Change default shared secret for TLS and DTLS.

We change from "mysecret" to "radsec" as per
draft-ietf-radext-radsec-12.txt section 2.3 (4).

diff --git a/ChangeLog b/ChangeLog
index b984f2a..e1087ba 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,10 @@
 2011-12-22 1.6-dev
+       Incompatible changes:
+       - The default shared secret for TLS and DTLS connections change
+       from "mysecret" to "radsec" as per draft-ietf-radext-radsec-12.txt
+       section 2.3 (4).  Please make sure to specify a secret in both
+       client and server blocks to avoid unwanted surprises.
+
        New features:
        - Improved F-Ticks logging options.  F-Ticks can now be sent to a
        separate syslog facility and the VISINST label can now be

diff --git a/dtls.c b/dtls.c
index ed3dca1..19386c4 100644 (file)
--- a/dtls.c
+++ b/dtls.c
@@ -46,7 +46,7 @@ void initextradtls();
 
 static const struct protodefs protodefs = {
     "dtls",
-    "mysecret", /* secretdefault */
+    "radsec", /* secretdefault */
     SOCK_DGRAM, /* socktype */
     "2083", /* portdefault */
     REQUEST_RETRY_COUNT, /* retrycountdefault */

diff --git a/tls.c b/tls.c
index ce06a6e..0282d63 100644 (file)
--- a/tls.c
+++ b/tls.c
@@ -43,7 +43,7 @@ void tlssetsrcres();
 
 static const struct protodefs protodefs = {
     "tls",
-    "mysecret", /* secretdefault */
+    "radsec", /* secretdefault */
     SOCK_STREAM, /* socktype */
     "2083", /* portdefault */
     0, /* retrycountdefault */