phampson [Sat, 26 Mar 2005 12:39:19 +0000 (12:39 +0000)]
Escape function names when defining
aland [Sat, 26 Mar 2005 01:17:11 +0000 (01:17 +0000)]
radsqlrelay needs $(INCLTDL)
pnixon [Fri, 25 Mar 2005 17:52:46 +0000 (17:52 +0000)]
Reformat postgresql queries to remove TABS so that they my be copy/pasted directly from logs to psql to make problem solving easier.
pnixon [Fri, 25 Mar 2005 17:10:55 +0000 (17:10 +0000)]
Actually calculate (if AcctStartTime exists) the AcctSessionTime for NASes who do not send AcctSessionTime in Stop packets
mgriego [Fri, 25 Mar 2005 14:41:37 +0000 (14:41 +0000)]
Don't call SSL_CTX_load_verify_locations. This function should only be
used in a client environment as it causes us to load the system's CA list.
In a server environment, we only want to trust *our* CAs. On many systems,
the system CA list contains all known trusted CAs. If we trust these as
a server, we are potentially allowing lots of unknown users who have
legitimate certs from other CAs onto our network.
mgriego [Fri, 25 Mar 2005 14:36:19 +0000 (14:36 +0000)]
POSIX says that if a signal handler returns from handling a SIGSEGV signal,
then the behavior is undefined. On some systems, this results in a SIGSEGV
loop, causing the CPU to go to 100%. Added a case in the singal handler
for SIGSEGV that just exits so that we don't dump core and we don't cause
an infinite loop.
mgriego [Fri, 25 Mar 2005 14:34:06 +0000 (14:34 +0000)]
Implement OpenSSL static locking callbacks. This will allow us to
unserialize access to the EAP submodules. It also ensures that any
other modules that link against OpenSSL (ie ldaps, mysql with SSL, etc)
are truly threadsafe.
phampson [Fri, 25 Mar 2005 14:03:35 +0000 (14:03 +0000)]
-lkstat fix was commited to the (autogenerated) aclocal.m4 by accident.
This is where it belongs.
aland [Thu, 24 Mar 2005 23:38:33 +0000 (23:38 +0000)]
If weird EAP link mode, then link libeap, tls, ttls, and peap
into the server.
aland [Thu, 24 Mar 2005 23:32:04 +0000 (23:32 +0000)]
fix references to record_plus & friends
aland [Thu, 24 Mar 2005 23:04:16 +0000 (23:04 +0000)]
Cleaned up libeap/Makefile, so it uses the module rules.mak,
and not it's own stuff.
Defined magic variable RLM_EAP_LINK_MODE, which should be set
to -static. The server then links, runs, and installs!
aland [Thu, 24 Mar 2005 22:58:11 +0000 (22:58 +0000)]
use: LINK_MODE += foo
rather than: LINK_MODE=foo
to allow modules to over-ride link mode
aland [Thu, 24 Mar 2005 19:10:12 +0000 (19:10 +0000)]
Use REQUEST_MAX_REGEX, and fix same regex bug that was fixed
in revision 1.65 of src/main/valuepair.c
aland [Thu, 24 Mar 2005 17:57:18 +0000 (17:57 +0000)]
Replace everything in libltdl, to "upgrade" to a newer version.
"update" libtool to a newer version.
Update the configure scripts to use newer libtool, and libtldl
WARNING: running "autoreconf" (or, I guess aclocal) will
nuke aclocal.m4. "autoreconf" will work, "./configure" will work,
but the "make" process will fail.
We should really figure out WTF is going on, and fix it...
pnixon [Thu, 24 Mar 2005 11:41:00 +0000 (11:41 +0000)]
Add a verbose logging option
pnixon [Thu, 24 Mar 2005 11:09:13 +0000 (11:09 +0000)]
Insert a uniqueid into AcctSessionId field also, as both Postgresql and Oracle have this field set to NUT NULL. (How did this code ever work with PG??)
pnixon [Thu, 24 Mar 2005 09:24:54 +0000 (09:24 +0000)]
Add Oracle comments
pnixon [Thu, 24 Mar 2005 08:53:10 +0000 (08:53 +0000)]
Add Oracle support
pnixon [Thu, 24 Mar 2005 08:35:30 +0000 (08:35 +0000)]
Add support for Oracle
bjordanov [Thu, 24 Mar 2005 08:04:04 +0000 (08:04 +0000)]
Changed SvTRUE(sv) with SvOK(sv). SvTRUE is _NOT_ what we want.
aland [Thu, 24 Mar 2005 00:10:54 +0000 (00:10 +0000)]
Deleted "component_names" and friends from modules.c, which means
we don't need it in modules.h, and modcall.c shouldn't use it,
but should use it's own (already defined) array.
Simplified code, and updated it, based on use of data structures.
Deleting code & duplicate arrays is good.
pnixon [Wed, 23 Mar 2005 20:35:56 +0000 (20:35 +0000)]
Turn off the build dependency for Oracle "Instant Client" rpms when oracle_support == 0
aland [Wed, 23 Mar 2005 19:34:59 +0000 (19:34 +0000)]
More debug messages to clarify what's going on
aland [Wed, 23 Mar 2005 18:38:44 +0000 (18:38 +0000)]
Minor code cleanups. No functional changes
bjordanov [Wed, 23 Mar 2005 13:45:57 +0000 (13:45 +0000)]
Fixed rlm_perl hash issue. Now we support not only character string in scalar value
taken from %RAD_xxx hashes. Before if you want to return an integer value in RAD_REPLY
you have to say $RAD_REPLY{'Port-Limit'} = "1"; now it is possible to do it without ""
ie $RAD_REPLY{'Port-Limit'} = 1;
pnixon [Tue, 22 Mar 2005 06:07:55 +0000 (06:07 +0000)]
Force set NLS_TIMESTAMP_TZ_FORMAT='YYYY-MM-DD HH24:MI:SS.FF TZH:TZM' on every Oracle connect. (If anyone can think of a better way to do this I am all ears)
aland [Tue, 22 Mar 2005 02:00:52 +0000 (02:00 +0000)]
Removed all references to exit() from the file. We now exit
gracefully from these calls.
aland [Tue, 22 Mar 2005 00:58:10 +0000 (00:58 +0000)]
catch another record_init, missed by the previous commit
aland [Tue, 22 Mar 2005 00:57:11 +0000 (00:57 +0000)]
Removed record_* functions from global visibility.
Moved record_init to end of tls_handshake_send, as it is always
called after tls_handshake_send
aland [Tue, 22 Mar 2005 00:53:13 +0000 (00:53 +0000)]
Moved record_* functions to tls_session_t structure, so that
we can (hopefully) remove all inter-module linking.
It's not done yet (and untested), but TTLS should now NOT require
linking against rlm_eap_tls
pnixon [Mon, 21 Mar 2005 22:00:43 +0000 (22:00 +0000)]
Ooops. Add another space.
pnixon [Mon, 21 Mar 2005 21:53:34 +0000 (21:53 +0000)]
Fix calls to da_sql_limit
pnixon [Mon, 21 Mar 2005 21:50:12 +0000 (21:50 +0000)]
Fix the calls to da_sql_limit
aland [Mon, 21 Mar 2005 21:13:06 +0000 (21:13 +0000)]
"exit $?" instead of "exit 1", to keep error codes
aland [Mon, 21 Mar 2005 21:09:22 +0000 (21:09 +0000)]
Stop if we encounter an error
kkalev [Mon, 21 Mar 2005 17:05:17 +0000 (17:05 +0000)]
Rename the badusers date field to incidentdate to avoid reserved words in databases. Bug found by
Peter Nixon
kkalev [Mon, 21 Mar 2005 13:16:58 +0000 (13:16 +0000)]
Create a new function da_sql_limit() and use that to pass LIMIT arguments to the database layer
since the syntax is different between db vendors
pnixon [Mon, 21 Mar 2005 10:35:47 +0000 (10:35 +0000)]
Trim semicolon from the end of the query if it exists.
nbk [Sun, 20 Mar 2005 19:56:23 +0000 (19:56 +0000)]
The "proxy" and "proxy_reply" cases were missing when new_attribute
is set to yes.
pnixon [Sun, 20 Mar 2005 17:34:15 +0000 (17:34 +0000)]
Look for Oracle10g "Instant Client" installed from RPM
pnixon [Sun, 20 Mar 2005 17:07:25 +0000 (17:07 +0000)]
Add native oracle support (Using the PHP OCI8 driver) to dialupadmin
pnixon [Sun, 20 Mar 2005 17:05:54 +0000 (17:05 +0000)]
Change from DATE to TIMESTAMP WITH TIMEZONE for to fields. (What use is a CDR that only has a date and no time???)
pnixon [Sun, 20 Mar 2005 17:04:21 +0000 (17:04 +0000)]
Add an extra trigger to make dialupadmin work
nbk [Sat, 19 Mar 2005 22:09:48 +0000 (22:09 +0000)]
When rewriting a attribute of type INTEGER or IPADDR, it is wrong
to change the strvalue only. Instead we call the pairparsevalue()
function which handles all possible types for an attribute.
pnixon [Sat, 19 Mar 2005 19:08:07 +0000 (19:08 +0000)]
hopefully final table schema
pnixon [Sat, 19 Mar 2005 18:47:27 +0000 (18:47 +0000)]
Fix datatype
pnixon [Sat, 19 Mar 2005 17:43:55 +0000 (17:43 +0000)]
pg_exec() has been replaced with pg_query()
pnixon [Fri, 18 Mar 2005 22:29:57 +0000 (22:29 +0000)]
totacct for Oracle
pnixon [Fri, 18 Mar 2005 22:25:10 +0000 (22:25 +0000)]
mtotacct for Oracle
pnixon [Fri, 18 Mar 2005 22:13:58 +0000 (22:13 +0000)]
badusers for oracle
pnixon [Fri, 18 Mar 2005 18:46:00 +0000 (18:46 +0000)]
userinfo.sql for oracle
phampson [Fri, 18 Mar 2005 15:05:36 +0000 (15:05 +0000)]
Fix inversion of test, so the mutex is initialised once instead of nunce.
Thanks to Manuel Menal (via Debian Bug #300219)
kkalev [Fri, 18 Mar 2005 14:12:59 +0000 (14:12 +0000)]
Don't use $num in stats.php3, change it to $stats_num
kkalev [Fri, 18 Mar 2005 14:01:45 +0000 (14:01 +0000)]
check_ip() should now work in nas_admin.php3. Only require lib/functions.php3 once
in stats.php3
phampson [Thu, 17 Mar 2005 13:44:31 +0000 (13:44 +0000)]
Allow checkrad to be called successfully with ports > 9999999 without
trashing memory.
Spotted and initial patch by Eddie Stassen
nbk [Thu, 17 Mar 2005 12:33:25 +0000 (12:33 +0000)]
Move inclusion of SNMP header files to smux.h since it's only
included by the files that need to talk SNMP
nbk [Thu, 17 Mar 2005 12:32:35 +0000 (12:32 +0000)]
Any file which includes smux.h can't compile without the SNMP
header files
nbk [Wed, 16 Mar 2005 23:21:17 +0000 (23:21 +0000)]
When building radrelay, remove options which confuse the linker
Problem reported by Jakub Wartak <vnulllists@pcnet.com.pl>
kkalev [Wed, 16 Mar 2005 09:39:26 +0000 (09:39 +0000)]
Revert back to using postgresql specific functions. dbx functions should be changed
to also use a dabatase subtype and perform any database specific functions themselves.
nbk [Tue, 15 Mar 2005 17:34:27 +0000 (17:34 +0000)]
Regroup the code which handles "new_attribute = yes" in one
single block
pnixon [Tue, 15 Mar 2005 17:05:59 +0000 (17:05 +0000)]
Add Oracle (rlm_sql_oracle) support as an option extra package as well and properly package dialup_admin
pnixon [Tue, 15 Mar 2005 17:01:43 +0000 (17:01 +0000)]
A first stab at using DBX for database abstraction. Works with Postgres currently.
pnixon [Tue, 15 Mar 2005 13:54:58 +0000 (13:54 +0000)]
First cut at making a working DBX driver.
kkalev [Tue, 15 Mar 2005 13:24:51 +0000 (13:24 +0000)]
Remove snmp_clearsession. It is replaced by clearsession which supports both snmp and telnet
methods of removing a user from an access server. Add corresponding configuration directives
general_sessionclear_method and nasXX_sessionclear_method
aland [Mon, 14 Mar 2005 18:08:35 +0000 (18:08 +0000)]
Make the header for the detail file configurable.
aland [Mon, 14 Mar 2005 18:05:30 +0000 (18:05 +0000)]
ctime puts a \n in the string, which we don't want
kkalev [Mon, 14 Mar 2005 11:57:34 +0000 (11:57 +0000)]
Correctly check nas validity in nas_admin.php3. Bug noted by Nick Bright
kkalev [Mon, 14 Mar 2005 11:51:32 +0000 (11:51 +0000)]
* Show the correct nas type in nas_admin. Bug noted by Nick Bright
* Correctly calculate the nas ip in lib/sql/nas_list.php3. Add a check_ip() function in lib/functions.php3
Bug noted by Nick Bright
nbk [Mon, 14 Mar 2005 10:01:51 +0000 (10:01 +0000)]
Pulled from Debian bug #292170:
Make init script return 1 if reloading kills the server
kkalev [Sun, 13 Mar 2005 15:52:35 +0000 (15:52 +0000)]
urlencode() all occurrences of the $login variable when used in url's. Bug noted by Dag Landau
bjordanov [Sat, 12 Mar 2005 09:35:53 +0000 (09:35 +0000)]
Adds a check if first call to strtok returns NULL in perl_xlat (closes: #218)
aland [Thu, 10 Mar 2005 20:52:18 +0000 (20:52 +0000)]
Separate attribute/module name parsing from module parameter
parsing, and do bounds checks.
This fixes bug #216
aland [Thu, 10 Mar 2005 19:19:54 +0000 (19:19 +0000)]
Moved inclusion of SNMP header files from global include files
to radius_snmp.h
Re-arranged a few things so that the server builds.
This is because net-snmp/net-snmp-config.h includes net-snmp's
"autoconf.h" file, which defines HAVE_PTHREAD_H, among many, many
other things! That's a VERY bad thing to do to people.
kkalev [Thu, 10 Mar 2005 19:07:44 +0000 (19:07 +0000)]
Add support for usrhiper in snmpfinger. Patch from Nick Bright
aland [Thu, 10 Mar 2005 18:57:55 +0000 (18:57 +0000)]
one-line #define to not use pthread functions when building
without threads
kkalev [Wed, 9 Mar 2005 21:53:48 +0000 (21:53 +0000)]
* Make nasXX_finger_type actually work since the place where nas information was stored was changed a
long time ago. Bug noted by Nick Bright
* In user_finger only set LD_LIBRARY_PATH once, not each time we call snmpfinger
kkalev [Wed, 9 Mar 2005 15:19:56 +0000 (15:19 +0000)]
Add a dictionary from NTUA (National Technical University of Athens) with
the UserLogon class of attributes. Used by the pGina RADIUS plugin (and
hopefully more in the future).
pnixon [Tue, 8 Mar 2005 16:35:45 +0000 (16:35 +0000)]
Actually include the dictionary.. Idiot..
pnixon [Tue, 8 Mar 2005 16:34:19 +0000 (16:34 +0000)]
fix syntax error
bjordanov [Tue, 8 Mar 2005 09:30:16 +0000 (09:30 +0000)]
New hashes added %RAD_REQUEST_PROXY (filled with vps from request->proxy->vps )
and %RAD_REQUEST_PROXY_REPLY ( filled with vps from request->proxy_reply->vps)
%RAD_REQUEST_PROXY is read-only, %RAD_REQUEST_PROXY_REPLY is read-write
(closes: #215)
bjordanov [Mon, 7 Mar 2005 11:52:06 +0000 (11:52 +0000)]
When defined USE_ITHREADS and called perl_xlat an perl interpetator is not
released on exit so after few requests the thread pool will not contain a free
interpetators. (closes: #179)
bjordanov [Mon, 7 Mar 2005 11:19:21 +0000 (11:19 +0000)]
Fixes problem with SIGHUP, multiple instances,
ithreads pool and locking problem. (closes: #111)
phampson [Sat, 5 Mar 2005 03:59:14 +0000 (03:59 +0000)]
"Usable", not "useable"
pnixon [Fri, 4 Mar 2005 14:49:08 +0000 (14:49 +0000)]
New dictionay thanks to Zydrunas Sablinskas
kkalev [Fri, 4 Mar 2005 14:30:24 +0000 (14:30 +0000)]
Add a dictionary from Epygi (epygi.com) hardware
aland [Thu, 3 Mar 2005 20:32:57 +0000 (20:32 +0000)]
chown radius.log, if we've written to it as root.root, before
we switch users.
This fixes bug #210
aland [Thu, 3 Mar 2005 20:13:19 +0000 (20:13 +0000)]
Remember CPPFLAGS, too.
This should close bug #201
aland [Thu, 3 Mar 2005 20:02:17 +0000 (20:02 +0000)]
close outfd outside of the loop, not while we're trying to lock
it.
Patch from Igor K, bug #130
aland [Thu, 3 Mar 2005 02:23:33 +0000 (02:23 +0000)]
Updated for changes
aland [Wed, 2 Mar 2005 23:18:42 +0000 (23:18 +0000)]
Re-enable '-i ipaddr' and '-p port'.
If they're used, then they over-ride everything in radiusd.conf
kkalev [Wed, 2 Mar 2005 13:20:40 +0000 (13:20 +0000)]
Log somewhat more verbose error messages when the sql_command binary is not found in the bin scripts
pnixon [Tue, 1 Mar 2005 16:15:57 +0000 (16:15 +0000)]
Info about FreeRADIUS on SUSE
pnixon [Tue, 1 Mar 2005 14:03:56 +0000 (14:03 +0000)]
You can integrate NovellĀ® eDirectoryTM 8.7.1 or later with FreeRADIUS 1.0.2 onwards to allow wireless authentication for eDirectory users.
pnixon [Tue, 1 Mar 2005 12:52:43 +0000 (12:52 +0000)]
new PAM config in upcomming SUSE 9.3Pro
pnixon [Tue, 1 Mar 2005 12:07:49 +0000 (12:07 +0000)]
Major cleanups to bring in sync with SUSE 9.2 Professional and to run as user radiusd instead of root
aland [Tue, 1 Mar 2005 01:47:39 +0000 (01:47 +0000)]
More/better error messages.
Don't allow quoted strings as conf-section names.
aland [Mon, 28 Feb 2005 23:54:13 +0000 (23:54 +0000)]
When $INCLUDE'ing files, cf_item_add may be called with a list
of items. If so, add all children to the parent trees.
We don't have to touch the child trees, because they aren't changed.
aland [Mon, 28 Feb 2005 22:47:17 +0000 (22:47 +0000)]
When reading files in a directory, be a little more restrictive.
We allow alpha-numeric, '.' and '_'. Anything else is ignored.
aland [Mon, 28 Feb 2005 22:32:13 +0000 (22:32 +0000)]
Moved copy_string && copy_var from exec.c to util.c, as public
functions, so that others may use them.
(mostly) copied "split into argv" code from exec.c into xlat_config,
to avoid injection attacks. i.e. "split into argv, and then xlat",
rather than "xlat, and then split into argv".
This also allows the use of "." in section/pair names.
aland [Mon, 28 Feb 2005 19:50:47 +0000 (19:50 +0000)]
Use rbtrees for CONF_SECTIONS, with hacks to make instance names
work...