pnixon [Fri, 13 Jul 2007 22:06:46 +0000 (22:06 +0000)]
Add radippool table
pnixon [Fri, 13 Jul 2007 20:59:39 +0000 (20:59 +0000)]
Don't calculate Acct-Delay-Time out of Start|Stop-Time AND still log it to database.
pnixon [Fri, 13 Jul 2007 19:32:05 +0000 (19:32 +0000)]
change now() back to %S as its more accurate when you run funky things like radrelay
pnixon [Fri, 13 Jul 2007 16:25:06 +0000 (16:25 +0000)]
Get rid of old style %P in one of the examples
pnixon [Fri, 13 Jul 2007 15:56:48 +0000 (15:56 +0000)]
Add XAscendSessionSvrKey column to radacct
pnixon [Fri, 13 Jul 2007 15:54:43 +0000 (15:54 +0000)]
Store X-Ascend-Session-Svr-Key in DB
aland [Fri, 13 Jul 2007 09:38:13 +0000 (09:38 +0000)]
Fix for use_tunneled_reply
aland [Fri, 13 Jul 2007 09:35:01 +0000 (09:35 +0000)]
Port fix for use_tunneled_reply from 1.1.x
pnixon [Fri, 13 Jul 2007 07:07:19 +0000 (07:07 +0000)]
Add nasipaddress check so we dont clear IPs from other NAS by default
pnixon [Fri, 13 Jul 2007 07:05:12 +0000 (07:05 +0000)]
reorder the file and update comments
pnixon [Wed, 11 Jul 2007 19:37:00 +0000 (19:37 +0000)]
spelling fix
pnixon [Wed, 11 Jul 2007 19:07:04 +0000 (19:07 +0000)]
Major cleanup and rewrite of the comments to make things easier to understand
pnixon [Wed, 11 Jul 2007 18:31:48 +0000 (18:31 +0000)]
Fix the NAS on/off queries. There is no username and framed-ip-address in them. These never worked. Thanks to Hugh Messenger for the find.
pnixon [Tue, 10 Jul 2007 07:26:15 +0000 (07:26 +0000)]
Update to support BIGINT
pnixon [Tue, 10 Jul 2007 07:23:44 +0000 (07:23 +0000)]
It was overkill using BIGINT for AcctStartDelay and AcctStopDelay. Changed back to int.
pnixon [Tue, 10 Jul 2007 07:20:28 +0000 (07:20 +0000)]
Update Oracle schema to use the Oracle equivalent of BIGINT "NUMERIC(19)"
pnixon [Sun, 8 Jul 2007 12:34:42 +0000 (12:34 +0000)]
Fixes thanks to Arran Cudbard-Bell
aland [Fri, 6 Jul 2007 12:25:46 +0000 (12:25 +0000)]
Try to link with libperl, using the command-line flags given
by "perl -MExtUtils::Embed -e ldopts". If this doesn't work,
your Perl installation is broken.
aland [Fri, 6 Jul 2007 10:22:26 +0000 (10:22 +0000)]
Skip checking return code when the "else" wasn't taken.
"update" sections change the return code ONLY if something went
wrong
aland [Fri, 6 Jul 2007 08:38:56 +0000 (08:38 +0000)]
Notes on Auth-Type, and instructions to NOT put unlang stuff
into the "authenticate" section.
aland [Thu, 5 Jul 2007 15:01:21 +0000 (15:01 +0000)]
Don't permit "ok = 1", etc. in sections. They're only allowed
in groups where the name is a module
aland [Thu, 5 Jul 2007 14:10:24 +0000 (14:10 +0000)]
if, else, elsif don't change the module return code
aland [Thu, 5 Jul 2007 09:46:36 +0000 (09:46 +0000)]
Use new cf_log_err function
aland [Thu, 5 Jul 2007 08:52:50 +0000 (08:52 +0000)]
Removed strtok. It doesn't matter *too* much, because it's only
called when the server starts, and is single threaded.
This addresses bug #468
aland [Thu, 5 Jul 2007 08:43:56 +0000 (08:43 +0000)]
Don't just blindly print out the server pool definition,
it may be referenced twice.
This fixes bug #467
aland [Thu, 5 Jul 2007 08:34:51 +0000 (08:34 +0000)]
Removed use of cf_section_value_find(). We now do better
parsing of the config.
This also fixes bug #466
aland [Wed, 4 Jul 2007 13:46:27 +0000 (13:46 +0000)]
Updated
aland [Wed, 4 Jul 2007 05:54:17 +0000 (05:54 +0000)]
Added $-INCLUDE, which will include the file only if it exists
aland [Wed, 4 Jul 2007 05:49:28 +0000 (05:49 +0000)]
Double-check use of if/elsif. If they're not in a server{}
section, then don't allow them to be used. Note we've now got
to fix the vmps sanity checking code, too, as everything is
supposed to be in a server{} section
aland [Tue, 3 Jul 2007 05:48:43 +0000 (05:48 +0000)]
Added and documented "virtual_server" config for PEAP and TTLS.
This lets the administrator control which virtual server
processes the tunneled request.
aland [Mon, 2 Jul 2007 22:08:39 +0000 (22:08 +0000)]
Copy inst->xlat_name from module name
Set xlat name to inst->xlat_name, and don't set it for "mschap".
If the user doesn't configure "mschap", then lots of other
things will break.
Don't free inst->xlat_name, as we're no longer strdup'ing it.
aland [Mon, 2 Jul 2007 21:48:21 +0000 (21:48 +0000)]
allow '-' in filenames, too
aland [Mon, 2 Jul 2007 10:01:36 +0000 (10:01 +0000)]
Added module return codes to conditions in unlang
aland [Mon, 2 Jul 2007 07:48:11 +0000 (07:48 +0000)]
We don't set the ephemeral RSA keys option, so it isn't included
in the SSL negotiation, so we don't need this code.
aland [Sat, 30 Jun 2007 15:11:18 +0000 (15:11 +0000)]
Proxy sockets don't have servers
aland [Fri, 29 Jun 2007 12:29:30 +0000 (12:29 +0000)]
More radlog -> cf_log_err
aland [Fri, 29 Jun 2007 10:59:01 +0000 (10:59 +0000)]
Insert things into the name2 tree, even if name2 is NULL
aland [Fri, 29 Jun 2007 10:06:37 +0000 (10:06 +0000)]
Sample inner tunnel server. Untested.
aland [Fri, 29 Jun 2007 10:05:00 +0000 (10:05 +0000)]
Move Status-Server to accounting section, not session
aland [Fri, 29 Jun 2007 09:58:57 +0000 (09:58 +0000)]
We now have a default "server {}" section
aland [Fri, 29 Jun 2007 09:42:10 +0000 (09:42 +0000)]
Pass CONF_SECTION to listen_init(), for better error messages
aland [Fri, 29 Jun 2007 09:39:46 +0000 (09:39 +0000)]
Set default port for VMPS
aland [Fri, 29 Jun 2007 09:39:06 +0000 (09:39 +0000)]
Server sections don't require a name
aland [Fri, 29 Jun 2007 09:32:18 +0000 (09:32 +0000)]
Don't free server, it's taken from the config structures
aland [Fri, 29 Jun 2007 09:31:04 +0000 (09:31 +0000)]
Move "authorize", etc. into a default server{} block.
aland [Fri, 29 Jun 2007 09:25:48 +0000 (09:25 +0000)]
Parse error, rather than assert
aland [Fri, 29 Jun 2007 09:19:06 +0000 (09:19 +0000)]
If we're a fake request, AND the parent says to stop
processing, then do so.
aland [Fri, 29 Jun 2007 08:34:32 +0000 (08:34 +0000)]
Use -DLDAP_DEPRECATED to prevent crashes
aland [Fri, 29 Jun 2007 08:33:48 +0000 (08:33 +0000)]
Removed unused variable
aland [Fri, 29 Jun 2007 07:43:16 +0000 (07:43 +0000)]
Refuse to start if a listen section points to a server, but
no server exists.
We should probably move the default server to a server{} block,
rather than making it global
aland [Fri, 29 Jun 2007 07:40:57 +0000 (07:40 +0000)]
in find_name2(), if name2 is NULL, look for a matching entry
aland [Fri, 29 Jun 2007 06:14:16 +0000 (06:14 +0000)]
Use mainconfig.config
pnixon [Thu, 28 Jun 2007 20:22:33 +0000 (20:22 +0000)]
%{%foo:-%bar} fixes and break lines at 80 chars. (Thanks to Hugh Messenger)
aland [Thu, 28 Jun 2007 17:53:24 +0000 (17:53 +0000)]
prototype for cf_log_err()
aland [Thu, 28 Jun 2007 17:04:17 +0000 (17:04 +0000)]
Pass correct arguments
aland [Thu, 28 Jun 2007 14:12:38 +0000 (14:12 +0000)]
More uses of cf_log_err(), which cleans up the rest of the code,
too.
aland [Thu, 28 Jun 2007 13:55:54 +0000 (13:55 +0000)]
Added cf_log_err() function, which simplifies common code
aland [Thu, 28 Jun 2007 10:34:27 +0000 (10:34 +0000)]
Pass CONF_SECTION to setup_modules(), in preparation for
making HUP easier.
Load ALL virtual servers, whether or not they're referenced.
We can set Virtual-Server in an expanded string taken from
an SQL query, so there's no way of knowing from the config files
if a server is needed.
If a server isn't needed, don't list it in sites-enabled/
Load the default server last.
aland [Thu, 28 Jun 2007 05:11:36 +0000 (05:11 +0000)]
Pull more build commands from src/modules/rules.mak
We should really clean this up.
pnixon [Wed, 27 Jun 2007 19:34:43 +0000 (19:34 +0000)]
Mixed case issues should be resolved. Long lines have been broken up and \ continued. One remaining occurrence of 'radippool' (instead of %{ippool_table}) fixed. (Thanks to Hugh Messenger)
aland [Wed, 27 Jun 2007 08:00:24 +0000 (08:00 +0000)]
Permit Cleartext-Password, too
aland [Wed, 27 Jun 2007 07:55:44 +0000 (07:55 +0000)]
Renamed "check" to "control", to match "man unlang"
aland [Wed, 27 Jun 2007 07:51:49 +0000 (07:51 +0000)]
Added note on "check:"
aland [Wed, 27 Jun 2007 07:50:15 +0000 (07:50 +0000)]
Print out warnings if we see User-Password == ...
pnixon [Wed, 27 Jun 2007 07:05:19 +0000 (07:05 +0000)]
break a line at 80 chars
pnixon [Wed, 27 Jun 2007 06:58:24 +0000 (06:58 +0000)]
update the queries significantly
pnixon [Wed, 27 Jun 2007 06:50:52 +0000 (06:50 +0000)]
change check: to control:
pnixon [Wed, 27 Jun 2007 06:36:18 +0000 (06:36 +0000)]
correct the mysql conf file (which commented by default) and update the remarks slightly
pnixon [Wed, 27 Jun 2007 06:31:58 +0000 (06:31 +0000)]
Add a mysql schema for rlm_sqlippool from the suggestion in the wiki at wiki.freeradius.org/Talk:Rlm_sqlippool
aland [Tue, 26 Jun 2007 12:06:12 +0000 (12:06 +0000)]
Added support for Client-Shortname
aland [Tue, 26 Jun 2007 09:37:16 +0000 (09:37 +0000)]
Allow per-server clients only if there actually are per-server
clients
aland [Tue, 26 Jun 2007 09:23:16 +0000 (09:23 +0000)]
Removed overlap between this document and "man unlang"
aland [Tue, 26 Jun 2007 09:21:05 +0000 (09:21 +0000)]
Moved conditional syntax to %{%{foo}:-%{bar}}, which is more
robust in the event of %{%{sql: foo bar }:-%{bar: ...}}
aland [Tue, 26 Jun 2007 09:00:18 +0000 (09:00 +0000)]
Wild... Filter-Id = "foo \" bar" *never* worked. Now it does.
aland [Tue, 26 Jun 2007 08:17:03 +0000 (08:17 +0000)]
Fix for udpfromto issues
aland [Tue, 26 Jun 2007 06:05:41 +0000 (06:05 +0000)]
Handle CONF_DATA, too
pnixon [Mon, 25 Jun 2007 20:38:59 +0000 (20:38 +0000)]
sed -i 's/User-Password/Cleartext-Password/g' users
pnixon [Mon, 25 Jun 2007 18:50:01 +0000 (18:50 +0000)]
sed -i 's/User-Password/Cleartext-Password/g' users
aland [Mon, 25 Jun 2007 15:18:28 +0000 (15:18 +0000)]
More IPv6 macros
aland [Sun, 24 Jun 2007 19:44:14 +0000 (19:44 +0000)]
Don't check for appending attributes if the attribute was
already moved.
pnixon [Sun, 24 Jun 2007 16:22:05 +0000 (16:22 +0000)]
*** empty log message ***
aland [Sat, 23 Jun 2007 14:09:10 +0000 (14:09 +0000)]
Pull Virtual-Server checks from ttls.c
aland [Sat, 23 Jun 2007 14:08:32 +0000 (14:08 +0000)]
Make MSCHAP a synonym for MS-CHAP, for future & backwards
compatibility
aland [Sat, 23 Jun 2007 14:03:51 +0000 (14:03 +0000)]
Look for Virtual-Server in configuration items. If found,
run the tunneled request through that virtual server. If not
found, use the parents server.
This is SO much better than what was there before... none of
the "FreeRADIUS-Proxied-To" stuff is necessary any more, and
the inner tunnel sessions can be completely separated from the
outer tunnel sessions
aland [Sat, 23 Jun 2007 13:37:28 +0000 (13:37 +0000)]
Print server, not request->listener
aland [Fri, 22 Jun 2007 08:01:08 +0000 (08:01 +0000)]
Print out *why* opening the mapping file failed.
aland [Thu, 21 Jun 2007 09:27:00 +0000 (09:27 +0000)]
If no value is set, allow it to be NULL.
aland [Thu, 21 Jun 2007 09:13:58 +0000 (09:13 +0000)]
Corrected compiler warnings
aland [Thu, 21 Jun 2007 09:04:46 +0000 (09:04 +0000)]
Corrected typo
aland [Wed, 20 Jun 2007 13:17:31 +0000 (13:17 +0000)]
As posted to the list
aland [Wed, 20 Jun 2007 09:38:56 +0000 (09:38 +0000)]
Be more particular about what can be in a "redundant", etc.
group
aland [Wed, 20 Jun 2007 09:37:21 +0000 (09:37 +0000)]
Move more documentation into the "man" page
aland [Tue, 19 Jun 2007 14:50:15 +0000 (14:50 +0000)]
Added an example of a virtual server
aland [Tue, 19 Jun 2007 14:45:37 +0000 (14:45 +0000)]
Clean up the client preference:
- clients in this listeners identity
- OR defined by "clients = "
- OR global
In that order
aland [Tue, 19 Jun 2007 13:04:33 +0000 (13:04 +0000)]
More use of new cf_section_filename(cs) API
aland [Tue, 19 Jun 2007 12:46:57 +0000 (12:46 +0000)]
Use new conf filename api
aland [Tue, 19 Jun 2007 12:46:21 +0000 (12:46 +0000)]
Add filename to CONF_ITEM, so that the error messages the server
produces can refer to the correct file.
Sweep through the rest of the code to clean it up as per above
change
aland [Tue, 19 Jun 2007 12:15:15 +0000 (12:15 +0000)]
Be a little more careful
aland [Tue, 19 Jun 2007 11:01:00 +0000 (11:01 +0000)]
listen sections in the default config can point to a virtual
server. Ones inside of a virtual server inherit their parent
aland [Tue, 19 Jun 2007 10:58:05 +0000 (10:58 +0000)]
Moved some "listen" directives into the "server" section, to
make them specific to a server.