Arran Cudbard-Bell [Sun, 1 Jun 2014 18:14:05 +0000 (19:14 +0100)]
Merge cache changes from master
Arran Cudbard-Bell [Sun, 1 Jun 2014 11:20:56 +0000 (12:20 +0100)]
Remove all Cache control attributes after each rlm_cache call
Alan T. DeKok [Sun, 1 Jun 2014 15:02:49 +0000 (11:02 -0400)]
Don't use Perl
Alan T. DeKok [Sun, 1 Jun 2014 14:07:52 +0000 (10:07 -0400)]
Ignore attributes.h
Alan T. DeKok [Sun, 1 Jun 2014 14:05:43 +0000 (10:05 -0400)]
Function naming consistency
s/radius_vpt_/radius_tmpl_/g
Alan T. DeKok [Sun, 1 Jun 2014 13:29:05 +0000 (09:29 -0400)]
Auto-generate headers from dictionarty.freeradius.internal
To avoid future mistakes
Alan T. DeKok [Sun, 1 Jun 2014 13:02:04 +0000 (09:02 -0400)]
Use the correct numbers in the dictionary files.
The attributes in the file are ordered for a reason, so that
typos like this can't happen. Having random arrangements of
numbers makes it impossible to track what's going where
Arran Cudbard-Bell [Sun, 1 Jun 2014 11:31:04 +0000 (12:31 +0100)]
Add Cache-Read-Only
Arran Cudbard-Bell [Sun, 1 Jun 2014 11:30:38 +0000 (12:30 +0100)]
Renumber FreeRADIUS-Client-Src-IP-Address and FreeRADIUS-Client-Src-IPv6-Address
Arran Cudbard-Bell [Sun, 1 Jun 2014 09:12:05 +0000 (10:12 +0100)]
Convert rlm_cache to use map2request
Arran Cudbard-Bell [Sun, 1 Jun 2014 11:04:02 +0000 (12:04 +0100)]
Fix double & for list references too
Arran Cudbard-Bell [Sun, 1 Jun 2014 08:52:40 +0000 (09:52 +0100)]
Remove unused argument in radius_map2request
Arran Cudbard-Bell [Sat, 31 May 2014 16:14:23 +0000 (17:14 +0100)]
Skip zero length values in mapping section of rlm_ldap
Arran Cudbard-Bell [Sat, 31 May 2014 14:21:38 +0000 (15:21 +0100)]
Better way of doing wildcards
Arran Cudbard-Bell [Sat, 31 May 2014 14:08:15 +0000 (15:08 +0100)]
Missed label
Arran Cudbard-Bell [Sat, 31 May 2014 12:56:09 +0000 (13:56 +0100)]
Better way of doing IPv4/IPv6 format checking
Arran Cudbard-Bell [Sat, 31 May 2014 11:42:03 +0000 (12:42 +0100)]
Remove deprecated methods of specifying clients from clients.conf
Arran Cudbard-Bell [Sat, 31 May 2014 12:17:08 +0000 (13:17 +0100)]
Re-enable wildcard clients. The clients.conf had a reference to it working previously, so it must have at some point.
Arran Cudbard-Bell [Sat, 31 May 2014 11:44:40 +0000 (12:44 +0100)]
Missed check for ipv4addr in clients.c
Arran Cudbard-Bell [Fri, 30 May 2014 22:58:44 +0000 (23:58 +0100)]
Set prefixes in fr_sockaddr2ipaddr
Alan T. DeKok [Sat, 31 May 2014 13:36:06 +0000 (09:36 -0400)]
Note recent changes
Alan T. DeKok [Sat, 31 May 2014 13:34:31 +0000 (09:34 -0400)]
Whitespace
Alan T. DeKok [Sat, 31 May 2014 13:27:01 +0000 (09:27 -0400)]
typos
Alan T. DeKok [Sat, 31 May 2014 13:26:35 +0000 (09:26 -0400)]
Use -fPIC for Solaris
until we have better C compiler detection.
Arran Cudbard-Bell [Fri, 30 May 2014 22:05:00 +0000 (23:05 +0100)]
Don't try to resolve IPv6 addresses in fr_pton
Arran Cudbard-Bell [Fri, 30 May 2014 21:28:18 +0000 (22:28 +0100)]
Update warning for clients
Arran Cudbard-Bell [Fri, 30 May 2014 21:28:07 +0000 (22:28 +0100)]
Add similar ipaddr, ipv4addr, ipv6addr config items for realms
Arran Cudbard-Bell [Fri, 30 May 2014 21:18:25 +0000 (22:18 +0100)]
Add similar ipaddr, ipv4addr, ipv6addr config items for listen sections
Arran Cudbard-Bell [Fri, 30 May 2014 21:06:14 +0000 (22:06 +0100)]
Rename PW_TYPE_IP* so they're all consistent
Arran Cudbard-Bell [Fri, 30 May 2014 20:27:56 +0000 (21:27 +0100)]
Add PW_TYPE_COMBO_IP_PREFIX (conffile parser only)
Change 'ipaddr' to PW_TYPE_COMBO_IP_PREFIX so we can be really lazy about IP formats
Arran Cudbard-Bell [Fri, 30 May 2014 19:57:52 +0000 (20:57 +0100)]
Rename fr_pton functions to fr_pton4, fr_pton6 and fr_pton. fr_pton will resolve the IP address to either 4 or 6 based on format and/or available DNS records.
Arran Cudbard-Bell [Fri, 30 May 2014 17:27:13 +0000 (18:27 +0100)]
Update ChangeLog
Arran Cudbard-Bell [Fri, 30 May 2014 17:17:20 +0000 (18:17 +0100)]
Fix issue where use of FreeRADIUS-Client-IPv6-Prefix and FreeRADIUS-Client-IPv4-Prefix when creating dynamic client entries, would trigger an error.
Arran Cudbard-Bell [Fri, 30 May 2014 17:10:31 +0000 (18:10 +0100)]
Minor typos in error messages
Arran Cudbard-Bell [Fri, 30 May 2014 16:46:18 +0000 (17:46 +0100)]
Switch to using fr_ipaddr_t for client prefixes, and allow ipaddr and ipaddr6 config items to be prefixes. Addresses #581.
Arran Cudbard-Bell [Fri, 30 May 2014 16:44:45 +0000 (17:44 +0100)]
Add fr_ipaddr_mask to fixup fr_ipaddr_t's by zeroing out the host portion of the address
Arran Cudbard-Bell [Fri, 30 May 2014 16:16:31 +0000 (17:16 +0100)]
Add nonnull hint
Arran Cudbard-Bell [Fri, 30 May 2014 16:16:10 +0000 (17:16 +0100)]
Add fr_ptonx, fr_ntop and is_wildcard IP address functions
Arran Cudbard-Bell [Fri, 30 May 2014 16:14:05 +0000 (17:14 +0100)]
Simplify masking
Arran Cudbard-Bell [Fri, 30 May 2014 13:14:05 +0000 (14:14 +0100)]
Whitespace changes
Alan DeKok [Fri, 30 May 2014 15:05:20 +0000 (11:05 -0400)]
Merge pull request #672 from spbnick/init_delay_rename_v3.0.x
Rename min_response_window to init_delay - v3.0.x
Nikolai Kondrashov [Fri, 30 May 2014 11:29:20 +0000 (14:29 +0300)]
Rename min_response_window to init_delay
Rename main_config's "min_response_window" field to "init_delay", as it
better reflects the usage and because its value won't be related to any
response window in case they're all higher than 1/3 s, which is true
most of the time.
Nikolai Kondrashov [Fri, 30 May 2014 09:04:18 +0000 (12:04 +0300)]
Add FR_TIMEVAL_BOUND_CHECK
Add FR_TIMEVAL_BOUND_CHECK implementing bounding for struct
timeval values, similarly to FR_INTEGER_BOUND_CHECK. Use it in
home_server_add and client_parse to increase readability.
Arran Cudbard-Bell [Fri, 30 May 2014 11:21:31 +0000 (12:21 +0100)]
Fix all remaining config items to use FR_CONF_OFFSET
Add support to the conffile parser for parsing IPv4 addresses in octal and hex format
Add support to conffile parser for parsing prefix type config items
Standardise on using fr_ipaddr_t structures to represent IP addresses in the conffile
code, and other places.
Arran Cudbard-Bell [Thu, 29 May 2014 23:04:54 +0000 (00:04 +0100)]
Break out IP parsing into fr_pton and fr_pton6. Any function which needs to parse IP addresses or IP prefixes in the server should be accommodated by these functions.
Alan T. DeKok [Thu, 29 May 2014 17:58:05 +0000 (13:58 -0400)]
More FR_CONF_OFFSET fixups
perl -0777 -p -i -e 's/PW_TYPE_([^,]+),\s+offsetof\(([^,]+),\s*([^,]+)\),\s*0,/FR_CONF_OFFSET(PW_TYPE_$1, $2, $3),/mg' src/main/connection.c
Alan T. DeKok [Thu, 29 May 2014 17:47:49 +0000 (13:47 -0400)]
More conversion to FR_CONF_OFFSET
and fix up the various dependent data types
Alan T. DeKok [Thu, 29 May 2014 17:47:37 +0000 (13:47 -0400)]
More conversion to FR_CONF_OFFSET
Arran Cudbard-Bell [Thu, 29 May 2014 17:31:47 +0000 (18:31 +0100)]
Fix scan error
Arran Cudbard-Bell [Thu, 29 May 2014 17:19:32 +0000 (18:19 +0100)]
Reformatting and another enum
Arran Cudbard-Bell [Thu, 29 May 2014 17:09:41 +0000 (18:09 +0100)]
Fix Coverity #1216798 #1216797 #1216796 #1216795 #1216794
Alan T. DeKok [Thu, 29 May 2014 16:35:32 +0000 (12:35 -0400)]
trailing spaces aren't necessary
Alan T. DeKok [Thu, 29 May 2014 16:31:17 +0000 (12:31 -0400)]
Move prefix_ptr to a higher scope
Alan T. DeKok [Thu, 29 May 2014 15:17:21 +0000 (11:17 -0400)]
Added per-client response_window. Closes #645
Alan T. DeKok [Thu, 29 May 2014 15:13:25 +0000 (11:13 -0400)]
Set prefix to /32 if it wasn't set
Alan T. DeKok [Thu, 29 May 2014 14:48:38 +0000 (10:48 -0400)]
Track response_window to request->delay. Addresses #645
We track the min_response_window for all home servers, and
then use that value when setting request->delay. This lets us
deal more quickly with home servers which need sub-second timers
Alan T. DeKok [Thu, 29 May 2014 14:46:07 +0000 (10:46 -0400)]
Remove one last check for zero
Alan T. DeKok [Thu, 29 May 2014 14:28:28 +0000 (10:28 -0400)]
Don't return OK for EAP-MSCHAPv2 success/fail
it breaks other things in the server, when we have
eap {
ok = return
}
There is minimal additional cost to doing this
Alan T. DeKok [Thu, 29 May 2014 14:22:09 +0000 (10:22 -0400)]
Move last few conf items to FR_CONF_OFFSET
and fix resulting compiler warnings
Arran Cudbard-Bell [Thu, 29 May 2014 13:26:28 +0000 (14:26 +0100)]
Use pairmake_packet for Module-Failure-Message
Arran Cudbard-Bell [Thu, 29 May 2014 13:08:22 +0000 (14:08 +0100)]
Add macro for FR_FAULT_LOG
Arran Cudbard-Bell [Thu, 29 May 2014 12:29:32 +0000 (13:29 +0100)]
Print maps for !* ANY
Arran Cudbard-Bell [Thu, 29 May 2014 11:30:04 +0000 (12:30 +0100)]
Remove code in radius_map2vp for !* ANY (it's not needed)
Arran Cudbard-Bell [Thu, 29 May 2014 11:55:34 +0000 (12:55 +0100)]
Fix double & with attribute references in debug_map
It's completely pointless, so much so there's not
Arran Cudbard-Bell [Thu, 29 May 2014 11:29:30 +0000 (12:29 +0100)]
Comment
Arran Cudbard-Bell [Thu, 29 May 2014 11:29:23 +0000 (12:29 +0100)]
Formatting
Alan T. DeKok [Wed, 28 May 2014 23:30:30 +0000 (19:30 -0400)]
It's OK to send packets in outgoing proxy socket INIT state
Alan T. DeKok [Wed, 28 May 2014 23:25:36 +0000 (19:25 -0400)]
Don't print out useless proxy ID
Alan T. DeKok [Wed, 28 May 2014 23:16:54 +0000 (19:16 -0400)]
close_notify isn't an error. It's a polite notification
Alan T. DeKok [Wed, 28 May 2014 22:38:58 +0000 (18:38 -0400)]
only use TLS if TLS is enabled
Alan T. DeKok [Wed, 28 May 2014 21:26:57 +0000 (17:26 -0400)]
Add the proxy listener to the packet list immediately
so that we can allocate IDs immediately
Alan T. DeKok [Wed, 28 May 2014 21:26:20 +0000 (17:26 -0400)]
certs will be NULL for outgoing proxy sockets.
Alan T. DeKok [Wed, 28 May 2014 21:18:10 +0000 (17:18 -0400)]
Fix use of fr_nonblock && listen() for sockets
Outgoing TCP sockets are non-blocking. Incoming sockets
are non-blocking. Outgoing TLS sockets are blocking.
Don't call listen() on outgoing sockets
Alan T. DeKok [Wed, 28 May 2014 21:17:43 +0000 (17:17 -0400)]
Don't set nonblock on outgoing client connections.
The caller will need to set it if necessary
Arran Cudbard-Bell [Wed, 28 May 2014 19:13:37 +0000 (20:13 +0100)]
Status should always be initialised in rlm_ldap_bind
We'll never actually hit this (it would require fr_connection_get_num to return a negative value).
Arran Cudbard-Bell [Wed, 28 May 2014 16:34:01 +0000 (17:34 +0100)]
Need extra break
Arran Cudbard-Bell [Wed, 28 May 2014 16:12:03 +0000 (17:12 +0100)]
Don't need memset if it's static
Arran Cudbard-Bell [Wed, 28 May 2014 16:03:05 +0000 (17:03 +0100)]
pairparsevalue should return 0 or -1 like pretty much every other function int the server
Arran Cudbard-Bell [Wed, 28 May 2014 15:53:41 +0000 (16:53 +0100)]
Update ChangeLog
Arran Cudbard-Bell [Wed, 28 May 2014 15:28:03 +0000 (16:28 +0100)]
Add some more asserts for catching invalid VPs when build without WITH_VERIFY_PTR
Arran Cudbard-Bell [Wed, 28 May 2014 15:05:44 +0000 (16:05 +0100)]
Add \0 safe parsing of LDAP binary attributes
Arran Cudbard-Bell [Wed, 28 May 2014 14:40:24 +0000 (15:40 +0100)]
Make pairparsevalue binary safe
Herwin Weststrate [Wed, 28 May 2014 13:53:29 +0000 (15:53 +0200)]
Added debian/freeradius-rest to gitignore
Otherwise, building a Debian package leaves a change in the repository.
Tested with Debian Wheezy 32bit on tag release_3_0_4_rc0 and current
master (commit
73c90fc26a6a56becdf9153abce8d05175fdb06a).
Arran Cudbard-Bell [Wed, 28 May 2014 08:26:42 +0000 (09:26 +0100)]
More LDAP tweaks
Arran Cudbard-Bell [Wed, 28 May 2014 07:24:40 +0000 (08:24 +0100)]
Don't retry ldap binds on failure (if were opening a new connection)
Arran Cudbard-Bell [Tue, 27 May 2014 22:47:56 +0000 (23:47 +0100)]
Extra message
Arran Cudbard-Bell [Tue, 27 May 2014 22:40:01 +0000 (23:40 +0100)]
Make it clearer what's happening on exit Fixes #665
Alan T. DeKok [Tue, 27 May 2014 17:30:29 +0000 (13:30 -0400)]
Tweak error message
Arran Cudbard-Bell [Tue, 27 May 2014 15:04:34 +0000 (16:04 +0100)]
Add option not to add applicaiton_name
Alan T. DeKok [Tue, 27 May 2014 14:45:26 +0000 (10:45 -0400)]
Re-arrange calls to setup_post_proxy_fail
So they all follow the same pattern
Alan T. DeKok [Tue, 27 May 2014 13:12:54 +0000 (09:12 -0400)]
We can suppress delayed proxy responses, too
Arran Cudbard-Bell [Tue, 27 May 2014 11:39:33 +0000 (12:39 +0100)]
Update ChangeLog
Arran Cudbard-Bell [Tue, 27 May 2014 11:19:33 +0000 (12:19 +0100)]
Need to create new attributes as integer64 type in rlm_sqlcounter
Arran Cudbard-Bell [Tue, 27 May 2014 09:25:38 +0000 (10:25 +0100)]
New DHCP options encoder
Use the correct fields for accessing non uint32_t types
Arran Cudbard-Bell [Tue, 27 May 2014 09:24:52 +0000 (10:24 +0100)]
Backport radius_vpt_get_vp changes from master
Alan T. DeKok [Tue, 27 May 2014 00:41:09 +0000 (20:41 -0400)]
Use OpenSSL MD4 and MD5 by default.
Don't do this for SHA, because src/modules/rlm_eap/libeap/fips186prf.c
needs access to the SHA internals
Arran Cudbard-Bell [Tue, 27 May 2014 00:05:32 +0000 (01:05 +0100)]
Merge pull request #662 from fajarnugraha/v3.0.x-suse-
20140526
V3.0.x suse specfile build fix
Fajar A. Nugraha [Mon, 26 May 2014 23:51:20 +0000 (06:51 +0700)]
suse: specfile build fixes
Alan T. DeKok [Mon, 26 May 2014 22:16:34 +0000 (18:16 -0400)]
fix compile error
Alan T. DeKok [Mon, 26 May 2014 22:14:51 +0000 (18:14 -0400)]
We always have a "request" now