Alan T. DeKok [Thu, 19 Feb 2015 16:54:21 +0000 (11:54 -0500)]
Fix date
Alan T. DeKok [Thu, 19 Feb 2015 16:52:19 +0000 (11:52 -0500)]
Update for release
Alan T. DeKok [Thu, 19 Feb 2015 16:47:52 +0000 (11:47 -0500)]
Manually order sqlite tests
So we can do "make -j 4 tests.modules"
Alan T. DeKok [Thu, 19 Feb 2015 16:18:10 +0000 (11:18 -0500)]
Allow control:MS-CHAPv2-Challenge in rlm_eap_mschapv2
So that we can control the challenge sent to the user
Alan T. DeKok [Thu, 19 Feb 2015 14:49:12 +0000 (09:49 -0500)]
Tests for comments
Arran Cudbard-Bell [Thu, 19 Feb 2015 02:51:52 +0000 (21:51 -0500)]
Fix formatting in rlm_eap_mschapv2
Arran Cudbard-Bell [Thu, 19 Feb 2015 00:02:04 +0000 (19:02 -0500)]
Typo
Alan T. DeKok [Wed, 18 Feb 2015 21:06:46 +0000 (16:06 -0500)]
Remove unused variable
Alan T. DeKok [Wed, 18 Feb 2015 20:53:09 +0000 (15:53 -0500)]
Remove debug code
Alan T. DeKok [Wed, 18 Feb 2015 20:27:43 +0000 (15:27 -0500)]
Note recent changes
Alan T. DeKok [Wed, 18 Feb 2015 20:26:41 +0000 (15:26 -0500)]
Clean up "users" file parsing.
The code is now more understandable. Comments are allowed
in more places. Better error messages are produced
Alan T. DeKok [Wed, 18 Feb 2015 13:26:08 +0000 (08:26 -0500)]
Use correct macro
Alan T. DeKok [Tue, 17 Feb 2015 16:01:22 +0000 (11:01 -0500)]
Note recent changes
Arran Cudbard-Bell [Mon, 26 Jan 2015 13:01:44 +0000 (20:01 +0700)]
Add alternative to peercred auth for Unix control sockets
Arran Cudbard-Bell [Sun, 25 Jan 2015 09:44:55 +0000 (16:44 +0700)]
Move ERROR calls to fr_strerror_printf
Add peercred option (though not used yet)
Arran Cudbard-Bell [Tue, 17 Feb 2015 17:56:10 +0000 (12:56 -0500)]
Update yubikey docs, and print attribute debug messages in a standard form.
Arran Cudbard-Bell [Tue, 17 Feb 2015 14:38:49 +0000 (09:38 -0500)]
Add stub functions for rad_suid_set_down_uid
Arran Cudbard-Bell [Mon, 16 Feb 2015 22:42:30 +0000 (17:42 -0500)]
Update ChangeLog
Arran Cudbard-Bell [Mon, 16 Feb 2015 22:31:00 +0000 (17:31 -0500)]
Add support for non-interactive SASL mechs in rlm_ldap
Maybe some day we'll implement interactive ones too.
Arran Cudbard-Bell [Mon, 16 Feb 2015 21:54:14 +0000 (16:54 -0500)]
Formatting
Alan T. DeKok [Mon, 16 Feb 2015 15:21:28 +0000 (10:21 -0500)]
Fix for master
Alan T. DeKok [Sun, 15 Feb 2015 19:04:49 +0000 (14:04 -0500)]
If State is too long, warn instead of assert
Alan T. DeKok [Sun, 15 Feb 2015 17:37:08 +0000 (12:37 -0500)]
Fix typo
Alan T. DeKok [Sun, 15 Feb 2015 17:11:21 +0000 (12:11 -0500)]
Use 16h, which looks better than hhhhhhhhhhhhhh
Alan T. DeKok [Sun, 15 Feb 2015 17:10:54 +0000 (12:10 -0500)]
Allow numbers in random expansions
Alan T. DeKok [Sun, 15 Feb 2015 16:46:58 +0000 (11:46 -0500)]
Document State creation
Alan T. DeKok [Sat, 14 Feb 2015 02:13:37 +0000 (21:13 -0500)]
A little more clarification
Arran Cudbard-Bell [Fri, 13 Feb 2015 20:08:56 +0000 (15:08 -0500)]
Always need to \0 terminate json output buffer
Alan T. DeKok [Fri, 13 Feb 2015 16:03:45 +0000 (11:03 -0500)]
Remove last cppcheck complaint
The old code was a mess of ifdefs. The new code is a bit
better, but still pretty damned bizarre
Alan T. DeKok [Fri, 13 Feb 2015 15:49:11 +0000 (10:49 -0500)]
Simplify code in udpfromto_init
Alan T. DeKok [Fri, 13 Feb 2015 15:41:56 +0000 (10:41 -0500)]
Suppress invalidscanf in cppcheck
Because its output is wrong
Alan T. DeKok [Fri, 13 Feb 2015 14:34:44 +0000 (09:34 -0500)]
Remove support for ephemeral RSA keys.
They're needed only for export ciphers, which are no longer used
Alan T. DeKok [Fri, 13 Feb 2015 14:10:45 +0000 (09:10 -0500)]
use correct assert macro
Alan T. DeKok [Fri, 13 Feb 2015 12:42:04 +0000 (07:42 -0500)]
Quiet clang scanner
Alan T. DeKok [Fri, 13 Feb 2015 12:39:31 +0000 (07:39 -0500)]
plist files might be directories
Alan T. DeKok [Thu, 12 Feb 2015 16:34:46 +0000 (11:34 -0500)]
Don't call cursor functions inside of the cursor code
We know what to do, so we just do it.
Arran Cudbard-Bell [Thu, 12 Feb 2015 21:53:18 +0000 (16:53 -0500)]
NDEBUG makes assertions go away, so wrapping critical function calls in asserts is a bad idea...
Alan T. DeKok [Thu, 12 Feb 2015 15:15:35 +0000 (10:15 -0500)]
Add accounting attributes only for accounting packets
Arran Cudbard-Bell [Thu, 12 Feb 2015 13:51:50 +0000 (08:51 -0500)]
Don't attempt to add clients which specify subnets as home_servers
Arran Cudbard-Bell [Thu, 12 Feb 2015 01:21:46 +0000 (20:21 -0500)]
Spawn should be bool
Arran Cudbard-Bell [Thu, 12 Feb 2015 01:20:52 +0000 (20:20 -0500)]
Only prevent parallel spawn if we've previously failed opening a connection
Otherwise, for LDAP at least, we reject all the requests that get processed until the first connection has opened
Arran Cudbard-Bell [Thu, 12 Feb 2015 01:19:20 +0000 (20:19 -0500)]
Don't need two talloc_free calls in rlm_cache_memcached
Arran Cudbard-Bell [Wed, 11 Feb 2015 20:59:03 +0000 (15:59 -0500)]
Ignore dynamically generated rfc*.h files
Arran Cudbard-Bell [Wed, 11 Feb 2015 20:57:51 +0000 (15:57 -0500)]
Rework LDAP cacheable groups code
Adding groups to the control list is now only done after resolution has been completed, so we don't end up with a partial group list on error
talloc_pool is no longer used, as there appears to be buggy a buggy codepath in some version of talloc, which prevents nested pools.
Arran Cudbard-Bell [Wed, 11 Feb 2015 20:54:12 +0000 (15:54 -0500)]
fr_cursor_merge should do nothing if add is NULL
Arran Cudbard-Bell [Wed, 11 Feb 2015 00:15:18 +0000 (19:15 -0500)]
Don't need to use pools in rlm_ldap now the REQUEST is a pool
Alan T. DeKok [Tue, 10 Feb 2015 22:55:21 +0000 (17:55 -0500)]
Make pairfind() call the cursor functions.
To avoid fr_cursor_next()
Alan T. DeKok [Tue, 10 Feb 2015 21:58:00 +0000 (16:58 -0500)]
Allow Error-Cause in Accounting-Response
Alan T. DeKok [Tue, 10 Feb 2015 21:56:11 +0000 (16:56 -0500)]
Allow Error-Cause in Access-Reject
Alan T. DeKok [Tue, 10 Feb 2015 21:52:02 +0000 (16:52 -0500)]
Note recent changes
Alan T. DeKok [Tue, 10 Feb 2015 21:42:47 +0000 (16:42 -0500)]
Limits on talloc pool size
Alan T. DeKok [Tue, 10 Feb 2015 21:40:04 +0000 (16:40 -0500)]
Don't call pairfree() in request_finish()
Now that we use talloc pools, those calls are unnecessary
Alan T. DeKok [Tue, 10 Feb 2015 21:36:20 +0000 (16:36 -0500)]
Run radlog_request(...debug) ONLY if debug_flag is set
Alan T. DeKok [Tue, 10 Feb 2015 21:11:20 +0000 (16:11 -0500)]
Move talloc pool config to "resources" section
And make it 32K. Which is about
sizeof(REQUEST) + sizeof(RADIUS_PACKET) * 2 + sizeof(VALUE_PAIR) * 400
Alan T. DeKok [Tue, 10 Feb 2015 20:56:19 +0000 (15:56 -0500)]
Set talloc pool size
Alan T. DeKok [Tue, 10 Feb 2015 20:53:39 +0000 (15:53 -0500)]
Use talloc pools for RADIUS packets
Alan T. DeKok [Tue, 10 Feb 2015 20:44:54 +0000 (15:44 -0500)]
Wrapper for request_free()
If it has a parent, free the parent. Otherwise, free the request.
Alan T. DeKok [Tue, 10 Feb 2015 20:40:17 +0000 (15:40 -0500)]
Make rad_recv() take a TALLOC_CTX
Alan T. DeKok [Tue, 10 Feb 2015 20:36:02 +0000 (15:36 -0500)]
Make request_receive() take a TALLOC_CTX
In prepartion for per-listener pools
Alan T. DeKok [Tue, 10 Feb 2015 18:29:55 +0000 (13:29 -0500)]
Updated the copyright date
perl -p -i -e 's/Copyright \(C\) 20../Copyright (C) 2015/' share/dictionary*
Alan T. DeKok [Tue, 10 Feb 2015 18:22:39 +0000 (13:22 -0500)]
New dictionary
Alan T. DeKok [Tue, 10 Feb 2015 14:21:58 +0000 (09:21 -0500)]
note recent changes
Alan T. DeKok [Tue, 10 Feb 2015 13:41:09 +0000 (08:41 -0500)]
Auto-generate PW_FOO_BAR from "Attribute Foo-Bar". Fixes #905.
The VALUEs aren't autogenerated yet. But this should be
a good start
Alan T. DeKok [Tue, 10 Feb 2015 13:32:42 +0000 (08:32 -0500)]
PW_USER_PASSWORD, not PW_PASSWORD
gureedo [Tue, 10 Feb 2015 10:51:48 +0000 (15:51 +0500)]
more attributes
Herwin Weststrate [Tue, 10 Feb 2015 07:48:08 +0000 (08:48 +0100)]
Fixed a number of double semicolons in source
Herwin Weststrate [Fri, 6 Feb 2015 06:17:43 +0000 (07:17 +0100)]
Fix typo in comments in radmin.c
s/gind/find/
Alan T. DeKok [Mon, 9 Feb 2015 22:09:44 +0000 (17:09 -0500)]
Note recent changes
Alan T. DeKok [Mon, 9 Feb 2015 22:09:25 +0000 (17:09 -0500)]
Minor typo in help message
Alan T. DeKok [Mon, 9 Feb 2015 20:50:54 +0000 (15:50 -0500)]
Print out error for non-server "authorize" etc. sections
Alan T. DeKok [Mon, 9 Feb 2015 20:47:33 +0000 (15:47 -0500)]
Do pass2 compilation on "authorize" outside of a server block
Alan T. DeKok [Mon, 9 Feb 2015 20:46:52 +0000 (15:46 -0500)]
If this module is done pass2, go to the next one
Arran Cudbard-Bell [Mon, 9 Feb 2015 20:39:07 +0000 (15:39 -0500)]
Remove whitespace from simultaneous use messages
Arran Cudbard-Bell [Mon, 9 Feb 2015 20:38:48 +0000 (15:38 -0500)]
Formatting
Arran Cudbard-Bell [Sun, 8 Feb 2015 21:24:10 +0000 (16:24 -0500)]
No quotes around attribute names
Arran Cudbard-Bell [Sun, 8 Feb 2015 16:14:21 +0000 (11:14 -0500)]
In LDAP attrmap print the value that failed parsing and the error
Arran Cudbard-Bell [Sun, 8 Feb 2015 16:13:40 +0000 (11:13 -0500)]
Formatting
Alan T. DeKok [Fri, 6 Feb 2015 14:43:56 +0000 (09:43 -0500)]
Move assertion
Alan T. DeKok [Fri, 6 Feb 2015 14:14:52 +0000 (09:14 -0500)]
Assert to catch catastriphic errors
Alan T. DeKok [Thu, 5 Feb 2015 17:43:16 +0000 (12:43 -0500)]
Simpler method of deleting connections from a pool
Alan T. DeKok [Thu, 5 Feb 2015 17:02:11 +0000 (12:02 -0500)]
Run-time check, not assertion
Alan T. DeKok [Thu, 5 Feb 2015 17:01:57 +0000 (12:01 -0500)]
Warnings for non-debug builds
Alan T. DeKok [Thu, 5 Feb 2015 16:58:12 +0000 (11:58 -0500)]
Fix typo
Alan T. DeKok [Thu, 5 Feb 2015 16:33:01 +0000 (11:33 -0500)]
Look for sockets which match our UID / GID
If we're root, grab the first one. If there's no UID / GID,
use that. Otherwise, try to find one that matches
Alan T. DeKok [Wed, 4 Feb 2015 20:26:46 +0000 (15:26 -0500)]
Initialize socket magic
so we get the correct name printed
Alan T. DeKok [Wed, 4 Feb 2015 20:20:59 +0000 (15:20 -0500)]
Allow for "help del client", which now works
Previously, it just printed the top-level help
Alan T. DeKok [Wed, 4 Feb 2015 19:44:27 +0000 (14:44 -0500)]
More docs for home server
Alan T. DeKok [Wed, 4 Feb 2015 19:40:43 +0000 (14:40 -0500)]
Allow you to look up clients by listener, too
Alan T. DeKok [Wed, 4 Feb 2015 19:25:08 +0000 (14:25 -0500)]
Make listener_find_client_list() take proto
Alan T. DeKok [Wed, 4 Feb 2015 17:01:27 +0000 (12:01 -0500)]
Allow finding client lists for CoA sockets, too
Alan T. DeKok [Wed, 4 Feb 2015 16:54:59 +0000 (11:54 -0500)]
Better error message
Alan T. DeKok [Wed, 4 Feb 2015 16:53:44 +0000 (11:53 -0500)]
Define standard types known by the server
Alan T. DeKok [Wed, 4 Feb 2015 16:37:40 +0000 (11:37 -0500)]
Remove leading tabs. They're not needed
Alan T. DeKok [Wed, 4 Feb 2015 16:37:22 +0000 (11:37 -0500)]
Mark ntlm_auth as expanded, too
Arran Cudbard-Bell [Wed, 4 Feb 2015 13:38:23 +0000 (20:38 +0700)]
mysql_warning_count() doesn't appear to be reliable
add option to force retrieving warnings
Arran Cudbard-Bell [Wed, 4 Feb 2015 13:38:00 +0000 (20:38 +0700)]
We can now fail in rlm_sql
Philippe Wooding [Wed, 4 Feb 2015 03:57:16 +0000 (04:57 +0100)]
Don't include rlm_test in package
Philippe Wooding [Wed, 4 Feb 2015 03:32:55 +0000 (04:32 +0100)]
RPM spec file: add missing files + bug bix
Arran Cudbard-Bell [Wed, 4 Feb 2015 12:43:33 +0000 (19:43 +0700)]
Minor tweaks to error messages
Arran Cudbard-Bell [Wed, 4 Feb 2015 12:43:23 +0000 (19:43 +0700)]
Default should be to error out