subjectaltnameaddr() in tlscommon.c is passed a struct in6_addr * as a parameter. Near the end of the function, it calls memcmp() to compare that address to one found in the certificate, however, it is taking the address of the argument, meaning it's passing a struct in6_addr ** to memcmp(), which is incorrect. Fix is to remove the & from addr in the memcmp.
Dear Samia,
since DFN (eduroam federation Germany) has already deployed a RadSec infrastructure in Germany,
please contact me directly via email and let me know what you are planning exactly.
On federation level I would wait for radsecproxy 1.7.1 release what will comme out soon.
1.7.1 is much more stable and dynamic server discovery is not working stable in releases
<=1.6.9!
On institution level running 1.6.9 is sufficient.
Best regards,
Ralf
--
Verein zur Förderung eines Deutschen Forschungsnetzes e.V.
Alexanderplatz 1, D - 10178 Berlin
Tel.: 030 88 42 99 23
Fax: 030 88 42 99 70
http://www.dfn.de <http://www.dfn.de/>
Vorstand: Prof. Dr. Hans-Joachim Bungartz (Vorsitzender), Dr. Ulrike Gutheil, Dr. Rainer Bockholt
Geschäftsführung: Dr. Christian Grimm, Jochem Pattloch
Dear radsecproxy team,
I'm Samia El Haddouti, Network Engineer at the Moroccan NREN- MARWAN. I'm
the manager of eduroam service in Morocco.
We would like to improve our authentication infrastructure based on RADIUS.
We are looking to deploy RadSECProxy at our intuitions. Could you please
share with us your experience in deploying RADSEC?
Best Reagards,
Samia
-------------------------------
Samia El Haddouti
Project Engineer
CNRST- MARWAN NREN
Phone: +212667679627
