- 29 Nov, 2017 1 commit
-
-
Jørn Åne de Jong authored
-
- 02 Aug, 2017 5 commits
-
-
Linus Nordberg authored
-
Linus Nordberg authored
Bug reported by Leonhard Knauff. Closes RADSECPROXY-68.
-
Linus Nordberg authored
There's a chance that incoming (legitimate) connections arrive faster than what it takes to spawn a new thread and get back to listen(). Therefore we should ask the stack to queue at least one entry, i.e. use a backlog value of at least 1. There's arguable also a chance of more than two concurrent incoming connections, which would make a case for a backlog value greater than one. A reasonable high value seems to be 128, which also is what SOMAXCONN is on many unix systems. In the choice between 1 and 128, an argument against the higher value is that it may mask the potential problem of spending a long time serving incoming connections. Being reasonably confident that radsecproxy is efficient when it comes to serving incoming connections, by handing them off to a newly spawned thread, I think that 128 is a fine choice. Closes RADSECPROXY-72.
-
Linus Nordberg authored
-
Linus Nordberg authored
-
- 01 Aug, 2017 16 commits
-
-
Linus Nordberg authored
-
Linus Nordberg authored
-
Linus Nordberg authored
We might have a bug where bindtoaddr() tries to set V6ONLY on IPv4 sockets. Until that's been resolved, don't alarm users on debug level 'warning'.
-
Linus Nordberg authored
Have connectnonblocking() warn and fail if setting O_NONBLOCK fails. Have it warn if restoring of flags fail. coverity: 1449515
-
Linus Nordberg authored
coverity: 1449517
-
Linus Nordberg authored
coverity: 1449518
-
Linus Nordberg authored
buf2radmsg() is never called with rqauth != NULL and secret == NULL but let's protect against future callers. coverity: 1449519
-
Linus Nordberg authored
coverity: 1449508, 1449522.
-
Linus Nordberg authored
coverity: 1450948
-
Linus Nordberg authored
coverity: 1450949
-
Linus Nordberg authored
coverity: 1449514
-
Linus Nordberg authored
Going to errexit doesn't free resconf as that commit claims. It does free conf though, which is good. coverity: 1449524
-
Linus Nordberg authored
coverity: 1449504
-
Linus Nordberg authored
coverity: 1449503
-
Fabian Mauchle authored
-
Fabian Mauchle authored
Conflicts: ChangeLog
-
- 28 Jul, 2017 1 commit
-
-
Linus Nordberg authored
-
- 01 Nov, 2016 3 commits
-
-
Linus Nordberg authored
This was potentially making things worse.
-
Linus Nordberg authored
The dynamiclookupcommand member of the _config_ of the server is being set to NULL when it's copied in confserver_cb(), resulting in dynamic discovery being done for realms that already have a server. Patch from Fabian Mauchle. Addresses RADSECPROXY-69.
-
Linus Nordberg authored
-
- 21 Sep, 2016 2 commits
-
-
Linus Nordberg authored
-
Linus Nordberg authored
See RADSECPROXY-64.
-
- 19 Sep, 2016 1 commit
-
-
Linus Nordberg authored
Like 92a0c39a for TCP. Patch by Fabian Mauchle.
-
- 23 Mar, 2016 1 commit
-
-
Linus Nordberg authored
Pointed out by Faidon Liambotis.
-
- 14 Mar, 2016 1 commit
-
-
Linus Nordberg authored
-
- 11 Mar, 2016 4 commits
-
-
Linus Nordberg authored
-
Linus Nordberg authored
List the three .html files. Add targets for building .html from .1 and .5.
-
Linus Nordberg authored
-
Linus Nordberg authored
Effectively turning on support for DTLS 1.2 when OpenSSL version 1.0.2 or higher.
-
- 25 Feb, 2016 2 commits
-
-
Linus Nordberg authored
This should in theory allow for later versions of TLS too but let's verify that when the time comes.
-
Linus Nordberg authored
-
- 19 Jan, 2015 3 commits
-
-
Linus Nordberg authored
Keep regeneration of it dependent on configure finding docbook2x-man(1).
-
Linus Nordberg authored
-
Linus Nordberg authored
-