aland [Thu, 14 Feb 2008 11:14:11 +0000 (11:14 +0000)]
2.0.2
aland [Thu, 14 Feb 2008 11:13:48 +0000 (11:13 +0000)]
Notes on attr_filter
aland [Thu, 14 Feb 2008 11:13:15 +0000 (11:13 +0000)]
Updated to 2.0.2
aland [Thu, 14 Feb 2008 11:09:29 +0000 (11:09 +0000)]
Added 'deb' target
aland [Thu, 14 Feb 2008 10:31:15 +0000 (10:31 +0000)]
Corrected behavior to match documentation.
aland [Thu, 14 Feb 2008 09:00:38 +0000 (09:00 +0000)]
strncat is useless. Use strlcpy instead
aland [Thu, 14 Feb 2008 07:03:42 +0000 (07:03 +0000)]
Corrected reference to schema
aland [Wed, 13 Feb 2008 14:56:57 +0000 (14:56 +0000)]
Deleted code handling massaging of sockets on HUP. Version 2.0
has never supported this, so the code is dead...
aland [Wed, 13 Feb 2008 14:35:26 +0000 (14:35 +0000)]
As per recent changes
aland [Wed, 13 Feb 2008 14:34:47 +0000 (14:34 +0000)]
Added note on SSL performance
aland [Wed, 13 Feb 2008 14:21:05 +0000 (14:21 +0000)]
Corrected typo
aland [Wed, 13 Feb 2008 09:41:14 +0000 (09:41 +0000)]
Use 'virtual_server' everywhere
aland [Wed, 13 Feb 2008 09:27:18 +0000 (09:27 +0000)]
Updated to make it work...
aland [Tue, 12 Feb 2008 10:30:56 +0000 (10:30 +0000)]
Notes on new listener "type = proxy"
aland [Tue, 12 Feb 2008 10:20:37 +0000 (10:20 +0000)]
Sanity checks for port ranges in listen sections.
Allow listen { type = proxy }, which can simplify some configs
Grab port number from getsockname(), if available
aland [Tue, 12 Feb 2008 10:08:32 +0000 (10:08 +0000)]
Print out "listening on proxy", too
aland [Tue, 12 Feb 2008 09:52:06 +0000 (09:52 +0000)]
Print out more error messages on failure
aland [Mon, 11 Feb 2008 15:19:54 +0000 (15:19 +0000)]
Added signal self for new proxy fd's, so that we will start
listening on them.
aland [Mon, 11 Feb 2008 15:09:56 +0000 (15:09 +0000)]
Be fail-safe on multiple inserts
aland [Mon, 11 Feb 2008 13:06:42 +0000 (13:06 +0000)]
Added a few attributes...
aland [Sun, 10 Feb 2008 15:23:33 +0000 (15:23 +0000)]
Fall back to using DEFAULT realm. Based on patch from
Vincent Magnin
aland [Sun, 10 Feb 2008 11:30:05 +0000 (11:30 +0000)]
Singles in authenticate{} return immediately. Sections
are processed just like authorize
aland [Sun, 10 Feb 2008 09:22:13 +0000 (09:22 +0000)]
Note recent fixes
aland [Sun, 10 Feb 2008 09:18:10 +0000 (09:18 +0000)]
Properly initialize random context. This solves the
EAP handler issues seen recently on the list.
aland [Sat, 9 Feb 2008 08:00:55 +0000 (08:00 +0000)]
Use name2 for debug messages, not name1
aland [Sat, 9 Feb 2008 07:55:21 +0000 (07:55 +0000)]
Corrected debug output
aland [Sat, 9 Feb 2008 07:29:18 +0000 (07:29 +0000)]
Re-build from configure.in to add -DLDAP_DEPRECATED, which
allows it to work on 64-bit systems
aland [Thu, 7 Feb 2008 08:51:06 +0000 (08:51 +0000)]
Print more on "failed to remember handler"
Try harder to keep a unique state.
Check return code of eaplist_add
aland [Wed, 6 Feb 2008 17:06:07 +0000 (17:06 +0000)]
corrected typo
aland [Wed, 6 Feb 2008 14:01:22 +0000 (14:01 +0000)]
Notes on 2.0.2
aland [Wed, 6 Feb 2008 11:11:48 +0000 (11:11 +0000)]
Notes on proxying when "proxy_as_eap = no"
aland [Wed, 6 Feb 2008 11:06:40 +0000 (11:06 +0000)]
Clean up detail file handling again
aland [Wed, 6 Feb 2008 11:05:03 +0000 (11:05 +0000)]
Permit inner tunnel EAP things to be proxied, too
aland [Wed, 6 Feb 2008 10:36:48 +0000 (10:36 +0000)]
Corrected documentation
aland [Tue, 5 Feb 2008 15:07:17 +0000 (15:07 +0000)]
Don't print out internal attributes when sending packets
aland [Tue, 5 Feb 2008 10:01:30 +0000 (10:01 +0000)]
Allow raw attributes to be sent if the server was built with
debug symbols. This means that the administrator can send
*anything* in a packet, including badly formatted attributes
Raw-Attribute = 0x050600000001
NAS-Port = 1
Raw-Attribute = 0x0505000001
Badly formatted NAS-Port. (length is 5, not 6)
aland [Mon, 4 Feb 2008 21:37:15 +0000 (21:37 +0000)]
Corrected typos
aland [Mon, 4 Feb 2008 16:37:08 +0000 (16:37 +0000)]
select() returns nothing if we're just before EOF.
So, if we've read a complete packet, check if our current
position == eof. We can't use feof() for this, because it
returns eof only when we've tried to go past eof...
aland [Mon, 4 Feb 2008 16:30:38 +0000 (16:30 +0000)]
With -i && -n, also read listen sections from "server <foo>"
aland [Fri, 1 Feb 2008 08:13:11 +0000 (08:13 +0000)]
Fix bugs, make der
aland [Thu, 31 Jan 2008 08:51:05 +0000 (08:51 +0000)]
Don't create attributes of zero length.
aland [Wed, 30 Jan 2008 09:33:28 +0000 (09:33 +0000)]
Track name_len for unknown attributes. This fixes bug #514
aland [Fri, 25 Jan 2008 13:32:00 +0000 (13:32 +0000)]
Cleaned up typos.
Put yet another rant at the top of the file about using
debugging mode. Maybe people will read it...
aland [Tue, 22 Jan 2008 14:17:49 +0000 (14:17 +0000)]
Note 2.0.2-pre
aland [Tue, 22 Jan 2008 14:16:37 +0000 (14:16 +0000)]
put VERSION into a separate file so that we don't have to
re-generate configure scripts...
aland [Tue, 22 Jan 2008 13:26:46 +0000 (13:26 +0000)]
2.0.1
aland [Tue, 22 Jan 2008 13:25:45 +0000 (13:25 +0000)]
Release 2.0.1
aland [Mon, 21 Jan 2008 10:29:59 +0000 (10:29 +0000)]
log_destination can now go in the log{} section.
aland [Mon, 21 Jan 2008 10:29:02 +0000 (10:29 +0000)]
Parse log_* && log{} before doing anything else.
This also fixes the syslog issue reported on the list.
aland [Mon, 21 Jan 2008 07:48:10 +0000 (07:48 +0000)]
Pass REQUEST to paircompare()
aland [Mon, 21 Jan 2008 07:46:01 +0000 (07:46 +0000)]
request may be NULL
nbk [Sun, 20 Jan 2008 15:54:56 +0000 (15:54 +0000)]
Fix MySQL errors, as posted to the list by Marcos Roberto
Greiner <mrgreiner@gmail.com>
aland [Sun, 20 Jan 2008 09:04:14 +0000 (09:04 +0000)]
Test for value to be NULL
aland [Sat, 19 Jan 2008 22:26:29 +0000 (22:26 +0000)]
Added db_dir. Database files should go into a writeable
directory, and not /etc/raddb
aland [Thu, 17 Jan 2008 06:42:07 +0000 (06:42 +0000)]
Move unix to after realms
aland [Wed, 16 Jan 2008 07:01:57 +0000 (07:01 +0000)]
Corrected typos
aland [Wed, 16 Jan 2008 06:58:51 +0000 (06:58 +0000)]
Do comparisons of octet strings properly
aland [Wed, 16 Jan 2008 02:37:12 +0000 (02:37 +0000)]
Don't leave MS-CHAP2-Success in the reply packet. It's
unnecessary.
aland [Tue, 15 Jan 2008 16:31:08 +0000 (16:31 +0000)]
Initialize variables
aland [Tue, 15 Jan 2008 16:29:55 +0000 (16:29 +0000)]
We no longer have to do "%{Attribute-Name}", we can just use
the bare name.
aland [Tue, 15 Jan 2008 15:49:38 +0000 (15:49 +0000)]
It's unsigned, not signed
aland [Tue, 15 Jan 2008 14:43:42 +0000 (14:43 +0000)]
Allow:
if (User-Name == "bob") { ...
which is much more obvious. It also allows:
if (Framed-IP-Address > 127.0.0.1) { ...
which wasn't allowed in 2.0
aland [Tue, 15 Jan 2008 14:33:38 +0000 (14:33 +0000)]
Permit *known* attributes to be sent as hex via 0x...
aland [Sat, 12 Jan 2008 15:06:43 +0000 (15:06 +0000)]
Set operator
aland [Sat, 12 Jan 2008 08:04:29 +0000 (08:04 +0000)]
Permit Client-IP-Address to work
aland [Fri, 11 Jan 2008 11:03:47 +0000 (11:03 +0000)]
Notes for 2.0 methods
aland [Fri, 11 Jan 2008 11:03:19 +0000 (11:03 +0000)]
Update for 2.0.1-pre
You can now do "make dist-check", which does some sanity
check on the build files
aland [Thu, 10 Jan 2008 16:41:25 +0000 (16:41 +0000)]
Update configure script, too
aland [Thu, 10 Jan 2008 16:40:19 +0000 (16:40 +0000)]
CVS head is now 2.0.1-pre
aland [Thu, 10 Jan 2008 16:39:51 +0000 (16:39 +0000)]
bz2 is -j, not -z
aland [Thu, 10 Jan 2008 13:34:47 +0000 (13:34 +0000)]
Added targets:
dist = checkout clean tree && create tar files
dist-tag = print out commands to tag (don't actually do it...)
dist-sign = sign the tar files
publish: scp to freeradius.org
aland [Thu, 10 Jan 2008 11:02:18 +0000 (11:02 +0000)]
We don't need this any more
aland [Thu, 10 Jan 2008 10:38:42 +0000 (10:38 +0000)]
And it's 2.0.0
aland [Thu, 10 Jan 2008 10:37:54 +0000 (10:37 +0000)]
BEWARE! It's 2.0.0!
aland [Thu, 10 Jan 2008 10:28:35 +0000 (10:28 +0000)]
Notes on how to use CA's if CA_file is NULL
aland [Thu, 10 Jan 2008 10:26:36 +0000 (10:26 +0000)]
Notes on CA_file being NULL
aland [Thu, 10 Jan 2008 10:26:12 +0000 (10:26 +0000)]
If no ca_file, don't set CA list for client certificates
aland [Thu, 10 Jan 2008 10:15:12 +0000 (10:15 +0000)]
Added notes on self-signed certificates
aland [Thu, 10 Jan 2008 10:13:04 +0000 (10:13 +0000)]
One more for -Wunused
aland [Thu, 10 Jan 2008 10:12:01 +0000 (10:12 +0000)]
Don't use mkdir -p
aland [Thu, 10 Jan 2008 10:08:55 +0000 (10:08 +0000)]
Make directory before copying files to it
aland [Thu, 10 Jan 2008 10:02:08 +0000 (10:02 +0000)]
Additional notes on CA_path
aland [Thu, 10 Jan 2008 09:57:33 +0000 (09:57 +0000)]
Fix compile warnings on some platforms
aland [Thu, 10 Jan 2008 09:07:43 +0000 (09:07 +0000)]
Allow in-tree tests
aland [Thu, 10 Jan 2008 09:06:56 +0000 (09:06 +0000)]
Updated copyright
aland [Thu, 10 Jan 2008 09:05:48 +0000 (09:05 +0000)]
Add top-level "tests" target
aland [Wed, 9 Jan 2008 22:37:58 +0000 (22:37 +0000)]
When we have attributes in the config files, AND the value
is a bare word, AND the attr is string, AND the value is '0x',
then make the type OCTETS, so that we can easily send opaque
data containing embedded NUL's.
This is a work-around for the problem that parsing a string
does NOT return a string length. Instead, the length is
implicit based on \0...
aland [Wed, 9 Jan 2008 22:02:52 +0000 (22:02 +0000)]
Corrected typo in "redundant-load-balance"
aland [Wed, 9 Jan 2008 22:01:10 +0000 (22:01 +0000)]
Match "hints" on DEFAULT or on matching User-Name.
aland [Wed, 9 Jan 2008 15:59:26 +0000 (15:59 +0000)]
Audit the code for other uses of 'now' where it might not be
updated.
aland [Wed, 9 Jan 2008 15:55:57 +0000 (15:55 +0000)]
Update 'now' in the function. This means that if the proxy id
expiry time is in the past, we'll have the correct time.
if we don't update "now", then it stays in the past, and
we never notice that it's time to clean up.
aland [Wed, 9 Jan 2008 14:44:13 +0000 (14:44 +0000)]
Update calling pointer to be NULL, too
aland [Wed, 9 Jan 2008 14:10:46 +0000 (14:10 +0000)]
Removed dead code
aland [Wed, 9 Jan 2008 13:39:13 +0000 (13:39 +0000)]
Free alloc'd memory
aland [Wed, 9 Jan 2008 13:29:47 +0000 (13:29 +0000)]
Remember the listen head in mainconfig, so it's not leaked,
and so everyone else can access it for sanity checks.
aland [Wed, 9 Jan 2008 13:24:25 +0000 (13:24 +0000)]
Comment out code that isn't used, and doesn't do anything.
aland [Wed, 9 Jan 2008 13:20:56 +0000 (13:20 +0000)]
xlat_name = cf_section_name*() means that it's free'd BEFORE
the module "detach" routine is called. So we have to remember
it ourselves, to that we can un-register the xlat
aland [Wed, 9 Jan 2008 10:34:40 +0000 (10:34 +0000)]
Ensure that EAP-TNC can only run AFTER the user has been
authenticated. This prevents people from using it as an
authentication method.
aland [Tue, 8 Jan 2008 16:43:07 +0000 (16:43 +0000)]
Expand %{config: ...} sub-strings
aland [Tue, 8 Jan 2008 04:27:39 +0000 (04:27 +0000)]
If we've found -lcrypto, update LIBS so that the next check for
-lssl uses -lcrypto. Otherwise, autoconf helpfully deletes
-lcrypto from the LIBS variable BEFORE checking for -lssl.