summaryrefslogtreecommitdiff
path: root/dtls.c
Commit message (Collapse)AuthorAgeFilesLines
* Don't try to set IPV6_V6ONLY on IPv4 sockets.Linus Nordberg2017-07-301-1/+1
| | | | | | This is a long standing, non fatal, bug which was revealed when we started looking at return values from all calls to setsockopt() in the coverity branch.
* Copyright year fixes.Linus Nordberg2016-11-011-1/+1
|
* Don't call ERR_remove_thread_state().Linus Nordberg2016-09-211-3/+0
| | | | | Not needed as of openssl-1.1, see https://www.openssl.org/docs/man1.1.0/crypto/ERR_remove_thread_state.html
* Use ERR_remove_thread_state() instead of ERR_remove_state().Linus Nordberg2016-09-211-3/+3
|
* Stop accessing ssl->rbio directly.Linus Nordberg2016-09-211-5/+5
|
* Fix heap overflow in raddtlsget(), radtcpget() and radtlsget().Linus Nordberg2015-01-161-0/+4
| | | | Patch by Stephen Röttger.
* Create threads with a 32 KB stack rather than what happens to be the default.Linus Nordberg2013-08-261-4/+4
| | | | | | On Linux, the default stack size is typically 8 MB. Patch by Fabian Mauchle.
* Fix typo.Linus Nordberg2012-12-181-1/+1
|
* Adjust copyright lines to reflect git (svn) history of each and every file.Linus Nordberg2012-11-121-2/+2
| | | | | | The LICENSE file still aims to reflect a summary of all files. The LICENSE file was changed to not include year 2006 since there was no evidence in git (svn) of any contributions from that year.
* Merge branch 'licensing-nogpl'Linus Nordberg2012-10-301-7/+3
|\ | | | | | | | | Conflicts: configure.ac
| * Formatting changes.licensing-nogplLinus Nordberg2012-09-251-2/+2
| | | | | | | | | | | | | | | | | | And, actually, a typo in catgconf.c. Cherry-picked b712a6bf from branch 'licensing'. Conflicts: LICENSE
| * Remove the second copyright line, with both UNINETT and NORDUnet.Linus Nordberg2012-09-171-1/+0
| | | | | | | | The overlap is clearly expressed without it.
| * Remove Stig from first copyright line.Linus Nordberg2012-09-171-1/+1
| |
| * Update copyright and licensing information.Linus Nordberg2012-09-141-7/+4
| | | | | | | | | | | | Note that this change makes all files carry the same copyright info, regardless of when they've been touched. People interested in more detail will have to consult the commit history.
* | Don't mix up pre- and post-handshake verification of DTLS clients.Linus Nordberg2012-10-221-1/+3
|/ | | | | | | | | | | | | Commit db965c9b addressed TLS clients only. When verifying DTLS clients, don't consider config blocks with CA settings ('tls') which differ from the one used for verifying the certificate chain. Original issue reported and analysed by Ralf Paffrath. DTLS being vulnerable reported by Raphael Geisser. Addresses issue RADSECPROXY-43, CVE-2012-4523.
* Add client and server config options IPv4Only and IPv6Only.Linus Nordberg2012-04-171-1/+3
| | | | | | Related to RADSECPROXY-37. TODO: Add documentation.
* Change default shared secret for TLS and DTLS.Linus Nordberg2012-04-111-1/+1
| | | | | We change from "mysecret" to "radsec" as per draft-ietf-radext-radsec-12.txt section 2.3 (4).
* Make radsecproxy.h self-sustaining.Linus Nordberg2011-09-261-1/+0
|
* Add Emacs local variable for stroustrup style.linus2010-03-231-0/+4
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@530 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* Reindent and remove trailing whitespace.linus2010-03-081-24/+24
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@517 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* rewriting code for hosts,ports,resolving,builds but needs testingvenaas2009-01-271-11/+13
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@462 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* renamed struct queue to gqueue due to solaris defining queuevenaas2009-01-071-7/+7
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@452 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* split out code that is needed only when tls or dtls is usedvenaas2008-12-221-3/+4
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@445 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* allowing build with only specific transportsvenaas2008-12-191-0/+6
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@444 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* cleaning up codevenaas2008-12-191-3/+17
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@443 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* cleaning up codevenaas2008-12-191-7/+40
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@442 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* cleaning up codevenaas2008-12-181-2/+13
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@441 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* some code improvemetns, more efficiently removing outstanding requests when ↵venaas2008-09-241-1/+0
| | | | | | removing client, also taking care of dynamic servers, need to look into server removal git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@399 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* make clientwr not try to connect (left to reader), changed some timing ↵venaas2008-09-231-5/+16
| | | | | | stuff, issue with statusserver and connection down..., added optional cacheexpiry option for tls blocks git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@398 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* trying to avoid some silly compiler warningsvenaas2008-09-171-1/+1
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@390 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* better logging, fixed bug with crash when removing clientvenaas2008-09-171-12/+13
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@387 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* cleaning up codevenaas2008-09-171-6/+5
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@383 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* moved more stuff from rqout to rqvenaas2008-09-161-2/+0
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@382 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* renamed some stuff, added client state for received rqs etcvenaas2008-09-161-7/+15
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@379 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* changing to use a separate client structure for each udp clientvenaas2008-09-141-1/+0
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@378 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* allow %hex notation for strings in gconfigvenaas2008-09-131-2/+4
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@376 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* various code improvementsvenaas2008-09-111-2/+1
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@375 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* fixed bug with multiple status server sent, some dtls fixesvenaas2008-08-221-165/+247
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@358 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* made dtls server do proper certificate matchingvenaas2008-08-211-45/+77
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@356 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* restructuring codevenaas2008-08-211-0/+42
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@351 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* separated tcpvenaas2008-08-211-1/+0
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@348 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* separated dtls into a separate filevenaas2008-08-211-0/+473
git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@347 e88ac4ed-0b26-0410-9574-a7f39faa03bf