summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog4
-rw-r--r--radsecproxy.conf.5.xml5
2 files changed, 8 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 52a741f..734dfde 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -93,5 +93,9 @@
the 0.9.x track.
- Detect OpenSSL version at runtime rather than at compile time.
2011-07-03 1.4.3-dev
+ Notes:
+ - The default secret for TLS and DTLS will change in a future
+ relase. Plaese make sure to specify a secret in both client and
+ server blocks to avoid surprises.
Bug fixes:
- Debug printout issue.
diff --git a/radsecproxy.conf.5.xml b/radsecproxy.conf.5.xml
index 4024bde..8dfcd58 100644
--- a/radsecproxy.conf.5.xml
+++ b/radsecproxy.conf.5.xml
@@ -360,7 +360,10 @@ We already discussed the
one of <literal>udp</literal>, <literal>tcp</literal>, <literal>tls</literal>
or <literal>dtls</literal>. The value of <literal>secret</literal> is the
shared RADIUS key used with this client. If the secret contains whitespace,
-the value must be quoted. This option is optional for TLS/DTLS.
+the value must be quoted. A secret must be supplied for UDP/TCP. If
+no secret is supplied for TLS/DTLS, a default value of "mysecret" is
+being used. This value will change in a future release to match the
+upcoming standard.
</para>
<para>
For a TLS/DTLS client you may also specify the <literal>tls</literal> option.