GitLab

On Linux, the default stack size is typically 8 MB.

Patch by Fabian Mauchle.

Closes RADSECPROXY-51.

Spotted by Simon Lundström.

Bug found by Simon Lundström and jocar.

Conflicts:
	radsecproxy-hash.c

That interface is a bit surprising. radsecproxy-hash(1) was indeed
bitten by it.

Also, make _format_hash() behave consistently even when out_len < 3.

Conflicts:
	fticks_hashmac.c

1.6.2 is already released but correct ChangeLog info is good.

Commit db965c9b addressed TLS clients only.

When verifying DTLS clients, don't consider config blocks with CA
settings ('tls') which differ from the one used for verifying the
certificate chain.

Original issue reported and analysed by Ralf Paffrath. DTLS being
vulnerable reported by Raphael Geisser.

Addresses issue RADSECPROXY-43, CVE-2012-4523.

The change was done in radsecproxy-1.6 (2012-04-27) but wasn't
documented properly.

https://project.nordu.net/browse/RADSECPROXY-43

When verifying clients, don't consider config blocks with CA
settings ('tls') which differ from the one used for verifying the
certificate chain. Reported by Ralf Paffrath.

Reported and analysed by Ralf Paffrath.

Addresses issue RADSECPROXY-43.

Fix by Adam Osuchowski.

To: radsecproxy@uninett.no
Cc: Faidon Liambotis <paravoid@debian.org>
Date: Wed, 23 May 2012 01:50:26 +0300

groff interprets "-" as hyphens (U+2010) and not as minus signs
(U+002D). Process arguments are clearly being done with minus signs, so
escape them properly and make copy/paste work again.

To: radsecproxy@uninett.no
Cc: Faidon Liambotis <paravoid@debian.org>
Date: Wed, 23 May 2012 01:50:27 +0300

s/specifed/specified/

Patch from Ralf Paffrath <paffrath@dfn.de>.

Patch from Ralf Paffrath <paffrath@dfn.de>.

RADSECPROXY-37.

Related to RADSECPROXY-37.

TODO: Add documentation.

Related to RADSECPROXY-37.

TODO: Add documentation.

Closes RADSECPROXY-40.

This is the old number.  We used 1 minute during testing.