summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* add msg-id to debug log outputFabian Mauchle2017-08-012-3/+3
|
* create new cert_store before reloading CAs and CRLsFabian Mauchle2017-08-012-0/+5
| | | | | Conflicts: ChangeLog
* Revert partial fix for RADSECPROXY-69 (47ccc9f).Linus Nordberg2016-11-012-10/+1
| | | | This was potentially making things worse.
* Look at servers->dynamiclookuparg for deciding if a server is dynamic.Linus Nordberg2016-11-012-1/+10
| | | | | | | | | | The dynamiclookupcommand member of the _config_ of the server is being set to NULL when it's copied in confserver_cb(), resulting in dynamic discovery being done for realms that already have a server. Patch from Fabian Mauchle. Addresses RADSECPROXY-69.
* Bump version to 1.6.9-dev.Linus Nordberg2016-11-013-3/+3
|
* radsecproxy-1.6.8.radsecproxy-1.6.8Linus Nordberg2016-09-214-4/+9
|
* Stomp less on other threads memory.Linus Nordberg2016-09-212-4/+16
| | | | See RADSECPROXY-64.
* Don't wait for _writable_ when _reading_ a TCP socket.Linus Nordberg2016-09-191-3/+2
| | | | | | Like 92a0c39a for TCP. Patch by Fabian Mauchle.
* Fix spelling.Linus Nordberg2016-03-231-4/+4
| | | | Pointed out by Faidon Liambotis.
* radsecproxy-1.6.7radsecproxy-1.6.7Linus Nordberg2016-03-144-5/+5
|
* Update ChangeLog for upcoming radsecproxy-1.6.7.Linus Nordberg2016-03-111-0/+8
|
* Fix the html target.Linus Nordberg2016-03-111-5/+6
| | | | | List the three .html files. Add targets for building .html from .1 and .5.
* #include <string.h> for memcpy() and strcmp().Linus Nordberg2016-03-112-0/+2
|
* Use DTLS_method() for new SSL context if it exists.Linus Nordberg2016-03-111-0/+5
| | | | | Effectively turning on support for DTLS 1.2 when OpenSSL version 1.0.2 or higher.
* Allow TLSv1.1 and TLSv1.2.Linus Nordberg2016-02-251-1/+2
| | | | | This should in theory allow for later versions of TLS too but let's verify that when the time comes.
* Mention radsecproxy-hash(1) in radsecproxy.1.Linus Nordberg2016-02-251-3/+2
|
* Install radsecproxy.conf.5 unconditionally.radsecproxy-1.6.6Linus Nordberg2015-01-192-1/+3
| | | | Keep regeneration of it dependent on configure finding docbook2x-man(1).
* radsecproxy-1.6.6Linus Nordberg2015-01-194-5/+5
|
* Refer to RFC6614 instead of the old draft.Linus Nordberg2015-01-191-2/+2
|
* ChangeLog for the four security patches.Linus Nordberg2015-01-161-0/+4
| | | | | Conflicts: ChangeLog
* Fix heap overflow in raddtlsget(), radtcpget() and radtlsget().Linus Nordberg2015-01-163-0/+12
| | | | Patch by Stephen Röttger.
* Fix null pointer dereference in decttl().Linus Nordberg2015-01-161-0/+3
| | | | Patch by Stephen Röttger.
* Fix use-after-free in _internal_removeserversubrealms().Linus Nordberg2015-01-161-2/+5
| | | | Patch by Stephen Röttger.
* Fix use-after-free in hash_extract().Linus Nordberg2015-01-162-1/+4
| | | | Patch by Stephen Röttger.
* Remove 'compile', generated by Automake.Linus Nordberg2015-01-163-143/+2
| | | | Patch by Christian Hesse.
* Update copyright notice.Linus Nordberg2015-01-161-1/+1
| | | | | Conflicts: radsecproxy.c
* When CHAP-Password, copy Request Authenticator to CHAP-Challenge.Linus Nordberg2015-01-163-0/+26
| | | | | Conflicts: radmsg.h
* radsecproxy-1.6.5 --> 1.6.6-devLinus Nordberg2015-01-143-3/+3
|
* Have rewriteIn for servers use the correct config section.Linus Nordberg2015-01-142-2/+10
| | | | | Conflicts: ChangeLog
* radsecproxy-1.6.5.radsecproxy-1.6.5Linus Nordberg2013-09-064-4/+4
|
* Have radmsg_copy_attrs() return error in all error cases.Linus Nordberg2013-09-061-4/+2
| | | | Also when copying of the first attribute fails.
* Make a _copy_ of the attributes when copying them.Linus Nordberg2013-09-062-1/+6
| | | | | | Doh! Closes RADSECPROXY-53.
* radsecproxy-1.6.4radsecproxy-1.6.4radsecproxy-Linus Nordberg2013-09-053-3/+3
|
* Keep Proxy-State attributes in all replies to clients.Linus Nordberg2013-09-056-16/+105
| | | | Closes RADSECPROXY-52.
* radsecproxy-1.6.3radsecproxy-1.6.3Linus Nordberg2013-09-044-4/+4
|
* Remove generated files (auto tools).Linus Nordberg2013-09-046-5462/+0
| | | | | | | | | Some of these were revived in 4c163b1e bc they were supposedly not generated when running autogen.sh. That's not the case (any more) so let's avoid checking in generated files. Note that these files will be included in tar balls made from make dist.
* radsecproxy-1.6.3-rc0radsecproxy-1.6.3-rc0Linus Nordberg2013-09-024-4/+4
|
* Update ChangeLog with two older bug fixes.Linus Nordberg2013-09-021-0/+4
|
* Improve warning message when failing to resolve a dynamic server config.Linus Nordberg2013-09-021-2/+2
|
* Time out on TLS clients not closing the connection properly.Linus Nordberg2013-09-022-1/+3
| | | | Patch by Fabian Mauchle.
* When timing out while reading from a TLS server, shutdown the socket properly.Linus Nordberg2013-09-022-0/+11
| | | | | | | Also signal the "client writer" (clientwr()). Together, this should result in TLS connections being cleaned up properly. Patch by Fabian Mauchle.
* Don't wait for _writable_ when _reading_ an SSL socket.Linus Nordberg2013-09-021-10/+11
| | | | | | | Also, don't select() at all if SSL_pending() says there's data to read. Patch by Fabian Mauchle.
* Don't free struct clsrvconf members rewritein and rewriteout.Linus Nordberg2013-09-022-2/+4
| | | | | | | They are pointers into static struct hash *rewriteconfs and should live forever. Patch by Fabian Mauchle.
* Update ChangeLog with the last three bug fixes/ehancements.Linus Nordberg2013-09-021-0/+11
| | | | | | | Also, in a lame attempt att giving credit for last commit where I failed at doing that: 4920ff44 is a patch from Fabian Mauchle.
* Purge the duplication cache once per received packet.Linus Nordberg2013-09-021-0/+17
|
* Add Fabian Mauchle to AUTHORS.Linus Nordberg2013-09-021-0/+1
|
* Return free memory more aggressively.Linus Nordberg2013-09-022-0/+9
| | | | | | | | | | Have free(3) call sbrk(2) when there's 4 MB to free (default on Linux seems to be 128). Patch by Fabian Mauchle. Conflicts: configure.ac
* Create threads with a 32 KB stack rather than what happens to be the default.Linus Nordberg2013-09-026-16/+23
| | | | | | On Linux, the default stack size is typically 8 MB. Patch by Fabian Mauchle.
* Honour escaped slashes in regular expressions.Linus Nordberg2013-09-021-1/+3
| | | | Closes RADSECPROXY-51.
* Verify a single hash/hmac in the tests, not two.Linus Nordberg2013-09-021-6/+5
|