GitLab

Conflicts:
	ChangeLog

This was potentially making things worse.

The dynamiclookupcommand member of the _config_ of the server is being
set to NULL when it's copied in confserver_cb(), resulting in dynamic
discovery being done for realms that already have a server.

Patch from Fabian Mauchle.

Addresses RADSECPROXY-69.

Keep regeneration of it dependent on configure finding docbook2x-man(1).

Conflicts:
	ChangeLog

Conflicts:
	radmsg.h

Conflicts:
	ChangeLog

Doh!

Closes RADSECPROXY-53.

Closes RADSECPROXY-52.

Patch by Fabian Mauchle.

Also signal the "client writer" (clientwr()).
Together, this should result in TLS connections being cleaned up properly.

Patch by Fabian Mauchle.

They are pointers into static struct hash *rewriteconfs and should
live forever.

Patch by Fabian Mauchle.

Also, in a lame attempt att giving credit for last commit where I
failed at doing that:

  4920ff44 is a patch from Fabian Mauchle.

1.6.2 is already released but correct ChangeLog info is good.

Commit db965c9b addressed TLS clients only.

When verifying DTLS clients, don't consider config blocks with CA
settings ('tls') which differ from the one used for verifying the
certificate chain.

Original issue reported and analysed by Ralf Paffrath. DTLS being
vulnerable reported by Raphael Geisser.

Addresses issue RADSECPROXY-43, CVE-2012-4523.

When verifying clients, don't consider config blocks with CA
settings ('tls') which differ from the one used for verifying the
certificate chain. Reported by Ralf Paffrath.

Reported and analysed by Ralf Paffrath.

Addresses issue RADSECPROXY-43.

RADSECPROXY-37.

Closes RADSECPROXY-40.