aland [Tue, 22 Jan 2008 13:26:46 +0000 (13:26 +0000)]
2.0.1
aland [Tue, 22 Jan 2008 13:25:45 +0000 (13:25 +0000)]
Release 2.0.1
aland [Mon, 21 Jan 2008 10:29:59 +0000 (10:29 +0000)]
log_destination can now go in the log{} section.
aland [Mon, 21 Jan 2008 10:29:02 +0000 (10:29 +0000)]
Parse log_* && log{} before doing anything else.
This also fixes the syslog issue reported on the list.
aland [Mon, 21 Jan 2008 07:48:10 +0000 (07:48 +0000)]
Pass REQUEST to paircompare()
aland [Mon, 21 Jan 2008 07:46:01 +0000 (07:46 +0000)]
request may be NULL
nbk [Sun, 20 Jan 2008 15:54:56 +0000 (15:54 +0000)]
Fix MySQL errors, as posted to the list by Marcos Roberto
Greiner <mrgreiner@gmail.com>
aland [Sun, 20 Jan 2008 09:04:14 +0000 (09:04 +0000)]
Test for value to be NULL
aland [Sat, 19 Jan 2008 22:26:29 +0000 (22:26 +0000)]
Added db_dir. Database files should go into a writeable
directory, and not /etc/raddb
aland [Thu, 17 Jan 2008 06:42:07 +0000 (06:42 +0000)]
Move unix to after realms
aland [Wed, 16 Jan 2008 07:01:57 +0000 (07:01 +0000)]
Corrected typos
aland [Wed, 16 Jan 2008 06:58:51 +0000 (06:58 +0000)]
Do comparisons of octet strings properly
aland [Wed, 16 Jan 2008 02:37:12 +0000 (02:37 +0000)]
Don't leave MS-CHAP2-Success in the reply packet. It's
unnecessary.
aland [Tue, 15 Jan 2008 16:31:08 +0000 (16:31 +0000)]
Initialize variables
aland [Tue, 15 Jan 2008 16:29:55 +0000 (16:29 +0000)]
We no longer have to do "%{Attribute-Name}", we can just use
the bare name.
aland [Tue, 15 Jan 2008 15:49:38 +0000 (15:49 +0000)]
It's unsigned, not signed
aland [Tue, 15 Jan 2008 14:43:42 +0000 (14:43 +0000)]
Allow:
if (User-Name == "bob") { ...
which is much more obvious. It also allows:
if (Framed-IP-Address > 127.0.0.1) { ...
which wasn't allowed in 2.0
aland [Tue, 15 Jan 2008 14:33:38 +0000 (14:33 +0000)]
Permit *known* attributes to be sent as hex via 0x...
aland [Sat, 12 Jan 2008 15:06:43 +0000 (15:06 +0000)]
Set operator
aland [Sat, 12 Jan 2008 08:04:29 +0000 (08:04 +0000)]
Permit Client-IP-Address to work
aland [Fri, 11 Jan 2008 11:03:47 +0000 (11:03 +0000)]
Notes for 2.0 methods
aland [Fri, 11 Jan 2008 11:03:19 +0000 (11:03 +0000)]
Update for 2.0.1-pre
You can now do "make dist-check", which does some sanity
check on the build files
aland [Thu, 10 Jan 2008 16:41:25 +0000 (16:41 +0000)]
Update configure script, too
aland [Thu, 10 Jan 2008 16:40:19 +0000 (16:40 +0000)]
CVS head is now 2.0.1-pre
aland [Thu, 10 Jan 2008 16:39:51 +0000 (16:39 +0000)]
bz2 is -j, not -z
aland [Thu, 10 Jan 2008 13:34:47 +0000 (13:34 +0000)]
Added targets:
dist = checkout clean tree && create tar files
dist-tag = print out commands to tag (don't actually do it...)
dist-sign = sign the tar files
publish: scp to freeradius.org
aland [Thu, 10 Jan 2008 11:02:18 +0000 (11:02 +0000)]
We don't need this any more
aland [Thu, 10 Jan 2008 10:38:42 +0000 (10:38 +0000)]
And it's 2.0.0
aland [Thu, 10 Jan 2008 10:37:54 +0000 (10:37 +0000)]
BEWARE! It's 2.0.0!
aland [Thu, 10 Jan 2008 10:28:35 +0000 (10:28 +0000)]
Notes on how to use CA's if CA_file is NULL
aland [Thu, 10 Jan 2008 10:26:36 +0000 (10:26 +0000)]
Notes on CA_file being NULL
aland [Thu, 10 Jan 2008 10:26:12 +0000 (10:26 +0000)]
If no ca_file, don't set CA list for client certificates
aland [Thu, 10 Jan 2008 10:15:12 +0000 (10:15 +0000)]
Added notes on self-signed certificates
aland [Thu, 10 Jan 2008 10:13:04 +0000 (10:13 +0000)]
One more for -Wunused
aland [Thu, 10 Jan 2008 10:12:01 +0000 (10:12 +0000)]
Don't use mkdir -p
aland [Thu, 10 Jan 2008 10:08:55 +0000 (10:08 +0000)]
Make directory before copying files to it
aland [Thu, 10 Jan 2008 10:02:08 +0000 (10:02 +0000)]
Additional notes on CA_path
aland [Thu, 10 Jan 2008 09:57:33 +0000 (09:57 +0000)]
Fix compile warnings on some platforms
aland [Thu, 10 Jan 2008 09:07:43 +0000 (09:07 +0000)]
Allow in-tree tests
aland [Thu, 10 Jan 2008 09:06:56 +0000 (09:06 +0000)]
Updated copyright
aland [Thu, 10 Jan 2008 09:05:48 +0000 (09:05 +0000)]
Add top-level "tests" target
aland [Wed, 9 Jan 2008 22:37:58 +0000 (22:37 +0000)]
When we have attributes in the config files, AND the value
is a bare word, AND the attr is string, AND the value is '0x',
then make the type OCTETS, so that we can easily send opaque
data containing embedded NUL's.
This is a work-around for the problem that parsing a string
does NOT return a string length. Instead, the length is
implicit based on \0...
aland [Wed, 9 Jan 2008 22:02:52 +0000 (22:02 +0000)]
Corrected typo in "redundant-load-balance"
aland [Wed, 9 Jan 2008 22:01:10 +0000 (22:01 +0000)]
Match "hints" on DEFAULT or on matching User-Name.
aland [Wed, 9 Jan 2008 15:59:26 +0000 (15:59 +0000)]
Audit the code for other uses of 'now' where it might not be
updated.
aland [Wed, 9 Jan 2008 15:55:57 +0000 (15:55 +0000)]
Update 'now' in the function. This means that if the proxy id
expiry time is in the past, we'll have the correct time.
if we don't update "now", then it stays in the past, and
we never notice that it's time to clean up.
aland [Wed, 9 Jan 2008 14:44:13 +0000 (14:44 +0000)]
Update calling pointer to be NULL, too
aland [Wed, 9 Jan 2008 14:10:46 +0000 (14:10 +0000)]
Removed dead code
aland [Wed, 9 Jan 2008 13:39:13 +0000 (13:39 +0000)]
Free alloc'd memory
aland [Wed, 9 Jan 2008 13:29:47 +0000 (13:29 +0000)]
Remember the listen head in mainconfig, so it's not leaked,
and so everyone else can access it for sanity checks.
aland [Wed, 9 Jan 2008 13:24:25 +0000 (13:24 +0000)]
Comment out code that isn't used, and doesn't do anything.
aland [Wed, 9 Jan 2008 13:20:56 +0000 (13:20 +0000)]
xlat_name = cf_section_name*() means that it's free'd BEFORE
the module "detach" routine is called. So we have to remember
it ourselves, to that we can un-register the xlat
aland [Wed, 9 Jan 2008 10:34:40 +0000 (10:34 +0000)]
Ensure that EAP-TNC can only run AFTER the user has been
authenticated. This prevents people from using it as an
authentication method.
aland [Tue, 8 Jan 2008 16:43:07 +0000 (16:43 +0000)]
Expand %{config: ...} sub-strings
aland [Tue, 8 Jan 2008 04:27:39 +0000 (04:27 +0000)]
If we've found -lcrypto, update LIBS so that the next check for
-lssl uses -lcrypto. Otherwise, autoconf helpfully deletes
-lcrypto from the LIBS variable BEFORE checking for -lssl.
nbk [Mon, 7 Jan 2008 14:44:03 +0000 (14:44 +0000)]
Bring back --with-udpfromto
aland [Mon, 7 Jan 2008 12:36:19 +0000 (12:36 +0000)]
If we're building experimental modules, go into a directory ONLY
if there's a "Makefile" there.
aland [Mon, 7 Jan 2008 12:30:35 +0000 (12:30 +0000)]
Remove "strict dependencies". It's not needed
nbk [Mon, 7 Jan 2008 09:31:48 +0000 (09:31 +0000)]
Merge the patches sent by the dialupadmin users in the past for
the 1.x series.
nbk [Sun, 6 Jan 2008 17:32:05 +0000 (17:32 +0000)]
client->nastype may be freed later by client_free()
nbk [Sun, 6 Jan 2008 17:31:08 +0000 (17:31 +0000)]
Add missing case T_OP_GE
nbk [Sun, 6 Jan 2008 17:28:54 +0000 (17:28 +0000)]
Fix some compiler warnings.
nbk [Sun, 6 Jan 2008 17:27:41 +0000 (17:27 +0000)]
Fix more signedness warnings.
nbk [Sun, 6 Jan 2008 03:03:09 +0000 (03:03 +0000)]
Fix some compiler warnings.
nbk [Sun, 6 Jan 2008 02:38:48 +0000 (02:38 +0000)]
Prototype for function client_listener_find() in main/listen.c
nbk [Sun, 6 Jan 2008 01:53:58 +0000 (01:53 +0000)]
Corrected typo.
pnixon [Sat, 5 Jan 2008 22:30:40 +0000 (22:30 +0000)]
Add --without-rlm_eap_ikev2 and remove BuildDep as no standard SUSE install has libeap-ikev2 (yet)
pnixon [Sat, 5 Jan 2008 22:14:10 +0000 (22:14 +0000)]
Update to FreeRADIUS Server 2.0.0 (Sync with openSUSE Build Service)
nbk [Sat, 5 Jan 2008 18:56:32 +0000 (18:56 +0000)]
Fix some compiler warnings.
nbk [Sat, 5 Jan 2008 18:51:50 +0000 (18:51 +0000)]
Fix more signedness warnings.
nbk [Sat, 5 Jan 2008 17:58:44 +0000 (17:58 +0000)]
Include udpfromto.h
nbk [Sat, 5 Jan 2008 17:55:08 +0000 (17:55 +0000)]
Now that rlm_python is stable, we need python-dev in Build-Depends.
nbk [Sat, 5 Jan 2008 17:14:35 +0000 (17:14 +0000)]
Regenerate from configure.in
nbk [Sat, 5 Jan 2008 17:12:08 +0000 (17:12 +0000)]
Update configure scripts of the SQL submodules so they look like the
others in the source tree.
pnixon [Sat, 5 Jan 2008 15:08:49 +0000 (15:08 +0000)]
Remove freetds from the docs as we no longer have it
pnixon [Sat, 5 Jan 2008 15:02:20 +0000 (15:02 +0000)]
Get rid of freetds as we no longer have that code in tree
aland [Sat, 5 Jan 2008 13:39:14 +0000 (13:39 +0000)]
Note valgrind usage
aland [Sat, 5 Jan 2008 03:14:22 +0000 (03:14 +0000)]
Added RCSID macros
aland [Sat, 5 Jan 2008 02:58:16 +0000 (02:58 +0000)]
Catch corner cases / race conditions on no response to proxied
requests, and interaction with max_request_time,
At max_request_time:
- If !request->child_pid, don't print "killing child"
- If we DO have child threads, mark the request as STOP, and
wait for something to happen.
- If we DON'T have child threads, just delete the request, as
it's done.
The post proxy fail handler calls wait_a_bit, which now MAY
delete the request. So move it's use of "wait_a_bit" to the
end of the function, and note that the request may be deleted.
We now have a *different* corner case where at max_request_time,
the server can still queue the request (threaded), OR respond
to it (unthreaded), before noticing that it's at
max_request_time. That should be OK, though, and safer than the
alternatives.
If people don't like this, they should set the home server
response window to something LESS than max_request_time.
nbk [Sat, 5 Jan 2008 02:45:02 +0000 (02:45 +0000)]
Remove --enable-strict-dependencies from the top-level "configure"
flags. Debian doesn't have a package for libeap-ikev2, so it's
impossible to meet all the dependencies.
nbk [Sat, 5 Jan 2008 02:36:46 +0000 (02:36 +0000)]
Declare variables before code
aland [Sat, 5 Jan 2008 02:18:42 +0000 (02:18 +0000)]
Cleaned up error messages.
If there's no response to a proxied request, we run the request
through the post-proxy-fail handler, which calls post-handler,
which eventually tries to proxy it again. Since it's already
in the request hash, we get an error message saying that we
can't insert it into the request hash.
The fix is to NOT try to proxy it if request->proxy exists.
We also check for that, and request->in_proxy_hash in
successfully_proxied_request.
We may want to call remove_from_proxy_hash() in no response to
proxied request, too.
nbk [Sat, 5 Jan 2008 02:03:18 +0000 (02:03 +0000)]
Note unused parameters with a gcc attribute.
aland [Sat, 5 Jan 2008 01:55:26 +0000 (01:55 +0000)]
Removed unused variables
aland [Sat, 5 Jan 2008 01:54:48 +0000 (01:54 +0000)]
Be a little more forgiving about parsing realms.
aland [Sat, 5 Jan 2008 01:26:16 +0000 (01:26 +0000)]
Re-arrange parsing of things so that people's existing
configurations are more likely to work.
nbk [Sat, 5 Jan 2008 01:06:51 +0000 (01:06 +0000)]
Declare variables before code
nbk [Sat, 5 Jan 2008 00:39:43 +0000 (00:39 +0000)]
Renamed 2.0.0-pre2 to 2.0.0, in preparation for the release.
nbk [Sat, 5 Jan 2008 00:35:21 +0000 (00:35 +0000)]
Update Standards-Version to 3.7.3 (no changes required).
aland [Fri, 4 Jan 2008 13:27:24 +0000 (13:27 +0000)]
Make installation directories before installing stuff in them.
No idea why this is necessary, but what the heck...
aland [Fri, 4 Jan 2008 13:22:53 +0000 (13:22 +0000)]
Declare variables before code
aland [Fri, 4 Jan 2008 13:21:30 +0000 (13:21 +0000)]
Declare buffers before code
aland [Fri, 4 Jan 2008 09:46:57 +0000 (09:46 +0000)]
Client may be IPv6, too
aland [Fri, 4 Jan 2008 09:44:29 +0000 (09:44 +0000)]
Patches from Apple to build without <membershipPriv.h>
aland [Thu, 3 Jan 2008 22:44:47 +0000 (22:44 +0000)]
It's ldflags, not libs... that may help
aland [Thu, 3 Jan 2008 10:17:55 +0000 (10:17 +0000)]
Removed unused prototypes and functions
aland [Thu, 3 Jan 2008 09:54:53 +0000 (09:54 +0000)]
Don't call client_* functions.
aland [Thu, 3 Jan 2008 09:53:16 +0000 (09:53 +0000)]
Don't call client_find. The REQUEST now holds a pointer to
the client structure
aland [Thu, 3 Jan 2008 08:19:49 +0000 (08:19 +0000)]
Updated copyrights
aland [Wed, 2 Jan 2008 15:14:47 +0000 (15:14 +0000)]
clean it up even more