]>
git.ipfire.org Git - thirdparty/freeradius-server.git/log
James Jones [Fri, 2 Jun 2023 13:45:24 +0000 (08:45 -0500)]
Use udp_len in UDP length checks
Coverity appears to be faked out by the use of diff to
validate udp_len, and hence complains about tainted data.
James Jones [Fri, 2 Jun 2023 18:44:47 +0000 (13:44 -0500)]
Rewrite check on length in dhcpv6_print_hex()
We suspect that coverity is confused by the check as written, and
so rewrite it so that the variable checked is alone on the LHS of
the comparison.
Arran Cudbard-Bell [Tue, 6 Jun 2023 16:41:37 +0000 (12:41 -0400)]
radius: Make it impossible for the user to modify Proxy-State attributes, as we do with DHCPv6 and response fields
Arran Cudbard-Bell [Tue, 6 Jun 2023 16:41:08 +0000 (12:41 -0400)]
Remove NO_RCTX state machine macros, there's always an RCTX now
Arran Cudbard-Bell [Tue, 6 Jun 2023 13:20:38 +0000 (09:20 -0400)]
Revert "Quick hack to try and get tests passing again"
This reverts commit
82ef4fc33b2d61fe3da92501b036f6db59fde5c5 .
Nick Porter [Tue, 6 Jun 2023 11:29:50 +0000 (12:29 +0100)]
DO_NOT_RESPOND is a valid reply packet type for DHCP
Nick Porter [Tue, 6 Jun 2023 10:11:30 +0000 (11:11 +0100)]
Update tests to match echoed back Proxy-State
The module accounting tests use Access-Request packets but call the
modules in accouning context.
Since Access-Request packets are used, the Proxy-State in the request is
reflected back in the Access-Accept
Nick Porter [Tue, 6 Jun 2023 09:40:39 +0000 (10:40 +0100)]
Set pool min and start defaults to 0, to ensure they are < max
Nick Porter [Tue, 6 Jun 2023 09:20:12 +0000 (10:20 +0100)]
Set default for "max" in pool for rlm_redis_ippool_tool
Nick Porter [Tue, 6 Jun 2023 07:24:40 +0000 (08:24 +0100)]
Check vb is allocated (CID #
1532274 )
Max Khon [Mon, 5 Jun 2023 16:11:20 +0000 (17:11 +0100)]
Add support for destination = stdout and destination = stderr
Arran Cudbard-Bell [Mon, 5 Jun 2023 17:36:27 +0000 (13:36 -0400)]
Quick hack to try and get tests passing again
Can't replicate on local system because a bug in make makes it difficult to run these tests
Arran Cudbard-Bell [Mon, 5 Jun 2023 17:34:16 +0000 (13:34 -0400)]
process_radius: Correctly store/restore proxy-state values
As this is required by RFC2865 we should copy proxy-state implicitly. The values are available in the relevant send sections so can still be removed/modified if the user wants. If there are complaints we can always add a toggle.
Arran Cudbard-Bell [Fri, 2 Jun 2023 19:14:44 +0000 (15:14 -0400)]
make: Add toupper and tolower to reduce calls to $(shell)
Arran Cudbard-Bell [Wed, 31 May 2023 23:22:40 +0000 (19:22 -0400)]
set pool max default internally
Arran Cudbard-Bell [Wed, 31 May 2023 22:40:44 +0000 (18:40 -0400)]
Don't set a default value
Arran Cudbard-Bell [Wed, 31 May 2023 22:30:01 +0000 (18:30 -0400)]
Don't mess with the default core count
Arran Cudbard-Bell [Wed, 31 May 2023 22:22:57 +0000 (18:22 -0400)]
Use '0' to mean error
Arran Cudbard-Bell [Wed, 31 May 2023 22:17:45 +0000 (18:17 -0400)]
Warn when we can't retrieve a core count
Arran Cudbard-Bell [Wed, 31 May 2023 19:53:48 +0000 (15:53 -0400)]
Pass parent through to common functions
Arran Cudbard-Bell [Wed, 31 May 2023 19:39:55 +0000 (15:39 -0400)]
Fixup kafka default functions
Arran Cudbard-Bell [Wed, 31 May 2023 19:15:34 +0000 (15:15 -0400)]
Set num_workers default value earlier
Arran Cudbard-Bell [Wed, 31 May 2023 19:09:17 +0000 (15:09 -0400)]
Why OpenSSL why...
Jorge Pereira [Wed, 31 May 2023 13:36:02 +0000 (10:36 -0300)]
Fix 'start' pool values
Jorge Pereira [Wed, 31 May 2023 16:21:50 +0000 (13:21 -0300)]
Remove unnecessary return in fr_pool_init()
Nick Porter [Wed, 31 May 2023 06:54:18 +0000 (07:54 +0100)]
Deprecate Debian 10 and add Ubuntu 22.04 to full deb packaging tests
Debian 10 does not have Python 3.8 packages which are required for
rlm_python
James Jones [Tue, 30 May 2023 20:06:07 +0000 (15:06 -0500)]
Pull check for non-NULL randle after check for NULL randle
randle is local to mod_authenticate(), so in the then clause
of an if checking for randle being NULL, randle won't be non-NULL.
Nick Porter [Tue, 30 May 2023 15:25:39 +0000 (16:25 +0100)]
Deprecate CentOS 7 and add Rocky 9 to full RPM build tests
CentOS 7 doesn't have Python 3.8 which is now required for rlm_python,
and is EoL in June 2024
James Jones [Tue, 30 May 2023 18:48:48 +0000 (13:48 -0500)]
Initialize num_commands to 0, the actual initial number of commands.
Doing this should keep coverity from getting confused and requiring
annotations.
Nick Porter [Tue, 30 May 2023 11:41:43 +0000 (12:41 +0100)]
Correct maths in redis_ippool_tool statistics
Nick Porter [Tue, 30 May 2023 11:23:25 +0000 (12:23 +0100)]
Fix segfault in redis_ippool_tool stats
Jorge Pereira [Fri, 26 May 2023 01:54:26 +0000 (22:54 -0300)]
make DHCPv4 use flat or nested attributes
Jorge Pereira [Fri, 26 May 2023 01:54:26 +0000 (22:54 -0300)]
make TTLS use flat or nested attributes
Jorge Pereira [Fri, 26 May 2023 01:54:25 +0000 (22:54 -0300)]
make TACACS use flat or nested attributes
Jorge Pereira [Fri, 26 May 2023 01:54:25 +0000 (22:54 -0300)]
make RADIUS use flat or nested attributes
Jorge Pereira [Fri, 26 May 2023 01:54:25 +0000 (22:54 -0300)]
make Stats use flat or nested attributes
Jorge Pereira [Fri, 26 May 2023 01:54:24 +0000 (22:54 -0300)]
make MSCHAP use flat or nested attributes
Jorge Pereira [Fri, 26 May 2023 01:54:24 +0000 (22:54 -0300)]
make LDAP use flat or nested attributes
Jorge Pereira [Fri, 26 May 2023 01:54:24 +0000 (22:54 -0300)]
make Digest use flat or nested attributes
Jorge Pereira [Fri, 26 May 2023 01:54:24 +0000 (22:54 -0300)]
make BFD use flat or nested attributes
Jorge Pereira [Fri, 26 May 2023 01:54:24 +0000 (22:54 -0300)]
make EAP use flat or nested attributes
Jorge Pereira [Fri, 26 May 2023 01:51:34 +0000 (22:51 -0300)]
make radclient use flat or nested attributes
James Jones [Mon, 29 May 2023 01:14:13 +0000 (20:14 -0500)]
Initialize all of find.addr in fr_redis_cluster_pool_by_node_addr()
Coverity rightly pointed out that only parts of it were set.
Better to initialize it fully than to annotate the defect.
Alan T. DeKok [Mon, 29 May 2023 14:42:34 +0000 (10:42 -0400)]
name the individual listeners
as per commit
99b2e070e27
Alan T. DeKok [Mon, 29 May 2023 14:32:04 +0000 (10:32 -0400)]
print out which listener had the error
Alan T. DeKok [Mon, 29 May 2023 14:27:27 +0000 (10:27 -0400)]
define DHCPV6_MAX_ATTRIBUTES
as it was used, but wasn't defined
Alan T. DeKok [Wed, 24 May 2023 14:19:25 +0000 (10:19 -0400)]
minor cleanups
the key is now expanded to a local value-box, instead of pointing
to an attribute which might be edited by the operations we're
doing. As a result, we don't need to copy the key to a local
buffer.
Arran Cudbard-Bell [Sun, 28 May 2023 03:09:16 +0000 (22:09 -0500)]
macos: eapol_test seems to build against OpenSSL 3.0, albeit with lots of warnings
Arran Cudbard-Bell [Sun, 28 May 2023 02:57:35 +0000 (21:57 -0500)]
jlibtool: Print environment in verbose mode
Arran Cudbard-Bell [Fri, 26 May 2023 23:24:33 +0000 (19:24 -0400)]
Remove potentially unecessary explicit framework includes
Arran Cudbard-Bell [Fri, 26 May 2023 23:19:04 +0000 (19:19 -0400)]
Search in the place we found the last OpenSSL libary for subsequent libraries
Arran Cudbard-Bell [Fri, 26 May 2023 23:18:43 +0000 (19:18 -0400)]
record where we found the library
Arran Cudbard-Bell [Fri, 26 May 2023 23:18:24 +0000 (19:18 -0400)]
macos: Search in the new ARM homebrew location by default
Arran Cudbard-Bell [Fri, 26 May 2023 15:08:09 +0000 (11:08 -0400)]
rlm_totp: Convert to call_env
James Jones [Fri, 26 May 2023 11:59:47 +0000 (06:59 -0500)]
Skip recursive _raddict_export() call if children == NULL
Arguably a redundant test, but the alternative would be to
model talloc_array_length() to make clear to coverity that
it returns zero if handed NULL, and we're not sure that
modeling functions can check their parameters.
Arran Cudbard-Bell [Thu, 25 May 2023 21:56:25 +0000 (17:56 -0400)]
radclient: Allow source IP address to be set on the command line
Arran Cudbard-Bell [Thu, 25 May 2023 21:50:53 +0000 (17:50 -0400)]
radhttpcheck: Should probably just default to status-server out of the box
James Jones [Thu, 25 May 2023 18:37:11 +0000 (13:37 -0500)]
Remove uninit_use_in_call annotations to verity model
James Jones [Wed, 24 May 2023 18:52:44 +0000 (13:52 -0500)]
Add modeling to indicate when functions actually write data
These assure coverity that the modeled functions on success
actually write to the intended output parameter.
Nick Porter [Thu, 25 May 2023 08:27:08 +0000 (09:27 +0100)]
No need to persist the default Python path
Nick Porter [Wed, 24 May 2023 15:40:12 +0000 (16:40 +0100)]
Force Python to 3.8 on RHEL < 9
Default Python on RHEL 8 is 3.6.
RHEL 9 has Python 3.9 as default.
Nick Porter [Tue, 23 May 2023 17:37:32 +0000 (18:37 +0100)]
Remove old Python 2 specific module config
Nick Porter [Tue, 23 May 2023 17:35:59 +0000 (18:35 +0100)]
Remove module config for python path
Nick Porter [Tue, 23 May 2023 17:33:29 +0000 (18:33 +0100)]
Move python path setting to library init
Nick Porter [Tue, 23 May 2023 15:43:53 +0000 (16:43 +0100)]
Rework libpython initialization to use PyConfig
Makes minimum Python version required 3.8
Nick Porter [Tue, 23 May 2023 15:16:32 +0000 (16:16 +0100)]
Replace mod_load and mod_unload with global init / free functions
Nick Porter [Tue, 23 May 2023 15:10:57 +0000 (16:10 +0100)]
Add a global config for libpython
Nick Porter [Tue, 23 May 2023 14:46:14 +0000 (15:46 +0100)]
Remove pre Python 3.7 code
Jorge Pereira [Thu, 18 May 2023 18:14:34 +0000 (15:14 -0300)]
make SoH use flat or nested attributes
Jorge Pereira [Thu, 18 May 2023 17:56:44 +0000 (14:56 -0300)]
make WiMAX use flat or nested attributes.
Arran Cudbard-Bell [Wed, 24 May 2023 05:45:40 +0000 (01:45 -0400)]
radhttpcheck: Typo
Arran Cudbard-Bell [Wed, 24 May 2023 02:15:56 +0000 (22:15 -0400)]
radhttpcheck: Fix doc link
Arran Cudbard-Bell [Wed, 24 May 2023 02:10:41 +0000 (22:10 -0400)]
radhttpcheck: Tweak systemd unit
Arran Cudbard-Bell [Wed, 24 May 2023 01:48:32 +0000 (21:48 -0400)]
radhttpcheck: Catch broken pipe error
Arran Cudbard-Bell [Wed, 24 May 2023 01:21:26 +0000 (21:21 -0400)]
radhttpcheck: Allow config path to be specified
Arran Cudbard-Bell [Tue, 23 May 2023 23:00:16 +0000 (19:00 -0400)]
radhttpcheck: Add default NAS-Identifier
Arran Cudbard-Bell [Tue, 23 May 2023 22:50:08 +0000 (18:50 -0400)]
radhttpcheck: Bind interface is called ipaddr not server
Arran Cudbard-Bell [Tue, 23 May 2023 22:38:10 +0000 (18:38 -0400)]
Document server
Arran Cudbard-Bell [Tue, 23 May 2023 22:36:49 +0000 (18:36 -0400)]
radhttpcheck: slightly clearer
Arran Cudbard-Bell [Tue, 23 May 2023 22:29:22 +0000 (18:29 -0400)]
Add HTTP <-> RADIUS healthcheck gateway
Nick Porter [Tue, 23 May 2023 13:36:54 +0000 (14:36 +0100)]
LDAP_MAX_CACHEABLE only applies to name to DN and DN to name resolution
Nick Porter [Tue, 23 May 2023 09:49:04 +0000 (10:49 +0100)]
rlm_mschap is also already built if we're doing package tests
Nick Porter [Tue, 23 May 2023 08:28:39 +0000 (09:28 +0100)]
Package tests already have the modules built
github-actions[bot] [Tue, 23 May 2023 09:34:37 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/bfd.tar
Nick Porter [Tue, 23 May 2023 07:18:06 +0000 (08:18 +0100)]
Only call query->parser if there are valid results. Fix for CID #
1529242
Nick Porter [Tue, 23 May 2023 07:17:18 +0000 (08:17 +0100)]
Correct return
Arran Cudbard-Bell [Mon, 22 May 2023 21:50:36 +0000 (17:50 -0400)]
Add Calix vendor dictionary
Alan T. DeKok [Mon, 22 May 2023 21:06:41 +0000 (17:06 -0400)]
try to quiet clang scan
Alan T. DeKok [Mon, 22 May 2023 20:25:11 +0000 (16:25 -0400)]
make rlm_eap_mschapv2 use flat or nested attributes
Alan T. DeKok [Mon, 22 May 2023 20:07:07 +0000 (16:07 -0400)]
make EAP tests depend on the source modules
Alan T. DeKok [Mon, 22 May 2023 19:55:25 +0000 (15:55 -0400)]
add test.eap.help target
Alan T. DeKok [Mon, 22 May 2023 19:52:02 +0000 (15:52 -0400)]
remove RAD_REQUEST_OPTION_PROXY_EAP
this is a v3 thing, and won't work in v4. We will need a new
way to convert EAP-MSCHAPv2 to MS-CHAPv2 and vice-versa. Likely
with an xlat.
Alan T. DeKok [Mon, 22 May 2023 19:50:02 +0000 (15:50 -0400)]
more cleanups
Alan T. DeKok [Mon, 22 May 2023 19:45:04 +0000 (15:45 -0400)]
remove duplicate code, and use MEM()
github-actions[bot] [Sun, 21 May 2023 09:34:49 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/dns.tar
github-actions[bot] [Sun, 21 May 2023 09:34:46 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/dhcpv6.tar
github-actions[bot] [Sun, 21 May 2023 09:34:43 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/dhcpv4.tar
github-actions[bot] [Sun, 21 May 2023 09:34:40 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/radius.tar
github-actions[bot] [Sun, 21 May 2023 09:34:34 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/util.tar
github-actions[bot] [Sun, 21 May 2023 09:34:31 +0000 (09:34 +0000)]
Scheduled fuzzing: Update src/tests/fuzzer-corpus/tftp.tar