aland [Thu, 16 Nov 2000 16:42:53 +0000 (16:42 +0000)]
updated for latest changes
aland [Thu, 16 Nov 2000 16:34:24 +0000 (16:34 +0000)]
added PAM configuration section.
aland [Thu, 16 Nov 2000 16:30:24 +0000 (16:30 +0000)]
allowed the PAM module to read it's Pam-Auth name from the
radiusd.conf configuration file.
aland [Thu, 16 Nov 2000 16:29:34 +0000 (16:29 +0000)]
cleaned up the example module
jcarneal [Tue, 14 Nov 2000 23:56:01 +0000 (23:56 +0000)]
Jeff Carneal <jeff@apex.net>
Bugfix for default entries list.
jcarneal [Tue, 14 Nov 2000 23:00:08 +0000 (23:00 +0000)]
Jeff Carneal <jeff@apex.net>
Updated fastusers with 'hash_reload = N' config item, where N is the number
of seconds between hash rebuilds. This allows us to not HUP the server
and yet still refresh our hash list on a reasonable schedule.
jcarneal [Tue, 14 Nov 2000 02:27:06 +0000 (02:27 +0000)]
Added request_list.o to SERVER_OBJS.
aland [Mon, 13 Nov 2000 22:01:01 +0000 (22:01 +0000)]
cleaned up & re-arranged more code, for refresh_request.
aland [Mon, 13 Nov 2000 20:59:31 +0000 (20:59 +0000)]
removed old PAM code. It's now in rlm_pam
aland [Mon, 13 Nov 2000 20:59:07 +0000 (20:59 +0000)]
new files to handle the REQUEST_LIST data structure, and to
hide that information from the main server core.
Updated the server core to (mostly) use the new API, as posted
to the list Tue, 07 Nov 2000. There's still work to do, however.
Removed the 'setuptimout' function, and merged it's functionality
into rad_clean_list(), so there is now only one pass over the entire
request list.
jcarneal [Mon, 13 Nov 2000 19:07:20 +0000 (19:07 +0000)]
Jeff Carneal <jeff@apex.net>
Bugfix. Value name is dval->name, not dval->attrname.
aland [Mon, 13 Nov 2000 17:41:05 +0000 (17:41 +0000)]
removed old 'radius_xlate' function, and replaced all references
to it, with 'radius_xlat2'.
Updated the parameters passed to 'radius_exec', in order to allow
it to pass the correct parameters to radius_xlat2
aland [Mon, 13 Nov 2000 17:40:02 +0000 (17:40 +0000)]
deleted unneeded 'fixme', and cleaned up comments
aland [Mon, 13 Nov 2000 17:39:46 +0000 (17:39 +0000)]
minor typo update
aland [Mon, 13 Nov 2000 17:23:50 +0000 (17:23 +0000)]
removed extraneous 'VALUE_PAIR *reply' from radius_xlat2 function
jcarneal [Fri, 10 Nov 2000 22:13:18 +0000 (22:13 +0000)]
Bugfix. Was creating 'detail' as directory.
aland [Fri, 10 Nov 2000 21:15:02 +0000 (21:15 +0000)]
seperated include for libradius.h from radiusd.h. The include
for libradius.h is now near the top of the include list, after
autoconf.h, and before any system includes.
We then have radiusd.h (which includes missing.h).
This new order should hopefully minimize problems with include
file order on different platforms
aland [Fri, 10 Nov 2000 20:51:25 +0000 (20:51 +0000)]
added PW_TYPE_SUBSECTION for configuration file parser, so that
it can automagically walk through subsections, too.
aland [Fri, 10 Nov 2000 20:35:09 +0000 (20:35 +0000)]
removed dependence on RADIUS_PID, and get the config information
from the new configuration, instead of hard-coding it in at
compile time.
jcarneal [Fri, 10 Nov 2000 20:11:29 +0000 (20:11 +0000)]
Jeff Carneal <jeff@apex.net>
Clean up logging in auth.c with new 'rad_authlog' function.
Split log_auth_pass config item into:
log_auth_badpass
log_auth_goodpass
This is more in keeping with cistron compatibility.
aland [Fri, 10 Nov 2000 18:52:08 +0000 (18:52 +0000)]
removed duplicated 'read NAS' code from the source.
It still doesn't read the 'radiusd.conf' file, which it SHOULD,
but those changes can be made later.
aland [Fri, 10 Nov 2000 16:31:51 +0000 (16:31 +0000)]
removed a number of defines which are not needed any more
aland [Fri, 10 Nov 2000 16:30:03 +0000 (16:30 +0000)]
removed dependencies on #define's for location of configuration file
aland [Fri, 10 Nov 2000 16:28:33 +0000 (16:28 +0000)]
removed dependence in #define's, for where the files are located
aland [Fri, 10 Nov 2000 16:24:25 +0000 (16:24 +0000)]
removed dependencies on hard-coded #define's. Use configured
values.
aland [Fri, 10 Nov 2000 16:16:50 +0000 (16:16 +0000)]
deleted hard-coded RADWTMP, and moved it to a configuration file
directive
hartwick [Fri, 10 Nov 2000 15:02:55 +0000 (15:02 +0000)]
* Update to reflect the use of rad_mkdir() to recursively make the
directories.
pam [Fri, 10 Nov 2000 08:53:48 +0000 (08:53 +0000)]
Fixed typo, which broke compilation of the module.
Fixed couple warnings during compilation.
aland [Thu, 9 Nov 2000 19:11:54 +0000 (19:11 +0000)]
moved rad_mkdir() to main/util.c, where other modules can make
use of it.
aland [Thu, 9 Nov 2000 19:11:17 +0000 (19:11 +0000)]
removed old build_reply() function.
Added new rad_mkdir function
aland [Thu, 9 Nov 2000 19:06:38 +0000 (19:06 +0000)]
added 'netmask' to RADCLIENT data structure.
Define rad_mkdir() function
aland [Thu, 9 Nov 2000 19:05:55 +0000 (19:05 +0000)]
included header file for ntohl() macro
aland [Thu, 9 Nov 2000 17:24:32 +0000 (17:24 +0000)]
added notes on using new ipaddr/netmask for client networks
aland [Thu, 9 Nov 2000 17:15:24 +0000 (17:15 +0000)]
added support for network masks to clients. We can now do:
192.168.0.0/16 secret1
192.168.0.0/24 secret2
192.168.0.0/32 secret3
and the client will match the most restrictive one.
aland [Thu, 9 Nov 2000 16:50:28 +0000 (16:50 +0000)]
move hostname_lookup config from radiusd.c to conffile.c
aland [Wed, 8 Nov 2000 21:22:09 +0000 (21:22 +0000)]
These files are no longer relevant. The new configuration file
does all these were proposing to do, and more.
aland [Wed, 8 Nov 2000 20:32:34 +0000 (20:32 +0000)]
support 'user' and 'group' directives, where the server does
setgid && setuid to whatever the user supplies.
This is so that the server doesn't need to run as root...
aland [Wed, 8 Nov 2000 18:47:11 +0000 (18:47 +0000)]
new rad_mkdir() function. It works just like mkdir(), but
creates *all* relevant directories, not just the last one
aland [Wed, 8 Nov 2000 17:59:52 +0000 (17:59 +0000)]
make more functions and variables 'static'
set the length of the returned SNMP variables
generic clean-ups
aland [Wed, 8 Nov 2000 17:21:12 +0000 (17:21 +0000)]
defined an SNMP data structure for auth/acct server statistics.
Updated the SNMP code to return the information.
Note that the main RADIUS code still doesn't maintain any information,
other than the total auth/acct requests. This code needs to be
written.
jcarneal [Wed, 8 Nov 2000 17:07:20 +0000 (17:07 +0000)]
Jeff Carneal <jeff@apex.net>
o Added function rad_cleandir() to sanitize directory input
o Added function rad_mkdir() to create all needed directories
aland [Wed, 8 Nov 2000 16:16:47 +0000 (16:16 +0000)]
Deleted read_config_files(), and moved it's functionality
to conffile.c: read_radius_conf_file(), radiusd.c: reread_config()
Deleted configuration parser cruft from modules.c, as it's now
done properly in conffile.c.
The configuration file parser now pulls the relevant directories
out of the configuration file, and uses those to read the rest
of the configuration file entries. The server-specific config
is still handled in radiusd.c
hartwick [Wed, 8 Nov 2000 16:12:09 +0000 (16:12 +0000)]
* Clear up a warning in reread_config which was returning a valid,
but was declared void.
* Add code to display the IP address of the NAS that is being
ignored.
hartwick [Wed, 8 Nov 2000 04:38:14 +0000 (04:38 +0000)]
* Add client_walk() prototype.
hartwick [Wed, 8 Nov 2000 04:21:09 +0000 (04:21 +0000)]
* Add a client_walk() function to walk the client list. This
function is primarily for debugging.
jcarneal [Tue, 7 Nov 2000 22:22:09 +0000 (22:22 +0000)]
Jeff Carneal <jeff@apex.net>
Changed radiusd.c to skip the request count if max_requests=0.
Essentially allowing infinite number of requests, for those
who need more rope to hang themselves.
aland [Tue, 7 Nov 2000 22:20:50 +0000 (22:20 +0000)]
removed more traces of builddbm
aland [Tue, 7 Nov 2000 20:08:43 +0000 (20:08 +0000)]
remove LDBM and BUILDDBM from the source tree
aland [Tue, 7 Nov 2000 20:07:03 +0000 (20:07 +0000)]
removed LDBM and BUILDDBM from the source tree
hartwick [Tue, 7 Nov 2000 19:24:32 +0000 (19:24 +0000)]
* Update some of the error messages to start with rlm_detail:
jcarneal [Tue, 7 Nov 2000 18:45:16 +0000 (18:45 +0000)]
Jeff Carneal <jeff@apex.net>
Fixed so that hostname_lookups = yes/no now works. Doing this required
moving the code to read radiusd.conf from files.c to radiusd.c before
files.c:read_config_files() is called.
jcarneal [Tue, 7 Nov 2000 18:23:31 +0000 (18:23 +0000)]
Jeff Carneal <jeff@apex.net>
In keeping with the default of having hostname lookups turned off, I'm
setting the dodns variable = 0 instead of =1 here. Temporary hack
until it's fixed properly.
aland [Tue, 7 Nov 2000 18:04:09 +0000 (18:04 +0000)]
removed proxy_retry() function.
Move all handling of cleanup_delay, max_request_time, proxy_retry,
into new 'refresh_request' function. This cleans up the code
a bit, and will later make it easier for us to do incremental
clean ups.
aland [Tue, 7 Nov 2000 17:09:35 +0000 (17:09 +0000)]
added configuration examples for the 'preprocess' module
aland [Tue, 7 Nov 2000 17:08:35 +0000 (17:08 +0000)]
corrected typo
aland [Tue, 7 Nov 2000 17:03:35 +0000 (17:03 +0000)]
removed WITH_DBM, and WITH_FOO_HACK from the top-level configuration
scripts. These items should be run-time configurable.
aland [Tue, 7 Nov 2000 17:02:30 +0000 (17:02 +0000)]
added a configuration section parser for the module.
Moved the various #ifdef FOO_HACK' to 'if (instance->foo_hack')',
to make things run-time configurable.
aland [Tue, 7 Nov 2000 17:00:56 +0000 (17:00 +0000)]
moved cf_expand_variables.
When parsing a configuration section, expand the string variables,
too. This allows modules to have their default filenames
${raddbdir}/file
aland [Mon, 6 Nov 2000 22:21:16 +0000 (22:21 +0000)]
removed all DBM and NDBM code. If anyone wants to write an rlm_dbm
module, they're welcome to do so. Until then, however, having
dbm code in rlm_files is a hack which shouldn't exist.
aland [Mon, 6 Nov 2000 22:13:08 +0000 (22:13 +0000)]
removed un-necessary 'filename' variable.
removed un-necessary 'nasname' look ups.
jcarneal [Mon, 6 Nov 2000 21:12:51 +0000 (21:12 +0000)]
Jeff Carneal <jeff@apex.net>
Trivial change to make use of rad_rmspace() in the
parse function.
aland [Mon, 6 Nov 2000 20:13:29 +0000 (20:13 +0000)]
use '--mode=install $(INSTALL)', instead of plain 'install', for
libtool-enabled install
aland [Mon, 6 Nov 2000 19:25:55 +0000 (19:25 +0000)]
if our last sleep time was zero seconds, then re-calculate
the sleep time upon entering setuptimeout()
aland [Mon, 6 Nov 2000 19:18:55 +0000 (19:18 +0000)]
more cleanups, and ensured that any select() modifications to
the tv pointer do NOT affect the value we calculated last time
int setuptimeout()
aland [Mon, 6 Nov 2000 18:22:53 +0000 (18:22 +0000)]
use --mode=install $(INSTALL) for libtool, instead of a bare 'install'
aland [Mon, 6 Nov 2000 17:36:18 +0000 (17:36 +0000)]
re-arranged code in rad_clean_list() to simplify it.
It also ensures that at 'max_request_time', the request is ALWAYS
deleted, even if it isn't finished. The old code would not always
do this.
aland [Mon, 6 Nov 2000 17:04:05 +0000 (17:04 +0000)]
moved the 'client' handling code to a new file: client.c
updated the nas_name functions to be more thread-safe
aland [Mon, 6 Nov 2000 16:15:46 +0000 (16:15 +0000)]
moved the call to proxy_retry() into rad_clean_list(), so that
it's executed at *most* once a second. This should minimize
un-necessary processing.
aland [Mon, 6 Nov 2000 15:50:50 +0000 (15:50 +0000)]
if we don't have any pthread libraries, remove all knowledge of
pthreads, and all thread-related CFLAGS and LIBS
aland [Sun, 5 Nov 2000 15:09:29 +0000 (15:09 +0000)]
added code to setuptimeout() which makes it remember the last
sleep time. If the function is being called within the same second,
then we do NOT have to walk the list again, but instead simply return
the last sleep time.
This functionality is similar to that use by rad_clean_list(),
and something similar should probably be added to proxy_retry()
Maybe all of those functions should be merged...
jcarneal [Sat, 4 Nov 2000 16:39:34 +0000 (16:39 +0000)]
Jeff Carneal <jeff@apex.net>
Updated sql code to be instance aware. Also did
the following:
1. Added support for connectinfo start and stop
2. Added support for acct unique (w/ updates)
3. configurable num of connections
4. configurable sql tracefile
TODO: config-based accounting tables
aland [Fri, 3 Nov 2000 21:28:43 +0000 (21:28 +0000)]
re-formatted the file to remove whitespace, and follow standard
formatting.
Made internal functions 'static', so that their names don't conflict
with other names.
aland [Fri, 3 Nov 2000 21:18:42 +0000 (21:18 +0000)]
removed unneeded 'init' routine
aland [Fri, 3 Nov 2000 21:17:54 +0000 (21:17 +0000)]
removed un-needed 'init' routine
aland [Fri, 3 Nov 2000 21:17:32 +0000 (21:17 +0000)]
update change I missed last time
aland [Fri, 3 Nov 2000 21:13:16 +0000 (21:13 +0000)]
use new 'instance' for paircompare_register. This will allow us
to possible have multiple unix-type passwd files...
aland [Fri, 3 Nov 2000 21:12:16 +0000 (21:12 +0000)]
removed global 'huntgroups' and 'hints'. Removed 'init' function,
and replaced with 'instantiate', so that we can possibly have multiple
preprocess...
aland [Fri, 3 Nov 2000 21:11:15 +0000 (21:11 +0000)]
made paircompare_register() take a 'void *instance' parameter,
so that modules can register per-instance comparison functions.
aland [Fri, 3 Nov 2000 21:05:20 +0000 (21:05 +0000)]
better handling of accounts with no passwords. There's no point
in malloc()'ing 1 byte for a '\0'...
aland [Fri, 3 Nov 2000 16:59:55 +0000 (16:59 +0000)]
only get the acct_port from /etc/services if we're getting
auth_port from there.
In all other cases, default to auth_port + 1
aland [Fri, 3 Nov 2000 16:02:58 +0000 (16:02 +0000)]
renamed Request-Src-IP-Address to Client-IP-Address, to make it
match Cistron.
The Client-IP-Address name is similar to the old Client-ID, etc.
names, but I hope it doesn't confuse too many people...
aland [Fri, 3 Nov 2000 14:46:01 +0000 (14:46 +0000)]
minor cleanups to the code
aland [Wed, 1 Nov 2000 20:13:06 +0000 (20:13 +0000)]
added explanations about thread safe/unsafe module types
aland [Wed, 1 Nov 2000 19:58:43 +0000 (19:58 +0000)]
marked the module as NOT thread-safe
aland [Wed, 1 Nov 2000 19:58:01 +0000 (19:58 +0000)]
implement thread mutex locking/unlocking for modules which
have their 'type' field set to non-thread-safe.
This is so that the modules which are NOT thread-safe can be
guaranteed to execute single-threaded
aland [Tue, 31 Oct 2000 23:19:54 +0000 (23:19 +0000)]
bug fix by Chad Miller <cmiller@surfsouth.com>
aland [Tue, 31 Oct 2000 19:05:34 +0000 (19:05 +0000)]
bug fixes & updates by Nathan Neulinger <nneul@umr.edu>
aland [Tue, 31 Oct 2000 15:35:07 +0000 (15:35 +0000)]
in rad_getpass(), use the request->password if it's available.
This is quicker than doing a pairfind() again.
aland [Tue, 31 Oct 2000 15:28:32 +0000 (15:28 +0000)]
moved definitions from the global header file to the only place
where they're being used.
aland [Tue, 31 Oct 2000 15:25:47 +0000 (15:25 +0000)]
Moved rad_loweruser/rad_lowerpass to rad_lowerpair, to make them
more generic functions. Their code is almost exactly the same,
so this makes for fewer functions to maintain and debug.
Ditto for rad_rmspace_user/rad_rmspace_pass.
Made both functions 'static' to radiusd.c, as that's the only place
they're being called from. There's no point in having them global
if no one else uses them.
aland [Tue, 31 Oct 2000 15:14:00 +0000 (15:14 +0000)]
moved the kerberos data to the instantiation function, to make
it thread-safe, etc.
aland [Mon, 30 Oct 2000 22:21:18 +0000 (22:21 +0000)]
Minor clean ups. Made the context 'static'.
Hmm.... this doesn't appear too thread safe.
aland [Mon, 30 Oct 2000 22:20:38 +0000 (22:20 +0000)]
made the string comparison case insensitive
aland [Mon, 30 Oct 2000 22:18:46 +0000 (22:18 +0000)]
NS-MTA-MD5 password patch, from Brandon Lee Poyner <bpoyner@thebiz.net>
aland [Mon, 30 Oct 2000 22:12:20 +0000 (22:12 +0000)]
added definitions for NS-MTA-MD5-Password
jcarneal [Mon, 30 Oct 2000 20:10:01 +0000 (20:10 +0000)]
Jeff Carneal <jeff@apex.net>
Modified lowercase/nospace functions to work either
before or after processing the request. If after,
the server will retry the request with the new values.
Added function rad_getpass() to auth.c.
This will all be moved to a module after we have the
ability to auth -> fail -> lower -> auth again in
module processing.
aland [Mon, 30 Oct 2000 17:49:12 +0000 (17:49 +0000)]
added user name to the error messages, and made 'user' and 'pass'
to be 'const', so that they don't get modified.
aland [Mon, 30 Oct 2000 17:41:23 +0000 (17:41 +0000)]
Kerberos module, from Nathan <nneul@umr.edu>
hartwick [Sun, 29 Oct 2000 18:53:28 +0000 (18:53 +0000)]
* Add a call to stat() to check for the existance of the cached
directory name.
hartwick [Sun, 29 Oct 2000 04:00:32 +0000 (04:00 +0000)]
* Correct a bug introduced in 1.7. The wrong buffer was
being used for creating the directory.
* Add the beginnings of the code to sanitize the directory.
Unfortunately due to the requirement for most to have periods
in the directory names special checking is required to disallow
.. in the directory name, but allow single .'s. It is not
perfect, but a start.