| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Exit if stringcopy() fails at allocating memory. | Linus Nordberg | 2016-10-18 | 1 | -1/+1 |
| | | | | | | | Writing to 0 seems unwise to me. Returning NULL will simply move the problem to the callers. I admit that a better fix would be to fix all the callers. | ||||
| * | Don't follow the NULL pointer, not even in debug printouts. | Linus Nordberg | 2016-10-17 | 2 | -1/+5 |
| | | | | | | | Bug reported by Leonhard Knauff. Closes RADSECPROXY-68. | ||||
| * | Don't use a smaller pthread stack size than what's allowed. | Linus Nordberg | 2016-10-17 | 1 | -0/+9 |
| | | | | | Patch by Kolbjørn Barmen. | ||||
| * | Hopefully make clang less unhappy about '#if defined'. | Linus Nordberg | 2016-10-17 | 2 | -1/+2 |
| | | | | | Reported by Luke Benes. | ||||
| * | Update ChangeLog. | Linus Nordberg | 2016-10-17 | 1 | -4/+14 |
| | | |||||
| * | Update contact email address. | Linus Nordberg | 2016-10-17 | 1 | -1/+1 |
| | | |||||
| * | Assert that the server argument is non-NULL. | Linus Nordberg | 2016-10-06 | 1 | -0/+1 |
| | | |||||
| * | Don't follow the NULL pointer. | Linus Nordberg | 2016-10-06 | 1 | -1/+2 |
| | | | | | | In practice, sendrq() is called from two functions, radsrv() and clientwr(), none of which should be able to pass rq->to == NULL. | ||||
| * | Update ChangeLog. | Linus Nordberg | 2016-09-21 | 1 | -0/+8 |
| | | |||||
| * | Require libnettle unconditionally.openssl11-rebased | Linus Nordberg | 2016-09-21 | 6 | -57/+5 |
| | | |||||
| * | Use libnettle instead of libcrypto (from openssl) for MD5 and HMAC(MD5). | Linus Nordberg | 2016-09-21 | 3 | -137/+75 |
| | | | | | | | | | | The HMAC_ and EVP_MD_ API:s changed in OpenSSL 1.1 in a way that made it unfeasable to support both older and newer OpenSSL. Radsecproxy already depends on libnettle for Fticks. Moving away from libcrypto makes it easier to add support for other TLS libraries than OpenSSL. | ||||
| * | EVP_MD_CTX and HMAC_CTX are now pointers. | Linus Nordberg | 2016-09-21 | 2 | -106/+106 |
| | | | | | | | | NOTE: pwdcrypt(), msmppencrypt(), msmppdecrypt(), _checkmsgauth(), _validauth() _createmessageauth() and _radsign() all become slightly more expensive since we're now allocating and freeing an EVP_MD_CTX or HMAC_CTX on each invocation. | ||||
| * | Remove openssl thread lock handling. | Linus Nordberg | 2016-09-21 | 1 | -25/+0 |
| | | | | | | openssl-1.1 uses a new threading API which makes manual locking wrt openssl not necessary. | ||||
| * | ASN1_STRING_data() -> ASN1_STRING_get0_data(). | Linus Nordberg | 2016-09-21 | 1 | -3/+3 |
| | | | | | | ASN1_STRING_data was deprecated in openssl-1.1, see https://www.openssl.org/docs/manmaster/crypto/ASN1_STRING_data.html | ||||
| * | Don't call ERR_remove_thread_state(). | Linus Nordberg | 2016-09-21 | 3 | -7/+0 |
| | | | | | | Not needed as of openssl-1.1, see https://www.openssl.org/docs/man1.1.0/crypto/ERR_remove_thread_state.html | ||||
| * | Use ERR_remove_thread_state() instead of ERR_remove_state(). | Linus Nordberg | 2016-09-21 | 3 | -7/+7 |
| | | |||||
| * | Stop accessing ssl->rbio directly. | Linus Nordberg | 2016-09-21 | 1 | -5/+5 |
| | | |||||
| * | Stomp less on other threads memory.stompless-rebased-squashed | Linus Nordberg | 2016-09-21 | 2 | -4/+16 |
| | | | | | See RADSECPROXY-64. | ||||
| * | Don't wait for _writable_ when _reading_ a TCP socket. | Linus Nordberg | 2016-09-19 | 1 | -3/+2 |
| | | | | | | | Like 92a0c39a for TCP. Patch by Fabian Mauchle. | ||||
| * | Let env DOCBOOK2X_MAN optionally name the docbook2x-man program. | Linus Nordberg | 2016-09-19 | 1 | -3/+6 |
| | | | | | Patch from Fabian Mauchle with a minor change. | ||||
| * | Make docbook2x-man happy on RedHat. | Linus Nordberg | 2016-09-16 | 1 | -3/+1 |
| | | | | | Patch from Fabian Mauchle. | ||||
| * | Don't build radsecproxy.conf.5 unless HAVE_DOCBOOK2X_MAN. | Linus Nordberg | 2016-09-16 | 1 | -1/+1 |
| | | | | | Patch from Fabian Mauchle. | ||||
| * | Fix spelling. | Linus Nordberg | 2016-03-23 | 1 | -4/+4 |
| | | | | | Pointed out by Faidon Liambotis. | ||||
| * | Add changes from 1.6.7. | Linus Nordberg | 2016-03-14 | 1 | -1/+9 |
| | | |||||
| * | Add info about license change to ChangeLog. | Linus Nordberg | 2016-03-11 | 1 | -1/+7 |
| | | |||||
| * | Fix the html target. | Linus Nordberg | 2016-03-09 | 1 | -5/+6 |
| | | | | | | List the three .html files. Add targets for building .html from .1 and .5. | ||||
| * | #include <string.h> for memcpy() and strcmp(). | Linus Nordberg | 2016-03-09 | 2 | -0/+2 |
| | | |||||
| * | Use DTLS_method() for new SSL context if it exists. | Linus Nordberg | 2016-03-06 | 1 | -0/+5 |
| | | | | | | Effectively turning on support for DTLS 1.2 when OpenSSL version 1.0.2 or higher. | ||||
| * | Use TLS_method() for new SSL context if it exists. | Linus Nordberg | 2016-03-06 | 1 | -1/+7 |
| | | |||||
| * | Allow TLSv1.1 and TLSv1.2. | Linus Nordberg | 2016-02-25 | 1 | -1/+2 |
| | | | | | | This should in theory allow for later versions of TLS too but let's verify that when the time comes. | ||||
| * | Mention radsecproxy-hash(1) in radsecproxy.1. | Linus Nordberg | 2015-09-17 | 1 | -3/+2 |
| | | |||||
| * | Merge branch 'docu' | Linus Nordberg | 2015-01-22 | 2 | -2/+15 |
| |\ | |||||
| | * | Revamp the documentation of a request+response being proxied. | Linus Nordberg | 2015-01-22 | 1 | -9/+7 |
| | | | |||||
| | * | Add comments on functions. | Linus Nordberg | 2015-01-16 | 1 | -0/+3 |
| | | | |||||
| | * | Add more overview to develdoc and correct a factual error. | Linus Nordberg | 2015-01-16 | 1 | -2/+14 |
| | | | |||||
| * | | Install radsecproxy.conf.5 unconditionally. | Linus Nordberg | 2015-01-19 | 2 | -1/+3 |
| | | | | | | | | | Keep regeneration of it dependent on configure finding docbook2x-man(1). | ||||
| * | | Refer to RFC6614 instead of the old draft. | Linus Nordberg | 2015-01-19 | 1 | -2/+2 |
| | | | |||||
| * | | ChangeLog for the four security patches. | Linus Nordberg | 2015-01-16 | 1 | -0/+4 |
| | | | |||||
| * | | Fix heap overflow in raddtlsget(), radtcpget() and radtlsget(). | Linus Nordberg | 2015-01-16 | 3 | -0/+12 |
| | | | | | | | | | Patch by Stephen Röttger. | ||||
| * | | Fix null pointer dereference in decttl(). | Linus Nordberg | 2015-01-16 | 1 | -0/+3 |
| | | | | | | | | | Patch by Stephen Röttger. | ||||
| * | | Fix use-after-free in _internal_removeserversubrealms(). | Linus Nordberg | 2015-01-16 | 1 | -2/+5 |
| | | | | | | | | | Patch by Stephen Röttger. | ||||
| * | | Fix use-after-free in hash_extract(). | Linus Nordberg | 2015-01-16 | 2 | -1/+4 |
| |/ | | | | Patch by Stephen Röttger. | ||||
| * | Fix some issues showing when DEBUG is defined. | Linus Nordberg | 2015-01-16 | 4 | -8/+7 |
| | | |||||
| * | Remove 'compile', generated by Automake. | Linus Nordberg | 2015-01-16 | 3 | -143/+2 |
| | | | | | Patch by Christian Hesse. | ||||
| * | Update copyright notice. | Linus Nordberg | 2015-01-16 | 1 | -1/+1 |
| | | |||||
| * | When CHAP-Password, copy Request Authenticator to CHAP-Challenge. | Linus Nordberg | 2015-01-16 | 3 | -0/+27 |
| | | |||||
| * | Be consistent with naming of attribute defines. | Linus Nordberg | 2015-01-16 | 2 | -2/+2 |
| | | |||||
| * | Have rewriteIn for servers use the correct config section. | Linus Nordberg | 2015-01-14 | 2 | -3/+11 |
| | | |||||
| * | Have radmsg_copy_attrs() return error in all error cases. | Linus Nordberg | 2013-09-06 | 1 | -4/+2 |
| | | | | | Also when copying of the first attribute fails. | ||||
| * | Add ChangeLog entry for -53. | Linus Nordberg | 2013-09-06 | 1 | -1/+6 |
| | | |||||
 |
index : radsecproxy.git | |
| RADIUS proxy with support for TLS RadSec | linus@sunet.se |
| summaryrefslogtreecommitdiff |