Alan T. DeKok [Wed, 7 Jan 2009 09:51:34 +0000 (10:51 +0100)]
Added notes on using "screen"
Alan T. DeKok [Tue, 6 Jan 2009 11:09:30 +0000 (12:09 +0100)]
Check for setuid, and use those checks
Alan T. DeKok [Tue, 6 Jan 2009 11:02:34 +0000 (12:02 +0100)]
Updated build to use (or not) self-pipes
If we're on platforms that don't support pipes, OR on platforms
that don't have threads, don't use self pipes.
Alan T. DeKok [Fri, 28 Nov 2008 10:42:59 +0000 (11:42 +0100)]
Limit the maximum number of queries over one SQL socket.
Similar to the "lifetime" change. If there are issues such as DB
memory leaks per client socket, then it is a good idea to periodically
close the client sockets.
Alan T. DeKok [Fri, 28 Nov 2008 10:00:25 +0000 (11:00 +0100)]
Add "lifetime" to SQL sockets.
After "lifetime" seconds, an open connection is closed. This can help
address issues such as firewalls that time out open connections...
Alan T. DeKok [Fri, 2 Jan 2009 18:43:53 +0000 (19:43 +0100)]
Corrected typo
Alan T. DeKok [Fri, 2 Jan 2009 15:23:03 +0000 (16:23 +0100)]
Enable the server to originate CoA-Request && Disconnect-Request
This is a fairly large change in the server, but is protected
by WITH_COA, so you can build without it, if you want to do that.
Alan T. DeKok [Thu, 1 Jan 2009 09:31:23 +0000 (10:31 +0100)]
Added "make cert" commands to bootstrap file
This helps it work when people don't have "make" installed
Alan T. DeKok [Thu, 18 Dec 2008 09:38:31 +0000 (10:38 +0100)]
Added WiMAX-MN-NAI and other server-side attributes
These were inexplicably left out.
Alan T. DeKok [Tue, 16 Dec 2008 15:24:25 +0000 (16:24 +0100)]
Simplified detail file polling
Moved loop over listeners to using the event API. This removes one
function, and simplifies the code.
Alan T. DeKok [Mon, 15 Dec 2008 10:57:54 +0000 (11:57 +0100)]
Removed dead code.
Closes Coverity #2
Alan T. DeKok [Mon, 15 Dec 2008 10:55:08 +0000 (11:55 +0100)]
If input pairs is NULL, return NOOP
Closes Coverity #6
Alan T. DeKok [Mon, 15 Dec 2008 10:49:09 +0000 (11:49 +0100)]
Free memory on error && exit.
Closes Coverity #16
Alan T. DeKok [Mon, 15 Dec 2008 10:43:15 +0000 (11:43 +0100)]
Removed dead code.
Closes Coverity #56
Alan T. DeKok [Mon, 15 Dec 2008 10:41:51 +0000 (11:41 +0100)]
If it's not a known option, it's an error.
Closes Coverity #57
Alan T. DeKok [Mon, 15 Dec 2008 10:39:31 +0000 (11:39 +0100)]
Suppress trailing NULs properly.
Closes Coverity #58
Alan T. DeKok [Mon, 15 Dec 2008 10:35:32 +0000 (11:35 +0100)]
Check tag values, too.
When comparing attributes, both tag AND value have to match
for the attributes to compare as equal.
Closes Coverity #59
Alan T. DeKok [Mon, 15 Dec 2008 10:32:52 +0000 (11:32 +0100)]
pairparsevalue() cannot be passed a NULL value.
Closes Coverity #62
Alan T. DeKok [Sun, 14 Dec 2008 22:02:21 +0000 (23:02 +0100)]
Remove dead code
Fixes Coverity #60
Alan T. DeKok [Sun, 14 Dec 2008 09:40:43 +0000 (10:40 +0100)]
Prepare for 2.1.4
Alan T. DeKok [Sun, 14 Dec 2008 09:31:17 +0000 (10:31 +0100)]
Change where we do suid up/down.
If the server starts as root, but it supposed to run as another
user, we want to *temporarily* drop permissions very early. Then,
when binding to privileged sockets, we re-gain permissions.
Once all of the sockets are open, we drop them permanently.
However, if we suid up for *all* sockets, then the control socket
will be created as root, rather than as the unprivileged user.
To fix that, we put suid up/down just around the 2 calls that
need it.
Alan T. DeKok [Sun, 14 Dec 2008 08:48:03 +0000 (09:48 +0100)]
Work around issue in gmake.
We were using PWD, and expecting it to be the current directory.
But apparently that's not how gmake works. We have to call
$(shell pwd) instead.
Alan T. DeKok [Sat, 13 Dec 2008 08:44:51 +0000 (09:44 +0100)]
One more check for parse error
If the statement didn't have a condition check, it's a parse error.
e.g.
()
(!)
(cond || )
(cond && )
Alan T. DeKok [Fri, 12 Dec 2008 18:01:34 +0000 (19:01 +0100)]
Fix evaluation parser
It would previously *not* evaluate things properly if there were
nested conditions, because the logic was broken and weird.
This is simplified, with the result that it's easy to understand,
and works correctly.
Alan T. DeKok [Fri, 12 Dec 2008 14:50:59 +0000 (15:50 +0100)]
Minor updates
Alan T. DeKok [Fri, 12 Dec 2008 08:36:30 +0000 (09:36 +0100)]
Define SUN_LEN for systems that don't have it
Alan T. DeKok [Thu, 11 Dec 2008 18:23:13 +0000 (19:23 +0100)]
Don't leak new listeners
Alan T. DeKok [Thu, 11 Dec 2008 14:26:58 +0000 (15:26 +0100)]
Permit multiple "-e"
Alan T. DeKok [Thu, 11 Dec 2008 14:21:11 +0000 (15:21 +0100)]
Corrected typo
Alan T. DeKok [Thu, 11 Dec 2008 11:18:49 +0000 (12:18 +0100)]
Fix minor bug. Check correct ptr
Alan T. DeKok [Fri, 5 Dec 2008 16:37:56 +0000 (17:37 +0100)]
Note 2.1.3
Alan T. DeKok [Fri, 5 Dec 2008 16:35:48 +0000 (17:35 +0100)]
Note 2.1.3
Alan T. DeKok [Fri, 5 Dec 2008 16:33:40 +0000 (17:33 +0100)]
Check out STABLE branch for 2.1.x, not the MASTER branch
Alan T. DeKok [Fri, 5 Dec 2008 06:56:16 +0000 (07:56 +0100)]
TTLSv0 RFC
Alan T. DeKok [Thu, 4 Dec 2008 11:01:02 +0000 (12:01 +0100)]
We're now 2.1.3
Alan T. DeKok [Thu, 4 Dec 2008 09:50:29 +0000 (10:50 +0100)]
Note 2.1.2
Alan T. DeKok [Thu, 4 Dec 2008 09:47:01 +0000 (10:47 +0100)]
Update time for release 2.1.2
Alan T. DeKok [Thu, 4 Dec 2008 09:00:03 +0000 (10:00 +0100)]
Added Cisco TFTP server option 150. Closes #618
Alan T. DeKok [Wed, 3 Dec 2008 16:29:52 +0000 (17:29 +0100)]
Allow all ports to be used. Closes #559
Alan T. DeKok [Wed, 3 Dec 2008 16:27:03 +0000 (17:27 +0100)]
Corrected VSA types. Closes #617
Alan T. DeKok [Tue, 2 Dec 2008 10:28:03 +0000 (11:28 +0100)]
Sample module to expire user after first login
Alan T. DeKok [Tue, 2 Dec 2008 09:26:29 +0000 (10:26 +0100)]
Note RedHat build FAQ
Alan T. DeKok [Tue, 2 Dec 2008 09:14:57 +0000 (10:14 +0100)]
Note final changes
Alan T. DeKok [Tue, 2 Dec 2008 09:11:38 +0000 (10:11 +0100)]
Fix for CVE-2008-4474
Dialup-admin uses tmp files insecurely. Since it isn't running
in a default install, this shouldn't be a major problem.
Patch from bug #605
Alan T. DeKok [Tue, 2 Dec 2008 08:00:52 +0000 (09:00 +0100)]
Don't leak memory on error conditions.
Closes Coverity #74.
The program exits anyways on error conditions, but cleaning up
is usually good practice.
Alan T. DeKok [Tue, 2 Dec 2008 07:56:54 +0000 (08:56 +0100)]
Simplify handling of structs.
This closes Coverity #73.
Rather than fixing the problem of leaked memory, we avoid it
completely by avoiding practices that require complex code to
avoid leaking memory.
Alan T. DeKok [Mon, 1 Dec 2008 15:10:51 +0000 (16:10 +0100)]
Die if we failed to allocate memory
Closes Coverity #63
We don't need to check for "cs->section_tree" twice. Just check for it
once, and if we can't allocate it, die. Checking a second time is
pointless.
Alan T. DeKok [Mon, 1 Dec 2008 15:08:09 +0000 (16:08 +0100)]
"name" cannot be NULL
If it's NULL, we can't use it at all. The previous code used it if
it was NULL...
Closes Coverity #64
Alan T. DeKok [Mon, 1 Dec 2008 15:02:15 +0000 (16:02 +0100)]
log_file may be NULL
Closes Coverity #65
Alan T. DeKok [Mon, 1 Dec 2008 14:54:01 +0000 (15:54 +0100)]
Request may be NULL
Closes Coverity #66
Alan T. DeKok [Mon, 1 Dec 2008 13:44:25 +0000 (14:44 +0100)]
Set "found" to first server.
Closes Coverity #67
Alan T. DeKok [Mon, 1 Dec 2008 13:40:00 +0000 (14:40 +0100)]
secret is NULL for LOCAL realms.
Fixes Coverity #68
Alan T. DeKok [Mon, 1 Dec 2008 13:36:54 +0000 (14:36 +0100)]
virtual_server can't be NULL
If we see "virtual_server = " in a home_server_pool, it's an error.
If you want to refer to the default virtual server, don't include
a virtual_server configuration entry.
Alan T. DeKok [Mon, 1 Dec 2008 12:54:35 +0000 (13:54 +0100)]
One more check for NULL.
Closes Coverity #80. Not that we think it's likely...
Alan T. DeKok [Mon, 1 Dec 2008 12:19:29 +0000 (13:19 +0100)]
More memory initialization
Closes Coverity #83
Alan T. DeKok [Mon, 1 Dec 2008 09:50:29 +0000 (10:50 +0100)]
free structure on error.
Closes Coverity #76
Alan T. DeKok [Mon, 1 Dec 2008 09:50:01 +0000 (10:50 +0100)]
listen.lo depends on listen.c, too
Alan T. DeKok [Mon, 1 Dec 2008 09:47:31 +0000 (10:47 +0100)]
Free fake on unknown packet.
This fixes Coverity #77.
Alan T. DeKok [Mon, 1 Dec 2008 09:45:49 +0000 (10:45 +0100)]
Don't allocate structure twice.
This fixes Coverity #78
Alan T. DeKok [Mon, 1 Dec 2008 09:40:24 +0000 (10:40 +0100)]
Ensure there's room for a trailing 0
This address Coverity #70. I don't think it will ever happen
due to the way the strings are being handled, but it never hurts
to be safe...
Alan T. DeKok [Mon, 1 Dec 2008 09:37:21 +0000 (10:37 +0100)]
Assert that comp < count, not <= count
This fixes Coverity #72
Alan T. DeKok [Mon, 1 Dec 2008 09:33:41 +0000 (10:33 +0100)]
De-reference ptr after checking it.
This fixes Coverity #79
Alan T. DeKok [Mon, 1 Dec 2008 09:30:52 +0000 (10:30 +0100)]
Mark entry=NULL after free'ing it.
This closes Coverity issue #107. There was an odd case where
we could free an old entry, and then if there were no new entries
in the queues, de-reference the old entry again.
Alan T. DeKok [Thu, 27 Nov 2008 11:07:18 +0000 (12:07 +0100)]
Permanently switch UID only if we succeed in doing setuid
mainconfig.c does setuid to an unpriviledged user (temporarily).
We do setuid(0) back to bind to the sockets.
But before running anything else, we permanently switch uid's
back to the unpriviledged user. But only if the first suid was
done
Alan T. DeKok [Wed, 26 Nov 2008 15:44:29 +0000 (16:44 +0100)]
Correct the attribute numbers for client accounting stats
Alan T. DeKok [Wed, 26 Nov 2008 15:40:03 +0000 (16:40 +0100)]
Use "ln -s" rather than "cp" for in-tree operation
Libtool on some platforms creates directories in the ".libs" directory.
Using "ln -s" rather than "cp" means we don't care what the destination
file type is, and we don't have to create a cross-platform "cp -R"
Alan T. DeKok [Tue, 25 Nov 2008 15:41:21 +0000 (16:41 +0100)]
Increase the field size for Acct-Session-Id to 64.
This closes #540
Alan T. DeKok [Tue, 25 Nov 2008 15:31:29 +0000 (16:31 +0100)]
LDAP-UserDn is in "control", not "request"
Closes #596
Alan T. DeKok [Tue, 25 Nov 2008 15:42:52 +0000 (16:42 +0100)]
Note changes
Alan T. DeKok [Tue, 25 Nov 2008 15:24:52 +0000 (16:24 +0100)]
Note recent fixes
Alan T. DeKok [Tue, 25 Nov 2008 13:44:00 +0000 (14:44 +0100)]
Add EVP_sha256 for WiMAX certificates
OpenSSL apparently doesn't include the EVP_sha256 digest by default,
and the WiMAX certificates require SHA256 certificates. So... we
add it manually.
However, the EVP_sha256 cipher is defined only if OPENSSL_FIPS is
defined, meaning we have to write a "configure" script check for this.
Alan T. DeKok [Tue, 25 Nov 2008 10:38:13 +0000 (11:38 +0100)]
Set default days because OpenSSL people won't do it.
Alan T. DeKok [Tue, 25 Nov 2008 09:39:35 +0000 (10:39 +0100)]
Document listen "type = status" better.
Closes #580
Alan T. DeKok [Tue, 25 Nov 2008 09:38:59 +0000 (10:38 +0100)]
Do "rm -rf lib" on "make clean".
It has no git controlled files, so this is OK
Alan T. DeKok [Tue, 25 Nov 2008 09:38:01 +0000 (10:38 +0100)]
Include <ltdl.h>
The file calles lt_dlopen(), so we need to include <ltdl.h>
fro proper function prototyping.
Partially addresses bug #610
Alan T. DeKok [Tue, 18 Nov 2008 13:05:49 +0000 (05:05 -0800)]
Check return codes for more instances of regcomp
Alan T. DeKok [Tue, 18 Nov 2008 13:03:13 +0000 (05:03 -0800)]
Note recent fixes
Alan T. DeKok [Tue, 18 Nov 2008 12:58:26 +0000 (04:58 -0800)]
Check the return code of regcomp
Alan T. DeKok [Thu, 6 Nov 2008 20:49:24 +0000 (12:49 -0800)]
Pass copy of debug_condition pointer to evalute
In some cases, evaluate will update the pointer. We don't
want this for debug conditions.
Alan T. DeKok [Thu, 23 Oct 2008 08:41:15 +0000 (10:41 +0200)]
Use SUN_LEN here, too
Alan T. DeKok [Wed, 15 Oct 2008 13:38:56 +0000 (15:38 +0200)]
Re-run autoconf
Alan T. DeKok [Wed, 15 Oct 2008 13:38:13 +0000 (15:38 +0200)]
More updates
Alan T. DeKok [Wed, 15 Oct 2008 13:30:52 +0000 (15:30 +0200)]
Check for getresuid && setresuid
Alan T. DeKok [Wed, 15 Oct 2008 05:50:03 +0000 (07:50 +0200)]
Removed thread pool from Perl module.
Also moved configuration from experimental.conf to it's own module,
and removed configuration for thread pool
Alan T. DeKok [Mon, 13 Oct 2008 15:27:11 +0000 (17:27 +0200)]
It's not 2.1.1
Alan T. DeKok [Wed, 15 Oct 2008 13:25:46 +0000 (15:25 +0200)]
Don't add -lreadline to LIBS
Alan T. DeKok [Sun, 12 Oct 2008 07:37:16 +0000 (09:37 +0200)]
libreadline is a library, not a dependency
Alan T. DeKok [Wed, 15 Oct 2008 13:24:39 +0000 (15:24 +0200)]
note changes pulled from main
Alan T. DeKok [Fri, 10 Oct 2008 10:06:38 +0000 (12:06 +0200)]
start sending Status-Server messages earlier
We now start sending them at the START of the zombie period,
which means that a "live" home server is marked "dead" less often.
i.e. an upstream proxy is responsible for realms A && B. We're
currently proxying packets for realm A only... and their upstream
is down. If our upstream doesn't respond, we might think that
it's down, when really it's being stupid. So, we start pinging
it with Status-Server. If it responds, we keep sending it packets,
including packets for realm B.
Alan T. DeKok [Sun, 28 Sep 2008 07:07:22 +0000 (09:07 +0200)]
Temporarily drop permissions
See "suid demystified" paper. We drop permissions, but keep a
saved UID. Then we restore permissions while binding to sockets.
This lets us run as an unprivileged user, but still bind to privileged
ports.
TO DO: add '-u user -g group -R chroot' to command-line options,
and switch UIDs *immediately* on start. This minimizes the amount
of code that runs as root.
TO DO: move suidup/down calls to wrap the bind() calls, and the BINDTODEVICE
calls, to even further minimize the code.
Alan T. DeKok [Sat, 4 Oct 2008 08:39:52 +0000 (10:39 +0200)]
Use SUN_LEN, which fixes portability issues
Alan T. DeKok [Sat, 4 Oct 2008 07:39:11 +0000 (09:39 +0200)]
Fix typos in previous commit
Alan T. DeKok [Fri, 3 Oct 2008 07:28:51 +0000 (09:28 +0200)]
Initialize nas_address to INADDR_NONE
Alan T. DeKok [Wed, 1 Oct 2008 12:11:21 +0000 (14:11 +0200)]
Parse attributes that are string
Foo = "bar baz"
This needs to be parsed as a type, not as a string, if Foo is date,
for example.
Alan T. DeKok [Tue, 30 Sep 2008 13:23:13 +0000 (15:23 +0200)]
Initialize pool to zero
This fixes a problem where dv->flags != 0 in dict_addvendor
Alan T. DeKok [Fri, 26 Sep 2008 12:11:23 +0000 (14:11 +0200)]
fake->server may be NULL
Alan T. DeKok [Fri, 26 Sep 2008 08:40:49 +0000 (10:40 +0200)]
Fix for ${name}
Alan T. DeKok [Thu, 25 Sep 2008 08:41:26 +0000 (10:41 +0200)]
Note more changes
Alan T. DeKok [Thu, 25 Sep 2008 08:41:13 +0000 (10:41 +0200)]
Note more changes
Alan T. DeKok [Wed, 24 Sep 2008 15:12:23 +0000 (17:12 +0200)]
Get session resumption working for EAP-TLS, too