aland [Mon, 13 Jan 2003 16:15:56 +0000 (16:15 +0000)]
When we set the IP address in vp->lvalue, set the string value,
too. This way they're kept in sync.
kkalev [Mon, 13 Jan 2003 08:01:43 +0000 (08:01 +0000)]
Fix a small problem with debugging
cmiller [Mon, 13 Jan 2003 02:05:25 +0000 (02:05 +0000)]
debian: rename daemon to "freeradiusd" to be polite to other potential
packages. Creating compatibility symlink for now.
debian: use system libtool, really, this time.
kkalev [Sun, 12 Jan 2003 11:15:03 +0000 (11:15 +0000)]
Fix a small bug in lib/ldap/create_user.php3. Unset the mod array before adding any values to it
kkalev [Sun, 12 Jan 2003 11:07:07 +0000 (11:07 +0000)]
Add a missing {
kkalev [Sun, 12 Jan 2003 11:03:13 +0000 (11:03 +0000)]
Make things a little bit more simple in lib/ldap/change_attrs.php3
kkalev [Sun, 12 Jan 2003 10:55:14 +0000 (10:55 +0000)]
Add a few missing {
kkalev [Sat, 11 Jan 2003 23:29:24 +0000 (23:29 +0000)]
Don't include user_info.php3 in the user_test page.
kkalev [Sat, 11 Jan 2003 18:46:34 +0000 (18:46 +0000)]
Add ldap_debug in admin.conf
kkalev [Sat, 11 Jan 2003 18:45:32 +0000 (18:45 +0000)]
In debug, output the sql queries in italic. Refer to enabling debugging in the FAQ
kkalev [Sat, 11 Jan 2003 18:33:10 +0000 (18:33 +0000)]
* Add a directive ldap_debug. Add debuging statements in the ldap library
* Add debug statements in the pg driver
kkalev [Sat, 11 Jan 2003 16:54:48 +0000 (16:54 +0000)]
Also update the admin.conf
kkalev [Sat, 11 Jan 2003 16:53:06 +0000 (16:53 +0000)]
Add a directive sql_debug. Add debuging statements in the sql library
aland [Fri, 10 Jan 2003 15:03:51 +0000 (15:03 +0000)]
Added notes from the list
kkalev [Fri, 10 Jan 2003 09:04:05 +0000 (09:04 +0000)]
Create a daily instance of the counter module and also add it the
instantiate section so that people don't get confused
fcusack [Fri, 10 Jan 2003 07:04:08 +0000 (07:04 +0000)]
break stale locks on syncdata
aland [Thu, 9 Jan 2003 20:36:05 +0000 (20:36 +0000)]
One more delete of builddbm stuff
aland [Thu, 9 Jan 2003 20:35:28 +0000 (20:35 +0000)]
Removed builddbm. It hasn't been used for ages.
aland [Wed, 8 Jan 2003 20:38:55 +0000 (20:38 +0000)]
Removed unnecessary variable to simplify things.
pnixon [Mon, 6 Jan 2003 10:44:16 +0000 (10:44 +0000)]
Update logrotate to rotate sqltrace.sql
This file can get huge if sql debugging is enabled, and on linux, if this file reached 2GB radiusd will stop.
kkalev [Mon, 6 Jan 2003 10:20:34 +0000 (10:20 +0000)]
Move the files module in the correct place in the authorize section.
Bug noted by Wisam Najim <wnajim@emirates.net.ae>
kkalev [Mon, 6 Jan 2003 10:15:06 +0000 (10:15 +0000)]
Delete duplicate attributes from the radiusprofile definition.
Bug reported by "Gerald (Jerry) Carter" <jerry@samba.org>
aland [Thu, 2 Jan 2003 18:29:52 +0000 (18:29 +0000)]
make octet counter bigint, to allow it to grow past 2G.
Based on list comments from Klaus Heck
aland [Thu, 2 Jan 2003 18:27:59 +0000 (18:27 +0000)]
Correct typo in syntax, and check for pid file before using it.
Patch from pavelsh
kkalev [Wed, 1 Jan 2003 23:30:29 +0000 (23:30 +0000)]
In log_badlogins create a separate sql input file for each sql server and append sql commands to it. If the
sql command succeeds we delete the corresponding input file. That way if an sql server is down we store the
accounting info in the input file and then send it all when it comes back up.
kkalev [Mon, 30 Dec 2002 10:15:15 +0000 (10:15 +0000)]
Add sql_connect_timeout and sql_extra_servers configuration directives to be
used by the log_badlogins script
kkalev [Sat, 28 Dec 2002 11:33:20 +0000 (11:33 +0000)]
Add more error messages when interacting with the SQL database
kkalev [Sat, 28 Dec 2002 10:47:09 +0000 (10:47 +0000)]
Only run for Accounting-Stop packets in accounting
kkalev [Tue, 24 Dec 2002 21:45:14 +0000 (21:45 +0000)]
Set default values for the server and basedn parameters
aland [Tue, 24 Dec 2002 16:49:34 +0000 (16:49 +0000)]
Define 'datadir' in make files.
New make file for the 'doc' directory, so that we actually
install the documentation along with the server.
Updated make file for the 'doc/rfc' directory, which assume that
perl exists... but that can be fixed later.
aland [Mon, 23 Dec 2002 20:31:59 +0000 (20:31 +0000)]
Add calls to the new post_proxy section.
Patch from Chris Brotsos
aland [Mon, 23 Dec 2002 20:28:09 +0000 (20:28 +0000)]
Now that we're about to add post-proxying, add a configuration
section which allows us to do:
receive packet
authorize
proxy -> home server
home server replies
post_proxy
MAYBE authorize
send reply packet
The MAYBE is set to 'yes' for backwards compatibility. The reason
is that proxy replies should really NOT be sent through the
'authorize' stage again.
Patch from Chris Brotsos
aland [Mon, 23 Dec 2002 20:05:56 +0000 (20:05 +0000)]
Update text for new proxying
kkalev [Sun, 22 Dec 2002 15:44:14 +0000 (15:44 +0000)]
Add sql_use_http_credentials configuration directive to connect to the sql database using the http user
credentials (that way there can be more than one administrator usernames, each with different privileges
on the sql database).
kkalev [Fri, 20 Dec 2002 15:33:21 +0000 (15:33 +0000)]
Make schema work for openldap 2.1. Patch from Wolfgang Rosenauer <stark@suse.de>
aland [Fri, 20 Dec 2002 15:31:26 +0000 (15:31 +0000)]
Patch to look for dbm functions in std libs
from Andrei Koulik
kkalev [Thu, 19 Dec 2002 09:11:10 +0000 (09:11 +0000)]
Check that the reset time is not never before reseting the db in the instantiate section
aland [Wed, 18 Dec 2002 19:04:40 +0000 (19:04 +0000)]
Meaningless white-space changes
aland [Wed, 11 Dec 2002 21:46:55 +0000 (21:46 +0000)]
Clean ups and code re-arrangements
aland [Wed, 11 Dec 2002 19:18:10 +0000 (19:18 +0000)]
Made the name buffer a little bigger...
aland [Wed, 11 Dec 2002 16:05:12 +0000 (16:05 +0000)]
Remove commented-out code
aland [Wed, 11 Dec 2002 16:04:17 +0000 (16:04 +0000)]
Use 'sizeof', instead of hard-coded numbers.
Patch from David Kerry
kkalev [Tue, 10 Dec 2002 21:06:56 +0000 (21:06 +0000)]
Put the counter module in the end of the authorize section
aland [Tue, 10 Dec 2002 20:18:15 +0000 (20:18 +0000)]
Trivial fix to print error message, from Thomas Krantz
aland [Tue, 10 Dec 2002 15:34:06 +0000 (15:34 +0000)]
Data is int, not int*
aland [Tue, 10 Dec 2002 14:52:11 +0000 (14:52 +0000)]
SQL doesn't do authentication, so change that in the examples.
aland [Mon, 9 Dec 2002 18:45:38 +0000 (18:45 +0000)]
Use the correct string for error printing, instead of an
uninitialized buffer
aland [Mon, 9 Dec 2002 18:42:56 +0000 (18:42 +0000)]
Don't try to use radlog_dir in a debugging/error message if it's
value is NULL
aland [Mon, 9 Dec 2002 17:53:24 +0000 (17:53 +0000)]
Updated with latest set of changes from Boian Jordanov
aland [Mon, 9 Dec 2002 16:16:46 +0000 (16:16 +0000)]
Updated with patch from Wichert Akkerman
aland [Sat, 7 Dec 2002 18:11:34 +0000 (18:11 +0000)]
If the password in the request->config list exists, but has zero
length, then reject the request, withou even looking at the
passwords.
Similarly, if the MD5/SHA1 password in the request->config list
isn't 32/40 characters long, then reject the request without
actually checking the passwords
aland [Fri, 6 Dec 2002 20:39:45 +0000 (20:39 +0000)]
Sanity check load-balancing for realms
aland [Fri, 6 Dec 2002 18:50:56 +0000 (18:50 +0000)]
Check for NULL pointers before calling free
cparker [Fri, 6 Dec 2002 16:27:50 +0000 (16:27 +0000)]
Updated to perform an 'sql_close' on each socket before attempting
reconnection. This fixes a socket descriptor leak for Oracle and
possible other databases.
aland [Fri, 6 Dec 2002 15:51:02 +0000 (15:51 +0000)]
Added comments on unique ID's, from
Dmitry Lebkov
aland [Thu, 5 Dec 2002 20:50:04 +0000 (20:50 +0000)]
Added 'case sensitive' configuration item, which should help with
'USER' logging in once, and another 'user' logging in somewhere else.
Added 'check nas' configuration item, which allows Simultaneous-Use
to work a bit better when we don't have access to the NAS, or don't
*want* to check with the nas.
aland [Thu, 5 Dec 2002 20:04:02 +0000 (20:04 +0000)]
Canonicalize *both* usernames before doing comparisons
aland [Wed, 4 Dec 2002 20:42:27 +0000 (20:42 +0000)]
Add VENDOR wrapper, so that the USR attributes are marked as
vendor-specific
aland [Wed, 4 Dec 2002 20:41:46 +0000 (20:41 +0000)]
Slightly more descriptive error message
kkalev [Wed, 4 Dec 2002 18:53:52 +0000 (18:53 +0000)]
Add support for mikrotik routers in checkrad. This will only work for
Simultaneous-Use = 1.
Patch by Evren Yurtesen <eyurtese@turkuamk.fi>
aland [Wed, 4 Dec 2002 18:24:09 +0000 (18:24 +0000)]
Updated note on openSSL version
aland [Wed, 4 Dec 2002 18:13:43 +0000 (18:13 +0000)]
Wake up any sleeping realms.
aland [Wed, 4 Dec 2002 17:49:46 +0000 (17:49 +0000)]
New load balancing code, based on scattering the proxied
requests among the realms. It's not true round-robin, but it's
pretty close.
aland [Wed, 4 Dec 2002 17:46:50 +0000 (17:46 +0000)]
Added lrad_rand() function, which uses the internal random pool
and the isaac generator to come up with better random numbers
than rand()
aland [Wed, 4 Dec 2002 17:26:12 +0000 (17:26 +0000)]
Removed 'max proxies', as there's no need for a hard-coded limit.
aland [Wed, 4 Dec 2002 17:24:53 +0000 (17:24 +0000)]
Delete unused variables, and use the main config to get the
list of clients.
aland [Wed, 4 Dec 2002 17:24:29 +0000 (17:24 +0000)]
Deleted unused variables
aland [Wed, 4 Dec 2002 15:44:40 +0000 (15:44 +0000)]
Allow lines in the various 'users' files to be 8k long.
aland [Tue, 3 Dec 2002 21:35:35 +0000 (21:35 +0000)]
Make the code a little prettier
aland [Tue, 3 Dec 2002 16:43:16 +0000 (16:43 +0000)]
querystr is an array allocated on the stack, so doing
if (querystr) ...
will always succeed.
Instead, we've got to do
if (*querystr) ...
which checks if the string is non-empty
aland [Tue, 3 Dec 2002 16:40:43 +0000 (16:40 +0000)]
If there's no query, then return an error
aland [Tue, 3 Dec 2002 16:30:14 +0000 (16:30 +0000)]
Clean up on errors. Patch from David Kerry
aland [Tue, 3 Dec 2002 16:27:37 +0000 (16:27 +0000)]
Code cleanups, reformatting, free memory on errors, better
log messages, etc.
aland [Tue, 3 Dec 2002 15:31:50 +0000 (15:31 +0000)]
When creating names for attributes which aren't in the dictionary,
ensure that the numbers used are unsigned.
aland [Tue, 3 Dec 2002 15:26:36 +0000 (15:26 +0000)]
Deleted unnecessary code.
aland [Mon, 2 Dec 2002 21:30:43 +0000 (21:30 +0000)]
More explanation of round-robin and load balancing
aland [Mon, 2 Dec 2002 21:28:29 +0000 (21:28 +0000)]
Use str2int stuff to parse values
aland [Mon, 2 Dec 2002 21:23:56 +0000 (21:23 +0000)]
Deleted round-robin code, as we're about to commit a new
implementation of it.
aland [Mon, 2 Dec 2002 20:24:10 +0000 (20:24 +0000)]
Added top-level 'snmp' configuration directive, so that we
can enable/disable SNMP support at run time.
aland [Mon, 2 Dec 2002 19:50:06 +0000 (19:50 +0000)]
Now that we have a real random number generator, use that,
instead of the cruft we used before.
aland [Mon, 2 Dec 2002 19:28:03 +0000 (19:28 +0000)]
Include Isaac random number generator, from
http://burtleburtle.net/bob/rand/isaacafa.html
aland [Mon, 2 Dec 2002 16:59:12 +0000 (16:59 +0000)]
Minor updates
aland [Mon, 2 Dec 2002 16:58:33 +0000 (16:58 +0000)]
Make numbers unsigned 32-bit ints, to match the on-the-wire
'integer' attributes.
aland [Mon, 2 Dec 2002 16:51:15 +0000 (16:51 +0000)]
Attempted fix for undefined things.
aland [Fri, 29 Nov 2002 20:54:25 +0000 (20:54 +0000)]
Added note about branch versus tag for releases
aland [Fri, 29 Nov 2002 18:40:12 +0000 (18:40 +0000)]
Added 'last reply' field to 'realm' structure. Every time
we receive a real response from a home server, we go through ALL
realms for that home server, and mark the realms as to when
we saw the reply, and make them active.
Then, when disabling a realm, we DON'T disable it, if we received
a reply in the last <whatever> seconds.
Based on a patch by Angelos Karageorgiou.
Also re-ordered the 'mark realm active' code, so that the
realm is marked active ONLY if the packet we receive is for a
request we sent to that realm. This prevents attackers from
forcing a realm to be erroneously marked active, by forging
packets from that realm.
However, if a real realm DOES reply (but too late), then the
realms for it will NOT be marked 'active'. This is reasonable,
as if a realm takes ~1 minute to response to a request, then it's
dead for all practical purposes.
aland [Fri, 29 Nov 2002 15:46:04 +0000 (15:46 +0000)]
Added NULL destination for logging messages, so they can be thrown
away.
aland [Thu, 28 Nov 2002 18:54:52 +0000 (18:54 +0000)]
Allow status server to NOT core dump, if it's turned off.
Bug found by Tamer Demir
aland [Thu, 28 Nov 2002 18:41:54 +0000 (18:41 +0000)]
Add more cases to the list of string types we handle.
kkalev [Thu, 28 Nov 2002 18:33:39 +0000 (18:33 +0000)]
Add a missing <?php tag. Bug noted by Simon Burns <simon@ababa.org>
aland [Wed, 27 Nov 2002 18:14:42 +0000 (18:14 +0000)]
If no child is available, then keep looping.
aland [Wed, 27 Nov 2002 16:41:24 +0000 (16:41 +0000)]
Added patch from Stocker Gernot to allow character fields in
Oracle 9i to work.
kkalev [Tue, 26 Nov 2002 17:37:39 +0000 (17:37 +0000)]
Replace single quotes with double quotes in log_badlogins
kkalev [Tue, 26 Nov 2002 12:30:56 +0000 (12:30 +0000)]
Remember a few things in the user_test page. Also add another configuration file directive
general_radius_server_auth_proto specifying the default authentication protocol of the radius
server (pap or chap).
kkalev [Mon, 25 Nov 2002 23:22:43 +0000 (23:22 +0000)]
Rearrange the checks for cisco routers
kkalev [Mon, 25 Nov 2002 16:35:35 +0000 (16:35 +0000)]
* Use CISCO-POP-MGMT-MIB in snmpfinger instead of CISCO-CALL-HISTORY-MIB. Thanks to
Evren Yurtesen <eyurtese@turkuamk.fi> for the suggestion.
* Also do the same in checkrad for cisco routers
kkalev [Sun, 24 Nov 2002 15:08:20 +0000 (15:08 +0000)]
We don't need ORDER BY GroupName in show_groups.php3 since we have GROUP BY
kkalev [Sun, 24 Nov 2002 15:01:36 +0000 (15:01 +0000)]
Work even when register_globals if off. Suggestion from Evren Yurtesen <eyurtese@turkuamk.fi>
Also add an entry in the FAQ about that.
kkalev [Sat, 23 Nov 2002 16:20:17 +0000 (16:20 +0000)]
Fix a typo in sql.attrmap. Fix by Evren Yurtesen <eyurtese@turkuamk.fi>
kkalev [Thu, 21 Nov 2002 23:33:32 +0000 (23:33 +0000)]
* Remove one sql query from user_admin which was not needed.
* Instead of a query like "LIKE 'YYYY-MM-DD%'" use "AcctStopTime >= 'YYYY-MM-DD 00:00:00 AND AcctStopTime
<= 'YYYY-MM-DD 23:59:59'" which will allow us to use sql indexes better.
* Add a few comments in bin/clean_radacct
* Add a new script bin/truncate_radacct which will delete all sessions from the radacct table which
are older than a configurable number of days.
* Add an entry in tuning_guide about creating a multi column index for (UserName,AcctStopTime). This
will really help sql_checksimul and the corresponding queries.