Sam Hartman [Mon, 16 Dec 2013 15:40:18 +0000 (10:40 -0500)]
Update for allowing an RP to contact multiple IDPs
Sam Hartman [Mon, 16 Dec 2013 15:39:09 +0000 (10:39 -0500)]
Pull in unique hostname into Debian
Merge remote-tracking branch 'origin/tr-integ' into HEAD
Kevin Wasserman [Sat, 14 Dec 2013 23:23:30 +0000 (18:23 -0500)]
use inet_ntop to generate unique home_server names
Sam Hartman [Wed, 27 Nov 2013 14:58:34 +0000 (09:58 -0500)]
fix indentation
Sam Hartman [Tue, 26 Nov 2013 14:37:03 +0000 (09:37 -0500)]
realms.c: if no CS, don't look for parent
Sam Hartman [Wed, 27 Nov 2013 05:00:30 +0000 (00:00 -0500)]
Don't fail on duplicate IP
Sam Hartman [Wed, 27 Nov 2013 04:59:49 +0000 (23:59 -0500)]
Merge remote-tracking branch 'moonshot/tr-integ' into debian
Kevin Wasserman [Tue, 26 Nov 2013 19:01:52 +0000 (14:01 -0500)]
Avoid duplicate home servers by setting src_ipaddr.af properly
Sam Hartman [Tue, 26 Nov 2013 16:07:42 +0000 (11:07 -0500)]
Set up context to use talloc
(cherry picked from commit
4a4e07a0b6d1f7949c9cd58fd3321af0416003dc)
Sam Hartman [Tue, 26 Nov 2013 16:07:42 +0000 (11:07 -0500)]
Set up context to use talloc
Sam Hartman [Tue, 26 Nov 2013 14:40:01 +0000 (09:40 -0500)]
document changes
Sam Hartman [Tue, 26 Nov 2013 14:39:02 +0000 (09:39 -0500)]
Disable ssl version check
Sam Hartman [Tue, 26 Nov 2013 14:37:03 +0000 (09:37 -0500)]
realms.c: if no CS, don't look for parent
Sam Hartman [Thu, 26 Sep 2013 19:33:27 +0000 (15:33 -0400)]
Include channel binding fixes
Sam Hartman [Thu, 26 Sep 2013 19:32:44 +0000 (15:32 -0400)]
Merge remote-tracking branch 'moonshot/tr-integ' into debian
Sam Hartman [Mon, 23 Sep 2013 18:03:41 +0000 (14:03 -0400)]
Freeradius-server.so should be installed
Sam Hartman [Sat, 1 Jun 2013 17:33:01 +0000 (13:33 -0400)]
Actually include postgresql postinst changes
Conflicts:
debian/changelog
debian/freeradius-postgresql.postinst
Sam Hartman [Tue, 27 Aug 2013 16:23:04 +0000 (12:23 -0400)]
Fix freeradius postinst error
Sam Hartman [Thu, 26 Sep 2013 17:38:35 +0000 (13:38 -0400)]
chbind: return no namespace data for no attributes
Sam Hartman [Tue, 24 Sep 2013 17:40:32 +0000 (13:40 -0400)]
radius.h: chbind_response code is 1147 not 1140
Sam Hartman [Fri, 20 Sep 2013 18:48:31 +0000 (14:48 -0400)]
Update block fix
Sam Hartman [Fri, 20 Sep 2013 18:47:23 +0000 (14:47 -0400)]
Merge branch 'tr-integ' into debian
Alan T. DeKok [Wed, 4 Sep 2013 14:41:52 +0000 (10:41 -0400)]
Use the default request if there's no "." in the reference.
update outer.reply {
User-Name := foo
}
ends up parsing "User-Name" with a default list of "outer",
BUT because "User-Name" has no ".", the old code would return
a hard-coded CURRENT
(cherry picked from commit
6c11dbdb704f9a6bc5cb2701b4ac974b162a260e)
Sam Hartman [Thu, 15 Aug 2013 20:47:49 +0000 (16:47 -0400)]
depend on openssl and libpcre
Sam Hartman [Thu, 15 Aug 2013 18:18:36 +0000 (14:18 -0400)]
Don't install certs
Alan T. DeKok [Thu, 11 Jul 2013 12:46:25 +0000 (14:46 +0200)]
Sam Hartman [Tue, 13 Aug 2013 19:45:20 +0000 (15:45 -0400)]
New upstream version
Sam Hartman [Thu, 18 Apr 2013 18:33:47 +0000 (14:33 -0400)]
Include moonshot-trust-router
Sam Hartman [Thu, 18 Apr 2013 16:03:44 +0000 (12:03 -0400)]
note breaks freeradius <3
Sam Hartman [Fri, 8 Mar 2013 21:25:45 +0000 (16:25 -0500)]
debian: include dirs in freeradius package
Sam Hartman [Fri, 8 Mar 2013 18:46:13 +0000 (13:46 -0500)]
Debian: create /var/log/freeradius
Sam Hartman [Fri, 8 Mar 2013 16:14:23 +0000 (11:14 -0500)]
debian: require talloc as build dependency
Sam Hartman [Fri, 8 Mar 2013 15:22:12 +0000 (10:22 -0500)]
moonshot version
Sam Hartman [Fri, 8 Mar 2013 15:21:59 +0000 (10:21 -0500)]
3.0(native) for now
Sam Hartman [Fri, 8 Mar 2013 15:20:42 +0000 (10:20 -0500)]
debian: depend on modern freeradius-common
Sam Hartman [Fri, 8 Mar 2013 15:16:34 +0000 (10:16 -0500)]
debian: remove makefiles that don't exist from install targets
Sam Hartman [Thu, 27 Jun 2013 13:44:10 +0000 (09:44 -0400)]
eap channel binding: update for talloc changes
* paircreate gains context
* pairmake gains context
* pairmoveto ->pairfilter
Sam Hartman [Thu, 27 Jun 2013 13:42:22 +0000 (09:42 -0400)]
tls: update psk xlat call
Ilclude talloc context in xlat and setup of psk-user-identity in request.
Sam Hartman [Thu, 11 Apr 2013 19:25:38 +0000 (15:25 -0400)]
fix bugs in psk_server_callback
Sam Hartman [Thu, 11 Apr 2013 09:25:14 +0000 (05:25 -0400)]
Sample trust_router config
Margaret Wasserman [Wed, 10 Apr 2013 22:56:43 +0000 (18:56 -0400)]
Add trust router library to rlm_realm
Sam Hartman [Wed, 10 Apr 2013 21:49:04 +0000 (17:49 -0400)]
Remove hidden structs
Sam Hartman [Wed, 10 Apr 2013 20:27:15 +0000 (16:27 -0400)]
Trust router response handler
Sam Hartman [Wed, 10 Apr 2013 20:26:43 +0000 (16:26 -0400)]
expose tls_init_ctx
Margaret Wasserman [Wed, 10 Apr 2013 20:17:42 +0000 (16:17 -0400)]
Initial tr integration code, compiles but not complete.
Sam Hartman [Fri, 5 Apr 2013 17:45:41 +0000 (13:45 -0400)]
Fix typo
Sam Hartman [Thu, 4 Apr 2013 09:42:58 +0000 (05:42 -0400)]
hex for nulls and lulz
Sam Hartman [Wed, 3 Apr 2013 19:14:23 +0000 (15:14 -0400)]
tls: permit psks to be configured for clients
Sam Hartman [Tue, 2 Apr 2013 18:11:33 +0000 (18:11 +0000)]
fixups
Sam Hartman [Wed, 3 Apr 2013 18:23:37 +0000 (14:23 -0400)]
psk: enable server callback always
Sam Hartman [Tue, 2 Apr 2013 16:59:01 +0000 (12:59 -0400)]
tls: server stuff
Sam Hartman [Mon, 25 Mar 2013 23:41:44 +0000 (19:41 -0400)]
ttls: return channel bindings on half round trip success
If we get a channel binding request at the same time we'd like to
return an access accept, return a challenge instead.
Sam Hartman [Mon, 25 Mar 2013 13:49:23 +0000 (09:49 -0400)]
chbind: update length calculation
Sam Hartman [Sun, 24 Mar 2013 20:20:03 +0000 (16:20 -0400)]
chbind: logic error oops
Sam Hartman [Wed, 20 Mar 2013 01:39:31 +0000 (21:39 -0400)]
update dictionaries with ABFAB attributes
Sam Hartman [Wed, 6 Mar 2013 14:00:13 +0000 (09:00 -0500)]
update usage of pairmoveto
Sam Hartman [Wed, 6 Mar 2013 01:43:38 +0000 (20:43 -0500)]
Update rlm_eap channel binding for new apis
Sam Hartman [Sun, 5 Feb 2012 22:40:56 +0000 (17:40 -0500)]
ttls chbind: update VSA to use
Unfortunately 134 was used by microsoft groups.
Kevin [Sun, 5 Feb 2012 20:09:17 +0000 (15:09 -0500)]
make eap channel bindings functional (at least with with ttls-mschap)
Kevin [Sat, 4 Feb 2012 23:48:30 +0000 (18:48 -0500)]
bugfix for loop
Kevin [Sat, 4 Feb 2012 22:07:23 +0000 (17:07 -0500)]
eap channel binding fixes
Sam Hartman [Sat, 4 Feb 2012 02:20:09 +0000 (21:20 -0500)]
rlm_eap: add eap_chbind.c to build
Sam Hartman [Sat, 4 Feb 2012 01:30:33 +0000 (20:30 -0500)]
rlm_eap: fix channel binding errors
Fix logic and other erros in initial channel binding implementation
Margaret Wasserman [Fri, 3 Feb 2012 21:59:23 +0000 (16:59 -0500)]
Initial code for EAP Channel Binding support.
Sam Hartman [Fri, 3 Feb 2012 19:09:23 +0000 (14:09 -0500)]
chbind: sample virtual server
this is a sample channel binding virtual server for
draft-ietf-abfab-gss-eap. It's not complete but is intended to be
sufficient to start testing.
Kevin [Fri, 3 Feb 2012 13:15:10 +0000 (08:15 -0500)]
Eap channel binding support code
Margaret Wasserman [Fri, 3 Feb 2012 02:45:31 +0000 (21:45 -0500)]
Added attribute and values for EAP channel binding response codes.
Sam Hartman [Fri, 4 Jan 2013 02:07:48 +0000 (21:07 -0500)]
Skeleton of trust router integration
Functions to convert a TR response into freeradius structures and add
a realm.
Sam Hartman [Thu, 29 Nov 2012 19:30:07 +0000 (14:30 -0500)]
realms_realm_add
Expose an interface for adding a realm.
Sam Hartman [Thu, 29 Nov 2012 16:57:34 +0000 (11:57 -0500)]
realms_pool_add
Implement function to add a pool exposed beyond realms.c
Sam Hartman [Wed, 28 Nov 2012 21:36:23 +0000 (16:36 -0500)]
Expose home_server addition
Split the code to add home servers to the trees and validate them from
config section parsing code. The split code does not handle locking
yet.
Alan T. DeKok [Thu, 11 Jul 2013 12:05:44 +0000 (14:05 +0200)]
Installed links depend on the installation dir. Closes #360
Through the simple expedient of having the rules for the links
active ONLY when the directory doesn't exist. If the directory
exists, the rules aren't active, and no links are created
Alan T. DeKok [Thu, 11 Jul 2013 12:05:25 +0000 (14:05 +0200)]
Don't echo if we do nothing
Alan T. DeKok [Thu, 11 Jul 2013 07:37:30 +0000 (09:37 +0200)]
Re-enable [n] [#] and [*]. Closes #354.
This code was deleted during the change to cursors.
Alan T. DeKok [Thu, 11 Jul 2013 07:02:29 +0000 (09:02 +0200)]
Buffer may be NULL. Closes #358
Arran Cudbard-Bell [Wed, 10 Jul 2013 22:44:18 +0000 (23:44 +0100)]
Restructure map2request and dependencies to return a status code instead of VALUE_PAIRs
Arran Cudbard-Bell [Wed, 10 Jul 2013 18:16:08 +0000 (19:16 +0100)]
Remove invalid assert, this could fail for VALUE_PAIR producing execs
Arran Cudbard-Bell [Wed, 10 Jul 2013 18:14:54 +0000 (19:14 +0100)]
Set map operator on copied filtered attributes
Arran Cudbard-Bell [Wed, 10 Jul 2013 18:02:51 +0000 (19:02 +0100)]
-lpcreposix must be listed in linker arguments before any other libraries to avoid picking up posix regex symbols. Fixes #357
On my system OSX 10.8.4 this resulted in a SEGV in regncomp.
Arran Cudbard-Bell [Wed, 10 Jul 2013 17:43:27 +0000 (18:43 +0100)]
pcreposix manual says both -lpcre and -lpcreposix need to be passed
Arran Cudbard-Bell [Wed, 10 Jul 2013 16:55:32 +0000 (17:55 +0100)]
Fix messed up macro
Arran Cudbard-Bell [Wed, 10 Jul 2013 16:50:19 +0000 (17:50 +0100)]
Always set command to NULL after calling ct_cancel
Arran Cudbard-Bell [Wed, 10 Jul 2013 14:38:11 +0000 (15:38 +0100)]
If we know the destination is a list, copy all instances of the source attribute
Arran Cudbard-Bell [Wed, 10 Jul 2013 14:33:07 +0000 (15:33 +0100)]
Currently not finding an attribute causes an abort of the update section
Arran Cudbard-Bell [Wed, 10 Jul 2013 14:02:03 +0000 (15:02 +0100)]
Fix exec support in update sections. Fixes #355
Arran Cudbard-Bell [Wed, 10 Jul 2013 13:59:04 +0000 (14:59 +0100)]
Fixes #356
Arran Cudbard-Bell [Wed, 10 Jul 2013 13:57:32 +0000 (14:57 +0100)]
Missed colon
Arran Cudbard-Bell [Wed, 10 Jul 2013 13:57:00 +0000 (14:57 +0100)]
Everywhere else just uses <core>
Arran Cudbard-Bell [Wed, 10 Jul 2013 10:44:06 +0000 (11:44 +0100)]
Disable recurssion for nested attributes until the server actually supports them
Arran Cudbard-Bell [Wed, 10 Jul 2013 10:39:42 +0000 (11:39 +0100)]
Shouldn't allocate in the NULL context
Arran Cudbard-Bell [Wed, 10 Jul 2013 10:27:29 +0000 (11:27 +0100)]
Die bubble die (radsniff)
Arran Cudbard-Bell [Wed, 10 Jul 2013 10:24:59 +0000 (11:24 +0100)]
Fix debug output alignment in radsniff
Arran Cudbard-Bell [Wed, 10 Jul 2013 10:12:30 +0000 (11:12 +0100)]
Fix double quoted VALUE_PAIR definitions
Arran Cudbard-Bell [Wed, 10 Jul 2013 10:03:27 +0000 (11:03 +0100)]
Revert "Crappy hack for dependency issues"
This reverts commit
a43e5129080b2cb6ae4fb55d369b22253548e782.
Arran Cudbard-Bell [Wed, 10 Jul 2013 10:02:02 +0000 (11:02 +0100)]
Copy paste error
Arran Cudbard-Bell [Tue, 9 Jul 2013 23:00:09 +0000 (00:00 +0100)]
Fix PCRE checks, and make code build cleanly without regex
Arran Cudbard-Bell [Tue, 9 Jul 2013 21:55:25 +0000 (22:55 +0100)]
We use extended regexps when available, this is no longer configurable
Arran Cudbard-Bell [Tue, 9 Jul 2013 21:49:46 +0000 (22:49 +0100)]
regcomp whitespace changes
Arran Cudbard-Bell [Tue, 9 Jul 2013 21:08:32 +0000 (22:08 +0100)]
Typo
Arran Cudbard-Bell [Tue, 9 Jul 2013 21:04:43 +0000 (22:04 +0100)]
Fix all the update list debug output
Make list output more detailed
Consistently use single quotes for literal strings, only use double quotes around things being expanded
Replace delimitst with quote char, to allow caller to pass any quoting char