:46 -0500)]
Remove most Auth-Type values.
Accept / Reject are needed by the server core.
MS-CHAP and EAP are needed by EAP.
Everything else should be auto-created at run time.
If someone sets "Auth-Type foo" without an authentication type
"foo" defined, the server should refuse to start.
Alan T. DeKok [Mon, 30 Nov 2015 20:01:23 +0000 (15:01 -0500)]
cast for %u
Alan T. DeKok [Mon, 30 Nov 2015 19:57:45 +0000 (14:57 -0500)]
Simplify logic for getpeereid()
for systems which don't have that, but do have SO_PEERCRED
Alan T. DeKok [Mon, 30 Nov 2015 19:40:57 +0000 (14:40 -0500)]
Simplify setting of RADIUSD_VERSION
because "awk" on Solaris is broken
Alan T. DeKok [Mon, 30 Nov 2015 19:40:02 +0000 (14:40 -0500)]
Better sun fixes
Alan T. DeKok [Mon, 30 Nov 2015 19:21:30 +0000 (14:21 -0500)]
Fixes for GCC on Solaris
Because I like pain.
Alan T. DeKok [Mon, 30 Nov 2015 16:36:27 +0000 (11:36 -0500)]
test for %{string:...}
Alan T. DeKok [Mon, 30 Nov 2015 16:18:47 +0000 (11:18 -0500)]
typo
Alan T. DeKok [Mon, 30 Nov 2015 16:01:24 +0000 (11:01 -0500)]
Notes on embedded zeros in passwords
Arran Cudbard-Bell [Mon, 30 Nov 2015 01:51:49 +0000 (20:51 -0500)]
Fix RADIUS-STAT-MIB so it compiles
Alan T. DeKok [Fri, 27 Nov 2015 15:12:04 +0000 (10:12 -0500)]
Use fr_pair_value_bstrncpy() where appropriate
Arran Cudbard-Bell [Fri, 27 Nov 2015 12:52:54 +0000 (07:52 -0500)]
Update ChangeLog
Arran Cudbard-Bell [Thu, 26 Nov 2015 19:20:21 +0000 (14:20 -0500)]
Merge pull request #1405 from jpereira/fix/copy-scripts-collected
Bring branch://master/scripts/collected to here
Jorge Pereira [Thu, 26 Nov 2015 19:18:53 +0000 (17:18 -0200)]
Bring branch://master/scripts/collected to here
Arran Cudbard-Bell [Thu, 26 Nov 2015 19:01:20 +0000 (14:01 -0500)]
Merge pull request #1404 from jpereira/v3.0.x
Bring branch://master/scripts/munin/radsniff to here
Jorge Pereira [Thu, 26 Nov 2015 18:59:09 +0000 (16:59 -0200)]
Bring branch://master/scripts/munin/radsniff to here
Arran Cudbard-Bell [Thu, 26 Nov 2015 18:53:48 +0000 (13:53 -0500)]
Merge pull request #1402 from jpereira/fix/bug-with-stats
Bugfix - Used a wrong list to global statistics in 'stats'
Jorge Pereira [Thu, 26 Nov 2015 18:43:25 +0000 (16:43 -0200)]
Bugfix - Used a wrong list to global statistics in 'stats'
Alan T. DeKok [Thu, 26 Nov 2015 16:02:37 +0000 (11:02 -0500)]
typo
Alan DeKok [Thu, 26 Nov 2015 14:11:37 +0000 (09:11 -0500)]
Merge pull request #1401 from mcnewton/v30soh
SoH isn't very useful without attributes
Matthew Newton [Thu, 26 Nov 2015 11:24:44 +0000 (11:24 +0000)]
SoH isn't very useful without attributes
Broken in
c11e3d8454 by no longer setting fake->packet->vps.
eapsoh_verify has no need to see the original request as long
as it's got access to the data to parse, so just pass in the
fake request and get the attributes created there directly.
Alan T. DeKok [Wed, 25 Nov 2015 21:05:42 +0000 (16:05 -0500)]
Remove extraneous message
Alan T. DeKok [Wed, 25 Nov 2015 21:02:01 +0000 (16:02 -0500)]
Set src/dst ip/port for TCP connections
Arran Cudbard-Bell [Wed, 25 Nov 2015 18:05:08 +0000 (13:05 -0500)]
Merge pull request #1399 from jpereira/fix/syserror1
better call fr_syserror() when in POSIX contexts
Jorge Pereira [Wed, 25 Nov 2015 17:50:22 +0000 (15:50 -0200)]
better call fr_syserror() when in POSIX contexts
Alan T. DeKok [Wed, 25 Nov 2015 16:57:20 +0000 (11:57 -0500)]
note recent changes
Alan T. DeKok [Wed, 25 Nov 2015 16:46:52 +0000 (11:46 -0500)]
Complain if error isn't ENOENT. Fixes #1398
Alan T. DeKok [Wed, 25 Nov 2015 16:12:03 +0000 (11:12 -0500)]
Don't use full prefix
Alan DeKok [Tue, 24 Nov 2015 21:05:15 +0000 (16:05 -0500)]
Merge pull request #1394 from jpereira/fix/ramin1
Fixing problem with radmin> stats detail <filename>
Alan T. DeKok [Tue, 24 Nov 2015 18:01:52 +0000 (13:01 -0500)]
If OCSP checks fail, don't run verify command
because the client will be rejected, so we don't want to run
extra resources
Jorge Pereira [Tue, 24 Nov 2015 03:14:51 +0000 (01:14 -0200)]
Fixing problem with radmin> stats detail <filename>
Arran Cudbard-Bell [Fri, 20 Nov 2015 17:05:49 +0000 (12:05 -0500)]
Fix buffer overflow in soh.c
Arran Cudbard-Bell [Fri, 20 Nov 2015 13:34:05 +0000 (08:34 -0500)]
No cases where this is helpful
Alan T. DeKok [Wed, 18 Nov 2015 17:48:42 +0000 (12:48 -0500)]
use correct number...
Alan T. DeKok [Wed, 18 Nov 2015 16:48:34 +0000 (11:48 -0500)]
Check name, not number
Arran Cudbard-Bell [Wed, 18 Nov 2015 16:32:23 +0000 (11:32 -0500)]
Various fixes for LEAP proxying
Alan T. DeKok [Wed, 18 Nov 2015 16:14:02 +0000 (11:14 -0500)]
"localhost" is a valid host name
Alan T. DeKok [Tue, 17 Nov 2015 19:53:18 +0000 (14:53 -0500)]
Turns out GNU people are retarded.
If "install-sh" is asked to do an installation, it helpfully
creates the destination directory for you. Then, if the install
target is a directory, it tries to create the directory. Which
was just created. And then it fails with an error.
Alan DeKok [Tue, 17 Nov 2015 19:04:57 +0000 (14:04 -0500)]
Merge pull request #1387 from jpereira/minor/warnings1
Fix warnings with $raddb/mods-available/cache
Arran Cudbard-Bell [Tue, 17 Nov 2015 14:47:46 +0000 (09:47 -0500)]
Remove duplicates
Arran Cudbard-Bell [Tue, 17 Nov 2015 14:45:30 +0000 (09:45 -0500)]
Merge pull request #1392 from mcnewton/conffix
fixup configure script
Matthew Newton [Tue, 17 Nov 2015 14:37:31 +0000 (14:37 +0000)]
fixup configure script
Pascal Penners [Mon, 16 Nov 2015 14:16:13 +0000 (15:16 +0100)]
added more Lancom VSAs
Arran Cudbard-Bell [Mon, 16 Nov 2015 21:25:11 +0000 (16:25 -0500)]
Minor fix
Arran Cudbard-Bell [Mon, 16 Nov 2015 20:57:57 +0000 (15:57 -0500)]
fclose destroys file descriptor Closes #1390
Arran Cudbard-Bell [Mon, 16 Nov 2015 20:05:36 +0000 (15:05 -0500)]
Merge pull request #1389 from jpereira/fix/vdprintf1
Fixing the missing vdprintf()
Jorge Pereira [Mon, 16 Nov 2015 20:03:22 +0000 (18:03 -0200)]
Fixing the missing vdprintf()
Arran Cudbard-Bell [Mon, 16 Nov 2015 19:44:41 +0000 (14:44 -0500)]
Provide fdprintf if it's missing Closes #1366
Jorge Pereira [Fri, 13 Nov 2015 16:44:50 +0000 (14:44 -0200)]
Fix warnings with $raddb/mods-available/cache
Pascal Penners [Fri, 13 Nov 2015 14:44:42 +0000 (15:44 +0100)]
added IKEv2 Attributes to Lancom dictionary
Alan T. DeKok [Fri, 13 Nov 2015 13:27:23 +0000 (08:27 -0500)]
Notes on location-info
Alan T. DeKok [Wed, 11 Nov 2015 15:43:17 +0000 (10:43 -0500)]
Remove duplicate definition
Arran Cudbard-Bell [Fri, 13 Nov 2015 12:50:23 +0000 (07:50 -0500)]
Fix oracle login error message
Arran Cudbard-Bell [Tue, 10 Nov 2015 22:33:10 +0000 (17:33 -0500)]
Merge pull request #1382 from jpereira/fix/minor-pre-proxy1
Fix minor about NAS-Ip-Address. correct is NAS-IP-Address
Jorge Pereira [Tue, 10 Nov 2015 22:01:52 +0000 (20:01 -0200)]
Fix minor about NAS-Ip-Address. correct is NAS-IP-Address
Alan T. DeKok [Tue, 10 Nov 2015 17:33:44 +0000 (12:33 -0500)]
Cleanups
Alan DeKok [Tue, 10 Nov 2015 17:32:06 +0000 (12:32 -0500)]
Merge pull request #1378 from skids/mschap_ad_errs
Pass on MSCHAP errors from ntlm_auth, too
Alan DeKok [Tue, 10 Nov 2015 17:16:07 +0000 (12:16 -0500)]
Merge pull request #1379 from jpereira/fix/abfab-tr1
Fixing wrong set with $raddb/sites-available/abfab-tr-idp
Jorge Pereira [Tue, 10 Nov 2015 17:00:18 +0000 (15:00 -0200)]
Fixing wrong set with $raddb/sites-available/abfab-tr-idp
skids [Tue, 10 Nov 2015 16:28:42 +0000 (11:28 -0500)]
Pass on MSCHAP errors from ntlm_auth, too
Not that supplicants do anything helpful with them, but locked
and disabled account error codes can be gleaned from ntlm_auth.
Previously only SMB-Account-Cntrl could cause them to send.
Alan T. DeKok [Mon, 9 Nov 2015 20:46:34 +0000 (15:46 -0500)]
fix modules debug
Alan T. DeKok [Mon, 9 Nov 2015 20:27:46 +0000 (15:27 -0500)]
Set FR specific library path.
Because we need to manually look at a library path on El Capitan.
OSX prevents us from loading library paths via the standard
environment variable.
Alan T. DeKok [Mon, 9 Nov 2015 18:50:58 +0000 (13:50 -0500)]
free paircompare only if we had them
Arran Cudbard-Bell [Sun, 8 Nov 2015 21:34:33 +0000 (16:34 -0500)]
Merge pull request #1374 from spaetow/patch-2
Update abfab-tr-idp
Stefan Paetow [Fri, 6 Nov 2015 16:21:17 +0000 (16:21 +0000)]
Update abfab-tr-idp
Add the 'new' tunneled attribute stuff to the ABFAB server too!
Alan Buxey [Thu, 5 Nov 2015 21:01:45 +0000 (21:01 +0000)]
Update dictionary.starent
fixed historical typo
Alan T. DeKok [Tue, 3 Nov 2015 17:42:28 +0000 (12:42 -0500)]
Print out CFLAGS, etc. in version.c
Since version.c is built in 3 places, just add the SRC_CFLAGS
definitions in 3 places. It's easier than trying to hack the
build system to set the flags for version.c only once.
Alan T. DeKok [Tue, 3 Nov 2015 17:06:42 +0000 (12:06 -0500)]
Remove unused flags.
These are only used by version.c, which isn't part of radiusd,
but is instead part of libfreeradius-server
Alan T. DeKok [Tue, 3 Nov 2015 16:58:58 +0000 (11:58 -0500)]
Always have at least '-x' for '-v'
So we get pretty output. And then more -x gets more information
from -v
Alan T. DeKok [Tue, 3 Nov 2015 16:57:41 +0000 (11:57 -0500)]
Extra info is debug2, not debug3
Because we don't want (or care) about time stamps
Arran Cudbard-Bell [Tue, 3 Nov 2015 17:39:30 +0000 (12:39 -0500)]
Merge pull request #1369 from mcnewton/noeap2
there is no eap2 module any more
Arran Cudbard-Bell [Tue, 3 Nov 2015 17:39:10 +0000 (12:39 -0500)]
Merge pull request #1367 from mcnewton/rname1
remove redundant "name" config option
Matthew Newton [Tue, 3 Nov 2015 17:37:10 +0000 (17:37 +0000)]
there is no eap2 module any more
Matthew Newton [Tue, 3 Nov 2015 17:19:04 +0000 (17:19 +0000)]
remove redundant "name" config option
Alan T. DeKok [Tue, 3 Nov 2015 15:15:25 +0000 (10:15 -0500)]
Remove unused variable
Alan DeKok [Tue, 3 Nov 2015 14:41:01 +0000 (09:41 -0500)]
Merge pull request #1365 from jpereira/fix/debug-with-yes1
if the variable DEBUG could be 'no', so need to accept 'yes' also
Alan T. DeKok [Tue, 3 Nov 2015 14:38:16 +0000 (09:38 -0500)]
Hard-code the default name to radiusd.
Because debian renames the binaries and configuration directory,
but *not* the configuration file
Alan T. DeKok [Tue, 3 Nov 2015 03:24:42 +0000 (22:24 -0500)]
We want unittest.c to pretend it's radiusd
Jorge Pereira [Tue, 3 Nov 2015 14:10:56 +0000 (12:10 -0200)]
if the variable DEBUG could be 'no', so need to accept 'yes' also
Arran Cudbard-Bell [Tue, 3 Nov 2015 03:22:07 +0000 (22:22 -0500)]
Previous commit not quite right - Better to check for undefined filter code
So this still works:
echo "Message-Authenticator = 0x00, User-Name = foo" | ./build/bin/radclient 127.0.0.1 status testing123
Sent Status-Server Id 187 from 0.0.0.0:52237 to 127.0.0.1:1812 length 43
Received Access-Accept Id 187 from 127.0.0.1:1812 to 0.0.0.0:0 length 20
shinyhead:freeradius-server-fork arr2036$ echo "Response-Packet-Type == Access-Reject, Message-Authenticator = 0x00, User-Name = foo" | ./build/bin/radclient 127.0.0.1 status testing123
Sent Status-Server Id 126 from 0.0.0.0:52293 to 127.0.0.1:1812 length 43
Received Access-Accept Id 126 from 127.0.0.1:1812 to 0.0.0.0:0 length 20
(0) -: Expected Access-Reject got Access-Accept
Alan T. DeKok [Tue, 3 Nov 2015 02:39:58 +0000 (21:39 -0500)]
Whine and you shall be satisfied
Alan T. DeKok [Mon, 2 Nov 2015 23:48:33 +0000 (18:48 -0500)]
Default to Access-Accept response for Status-Server
anything else means ignoring the RFC, and ignoring what the
end user really wants
Alan T. DeKok [Mon, 2 Nov 2015 20:52:24 +0000 (15:52 -0500)]
Set name after initializing main_config
Alan T. DeKok [Mon, 2 Nov 2015 20:19:28 +0000 (15:19 -0500)]
Fix broken compilation
Alan T. DeKok [Mon, 2 Nov 2015 20:02:21 +0000 (15:02 -0500)]
More "radiusd" to main_config.name
Alan T. DeKok [Mon, 2 Nov 2015 19:55:30 +0000 (14:55 -0500)]
Use main_config.name everywhere.
So we see less hard-coded "radiusd".
Arran Cudbard-Bell [Mon, 2 Nov 2015 17:46:28 +0000 (12:46 -0500)]
Print the macro name in system errors
Alan T. DeKok [Mon, 2 Nov 2015 14:19:50 +0000 (09:19 -0500)]
From hillstone
Arran Cudbard-Bell [Sun, 1 Nov 2015 16:10:02 +0000 (11:10 -0500)]
Use the correct macro for INFO debugging
This is all documented in great detail in log.h
Arran Cudbard-Bell [Sat, 31 Oct 2015 22:16:10 +0000 (18:16 -0400)]
More compact
Alan T. DeKok [Fri, 30 Oct 2015 12:21:43 +0000 (08:21 -0400)]
Send acct pings to acct port. Fixes #1364
Adam Bishop [Thu, 29 Oct 2015 17:09:16 +0000 (17:09 +0000)]
Restore trailing curly brace
Looks like it was accidentally removed in
73847d34f5a59a7deb60259c2b35ca5b02a9c62d
Alan T. DeKok [Thu, 29 Oct 2015 16:33:21 +0000 (12:33 -0400)]
Free the pointer, not the data it points to
Arran Cudbard-Bell [Wed, 28 Oct 2015 17:00:09 +0000 (13:00 -0400)]
Disable trailing garbage checks
Gets tripped by too many capture devices (F5/Netscout)
Arran Cudbard-Bell [Wed, 28 Oct 2015 02:54:31 +0000 (22:54 -0400)]
Closes #1320 create User-name from peer ID correctly
Alan T. DeKok [Tue, 27 Oct 2015 16:57:02 +0000 (12:57 -0400)]
More checks for else. Fixes #1355
Alan T. DeKok [Mon, 26 Oct 2015 13:11:43 +0000 (09:11 -0400)]
Allow multiple command-line arguments to be logical &&
Alan T. DeKok [Mon, 26 Oct 2015 00:04:37 +0000 (20:04 -0400)]
Add -D to raddebug, too