New activity for FreeRADIUS (the high performance and highly configurable RADIUS server) ====== Add a couple of attribute back Arran Cudbard-Bell@2014-09-10T21:55:01Z Files modified: * share/dictionary.huawei Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/774c5fb93f0a2c639afdb... ====== Update huawei dictionary Arran Cudbard-Bell@2014-09-10T21:48:57Z Files modified: * share/dictionary.huawei Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/aed1010d7e68d05abe8d7... ====== Merge pull request #788 from spbnick/coverity_fixes2 Coverity fixes part 2 Arran Cudbard-Bell@2014-09-10T20:09:50Z Files modified: * src/main/tls.c * src/modules/rlm_otp/otp_pw_valid.c Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/cdc2002804a72cfdcd3f8... ====== tls: Set umask before creating temporary file Set restrictive umask before creating temporary file for client certificate in cbtls_verify. Coverity has reported the following error for this issue. Error: SECURE_TEMP (CWE-377): freeradius-server-3.0.4rc2/src/main/tls.c:1882: secure_temp: Calling "mkstemp(char *)" without securely setting umask first. Nikolai Kondrashov@2014-09-10T16:04:36Z Files modified: * src/main/tls.c Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/1fc1558e7ac11102a4bc4... ====== otp: Copy strings with explicit limiting When copying username, challenge and password in otp_pw_valid, use strlcpy accepting explicit destination size and verify its result, instead of first assuming or verifying the string will fit and then doing unlimited strcpy. This silences the following Coverity errors. Error: STRING_OVERFLOW (CWE-120): freeradius-server-3.0.4rc2/src/modules/rlm_otp/otp_pw_valid.c:89: fixed_size_dest: You might overrun the 32 byte fixed-size string "otp_request.username" by copying "username" without checking the length. Error: STRING_OVERFLOW (CWE-120): freeradius-server-3.0.4rc2/src/modules/rlm_otp/otp_pw_valid.c:90: fixed_size_dest: You might overrun the 17 byte fixed-size string "otp_request.challenge" by copying "challenge" without checking the length. freeradius-server-3.0.4rc2/src/modules/rlm_otp/otp_pw_valid.c:90: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function. Error: STRING_OVERFLOW (CWE-120): freeradius-server-3.0.4rc2/src/modules/rlm_otp/otp_pw_valid.c:122: fixed_size_dest: You might overrun the 48 byte fixed-size string "otp_request.pwe.u.pap.passcode" by copying "rvp->data.strvalue" without checking the length. Nikolai Kondrashov@2014-09-10T16:04:35Z Files modified: * src/modules/rlm_otp/otp_pw_valid.c Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/d7619f2d8ed7dd31cf49a... ====== Order by callingstation-Id, too. Fixes #786 Alan T. DeKok@2014-09-10T15:33:26Z Files modified: * raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/8abb44f0d09be7f4714c8... ====== Added schema for DHCP IP pools. With a key on Calling-Station-Id. Alan T. DeKok@2014-09-10T15:06:42Z Files modified: * raddb/mods-config/sql/ippool-dhcp/mysql/schema.sql Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/6bb930a328f7b11451d98... ====== Update accounting queries to use NOW(), too. Addresses #786 Alan T. DeKok@2014-09-10T14:56:05Z Files modified: * raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/c065fe01b82635f0811e7... ====== Remove "and expiry_time IS NULL". Fixes #786 DHCP does multiple passes to allocate one IP. We want to update the allocated IP, no matter what it's previous state. The allocate_find query takes care of allocating the correct IP. We don't need to do extra checks in the allocate_update query Alan T. DeKok@2014-09-10T14:53:19Z Files modified: * raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/9557f54dd300893e79f0a... ====== When clearing entries, set expiry time to now. Addresses #786 This is so that the allocate_find will return the oldest IP. And, the allocate_find will now use an index, rather than potentially scanning the entire table Alan T. DeKok@2014-09-10T14:52:32Z Files modified: * raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/32ed3d64204f9d2254d8f... ====== Fix allocate_find query. Addresses #786 Alan T. DeKok@2014-09-10T14:49:08Z Files modified: * raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/c0715ec7813be2e0bfebd... ====== Document IPv6 option Alan T. DeKok@2014-09-10T14:39:14Z Files modified: * raddb/mods-available/sqlippool Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/877358e9e3028d1a2a45a... ====== Be more flexible about parsing parameters Alan T. DeKok@2014-09-10T14:26:57Z Files modified: * src/modules/rlm_perl/rlm_perl.c Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/db59840d20386718c1931... ====== Should be map_prints Arran Cudbard-Bell@2014-09-10T01:35:12Z Files modified: * src/include/map.h * src/main/map.c * src/main/modcall.c * src/main/parser.c Commit diff: https://github.com/FreeRADIUS/freeradius-server/commit/8bdbe58367de8337df467... ====== -- This commit summary was generated @2014-09-11T00:00:02Z by lgfeed version 0.00 (https://github.com/arr2036/lgfeed).