aland [Wed, 3 Jul 2002 14:16:33 +0000 (14:16 +0000)]
Last set of updates before 0.6
fcusack [Wed, 3 Jul 2002 09:03:47 +0000 (09:03 +0000)]
it's nice when it actually compiles
fcusack [Wed, 3 Jul 2002 08:42:04 +0000 (08:42 +0000)]
PAM portability changes
kkalev [Mon, 1 Jul 2002 08:50:22 +0000 (08:50 +0000)]
Fix the logic when we get an LDAP_SERVER_DOWN or we have conn->ld == NULL in perform_search
fcusack [Wed, 26 Jun 2002 03:37:04 +0000 (03:37 +0000)]
update for new user/group defaults
kkalev [Wed, 26 Jun 2002 00:36:41 +0000 (00:36 +0000)]
Pass the whole password as salt in da_encrypt() in password_check.php3
cparker [Tue, 25 Jun 2002 21:08:50 +0000 (21:08 +0000)]
Updated with recent changes to the server.
cparker [Tue, 25 Jun 2002 20:45:13 +0000 (20:45 +0000)]
Change behaviour so that if user/group are specified in config, the
server will switch to that user/group in all operation modes ( both
debug and daemon ). The config file is updated to have user/group
commented by default, with an updated explanation of this behaviour.
kkalev [Tue, 25 Jun 2002 17:32:41 +0000 (17:32 +0000)]
Declare rlm_pap thread safe
kkalev [Tue, 25 Jun 2002 17:32:17 +0000 (17:32 +0000)]
Add a mutex around crypt so that we can make rlm_pap thread safe
kkalev [Mon, 24 Jun 2002 14:55:10 +0000 (14:55 +0000)]
- Add a variable locked in the LDAP_CONN structure. We use this to avoid deadlocks. The mutex
we are using is of type fast and can deadlock if the same thread tries to relock it. That
could happen in case of calls to xlat.
- When ldap_search returns NO_SUCH_OBJECT don't return fail but notfound
fcusack [Mon, 24 Jun 2002 10:33:05 +0000 (10:33 +0000)]
updates from Marko Myllynen
fcusack [Mon, 24 Jun 2002 10:27:07 +0000 (10:27 +0000)]
don't start radiusd by default
fcusack [Mon, 24 Jun 2002 10:13:58 +0000 (10:13 +0000)]
lib/radius.c:tunnel_pwencode() now does salting and encoding
fcusack [Mon, 24 Jun 2002 09:41:14 +0000 (09:41 +0000)]
make saltoffset static and comment it
fcusack [Mon, 24 Jun 2002 08:57:05 +0000 (08:57 +0000)]
remove a reference
fcusack [Mon, 24 Jun 2002 08:55:33 +0000 (08:55 +0000)]
format for 80 cols
kkalev [Mon, 24 Jun 2002 08:31:12 +0000 (08:31 +0000)]
Add a forgotten ldap_free_urldesc in ldap_xlat()
kkalev [Sat, 22 Jun 2002 17:41:46 +0000 (17:41 +0000)]
* Correct a few typos in Autz-Type
* Remember to free inst->atts in ldap_detach() in rlm_ldap.c
cparker [Fri, 21 Jun 2002 20:20:28 +0000 (20:20 +0000)]
Added config line for variable 'connect_failure_retry_delay' in
sql module. Noted by Todd T. Fries.
cparker [Fri, 21 Jun 2002 19:57:24 +0000 (19:57 +0000)]
Jumbo fix to quiet compiler warnings by adding (int) cast to
chars for comparison. Submitted by Jason Ornstein.
cparker [Fri, 21 Jun 2002 19:07:03 +0000 (19:07 +0000)]
Added pthread_mutex_destroy to module clean-up.
cparker [Fri, 21 Jun 2002 18:45:29 +0000 (18:45 +0000)]
Incorporated patch from Todd T. Fries to rotate through all SQL
sockets.
kkalev [Thu, 20 Jun 2002 23:02:36 +0000 (23:02 +0000)]
Add Autz-Type file with a few examples and words about Autz-Type
aland [Thu, 20 Jun 2002 16:19:56 +0000 (16:19 +0000)]
If we receive a duplicate reply from the home server while we're
processing a previous reply, discard the new reply.
kkalev [Thu, 20 Jun 2002 14:40:56 +0000 (14:40 +0000)]
Add SHA1 support. Declare the module thread unsafe since it uses crypt()
kkalev [Thu, 20 Jun 2002 11:13:56 +0000 (11:13 +0000)]
Fix a small bug in user_admin.php3
fcusack [Thu, 20 Jun 2002 10:10:42 +0000 (10:10 +0000)]
move sha1 and md4 code into lib
kkalev [Wed, 19 Jun 2002 13:57:17 +0000 (13:57 +0000)]
Add another configuration directive: access_attr_used_for_allow. If it is set to
yes then the access_attr is used to allow access. Else it is used to deny access.
Update the configuration file and the documentation.
kkalev [Wed, 19 Jun 2002 13:26:34 +0000 (13:26 +0000)]
Remove authtype in the ldap section of radiusd.conf since it should not be included
in the first place.
Update a few things in the documentation.
3APA3A [Wed, 19 Jun 2002 11:49:09 +0000 (11:49 +0000)]
! should include md4.h rather than md5.h
aland [Tue, 18 Jun 2002 21:51:26 +0000 (21:51 +0000)]
One more stab at working around autoconf stupidities
kkalev [Tue, 18 Jun 2002 17:56:57 +0000 (17:56 +0000)]
Add the ability to do a paircmp on the check items. Add a compare_check_items boolean
configuration directive which defaults to no. If it is set then we will do a compare
Update doc/rlm_ldap
aland [Tue, 18 Jun 2002 17:41:01 +0000 (17:41 +0000)]
Fix use of 'test'
3APA3A [Tue, 18 Jun 2002 16:17:32 +0000 (16:17 +0000)]
! netinet/in.h moved after sys/types.h in sha1.c to avoid compilation
errors under *BSD
+ smbencrypt utility added for LM-Password/NT-Password generation
3APA3A [Tue, 18 Jun 2002 15:22:14 +0000 (15:22 +0000)]
! Fixed rad_tunnel_pwdecode for passwords longer than 16 characters
aland [Tue, 18 Jun 2002 14:56:35 +0000 (14:56 +0000)]
Define top_srcdir, too, for new libtool.
Make perl/snmpget/snmpwalk optional, as they may not be necessary.
aland [Mon, 17 Jun 2002 18:46:40 +0000 (18:46 +0000)]
Removed checks for unused programs
aland [Mon, 17 Jun 2002 15:34:32 +0000 (15:34 +0000)]
Allow lines without \n, when at the end of the file.
fcusack [Mon, 17 Jun 2002 08:28:25 +0000 (08:28 +0000)]
valid type is actually 2, not 1.
aland [Fri, 14 Jun 2002 15:19:10 +0000 (15:19 +0000)]
Make a soft link in two steps.
Bug noted by bj@zuto.de (Rainer Clasen)
aland [Fri, 14 Jun 2002 15:17:38 +0000 (15:17 +0000)]
Added initial handlers for pre-proxy, post-proxy, and post-auth.
The idea is to allow even more configuration of the server.
Right now, the new functions aren't called from anywhere, and no
modules have been updated to include them. But it's a step.
aland [Fri, 14 Jun 2002 14:54:29 +0000 (14:54 +0000)]
Include more header files.
aland [Wed, 12 Jun 2002 16:17:17 +0000 (16:17 +0000)]
Minor changes to follow the RFC's. If we receive 256 bytes of
data, and the RADIUS 'length' field syas that there are 128 bytes,
then the RFC says that the extra octets MUST be ignored.
aland [Tue, 11 Jun 2002 18:09:48 +0000 (18:09 +0000)]
Add Freeradius-Proxied-To attribute as a VSA in the dictionary,
and in the header files.
aland [Tue, 11 Jun 2002 18:06:36 +0000 (18:06 +0000)]
Minor changes to simplify the rules
aland [Tue, 11 Jun 2002 17:48:11 +0000 (17:48 +0000)]
Patch to add radrelay (from the Cistron server) to FreeRADIUS
Originally by Miquel van Smoorenburg, ported to FreeRADIUS
by Simon <lists@routemeister.net>
aland [Tue, 11 Jun 2002 17:41:54 +0000 (17:41 +0000)]
Preliminary driver for sybase database, from mattias@nogui.se
aland [Tue, 11 Jun 2002 17:39:10 +0000 (17:39 +0000)]
Corrected typo in last commit
kkalev [Tue, 11 Jun 2002 17:09:56 +0000 (17:09 +0000)]
* html fixes in user_finger.php3
* Fix a bug in lib/add_badusers.php3 which did not allow inserts in the badusers table.
* Make lib/ldap/password_check.php3 behave properly when it is passed a null password
* Allow for daily/weekly/monthly limits to be set to none and show correct results in the show user page
aland [Tue, 11 Jun 2002 15:49:38 +0000 (15:49 +0000)]
Don't assert things are working, check for error codes.
Bug noted by Thomas Jalsovsky
fcusack [Tue, 11 Jun 2002 08:18:08 +0000 (08:18 +0000)]
-spam
fcusack [Mon, 10 Jun 2002 11:22:23 +0000 (11:22 +0000)]
quiet compiler
fcusack [Mon, 10 Jun 2002 11:15:34 +0000 (11:15 +0000)]
uhh sql_select_query() should actually return the result.
fcusack [Mon, 10 Jun 2002 11:11:20 +0000 (11:11 +0000)]
quiet compiler
fcusack [Mon, 10 Jun 2002 11:08:28 +0000 (11:08 +0000)]
quiet compiler (auth_name -> auth_type to avoid shadow warning)
fcusack [Mon, 10 Jun 2002 11:04:59 +0000 (11:04 +0000)]
add missing <string.h>, add (void) arg to usage() to quiet compiler
fcusack [Mon, 10 Jun 2002 11:01:23 +0000 (11:01 +0000)]
quiet compiler
fcusack [Mon, 10 Jun 2002 10:52:00 +0000 (10:52 +0000)]
vradlog() prototype no longer needed
fcusack [Mon, 10 Jun 2002 10:51:01 +0000 (10:51 +0000)]
add prototype for vradlog()
fcusack [Mon, 10 Jun 2002 10:47:02 +0000 (10:47 +0000)]
fix type for lt_dlhandle
fcusack [Mon, 10 Jun 2002 10:43:47 +0000 (10:43 +0000)]
add <stdlib.h> for free(),atoi(),exit()
fcusack [Mon, 10 Jun 2002 10:41:45 +0000 (10:41 +0000)]
fix arg for pairread()
fcusack [Mon, 10 Jun 2002 10:38:43 +0000 (10:38 +0000)]
quiet compiler
fcusack [Mon, 10 Jun 2002 10:38:08 +0000 (10:38 +0000)]
cleaner removal of mppe_gen_respkey()
fcusack [Mon, 10 Jun 2002 10:34:46 +0000 (10:34 +0000)]
oops, that <stdlib.h> should have been <netinet/in.h> for htonl()
fcusack [Mon, 10 Jun 2002 10:33:57 +0000 (10:33 +0000)]
<stdlib.h> for free()
fcusack [Mon, 10 Jun 2002 10:32:17 +0000 (10:32 +0000)]
lt_dlopenext() returns an lt_dlhandle, not lt_dlhandle *;
lt_dlsym() expect an lt_dlhandle.
fcusack [Mon, 10 Jun 2002 10:19:49 +0000 (10:19 +0000)]
signal handlers take an int arg
fcusack [Mon, 10 Jun 2002 10:12:16 +0000 (10:12 +0000)]
add missing <stdlib.h> for free()
fcusack [Mon, 10 Jun 2002 10:10:43 +0000 (10:10 +0000)]
add missing <string.h>
fcusack [Mon, 10 Jun 2002 10:07:13 +0000 (10:07 +0000)]
quite (incorrect) compiler warning
fcusack [Mon, 10 Jun 2002 09:56:36 +0000 (09:56 +0000)]
add missing <stdlib.h> for free()
fcusack [Mon, 10 Jun 2002 09:56:00 +0000 (09:56 +0000)]
quiet compiler
fcusack [Mon, 10 Jun 2002 09:25:02 +0000 (09:25 +0000)]
fix install rule for empty target
fcusack [Mon, 10 Jun 2002 07:06:50 +0000 (07:06 +0000)]
Fix for freeradius' location for mkinstalldirs
fcusack [Mon, 10 Jun 2002 07:03:08 +0000 (07:03 +0000)]
Fix up a poor attempt to make libtool do something it isn't meant to.
We are trying to force loading of a certain library version, libtool
can't do that when calling dlopen() directly.
Instead, name the .la explicitly, this matches what main/modules.c
does. A better method would be to export a version() function
from each rlm module.
fcusack [Mon, 10 Jun 2002 05:46:04 +0000 (05:46 +0000)]
no changes, documentation only.
The last commit for this was NOT part of the libtool-1.4.2 update,
this file was included by accident. The changes here are new
targets so the versioned libs load correctly.
fcusack [Mon, 10 Jun 2002 05:43:56 +0000 (05:43 +0000)]
DESTDIR = $(R)
fcusack [Mon, 10 Jun 2002 05:40:03 +0000 (05:40 +0000)]
updated for libtool-1.4.2
fcusack [Mon, 10 Jun 2002 05:39:23 +0000 (05:39 +0000)]
update libtool to 1.4.2
aland [Fri, 7 Jun 2002 17:04:16 +0000 (17:04 +0000)]
Added : and space to list of un-escaped characters.
This list should really be configurable in the configuration file,
but the current source makes it a little difficult.
aland [Fri, 7 Jun 2002 13:22:36 +0000 (13:22 +0000)]
Correct variable declaration to get rid of compile warnings
aland [Fri, 7 Jun 2002 13:20:03 +0000 (13:20 +0000)]
Removed unused variables
fcusack [Fri, 7 Jun 2002 06:20:21 +0000 (06:20 +0000)]
tweak noreplace settings per Marko Myllynen.
aland [Thu, 6 Jun 2002 21:06:19 +0000 (21:06 +0000)]
Added 'AND AcctStopTime = 0' to queries. This means that the
SQL databases will not waste their time updating old and stopped
sessions, when broken NAS boxes send new requests with the same
Acct-Session-Id
Patch from Simon <lists@routemeister.net>
Also added notes on where the database schemas may be found, and
when to use which SQL configuration file.
cparker [Thu, 6 Jun 2002 18:37:58 +0000 (18:37 +0000)]
Added VSA Ascend-Auth-Delay to dictionary. This is the time in
milliseconds that the system took to perform authentication.
aland [Thu, 6 Jun 2002 15:03:30 +0000 (15:03 +0000)]
crypt() may fail, so we check for that.
Based on a patch from Josh Wilsdon
aland [Thu, 6 Jun 2002 14:56:44 +0000 (14:56 +0000)]
Copy sql user name over.
Bug noted by Simon <lists@routemeister.net
aland [Thu, 6 Jun 2002 14:35:51 +0000 (14:35 +0000)]
Use -liodbc, not -lodbc
aland [Wed, 5 Jun 2002 18:36:37 +0000 (18:36 +0000)]
Remove the garbage Proxy-Reply attributes which we receive from
the home server, before using them as the basis for our response.
aland [Wed, 5 Jun 2002 15:01:35 +0000 (15:01 +0000)]
Removed iodbc configuration checks from the top-level 'configure'
script, and moved then to src/modules/rlm_sql/drivers/rlm_sql_iodbc/
ramoore [Wed, 5 Jun 2002 13:33:23 +0000 (13:33 +0000)]
Correcting problem of bad patch of simultaneous use check in rlm_sql
ramoore [Tue, 4 Jun 2002 22:05:37 +0000 (22:05 +0000)]
Added simultaneous use checking capability to rlm_sql
aland [Tue, 4 Jun 2002 21:31:50 +0000 (21:31 +0000)]
Attributes for SIP accounting, from sipd:
http://www.cs.columbia.edu/IRT/cinema/doc/sipd
aland [Tue, 4 Jun 2002 21:06:05 +0000 (21:06 +0000)]
Moved sql_set_user() to rlm_sql.c, which allows us to make it
'static', and to use the sql_escape_func(), so that we simplify
the method of normalizing/escaping the strings.
Also added '_' to the list of un-escaped characters.
cparker [Tue, 4 Jun 2002 17:56:43 +0000 (17:56 +0000)]
Correct order of arguments to debug statement.
aland [Tue, 4 Jun 2002 17:54:28 +0000 (17:54 +0000)]
When parsing tags, only allow numeric tags. If we see anything
else, we give a parse error.
aland [Mon, 3 Jun 2002 21:14:24 +0000 (21:14 +0000)]
Added preliminary list of changes in 0.6
aland [Mon, 3 Jun 2002 20:46:47 +0000 (20:46 +0000)]
In refresh_request(), if the home server never responds, then
we do NOT have a 'request->reply->data'. So don't assert that
there is one.
When the proxy server DOES respond, in proxy_check_list(), check
FIRST that if there's already a response, we drop the new packet
on the floor, as the NAS has already seen our response, and there's
nothing more we can do.