]>
git.ipfire.org Git - thirdparty/freeradius-server.git/log
Alan T. DeKok [Mon, 10 Mar 2025 12:31:03 +0000 (08:31 -0400)]
add and use FR_VALUE_BOX_SAFE_FOR_ANY
which lets us *not* escape data which is taken from the
configuration files
This branch should be deleted when the work is merged to the
master branch
Alan T. DeKok [Mon, 10 Mar 2025 02:42:53 +0000 (22:42 -0400)]
hackity hack, until such time as we fix xlat_copy()
because xlat_copy() expects its output to exist
Alan T. DeKok [Mon, 10 Mar 2025 02:24:50 +0000 (22:24 -0400)]
fix wrong assertion
Alan T. DeKok [Mon, 10 Mar 2025 02:18:38 +0000 (22:18 -0400)]
copy literals_safe_for
Alan T. DeKok [Mon, 10 Mar 2025 01:23:28 +0000 (21:23 -0400)]
quote bare words in function arguments
Alan T. DeKok [Mon, 10 Mar 2025 01:52:53 +0000 (21:52 -0400)]
these functions take variadic arguments
Alan T. DeKok [Mon, 10 Mar 2025 01:26:01 +0000 (21:26 -0400)]
failure to find an OID isn't an OOM issue
Alan T. DeKok [Sun, 9 Mar 2025 20:10:12 +0000 (16:10 -0400)]
allow stealing of name buffer
Alan T. DeKok [Sun, 9 Mar 2025 19:54:45 +0000 (15:54 -0400)]
move keyword tests to new xlat argument parser
with a bit of good fortune, not all tests had to be updated.
However, there are still many tests which do unnecessary
expansions, ala
%foo(%{User-Name}
which is no longer necessary. It may be useful to forbid that,
or to at least print an error message complaining about it.
Alan T. DeKok [Sun, 9 Mar 2025 14:30:28 +0000 (10:30 -0400)]
update the tmpl_rules for argument parsing
so that we don't do casts, etc. of the function arguments
add more checks, and produce better errors
when checking function arguments, we no longer assume that all
of the arguments have been parsed as a string. Instead, they
may be parsed as some other data type. We can then cast the
input expression to the expected data type for the argument.
this change also changes the expected output, where functions like
%md5() now print their parsed arguments as octet strings.
Alan T. DeKok [Sun, 9 Mar 2025 16:48:31 +0000 (12:48 -0400)]
%regex() takes variadic args
Alan T. DeKok [Sun, 9 Mar 2025 16:43:25 +0000 (12:43 -0400)]
add notes on future optimizations
Alan T. DeKok [Sun, 9 Mar 2025 15:54:11 +0000 (11:54 -0400)]
%test() takes a string argument in the tests.
the old function argument parser didn't complain when it was
passed arguments to a function which didn't take arguments. It's
better to complain.
Alan T. DeKok [Sun, 9 Mar 2025 15:53:57 +0000 (11:53 -0400)]
make error easier to understand
Alan T. DeKok [Sun, 9 Mar 2025 15:47:41 +0000 (11:47 -0400)]
don't overflow the buffer, and make the output clearer
Alan T. DeKok [Sun, 9 Mar 2025 14:05:17 +0000 (10:05 -0400)]
it helps to copy TMPL_TYPE_DATA, too
and update the code so that all tmpl types are accounted for,
OR if there's one missing, we hit an assert
Alan T. DeKok [Sun, 9 Mar 2025 13:29:53 +0000 (09:29 -0400)]
tmpl may not be an attribute
Alan T. DeKok [Sun, 9 Mar 2025 12:43:02 +0000 (08:43 -0400)]
add quotes to function arguments in sample policies
Alan T. DeKok [Sat, 8 Mar 2025 17:54:58 +0000 (12:54 -0500)]
this header file is no longer needed
Alan T. DeKok [Sat, 8 Mar 2025 17:46:16 +0000 (12:46 -0500)]
limit what types can be copied and escaped
Alan T. DeKok [Sat, 8 Mar 2025 17:32:15 +0000 (12:32 -0500)]
remove & from default values for module configurations
Alan T. DeKok [Sat, 8 Mar 2025 15:38:57 +0000 (10:38 -0500)]
remove & from debug output and compiled names
Alan T. DeKok [Sat, 8 Mar 2025 14:32:42 +0000 (09:32 -0500)]
remove files which should not have been committed
Alan T. DeKok [Sat, 8 Mar 2025 14:26:14 +0000 (09:26 -0500)]
remove '&' from the date module
Alan T. DeKok [Sat, 8 Mar 2025 14:25:32 +0000 (09:25 -0500)]
remove '&' from json
Alan T. DeKok [Sat, 8 Mar 2025 13:36:43 +0000 (08:36 -0500)]
check and use new xlat_func_bare_words
which changes the parsing of function arguments from
* all unquoted arguments must be single-token bare words
to
* all unquoted arguments are expressions
The default is to enable the flag, as there are a large
number of configuration files to update.
for now, the compatibility flag is disabled for src/tests/unit
and src/tests/xlat, and enabled for src/tests/keywords and
src/tests/modules
Alan T. DeKok [Sat, 8 Mar 2025 12:59:15 +0000 (07:59 -0500)]
return bytes consumed, like the other parsing functions
Alan T. DeKok [Sat, 8 Mar 2025 12:50:48 +0000 (07:50 -0500)]
add migration flag for xlat functions
to treat the arguments as bare words or as expressions
github-actions[bot] [Sat, 8 Mar 2025 09:35:08 +0000 (09:35 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/dhcpv6.tar
github-actions[bot] [Sat, 8 Mar 2025 09:35:02 +0000 (09:35 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/radius.tar
github-actions[bot] [Sat, 8 Mar 2025 09:34:40 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/tacacs.tar
github-actions[bot] [Sat, 8 Mar 2025 09:34:38 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/dns.tar
github-actions[bot] [Sat, 8 Mar 2025 09:34:31 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/dhcpv4.tar
github-actions[bot] [Sat, 8 Mar 2025 09:34:19 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/bfd.tar
github-actions[bot] [Sat, 8 Mar 2025 09:34:16 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/util.tar
github-actions[bot] [Sat, 8 Mar 2025 09:34:14 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/tftp.tar
github-actions[bot] [Sat, 8 Mar 2025 09:34:10 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/vmps.tar
nolade [Fri, 7 Mar 2025 15:15:34 +0000 (10:15 -0500)]
docs: Module section update and formatting. Partials added (single source)
Alan T. DeKok [Fri, 7 Mar 2025 15:06:22 +0000 (10:06 -0500)]
fix spacing of message
Alan T. DeKok [Fri, 7 Mar 2025 14:44:44 +0000 (09:44 -0500)]
update xlat_tokenize_arg() in preparation for move to non-'&'
audit the callers, and ensure that the expectations of the code
match the use-cases.
Update the code to match the use-cases, and with better error
messages.
update the tests to match the new error messages
Alan T. DeKok [Fri, 7 Mar 2025 14:18:39 +0000 (09:18 -0500)]
rename function to be clearer, and check for errors
Alan T. DeKok [Fri, 7 Mar 2025 14:14:57 +0000 (09:14 -0500)]
remove unused function
Alan T. DeKok [Fri, 7 Mar 2025 14:01:23 +0000 (09:01 -0500)]
remove one more '&' from files and ldap
Nick Porter [Fri, 7 Mar 2025 14:52:45 +0000 (14:52 +0000)]
Tidy up
Nick Porter [Fri, 7 Mar 2025 14:41:38 +0000 (14:41 +0000)]
Tidy comments for sample rlm_smtp config
Nick Porter [Fri, 7 Mar 2025 14:40:55 +0000 (14:40 +0000)]
Remove & from rlm_smtp
Nick Porter [Fri, 7 Mar 2025 14:12:00 +0000 (14:12 +0000)]
Parameterise binding ip and ports for SMTP setup script
Alan T. DeKok [Fri, 7 Mar 2025 11:55:03 +0000 (06:55 -0500)]
add example git configuration
should be added a ~/.gitconfig
Nick Porter [Fri, 7 Mar 2025 12:14:33 +0000 (12:14 +0000)]
Revert "value_box_copy() already sets "secret""
This reverts commit
6f19bf204a8f41f48dc5596675b5ce78ecf42cb0 .
The user message could be the user name or the password - so this
sets `secret` based on the attribute being created.
Nick Porter [Fri, 7 Mar 2025 11:13:25 +0000 (11:13 +0000)]
Ensure rlm_stats is only called from RADIUS virtual servers
Nick Porter [Fri, 7 Mar 2025 11:03:52 +0000 (11:03 +0000)]
Correct lookup of packet counter attributes
Using the nested structure
Nick Porter [Fri, 7 Mar 2025 10:42:53 +0000 (10:42 +0000)]
Avoid repetition in stats attributes
Nick Porter [Fri, 7 Mar 2025 10:42:05 +0000 (10:42 +0000)]
Split rlm_stats into two method calls
To distinguish incrementing and fetching.
Alan T. DeKok [Thu, 6 Mar 2025 20:17:40 +0000 (15:17 -0500)]
remove '&' from dhcpv4
Alan T. DeKok [Thu, 6 Mar 2025 20:16:48 +0000 (15:16 -0500)]
remove one more '&'
Alan T. DeKok [Thu, 6 Mar 2025 20:15:23 +0000 (15:15 -0500)]
remove '&' from json
but not from the function calls, because we need it for now
Alan T. DeKok [Thu, 6 Mar 2025 20:14:13 +0000 (15:14 -0500)]
remove '&' from redis_ippool
Alan T. DeKok [Thu, 6 Mar 2025 19:58:19 +0000 (14:58 -0500)]
use consistent name for configuration directory
Alan T. DeKok [Thu, 6 Mar 2025 19:42:19 +0000 (14:42 -0500)]
remove '&' from etc_group
Alan T. DeKok [Thu, 6 Mar 2025 19:42:04 +0000 (14:42 -0500)]
tweak verbiology
Alan T. DeKok [Thu, 6 Mar 2025 19:38:54 +0000 (14:38 -0500)]
set tainted / secret flag based on both inputs
Alan T. DeKok [Thu, 6 Mar 2025 19:29:21 +0000 (14:29 -0500)]
value_box_copy() already sets "secret"
so we don't need to do it here
Alan T. DeKok [Thu, 6 Mar 2025 19:25:08 +0000 (14:25 -0500)]
suppress secrets, even for nested groups
Alan T. DeKok [Thu, 6 Mar 2025 19:14:01 +0000 (14:14 -0500)]
set secret flag based on source data
Alan T. DeKok [Thu, 6 Mar 2025 19:02:50 +0000 (14:02 -0500)]
MS-CHAP is plain-text equivalent.
Mark the Challenge field as secret, so that it doesn't get
exposed when people run the server in debug mode.
Alan T. DeKok [Thu, 6 Mar 2025 17:25:14 +0000 (12:25 -0500)]
remove '&'
Alan T. DeKok [Thu, 6 Mar 2025 17:24:41 +0000 (12:24 -0500)]
remove '&'
Alan T. DeKok [Thu, 6 Mar 2025 17:24:09 +0000 (12:24 -0500)]
remove '&' from delay
Nick Porter [Thu, 6 Mar 2025 17:50:53 +0000 (17:50 +0000)]
Module docs say this can be up to 5
Alan T. DeKok [Thu, 6 Mar 2025 17:15:42 +0000 (12:15 -0500)]
add more and do tweaks
nolade [Thu, 6 Mar 2025 16:42:44 +0000 (11:42 -0500)]
docs: Virtual Server section nav bar update. Landing pages for dhcp/dns/ldap added.
Alan T. DeKok [Thu, 6 Mar 2025 16:24:01 +0000 (11:24 -0500)]
remove '&' from krb5
Alan T. DeKok [Thu, 6 Mar 2025 16:21:32 +0000 (11:21 -0500)]
remove '&' from ldap
Alan T. DeKok [Thu, 6 Mar 2025 16:19:25 +0000 (11:19 -0500)]
remove '&' from linelog
Alan T. DeKok [Thu, 6 Mar 2025 16:16:39 +0000 (11:16 -0500)]
remove '&' from sql
Alan T. DeKok [Thu, 6 Mar 2025 16:16:01 +0000 (11:16 -0500)]
remove '&' from cache
Alan T. DeKok [Thu, 6 Mar 2025 16:10:42 +0000 (11:10 -0500)]
remove '&' from client module
Alan T. DeKok [Thu, 6 Mar 2025 16:08:16 +0000 (11:08 -0500)]
remove '&' from exec
and update the documentation
Alan T. DeKok [Thu, 6 Mar 2025 15:24:23 +0000 (10:24 -0500)]
remove more '&'
Alan T. DeKok [Thu, 6 Mar 2025 15:19:38 +0000 (10:19 -0500)]
remove '&' from csv
Alan T. DeKok [Thu, 6 Mar 2025 15:11:53 +0000 (10:11 -0500)]
remove '&' from rediswho
and complain if the queries are missing
Alan T. DeKok [Thu, 6 Mar 2025 15:04:14 +0000 (10:04 -0500)]
remove '&' from mschap
Alan T. DeKok [Thu, 6 Mar 2025 14:40:42 +0000 (09:40 -0500)]
remove '&' from pap module
Alan T. DeKok [Thu, 6 Mar 2025 14:39:40 +0000 (09:39 -0500)]
remove '&' from sometimes module configuration
Alan T. DeKok [Thu, 6 Mar 2025 14:38:06 +0000 (09:38 -0500)]
remove '&' from files module configuration
Alan T. DeKok [Thu, 6 Mar 2025 14:31:34 +0000 (09:31 -0500)]
remove '&' from passwd module configuration
Alan T. DeKok [Thu, 6 Mar 2025 14:30:40 +0000 (09:30 -0500)]
remove '&' from sqlippool configuration and source
Alan T. DeKok [Thu, 6 Mar 2025 14:25:19 +0000 (09:25 -0500)]
produce warnings and errors for attributes which have leading '&'
If we're in the new config and -C, produce a warning.
If the migration flag says to forbid '&', then we produce an
error.
Alan T. DeKok [Thu, 6 Mar 2025 14:18:31 +0000 (09:18 -0500)]
remove '&' from sqlcounter configuration and source
Nick Porter [Thu, 6 Mar 2025 16:16:34 +0000 (16:16 +0000)]
Always reset bio request
Nick Porter [Thu, 6 Mar 2025 16:15:24 +0000 (16:15 +0000)]
Parent u->extra pairs from u
Makes freeing more consistent with all the different freeing paths.
Nick Porter [Thu, 6 Mar 2025 16:14:04 +0000 (16:14 +0000)]
If we're not saving the packet, clear u->packet
So bio_request_reset doesn't attempt to free it.
Nick Porter [Wed, 5 Mar 2025 19:10:27 +0000 (19:10 +0000)]
Hoist Module-Failue-Message from eap subrequest
So the parent request can log failure reasons
Alan T. DeKok [Wed, 5 Mar 2025 11:49:34 +0000 (06:49 -0500)]
rearrange mods-available nav
and add short summaries of the various modules
Alan T. DeKok [Wed, 5 Mar 2025 11:48:43 +0000 (06:48 -0500)]
this is no longer needed, we removed couchbase
Alan T. DeKok [Wed, 5 Mar 2025 11:33:18 +0000 (06:33 -0500)]
remove pre/post-proxy example
Nick Porter [Wed, 5 Mar 2025 11:32:09 +0000 (11:32 +0000)]
rlm_perl does support nested attributes now
nolade [Wed, 5 Mar 2025 00:49:07 +0000 (19:49 -0500)]
Start organizing the module navbar
nolade [Wed, 5 Mar 2025 00:26:21 +0000 (19:26 -0500)]
Fix capitalization of main nav items
Alan T. DeKok [Tue, 4 Mar 2025 15:18:41 +0000 (10:18 -0500)]
move utility file to the proto_ldap_sync directory