> Subject: Re: Missing free() in rlm_dbm?
> Reply-To: freeradius-devel@lists.freeradius.org
>
>
> I plan remake the rlm_dbm module to remove database specified routines
> to standalone library. This library will provide independent interface
> to work with associative (key-value) database. I think it is good idea
> to make that library is available for all modules (system-wide) and
> configure once in main script.
>
> It is not need to free memory after call dbm_fetch function (FreeBSD)
> I think it is specified for gdbm implementation.
From freeradius-devel@lists.freeradius.org Mon Mar 22 17:12:19 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Mon, 22 Mar 2004 12:12:19 -0500 (EST)
Subject: http://www.freeradius.org/business/
Message-ID: <200403221712.i2MHCJp20710@newgiles.nitros9.org>
There are companies that do FreeRADIUS consulting work. For people
with CVS access, please do:
cvs -d :pserver:user@cvs.freeradius.org:/source checkout freeradius-www
Edit business/index.html, to add:
Company name, URL
One-sentence summary of services.
cvs commit business/index.html
Please don't edit anything else in the tree.
I'll wait a week or so for people to update it, and then link to it
from the main page.
Alan DeKok.
From freeradius-devel@lists.freeradius.org Tue Mar 23 15:41:44 2004
From: freeradius-devel@lists.freeradius.org (Oswin Ondarza)
Date: Tue, 23 Mar 2004 10:41:44 -0500
Subject: Using FreeRadius for a HotSpot with a PrePaid Billing System
Message-ID: <039b01c410ed$59514b50$7f01a8c0@terainspiron>
This is a multi-part message in MIME format.
------=_NextPart_000_0398_01C410C3.6F86D130
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi everyone,
I am trying to build a Hotspot system using FreeRADIUS, I have a =
Colubris CN3000 NAS and it works great with the FreeRADIUS, but now I =
need a billing system integrated to the FreeRADIUS so users when enter =
the hotspot can pay with credit card using the explorer/mozilla to get =
access or to get login information.
I would like to build a complete open source solution, so the only =
prepaid billing system open source that I have found thar "could" be =
intergrated with the FreeRADIUS is "FreeSide" =
(http://www.sisd.com/freeside/) but I haven't tried it yet, I would =
like to hear a little about this before doing it.
So, any Opinion ? Suggestions ? is anybody tryng the same solution =
???
I hope someone can help me,
Thanks in advance !!!
Oswin.
------=_NextPart_000_0398_01C410C3.6F86D130
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi everyone,
I am trying to build a =
Hotspot=20
system using FreeRADIUS, I have a Colubris CN3000 NAS =
and it=20
works great with the FreeRADIUS, but now I need a billing system =
integrated to=20
the FreeRADIUS so users when enter the hotspot can pay =
with=20
credit card using the explorer/mozilla to get =
access or to=20
get login information.
I would like to build a complete open =
source=20
solution, so the only prepaid billing system open source that I have =
found thar=20
"could" be intergrated with the FreeRADIUS is =
"FreeSide" =20
(http://www.sisd.com/freeside/)=
=20
but I haven't tried it yet, I would like to hear a little about this =
before=20
doing it.
So, any Opinion ? Suggestions =
? is=20
anybody tryng the same solution ???
I hope someone can help =
me,
Thanks in advance !!!
Oswin.
------=_NextPart_000_0398_01C410C3.6F86D130--
From freeradius-devel@lists.freeradius.org Tue Mar 23 22:37:00 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Tue, 23 Mar 2004 17:37:00 -0500 (EST)
Subject: Regular expression matching & substitution
Message-ID: <200403232237.i2NMb0927989@newgiles.nitros9.org>
In the "users" file:
DEFAULT User-Name =~ ^(.*)@(.*)$", Stripped-User-Name := `%{1}`, Realm := `%{2}`
I think this will now work...
After a little more testing, it can be documented for a wider
audience.
Alan DeKok.
From freeradius-devel@lists.freeradius.org Wed Mar 24 04:45:29 2004
From: freeradius-devel@lists.freeradius.org (Ruslan A Dautkhanov)
Date: Wed, 24 Mar 2004 11:45:29 +0700
Subject: ippool & SQL
In-Reply-To: <20040323201820.589.qmail@mail.ruralnetwork.net>
References: <20040323201820.589.qmail@mail.ruralnetwork.net>
Message-ID: <40611269.5020407@scn.ru>
This is a cryptographically signed message in MIME format.
--------------ms090107090800040808040209
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
scott@ruralnetwork.net wrote:
>> Hello !
>> Some ppls post to this list this stuf. That version is works pretty
>> fine,
>> very stable, BUT(!) it's ugly since use differrent pools of SQL DB
>> connections
>> for each(!) IP-pool! So, for example, if you have 4 IP-pools and
>> standart
>> SQL db-pool with 10 connections, than you have 10 * (1+4) = 50 db
>> connections.
>> I have rewritted it - my module use standart pool of DB connections -
>> you
>> need only 10 connections now. If you have interest in this, I can
>> post URL
>> where my version of module sql_ippool lives. We use it in
>> productional environment
>> for an one year with hard load without any problems.
>> --
>> best regards,
>> Ruslan A Dautkhanov rusland@scn.ru
>
>
> Hi Ruslan,
> I saw your posting above to the freeside-devel mailing list - via the
> list archive. I haven't yet subscribed to the list, but I'd be
> grateful if you could post a link to your file to the list as I'd be
> interesting in downloading it and giving it a try.
> Regards,
> Scott Langley
> scott@ruralnetwork.net
> Systems Administrator
> Rural Network Services
Hello !
This version located here:
ftp://rd.ranetka.ru/pub/sql-ip-pool/rlm_sqlippool.tar.gz .
It's very stable, robust version, works well for all our needs (ip
allocation for
dialup, campus clients, currently allocating ips for 5 ippools
simul-ly). It's works with
CVS version after 0.9.0, but no reasons why it can't work with current CVS..
Just unpack it to the src/modules directory,
run echo rlm_sqlippool >> src/modules/stable
and rebuild your radiusd. After this you should
edit your sqlippools.conf, sqlippool.sqls, radiusd.conf. The last one
should have lines like this:
1. $INCLUDE ${confdir}/sqlippools.conf
2. accounting {
...
sqlippool_maincampus #name of your
sqlippool_8180 #sqlippool instances
defined in sqlippools.conf ...
...
3. post-auth {
...
sqlippool_maincampus #name of your
sqlippool_8180 #sqlippool instances
defined in sqlippools.conf ...
...
Full my version of sqlippool.sqls and example version of
sqlippools.conf I posted
to ftp://rd.ranetka.ru/pub/sql-ip-pool/ . HTH.
Of course, you have to create radippool table in your database. Here
is my version for
PostgreSQL one:
isbs=# \d radippool
Table "public.radippool"
Column | Type
| Modifiers
--------------------+--------------------------------+-----------------------------------------------------------
id | integer | not null default
nextval('public.radippool_id_seq'::text)
pool_name | text | not null
ip_address | inet |
nas_ip_address | text | not null
nas_port | integer | not null
calling_station_id | text | not null
expiry_time | timestamp(0) without time zone | not null
Indexes:
"radippool_pkey" primary key, btree (id)
"radippool_ip_address_key" unique, btree (ip_address)
"radippool_nasipaddr_calling" btree (nas_ip_address, calling_station_id)
"radippool_nasipaddr_port" btree (nas_ip_address, nas_port)
"radippool_poolname_expire" btree (pool_name, expiry_time)
"radippool_poolname_ipaadr" btree (pool_name, ip_address)
Btw, I have in plans to release next version of this module, which
keeps in radippool username
and realm also and which will _tries_ to allocate a same IP to user,
when it'll login next time, just
like Cisco ippools do. "Tries" because IP, that was allocated to this
user can currently be occuppied
by another user, obviously.
--
best regards,
Ruslan A Dautkhanov rusland@scn.ru
--------------ms090107090800040808040209
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIII3TCC
AskwggIyoAMCAQICAwsqlzANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE
ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv
bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDMxMTE4MDQxNjMzWhcNMDQxMTE3MDQxNjMz
WjBAMR8wHQYDVQQDExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMR0wGwYJKoZIhvcNAQkBFg5y
dXNsYW5kQHNjbi5ydTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAfBajdRPJx
JFT8qNAYO209TK56UQ8vaBplFOLkdMOxcCbTsV9TROHjzV2/+qKdNohjJruzJazvP1Y0N8yj
E8qtlI72uAGJfImWF0zUL+2Q9m0KOjImoLbns9SDvsIgnQgPgv5dd5xuPJdWhJOrv4cThBkB
tJtGI3w8mQz6o8MH+SC7w+U6QsAwXd0dqtOdXDiyW6Uj1jvXkUYgOJj/kefDmwze6baOpgji
TWk2XW1gkVWzO2XNp5pzeg79xLm60jeXlyFXDMvdmTCmYhLB2UfH5L5dOVUV7DWjEurH0vVB
L2DVYibnTeQYBh7T/nsMQWjF2TUZRwrOXWvEY7Zz14MCAwEAAaMrMCkwGQYDVR0RBBIwEIEO
cnVzbGFuZEBzY24ucnUwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQCgU3RLfxTR
/SO3oLGk7mKb8cCT2uqYLusdywSiDh4xmc5tBe+u5p9gBatKz8dB9dU+6Ey/aaxfhRa5QWj+
K0DT/BvTNENp5QNH0/ff0vGwg4OYuW0FX0T5d9W8fJr3hORydS7lsxBQD5sFe0Olp8slfRnR
y+wKCXs2SHCgyQOwujCCAskwggIyoAMCAQICAwsqlzANBgkqhkiG9w0BAQQFADBiMQswCQYD
VQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UE
AxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDMxMTE4MDQxNjMz
WhcNMDQxMTE3MDQxNjMzWjBAMR8wHQYDVQQDExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMR0w
GwYJKoZIhvcNAQkBFg5ydXNsYW5kQHNjbi5ydTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAMAfBajdRPJxJFT8qNAYO209TK56UQ8vaBplFOLkdMOxcCbTsV9TROHjzV2/+qKd
NohjJruzJazvP1Y0N8yjE8qtlI72uAGJfImWF0zUL+2Q9m0KOjImoLbns9SDvsIgnQgPgv5d
d5xuPJdWhJOrv4cThBkBtJtGI3w8mQz6o8MH+SC7w+U6QsAwXd0dqtOdXDiyW6Uj1jvXkUYg
OJj/kefDmwze6baOpgjiTWk2XW1gkVWzO2XNp5pzeg79xLm60jeXlyFXDMvdmTCmYhLB2UfH
5L5dOVUV7DWjEurH0vVBL2DVYibnTeQYBh7T/nsMQWjF2TUZRwrOXWvEY7Zz14MCAwEAAaMr
MCkwGQYDVR0RBBIwEIEOcnVzbGFuZEBzY24ucnUwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0B
AQQFAAOBgQCgU3RLfxTR/SO3oLGk7mKb8cCT2uqYLusdywSiDh4xmc5tBe+u5p9gBatKz8dB
9dU+6Ey/aaxfhRa5QWj+K0DT/BvTNENp5QNH0/ff0vGwg4OYuW0FX0T5d9W8fJr3hORydS7l
sxBQD5sFe0Olp8slfRnRy+wKCXs2SHCgyQOwujCCAz8wggKooAMCAQICAQ0wDQYJKoZIhvcN
AQEFBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcT
CUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRp
ZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBG
cmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNv
bTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYD
VQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVy
c29uYWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
xKY8VXNV+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNaLIkV
cI7dyfArhVqqP3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUq
VIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
A1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZy
ZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJp
dmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcNAQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIX
oUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNwPP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydx
VyWN3amcOY6MIE9lX5Xa9/eH1sYITq726jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8x
ggM7MIIDNwIBATBpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGlu
ZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWlu
ZyBDQQIDCyqXMAkGBSsOAwIaBQCgggGnMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJ
KoZIhvcNAQkFMQ8XDTA0MDMyNDA0NDUzMFowIwYJKoZIhvcNAQkEMRYEFG98FHOycrJFr0Cf
/bd74yXbKnxDMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCA
MA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMHgGCSsGAQQBgjcQBDFr
MGkwYjELMAkGA1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0
ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAgMLKpcw
egYLKoZIhvcNAQkQAgsxa6BpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29u
c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg
SXNzdWluZyBDQQIDCyqXMA0GCSqGSIb3DQEBAQUABIIBAIRGg5i1hFK2WhDKuM6E4ZDt7qct
DcR4tv08mF3lNUtQpweYQvgR/E/29vcswrEsshl9zoXDkLnbdQK1jWTqFDeZzqwBSBOyLNSM
mWhpO5o39a7bEN6ycX1uIbUWwKENsvCf7htkaDLoL8/Xj03RehdTwHQ13BR380zbCQqIg3Z3
KUfRlVDC7IgKf/55T1GmG/XLqP8apl9+6Kext/9akw6VXxmgdVVL4aBWuC2FsGCLOu6b4iEG
sTUyhUNd9K9yHFbTG0sHfI1XyVXyCLFgq897v6QEyfO8/jWDui/5Y2Ycjr2s0dWKtSY55Sne
X8lOSJWNk+QHEkmHQphKlVPZyzcAAAAAAAA=
--------------ms090107090800040808040209--
From freeradius-devel@lists.freeradius.org Wed Mar 24 09:02:48 2004
From: freeradius-devel@lists.freeradius.org (Automatic cvs log generator)
Date: Wed, 24 Mar 2004 03:02:48 -0600 (CST)
Subject: Automatic report from sources (radiusd) between 23.03.2004 - 24.03.2004 GMT
Message-ID: <20040324090248.3852D77460@webhost1.starnetusa.net>
CVS log entries from 23.03.2004 (Tue) 09:00:01 - 24.03.2004 (Wed) 09:00:01 GMT
=====================================================
Summary by authors
=====================================================
Author: aland
File: radiusd/src/main/xlat.c; Revisions: 1.69
File: radiusd/src/main/valuepair.c; Revisions: 1.57
File: radiusd/src/include/request_list.h; Revisions: 1.8
File: radiusd/src/include/radiusd.h; Revisions: 1.153
=====================================================
Combined list of identical log entries
=====================================================
Description:
Preliminary support for xlat's of regex results: %{1}, %{2}, etc.
Modified files:
File: radiusd/src/include/radiusd.h; Revision: 1.153;
Date: 2004/03/23 22:14:24; Author: aland; Lines: (+3 -1)
File: radiusd/src/main/xlat.c; Revision: 1.69;
Date: 2004/03/23 22:14:24; Author: aland; Lines: (+29 -2)
=====================================================
Log entries
=====================================================
Description:
Include prototype for rl_add_proxy
Modified files:
File: radiusd/src/include/request_list.h; Revision: 1.8;
Date: 2004/03/23 22:08:37; Author: aland; Lines: (+2 -1)
-------------------------------
Description:
For '=~', add the matching sub-strings to the request, as %{0},
%{1}, %{2}, etc.
Modified files:
File: radiusd/src/main/valuepair.c; Revision: 1.57;
Date: 2004/03/23 22:19:31; Author: aland; Lines: (+50 -5)
=====================================================
Summary of modified files
=====================================================
File: radiusd/src/include/radiusd.h
Revisions: 1.153
Authors: aland (+3 -1)
-------------------------------
File: radiusd/src/include/request_list.h
Revisions: 1.8
Authors: aland (+2 -1)
-------------------------------
File: radiusd/src/main/valuepair.c
Revisions: 1.57
Authors: aland (+50 -5)
-------------------------------
File: radiusd/src/main/xlat.c
Revisions: 1.69
Authors: aland (+29 -2)
--
Automatic cron job from /web/pages/us.freeradius.org/bin/new_makelog.pl
From freeradius-devel@lists.freeradius.org Wed Mar 24 15:03:34 2004
From: freeradius-devel@lists.freeradius.org (Pugnaloni Federico)
Date: Wed, 24 Mar 2004 16:03:34 +0100
Subject: MySQL accounting and Cisco-AVPair
Message-ID: <35E044CAD856D3119384204C4F4F502044FCCF@sittserver>
Hi,
i'm using FreeRADIUS Version 0.9.3on FreeBSD 4.9
i'm using with a Cisco PIX to AAA internet access
it works fine, but i need to store the Cisco-AVPair ip protocol info in
radacct SQL table.
As i can see in the detail accounting freeradius store Cisco-AVPair info
-snip-
Cisco-AVPair = "ip:source-ip=192.168.0.127"
Cisco-AVPair = "ip:source-port=4051"
Cisco-AVPair = "ip:destination-ip=10.10.10.1"
Cisco-AVPair = "ip:destination-port=23"
-snip
but i cannot store this info on sql
I've tried to modify sql.conf as is:
accounting_stop_query_alt = "INSERT into ${acct_table2} (RadAcctId,
AcctSessionId... AcctStopDelay) values('', '%{Acct-Session-Id}',
'%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}',
'%{NAS-IP-Address}', '%{NAS-Port}'... '%{Cisco-AVPair}',
'%{Cisco-AVPair}'..}')"
but it returns only the first instance of Cisco-AVPair
("ip:source-ip=192.168.0.127")
how can i store all the values?
i've seen something about vsa_hack, but it seems works only with h323...
--
Federico Pugnaloni
From freeradius-devel@lists.freeradius.org Wed Mar 24 16:21:34 2004
From: freeradius-devel@lists.freeradius.org (Rok Papez)
Date: Wed, 24 Mar 2004 17:21:34 +0100
Subject: simple_authentication in rlm_ldap
Message-ID: <4061B58E.70307@arnes.si>
Hello!
I've added a simple_authentication to rlm_ldap when
users are to be authenticated without searching the
LDAP directory. This is a security feature. If user
can bind to LDAP with his credentials, let him pass,
otherwise fail him.
This should also reduce the load on LDAP server
significantly since it doesn't have to perform any
searches.
ldap_get_conn()/ldap_release_conn() do just locking
and connection slot allocation. That's OK. But why
is actual connection established in perform_search()
with a call to ldap_connect(). It also seems a bit
out of place to perform a rlm_bind() there.
Wouldn't it be better to do:
ldap_get_conn()
ldap_establish_conn()
ldap_bind()
perform_search()
ldap_unbind()
ldap_release_conn()
It seems ldap_bind() can be called recursively,
if so, one could call ldap_establish_conn() only
on first connection.
--- src/modules/rlm_ldap/rlm_ldap.c.orig 2004-03-24 10:12:41.000000000 +0100
+++ src/modules/rlm_ldap/rlm_ldap.c 2004-03-24 16:54:30.000000000 +0100
@@ -251,6 +251,7 @@
int num_conns;
int do_comp;
int do_xlat;
+ int simple_authentication; /* authenticate user when simple bind is successfull, no search */
int default_allow;
int failed_conns;
int is_url;
@@ -322,6 +323,7 @@
{"compare_check_items", PW_TYPE_BOOLEAN, offsetof(ldap_instance,do_comp), NULL, "no"},
{"access_attr_used_for_allow", PW_TYPE_BOOLEAN, offsetof(ldap_instance,default_allow), NULL, "yes"},
{"do_xlat", PW_TYPE_BOOLEAN, offsetof(ldap_instance,do_xlat), NULL, "yes"},
+ {"simple_authentication", PW_TYPE_BOOLEAN, offsetof(ldap_instance,simple_authentication), NULL, "no"},
{NULL, -1, 0, NULL, NULL}
};
@@ -1419,6 +1421,51 @@
DEBUG("rlm_ldap: login attempt by \"%s\" with password \"%s\"",
request->username->strvalue, request->password->strvalue);
+ /*
+ * Simple authentication checks username/pass just by binding
+ * to the LDAP directory. No search is performed.
+ */
+ if (inst->simple_authentication) {
+ char dn[MAX_FILTER_STR_LEN];
+ int res;
+
+ radlog (L_ERR, "rlm_ldap: Attempting simple authentication.\n");
+ if (!radius_xlat(dn, sizeof(dn), inst->login,
+ request, NULL)) {
+ radlog (L_ERR, "rlm_ldap: unable to create base DN.\n");
+ return RLM_MODULE_INVALID;
+ }
+
+ if ((conn_id = ldap_get_conn(inst->conns,&conn,inst)) == -1){
+ radlog(L_ERR, "rlm_ldap: All ldap connections are in use");
+ return RLM_MODULE_FAIL;
+ }
+
+ if (!conn->bound || conn->ld == NULL) {
+ DEBUG2("rlm_ldap: attempting LDAP reconnection");
+ if (conn->ld) {
+ DEBUG2("rlm_ldap: closing existing LDAP connection");
+ ldap_unbind_s(conn->ld);
+ }
+ /* connect also does a bind */
+ if ((conn->ld = ldap_connect(instance, dn, request->password->strvalue, 1, &res)) == NULL) {
+ radlog(L_ERR, "rlm_ldap: (re)connection attempt failed");
+ conn->failed_conns++;
+ return (RLM_MODULE_FAIL);
+ }
+ conn->bound = 1;
+ conn->failed_conns = 0;
+ }
+
--
Lep pozdrav,
Rok Papez.
From freeradius-devel@lists.freeradius.org Wed Mar 24 18:13:42 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Wed, 24 Mar 2004 13:13:42 -0500
Subject: PATCH -- Static linking issue, rlm_sql/drivers
In-Reply-To: Your message of "Tue, 16 Mar 2004 12:59:50 +0100."
<4056EC36.40507@arnes.si>
Message-ID: <20040324181343.A4466170FA@mail.nitros9.org>
Rok Papez wrote:
> Has anyone had time to look at this ? It's actualy a trivial
> patch... Should it be done in some other way ?
Rather than add linking of SQL sub-module, you've deleted the
ability to link EAP sub-modules.
I've added a similar patch which permits both.
Alan DeKok.
From freeradius-devel@lists.freeradius.org Wed Mar 24 18:46:52 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Wed, 24 Mar 2004 13:46:52 -0500
Subject: Patch to radiusd.c
In-Reply-To: Your message of "Mon, 23 Feb 2004 21:53:36 +0100."
<403A6850.3040108@buelow-masiak.de>
Message-ID: <20040324184652.C6A06170BB@mail.nitros9.org>
Martin Seine wrote:
> Just stepped again in a flaw in radiusd.c: First are the
> commandline-Parameters processed and afterwards the configfile.
That's so -d works.
As for the command-line parameters which conflict with the config
files, the easiest thing to do is to delete the command-line
parameters.
Alan DeKok.
From freeradius-devel@lists.freeradius.org Wed Mar 24 19:08:33 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Wed, 24 Mar 2004 14:08:33 -0500
Subject: xlat question
In-Reply-To: Your message of "Sun, 21 Mar 2004 00:38:08 +0300."
<20040320213808.GF48678@dyatel.antar.bryansk.ru>
Message-ID: <20040324190833.3DA94170BB@mail.nitros9.org>
"Alexander M. Pravking" wrote:
> Btw, Alan, INTEGER attributes are now always being looked up against
> dictionary unless the value looks like numeric. It's probably a good
> time to start consider Integer-Attr = "%{Some-Calculations}" as an
> ordinary value, not as a dictionary value representation...
Once we get dynamic expansion of double-quoted strings, we will get
that for free.
Alan DeKok.
From freeradius-devel@lists.freeradius.org Thu Mar 25 08:29:46 2004
From: freeradius-devel@lists.freeradius.org (Rok Papez)
Date: Thu, 25 Mar 2004 09:29:46 +0100
Subject: CVS-2004-02-26 fails to build, patch attached Was: PATCH -- Static
linking issue, rlm_sql/drivers
In-Reply-To: <20040324181343.A4466170FA@mail.nitros9.org>
References: <20040324181343.A4466170FA@mail.nitros9.org>
Message-ID: <4062987A.60602@arnes.si>
Hello Alan.
Alan DeKok wrote:
> Rok Papez wrote:
>
>>Has anyone had time to look at this ? It's actualy a trivial
>>patch... Should it be done in some other way ?
> I've added a similar patch which permits both.
I've tested your changes and they don't work here (build breaks):
gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DOPENSSL_NO_KRB5 -Wall -D_GNU_SOURCE -g -Wshadow -Wpointer-arith -Wcast-qual -Wcast-align -Wwrite-strings -Wstrict-prototypes
-Wmissing-prototypes -Wmissing-declarations -Wnested-externs -W -Wredundant-decls -Wundef -I../include -DHOSTINFO=\"\" -DRADIUSD_VERSION=\"1.0.0-pre0\" -c mainconfig.c
gmake[4]: *** No rule to make target `../modules/*/drivers/rlm_eap_md5/rlm_eap_md5.la', needed by `radiusd'. Stop.
gmake[4]: Leaving directory `/usr/home/rok/radiusd-20040326/src/main'
gmake[3]: *** [common] Error 1
gmake[3]: Leaving directory `/usr/home/rok/radiusd-20040326/src'
gmake[2]: *** [all] Error 2
gmake[2]: Leaving directory `/usr/home/rok/radiusd-20040326/src'
gmake[1]: *** [common] Error 1
gmake[1]: Leaving directory `/usr/home/rok/radiusd-20040326'
make: *** [all] Error 2
It is nice that you've seperated the MODULES and SUBMODULES. However it seems you forgot to update the
"echo" line after checking for a lib file (and vice verse). This patch fixes these typos:
--- src/main/Makefile.in.orig 2004-03-25 08:04:18.000000000 +0100
+++ src/main/Makefile.in 2004-03-25 08:19:05.000000000 +0100
@@ -39,10 +39,10 @@
#
MODULE_LIBS += $(shell for x in $(MODULES);do test -f ../modules/$$x/$$x.la && echo -dlpreopen ../modules/$$x/$$x.la;done)
MODULE_LIBS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/types/$$x/$$x.la && echo -dlpreopen ../modules/*/types/$$x/$$x.la;done)
-MODULE_LIBS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/drivers/$$x/$$x.la && echo -dlpreopen ../modules/*/types/$$x/$$x.la;done)
+MODULE_LIBS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/drivers/$$x/$$x.la && echo -dlpreopen ../modules/*/drivers/$$x/$$x.la;done)
MODULE_OBJS += $(shell for x in $(MODULES);do test -f ../modules/$$x/$$x.la && echo ../modules/$$x/$$x.la;done)
MODULE_OBJS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/types/$$x/$$x.la && echo ../modules/*/types/$$x/$$x.la;done)
-MODULE_OBJS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/types/$$x/$$x.la && echo ../modules/*/drivers/$$x/$$x.la;done)
+MODULE_OBJS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/drivers/$$x/$$x.la && echo ../modules/*/drivers/$$x/$$x.la;done)
endif
LIBS += -lradius $(SNMP_LIBS)
================================================================================
>
>
> Rather than add linking of SQL sub-module, you've deleted the
> ability to link EAP sub-modules.
I must have missed something, where did I delete the linking of EAP sub modules ? This
patch works for me and I'm using MySQL sql sub-module and EAP TLS and TTLS sub-modules :/.
--- src/main/Makefile.in.orig 2004-03-12 15:50:55.000000000 +0100
+++ src/main/Makefile.in 2004-03-12 15:51:44.000000000 +0100
@@ -31,14 +31,17 @@
#
MODULES += rlm_eap_md5 rlm_eap_leap rlm_eap_tls rlm_eap_ttls rlm_eap_sim
MODULES += rlm_eap_peap rlm_eap_mschapv2 rlm_eap_gtc
+MODULES += rlm_sql_db2 rlm_sql_freetds rlm_sql_iodbc rlm_sql_mysql rlm_sql_oracle rlm_sql_postgresql rlm_sql_sybase rlm_sql_unixodbc
ifneq ($(OPENSSL_LIBS),)
LIBS += -L$(OPENSSL_LIBS) -L../modules/rlm_eap/libeap -leap -lcrypto -lssl -lcrypto -lssl
endif
#
MODULE_LIBS += $(shell for x in $(MODULES);do test -f ../modules/$$x/$$x.la && echo -dlpreopen ../modules/$$x/$$x.la;done)
-MODULE_LIBS += $(shell for x in $(MODULES);do test -f ../modules/*/types/$$x/$$x.la && echo -dlpreopen ../modules/*/types/$$x/$$x.la;done)
MODULE_OBJS += $(shell for x in $(MODULES);do test -f ../modules/$$x/$$x.la && echo ../modules/$$x/$$x.la;done)
+MODULE_LIBS += $(shell for x in $(MODULES);do test -f ../modules/*/types/$$x/$$x.la && echo -dlpreopen ../modules/*/types/$$x/$$x.la;done)
MODULE_OBJS += $(shell for x in $(MODULES);do test -f ../modules/*/types/$$x/$$x.la && echo ../modules/*/types/$$x/$$x.la;done)
+MODULE_LIBS += $(shell for x in $(MODULES);do test -f ../modules/*/drivers/$$x/$$x.la && echo -dlpreopen ../modules/*/drivers/$$x/$$x.la;done)
+MODULE_OBJS += $(shell for x in $(MODULES);do test -f ../modules/*/drivers/$$x/$$x.la && echo ../modules/*/drivers/$$x/$$x.la;done)
endif
LIBS += -lradius $(SNMP_LIBS)
It seems you've mistaken the line reordering for a removal. I've done becouse it is easier to read (less prone to errors).
--
Lep pozdrav,
Rok Papez.
From freeradius-devel@lists.freeradius.org Thu Mar 25 09:02:49 2004
From: freeradius-devel@lists.freeradius.org (Automatic cvs log generator)
Date: Thu, 25 Mar 2004 03:02:49 -0600 (CST)
Subject: Automatic report from sources (radiusd) between 24.03.2004 - 25.03.2004 GMT
Message-ID: <20040325090249.5A0B77745B@webhost1.starnetusa.net>
CVS log entries from 24.03.2004 (Wed) 09:00:01 - 25.03.2004 (Thu) 09:00:02 GMT
=====================================================
Summary by authors
=====================================================
Author: aland
File: radiusd/src/main/Makefile.in; Revisions: 1.26, 1.25
File: radiusd/raddb/Makefile; Revisions: 1.8
Author: pnixon
File: radiusd/src/billing/cisco_h323_db_schema-postgres.sql; Revisions: 1.13, 1.12
File: radiusd/share/dictionary.cisco; Revisions: 1.12, 1.11
=====================================================
Log entries
=====================================================
Description:
Install eap.conf, too
Modified files:
File: radiusd/raddb/Makefile; Revision: 1.8;
Date: 2004/03/25 03:28:47; Author: aland; Lines: (+1 -1)
-------------------------------
Description:
Some new Cisco VASs
Modified files:
File: radiusd/share/dictionary.cisco; Revision: 1.12;
Date: 2004/03/25 08:49:05; Author: pnixon; Lines: (+5 -1)
-------------------------------
Description:
Add new VSAs for CISCO SIP PROXY SERVER as defined at http://www.cisco.com/en/US/products/sw/voicesw/ps2157/products_administration_guide_chapter09186a00800c7944.html
Modified files:
File: radiusd/share/dictionary.cisco; Revision: 1.11;
Date: 2004/03/25 08:22:26; Author: pnixon; Lines: (+13 -1)
-------------------------------
Description:
update strip_dot function to return NULL if it receives a blank string
Modified files:
File: radiusd/src/billing/cisco_h323_db_schema-postgres.sql; Revision: 1.13;
Date: 2004/03/24 14:50:33; Author: pnixon; Lines: (+12 -9)
-------------------------------
Description:
Change H323DisconnectCause from VARCHAR(2) to VARCHAR(20) because CSPS sends cause names instead of cause codes.
Modified files:
File: radiusd/src/billing/cisco_h323_db_schema-postgres.sql; Revision: 1.12;
Date: 2004/03/24 13:56:28; Author: pnixon; Lines: (+2 -2)
-------------------------------
Description:
Better linking of sub-modules, and added support for static
linking of SQL sub-modules
Modified files:
File: radiusd/src/main/Makefile.in; Revision: 1.26;
Date: 2004/03/24 18:09:36; Author: aland; Lines: (+9 -5)
-------------------------------
Description:
Added extra LCRYPT, for systems which have problems linking
otherwise (hello Interix)
Modified files:
File: radiusd/src/main/Makefile.in; Revision: 1.25;
Date: 2004/03/24 18:06:28; Author: aland; Lines: (+2 -2)
=====================================================
Summary of modified files
=====================================================
File: radiusd/raddb/Makefile
Revisions: 1.8
Authors: aland (+1 -1)
-------------------------------
File: radiusd/share/dictionary.cisco
Revisions: 1.12, 1.11
Authors: pnixon (+5 -1), pnixon (+13 -1)
-------------------------------
File: radiusd/src/billing/cisco_h323_db_schema-postgres.sql
Revisions: 1.13, 1.12
Authors: pnixon (+12 -9), pnixon (+2 -2)
-------------------------------
File: radiusd/src/main/Makefile.in
Revisions: 1.26, 1.25
Authors: aland (+9 -5), aland (+2 -2)
--
Automatic cron job from /web/pages/us.freeradius.org/bin/new_makelog.pl
From freeradius-devel@lists.freeradius.org Thu Mar 25 12:33:01 2004
From: freeradius-devel@lists.freeradius.org (Rok Papez)
Date: Thu, 25 Mar 2004 13:33:01 +0100
Subject: Automatic report from sources (radiusd) between 24.03.2004 -
25.03.2004 GMT
In-Reply-To: <20040325090249.5A0B77745B@webhost1.starnetusa.net>
References: <20040325090249.5A0B77745B@webhost1.starnetusa.net>
Message-ID: <4062D17D.50000@arnes.si>
Hello!
Automatic cvs log generator wrote:
> Description:
> Better linking of sub-modules, and added support for static
> linking of SQL sub-modules
> Modified files:
> File: radiusd/src/main/Makefile.in; Revision: 1.26;
> Date: 2004/03/24 18:09:36; Author: aland; Lines: (+9 -5)
As noted in previous mail, compile fails, this is the fix:
[rok@krkotnik rok]$ cat static_sql_driver_fix2.diff
--- src/main/Makefile.in.orig 2004-03-25 08:04:18.000000000 +0100
+++ src/main/Makefile.in 2004-03-25 08:19:05.000000000 +0100
@@ -39,10 +39,10 @@
#
MODULE_LIBS += $(shell for x in $(MODULES);do test -f ../modules/$$x/$$x.la && echo -dlpreopen ../modules/$$x/$$x.la;done)
MODULE_LIBS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/types/$$x/$$x.la && echo -dlpreopen ../modules/*/types/$$x/$$x.la;done)
-MODULE_LIBS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/drivers/$$x/$$x.la && echo -dlpreopen ../modules/*/types/$$x/$$x.la;done)
+MODULE_LIBS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/drivers/$$x/$$x.la && echo -dlpreopen ../modules/*/drivers/$$x/$$x.la;done)
MODULE_OBJS += $(shell for x in $(MODULES);do test -f ../modules/$$x/$$x.la && echo ../modules/$$x/$$x.la;done)
MODULE_OBJS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/types/$$x/$$x.la && echo ../modules/*/types/$$x/$$x.la;done)
-MODULE_OBJS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/types/$$x/$$x.la && echo ../modules/*/drivers/$$x/$$x.la;done)
+MODULE_OBJS += $(shell for x in $(SUB_MODULES);do test -f ../modules/*/drivers/$$x/$$x.la && echo ../modules/*/drivers/$$x/$$x.la;done)
endif
LIBS += -lradius $(SNMP_LIBS)
--
Lep pozdrav,
Rok Papez.
From freeradius-devel@lists.freeradius.org Thu Mar 25 15:30:50 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Thu, 25 Mar 2004 10:30:50 -0500
Subject: CVS-2004-02-26 fails to build, patch attached Was: PATCH -- Static linking issue, rlm_sql/drivers
In-Reply-To: Your message of "Thu, 25 Mar 2004 09:29:46 +0100."
<4062987A.60602@arnes.si>
Message-ID: <20040325153050.1037316DF5@mail.nitros9.org>
Rok Papez wrote:
> I've tested your changes and they don't work here (build breaks):
OK, I've fixed it, thanks.
Alan DeKok.
From freeradius-devel@lists.freeradius.org Thu Mar 25 17:38:48 2004
From: freeradius-devel@lists.freeradius.org (Kostas Kalevras)
Date: Thu, 25 Mar 2004 19:38:48 +0200 (EET)
Subject: simple_authentication in rlm_ldap
In-Reply-To: <4061B58E.70307@arnes.si>
References: <4061B58E.70307@arnes.si>
Message-ID: <20040325193438.O71182@ajax.noc.ntua.gr>
On Wed, 24 Mar 2004, Rok Papez wrote:
> Hello!
>
> I've added a simple_authentication to rlm_ldap when
> users are to be authenticated without searching the
> LDAP directory. This is a security feature. If user
> can bind to LDAP with his credentials, let him pass,
> otherwise fail him.
> This should also reduce the load on LDAP server
> significantly since it doesn't have to perform any
> searches.
The patch is not needed. If you set Ldap-UserDN before authentication then
rlm_ldap will use that and perform user authentication.
So you only need to do something like this is the users file:
DEFAULT Auth-Type := LDAP, Ldap-UserDN :=
"uid=%{User-Name},ou=people,dc=comapny,dc=com"
>
> ldap_get_conn()/ldap_release_conn() do just locking
> and connection slot allocation. That's OK. But why
> is actual connection established in perform_search()
> with a call to ldap_connect(). It also seems a bit
> out of place to perform a rlm_bind() there.
Because we keep a connection pool and it seems the logical place for connection
maintainance.
>
> Wouldn't it be better to do:
> ldap_get_conn()
> ldap_establish_conn()
> ldap_bind()
> perform_search()
> ldap_unbind()
That means that you open a new connection for each user authorization? Not good
> ldap_release_conn()
>
> It seems ldap_bind() can be called recursively,
> if so, one could call ldap_establish_conn() only
> on first connection.
>
> --- src/modules/rlm_ldap/rlm_ldap.c.orig 2004-03-24 10:12:41.000000000 +0100
> +++ src/modules/rlm_ldap/rlm_ldap.c 2004-03-24 16:54:30.000000000 +0100
> @@ -251,6 +251,7 @@
> int num_conns;
> int do_comp;
> int do_xlat;
> + int simple_authentication; /* authenticate user when simple bind is successfull, no search */
> int default_allow;
> int failed_conns;
> int is_url;
> @@ -322,6 +323,7 @@
> {"compare_check_items", PW_TYPE_BOOLEAN, offsetof(ldap_instance,do_comp), NULL, "no"},
> {"access_attr_used_for_allow", PW_TYPE_BOOLEAN, offsetof(ldap_instance,default_allow), NULL, "yes"},
> {"do_xlat", PW_TYPE_BOOLEAN, offsetof(ldap_instance,do_xlat), NULL, "yes"},
> + {"simple_authentication", PW_TYPE_BOOLEAN, offsetof(ldap_instance,simple_authentication), NULL, "no"},
>
> {NULL, -1, 0, NULL, NULL}
> };
> @@ -1419,6 +1421,51 @@
> DEBUG("rlm_ldap: login attempt by \"%s\" with password \"%s\"",
> request->username->strvalue, request->password->strvalue);
>
> + /*
> + * Simple authentication checks username/pass just by binding
> + * to the LDAP directory. No search is performed.
> + */
> + if (inst->simple_authentication) {
> + char dn[MAX_FILTER_STR_LEN];
> + int res;
> +
> + radlog (L_ERR, "rlm_ldap: Attempting simple authentication.\n");
> + if (!radius_xlat(dn, sizeof(dn), inst->login,
> + request, NULL)) {
> + radlog (L_ERR, "rlm_ldap: unable to create base DN.\n");
> + return RLM_MODULE_INVALID;
> + }
> +
> + if ((conn_id = ldap_get_conn(inst->conns,&conn,inst)) == -1){
> + radlog(L_ERR, "rlm_ldap: All ldap connections are in use");
> + return RLM_MODULE_FAIL;
> + }
> +
> + if (!conn->bound || conn->ld == NULL) {
> + DEBUG2("rlm_ldap: attempting LDAP reconnection");
> + if (conn->ld) {
> + DEBUG2("rlm_ldap: closing existing LDAP connection");
> + ldap_unbind_s(conn->ld);
> + }
> + /* connect also does a bind */
> + if ((conn->ld = ldap_connect(instance, dn, request->password->strvalue, 1, &res)) == NULL) {
> + radlog(L_ERR, "rlm_ldap: (re)connection attempt failed");
> + conn->failed_conns++;
> + return (RLM_MODULE_FAIL);
> + }
> + conn->bound = 1;
> + conn->failed_conns = 0;
> + }
> +
>
> --
> Lep pozdrav,
> Rok Papez.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
>
--
Kostas Kalevras Network Operations Center
kkalev@noc.ntua.gr National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
From freeradius-devel@lists.freeradius.org Thu Mar 25 17:56:48 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Thu, 25 Mar 2004 12:56:48 -0500 (EST)
Subject: We should release 1.0.
Message-ID: <200403251756.i2PHumN05348@newgiles.nitros9.org>
It's been too long since 0.9. We need to release 1.0.
Any objections?
I've out of the country next week, and won't be able to answer email
then, but let's target the end of April for at least a pre-release.
Alan DeKok.
From freeradius-devel@lists.freeradius.org Thu Mar 25 17:58:48 2004
From: freeradius-devel@lists.freeradius.org (Gustavo A. Lozano)
Date: Thu, 25 Mar 2004 12:58:48 -0500
Subject: We should release 1.0.
In-Reply-To: <200403251756.i2PHumN05348@newgiles.nitros9.org>
References: <200403251756.i2PHumN05348@newgiles.nitros9.org>
Message-ID: <1080237528.1251.5.camel@Grissom.noldata.com>
I think a single piece of documentation must be made before the 1.0
milestone.
All the bunch of doc files contains no order for the newbie.
Regards
Gustavo
On Thu, 2004-03-25 at 12:56, Alan DeKok wrote:
> It's been too long since 0.9. We need to release 1.0.
>
> Any objections?
>
> I've out of the country next week, and won't be able to answer email
> then, but let's target the end of April for at least a pre-release.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
--
Gustavo A. Lozano Noldata Corporation
glozano@noldata.com Calle 46 No. 40-19
CTO Bogota D.C. Colombia
Noldata Corporation http://noldata.com
I know not with what weapons World War III will be fought,
but World War IV will be fought with sticks and stones.
Albert Einstein
From freeradius-devel@lists.freeradius.org Thu Mar 25 18:05:39 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Thu, 25 Mar 2004 13:05:39 -0500
Subject: We should release 1.0.
In-Reply-To: Your message of "Thu, 25 Mar 2004 12:58:48 EST."
<1080237528.1251.5.camel@Grissom.noldata.com>
Message-ID: <20040325180540.037F716DF5@mail.nitros9.org>
"Gustavo A. Lozano" wrote:
> I think a single piece of documentation must be made before the 1.0
> milestone.
Ok... when will you have that done?
Alan DeKok.
From freeradius-devel@lists.freeradius.org Thu Mar 25 18:41:00 2004
From: freeradius-devel@lists.freeradius.org (Gustavo A. Lozano)
Date: Thu, 25 Mar 2004 13:41:00 -0500
Subject: We should release 1.0.
In-Reply-To: <20040325180540.037F716DF5@mail.nitros9.org>
References: <20040325180540.037F716DF5@mail.nitros9.org>
Message-ID: <1080240060.1251.16.camel@Grissom.noldata.com>
Hahaha!!
Better than a single person building a monolitic document I think we
should define a documentation standard, so every single author can put
his own piece under that standard and then a monolitic release will be
very easy.
As example if Mr Nice Guy is the author of the rlm_nice_module, then he
must write the doc under some structure common to everybody:
Module Name: rlm_nice_module
Objective of the Module: Use the Nice database for accounting
purposes.
Release history for the module:
Instructions to build-link the module:
Software Reqs
Step by Step instructions
Configuration of the module
Description of every section in the radius config
Detailed explanation of every single line of configuration
Example scenario:
Known problems and resolutions:
Author of the module and documentation:
After that, may be somebody can raise the hand and say Ok I will the
documentation Manager, I will build the monolitic manual after everybody
conforms the sections as the standard says.
So, if no one have anything to correct, change, reject, lets build the
sample template for every chapter as I suggest and lets start conforming
the general sections.... After that may be I will raise my hand and say:
Hey! here is the 1.0 Official FreeRadius guide. Something from the
project, not another oreilly book.
Regards
On Thu, 2004-03-25 at 13:05, Alan DeKok wrote:
> "Gustavo A. Lozano" wrote:
> > I think a single piece of documentation must be made before the 1.0
> > milestone.
>
> Ok... when will you have that done?
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
--
Gustavo A. Lozano Noldata Corporation
glozano@noldata.com Calle 46 No. 40-19
CTO Bogota D.C. Colombia
Noldata Corporation http://noldata.com
I know not with what weapons World War III will be fought,
but World War IV will be fought with sticks and stones.
Albert Einstein
From freeradius-devel@lists.freeradius.org Thu Mar 25 19:05:12 2004
From: freeradius-devel@lists.freeradius.org (Chris Parker)
Date: Thu, 25 Mar 2004 13:05:12 -0600
Subject: We should release 1.0.
In-Reply-To: <1080240060.1251.16.camel@Grissom.noldata.com>
References: <20040325180540.037F716DF5@mail.nitros9.org>
<1080240060.1251.16.camel@Grissom.noldata.com>
Message-ID: <6.0.3.0.2.20040325130447.037a7a60@mail.starnetusa.net>
At 12:41 PM 3/25/2004, Gustavo A. Lozano wrote:
>Hahaha!!
>
>Better than a single person building a monolitic document I think we
>should define a documentation standard, so every single author can put
>his own piece under that standard and then a monolitic release will be
>very easy.
You mean like the man pages?
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ Wholesale Internet \ Director, Engineering
| @ @ | \ http://www.starnetusa.net \ (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
\ Outpace the Competition - http://www.getmespeed.com
From freeradius-devel@lists.freeradius.org Thu Mar 25 19:31:16 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Thu, 25 Mar 2004 14:31:16 -0500
Subject: We should release 1.0.
In-Reply-To: Your message of "Thu, 25 Mar 2004 13:41:00 EST."
<1080240060.1251.16.camel@Grissom.noldata.com>
Message-ID: <20040325193116.66A6A16DF5@mail.nitros9.org>
"Gustavo A. Lozano" wrote:
> Better than a single person building a monolitic document I think we
> should define a documentation standard, so every single author can put
> his own piece under that standard
"man" pages.
Chris started on a number of man pages. There are more modules in
the "doc" directory which should be turned into "man" pages.
Alan DeKok.
From freeradius-devel@lists.freeradius.org Thu Mar 25 20:06:28 2004
From: freeradius-devel@lists.freeradius.org (Wolfgang Hottgenroth)
Date: Thu, 25 Mar 2004 21:06:28 +0100
Subject: Contribute module rlm_cdb
Message-ID:
Hi,
I like to contribute a module rlm_cdb I've implemented, closely derived from
Andrei's rlm_dbm module and which we are using in a project with a
huge amount of users (about 1,000,000).
The module uses Bernstein's CDB as backend.
I invite you to have a look: http:/www.hottis.de/freeradius
Comments are most welcome.
Cheers,
Wolfgang
From freeradius-devel@lists.freeradius.org Thu Mar 25 21:05:23 2004
From: freeradius-devel@lists.freeradius.org (Gustavo A. Lozano)
Date: Thu, 25 Mar 2004 16:05:23 -0500
Subject: We should release 1.0.
In-Reply-To: <20040325193116.66A6A16DF5@mail.nitros9.org>
References: <20040325193116.66A6A16DF5@mail.nitros9.org>
Message-ID: <1080248722.1244.2.camel@Grissom.noldata.com>
Dont think so.
Most software has manpages and a manual, and both are different...
On Thu, 2004-03-25 at 14:31, Alan DeKok wrote:
> "Gustavo A. Lozano" wrote:
> > Better than a single person building a monolitic document I think we
> > should define a documentation standard, so every single author can put
> > his own piece under that standard
>
> "man" pages.
>
> Chris started on a number of man pages. There are more modules in
> the "doc" directory which should be turned into "man" pages.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
--
Gustavo A. Lozano Noldata Corporation
glozano@noldata.com Calle 46 No. 40-19
CTO Bogota D.C. Colombia
Noldata Corporation http://noldata.com
I know not with what weapons World War III will be fought,
but World War IV will be fought with sticks and stones.
Albert Einstein
From freeradius-devel@lists.freeradius.org Thu Mar 25 21:17:32 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Thu, 25 Mar 2004 16:17:32 -0500
Subject: We should release 1.0.
In-Reply-To: Your message of "Thu, 25 Mar 2004 16:05:23 EST."
<1080248722.1244.2.camel@Grissom.noldata.com>
Message-ID: <20040325211732.7A24D16DF5@mail.nitros9.org>
"Gustavo A. Lozano" wrote:
> Most software has manpages and a manual, and both are different...
We need both. Right now, we don't have "man" pages for many modules.
"Man" pages are a priority over a manual. For a simple manual, the
RADIUS book is sufficient.
Alan DeKok.
From freeradius-devel@lists.freeradius.org Thu Mar 25 21:37:41 2004
From: freeradius-devel@lists.freeradius.org (Paul Hampson)
Date: Fri, 26 Mar 2004 08:37:41 +1100
Subject: We should release 1.0.
In-Reply-To: <200403251756.i2PHumN05348@newgiles.nitros9.org>
Message-ID:
> From: Alan DeKok
> Sent: Friday, 26 March 2004 4:57 AM
> It's been too long since 0.9. We need to release 1.0.
> Any objections?
> I've out of the country next week, and won't be able to answer email
> then, but let's target the end of April for at least a pre-release.
I'm down with that. I was just thinking about it myself, actually.
Well, shall we consider April to be a month of developer-stabilisation?
Less worry about missing features, and instead hunt your most and
least favorite bugs. And write documentation. And update the
ChangeLog with things you've done and forgotten to document.
(I'll see if I can find time to cruise through the CVS commit history
for any missing gems as well.)
And get people to build things on the weirdest architectures they
can. This means you, OpenBSD! :-)
If we're happy with this, we need to post to the -users list, reminding
people of bugzilla, and to go report things there. This includes things
like unclear/absent documentation which would otherwise just become a
complaint on the list. (I suspect... :-)
On the topic of Bugzilla, maybe we should go through and mark things
that won't be done before 1.0.0 (difficult features or whatever) with
'LATER'? Alternatively, make that "We need to release 1.0.0" dependant
on any other show-stopping bugs... (Assuming we get nasty bugs people
have failed to report...)
If we branch for -pre1 on May first. (Or so) We can hopefully ship a
-pre every week, with final release of 1.0.0 at the beginning of June.
This'll give us four weeks of user testing... Obviously it has to be
flexible. :-)
(I must say I'd hoped to autoconf2.5-ise the build system for 1.0.0
but I won't have time to do that sort of hackery until June anyway,
so right after 1.0.0 ships seems like a good time to do it. That way
if things get broken, people can use 1.0.0 without losing functionality.)
--
Paul "TBBle" Hampson
Bubblesworth Pty Ltd (ABN: 51 095 284 361)
Paul.Hampson@PObox.Com
On a sidewalk near Portland State
University someone wrote `Trust Jesus', and
someone else wrote `But Cut the Cards'.
From freeradius-devel@lists.freeradius.org Thu Mar 25 22:01:45 2004
From: freeradius-devel@lists.freeradius.org (Michael Griego)
Date: Thu, 25 Mar 2004 16:01:45 -0600
Subject: We should release 1.0.
In-Reply-To:
References:
Message-ID: <1080252105.30962.61.camel@enterprise.utdallas.edu>
Paul's schedule sounds great to me.
--
--Mike
-----------------------------------
Michael Griego
Wireless LAN Project Manager
The University of Texas at Dallas
From freeradius-devel@lists.freeradius.org Fri Mar 26 02:39:44 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Thu, 25 Mar 2004 21:39:44 -0500
Subject: We should release 1.0.
In-Reply-To: Your message of "Fri, 26 Mar 2004 08:37:41 +1100."
Message-ID: <20040326023944.E88DE16DF5@mail.nitros9.org>
"Paul Hampson" wrote:
> Well, shall we consider April to be a month of developer-stabilisation?
Sounds good to me.
> (I'll see if I can find time to cruise through the CVS commit history
> for any missing gems as well.)
I think I've done most of that.
> If we're happy with this, we need to post to the -users list, reminding
> people of bugzilla, and to go report things there. This includes things
> like unclear/absent documentation which would otherwise just become a
> complaint on the list. (I suspect... :-)
As release coordinator, I think hat's a great idea for you to do. :)
Also, the "credits.html" file on the web page needs to be edited to
look pretty.
> On the topic of Bugzilla, maybe we should go through and mark things
> that won't be done before 1.0.0 (difficult features or whatever) with
> 'LATER'? Alternatively, make that "We need to release 1.0.0" dependant
> on any other show-stopping bugs... (Assuming we get nasty bugs people
> have failed to report...)
Yes. The problem is that most bugs are listed against 2-3 people.
> If we branch for -pre1 on May first. (Or so) We can hopefully ship a
> -pre every week, with final release of 1.0.0 at the beginning of June.
> This'll give us four weeks of user testing... Obviously it has to be
> flexible. :-)
This plan should be included on any post to -users.
> (I must say I'd hoped to autoconf2.5-ise the build system for 1.0.0
> but I won't have time to do that sort of hackery until June anyway,
> so right after 1.0.0 ships seems like a good time to do it. That way
> if things get broken, people can use 1.0.0 without losing functionality.)
Yuck. Leave autoconf weirdness for later.
Alan DeKok.
From freeradius-devel@lists.freeradius.org Fri Mar 26 06:24:49 2004
From: freeradius-devel@lists.freeradius.org (Paul Hampson)
Date: Fri, 26 Mar 2004 17:24:49 +1100
Subject: Preparation for 1.0.0 release of FreeRADIUS
Message-ID:
OK, the good news is we're well on track.
For the month of April, the developers of FreeRADIUS will be
focussing on stabilisation and bug-fixing of FreeRADIUS to
prepare for releasing version 1.0.0.
What we would like you, the users, to do be diligent in
reporting bugs into Bugzilla (http://bugs.freeradius.org) so
we know what problems you're having. We're particularly focussed
on bugs in the current CVS snapshots
ftp://ftp.freeradius.org/pub/radius/CVS-snapshots/
until we start the 1.0.0 pre-release cycle.
If all goes well, we will branch freeradius 1.0.0 at the beginning
of May, and produce a series of 1.0.0-preX releases for _everyone_
to hammer upon, even those terrified of CVS snapshots. I'm hoping
to post Debian i386 packages of the various -preX versions, to make
it easy for everyone to test against. Presumably someone will knock
up packages for any other packaging systems around.
Again if all goes well, we will go through four prereleases in four
weeks and release 1.0.0 at the beginning of June.
So, here's a summary timeline:
Now
Users report bugs.
Brave ("willing to compile") users test CVS Snapshots.
Beginning of May
CVS branch for FreeRADIUS 1.0 is created.
FreeRADIUS 1.0.0-pre0 is released, packages are created, and
users are encouraged to _really_ hammer upon it. This means
you, users of esoteric systems!
As bugs are fixed, -pre1 and such are released.
Beginning of June, barring unforseen circumstances
FreeRADIUS 1.0.0 ships! This version comes under strict version
management, and new and interesting features go into CVS HEAD
again, for brave ("willing to compile") users to play with.
So, that's the plan.
What, you wanted bad news to with the good news? Sorry, I haven't got =
any. :-)
--
Paul "TBBle" Hampson
Bubblesworth Pty Ltd (ABN: 51 095 284 361)
Paul.Hampson@PObox.Com
On a sidewalk near Portland State
University someone wrote `Trust Jesus', and
someone else wrote `But Cut the Cards'.
From freeradius-devel@lists.freeradius.org Fri Mar 26 07:28:02 2004
From: freeradius-devel@lists.freeradius.org (Malcolm Caldwell)
Date: Fri, 26 Mar 2004 16:58:02 +0930
Subject: regex broken in current cvs
Message-ID: <1080286081.5419.13.camel@localhost.localdomain>
Hello,
regex is broken in current cvs.
The problem is the code that substitutes %{0} %{1} etc is called even if
no matches are found. On my redhat system the structure that has the
offsets etc for the matches is not valid if there were no matches.
The following patch fixes this for me. (All that was needed was an if(
arround the substitution code.)
Index: valuepair.c
===================================================================
RCS file: /source/radiusd/src/main/valuepair.c,v
retrieving revision 1.57
diff -u -r1.57 valuepair.c
--- valuepair.c 23 Mar 2004 22:19:31 -0000 1.57
+++ valuepair.c 26 Mar 2004 07:23:16 -0000
@@ -369,43 +369,48 @@
16, rxmatch, 0);
regfree(®);
- /*
- * Add %{0}, %{1}, etc.
- */
- for (i = 0; i < 16; i++) {
- char *p;
- char buffer[sizeof(check_item->strvalue)];
+ if (compare==0) {
/*
- * -1 is end of matching.
+ * Add %{0}, %{1}, etc.
*/
- if (rxmatch[i].rm_so == -1) break;
+ for (i = 0; i < 16; i++) {
+ char *p;
+ char buffer[sizeof(check_item->strvalue)];
+
+ /*
+ * -1 is end of matching.
+ */
+ if (rxmatch[i].rm_so == -1) break;
- /*
- * Copy substring into buffer.
- */
- memcpy(buffer,
- auth_item->strvalue + rxmatch[i].rm_so,
- rxmatch[i].rm_eo);
- buffer[rxmatch[i].rm_eo] = '\0';
-
- /*
- * Copy substring, and add it to
- * the request.
- *
- * Note that we don't check
- * for out of memory, which is
- * the only error we can get...
- */
- p = strdup(buffer);
- request_data_add(request,
- request,
- REQUEST_DATA_REGEX | i,
- p, free);
+ /*
+ * Copy substring into buffer.
+ */
+ memcpy(buffer,
+ auth_item->strvalue + rxmatch[i].rm_so,
+ rxmatch[i].rm_eo);
+ buffer[rxmatch[i].rm_eo] = '\0';
+
+ /*
+ * Copy substring, and add it to
+ * the request.
+ *
+ * Note that we don't check
+ * for out of memory, which is
+ * the only error we can get...
+ */
+ p = strdup(buffer);
+ request_data_add(request,
+ request,
+ REQUEST_DATA_REGEX | i,
+ p, free);
+ }
+
+ } else {
+ result = -1;
}
- }
- if (compare != 0) result = -1;
break;
+ }
case T_OP_REG_NE:
regcomp(®, (char *)check_item->strvalue, REG_EXTENDED|REG_NOSUB);
From freeradius-devel@lists.freeradius.org Fri Mar 26 09:02:46 2004
From: freeradius-devel@lists.freeradius.org (Automatic cvs log generator)
Date: Fri, 26 Mar 2004 03:02:46 -0600 (CST)
Subject: Automatic report from sources (radiusd) between 25.03.2004 - 26.03.2004 GMT
Message-ID: <20040326090246.922DC7745D@webhost1.starnetusa.net>
CVS log entries from 25.03.2004 (Thu) 09:00:02 - 26.03.2004 (Fri) 09:00:01 GMT
=====================================================
Summary by authors
=====================================================
Author: aland
File: radiusd/man/man5/rlm_expr.5; Revisions: 1.2
File: radiusd/configure.in; Revisions: 1.196
File: radiusd/man/man5/rlm_always.5; Revisions: 1.2
File: radiusd/man/man5/rlm_acct_unique.5; Revisions: 1.3, 1.2
File: radiusd/man/man5/rlm_detail.5; Revisions: 1.2
File: radiusd/doc/rlm_mschap; Revisions: 1.7
File: radiusd/man/man5/rlm_unix.5; Revisions: 1.2
File: radiusd/doc/ChangeLog; Revisions: 1.48
File: radiusd/src/main/Makefile.in; Revisions: 1.27
File: radiusd/doc/rlm_expr; Revisions: 1.3
File: radiusd/src/main/request_list.c; Revisions: 1.30
File: radiusd/doc/rlm_acct_unique; Revisions: 1.4
File: radiusd/doc/rlm_always; Revisions: 1.2
File: radiusd/configure; Revisions: 1.93
File: radiusd/doc/rlm_detail; Revisions: 1.10
File: radiusd/doc/rlm_unix; Revisions: 1.2
File: radiusd/man/man5/rlm_mschap.5; Revisions: 1.2
Author: phampson
File: radiusd/raddb/oraclesql.conf; Revisions: 1.3
File: radiusd/man/man5/rlm_sql.5; Revisions: 1.2
File: radiusd/doc/ChangeLog; Revisions: 1.47
File: radiusd/src/billing/pgsql-voip.conf; Revisions: 1.9
File: radiusd/man/man8/radiusd.8; Revisions: 1.9
File: radiusd/raddb/mssql.conf; Revisions: 1.6
File: radiusd/raddb/sql.conf; Revisions: 1.36
File: radiusd/src/modules/rlm_sql/rlm_sql.c; Revisions: 1.124
File: radiusd/raddb/postgresql.conf; Revisions: 1.15
File: radiusd/src/modules/rlm_sql/conf.h; Revisions: 1.18
=====================================================
Combined list of identical log entries
=====================================================
Description:
We now have a man page
Modified files:
File: radiusd/doc/rlm_detail; Revision: 1.10;
Date: 2004/03/25 19:23:03; Author: aland; Lines: (+0 -0)
File: radiusd/man/man5/rlm_detail.5; Revision: 1.2;
Date: 2004/03/25 19:23:04; Author: aland; Lines: (+27 -15)
-------------------------------
Description:
Add accounting_update_query_alt to rlm_sql, to catch lost start packets
earlier than the eventual stop packet.
Modified files:
File: radiusd/doc/ChangeLog; Revision: 1.47;
Date: 2004/03/25 11:33:07; Author: phampson; Lines: (+2 -1)
File: radiusd/man/man5/rlm_sql.5; Revision: 1.2;
Date: 2004/03/25 11:31:17; Author: phampson; Lines: (+3 -1)
File: radiusd/raddb/mssql.conf; Revision: 1.6;
Date: 2004/03/25 11:31:17; Author: phampson; Lines: (+5 -1)
File: radiusd/raddb/oraclesql.conf; Revision: 1.3;
Date: 2004/03/25 11:31:18; Author: phampson; Lines: (+5 -1)
File: radiusd/raddb/postgresql.conf; Revision: 1.15;
Date: 2004/03/25 11:31:18; Author: phampson; Lines: (+14 -0)
File: radiusd/raddb/sql.conf; Revision: 1.36;
Date: 2004/03/25 11:31:18; Author: phampson; Lines: (+5 -1)
File: radiusd/src/billing/pgsql-voip.conf; Revision: 1.9;
Date: 2004/03/25 11:31:18; Author: phampson; Lines: (+2 -0)
File: radiusd/src/modules/rlm_sql/conf.h; Revision: 1.18;
Date: 2004/03/25 11:31:18; Author: phampson; Lines: (+1 -0)
File: radiusd/src/modules/rlm_sql/rlm_sql.c; Revision: 1.124;
Date: 2004/03/25 11:31:18; Author: phampson; Lines: (+28 -8)
-------------------------------
Description:
We now have man pages
Modified files:
File: radiusd/doc/rlm_always; Revision: 1.2;
Date: 2004/03/25 19:17:30; Author: aland; Lines: (+0 -0)
File: radiusd/doc/rlm_expr; Revision: 1.3;
Date: 2004/03/25 19:25:37; Author: aland; Lines: (+1 -1)
File: radiusd/doc/rlm_mschap; Revision: 1.7;
Date: 2004/03/25 21:22:28; Author: aland; Lines: (+0 -0)
File: radiusd/doc/rlm_unix; Revision: 1.2;
Date: 2004/03/25 21:11:57; Author: aland; Lines: (+0 -0)
File: radiusd/man/man5/rlm_always.5; Revision: 1.2;
Date: 2004/03/25 19:17:30; Author: aland; Lines: (+36 -2)
File: radiusd/man/man5/rlm_expr.5; Revision: 1.2;
Date: 2004/03/25 19:25:37; Author: aland; Lines: (+31 -10)
File: radiusd/man/man5/rlm_mschap.5; Revision: 1.2;
Date: 2004/03/25 21:22:28; Author: aland; Lines: (+53 -3)
File: radiusd/man/man5/rlm_unix.5; Revision: 1.2;
Date: 2004/03/25 21:11:57; Author: aland; Lines: (+12 -8)
-------------------------------
Description:
Interix requires -D_ALL_SOURCE, for reasons known only to them.
Modified files:
File: radiusd/configure; Revision: 1.93;
Date: 2004/03/25 18:01:13; Author: aland; Lines: (+142 -136)
File: radiusd/configure.in; Revision: 1.196;
Date: 2004/03/25 18:01:13; Author: aland; Lines: (+12 -1)
=====================================================
Log entries
=====================================================
Description:
Updates
Modified files:
File: radiusd/doc/ChangeLog; Revision: 1.48;
Date: 2004/03/25 17:13:40; Author: aland; Lines: (+15 -2)
-------------------------------
Description:
We now have a man page. Updates should go there
Modified files:
File: radiusd/doc/rlm_acct_unique; Revision: 1.4;
Date: 2004/03/25 19:08:04; Author: aland; Lines: (+0 -0)
-------------------------------
Description:
More updates
Modified files:
File: radiusd/man/man5/rlm_acct_unique.5; Revision: 1.3;
Date: 2004/03/25 19:14:36; Author: aland; Lines: (+11 -1)
-------------------------------
Description:
A bit of updates
Modified files:
File: radiusd/man/man5/rlm_acct_unique.5; Revision: 1.2;
Date: 2004/03/25 19:07:31; Author: aland; Lines: (+13 -6)
-------------------------------
Description:
Document -v option.
Modified files:
File: radiusd/man/man8/radiusd.8; Revision: 1.9;
Date: 2004/03/25 11:38:35; Author: phampson; Lines: (+3 -0)
-------------------------------
Description:
Corrected typos, where 'test -f' didn't match 'echo'
Modified files:
File: radiusd/src/main/Makefile.in; Revision: 1.27;
Date: 2004/03/25 15:23:49; Author: aland; Lines: (+3 -3)
-------------------------------
Description:
Made rbtree code handling for proxying request live.
Chris Brotsos says that it's slower, but ~8 seconds over 50K
requests, which is negligible.
Having proper locking allows us to handle ID's on proxy packets
better.
Modified files:
File: radiusd/src/main/request_list.c; Revision: 1.30;
Date: 2004/03/25 17:05:55; Author: aland; Lines: (+28 -95)
=====================================================
Summary of modified files
=====================================================
File: radiusd/configure
Revisions: 1.93
Authors: aland (+142 -136)
-------------------------------
File: radiusd/configure.in
Revisions: 1.196
Authors: aland (+12 -1)
-------------------------------
File: radiusd/doc/ChangeLog
Revisions: 1.48, 1.47
Authors: aland (+15 -2), phampson (+2 -1)
-------------------------------
File: radiusd/doc/rlm_acct_unique
Revisions: 1.4
Authors: aland (+0 -0)
-------------------------------
File: radiusd/doc/rlm_always
Revisions: 1.2
Authors: aland (+0 -0)
-------------------------------
File: radiusd/doc/rlm_detail
Revisions: 1.10
Authors: aland (+0 -0)
-------------------------------
File: radiusd/doc/rlm_expr
Revisions: 1.3
Authors: aland (+1 -1)
-------------------------------
File: radiusd/doc/rlm_mschap
Revisions: 1.7
Authors: aland (+0 -0)
-------------------------------
File: radiusd/doc/rlm_unix
Revisions: 1.2
Authors: aland (+0 -0)
-------------------------------
File: radiusd/man/man5/rlm_acct_unique.5
Revisions: 1.3, 1.2
Authors: aland (+11 -1), aland (+13 -6)
-------------------------------
File: radiusd/man/man5/rlm_always.5
Revisions: 1.2
Authors: aland (+36 -2)
-------------------------------
File: radiusd/man/man5/rlm_detail.5
Revisions: 1.2
Authors: aland (+27 -15)
-------------------------------
File: radiusd/man/man5/rlm_expr.5
Revisions: 1.2
Authors: aland (+31 -10)
-------------------------------
File: radiusd/man/man5/rlm_mschap.5
Revisions: 1.2
Authors: aland (+53 -3)
-------------------------------
File: radiusd/man/man5/rlm_sql.5
Revisions: 1.2
Authors: phampson (+3 -1)
-------------------------------
File: radiusd/man/man5/rlm_unix.5
Revisions: 1.2
Authors: aland (+12 -8)
-------------------------------
File: radiusd/man/man8/radiusd.8
Revisions: 1.9
Authors: phampson (+3 -0)
-------------------------------
File: radiusd/raddb/mssql.conf
Revisions: 1.6
Authors: phampson (+5 -1)
-------------------------------
File: radiusd/raddb/oraclesql.conf
Revisions: 1.3
Authors: phampson (+5 -1)
-------------------------------
File: radiusd/raddb/postgresql.conf
Revisions: 1.15
Authors: phampson (+14 -0)
-------------------------------
File: radiusd/raddb/sql.conf
Revisions: 1.36
Authors: phampson (+5 -1)
-------------------------------
File: radiusd/src/billing/pgsql-voip.conf
Revisions: 1.9
Authors: phampson (+2 -0)
-------------------------------
File: radiusd/src/main/Makefile.in
Revisions: 1.27
Authors: aland (+3 -3)
-------------------------------
File: radiusd/src/main/request_list.c
Revisions: 1.30
Authors: aland (+28 -95)
-------------------------------
File: radiusd/src/modules/rlm_sql/conf.h
Revisions: 1.18
Authors: phampson (+1 -0)
-------------------------------
File: radiusd/src/modules/rlm_sql/rlm_sql.c
Revisions: 1.124
Authors: phampson (+28 -8)
--
Automatic cron job from /web/pages/us.freeradius.org/bin/new_makelog.pl
From freeradius-devel@lists.freeradius.org Fri Mar 26 16:19:10 2004
From: freeradius-devel@lists.freeradius.org (Alan DeKok)
Date: Fri, 26 Mar 2004 11:19:10 -0500
Subject: regex broken in current cvs
In-Reply-To: Your message of "Fri, 26 Mar 2004 16:58:02 +0930."
<1080286081.5419.13.camel@localhost.localdomain>
Message-ID: <20040326161910.B45B016DF5@mail.nitros9.org>
Malcolm Caldwell wrote:
> The problem is the code that substitutes %{0} %{1} etc is called even if
> no matches are found. On my redhat system the structure that has the
> offsets etc for the matches is not valid if there were no matches.
Ok..
> The following patch fixes this for me. (All that was needed was an if(
> arround the substitution code.)
It has another issue, too. If you do a regex compare with 4
returned values, and a later one with 2, the existing code still
leaves %{3} and %{4} around. They should be deleted.
The easiest way to fix both problems is a ~10 line patch, inside of
the loop. I'll commit something in a little while.
Alan DeKok.
From freeradius-devel@lists.freeradius.org Sat Mar 27 09:02:46 2004
From: freeradius-devel@lists.freeradius.org (Automatic cvs log generator)
Date: Sat, 27 Mar 2004 03:02:46 -0600 (CST)
Subject: Automatic report from sources (radiusd) between 26.03.2004 - 27.03.2004 GMT
Message-ID: <20040327090246.B9CFA774E5@webhost1.starnetusa.net>
CVS log entries from 26.03.2004 (Fri) 09:00:01 - 27.03.2004 (Sat) 09:00:02 GMT
=====================================================
Summary by authors
=====================================================
Author: aland
File: radiusd/src/main/xlat.c; Revisions: 1.70
File: radiusd/src/main/valuepair.c; Revisions: 1.58
File: radiusd/doc/variables.txt; Revisions: 1.12
=====================================================
Combined list of identical log entries
=====================================================
Description:
Allow only 0..8.
When we have a new match, delete all references to old matches.
If we didn't have a match, don't reference the rxmatch array,
and delete all references to old matches
Modified files:
File: radiusd/src/main/valuepair.c; Revision: 1.58;
Date: 2004/03/26 16:16:11; Author: aland; Lines: (+21 -6)
File: radiusd/src/main/xlat.c; Revision: 1.70;
Date: 2004/03/26 16:16:11; Author: aland; Lines: (+4 -4)
=====================================================
Log entries
=====================================================
Description:
Documented %{0} etc.
Modified files:
File: radiusd/doc/variables.txt; Revision: 1.12;
Date: 2004/03/26 19:18:17; Author: aland; Lines: (+23 -2)
=====================================================
Summary of modified files
=====================================================
File: radiusd/doc/variables.txt
Revisions: 1.12
Authors: aland (+23 -2)
-------------------------------
File: radiusd/src/main/valuepair.c
Revisions: 1.58
Authors: aland (+21 -6)
-------------------------------
File: radiusd/src/main/xlat.c
Revisions: 1.70
Authors: aland (+4 -4)
--
Automatic cron job from /web/pages/us.freeradius.org/bin/new_makelog.pl
From freeradius-devel@lists.freeradius.org Sun Mar 28 17:26:54 2004
From: freeradius-devel@lists.freeradius.org (Kevin Bonner)
Date: Sun, 28 Mar 2004 11:26:54 -0500
Subject: Preparation for 1.0.0 release of FreeRADIUS
In-Reply-To:
References:
Message-ID: <200403281126.56528.keb@pa.net>
=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Any plan to remove the deprecated files (clients, naslist, naspasswd, realm=
s)=20
for the 1.0.0 version, or is that scheduled for sometime later?
Kevin Bonner
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAZvzO/9i/ml3OBYMRAonrAJwIiIg3Z3/LQENlDjfUosyrJURpqwCff0dj
hwfq69NCCTLDAaH3E4t+iNw=3D
=3D/XU5
=2D----END PGP SIGNATURE-----
From freeradius-devel@lists.freeradius.org Sun Mar 28 23:11:27 2004
From: freeradius-devel@lists.freeradius.org (Paul Hampson)
Date: Mon, 29 Mar 2004 08:11:27 +1000
Subject: Preparation for 1.0.0 release of FreeRADIUS
In-Reply-To: <200403281126.56528.keb@pa.net>
References: <200403281126.56528.keb@pa.net>
Message-ID: <20040328221127.GA30392@yurika.videohost.com.au>
On Sun, Mar 28, 2004 at 11:26:54AM -0500, Kevin Bonner wrote:
> Any plan to remove the deprecated files (clients, naslist, naspasswd, realms)
> for the 1.0.0 version, or is that scheduled for sometime later?
Post 1.0.0. Pretty much the moment we branch, I expect.
--
Paul "TBBle" Hampson, on an alternate email client
From freeradius-devel@lists.freeradius.org Tue Mar 30 00:42:17 2004
From: freeradius-devel@lists.freeradius.org (Peter Nixon)
Date: Tue, 30 Mar 2004 02:42:17 +0300
Subject: Preparation for 1.0.0 release of FreeRADIUS
In-Reply-To: <20040328221127.GA30392@yurika.videohost.com.au>
References: <200403281126.56528.keb@pa.net> <20040328221127.GA30392@yurika.videohost.com.au>
Message-ID: <200403300242.18713.listuser@peternixon.net>
=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Monday 29 March 2004 01:11, Paul Hampson wrote:
> On Sun, Mar 28, 2004 at 11:26:54AM -0500, Kevin Bonner wrote:
> > Any plan to remove the deprecated files (clients, naslist, naspasswd,
> > realms) for the 1.0.0 version, or is that scheduled for sometime later?
>
> Post 1.0.0. Pretty much the moment we branch, I expect.
Sound reasonable to me. Version 1.0 should support "old" style radius still=
=2E.
=2D --=20
Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQFAaLRZAcdsUt9pJjwRAlUwAKCWeZ69M3hVmhJvlY4a7mSG4vXiWgCgzgAo
6jbhKgo3Qi0rHUJd52x0Qd0=3D
=3Dgug+
=2D----END PGP SIGNATURE-----
From freeradius-devel@lists.freeradius.org Tue Mar 30 01:09:33 2004
From: freeradius-devel@lists.freeradius.org (Peter Nixon)
Date: Tue, 30 Mar 2004 03:09:33 +0300
Subject: MySQL accounting and Cisco-AVPair
In-Reply-To: <35E044CAD856D3119384204C4F4F502044FCCF@sittserver>
References: <35E044CAD856D3119384204C4F4F502044FCCF@sittserver>
Message-ID: <200403300309.35279.listuser@peternixon.net>
=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 24 March 2004 17:03, Pugnaloni Federico wrote:
> Hi,
> i'm using FreeRADIUS Version 0.9.3on FreeBSD 4.9
> i'm using with a Cisco PIX to AAA internet access
> it works fine, but i need to store the Cisco-AVPair ip protocol info in
> radacct SQL table.
>
> As i can see in the detail accounting freeradius store Cisco-AVPair info
>
> -snip-
> Cisco-AVPair =3D "ip:source-ip=3D192.168.0.127"
> Cisco-AVPair =3D "ip:source-port=3D4051"
> Cisco-AVPair =3D "ip:destination-ip=3D10.10.10.1"
> Cisco-AVPair =3D "ip:destination-port=3D23"
> -snip
>
> but i cannot store this info on sql
> I've tried to modify sql.conf as is:
>
> accounting_stop_query_alt =3D "INSERT into ${acct_table2} (RadAcctId,
> AcctSessionId... AcctStopDelay) values('', '%{Acct-Session-Id}',
> '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}',
> '%{NAS-IP-Address}', '%{NAS-Port}'... '%{Cisco-AVPair}',
> '%{Cisco-AVPair}'..}')"
>
> but it returns only the first instance of Cisco-AVPair
> ("ip:source-ip=3D192.168.0.127")
>
> how can i store all the values?
>
> i've seen something about vsa_hack, but it seems works only with h323...
Alan, I think this needs to be added to the dictionary to work properly, bu=
t=20
does FreeRADIUS support dictionary values with colon (:) in them?
http://cisco.com/en/US/products/sw/secursw/ps2086/products_user_guide_chapt=
er09186a0080102172.html#1657
Vendor-Specific 26
Allows vendors to support their own extended attributes. The Cisco RADIUS=20
implementation supports one vendor-specific option using the format=20
recommended in the specification. The Cisco vendor-ID is 9, and the support=
ed=20
option is vendor-type 1, cisco-avpair. The value is a string of the format:
protocol:attribute sep value
protocol is a value of the Cisco protocol attribute for a particular type o=
f=20
authorization. Attribute and value are an appropriate AV pair defined in th=
e=20
Cisco TACACS+ specification, and "sep" is "=3D" for mandatory attributes an=
d=20
"*" for optional attributes. This allows the full set of TACACS+=20
authorization features to be used for RADIUS. The following is an example:
cisco-avpair=3D "ip:addr-pool=3Dfirst"
cisco-avpair=3D "shell:priv-lvl=3D15"
The first example causes the Cisco multiple named IP address pools feature =
to=20
be activated during IP authorization (during PPP IPCP address assignment).=
=20
The second example causes a user of a device-hosted administrative session =
to=20
have immediate access to EXEC commands.
=2D --=20
Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQFAaLq9AcdsUt9pJjwRAlAiAKCtt+MeU4KrPDRuCdb5RSxdG0iMIQCgt3aQ
DpNYwNF67vMDkv12eSKwGM0=3D
=3DlzyG
=2D----END PGP SIGNATURE-----
From freeradius-devel@lists.freeradius.org Tue Mar 30 00:41:17 2004
From: freeradius-devel@lists.freeradius.org (Peter Nixon)
Date: Tue, 30 Mar 2004 02:41:17 +0300
Subject: We should release 1.0.
In-Reply-To:
References:
Message-ID: <200403300241.25681.listuser@peternixon.net>
=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 25 March 2004 23:37, Paul Hampson wrote:
> > From: Alan DeKok
> > Sent: Friday, 26 March 2004 4:57 AM
> >
> > It's been too long since 0.9. We need to release 1.0.
> >
> > Any objections?
> >
> > I've out of the country next week, and won't be able to answer email
> > then, but let's target the end of April for at least a pre-release.
>
> I'm down with that. I was just thinking about it myself, actually.
>
> Well, shall we consider April to be a month of developer-stabilisation?
>
> Less worry about missing features, and instead hunt your most and
> least favorite bugs. And write documentation. And update the
> ChangeLog with things you've done and forgotten to document.
Luckily I have recently had someone pay for me to spend some time working o=
n=20
the VoIP accounting configs. I have committed a bunch of cleanups and suppo=
rt=20
for Cisco SIP gear as well as H323 gear. I am hoping to clean up the docs=20
some more before 1.0 also but it will depend on my work schedule.
I few SuSE build script updates from the upcoming SuSE 9.1 need to be=20
committed this week also. Thanks goes to the guys at SuSE. You know who you=
=20
are :-)
> (I'll see if I can find time to cruise through the CVS commit history
> for any missing gems as well.)
>
> And get people to build things on the weirdest architectures they
> can. This means you, OpenBSD! :-)
If I have time I shall try to build it on some OSX boxes I have at my dispo=
sal=20
currently.
> If we're happy with this, we need to post to the -users list, reminding
> people of bugzilla, and to go report things there. This includes things
> like unclear/absent documentation which would otherwise just become a
> complaint on the list. (I suspect... :-)
>
> On the topic of Bugzilla, maybe we should go through and mark things
> that won't be done before 1.0.0 (difficult features or whatever) with
> 'LATER'? Alternatively, make that "We need to release 1.0.0" dependant
> on any other show-stopping bugs... (Assuming we get nasty bugs people
> have failed to report...)
>
> If we branch for -pre1 on May first. (Or so) We can hopefully ship a
> -pre every week, with final release of 1.0.0 at the beginning of June.
> This'll give us four weeks of user testing... Obviously it has to be
> flexible. :-)
>
> (I must say I'd hoped to autoconf2.5-ise the build system for 1.0.0
> but I won't have time to do that sort of hackery until June anyway,
> so right after 1.0.0 ships seems like a good time to do it. That way
> if things get broken, people can use 1.0.0 without losing functionality.)
Pity. I would be nice to have the whole build system work on current versio=
ns=20
of Linux.. Oh well :-(
=2D --=20
Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQFAaLQjAcdsUt9pJjwRAnvqAKD0sm7biwldgCcDDU9iP9N412UHzQCdHjdg
tWbuyJdO3sFO6gP6n2VYqEE=3D
=3DiSMo
=2D----END PGP SIGNATURE-----
From freeradius-devel@lists.freeradius.org Tue Mar 30 03:59:41 2004
From: freeradius-devel@lists.freeradius.org (freeradius-devel@lists.freeradius.org)
Date: Tue, 30 Mar 2004 02:59:41 GMT
Subject: '%{NAS-Port}' vs. NASPortId INTEGER
Message-ID: <20040330025941.19213.qmail@mail.ruralnetwork.net>
I believe I have found some code that needs to be updated to reflect that
NAS-Port is not necessarily an integer.
Specifically, using rlm_sql with a Postgresql 7.4.1 backend and the
Freeradius 20040327 snapshot, an administrative login to a Livingston
Portmaster 2e sends accounting packets to freeradius with a empty NASPortID
value. As of Postgresql 7.4.0, trying to insert an empty value into an
integer field throws an error. (Older versions of Postgresql would
automagically insert a 0 instead.)
Here is the log:
postgres[7475]: [905-1] ERROR: invalid input syntax for integer: ""
postgres[7475]: [905-2] STATEMENT: INSERT into radacct ^I^I(AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType,
postgres[7475]: [905-3] AcctStartTime, AcctAuthentic,^I^IConnectInfo_start,
CalledStationId, CallingStationId, ServiceType, FramedProtocol,
postgres[7475]: [905-4] FramedIPAddress, AcctStartDelay)
^I^Ivalues('41000008', '04d75732c2c3d0fd', 'admin', '', '66.232.94.250',
^I^I'', '', (now() -
postgres[7475]: [905-5] '0'::interval), 'Local', '', ^I^I'', '',
'Administrative-User', '', ^I^INULLIF('', '')::inet, '0')
postgres[7475]: [906-1] DEBUG: AbortCurrentTransaction
postgres[30710]: [904-1] DEBUG: child process (PID 7475) exited with exit
code 0
If I modify the definition of the NASPortId field for the raddct table in
the db_postgresql.sql file
from:
NASPortId INTEGER,
to:
NASPortId VARCHAR(32),
the problme seems to go away and freeradius continues to work normally.
The other database drivers for freeradius also define NASPortId as an
integer.
--
Scott Langley
scott@ruralnetwork.net
Systems AdministratorNASPortId
Rural Network Services
From freeradius-devel@lists.freeradius.org Tue Mar 30 06:13:59 2004
From: freeradius-devel@lists.freeradius.org (Matthew Schumacher)
Date: Mon, 29 Mar 2004 20:13:59 -0900
Subject: '%{NAS-Port}' vs. NASPortId INTEGER
In-Reply-To: <20040330025941.19213.qmail@mail.ruralnetwork.net>
References: <20040330025941.19213.qmail@mail.ruralnetwork.net>
Message-ID: <40690217.3080801@aptalaska.net>
Scott,
If you change your data type then you are inserting a null value into
your database. It is generally much better to use a value for 0 or null.
If you use %{NAS-Port:-0} then it will use %{NAS-Port} except when it
is missing where it will use 0 as the default.
HTH,
schu
scott@ruralnetwork.net wrote:
> I believe I have found some code that needs to be updated to reflect
> that NAS-Port is not necessarily an integer.
> Specifically, using rlm_sql with a Postgresql 7.4.1 backend and the
> Freeradius 20040327 snapshot, an administrative login to a Livingston
> Portmaster 2e sends accounting packets to freeradius with a empty
> NASPortID value. As of Postgresql 7.4.0, trying to insert an empty
> value into an integer field throws an error. (Older versions of
> Postgresql would automagically insert a 0 instead.)
> Here is the log:
> postgres[7475]: [905-1] ERROR: invalid input syntax for integer: ""
> postgres[7475]: [905-2] STATEMENT: INSERT into radacct
> ^I^I(AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress,
> NASPortId, NASPortType,
> postgres[7475]: [905-3] AcctStartTime,
> AcctAuthentic,^I^IConnectInfo_start, CalledStationId, CallingStationId,
> ServiceType, FramedProtocol,
> postgres[7475]: [905-4] FramedIPAddress, AcctStartDelay)
> ^I^Ivalues('41000008', '04d75732c2c3d0fd', 'admin', '', '66.232.94.250',
> ^I^I'', '', (now() -
> postgres[7475]: [905-5] '0'::interval), 'Local', '', ^I^I'', '',
> 'Administrative-User', '', ^I^INULLIF('', '')::inet, '0')
> postgres[7475]: [906-1] DEBUG: AbortCurrentTransaction
> postgres[30710]: [904-1] DEBUG: child process (PID 7475) exited with
> exit code 0
> If I modify the definition of the NASPortId field for the raddct table
> in the db_postgresql.sql file
> from:
> NASPortId INTEGER,
> to:
> NASPortId VARCHAR(32),
> the problme seems to go away and freeradius continues to work normally.
> The other database drivers for freeradius also define NASPortId as an
> integer.
> --
> Scott Langley
> scott@ruralnetwork.net
> Systems AdministratorNASPortId
> Rural Network Services
>
> - List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/devel.html
>
From freeradius-devel@lists.freeradius.org Tue Mar 30 08:04:32 2004
From: freeradius-devel@lists.freeradius.org (Malcolm Caldwell)
Date: Tue, 30 Mar 2004 16:34:32 +0930
Subject: regex broken in current cvs
In-Reply-To: <1080286081.5419.13.camel@localhost.localdomain>
References: <1080286081.5419.13.camel@localhost.localdomain>
Message-ID: <1080630272.6341.4.camel@localhost.localdomain>
Alan's change still does not fix things properly:
I get a segfault on the case where the regex fails compleatly
eg
DEFAULT User-Name =~ "^s[0-9]+$"
When receiving a request with User-Name of "fred" segfaults. On line
fix.
diff -u -r1.58 valuepair.c
--- valuepair.c 26 Mar 2004 16:16:11 -0000 1.58
+++ valuepair.c 30 Mar 2004 06:59:09 -0000
@@ -380,7 +380,7 @@
* Didn't match: delete old
* match, if it existed.
*/
- if ((compare == 0) ||
+ if ((compare != 0) ||
(rxmatch[i].rm_so == -1)) {
p = request_data_get(request, request,
REQUEST_DATA_REGEX | i);
From freeradius-devel@lists.freeradius.org Tue Mar 30 16:20:27 2004
From: freeradius-devel@lists.freeradius.org (=?iso-8859-1?q?Aurelien=20Magniez?=)
Date: Tue, 30 Mar 2004 17:20:27 +0200 (CEST)
Subject: Problem of c++ module instantiation
Message-ID: <20040330152028.83534.qmail@web40406.mail.yahoo.com>
Hi,
I'm working on a new EAP method and the latest
snapshot of FreeRadius. In this context, I would like
to use C++ for many reasons.
I found an old thread
(http://lists.cistron.nl/pipermail/freeradius-devel/2003-September/005877.html)
which gives a patch in order to use a C++ module. I
also modified the following files, ie adding (if
defined(__cplusplus)....) :
eap.h
eap_types.h
rlm_eap.h
The compilation and the linking phase is ok. I have
the rlm_eap_psk.la file.
But when I launch radius, I have the following message
: Failed to link ... : file not found
(but the file is in the right directory)
I'm not sure that I did all the required modifications
in order to manage c++ module.
Thanks for your help.
Aurelien
Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout !
Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/
Dialoguez en direct avec vos amis grâce à Yahoo! Messenger !Téléchargez Yahoo! Messenger sur http://fr.messenger.yahoo.com
From freeradius-devel@lists.freeradius.org Wed Mar 31 09:32:57 2004
From: freeradius-devel@lists.freeradius.org (=?iso-8859-1?Q?Pascal_S=E9guy?=)
Date: Wed, 31 Mar 2004 10:32:57 +0200
Subject: Problem of c++ module instantiation
References: <20040330152028.83534.qmail@web40406.mail.yahoo.com>
Message-ID: <002301c416fa$dac42820$05ca10ac@chinook>
----- Original Message -----=20
From: "Aurelien Magniez"
To:
Sent: Tuesday, March 30, 2004 5:20 PM
Subject: Problem of c++ module instantiation
>
> The compilation and the linking phase is ok. I have
> the rlm_eap_psk.la file.
>
> But when I launch radius, I have the following message
> : Failed to link ... : file not found
> (but the file is in the right directory)
I have written many modules in C++ with this patch (on FreeBSD 4x).
Be shure to "make install" in your modules/rlm_... directory.
---
Pascal S=E9guy
From freeradius-devel@lists.freeradius.org Wed Mar 31 11:13:45 2004
From: freeradius-devel@lists.freeradius.org (Wolfgang Hottgenroth)
Date: Wed, 31 Mar 2004 12:13:45 +0200
Subject: Modification of rlm_cdb module
Message-ID:
Hi,
I've slightly modified the rlm_cdb module (which I like to contribute).
All directly CDB related code was separated into an extra module
(rlm_cdbaccess), which provides no functionality directly usable
through the radiusd.con but only functions to be used by other
modules. (Just like rlm_expr, as far as I can see ...)
This rlm_cdbaccess is self-contained, all required source files and
headers to read the CDB are included, following the proposal by
Bernstein.
It just must be added to the modules section without any configuration
and to the instantiate section.
The usage of the rlm_cdb has not changed, just the build
process. Since rlm_cdbaccess is self-contained and rlm_cdb only uses
rlm_cdbaccess no configure is required, just make.
The code, documentation for both modules and a patch to be applied
against 0.9.3 is available at http://www.hottis.de/freeradius
Once again I invite you to have a look.
Could you give me some advice what I have to do to get this into the
'official' FreeRADIUS source tree?
Thanks,
Wolfgang
From freeradius-devel@lists.freeradius.org Wed Mar 31 13:19:15 2004
From: freeradius-devel@lists.freeradius.org (Paul Hampson)
Date: Wed, 31 Mar 2004 22:19:15 +1000
Subject: Modification of rlm_cdb module
In-Reply-To:
References:
Message-ID: <20040331121914.GA27434@yurika.videohost.com.au>
On Wed, Mar 31, 2004 at 12:13:45PM +0200, Wolfgang Hottgenroth wrote:
> I've slightly modified the rlm_cdb module (which I like to contribute).
> All directly CDB related code was separated into an extra module
> (rlm_cdbaccess), which provides no functionality directly usable
> through the radiusd.con but only functions to be used by other
> modules. (Just like rlm_expr, as far as I can see ...)
> This rlm_cdbaccess is self-contained, all required source files and
> headers to read the CDB are included, following the proposal by
> Bernstein.
> It just must be added to the modules section without any configuration
> and to the instantiate section.
> The usage of the rlm_cdb has not changed, just the build
> process. Since rlm_cdbaccess is self-contained and rlm_cdb only uses
> rlm_cdbaccess no configure is required, just make.
> The code, documentation for both modules and a patch to be applied
> against 0.9.3 is available at http://www.hottis.de/freeradius
> Once again I invite you to have a look.
> Could you give me some advice what I have to do to get this into the
> 'official' FreeRADIUS source tree?
The first piece of advice would be to create a patch against CVS Head,
since the people who're most likely to test it are those who're
building CVS Head builds every so often.
Does your patch also update the config files and documentation (as
appropriate?)
I'm not totally up on CDB, I'm guessing it's something like DBM/GDBM?
Would it make sense to abstract the DBM backend from the front end,
so we can have rlm_dbm which has backends for DBM, GDBM and CDB?
(Like rlm_sql is)
Also, what is the license of CDB? I'd prefer to use a shared library
if such is common. If I recall correctly, DJ Bernstein releases
software that is not compatible with the GPL, so there's prolly a
thorny license issue here.
The other thing I can suggest is to convince someone else to use it.
Once we have some good testimonials, it'll have a shot at going into
CVS. If it's not too intrusive, and it comes together before mid-April,
you _might_ (that's _might_. Entirely at the whimsy of the developers.
:-) make into the 1.0.0 release.
Just some thoughts. I've no time to review the code myself this week.
--
Paul "TBBle" Hampson, on an alternate email client.
From freeradius-devel@lists.freeradius.org Wed Mar 31 14:17:34 2004
From: freeradius-devel@lists.freeradius.org (Wolfgang Hottgenroth)
Date: Wed, 31 Mar 2004 15:17:34 +0200
Subject: Modification of rlm_cdb module
In-Reply-To: <20040331121914.GA27434@yurika.videohost.com.au>
References:
<20040331121914.GA27434@yurika.videohost.com.au>
Message-ID:
At Wed, 31 Mar 2004 22:19:15 +1000,
Paul Hampson wrote:
>
> On Wed, Mar 31, 2004 at 12:13:45PM +0200, Wolfgang Hottgenroth wrote:
> > I've slightly modified the rlm_cdb module (which I like to contribute).
> > [...]
> > Could you give me some advice what I have to do to get this into the
> > 'official' FreeRADIUS source tree?
>
> The first piece of advice would be to create a patch against CVS Head,
> [...]
Thank you for that advice.
I will provide a patch against CVS HEAD soon. No problem at all, since
only files are added (expect raddb/experimental.conf).
config (experimental.conf) is patched too, documentation is also
provided, using the 'template' posted to this list by Gustavo few days
ago. The patch will also add this documentation files. manpages are
currently not available.
> I'm not totally up on CDB, I'm guessing it's something like DBM/GDBM?
>
> Would it make sense to abstract the DBM backend from the front end,
> so we can have rlm_dbm which has backends for DBM, GDBM and CDB?
> (Like rlm_sql is)
It is something like that indeed and that kind of abstraction makes
definitely sense. Although I would like it a bit different: rlm_sql
has its drivers below in the directory hierarchy. I've separated the
cdb access code into its own module since I'll come with another
module also using cdb files soon and this one should share code with
the current rlm_cdb.
So, what I would like to have these associative database drivers with
an abstraction layer on top on the "main" module level (I mean: in
src/modules), reachable for more than one other module.
> Also, what is the license of CDB? I'd prefer to use a shared library
> if such is common. If I recall correctly, DJ Bernstein releases
> software that is not compatible with the GPL, so there's prolly a
> thorny license issue here.
Well. GPL is it definitely not. I've re-read it multiple times, since
I also don't want to get in conflict with Bernstein when putting this
stuff on my webpage and what I understood is: the tarball and the
build environment may be use and distributed unmodified but the source
code is in the public domain. Doesn't this mean: 'take it and do what
you like with it'?
This is also what I've understood from the docs of the freecdb Debian
package and the FreeBSD cdb port.
> The other thing I can suggest is to convince someone else to use it.
> Once we have some good testimonials, it'll have a shot at going into
Well. I'll try.
Ah: it compiles and works without problems on Linux, FreeBSD, Solaris
6 and Solaris 8.
For my employer we are using this modules in a project with about
500,000 accounts.
Thanks so far,
Wolfgang
From freeradius-devel@lists.freeradius.org Wed Mar 31 22:16:25 2004
From: freeradius-devel@lists.freeradius.org (D greene)
Date: Wed, 31 Mar 2004 21:16:25 +0000
Subject: freeradius and cygwin - install errors
Message-ID:
Hello all,
First thanks to those for finally getting it to compile w/o errors under
cygwin w/o patches! (I'm using latest snapshot 3-31-04)
However I did notice that although there were no errors the following
modules weren't built:
rlm_krb5, rlm_ldap, rlm_pam
And I'm having problems with "make install" with the following modules:
rlm_dbm:
install-sh -c -m 755 rlm_dbm_parser /usr/local/bin
cp: `rlm_dbm_parser' and `/usr/local/bin/#inst.2372#' are the same file
rlm_eap:
install-sh -c -m 755 radeapclient /usr/local/bin
cp: `radeapclient' and `/usr/local/bin/#inst.1508#' are the same file
rlm_ippool:
install-sh -c -m 755 rlm_ippool_tool /usr/local/bin
cp: `rlm_ippool_tool' and `/usr/local/bin/#inst.3452#' are the same file
rlm_mschap:
install-sh -c -m 755 smbencrypt /usr/local/bin
cp: `smbencrypt' and `/usr/local/bin/#inst.3304#' are the same file
thanks,
dgreene
_________________________________________________________________
MSN Toolbar provides one-click access to Hotmail from any Web page – FREE
download! http://toolbar.msn.com/go/onm00200413ave/direct/01/