summaryrefslogtreecommitdiff
path: root/tls.c
Commit message (Collapse)AuthorAgeFilesLines
* Fix heap overflow in raddtlsget(), radtcpget() and radtlsget().Linus Nordberg2015-01-161-0/+4
| | | | Patch by Stephen Röttger.
* Time out on TLS clients not closing the connection properly.Linus Nordberg2013-09-021-1/+1
| | | | Patch by Fabian Mauchle.
* When timing out while reading from a TLS server, shutdown the socket properly.Linus Nordberg2013-09-021-0/+9
| | | | | | | Also signal the "client writer" (clientwr()). Together, this should result in TLS connections being cleaned up properly. Patch by Fabian Mauchle.
* Don't wait for _writable_ when _reading_ an SSL socket.Linus Nordberg2013-09-021-10/+11
| | | | | | | Also, don't select() at all if SSL_pending() says there's data to read. Patch by Fabian Mauchle.
* Create threads with a 32 KB stack rather than what happens to be the default.Linus Nordberg2013-09-021-2/+2
| | | | | | On Linux, the default stack size is typically 8 MB. Patch by Fabian Mauchle.
* Don't mix up pre- and post-handshake verification of clients.Linus Nordberg2012-09-131-13/+15
| | | | | | | | | | When verifying clients, don't consider config blocks with CA settings ('tls') which differ from the one used for verifying the certificate chain. Reported by Ralf Paffrath. Reported and analysed by Ralf Paffrath. Addresses issue RADSECPROXY-43.
* Add client and server config options IPv4Only and IPv6Only.Linus Nordberg2012-04-171-1/+3
| | | | | | Related to RADSECPROXY-37. TODO: Add documentation.
* Change default shared secret for TLS and DTLS.Linus Nordberg2012-04-111-1/+1
| | | | | We change from "mysecret" to "radsec" as per draft-ietf-radext-radsec-12.txt section 2.3 (4).
* Make radsecproxy.h self-sustaining.Linus Nordberg2011-09-261-2/+1
|
* Add Emacs local variable for stroustrup style.linus2010-03-231-0/+4
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@530 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* Reindent and remove trailing whitespace.linus2010-03-081-16/+16
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@517 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* rewriting code for hosts,ports,resolving,builds but needs testingvenaas2009-01-271-9/+7
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@462 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* renamed struct queue to gqueue due to solaris defining queuevenaas2009-01-071-1/+1
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@452 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* split out code that is needed only when tls or dtls is usedvenaas2008-12-221-3/+4
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@445 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* allowing build with only specific transportsvenaas2008-12-191-0/+6
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@444 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* cleaning up codevenaas2008-12-191-3/+17
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@443 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* cleaning up codevenaas2008-12-191-6/+37
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@442 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* cleaning up codevenaas2008-12-181-1/+8
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@441 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* hopefully removed some warningsvenaas2008-09-241-1/+1
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@403 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* hopefully removed some warningsvenaas2008-09-241-2/+2
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@402 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* some code improvemetns, more efficiently removing outstanding requests when ↵venaas2008-09-241-1/+0
| | | | | | removing client, also taking care of dynamic servers, need to look into server removal git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@399 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* make clientwr not try to connect (left to reader), changed some timing ↵venaas2008-09-231-11/+22
| | | | | | stuff, issue with statusserver and connection down..., added optional cacheexpiry option for tls blocks git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@398 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* better logging, fixed bug with crash when removing clientvenaas2008-09-171-9/+10
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@387 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* cleaning up codevenaas2008-09-171-6/+5
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@383 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* moved more stuff from rqout to rqvenaas2008-09-161-2/+0
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@382 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* renamed some stuff, added client state for received rqs etcvenaas2008-09-161-7/+15
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@379 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* allow %hex notation for strings in gconfigvenaas2008-09-131-2/+4
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@376 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* various code improvementsvenaas2008-09-111-2/+2
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@375 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* fixed bug with multiple status server sent, some dtls fixesvenaas2008-08-221-0/+1
| | | | git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@358 e88ac4ed-0b26-0410-9574-a7f39faa03bf
* separated tlsvenaas2008-08-211-0/+399
git-svn-id: https://svn.testnett.uninett.no/radsecproxy/trunk@349 e88ac4ed-0b26-0410-9574-a7f39faa03bf