Switch branches/tags
Nothing to show
Commits on Nov 3, 2016
  1. auth_server example: handle bad authenicators

    Add code demonstrating how to handle messages with mismatching message
    authenticators. Access-Request messages don't require a message
    authenticator (unless you are doing EAP) but if it is provided it must
    be checked.
    Having a mismatched message authenticator usually means you have a
    shared secret mismatch. We raise an exception to force you to think
    about and handle this case properly.
    If you really don't care and don't want to get that exception you can
    use `decode_without_secret` which will decode all the attributes it can
    so you can at least inspect the packet.
    psanford committed Nov 3, 2016
Commits on Jul 27, 2016
  1. Bump version for new release.

    muirrn committed Jul 27, 2016
  2. Merge pull request #32 from Tam-One/bugfix/decode-attributes

    Fixed bug in decode_attributes method which can cause memory leak whe…
    muirrn committed on GitHub Jul 27, 2016
Commits on Jul 21, 2016
Commits on Feb 23, 2016
Commits on Oct 7, 2015
  1. Bump version for new release.

    muirrn committed Oct 7, 2015
  2. Handle capitalized VSA types.

    muirrn committed Oct 7, 2015
Commits on Jul 9, 2015
  1. Bump version for new release.

    muirrn committed Jul 9, 2015
  2. Update node versions tested by travis.

    Remove node 0.8 b/c the deep-equal package doesn't support it.
    psanford committed Jul 9, 2015
Commits on Jun 17, 2015
  1. Fix encoding after using decode_without_secret.

    The way the library passes args down is really stupid. It sticks
    various args on "this" (the "radius" package object) so it doesn't
    have to pass the args around as function parameters. This was causing
    and issue because the encode_without_secret method was setting
    this.no_secret = true (which indicates to _crypt_field that it shouldn't
    try to decrypt anything), but encode wasn't unsetting that, it was
    skipping the password encrypt and crashing later because of it.
    Double fix it by having encode unset no_password, and by making
    decrypt_field consume no_secret rather than _crypt_field (so it
    can't affect encrypt_field anymore).
    muirrn committed Jun 17, 2015
Commits on Aug 29, 2014
  1. Merge pull request #13 from chrisdew/master

    added decode_without_secret functionality
    muirmanders committed Aug 29, 2014
  2. responded to suggestions in #12 - preferred nulls to omitting encrypt…

    …ed fields, as it may be useful to know whether a request has a particular field before bothering to find its secret
    chrisdew committed Aug 29, 2014
Commits on Aug 8, 2014
Commits on Jul 7, 2014
  1. Bump version for a new release.

    Muir Manders committed Jul 7, 2014
  2. Have this test calculate Message-Authenticator.

    Rather than hard-coding it in the test.
    Muir Manders committed Jul 7, 2014
  3. Use byte length of User-Password when encrypting.

    dorianlu committed with Muir Manders Jul 4, 2014
Commits on Jun 17, 2014
  1. Bump version for new release.

    Muir Manders committed Jun 17, 2014
  2. Add test for non multiple of 1000 ms time for date type.

    Alexander Cho committed with Muir Manders Jun 17, 2014
  3. Fix non-integer division bug encoding date objects.

    Fix bug where Event-Timestamp cannot write to buffer because
    date.getTime()/1000 is not an integer.
    Alexander Cho committed with Muir Manders Jun 17, 2014
Commits on Mar 31, 2014
  1. Bump version for new release.

    Muir Manders committed Mar 31, 2014
  2. Be sure to quote the nvm versions in travis YAML.

    It happened to work anyway though (nvm use 0.1 chooses 0.10).
    Muir Manders committed Mar 31, 2014
  3. Change node dependency to >= 0.8

    Had to upgrade nodeunit to fix tests on node 0.11.
    Muir Manders committed Mar 31, 2014
Commits on Mar 10, 2014
  1. Major version bump for new release.

    Getting rid of the asynchronous interface was a compatibility
    breaking change.
    Muir Manders committed Mar 10, 2014
Commits on Feb 24, 2014
  1. Get rid of asynchronous interface.

    Made things way more complex, and I don't think it was buying you
    Muir Manders committed Feb 24, 2014
Commits on Feb 22, 2014
  1. Update README regarding Message-Authenticator

    Muir Manders committed Feb 22, 2014
  2. Add suppose for Message-Authenticator attribute.

    Message-Authenticator is an HMAC, improving security over
    the normal authenticator. node-radius will now add it to
    messages while encoding when appropriate, and verify it
    in messages when decoding. I will update README with more
    Muir Manders committed Feb 22, 2014
Commits on Feb 20, 2014
  1. Fix attribute names that start with numbers.

    When parsing the dictionary, it was misinterpreting the beginning
    of the attribute name as the vendor id in a VENDORATTR style attribute
    Muir Manders committed Feb 20, 2014
Commits on Feb 19, 2014
  1. Fix authenticator for "Status-Server" packets.

    Per RFC 5997, like Access-Request this type of packet uses
    a random authenticator. There might be other types that also
    use a random authenticator, but I don't know of a good way
    to determine that list.
    Muir Manders committed Feb 19, 2014
Commits on Jan 13, 2014
  1. Fix travis links.

    Muir Manders committed Jan 13, 2014
Commits on Mar 15, 2013
  1. Couple more updates for README.

    Muir Manders committed Mar 15, 2013
  2. Expand examples/auth_client.js a little.

    Now it uses the new verify_response method to make sure it can
    trust the response it gets from the server.
    Muir Manders committed Mar 15, 2013
Commits on Mar 13, 2013
  1. Update README to include verify_response.

    Muir Manders committed Mar 13, 2013