Again: Major impact on authentication!

Peter Nixon listuser at
Wed Feb 7 07:04:13 CET 2007

On Tue 06 Feb 2007 21:35, Guilherme Franco wrote:
> Mr. Peter,
> On 2/6/07, Peter Nixon <listuser at> wrote:
> > OK. Well we have added a few more things this week. The last commit was
> > just over an hour ago for:
> >
> Yes, I've been watching the progress in "Automatic report from sources
> (radiusd)" in the devel list, thanks.
> > Can you please confirm whether on not Oracle supports the SQL99 syntax?
> > If so I will change all the "BEGIN"s to "START TRANSACTION". If it does
> > not I will do the opposite.
> Oracle automatically treats every changing aspect of the tables as a
> transaction so there's no "START TRANSACTION" command in it. Every
> BEGIN needs to have a END; and a dot "." in after END;. Basically you
> need the Transaction so you can do the FOR UPDATE command to lock that
> framedipaddress temporally. In Oracle thou need no BEGIN, just do the
> "select ... for update" and then the COMMIT; in the end.

OK. Well, the start and end transaction commands may be overridden in 
sqlippool.conf in the same manner as the other sql queries. Simply 
define "allocate-begin" and "allocate-commit" etc.

When you have have time could you please sqlippool with oracle and let me 
know if it works or not?

> > The patches I committed today and yesterday improved the exit codes
> > which should make failover more flexible.
> I don't know if the new CVS will suit for me because with the
> PostgreSQL function that I've made there's no need to use 2 sqlippool
> instances. Again, I don't have anything against the module fail-over,
> I'm just using the function mainly because the native allocate-find
> didn't fixed the users IP correctly for me (also one module is a bit
> quicker).

sure. stored procedures rock :-)

> A quick valgrind run detected some errors in rlm_sql for the oracle
> connection. Gonna do a massive debugging after midnight to see if
> there's something weird going on.

Yeah. the oracle driver really needs to extra love and attention. I have 
deployed it a couple of times for customers and made some very minor updates 
to it to support Oracle 10 but an Oracle dev really needs to torture check 
it all with valgrind and make sure that the reconnect and everything is 
working correctly.

> Thank you and everyone for the prompt answers!

You are welcome.


Peter Nixon
PGP Key:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <>

More information about the Freeradius-Users mailing list