Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | WIP: Fix the Proxy-State issue.proxy-state | Linus Nordberg | 2013-08-28 | 5 | -16/+100 |
| | |||||
* | Update ChangeLog with two older bug fixes. | Linus Nordberg | 2013-08-27 | 1 | -0/+4 |
| | |||||
* | Improve warning message when failing to resolve a dynamic server config. | Linus Nordberg | 2013-08-27 | 1 | -2/+2 |
| | |||||
* | Don't mention a version number in ChangeLog in the master branch. | Linus Nordberg | 2013-08-27 | 1 | -1/+2 |
| | |||||
* | Time out on TLS clients not closing the connection properly. | Linus Nordberg | 2013-08-26 | 2 | -1/+3 |
| | | | | Patch by Fabian Mauchle. | ||||
* | When timing out while reading from a TLS server, shutdown the socket properly. | Linus Nordberg | 2013-08-26 | 2 | -0/+11 |
| | | | | | | | Also signal the "client writer" (clientwr()). Together, this should result in TLS connections being cleaned up properly. Patch by Fabian Mauchle. | ||||
* | Don't wait for _writable_ when _reading_ an SSL socket. | Linus Nordberg | 2013-08-26 | 1 | -10/+11 |
| | | | | | | | Also, don't select() at all if SSL_pending() says there's data to read. Patch by Fabian Mauchle. | ||||
* | Don't free struct clsrvconf members rewritein and rewriteout. | Linus Nordberg | 2013-08-26 | 2 | -2/+4 |
| | | | | | | | They are pointers into static struct hash *rewriteconfs and should live forever. Patch by Fabian Mauchle. | ||||
* | Update ChangeLog with the last three bug fixes/ehancements. | Linus Nordberg | 2013-08-26 | 1 | -0/+11 |
| | | | | | | | Also, in a lame attempt att giving credit for last commit where I failed at doing that: 4920ff44 is a patch from Fabian Mauchle. | ||||
* | Purge the duplication cache once per received packet. | Linus Nordberg | 2013-08-26 | 1 | -0/+17 |
| | |||||
* | Add Fabian Mauchle to AUTHORS. | Linus Nordberg | 2013-08-26 | 1 | -0/+1 |
| | |||||
* | Return free memory more aggressively.pthread_create_attr | Linus Nordberg | 2013-08-26 | 2 | -1/+10 |
| | | | | | | | Have free(3) call sbrk(2) when there's 4 MB to free (default on Linux seems to be 128). Patch by Fabian Mauchle. | ||||
* | Create threads with a 32 KB stack rather than what happens to be the default. | Linus Nordberg | 2013-08-26 | 6 | -16/+23 |
| | | | | | | On Linux, the default stack size is typically 8 MB. Patch by Fabian Mauchle. | ||||
* | Honour escaped slashes in regular expressions.RADSECPROXY-51 | Linus Nordberg | 2013-05-31 | 1 | -1/+3 |
| | | | | Closes RADSECPROXY-51. | ||||
* | Verify a single hash/hmac in the tests, not two. | Linus Nordberg | 2013-05-06 | 1 | -6/+5 |
| | |||||
* | Add Simon Lundström to AUTHORS. | Linus Nordberg | 2013-04-23 | 1 | -0/+1 |
| | |||||
* | Fix a help string in radsecproxy-hash(1) (-h). | Linus Nordberg | 2013-04-23 | 1 | -1/+1 |
| | | | | Spotted by Simon Lundström. | ||||
* | Make radsecproxy-hash(1) not print the hash four times. | Linus Nordberg | 2013-04-23 | 1 | -2/+2 |
| | | | | Bug found by Simon Lundström and jocar. | ||||
* | Improve the documentation for the fticks_hashmac() interface. | Linus Nordberg | 2013-04-23 | 1 | -1/+18 |
| | | | | | | | That interface is a bit surprising. radsecproxy-hash(1) was indeed bitten by it. Also, make _format_hash() behave consistently even when out_len < 3. | ||||
* | s/NULL/NUL/1 in a comment. | Linus Nordberg | 2013-04-23 | 1 | -1/+1 |
| | |||||
* | Add c-file-style to C source files missing it. | Linus Nordberg | 2013-04-23 | 5 | -0/+20 |
| | |||||
* | Fix typo. | Linus Nordberg | 2012-12-18 | 1 | -1/+1 |
| | |||||
* | Adjust copyright lines to reflect git (svn) history of each and every file. | Linus Nordberg | 2012-11-12 | 36 | -69/+48 |
| | | | | | | The LICENSE file still aims to reflect a summary of all files. The LICENSE file was changed to not include year 2006 since there was no evidence in git (svn) of any contributions from that year. | ||||
* | Update ChangeLog entry for 1.6.2 with correct CVE id. | Linus Nordberg | 2012-11-01 | 1 | -1/+2 |
| | | | | 1.6.2 is already released but correct ChangeLog info is good. | ||||
* | Merge branch 'licensing-nogpl' | Linus Nordberg | 2012-10-30 | 38 | -261/+118 |
|\ | | | | | | | | | Conflicts: configure.ac | ||||
| * | Formatting changes.licensing-nogpl | Linus Nordberg | 2012-09-25 | 37 | -74/+74 |
| | | | | | | | | | | | | | | | | | | And, actually, a typo in catgconf.c. Cherry-picked b712a6bf from branch 'licensing'. Conflicts: LICENSE | ||||
| * | Remove the "Code contributions from" block from three files. | Linus Nordberg | 2012-09-17 | 3 | -18/+0 |
| | | | | | | | | | | | | | | The contributors are mentioned in AUTHORS and these blocks are not being maintained. Info about what person has written what in source files should be obtained through the source control management system (i.e. git). | ||||
| * | Remove the GPL license. | Linus Nordberg | 2012-09-17 | 1 | -26/+1 |
| | | | | | | | | | | Also remove the header with two copyright lines. It seems clear what the copyright of this file is even without these two lines. | ||||
| * | Remove the second copyright line, with both UNINETT and NORDUnet. | Linus Nordberg | 2012-09-17 | 37 | -38/+0 |
| | | | | | | | | The overlap is clearly expressed without it. | ||||
| * | Remove Stig from first copyright line. | Linus Nordberg | 2012-09-17 | 37 | -38/+38 |
| | | |||||
| * | Add OpenSSL linking exemption to GPL license. | Linus Nordberg | 2012-09-14 | 1 | -1/+16 |
| | | |||||
| * | Add copyright information to LICENSE. | Linus Nordberg | 2012-09-14 | 1 | -0/+4 |
| | | | | | | | | | | | | All source files refer to LICENSE. Without copyright information in the header of that file it might be possible that it changes without all the copyright holders permission. | ||||
| * | Update copyright and licensing information. | Linus Nordberg | 2012-09-14 | 34 | -226/+136 |
| | | | | | | | | | | | | Note that this change makes all files carry the same copyright info, regardless of when they've been touched. People interested in more detail will have to consult the commit history. | ||||
| * | Add copyright and licensing information. | Linus Nordberg | 2012-09-14 | 2 | -0/+10 |
| | | |||||
| * | Move information in COPYING to LICENSE and remove COPYING. | Linus Nordberg | 2012-09-14 | 2 | -10/+9 |
| | | | | | | | | | | | | | | Also, rearrange copyright years. Also also, state NORDUnet as being the provider of the software in the BSD license. | ||||
* | | Bump version to 1.7-dev. | Linus Nordberg | 2012-10-30 | 3 | -3/+3 |
| | | |||||
* | | Mention CVE number in ChangeLog.radsecproxy-1.6.2 | Linus Nordberg | 2012-10-25 | 1 | -2/+2 |
| | | |||||
* | | radsecproxy-1.6.2 | Linus Nordberg | 2012-10-25 | 4 | -5/+5 |
| | | |||||
* | | Don't mix up pre- and post-handshake verification of DTLS clients. | Linus Nordberg | 2012-10-22 | 2 | -1/+9 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | Commit db965c9b addressed TLS clients only. When verifying DTLS clients, don't consider config blocks with CA settings ('tls') which differ from the one used for verifying the certificate chain. Original issue reported and analysed by Ralf Paffrath. DTLS being vulnerable reported by Raphael Geisser. Addresses issue RADSECPROXY-43, CVE-2012-4523. | ||||
* | | Update documentation on default secret for TLS and DTLS. | Linus Nordberg | 2012-10-22 | 1 | -3/+5 |
| | | | | | | | | | | The change was done in radsecproxy-1.6 (2012-04-27) but wasn't documented properly. | ||||
* | | Bump version. | Linus Nordberg | 2012-10-22 | 3 | -3/+3 |
| | | |||||
* | | Update ChangeLog with CVE id for RADSECPROXY-43. | Linus Nordberg | 2012-10-18 | 1 | -1/+2 |
| | | |||||
* | | Bump version in configure.ac too.radsecproxy-1.6.1 | Linus Nordberg | 2012-09-14 | 1 | -1/+1 |
| | | |||||
* | | radsecproxy-1.6.1 | Linus Nordberg | 2012-09-14 | 3 | -4/+4 |
| | | |||||
* | | Document the effects of RADSECPROXY-43. | Linus Nordberg | 2012-09-14 | 1 | -0/+9 |
|/ | | | | https://project.nordu.net/browse/RADSECPROXY-43 | ||||
* | Don't mix up pre- and post-handshake verification of clients. | Linus Nordberg | 2012-09-13 | 2 | -13/+25 |
| | | | | | | | | | | When verifying clients, don't consider config blocks with CA settings ('tls') which differ from the one used for verifying the certificate chain. Reported by Ralf Paffrath. Reported and analysed by Ralf Paffrath. Addresses issue RADSECPROXY-43. | ||||
* | Make naptr-eduroam.sh check NAPTR type case insensitively. | Linus Nordberg | 2012-08-13 | 2 | -2/+3 |
| | | | | Fix by Adam Osuchowski. | ||||
* | Fix typo in ChangeLog. | Linus Nordberg | 2012-08-13 | 1 | -1/+1 |
| | |||||
* | New versions of generated files from the Autotools. | Linus Nordberg | 2012-05-23 | 4 | -301/+374 |
| | |||||
* | Bump version to 1.6.1-dev. | Linus Nordberg | 2012-05-23 | 3 | -4/+4 |
| |