Commit report for master branch

Thu Sep 11 00:00:02 CEST 2014

New activity for FreeRADIUS (the high performance and highly configurable RADIUS server)

======
otp: Copy strings with explicit limiting

When copying username, challenge and password in otp_pw_valid, use
strlcpy accepting explicit destination size and verify its result,
instead of first assuming or verifying the string will fit and then
doing unlimited strcpy.

This silences the following Coverity errors.

Error: STRING_OVERFLOW (CWE-120):
freeradius-server-3.0.4rc2/src/modules/rlm_otp/otp_pw_valid.c:89: fixed_size_dest: You might overrun the 32 byte fixed-size string "otp_request.username" by copying "username" without checking the length.

Error: STRING_OVERFLOW (CWE-120):
freeradius-server-3.0.4rc2/src/modules/rlm_otp/otp_pw_valid.c:90: fixed_size_dest: You might overrun the 17 byte fixed-size string "otp_request.challenge" by copying "challenge" without checking the length.
freeradius-server-3.0.4rc2/src/modules/rlm_otp/otp_pw_valid.c:90: parameter_as_source: Note: This defect has an elevated risk because the source argument is a parameter of the current function.

Error: STRING_OVERFLOW (CWE-120):
freeradius-server-3.0.4rc2/src/modules/rlm_otp/otp_pw_valid.c:122: fixed_size_dest: You might overrun the 48 byte fixed-size string "otp_request.pwe.u.pap.passcode" by copying "rvp->data.strvalue" without checking the length.

Nikolai Kondrashov (via Arran Cudbard-Bell)@2014-09-10T22:25:42Z
Files modified:
	* src/modules/rlm_otp/otp_pw_valid.c

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/04e287cf6eede43bfd4efb8deb3c37caf3465fc4
====== 
Add a couple of attribute back

Arran Cudbard-Bell at 2014-09-10T21:54:55Z
Files modified:
	* share/dictionary.huawei

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/df4be700ed6c31fdaabebaa7ea56a5b38696a9dc
====== 
Update huawei dictionary

Arran Cudbard-Bell at 2014-09-10T21:50:40Z
Files modified:
	* share/dictionary.huawei

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/3bb5ea41af794ca6392efdcd868a409bf69eba89
====== 
Order by callingstation-Id, too.  Fixes #786

Alan T. DeKok at 2014-09-10T15:33:44Z
Files modified:
	* raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/db4f06f257c2bab02154b152e7dc33061680d63d
====== 
Added schema for DHCP IP pools.

With a key on Calling-Station-Id.

Alan T. DeKok at 2014-09-10T15:07:08Z
Files modified:
	* raddb/mods-config/sql/ippool-dhcp/mysql/schema.sql

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/c129ebe0f555cae1b265ead058472d8f422490b1
====== 
Update accounting queries to use NOW(), too.  Addresses #786

Alan T. DeKok at 2014-09-10T14:56:33Z
Files modified:
	* raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/e14f63c2656fa069890ae5b0dd5ef6d7afb930b1
====== 
Remove "and expiry_time IS NULL".  Fixes #786

DHCP does multiple passes to allocate one IP.  We want to update
the allocated IP, no matter what it's previous state.

The allocate_find query takes care of allocating the correct IP.
We don't need to do extra checks in the allocate_update query

Alan T. DeKok at 2014-09-10T14:54:56Z
Files modified:
	* raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/11571accf6143613bca3769eaeae07550d355278
====== 
When clearing entries, set expiry time to now.  Addresses #786

This is so that the allocate_find will return the oldest IP.
And, the allocate_find will now use an index, rather than
potentially scanning the entire table

Alan T. DeKok at 2014-09-10T14:54:55Z
Files modified:
	* raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/46ab30cba489c5e29b16c43c5c058f230f82c2cb
====== 
Fix allocate_find query.  Addresses #786

Alan T. DeKok at 2014-09-10T14:54:54Z
Files modified:
	* raddb/mods-config/sql/ippool-dhcp/mysql/queries.conf

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/50082c60f1c88d04de53b9c2c9443779064457db
====== 
Document IPv6 option

Alan T. DeKok at 2014-09-10T14:42:32Z
Files modified:
	* raddb/mods-available/sqlippool

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/655eef6c6a4b407e88889954fc14767be170a786
====== 
Be more flexible about parsing parameters

Alan T. DeKok at 2014-09-10T14:42:31Z
Files modified:
	* src/modules/rlm_perl/rlm_perl.c

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/ea5e67947fd8c71c7c3089f006fb57137b2ed2f9
====== 
Some extra Huawei attributes

Arran Cudbard-Bell at 2014-09-10T05:12:12Z
Files modified:
	* share/dictionary.huawei

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/616d86ffa8e3c2a9e90f6956f8768c88f1e82bbb
====== 
Should be map_prints

Arran Cudbard-Bell at 2014-09-10T01:35:20Z
Files modified:
	* src/include/map.h
	* src/main/map.c
	* src/main/modcall.c
	* src/main/parser.c

Commit diff:
https://github.com/FreeRADIUS/freeradius-server/commit/728f38c46c74f7ff67fee4b77d40caf28a40e630
====== 
-- 
This commit summary was generated @2014-09-11T00:00:02Z by lgfeed version 0.00 (https://github.com/arr2036/lgfeed).