#
1.36 |
|
14-Feb-2024 |
jsg |
avoid use after free of q found by smatch, ok miod@ deraadt@
|
#
1.35 |
|
09-Feb-2024 |
yasuoka |
Refactor some functions to prepare accounting support.
|
#
1.34 |
|
08-Jan-2024 |
yasuoka |
Pass the request packet to response decorations for future use. This is required for many cases and will be used future.
|
#
1.33 |
|
23-Oct-2023 |
yasuoka |
Fix radiusd(8) to fixup MPPE-{Send,Recv}-Key and Tunnel-Password attributes of the response properly.
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.32 |
|
08-Sep-2023 |
yasuoka |
Add request or response decoration feature which is used through the radiusd module interface. This makes additional modules can modify RADIUS request or response messages. Also add new "radius_standard" module which uses this new feature, provides some generic features like "strip-atmark-realm" which removes the realm part from the User-Name attribute. from IIJ.
|
#
1.31 |
|
05-Sep-2023 |
yasuoka |
Refuse an incomplete config, an authentication block which doesn't have authentication module. The code doesn't expect this.
|
#
1.30 |
|
04-Sep-2023 |
yasuoka |
Revert previous. It caused the stdio of the modules be NONBLOCK. Generally programs don't expect that.
|
#
1.29 |
|
04-Sep-2023 |
yasuoka |
Specify SOCK_NONBLOCK for socketpair(2) instead of fcntl(2).
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.28 |
|
28-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte any parts of his diff not taken are noted on tech
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.27 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.26 |
|
03-Apr-2019 |
yasuoka |
Fix the bug that radius module didn't work when the size of radius message changes.
|
#
1.25 |
|
01-Apr-2019 |
yasuoka |
Pass the debug status to modules. Also some non functional changes (comment, log message, and rearrange lines).
|
#
1.24 |
|
01-Apr-2019 |
yasuoka |
Update authenticator and message authenticator always. Previous was to keep the original authenticators and modify them only if needed. But actually, there supposed to be no case such that the original authenticators can be used for the client. Original diff from IIJ.
|
#
1.23 |
|
31-Mar-2019 |
yasuoka |
Remove "proc" from pledge(2) since it is not needed even ifdef RADIUSD_DEBUG.
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.22 |
|
09-Oct-2018 |
yasuoka |
Fix a spelling in log messages. diff from Lukasz Ratajski
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
#
1.35 |
|
09-Feb-2024 |
yasuoka |
Refactor some functions to prepare accounting support.
|
#
1.34 |
|
08-Jan-2024 |
yasuoka |
Pass the request packet to response decorations for future use. This is required for many cases and will be used future.
|
#
1.33 |
|
23-Oct-2023 |
yasuoka |
Fix radiusd(8) to fixup MPPE-{Send,Recv}-Key and Tunnel-Password attributes of the response properly.
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.32 |
|
08-Sep-2023 |
yasuoka |
Add request or response decoration feature which is used through the radiusd module interface. This makes additional modules can modify RADIUS request or response messages. Also add new "radius_standard" module which uses this new feature, provides some generic features like "strip-atmark-realm" which removes the realm part from the User-Name attribute. from IIJ.
|
#
1.31 |
|
05-Sep-2023 |
yasuoka |
Refuse an incomplete config, an authentication block which doesn't have authentication module. The code doesn't expect this.
|
#
1.30 |
|
04-Sep-2023 |
yasuoka |
Revert previous. It caused the stdio of the modules be NONBLOCK. Generally programs don't expect that.
|
#
1.29 |
|
04-Sep-2023 |
yasuoka |
Specify SOCK_NONBLOCK for socketpair(2) instead of fcntl(2).
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.28 |
|
28-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte any parts of his diff not taken are noted on tech
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.27 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.26 |
|
03-Apr-2019 |
yasuoka |
Fix the bug that radius module didn't work when the size of radius message changes.
|
#
1.25 |
|
01-Apr-2019 |
yasuoka |
Pass the debug status to modules. Also some non functional changes (comment, log message, and rearrange lines).
|
#
1.24 |
|
01-Apr-2019 |
yasuoka |
Update authenticator and message authenticator always. Previous was to keep the original authenticators and modify them only if needed. But actually, there supposed to be no case such that the original authenticators can be used for the client. Original diff from IIJ.
|
#
1.23 |
|
31-Mar-2019 |
yasuoka |
Remove "proc" from pledge(2) since it is not needed even ifdef RADIUSD_DEBUG.
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.22 |
|
09-Oct-2018 |
yasuoka |
Fix a spelling in log messages. diff from Lukasz Ratajski
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
#
1.34 |
|
08-Jan-2024 |
yasuoka |
Pass the request packet to response decorations for future use. This is required for many cases and will be used future.
|
#
1.33 |
|
23-Oct-2023 |
yasuoka |
Fix radiusd(8) to fixup MPPE-{Send,Recv}-Key and Tunnel-Password attributes of the response properly.
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.32 |
|
08-Sep-2023 |
yasuoka |
Add request or response decoration feature which is used through the radiusd module interface. This makes additional modules can modify RADIUS request or response messages. Also add new "radius_standard" module which uses this new feature, provides some generic features like "strip-atmark-realm" which removes the realm part from the User-Name attribute. from IIJ.
|
#
1.31 |
|
05-Sep-2023 |
yasuoka |
Refuse an incomplete config, an authentication block which doesn't have authentication module. The code doesn't expect this.
|
#
1.30 |
|
04-Sep-2023 |
yasuoka |
Revert previous. It caused the stdio of the modules be NONBLOCK. Generally programs don't expect that.
|
#
1.29 |
|
04-Sep-2023 |
yasuoka |
Specify SOCK_NONBLOCK for socketpair(2) instead of fcntl(2).
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.28 |
|
28-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte any parts of his diff not taken are noted on tech
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.27 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.26 |
|
03-Apr-2019 |
yasuoka |
Fix the bug that radius module didn't work when the size of radius message changes.
|
#
1.25 |
|
01-Apr-2019 |
yasuoka |
Pass the debug status to modules. Also some non functional changes (comment, log message, and rearrange lines).
|
#
1.24 |
|
01-Apr-2019 |
yasuoka |
Update authenticator and message authenticator always. Previous was to keep the original authenticators and modify them only if needed. But actually, there supposed to be no case such that the original authenticators can be used for the client. Original diff from IIJ.
|
#
1.23 |
|
31-Mar-2019 |
yasuoka |
Remove "proc" from pledge(2) since it is not needed even ifdef RADIUSD_DEBUG.
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.22 |
|
09-Oct-2018 |
yasuoka |
Fix a spelling in log messages. diff from Lukasz Ratajski
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
#
1.33 |
|
23-Oct-2023 |
yasuoka |
Fix radiusd(8) to fixup MPPE-{Send,Recv}-Key and Tunnel-Password attributes of the response properly.
|
Revision tags: OPENBSD_7_4_BASE
|
#
1.32 |
|
08-Sep-2023 |
yasuoka |
Add request or response decoration feature which is used through the radiusd module interface. This makes additional modules can modify RADIUS request or response messages. Also add new "radius_standard" module which uses this new feature, provides some generic features like "strip-atmark-realm" which removes the realm part from the User-Name attribute. from IIJ.
|
#
1.31 |
|
05-Sep-2023 |
yasuoka |
Refuse an incomplete config, an authentication block which doesn't have authentication module. The code doesn't expect this.
|
#
1.30 |
|
04-Sep-2023 |
yasuoka |
Revert previous. It caused the stdio of the modules be NONBLOCK. Generally programs don't expect that.
|
#
1.29 |
|
04-Sep-2023 |
yasuoka |
Specify SOCK_NONBLOCK for socketpair(2) instead of fcntl(2).
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.28 |
|
28-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte any parts of his diff not taken are noted on tech
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.27 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.26 |
|
03-Apr-2019 |
yasuoka |
Fix the bug that radius module didn't work when the size of radius message changes.
|
#
1.25 |
|
01-Apr-2019 |
yasuoka |
Pass the debug status to modules. Also some non functional changes (comment, log message, and rearrange lines).
|
#
1.24 |
|
01-Apr-2019 |
yasuoka |
Update authenticator and message authenticator always. Previous was to keep the original authenticators and modify them only if needed. But actually, there supposed to be no case such that the original authenticators can be used for the client. Original diff from IIJ.
|
#
1.23 |
|
31-Mar-2019 |
yasuoka |
Remove "proc" from pledge(2) since it is not needed even ifdef RADIUSD_DEBUG.
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.22 |
|
09-Oct-2018 |
yasuoka |
Fix a spelling in log messages. diff from Lukasz Ratajski
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
#
1.32 |
|
08-Sep-2023 |
yasuoka |
Add request or response decoration feature which is used through the radiusd module interface. This makes additional modules can modify RADIUS request or response messages. Also add new "radius_standard" module which uses this new feature, provides some generic features like "strip-atmark-realm" which removes the realm part from the User-Name attribute. from IIJ.
|
#
1.31 |
|
05-Sep-2023 |
yasuoka |
Refuse an incomplete config, an authentication block which doesn't have authentication module. The code doesn't expect this.
|
#
1.30 |
|
04-Sep-2023 |
yasuoka |
Revert previous. It caused the stdio of the modules be NONBLOCK. Generally programs don't expect that.
|
#
1.29 |
|
04-Sep-2023 |
yasuoka |
Specify SOCK_NONBLOCK for socketpair(2) instead of fcntl(2).
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.28 |
|
28-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte any parts of his diff not taken are noted on tech
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.27 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.26 |
|
03-Apr-2019 |
yasuoka |
Fix the bug that radius module didn't work when the size of radius message changes.
|
#
1.25 |
|
01-Apr-2019 |
yasuoka |
Pass the debug status to modules. Also some non functional changes (comment, log message, and rearrange lines).
|
#
1.24 |
|
01-Apr-2019 |
yasuoka |
Update authenticator and message authenticator always. Previous was to keep the original authenticators and modify them only if needed. But actually, there supposed to be no case such that the original authenticators can be used for the client. Original diff from IIJ.
|
#
1.23 |
|
31-Mar-2019 |
yasuoka |
Remove "proc" from pledge(2) since it is not needed even ifdef RADIUSD_DEBUG.
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.22 |
|
09-Oct-2018 |
yasuoka |
Fix a spelling in log messages. diff from Lukasz Ratajski
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
#
1.31 |
|
05-Sep-2023 |
yasuoka |
Refuse an incomplete config, an authentication block which doesn't have authentication module. The code doesn't expect this.
|
#
1.30 |
|
04-Sep-2023 |
yasuoka |
Revert previous. It caused the stdio of the modules be NONBLOCK. Generally programs don't expect that.
|
#
1.29 |
|
04-Sep-2023 |
yasuoka |
Specify SOCK_NONBLOCK for socketpair(2) instead of fcntl(2).
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.28 |
|
28-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte any parts of his diff not taken are noted on tech
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.27 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.26 |
|
03-Apr-2019 |
yasuoka |
Fix the bug that radius module didn't work when the size of radius message changes.
|
#
1.25 |
|
01-Apr-2019 |
yasuoka |
Pass the debug status to modules. Also some non functional changes (comment, log message, and rearrange lines).
|
#
1.24 |
|
01-Apr-2019 |
yasuoka |
Update authenticator and message authenticator always. Previous was to keep the original authenticators and modify them only if needed. But actually, there supposed to be no case such that the original authenticators can be used for the client. Original diff from IIJ.
|
#
1.23 |
|
31-Mar-2019 |
yasuoka |
Remove "proc" from pledge(2) since it is not needed even ifdef RADIUSD_DEBUG.
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.22 |
|
09-Oct-2018 |
yasuoka |
Fix a spelling in log messages. diff from Lukasz Ratajski
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
#
1.29 |
|
04-Sep-2023 |
yasuoka |
Specify SOCK_NONBLOCK for socketpair(2) instead of fcntl(2).
|
Revision tags: OPENBSD_7_3_BASE
|
#
1.28 |
|
28-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte any parts of his diff not taken are noted on tech
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.27 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.26 |
|
03-Apr-2019 |
yasuoka |
Fix the bug that radius module didn't work when the size of radius message changes.
|
#
1.25 |
|
01-Apr-2019 |
yasuoka |
Pass the debug status to modules. Also some non functional changes (comment, log message, and rearrange lines).
|
#
1.24 |
|
01-Apr-2019 |
yasuoka |
Update authenticator and message authenticator always. Previous was to keep the original authenticators and modify them only if needed. But actually, there supposed to be no case such that the original authenticators can be used for the client. Original diff from IIJ.
|
#
1.23 |
|
31-Mar-2019 |
yasuoka |
Remove "proc" from pledge(2) since it is not needed even ifdef RADIUSD_DEBUG.
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.22 |
|
09-Oct-2018 |
yasuoka |
Fix a spelling in log messages. diff from Lukasz Ratajski
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
#
1.28 |
|
28-Dec-2022 |
jmc |
spelling fixes; from paul tagliamonte any parts of his diff not taken are noted on tech
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.27 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.26 |
|
03-Apr-2019 |
yasuoka |
Fix the bug that radius module didn't work when the size of radius message changes.
|
#
1.25 |
|
01-Apr-2019 |
yasuoka |
Pass the debug status to modules. Also some non functional changes (comment, log message, and rearrange lines).
|
#
1.24 |
|
01-Apr-2019 |
yasuoka |
Update authenticator and message authenticator always. Previous was to keep the original authenticators and modify them only if needed. But actually, there supposed to be no case such that the original authenticators can be used for the client. Original diff from IIJ.
|
#
1.23 |
|
31-Mar-2019 |
yasuoka |
Remove "proc" from pledge(2) since it is not needed even ifdef RADIUSD_DEBUG.
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.22 |
|
09-Oct-2018 |
yasuoka |
Fix a spelling in log messages. diff from Lukasz Ratajski
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
#
1.27 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.26 |
|
03-Apr-2019 |
yasuoka |
Fix the bug that radius module didn't work when the size of radius message changes.
|
#
1.25 |
|
01-Apr-2019 |
yasuoka |
Pass the debug status to modules. Also some non functional changes (comment, log message, and rearrange lines).
|
#
1.24 |
|
01-Apr-2019 |
yasuoka |
Update authenticator and message authenticator always. Previous was to keep the original authenticators and modify them only if needed. But actually, there supposed to be no case such that the original authenticators can be used for the client. Original diff from IIJ.
|
#
1.23 |
|
31-Mar-2019 |
yasuoka |
Remove "proc" from pledge(2) since it is not needed even ifdef RADIUSD_DEBUG.
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.22 |
|
09-Oct-2018 |
yasuoka |
Fix a spelling in log messages. diff from Lukasz Ratajski
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
Revision tags: OPENBSD_6_5_BASE
|
#
1.26 |
|
03-Apr-2019 |
yasuoka |
Fix the bug that radius module didn't work when the size of radius message changes.
|
#
1.25 |
|
01-Apr-2019 |
yasuoka |
Pass the debug status to modules. Also some non functional changes (comment, log message, and rearrange lines).
|
#
1.24 |
|
01-Apr-2019 |
yasuoka |
Update authenticator and message authenticator always. Previous was to keep the original authenticators and modify them only if needed. But actually, there supposed to be no case such that the original authenticators can be used for the client. Original diff from IIJ.
|
#
1.23 |
|
31-Mar-2019 |
yasuoka |
Remove "proc" from pledge(2) since it is not needed even ifdef RADIUSD_DEBUG.
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.22 |
|
09-Oct-2018 |
yasuoka |
Fix a spelling in log messages. diff from Lukasz Ratajski
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
Revision tags: OPENBSD_6_4_BASE
|
#
1.22 |
|
09-Oct-2018 |
yasuoka |
Fix a spelling in log messages. diff from Lukasz Ratajski
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
#
1.21 |
|
01-Aug-2018 |
mestre |
Fix segmentation fault on radiusd(8) when exiting. If one of the configured modules doesn't have a secret setup then module->secret == NULL which would call strlen(NULL), within freezero(3), and that shouldn't happen, but in this case since the call is done it segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.20 |
|
13-Jun-2017 |
yasuoka |
Initialize the length parameter for radius_get_vs_raw_attr() since it's read/write. diff from IIJ.
|
#
1.19 |
|
21-May-2017 |
deraadt |
A few more freezero() uses ok yasuoka mikeb
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.18 |
|
16-Apr-2016 |
krw |
Change last non-/gnu/ fcntl(x, F_GETFL, 0) strays to fcntl(x, F_GETFL).
No functional change.
ok millert@
|
#
1.17 |
|
13-Apr-2016 |
semarie |
remove "abort" promise from debugging code in radiusd
it is the default now, and the promise name isn't valid anymore.
ok yasuoka@
|
#
1.16 |
|
21-Mar-2016 |
guenther |
Instead of creating a socket with socket() or accept() and then setting the O_NONBLOCK flag on it with fcntl(F_SETFL) afterwards, just pass SOCK_NONBLOCK to socket() or accept4() and get it right to begin with.
ok millert@ krw@ beck@ deraadt@ jca@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.15 |
|
09-Feb-2016 |
jsg |
fix a use after free in an error path ok yasuoka@
|
#
1.14 |
|
31-Dec-2015 |
millert |
Do not mix EX_* from sysexits.h and EXIT_* from stdlib.h, just use EXIT_*.
|
#
1.13 |
|
05-Dec-2015 |
mmcc |
Remove NULL-checks before free()
|
#
1.12 |
|
27-Oct-2015 |
yasuoka |
Free the received radius packet when it is duplicated.
diff from Yuuichi Someya
|
#
1.11 |
|
27-Oct-2015 |
yasuoka |
Set O_NONBLOCK for UDP sockets not to block on recv(). Actually block had happened if an error of the socket is handled by send().
diff from Yuuichi Someya.
|
#
1.10 |
|
27-Oct-2015 |
yasuoka |
Fix radiusd module to set O_NONBLOCK properly.
diff from Yuuichi Someya.
|
#
1.9 |
|
19-Oct-2015 |
yasuoka |
Add pledge(2) for radiusctl(8) and radiusd(8). - radiusd: "stdio inet" - radiusd_radius: "stdio inet" - radiusd_bsdauth: - "stdio proc" for the non-priviledged process - "stdio getpw rpath proc exec" for the priviledged process - radiusctl: "stdio dns inet"
"go ahead" deraadt
|
#
1.8 |
|
19-Oct-2015 |
yasuoka |
Can't assert "module->fd >= 0" in radiusd_stop() since the module may be closed already when error.
|
#
1.7 |
|
25-Aug-2015 |
yasuoka |
Remove -h command line option from radiusd(8) to make it better style.
Patch from Michael Reed
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.6 |
|
02-Aug-2015 |
yasuoka |
Fire pending events when the module starts.
|
#
1.5 |
|
02-Aug-2015 |
yasuoka |
Tweak XXX comments.
|
#
1.4 |
|
02-Aug-2015 |
yasuoka |
Fix radiusd to start without -d. Also stop using event_initialized() to check whether the event handler is set.
|
#
1.3 |
|
27-Jul-2015 |
yasuoka |
Use log_warn() instead of warn() in radiusd_module_load(). Also fix style.
|
#
1.2 |
|
21-Jul-2015 |
schwarze |
add missing -n to the SYNOPSIS and usage() and -d to the DESCRIPTION; OK yasuoka@
|
#
1.1 |
|
21-Jul-2015 |
yasuoka |
Add radiusd(8) and radiusctl(8). They are WIP. radiusd(8) is a RADIUS server and radiusctl(8) is to control the server. radiusd(8) currently supports bsdauth and radius (upstream radius servers) as authentication backends.
fixes from jsg blambert ok deraadt
|