Arran Cudbard-Bell [Sun, 23 Dec 2012 20:01:30 +0000 (20:01 +0000)]
Move postauth call for Accept into post_handler (same as 3.0)
Arran Cudbard-Bell [Fri, 21 Dec 2012 13:30:31 +0000 (13:30 +0000)]
Always respect Response-Packet-Type for authentication requests
Alan T. DeKok [Thu, 20 Dec 2012 13:00:11 +0000 (08:00 -0500)]
Dictionary for RFC 6572
Alan T. DeKok [Thu, 20 Dec 2012 12:45:42 +0000 (07:45 -0500)]
Dictionary for RFC 6519
Arran Cudbard-Bell [Thu, 20 Dec 2012 12:55:05 +0000 (12:55 +0000)]
Update doc/ChangeLog
Alan T. DeKok [Thu, 20 Dec 2012 12:09:09 +0000 (07:09 -0500)]
Note recent changes
Alan T. DeKok [Thu, 20 Dec 2012 12:07:30 +0000 (07:07 -0500)]
SETFD for O_NONBLOCK
From Debian Bug #696250
Alan T. DeKok [Tue, 18 Dec 2012 10:03:01 +0000 (11:03 +0100)]
Port fix from master branch
%{1} is a regex. %{3GPP-Foo} is an attribute
Arran Cudbard-Bell [Wed, 19 Dec 2012 18:06:05 +0000 (18:06 +0000)]
Set Post-Proxy-Type Reject if the request was rejected by the proxy server
Alan T. DeKok [Fri, 14 Dec 2012 16:13:29 +0000 (17:13 +0100)]
Allow for multiple inserts in one transaction.
Patch from Uwe Meyer-Gruhl
Arran Cudbard-Bell [Thu, 13 Dec 2012 16:02:36 +0000 (16:02 +0000)]
Include DHCP dictionary by default
dragon9k [Fri, 7 Dec 2012 17:29:01 +0000 (15:29 -0200)]
New checkrad version patch (Juniper)
I would like to submit a new version of this Patch for FR 2.20, which uses snmpget instead of snmpwalk (to increase performance).
It also fixes a problem with checkrad complaining about lack of $ in the "out" variable.
Tobias Brunner [Wed, 5 Dec 2012 11:51:31 +0000 (12:51 +0100)]
Allow EAP-Message APVs > 253 octets in EAP-TTLS module
According to RFC 5281, section 11.2.1 tunneled EAP packets that are
larger than 253 octets MUST be contained in a single EAP-Message AVP.
Also fixed the debug statement.
Arran Cudbard-Bell [Mon, 3 Dec 2012 19:03:32 +0000 (19:03 +0000)]
Patch freeradius.monitrc file so it works out of the box with debian/ubuntu
Arran Cudbard-Bell [Wed, 28 Nov 2012 21:47:36 +0000 (13:47 -0800)]
Merge pull request #138 from alanbuxey/v2.x.x
adjusted and optimised match
Alan Buxey [Wed, 28 Nov 2012 21:44:58 +0000 (21:44 +0000)]
adjusted and optimised match
no longer case insensitive and doesnt store result
Alan T. DeKok [Tue, 27 Nov 2012 16:15:14 +0000 (11:15 -0500)]
Do globally writable checks on directories, too
Alan T. DeKok [Thu, 22 Nov 2012 16:50:57 +0000 (11:50 -0500)]
Nope. That didn't work.
newXS has to be after perl_parse
Alan T. DeKok [Thu, 22 Nov 2012 15:46:43 +0000 (10:46 -0500)]
As posted to the list
Alan T. DeKok [Thu, 22 Nov 2012 14:20:20 +0000 (09:20 -0500)]
Be more forgiving about loaded modules
If they don't exist, don't complain
Alan T. DeKok [Thu, 15 Nov 2012 18:51:21 +0000 (13:51 -0500)]
Log dates as UTC
Alan T. DeKok [Mon, 12 Nov 2012 13:19:33 +0000 (08:19 -0500)]
Check if libtool exists.
Arran Cudbard-Bell [Thu, 15 Nov 2012 14:04:36 +0000 (14:04 +0000)]
Typo
Arran Cudbard-Bell [Wed, 14 Nov 2012 17:44:29 +0000 (09:44 -0800)]
Merge pull request #130 from philmayers/redis-doublefreev2
don't finish the query, our caller already does that
Phil Mayers [Wed, 14 Nov 2012 17:30:39 +0000 (17:30 +0000)]
don't finish the query, our caller already does that
Matthew Newton [Wed, 7 Nov 2012 22:11:19 +0000 (22:11 +0000)]
auto line ending and Id fixups
Arran Cudbard-Bell [Thu, 8 Nov 2012 16:20:19 +0000 (16:20 +0000)]
Fix minor typos
Arran Cudbard-Bell [Tue, 6 Nov 2012 12:47:45 +0000 (12:47 +0000)]
Revert AC_INIT changes; its too much work to fix this properly on this branch
Arran Cudbard-Bell [Tue, 6 Nov 2012 12:44:37 +0000 (04:44 -0800)]
Merge pull request #125 from vlet/alt
Fixed typo in calculation of size of available buffer.
Vladimir Lettiev [Tue, 6 Nov 2012 08:21:21 +0000 (12:21 +0400)]
Fixed typo in calculation of size of available buffer.
This resolves issue when $INCLUDE directive ignores files with
relative path.
Arran Cudbard-Bell [Sat, 3 Nov 2012 22:36:29 +0000 (22:36 +0000)]
Free unmoved pairs
Arran Cudbard-Bell [Sat, 3 Nov 2012 17:38:56 +0000 (17:38 +0000)]
Add Tmp-Octets-*
Arran Cudbard-Bell [Sat, 3 Nov 2012 15:26:32 +0000 (15:26 +0000)]
ERX-Dhcp-Options is actually raw options from the DHCP packet
Arran Cudbard-Bell [Sat, 3 Nov 2012 15:48:59 +0000 (15:48 +0000)]
Fix quoting for git program check
Arran Cudbard-Bell [Thu, 1 Nov 2012 15:35:50 +0000 (15:35 +0000)]
More $Id$ fixes
Arran Cudbard-Bell [Thu, 1 Nov 2012 15:26:24 +0000 (15:26 +0000)]
Fix for autoconf 2.69
Arran Cudbard-Bell [Thu, 1 Nov 2012 12:57:15 +0000 (12:57 +0000)]
Make $Id$ work again
Arran Cudbard-Bell [Thu, 1 Nov 2012 14:58:24 +0000 (14:58 +0000)]
Fix xlat_base64 signature
Arran Cudbard-Bell [Thu, 1 Nov 2012 14:38:51 +0000 (14:38 +0000)]
Add dhcp_options: xlat to decode DHCP options packed into RADIUS attributes
Alan T. DeKok [Wed, 31 Oct 2012 17:19:49 +0000 (18:19 +0100)]
Fix typo
Alan T. DeKok [Wed, 31 Oct 2012 07:04:30 +0000 (08:04 +0100)]
Added states missed in earlier commit
Alan T. DeKok [Sat, 27 Oct 2012 08:00:36 +0000 (10:00 +0200)]
After running it through the formatter
Arran Cudbard-Bell [Sat, 27 Oct 2012 20:24:07 +0000 (22:24 +0200)]
Update configure script
Arran Cudbard-Bell [Sat, 27 Oct 2012 10:53:08 +0000 (12:53 +0200)]
Note more changes
Arran Cudbard-Bell [Sat, 27 Oct 2012 20:07:58 +0000 (21:07 +0100)]
Change version constants to be more useful
Configure script now sets:
* RADIUSD_MAJOR_VERSION
* RADIUSD_MINOR_VERSION
* RADIUSD_INCRM_VERSION
* RADIUSD_VERSION (integer representation of version)
* RADIUSD_VERSION_STRING
* RADIUSD_VERSION_COMMIT (latest commit hash if building from a git repo)
Git hash is also displayed in utilities that display version
Arran Cudbard-Bell [Sat, 27 Oct 2012 10:26:35 +0000 (11:26 +0100)]
Minor formatting fixes
Phil Mayers [Fri, 26 Oct 2012 15:47:35 +0000 (16:47 +0100)]
add locking to rlm_cache
Alan T. DeKok [Fri, 26 Oct 2012 11:46:05 +0000 (13:46 +0200)]
Use redis escape function
Alan T. DeKok [Fri, 26 Oct 2012 08:34:12 +0000 (10:34 +0200)]
Note changes
Iliya Peregoudov [Thu, 25 Oct 2012 06:18:58 +0000 (10:18 +0400)]
Create threads as joinable, not detached.
Stop and join all threads before detaching modules.
This prevents a crash on exit where the modules are free'd before
the threads stop using them.
Arran Cudbard-Bell [Thu, 25 Oct 2012 09:53:36 +0000 (10:53 +0100)]
Add proxim dictionary
Alan T. DeKok [Thu, 25 Oct 2012 08:10:22 +0000 (10:10 +0200)]
Pass correct arguments to memcpy
Copying pointers means you pass a pointer to the pointer.
Arran Cudbard-Bell [Tue, 23 Oct 2012 13:08:19 +0000 (14:08 +0100)]
More formatting fixes
Ryan Steinmetz [Tue, 23 Oct 2012 11:30:33 +0000 (12:30 +0100)]
Improve Kerberos support when using Heimdal
- Allow specifying a keytab location
- Improved logging
Patch obtained from Thomas Kula <kula@tproa.net>
- Fix krb_auth parameters/casting
- Use strlcpy() instead of strncpy()
- Fix style issues
Arran Cudbard-Bell [Thu, 18 Oct 2012 10:39:42 +0000 (11:39 +0100)]
Substitute 'signature' for 'Request Authenticator' or 'Response Authenticator' where appropriate
Arran Cudbard-Bell [Wed, 17 Oct 2012 15:51:40 +0000 (16:51 +0100)]
Add base64tohex to allow values to be written to IP addresses, integers etc
Remove base64tostr (will add tostring expansion later)
Rename strtobase64 to tobase64
Arran Cudbard-Bell [Wed, 17 Oct 2012 14:32:41 +0000 (15:32 +0100)]
fixes #108 Add function to convert FR value pair types to network byte order
Arran Cudbard-Bell [Tue, 16 Oct 2012 10:15:23 +0000 (11:15 +0100)]
Fixup function signatures in rlm_expr
Arran Cudbard-Bell [Tue, 16 Oct 2012 09:45:39 +0000 (10:45 +0100)]
Remove dependency on stdbool and use FRs bool constants
Arran Cudbard-Bell [Tue, 16 Oct 2012 09:43:05 +0000 (10:43 +0100)]
Move boolean constants to libradius
Arran Cudbard-Bell [Sun, 14 Oct 2012 19:59:31 +0000 (20:59 +0100)]
Add base64 encoding/decoding library
Add %{base64:} expansion to encode the raw octets of an attribute
Add %{strtobase64:} expansion to encode a string to base64
Add %{base64tostr:} expansion to decode a base64 string
Arran Cudbard-Bell [Mon, 15 Oct 2012 20:43:57 +0000 (21:43 +0100)]
fixup formatting/warning
Metasov [Fri, 14 Oct 2011 14:49:23 +0000 (17:49 +0300)]
Add different operators handle to rlm_python
Arran Cudbard-Bell [Mon, 15 Oct 2012 08:42:22 +0000 (09:42 +0100)]
Only print out user authorized message if the ldap module is actually being used for user authorization
Arran Cudbard-Bell [Mon, 15 Oct 2012 08:33:38 +0000 (09:33 +0100)]
Add option to disable password check
Arran Cudbard-Bell [Fri, 12 Oct 2012 11:25:46 +0000 (12:25 +0100)]
Backport hex: expansion
Alan T. DeKok [Thu, 11 Oct 2012 14:44:06 +0000 (10:44 -0400)]
Be more careful about which config files we load
Arran Cudbard-Bell [Wed, 3 Oct 2012 00:02:40 +0000 (19:02 -0500)]
Look for /usr/local/etc/freeradius and use it in preference to /etc/freeradius
Arran Cudbard-Bell [Mon, 1 Oct 2012 22:13:30 +0000 (17:13 -0500)]
Update changelog for 2.2.1
Arran Cudbard-Bell [Fri, 28 Sep 2012 19:10:41 +0000 (12:10 -0700)]
Merge pull request #96 from alanbuxey/v2.1.x
additional interoperability in default configuration for eduroam
Alan Buxey [Fri, 28 Sep 2012 19:00:48 +0000 (20:00 +0100)]
additional interoperability in default configuration
eduroam federation use these 2 attributes…by adding them to the default
configuration we shouldnt cause any issues for other usage but will
enable FreeRADIUS to be more ready for eduroam 'out of the box'
Alan T. DeKok [Fri, 28 Sep 2012 08:37:51 +0000 (10:37 +0200)]
Prepare for 2.2.1
Alan T. DeKok [Fri, 28 Sep 2012 08:29:07 +0000 (10:29 +0200)]
Add options for -4 and -6 IP families, like radclient.
Patch from John Dennis
Alan T. DeKok [Fri, 28 Sep 2012 08:28:28 +0000 (10:28 +0200)]
rse PPPHint better
Arran Cudbard-Bell [Thu, 27 Sep 2012 18:07:04 +0000 (19:07 +0100)]
debug: should output previous level instead of the level that was just set.
Don't set debug to 0 if no fmt string was passed, do nothing.
Arran Cudbard-Bell [Thu, 27 Sep 2012 12:58:30 +0000 (14:58 +0200)]
Update share/dictionary.bskyb
Arran Cudbard-Bell [Thu, 27 Sep 2012 12:57:52 +0000 (14:57 +0200)]
Latest updates
Arran Cudbard-Bell [Tue, 25 Sep 2012 19:59:57 +0000 (20:59 +0100)]
Remove duplicate version/copyright info
Print compilation flags at DEBUG >= 3 (this is actually useful if you're using a package version)
Arran Cudbard-Bell [Tue, 25 Sep 2012 13:15:14 +0000 (14:15 +0100)]
More AL attributes to support their NAT features
Arran Cudbard-Bell [Thu, 20 Sep 2012 12:55:08 +0000 (13:55 +0100)]
Move string manipulation functions from xlat.c to rlm_expr
Arran Cudbard-Bell [Thu, 20 Sep 2012 12:54:16 +0000 (13:54 +0100)]
Remove b from randstr and implement h (hex encoded b)
Arran Cudbard-Bell [Wed, 19 Sep 2012 14:00:16 +0000 (15:00 +0100)]
Quiet the compiler
Arran Cudbard-Bell [Wed, 19 Sep 2012 13:30:01 +0000 (14:30 +0100)]
Add dictionary for BSkyB
Arran Cudbard-Bell [Tue, 18 Sep 2012 13:15:14 +0000 (14:15 +0100)]
Don't use ci to iterate over subsections if we might need to use it for logging later
Arran Cudbard-Bell [Mon, 17 Sep 2012 12:52:45 +0000 (13:52 +0100)]
Update links that point to wiki pages
Arran Cudbard-Bell [Mon, 17 Sep 2012 12:42:51 +0000 (13:42 +0100)]
Add bounds check for max_queue_size
Arran Cudbard-Bell [Sun, 16 Sep 2012 08:49:33 +0000 (09:49 +0100)]
Add alphanumeric char class
Arran Cudbard-Bell [Sat, 15 Sep 2012 18:23:10 +0000 (19:23 +0100)]
Add randstr expansion to generate random strings up to 256 bytes
Alan T. DeKok [Fri, 14 Sep 2012 08:30:37 +0000 (10:30 +0200)]
Properly decode AT_IDENTITY in EAP-SIM
Patch from Iliya Peregoudov
Alan T. DeKok [Wed, 12 Sep 2012 13:43:15 +0000 (15:43 +0200)]
A bit more logging for EAP-SIM
Alan T. DeKok [Wed, 12 Sep 2012 12:35:51 +0000 (14:35 +0200)]
Skip OCSP if there's no host / port / url
Arran Cudbard-Bell [Fri, 14 Sep 2012 07:45:34 +0000 (08:45 +0100)]
Fix typo
Arran Cudbard-Bell [Thu, 13 Sep 2012 18:21:46 +0000 (19:21 +0100)]
git show-ref works in more cases than git tag
Alan T. DeKok [Tue, 11 Sep 2012 08:08:10 +0000 (10:08 +0200)]
Make %{Stripped-User-Name:-%{User-Name}} work again
Alan T. DeKok [Mon, 10 Sep 2012 14:43:31 +0000 (16:43 +0200)]
Use %{%{...}:-...} everywhere in examples
Alan T. DeKok [Mon, 10 Sep 2012 11:51:34 +0000 (13:51 +0200)]
Allow ${Foo-Bar:-%{...}} again
Alan T. DeKok [Mon, 10 Sep 2012 06:22:25 +0000 (08:22 +0200)]
Note final changes
Alan T. DeKok [Mon, 10 Sep 2012 06:18:34 +0000 (08:18 +0200)]
Fix CVE-2012-3547. Found by Timo Warns
Arran Cudbard-Bell [Mon, 10 Sep 2012 07:25:05 +0000 (00:25 -0700)]
Merge pull request #85 from fajarnugraha/v2.1.x-suse-
20120910
Fix suse package to build and run cleanly for 2.2.0
Fajar A. Nugraha [Mon, 10 Sep 2012 06:40:14 +0000 (13:40 +0700)]
suse: build fixes
* drop libeap-ikev2-devel build requirement, as it's not available in
the main opensuse repository. It will still be used if already
installed.
* add "--with-system-libltdl"