Alan T. DeKok [Mon, 14 Sep 2009 14:43:29 +0000 (16:43 +0200)]
Update change logs before 2.1.7
Alan T. DeKok [Mon, 14 Sep 2009 12:29:23 +0000 (14:29 +0200)]
Print out a little more information
Alan T. DeKok [Mon, 14 Sep 2009 12:26:15 +0000 (14:26 +0200)]
Move "set state" to before log message
To avoid race conditions... though I'm not sure why this would
happen
Alan T. DeKok [Sun, 13 Sep 2009 15:07:22 +0000 (17:07 +0200)]
As posted to the list.
It isn't made live yet, because we have no idea if it works or not
Alan T. DeKok [Sun, 13 Sep 2009 14:01:51 +0000 (16:01 +0200)]
Removed redundant code
Alan T. DeKok [Fri, 11 Sep 2009 15:14:09 +0000 (17:14 +0200)]
Make a better name
Alan T. DeKok [Fri, 11 Sep 2009 15:12:06 +0000 (17:12 +0200)]
Wrap crap with more crap
Alan T. DeKok [Thu, 10 Sep 2009 13:16:40 +0000 (15:16 +0200)]
More updates
Alan T. DeKok [Thu, 10 Sep 2009 13:02:39 +0000 (15:02 +0200)]
Added sample configs for MySQL cluster
Alan T. DeKok [Wed, 9 Sep 2009 14:27:16 +0000 (16:27 +0200)]
Update to new syntax
Alan T. DeKok [Wed, 9 Sep 2009 12:12:35 +0000 (14:12 +0200)]
Check value of Fall-Through, too
Alan T. DeKok [Tue, 8 Sep 2009 11:56:54 +0000 (13:56 +0200)]
Be less forgiving about the allowed operators.
If they're not a "foo = bar" type of operator, then return
an error
Alan T. DeKok [Mon, 7 Sep 2009 05:49:34 +0000 (07:49 +0200)]
Wrap header file in protective #ifdef
Alan T. DeKok [Mon, 7 Sep 2009 05:48:57 +0000 (07:48 +0200)]
No need to include modules.h twice
Alan T. DeKok [Sun, 6 Sep 2009 13:58:59 +0000 (15:58 +0200)]
Check for the proper number of arguments to rebind
Alan T. DeKok [Sat, 5 Sep 2009 16:26:08 +0000 (18:26 +0200)]
Replace references to <ltdl.h> with <freeradius-devel/modpriv.h>
As part of our grand plan to better the world by ridding it of libltdl.
Alan T. DeKok [Sat, 5 Sep 2009 16:24:57 +0000 (18:24 +0200)]
First stab at removing libltdl.
The code is protected by preprocessor directives so that it doesn't
affect the release. But it's a good first step to removing insanity.
Alan T. DeKok [Sat, 5 Sep 2009 16:17:26 +0000 (18:17 +0200)]
First stab at removing libltdl.
The code is protected by preprocessor directives so that it doesn't
affect the release. But it's a good first step to removing insanity.
Alan T. DeKok [Sat, 5 Sep 2009 15:54:43 +0000 (17:54 +0200)]
Reference $(INCLTDL) instead of fixed link
This means that all of the system builds with the same version
of libltdl, either the local OR the system one
Alan T. DeKok [Sat, 5 Sep 2009 15:37:31 +0000 (17:37 +0200)]
Work around insane retarded libtool && libltdl issues.
Alan T. DeKok [Fri, 4 Sep 2009 09:00:04 +0000 (11:00 +0200)]
Added --with-system-libltdl
To avoid horrible libtool && libltld incompatibilities
Alan T. DeKok [Thu, 3 Sep 2009 13:33:09 +0000 (15:33 +0200)]
As posted to the list
Alan T. DeKok [Thu, 3 Sep 2009 13:31:42 +0000 (15:31 +0200)]
Fix values as note on list
and
http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080891919.shtml
Alan T. DeKok [Wed, 2 Sep 2009 12:00:21 +0000 (14:00 +0200)]
Remove reference to cui.conf which isn't added yet
Alan T. DeKok [Wed, 2 Sep 2009 08:59:20 +0000 (10:59 +0200)]
Lots of notes prior to 2.1.7
Alan T. DeKok [Tue, 1 Sep 2009 12:49:39 +0000 (14:49 +0200)]
Set DF flag for packets from the server, too
Alan T. DeKok [Sat, 29 Aug 2009 08:54:25 +0000 (10:54 +0200)]
Return 0 if no counter exists
root [Mon, 24 Aug 2009 10:44:47 +0000 (11:44 +0100)]
Signed-off-by: root <root@pclinux-ccalmb.lut.ac.uk>
fixed example ntlm_auth command so that it doesnt throw up unlang warning message
Alan T. DeKok [Sat, 29 Aug 2009 08:44:54 +0000 (10:44 +0200)]
Added comments and simplified code
Alan T. DeKok [Fri, 21 Aug 2009 09:29:21 +0000 (11:29 +0200)]
As posted to the list
Alan T. DeKok [Thu, 20 Aug 2009 08:52:44 +0000 (10:52 +0200)]
Allow 100% to mean "read as fast as possible"
Alan T. DeKok [Thu, 20 Aug 2009 07:08:32 +0000 (09:08 +0200)]
Packet may not exist, so check for that, too
Alan T. DeKok [Wed, 19 Aug 2009 07:04:26 +0000 (09:04 +0200)]
Minor updates
Alan T. DeKok [Wed, 19 Aug 2009 06:58:47 +0000 (08:58 +0200)]
Disallow NULL for regex comparisons
Alan T. DeKok [Tue, 18 Aug 2009 15:23:49 +0000 (17:23 +0200)]
Fix more typos
Alan T. DeKok [Tue, 18 Aug 2009 10:07:40 +0000 (12:07 +0200)]
Fixed typo
Alan T. DeKok [Tue, 18 Aug 2009 08:31:43 +0000 (10:31 +0200)]
Turn off the DF bit.
Alan T. DeKok [Tue, 18 Aug 2009 07:47:19 +0000 (09:47 +0200)]
Fix args to printfy
Alan T. DeKok [Mon, 17 Aug 2009 12:25:57 +0000 (14:25 +0200)]
Add notes on SHA1 versus MD5
Alan T. DeKok [Mon, 17 Aug 2009 10:14:01 +0000 (12:14 +0200)]
Allow "no response" to DHCPy
Alan T. DeKok [Mon, 17 Aug 2009 06:53:47 +0000 (08:53 +0200)]
Catch non-fatal race conditions
Alan T. DeKok [Sat, 15 Aug 2009 05:45:05 +0000 (07:45 +0200)]
Fix typo in last commit
Alan T. DeKok [Fri, 14 Aug 2009 12:53:24 +0000 (14:53 +0200)]
Chave the hash comparison algorithm to avoid timing attacks
Alan T. DeKok [Thu, 13 Aug 2009 08:06:03 +0000 (10:06 +0200)]
Internal functions should be static
Alan T. DeKok [Thu, 13 Aug 2009 08:03:27 +0000 (10:03 +0200)]
Added query_timeout parameter. For now, it does nothing.
It is therefore not documented, either.
Alan T. DeKok [Thu, 13 Aug 2009 08:01:42 +0000 (10:01 +0200)]
Alpha version from Gabriel Blanchard
Alan T. DeKok [Wed, 12 Aug 2009 15:14:28 +0000 (17:14 +0200)]
Fix minor issue
Alan T. DeKok [Wed, 12 Aug 2009 12:15:58 +0000 (14:15 +0200)]
Look up home servers by type, too.
Alan T. DeKok [Wed, 12 Aug 2009 09:12:49 +0000 (11:12 +0200)]
Remove final restrictions on attributes > 32767
Alan T. DeKok [Wed, 12 Aug 2009 08:48:12 +0000 (10:48 +0200)]
Move restrictions on vendor ID from 32767 to 65535
Now that "attr" is stored as an unsigned integer.
Based on a patch from Rafael Ugolini
Alan T. DeKok [Wed, 12 Aug 2009 08:22:23 +0000 (10:22 +0200)]
Moved prototypes to a better place
Alan T. DeKok [Wed, 12 Aug 2009 08:10:45 +0000 (10:10 +0200)]
Move "attr" to unsigned int
So that we don't have to worry about whether or not the high bit is set
Alan T. DeKok [Wed, 12 Aug 2009 05:46:21 +0000 (07:46 +0200)]
Add "const" and remove compiler warningsy
Alan T. DeKok [Tue, 11 Aug 2009 12:35:29 +0000 (14:35 +0200)]
Make code consistent with examples.
Fixes bug #10
Alan T. DeKok [Mon, 10 Aug 2009 17:14:39 +0000 (19:14 +0200)]
request may be NULL
Alan T. DeKok [Mon, 10 Aug 2009 10:17:11 +0000 (12:17 +0200)]
RFC 5580 and dictionary
Alan T. DeKok [Sun, 9 Aug 2009 15:26:41 +0000 (17:26 +0200)]
Cache module lists for VMPS and DHCP
Alan T. DeKok [Wed, 5 Aug 2009 13:36:21 +0000 (15:36 +0200)]
Remove wrong documentation
Alan T. DeKok [Mon, 3 Aug 2009 09:35:27 +0000 (11:35 +0200)]
Use more fields in the query.
These are the same fields used for the other queries, so it makes
sense to use them here
Based on a patch from Chris Moules.
Alan T. DeKok [Mon, 3 Aug 2009 09:27:12 +0000 (11:27 +0200)]
Allow home_server_pools to exist without realms
via a pretty bad hack. The previous code assumed that the home
servers were all loaded, which wasn't true. This fix is temporary,
and should be replaced by one that:
1 loads all home servers
2 loads all home_server_pools
3 loads all realms
Right now, it loads the realms, and uses those to bootstrap the
pools and servers. This is arguably wrong.
Boian Jordanov [Wed, 29 Jul 2009 07:56:54 +0000 (10:56 +0300)]
Moved pthread keys to the "perl_inst" struct. Keys are allocated
per thread, and not via pthread_once.
Alan T. DeKok [Wed, 29 Jul 2009 15:32:23 +0000 (17:32 +0200)]
As posted to bug #7
Alan T. DeKok [Wed, 29 Jul 2009 15:30:20 +0000 (17:30 +0200)]
Log reasons for failure.
Closes bug #8
Alan T. DeKok [Mon, 27 Jul 2009 08:04:44 +0000 (10:04 +0200)]
Move chown to place where it checks for log file existence
Alan T. DeKok [Mon, 27 Jul 2009 07:56:48 +0000 (09:56 +0200)]
Don't increment total_requests for proxied packets
This causes double counting. Instead, only touch outstanding_requests
which is protected by the proxy mutex
Alan T. DeKok [Mon, 27 Jul 2009 07:50:55 +0000 (09:50 +0200)]
Set state to RUNNING when proxying fails
Alan T. DeKok [Mon, 27 Jul 2009 07:34:48 +0000 (09:34 +0200)]
Make %l work
Alan T. DeKok [Mon, 27 Jul 2009 07:33:33 +0000 (09:33 +0200)]
Fix use of memset.
This closes bug #6
Alan T. DeKok [Fri, 17 Jul 2009 14:07:33 +0000 (16:07 +0200)]
suid down earlier, ensure log files have correct ownership
Alan T. DeKok [Fri, 17 Jul 2009 12:45:15 +0000 (14:45 +0200)]
Move zombie checks to later so other rules apply, too
Alan T. DeKok [Fri, 17 Jul 2009 12:33:23 +0000 (14:33 +0200)]
Allow requests to fail over to live servers earlier
Alan T. DeKok [Wed, 15 Jul 2009 13:37:54 +0000 (15:37 +0200)]
Added wildcard to sub-dirs
So that you can delete directories you don't need after configure
Alan T. DeKok [Wed, 15 Jul 2009 10:04:54 +0000 (12:04 +0200)]
Fix typo
Alan T. DeKok [Wed, 15 Jul 2009 09:04:47 +0000 (11:04 +0200)]
Better handle variable that isn't in the module instance
This kind of thing should be discouraged...
Alan T. DeKok [Mon, 13 Jul 2009 14:23:06 +0000 (16:23 +0200)]
Allow response_window && zombie_period to be smaller.
Accept values outside of the recommended range.
Also when proxying, skip home servers that are marked zombie.
They're not responding, so for *new* requests, we treat them
like they're dead
Alan T. DeKok [Thu, 9 Jul 2009 13:00:06 +0000 (15:00 +0200)]
Fix for newer versions of MySQL
Alan T. DeKok [Thu, 9 Jul 2009 08:46:14 +0000 (10:46 +0200)]
Use postgresl style comments
Based on patch from Wickert Akkerman
Alan T. DeKok [Wed, 8 Jul 2009 06:46:33 +0000 (08:46 +0200)]
Fix typos
Alan T. DeKok [Wed, 8 Jul 2009 06:44:29 +0000 (08:44 +0200)]
Fix for newer versions of MySQL
Alan T. DeKok [Mon, 6 Jul 2009 08:18:23 +0000 (10:18 +0200)]
Added sample radrelay.conf
Alan T. DeKok [Sun, 5 Jul 2009 08:02:05 +0000 (10:02 +0200)]
Made thread pool section optional
If it doesn't exist, the server will run single threaded
Alan T. DeKok [Fri, 3 Jul 2009 20:08:18 +0000 (22:08 +0200)]
Preliminary implementation of DHCP relay
For now, it can only relay packets if giaddr = 0.
If giaddr != 0, we are required to cache the packet by XID/MAC, so that
we can capture the response on the DHCP port, look up the XID/MAC, and
respond to the client.
We will also need to update the fr_dhcp_encode function, which can
currently only respond to clients, and not originate packets.
Alan T. DeKok [Fri, 3 Jul 2009 16:16:15 +0000 (18:16 +0200)]
Use new name
Alan T. DeKok [Fri, 3 Jul 2009 11:13:08 +0000 (13:13 +0200)]
Suppress more messages in debugging mode
Alan T. DeKok [Fri, 3 Jul 2009 07:34:21 +0000 (09:34 +0200)]
First draft of CUI policies
Taken from http://github.com/twoln/freeradius-server/
with edits for consistency and clarity
Alan T. DeKok [Fri, 3 Jul 2009 06:57:38 +0000 (08:57 +0200)]
Allow UTF-8 in SQL log
Based on patch from http://github.com/stjaeger/freeradius-server/commit/
769d35691ef3adbf4de84602a63a72df00712b2c
Alan T. DeKok [Thu, 2 Jul 2009 13:55:51 +0000 (15:55 +0200)]
Document chase_referrals and rebind
Alan T. DeKok [Thu, 2 Jul 2009 13:51:24 +0000 (15:51 +0200)]
Extend the logging capabilities of auth good/badpass
Alan T. DeKok [Wed, 1 Jul 2009 07:17:31 +0000 (09:17 +0200)]
Updates as posted by David Hobley
Alan T. DeKok [Tue, 30 Jun 2009 14:57:42 +0000 (16:57 +0200)]
If the previous evaluation failed, don't process '!'
This catches the case of ((expr1) && !(expr2)), where it
would still process expr2 if expr1 failed.
Alan T. DeKok [Thu, 25 Jun 2009 18:57:00 +0000 (20:57 +0200)]
Remove bad assertion
Alan T. DeKok [Fri, 19 Jun 2009 14:02:24 +0000 (16:02 +0200)]
Fix typos
Alan T. DeKok [Fri, 19 Jun 2009 09:57:44 +0000 (11:57 +0200)]
A number of fixes for the DHCP code.
- send server identifier in siaddr field, too
- find message-type option anywhere in the packet, not just
at the start
- respond to unicast packets that have yiaddr == giaddr == 0
Alan T. DeKok [Wed, 17 Jun 2009 10:35:04 +0000 (12:35 +0200)]
Sort attributes, and print times as offsets
Alan T. DeKok [Wed, 17 Jun 2009 06:26:27 +0000 (08:26 +0200)]
Note recent changes
Alan T. DeKok [Wed, 17 Jun 2009 05:35:43 +0000 (07:35 +0200)]
Document Cleartext-Password
Alan T. DeKok [Wed, 17 Jun 2009 05:34:18 +0000 (07:34 +0200)]
Allow for overload, to read packets as fast as possible
Alan T. DeKok [Tue, 16 Jun 2009 14:39:57 +0000 (16:39 +0200)]
Removed requirement for DHCP to have clients
Alan T. DeKok [Tue, 16 Jun 2009 14:38:02 +0000 (16:38 +0200)]
Added udpfromto support for sending, too
Alan T. DeKok [Tue, 16 Jun 2009 13:55:08 +0000 (15:55 +0200)]
Added the ability to selectively mark a module as alive/dead
This is useful for when you KNOW that a server is down for a long
time, but you don't want to edit your configuration.