summaryrefslogtreecommitdiff
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* Verify certificate CN against configured hostname.Linus Nordberg2012-04-263-3/+21
| | | | NOTE: The subjectAltName check is not well tested.
* Implement cert verification.Linus Nordberg2012-04-264-118/+85
| | | | NOTE: Not used yet.
* Handle failing rs_context_create().Linus Nordberg2012-04-261-1/+7
|
* Use existing temporary variable conn.Linus Nordberg2012-04-261-4/+4
|
* Add an error code.Linus Nordberg2012-04-262-0/+3
| | | | Also add error text for missing RSE_CRED.
* Don't resolve DNS names in rs_peer_set_address().Linus Nordberg2012-04-261-6/+8
| | | | It simply stores (a copy of) hostname and service name in PEER.
* Use rs_strdup().Linus Nordberg2012-04-261-2/+3
|
* Add util.h and util.c.Linus Nordberg2012-04-263-2/+26
|
* Follow name change of rs_resolv().Linus Nordberg2012-04-261-2/+2
|
* Add missing radsec.h.Linus Nordberg2012-04-251-0/+7
|
* Postpone resolving of DNS names of server.Linus Nordberg2012-04-255-26/+35
| | | | | | | | | | We used to resolve DNS names when reading configuration. We now do it in event_init_socket() and cache the result in the connection object. The imminent need for changing this is to keep host names around for X509 certificate verification (CNAME and subjectAltName). This will also help later when we implement server failover (and later, when people want to do more dynamic configuration, f.ex. NAPTR).
* Update HACKING.Linus Nordberg2012-04-251-2/+10
|
* Missing response packet in rs_conn_receive_packet doesn't have to be a bug.Linus Nordberg2012-04-251-1/+4
|
* Fix a comment.Linus Nordberg2012-04-251-1/+1
|
* Conditionally compile TLS-PSK code (--enable-tls-psk).Linus Nordberg2012-04-234-15/+45
| | | | Also, allow for PSK-only configuration, i.e. don't barf on missing cert stuff.
* Don't say RADPROT_TLS when we mean RAD_TLS.Linus Nordberg2012-04-192-3/+3
| | | | | RADPROT_TLS is legacy from radsecproxy and will go away. It happens to be defined to 1, the same as RAD_TLS, so it happens to work.
* Clarify comments about PSK string encoding.Linus Nordberg2012-02-011-2/+2
|
* Get the test suite going again.libradsec-pskLinus Nordberg2012-01-314-18/+49
|
* Implement TLS-PSK.Linus Nordberg2012-01-315-9/+106
|
* Free the transport credentials struct.Linus Nordberg2012-01-261-0/+1
|
* Bump library interface revision.Linus Nordberg2012-01-241-0/+16
| | | | | Should really have been done as part of bumping the library version (0.0.2.dev in configure.ac).
* Be user friendly in example program.Linus Nordberg2012-01-241-0/+9
|
* Move a comment, for clarification.Linus Nordberg2012-01-241-1/+1
|
* Add TLS PSK configuration options.Linus Nordberg2012-01-243-4/+49
|
* Cosmetic changes.Linus Nordberg2012-01-191-6/+6
| | | | Language and typos in a README.
* Cosmetic changes.Linus Nordberg2012-01-191-3/+4
| | | | Better names of formal arguments in test program.
* Avoid unused variable warning when building without DEBUG.Linus Nordberg2012-01-041-2/+6
| | | | Spotted by Sam Hartman.
* Fix a typo in a comment.Linus Nordberg2011-12-141-1/+1
|
* Change version 0.0.2-dev --> 0.0.2.dev.Linus Nordberg2011-10-142-2/+2
| | | | | | Sam Hartman: "I propose changing the version from 0.1-dev or whatever to 0.1.dev or whetever because RPM versions (and really debian versions too) cannot contain dashes"
* Get rid of warning for strict aliasing breakage.Linus Nordberg2011-10-051-8/+12
|
* event_enable_debug_mode() must be called at most once.Linus Nordberg2011-09-221-1/+6
|
* Export only symbols listed in radsec.sym.Linus Nordberg2011-07-182-1/+48
|
* Treat warnings as errors when compiling libradsec.Linus Nordberg2011-07-181-1/+1
|
* Refine HACKING slightly.Linus Nordberg2011-07-041-14/+16
|
* Cleanup conf.c.Linus Nordberg2011-07-031-16/+19
| | | | | Don't promote a pointer to a boolean in if clauses. Compare strcmp to 0.
* Handle all libconfuse parse errors.Linus Nordberg2011-07-031-3/+18
|
* Handle configuration errors better.Linus Nordberg2011-07-032-4/+7
|
* Remove spurious comment.Linus Nordberg2011-07-021-1/+1
| | | | | rs_resolv() doesn't have a connection to push an error on and should indeed return a struct rs_error.
* Resolve IPv6 addresses too.Linus Nordberg2011-07-021-1/+1
|
* lib/rsp_tlscommon.c: Include sys/types.h before netinet/in.h.Linus Nordberg2011-05-231-1/+1
|
* Compile on BSD.Linus Nordberg2011-05-181-0/+1
| | | | Thanks to Luke Howard for reporting.
* examples/client.conf: Correct key file.Linus Nordberg2011-04-011-1/+1
|
* Don't install example programs.Linus Nordberg2011-03-251-1/+1
|
* Add cert 3 ("client cert") with key.Linus Nordberg2011-03-254-1/+61
|
* demoCA: Rename c1key --> c2key to match certificate file name.Linus Nordberg2011-03-251-0/+0
|
* Add tests/demoCA and use certs and key in there for the examples.Linus Nordberg2011-03-258-4/+127
|
* Change version to libradsec-0.0.2-dev.Linus Nordberg2011-03-242-2/+2
|
* Ready for libradsec-0.0.1.libradsec-0.0.1Linus Nordberg2011-03-242-2/+2
|
* Harmonise with radsecproxy licensing.Linus Nordberg2011-03-242-24/+43
| | | | | Dual license the library by adding GPL v2 or later. Change the 2-clause BSD to a 3-clause.
* Update README and HACKING.Linus Nordberg2011-03-242-10/+16
|