| Age | Commit message (Collapse) | Author |
|---|
|
Also, correct the -DTACDEBUG_AT_RUNTIME scenario so that TACDEBUG()
binds correct when used in an if-body with an else following it, e.g.:
if (test)
TACDEBUG(LOG_DEBUG, "test is true");
else
return;
would previously have ended up as expanding to:
if (test)
if (tac_debug_enable) logmsg(LOG_DEBUG, "test is true");
else
return;
with the indent redone to reflect the nesting correctly. This now
expands (correctly) to:
if (test)
do { if (tac_debug_enable) logmsg(LOG_DEBUG, "test is true"); } while (0);
else
return;
|
|
Commit 654b79e removed a very similar check, but with the new
common exit strategy for this function, it is in fact possible to
have fd be set without having copied fd into retval (i.e. retval
still being set to an error value, which is negative).
|
|
This is so that tracing is always the same, even when exceptions occur.
|
|
Fix various declaration inconsistencies that were throwing compiler
warnings
|
|
|
|
Avoid socket leaks on connection timeouts
|
|
... and other not covered error conditions.
|
|
Allow to configure an individual timeout per TACACS+ server.
Bumped SO-version due to API change.
|
|
|
|
|
|
|
|
This allows to specify from which source address/interface the TACACS+
client connection gets initiated.
Bump SO-versioning due to API change.
|
|
|
|
|
|
Note that this does not change anything in regards to buffer overflowing
|
|
|
|
better way
|
|
|
|
|
|
|
|
|
|
|
|
Removed first_hit option because you can get the same behaviour by using only one server.
Added multiple secret support, you can now specify different secrets (keys) for different servers.
connect.c: improved connection error handling by using getpeername() to check if connection is still valid. This was needed since we are using non-blocking sockets.
Properly handle multiple servers when authenticating, patch from Gregg Nemas, thanks!
|
|
|
