diff options
| author | martti <martti@pkgsrc.org> | 2003-12-16 19:19:41 +0000 |
|---|---|---|
| committer | martti <martti@pkgsrc.org> | 2003-12-16 19:19:41 +0000 |
| commit | d5842c4f4747b2756964cf8207fe7e2cbb02440a (patch) | |
| tree | 0244cd49584a656cb73b05bc1683c5d11c841bd3 /net/lopster | |
| parent | 67deeb7ce1a2ef350e32119910948d757491cee4 (diff) | |
| download | pkgsrc-d5842c4f4747b2756964cf8207fe7e2cbb02440a.tar.gz | |
radiusd-cistron (1.6.7) cistron; urgency=medium
* Fix checkrad.pl::cisco_snmp and usrhiper_snmp so that communities
other than "public" can be used too.
* Error out on superflous command line args (optind >= argc)
* Encrypt CHAP-Password in radclient so that CHAP can be tested too
* Add "wildcard" option to realms - if you set this option, you can
match on the entire username using shell wildcards in the realms file.
* If the nastype in /etc/raddb/naslist is set to 'none' for a nas,
logins on that nas will have no simultaneous use restrictions imposed
and those logins will not count towards the total amount of logins.
* Removed 'raduse' and manpage.
* Can disable radutmp with "-u none" (likewise radwtmp with "-W none",
though we already had "-w" for that).
* Call checkrad with an extra argument, the framed IP address.
* Fix bug where $INCLUDEing a file without any records would
cause the rest of the original file to be ignored
* Support for 64-bit wide integers (integer8 type). If compiled with
gcc, users file can contain both hex and decimal 64-bit values,
and 64-bit values are printed in decimal. With other compilers
(no "long long" support) only hex 64-bit values are supported.
* Change "_" to "-" in dictionary.redback and change the 64 bits
values to integer8.
* Moved the dictionary files to /usr/local/share/radius. Now
only /etc/raddb/dictionary remains that $INCLUDES all the others.
For new installs only; existing installations won't be changed
* Make integer in the format string of sprintf(buf, "%03d:%.20s", ..) in
make_wtmp() unsigned (%u), otherwise the sprintf could in some cases
(negative NAS-Port, very long NAS-name) overrun the buffer by one
byte, overwriting the least significant byte of the return address
on the stack with a \0. Not sure if this is exploitable or not,
but it could be a security problem.
* Make sure ut.login (struct radutmp member) is treated everywhere
as a NON-zero terminated string.
* Make sure unsigned integers are used in all places using lvalues
(32 bits radius values), especially nas_port.
* radrelay: update id of packet when retransmitting.
* Print an error and free the request struct if we receive an unknown
packet type.
* rad_check_multi: if username/NAS/port match, don't count as dup.
Diffstat (limited to 'net/lopster')
0 files changed, 0 insertions, 0 deletions