radsecproxy.git, branch radsecproxy-1.6.2 RADIUS proxy with support for TLS RadSec Mention CVE number in ChangeLog. 2012-10-25T11:46:00+00:00 Linus Nordberg linus@nordu.net 2012-10-25T11:41:24+00:00 2f452345f3e599de9a25dd3b1954367bb9098b4f 






radsecproxy-1.6.2
2012-10-25T11:21:57+00:00

Linus Nordberg
linus@nordu.net

2012-10-25T11:21:57+00:00

73f53fee4a00c083c353362da26514d6d6d5c2e6












Don't mix up pre- and post-handshake verification of DTLS clients.
2012-10-22T16:13:45+00:00

Linus Nordberg
linus@torproject.org

2012-10-19T21:23:04+00:00

3682c935facf5ccd7fa600644bbb76957155c680

Commit db965c9b addressed TLS clients only.

When verifying DTLS clients, don't consider config blocks with CA
settings ('tls') which differ from the one used for verifying the
certificate chain.

Original issue reported and analysed by Ralf Paffrath. DTLS being
vulnerable reported by Raphael Geisser.

Addresses issue RADSECPROXY-43, CVE-2012-4523.





Commit db965c9b addressed TLS clients only.

When verifying DTLS clients, don't consider config blocks with CA
settings ('tls') which differ from the one used for verifying the
certificate chain.

Original issue reported and analysed by Ralf Paffrath. DTLS being
vulnerable reported by Raphael Geisser.

Addresses issue RADSECPROXY-43, CVE-2012-4523.







Update documentation on default secret for TLS and DTLS.
2012-10-22T15:47:18+00:00

Linus Nordberg
linus@torproject.org

2012-10-19T21:23:04+00:00

b04eb90fde13f88772c338ca32a55a7063f2e33d

The change was done in radsecproxy-1.6 (2012-04-27) but wasn't
documented properly.





The change was done in radsecproxy-1.6 (2012-04-27) but wasn't
documented properly.







Bump version.
2012-10-22T14:08:56+00:00

Linus Nordberg
linus@torproject.org

2012-10-19T21:23:04+00:00

7393c837a6879f313d7ccf7f26b9805deb7d3feb












Update ChangeLog with CVE id for RADSECPROXY-43.
2012-10-18T12:35:13+00:00

Linus Nordberg
linus@nordu.net

2012-10-18T12:35:13+00:00

c0b177d0a27bfb87cfb21ac603448ffac48e8ead












Bump version in configure.ac too.
2012-09-14T11:19:58+00:00

Linus Nordberg
linus@nordu.net

2012-09-14T11:19:58+00:00

de6618b9bea843e7871c5b01ee535ec12a258552












radsecproxy-1.6.1
2012-09-14T11:15:12+00:00

Linus Nordberg
linus@nordu.net

2012-09-14T11:15:12+00:00

90348a4352261bf95b081b06b91033bded0c8e9d












Document the effects of RADSECPROXY-43.
2012-09-14T11:07:06+00:00

Linus Nordberg
linus@nordu.net

2012-09-14T11:07:06+00:00

9885649577c4b34e65ea65f0a0a3deb3f13451b4

https://project.nordu.net/browse/RADSECPROXY-43





https://project.nordu.net/browse/RADSECPROXY-43







Don't mix up pre- and post-handshake verification of clients.
2012-09-13T13:19:22+00:00

Linus Nordberg
linus@nordu.net

2012-09-13T13:19:22+00:00

db965c9bf7cf4acc0830d7b689d69d40b9ecef8c

When verifying clients, don't consider config blocks with CA
settings ('tls') which differ from the one used for verifying the
certificate chain. Reported by Ralf Paffrath.

Reported and analysed by Ralf Paffrath.

Addresses issue RADSECPROXY-43.





When verifying clients, don't consider config blocks with CA
settings ('tls') which differ from the one used for verifying the
certificate chain. Reported by Ralf Paffrath.

Reported and analysed by Ralf Paffrath.

Addresses issue RADSECPROXY-43.