]> git.ipfire.org Git - thirdparty/freeradius-server.git/log
thirdparty/freeradius-server.git
2 years agoDon't decode optional attributes
Nick Porter [Tue, 11 Jul 2023 12:22:51 +0000 (13:22 +0100)] 
Don't decode optional attributes

Certain attributes are defined as optional, and will have zero length if
they are not present.

2 years agostupid gnu make
Alan T. DeKok [Tue, 11 Jul 2023 14:43:55 +0000 (10:43 -0400)] 
stupid gnu make

2 years agofilter based on test existence, not one process_foo modules
Alan T. DeKok [Tue, 11 Jul 2023 14:26:41 +0000 (10:26 -0400)] 
filter based on test existence, not one process_foo modules

2 years agotests: Let's use $(Q) instead of @
Jorge Pereira [Fri, 30 Jun 2023 21:51:32 +0000 (18:51 -0300)] 
tests: Let's use $(Q) instead of @

It's helpful to troubleshoot.

2 years agotests: Print out the module and test name
Jorge Pereira [Wed, 28 Jun 2023 15:11:26 +0000 (12:11 -0300)] 
tests: Print out the module and test name

2 years agowhitespace and formatting
Jorge Pereira [Tue, 4 Jul 2023 01:07:10 +0000 (22:07 -0300)] 
whitespace and formatting

2 years agoAdd comment about LDAP failing if identity is specified
Arran Cudbard-Bell [Tue, 11 Jul 2023 07:10:20 +0000 (01:10 -0600)] 
Add comment about LDAP failing if identity is specified

2 years agoswitch to assert
Alan T. DeKok [Mon, 10 Jul 2023 20:39:01 +0000 (16:39 -0400)] 
switch to assert

2 years agoremove unused assignment
Alan T. DeKok [Mon, 10 Jul 2023 20:19:34 +0000 (16:19 -0400)] 
remove unused assignment

2 years agomake encode_tlv() call extend_option()
Alan T. DeKok [Mon, 10 Jul 2023 19:32:03 +0000 (15:32 -0400)] 
make encode_tlv() call extend_option()

and do some minor cleanups

2 years agomake encode_vsio() support flat or nested attributes
Alan T. DeKok [Mon, 10 Jul 2023 18:51:03 +0000 (14:51 -0400)] 
make encode_vsio() support flat or nested attributes

2 years agorearrange in preparation for allowing nested attributes
Alan T. DeKok [Mon, 10 Jul 2023 18:22:33 +0000 (14:22 -0400)] 
rearrange in preparation for allowing nested attributes

2 years agosimplify and canonicalize encode_child()
Alan T. DeKok [Mon, 10 Jul 2023 18:16:10 +0000 (14:16 -0400)] 
simplify and canonicalize encode_child()

2 years agoconcatenate DHCPv4 options
Alan T. DeKok [Sun, 9 Jul 2023 13:55:49 +0000 (09:55 -0400)] 
concatenate DHCPv4 options

so that we don't encode a new header for TLV children when the
TLV option still has room to encode data.

2 years agoadd pair_afrom_da_nested()
Alan T. DeKok [Sat, 8 Jul 2023 19:44:50 +0000 (15:44 -0400)] 
add pair_afrom_da_nested()

which is similar to fr_pair_update_by_da_parent(), except that
function takes a parent pair.  In some cases, we need to use
separate TALLOC_CTX and fr_pair_list_t.

2 years agoadd simple test for TLV nesting
Alan T. DeKok [Sat, 8 Jul 2023 19:44:06 +0000 (15:44 -0400)] 
add simple test for TLV nesting

just in case new code generates the wrong thing

2 years agoprint out structural pairs, too
Alan T. DeKok [Fri, 7 Jul 2023 18:18:36 +0000 (14:18 -0400)] 
print out structural pairs, too

2 years agouse the correct cursor function for nested VPs
Alan T. DeKok [Fri, 7 Jul 2023 17:10:04 +0000 (13:10 -0400)] 
use the correct cursor function for nested VPs

2 years agouse the correct cursor function instead of hand-rolling it
Alan T. DeKok [Fri, 7 Jul 2023 16:56:41 +0000 (12:56 -0400)] 
use the correct cursor function instead of hand-rolling it

2 years agoclean up and rearrange in preparation for supporting nesting
Alan T. DeKok [Fri, 7 Jul 2023 16:40:16 +0000 (12:40 -0400)] 
clean up and rearrange in preparation for supporting nesting

2 years agoport OpenSSL3 fixes from v3
Alan T. DeKok [Fri, 7 Jul 2023 14:58:34 +0000 (10:58 -0400)] 
port OpenSSL3 fixes from v3

2 years agoImprove TACACS tests
Nick Porter [Mon, 10 Jul 2023 13:42:40 +0000 (14:42 +0100)] 
Improve TACACS tests

Move authentication tests into `authenticate` sections and add test of
ASCII auth to excercise Authentication-Continue

2 years agoRemove superfluous annotation
James Jones [Fri, 7 Jul 2023 19:45:41 +0000 (14:45 -0500)] 
Remove superfluous annotation

It's not associated with any current coverity defects.

2 years agoCheck return of fr_pair_value_bstrndup() (CID #1534858)
Nick Porter [Sat, 8 Jul 2023 14:53:45 +0000 (15:53 +0100)] 
Check return of fr_pair_value_bstrndup() (CID #1534858)

2 years agoRemove unused pair_find_by_ancestor functions
Nick Porter [Fri, 7 Jul 2023 14:12:44 +0000 (15:12 +0100)] 
Remove unused pair_find_by_ancestor functions

which will become irrelevant when everything uses nested attributes

2 years agoRe-work extraction of DHCPv6 client and server ID for nested or flat lists
Nick Porter [Fri, 7 Jul 2023 07:14:34 +0000 (08:14 +0100)] 
Re-work extraction of DHCPv6 client and server ID for nested or flat lists

Will be simplified to just list copies once everything is always nested.

2 years agoAdd pair_nested_tests - pair_tests using nested attributes
Nick Porter [Fri, 7 Jul 2023 07:10:40 +0000 (08:10 +0100)] 
Add pair_nested_tests - pair_tests using nested attributes

2 years agoAdd helper function for building test nested attribute lists
Nick Porter [Fri, 7 Jul 2023 07:05:53 +0000 (08:05 +0100)] 
Add helper function for building test nested attribute lists

2 years agoAllow for nested or flat attributes in fr_pair_list_copy_by_ancestor
Nick Porter [Fri, 7 Jul 2023 07:05:08 +0000 (08:05 +0100)] 
Allow for nested or flat attributes in fr_pair_list_copy_by_ancestor

Will be removed once everything is nested, and it just becomes a list
copy from the ancestor.

2 years agoCall correct function in test of fr_pair_find_by_da_idx
Nick Porter [Thu, 6 Jul 2023 18:14:19 +0000 (19:14 +0100)] 
Call correct function in test of fr_pair_find_by_da_idx

2 years agoDon't add structural pairs to flat test lists
Nick Porter [Thu, 6 Jul 2023 18:13:11 +0000 (19:13 +0100)] 
Don't add structural pairs to flat test lists

2 years agoAllow for out == NULL
Nick Porter [Thu, 6 Jul 2023 16:38:02 +0000 (17:38 +0100)] 
Allow for out == NULL

2 years agomove password.c hack to main pair function
Alan T. DeKok [Thu, 6 Jul 2023 15:40:20 +0000 (11:40 -0400)] 
move password.c hack to main pair function

and add note that the function should be removed when the nested
pairs are done

2 years agopartial "allow exec on RHS of assignments"
Alan T. DeKok [Thu, 6 Jul 2023 13:39:42 +0000 (09:39 -0400)] 
partial "allow exec on RHS of assignments"

This doesn't work for LHS lists, but it's a start.

The rest of the edit code has to be update to check for attributes
on the RHS of an exec, just the same as if we did

&request = "&Foo := bar"

2 years agoquote token so the message is easier to understand
Alan T. DeKok [Thu, 6 Jul 2023 13:39:26 +0000 (09:39 -0400)] 
quote token so the message is easier to understand

2 years agoCast nothing to string/octets yields empty string/octets
Alan T. DeKok [Thu, 6 Jul 2023 13:01:50 +0000 (09:01 -0400)] 
Cast nothing to string/octets yields empty string/octets

Because we want the following condition to work, when there is
only one of attribute Tmp-Integer-0:

if ("%{Tmp-String-0[2]}" == '') {
// always runs!
}

i.e. expanding in a string context, a reference to an attribute
which doesn't exist should result in an empty string, and not a
condition failure of "can't create LHS of condition"

2 years agoadd some debug options
Alan T. DeKok [Thu, 6 Jul 2023 12:15:59 +0000 (08:15 -0400)] 
add some debug options

2 years agoRe-enable tests
Nick Porter [Thu, 6 Jul 2023 12:06:56 +0000 (13:06 +0100)] 
Re-enable tests

2 years agoReturn correctly after first match for logical or
Nick Porter [Thu, 6 Jul 2023 12:02:56 +0000 (13:02 +0100)] 
Return correctly after first match for logical or

2 years agodon't stop on eapol_test compile warnings
Nick Porter [Thu, 6 Jul 2023 07:34:50 +0000 (08:34 +0100)] 
don't stop on eapol_test compile warnings

2 years agoAdd debian 12 to full debian CI run
Nick Porter [Thu, 6 Jul 2023 07:13:59 +0000 (08:13 +0100)] 
Add debian 12 to full debian CI run

2 years agoDebian sid now reports trixie as its release
Nick Porter [Thu, 6 Jul 2023 07:13:33 +0000 (08:13 +0100)] 
Debian sid now reports trixie as its release

2 years agomove more code to common function
Alan T. DeKok [Wed, 5 Jul 2023 12:38:05 +0000 (08:38 -0400)] 
move more code to common function

2 years agomove "create LHS vp" to common function
Alan T. DeKok [Wed, 5 Jul 2023 12:13:18 +0000 (08:13 -0400)] 
move "create LHS vp" to common function

2 years agoupdate exec_build_env() to return environment variables.
Alan T. DeKok [Wed, 5 Jul 2023 00:07:56 +0000 (20:07 -0400)] 
update exec_build_env() to return environment variables.

It wasn't doing that previously. :(

2 years agodepend on real file, not phony one
Alan T. DeKok [Tue, 4 Jul 2023 23:23:48 +0000 (19:23 -0400)] 
depend on real file, not phony one

so that we don't always re-run the mschap test

2 years agoremove dangling dependency
Alan T. DeKok [Tue, 4 Jul 2023 23:21:06 +0000 (19:21 -0400)] 
remove dangling dependency

2 years agotests and cleanups for logical and
Alan T. DeKok [Tue, 4 Jul 2023 20:46:39 +0000 (16:46 -0400)] 
tests and cleanups for logical and

2 years agouse -S tmpl_tokenize_all_nested=yes for pairs test
Alan T. DeKok [Tue, 4 Jul 2023 20:13:46 +0000 (16:13 -0400)] 
use -S tmpl_tokenize_all_nested=yes for pairs test

the test prints pairs to a string.  That format depends on the
value of the -S tmpl_tokenize_all_nested=yes flag.

However, we couldn't use logical or (||) until that issue was
first fixed.

2 years agotest and fix for logical or
Alan T. DeKok [Tue, 4 Jul 2023 20:12:40 +0000 (16:12 -0400)] 
test and fix for logical or

we temporarily disable failing tests which depend on the old
(and broken) functionality.  Those need to be tracked down, fixed,
and re-enabled

2 years agouse pair_append_by_tmpl_parent() instead of fr_pair_afrom_da()
Alan T. DeKok [Tue, 4 Jul 2023 19:14:37 +0000 (15:14 -0400)] 
use pair_append_by_tmpl_parent() instead of fr_pair_afrom_da()

as the tmpl function finds or creates all of the pairs in the
map.

The mschap tests expected that to work:

&request += {
&Vendor-Specific.Microsoft.CHAP-Challenge = 0xe96e4fff2955c4f1
&Vendor-Specific.Microsoft.CHAP-Response = 0x000100000...
}

Would create:

&request {
CHAP-Challenge = ...
CHAP-Response = ...
}

which was wrong

2 years agodon't reparent on internal grouping attributes
Alan T. DeKok [Tue, 4 Jul 2023 14:37:53 +0000 (10:37 -0400)] 
don't reparent on internal grouping attributes

and swap almost all tests over to using

-S tmpl_tokenize_all_nested=yes

The ones which don't use it failed with the flag.  I haven't had
time to investigate, so we're just moving ahead temporarily

2 years agoCheck fr_dbuff_out() returns in src/protocols/dhcpv4/encode.c
James Jones [Mon, 3 Jul 2023 14:57:56 +0000 (09:57 -0500)] 
Check fr_dbuff_out() returns in src/protocols/dhcpv4/encode.c

CIDs: #1533885, #1533886

2 years agoAdd new unit load tests for dhcpv4
Jorge Pereira [Tue, 4 Jul 2023 01:10:55 +0000 (22:10 -0300)] 
Add new unit load tests for dhcpv4

It's based on Wireshark .pcap tests
from https://wiki.wireshark.org/DHCP

e.g:

$ wget https://wiki.wireshark.org/uploads/__moin_import__/attachments/SampleCaptures/dhcp.pcap
$ ./scripts//util/pcap2decode-proto.py  -f dhcp.pcap -p dhcpv4 > src/tests/unit/protocols/dhcpv4/client-server.txt

2 years agoallow multiple attrs on the LHS
Alan T. DeKok [Tue, 4 Jul 2023 14:28:13 +0000 (10:28 -0400)] 
allow multiple attrs on the LHS

&reply.foo := { ... }

2 years agohack to allow nested attributes
Alan T. DeKok [Tue, 4 Jul 2023 14:27:13 +0000 (10:27 -0400)] 
hack to allow nested attributes

2 years agoadd basic tmpl_rules_debug() function
Alan T. DeKok [Tue, 4 Jul 2023 13:12:33 +0000 (09:12 -0400)] 
add basic tmpl_rules_debug() function

2 years agosimplify code a bit
Alan T. DeKok [Tue, 4 Jul 2023 12:11:17 +0000 (08:11 -0400)] 
simplify code a bit

3 years agoFix issue with memory usage after being released.
Jorge Pereira [Fri, 30 Jun 2023 18:52:54 +0000 (15:52 -0300)] 
Fix issue with memory usage after being released.

3 years agotalloc from the correct parent
Alan T. DeKok [Fri, 30 Jun 2023 14:21:39 +0000 (10:21 -0400)] 
talloc from the correct parent

3 years agoremove old comment
Alan T. DeKok [Wed, 28 Jun 2023 15:30:36 +0000 (11:30 -0400)] 
remove old comment

3 years agoRemove package conflict from Coverity build
Nick Porter [Fri, 30 Jun 2023 08:02:59 +0000 (09:02 +0100)] 
Remove package conflict from Coverity build

3 years agoEnsure each redis_ippool test uses its own pool
Nick Porter [Fri, 30 Jun 2023 07:32:58 +0000 (08:32 +0100)] 
Ensure each redis_ippool test uses its own pool

3 years agoTest redis_ippool_tool static assignment behaviour
Nick Porter [Fri, 30 Jun 2023 07:32:14 +0000 (08:32 +0100)] 
Test redis_ippool_tool static assignment behaviour

3 years agoUse a Lua script for static lease assignment
Nick Porter [Thu, 29 Jun 2023 16:47:07 +0000 (17:47 +0100)] 
Use a Lua script for static lease assignment

Adds safety / sanity checks:
 - the IP does not already have a static assignment
 - the device is not already associated with another IP
 - the IP is not already allocated to another device

3 years agoCorrect line numbering in lua_release_cmd script
Nick Porter [Thu, 29 Jun 2023 16:53:51 +0000 (17:53 +0100)] 
Correct line numbering in lua_release_cmd script

3 years agolua_release_cmd: always reset expiry time (for static leases too)
Max Khon [Wed, 28 Jun 2023 04:35:48 +0000 (11:35 +0700)] 
lua_release_cmd: always reset expiry time (for static leases too)

3 years agoUse separate call environments for each redis ippool method
Nick Porter [Thu, 29 Jun 2023 10:34:19 +0000 (11:34 +0100)] 
Use separate call environments for each redis ippool method

3 years agoSplit redis IP pool mod_action into action specific functions
Nick Porter [Thu, 29 Jun 2023 10:12:05 +0000 (11:12 +0100)] 
Split redis IP pool mod_action into action specific functions

3 years agoRemove IP-Pool.Action and use module methods instead
Nick Porter [Thu, 29 Jun 2023 08:43:16 +0000 (09:43 +0100)] 
Remove IP-Pool.Action and use module methods instead

3 years agouodate dynamic clients for dhcpv4 and dhcpv6
Alan T. DeKok [Wed, 28 Jun 2023 13:30:49 +0000 (09:30 -0400)] 
uodate dynamic clients for dhcpv4 and dhcpv6

It turns out the old code would also _always_ add a client, even
if there was a NAK.  Oh well.  That's now fixed.

3 years agosimplify dynamic client config a bit
Alan T. DeKok [Wed, 28 Jun 2023 13:20:02 +0000 (09:20 -0400)] 
simplify dynamic client config a bit

3 years agoallow for require_message_authenticator
Alan T. DeKok [Wed, 28 Jun 2023 13:12:42 +0000 (09:12 -0400)] 
allow for require_message_authenticator

3 years agoupdate documentation for dynamic clients
Alan T. DeKok [Wed, 28 Jun 2023 13:07:56 +0000 (09:07 -0400)] 
update documentation for dynamic clients

3 years agoScheduled fuzzing: Update src/tests/fuzzer-corpus/bfd.tar
github-actions[bot] [Wed, 28 Jun 2023 09:34:37 +0000 (09:34 +0000)] 
Scheduled fuzzing: Update src/tests/fuzzer-corpus/bfd.tar

3 years agoDocument use_tls, tls {}, use_cluster_map
Max Khon [Thu, 22 Jun 2023 12:50:07 +0000 (13:50 +0100)] 
Document use_tls, tls {}, use_cluster_map

3 years agoCheck inidital fr_sbuff_in_bstrncpy() calls in BIO_write conversion
James Jones [Tue, 27 Jun 2023 18:13:44 +0000 (13:13 -0500)] 
Check inidital fr_sbuff_in_bstrncpy() calls in BIO_write conversion

CIDs: #1503916 (tls_log_request_bio_write_cb())
      #1503889 (tls_log_global_bio_write_cb())

3 years agoGet rid of now-needless annotation
James Jones [Fri, 23 Jun 2023 14:17:30 +0000 (09:17 -0500)] 
Get rid of now-needless annotation

3 years agoAdd fr_radius_ok() model
James Jones [Fri, 23 Jun 2023 15:25:23 +0000 (10:25 -0500)] 
Add fr_radius_ok() model

Tells coverity that if fr_radius_ok() returns true, the packet
is valid.

3 years agoxlat: Don't "cast" octets string to hex. Leave them in their raw binary form
Arran Cudbard-Bell [Tue, 27 Jun 2023 21:09:29 +0000 (17:09 -0400)] 
xlat: Don't "cast" octets string to hex.  Leave them in their raw binary form

3 years agoxlat: Make xlat_eval_compiled binary safe
Arran Cudbard-Bell [Tue, 27 Jun 2023 21:09:11 +0000 (17:09 -0400)] 
xlat: Make xlat_eval_compiled binary safe

3 years agoxlat: Concat output boxes from tmpl evaluation when the tmpl was originally quoted
Arran Cudbard-Bell [Tue, 27 Jun 2023 19:09:50 +0000 (15:09 -0400)] 
xlat: Concat output boxes from tmpl evaluation when the tmpl was originally quoted

Add regression tests for compound rlm_files keys

3 years agoPrint errors in a form vscode can jump to
Arran Cudbard-Bell [Tue, 27 Jun 2023 21:06:41 +0000 (17:06 -0400)] 
Print errors in a form vscode can jump to

3 years agounit_test_module: Use modified unescape rules, compare match results properly
Arran Cudbard-Bell [Tue, 27 Jun 2023 21:06:06 +0000 (17:06 -0400)] 
unit_test_module: Use modified unescape rules, compare match results properly

3 years agounit_test_module: Escape output of xlat functions in tests
Arran Cudbard-Bell [Tue, 27 Jun 2023 18:56:55 +0000 (14:56 -0400)] 
unit_test_module: Escape output of xlat functions in tests

3 years agoRemove conflict from fuzzing job
Nick Porter [Tue, 27 Jun 2023 12:27:24 +0000 (13:27 +0100)] 
Remove conflict from fuzzing job

3 years agoRemove package conflicts
Nick Porter [Tue, 27 Jun 2023 11:28:26 +0000 (12:28 +0100)] 
Remove package conflicts

3 years agosql_errno can't be < 0 here
Nick Porter [Tue, 27 Jun 2023 10:12:34 +0000 (11:12 +0100)] 
sql_errno can't be < 0 here

3 years agoCan't verify fake dynamic client lookup packet as there is no shared secret yet
Nick Porter [Mon, 26 Jun 2023 13:04:41 +0000 (14:04 +0100)] 
Can't verify fake dynamic client lookup packet as there is no shared secret yet

3 years agodon't exit until all detached requests have stopped
Alan T. DeKok [Fri, 23 Jun 2023 18:22:57 +0000 (14:22 -0400)] 
don't exit until all detached requests have stopped

which (for now) also means keeping detached requests in the
time_order list.  That seems reasonable, as that list measures
the total amount of work that this thread is doing

3 years agoremove old comment
Alan T. DeKok [Fri, 23 Jun 2023 18:22:26 +0000 (14:22 -0400)] 
remove old comment

3 years agoadd a dlist per channel, and associate requests with it
Alan T. DeKok [Fri, 23 Jun 2023 14:06:34 +0000 (10:06 -0400)] 
add a dlist per channel, and associate requests with it

so that when a channel closes, we can force-cancel all of the
requests which are associated with it.

3 years agouse nested
Alan T. DeKok [Fri, 23 Jun 2023 12:49:41 +0000 (08:49 -0400)] 
use nested

3 years agoRe-number lines in lua_alloc_cmd
Nick Porter [Fri, 23 Jun 2023 11:39:48 +0000 (12:39 +0100)] 
Re-number lines in lua_alloc_cmd

3 years agoExtend expiry time of dynamic IP owner, if shorter than specified lifetime
Nick Porter [Fri, 23 Jun 2023 11:32:45 +0000 (12:32 +0100)] 
Extend expiry time of dynamic IP owner, if shorter than specified lifetime

3 years agoue explicit invalid name for unused heap IDs
Alan T. DeKok [Thu, 22 Jun 2023 19:59:31 +0000 (15:59 -0400)] 
ue explicit invalid name for unused heap IDs

3 years agoset heap IDs properly.
Alan T. DeKok [Thu, 22 Jun 2023 19:59:22 +0000 (15:59 -0400)] 
set heap IDs properly.

which was changed in most places via commit 4b25265 in August 2021,
but wasn't changed here.

3 years agodefine and use macro for invalid entries
Alan T. DeKok [Thu, 22 Jun 2023 19:52:03 +0000 (15:52 -0400)] 
define and use macro for invalid entries

3 years agofirst pass at re-enabling dynamic clients
Alan T. DeKok [Thu, 22 Jun 2023 18:05:36 +0000 (14:05 -0400)] 
first pass at re-enabling dynamic clients

3 years agoremove old comment
Alan T. DeKok [Thu, 22 Jun 2023 17:54:42 +0000 (13:54 -0400)] 
remove old comment