Document the default value used for the 'secret' option.

And mention that it's going to change.
mariux64 · Jul 19, 2011 · 6049df6 · 6049df6
1 parent de3ec04
commit 6049df6
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 1 deletion.
diff --git a/ChangeLog b/ChangeLog
@@ -93,5 +93,9 @@
 	  the 0.9.x track.
 	- Detect OpenSSL version at runtime rather than at compile time.
 2011-07-03 1.4.3-dev
+	Notes:
+	- The default secret for TLS and DTLS will change in a future
+	  relase.  Plaese make sure to specify a secret in both client and
+	  server blocks to avoid surprises.
 	Bug fixes:
 	- Debug printout issue.
diff --git a/radsecproxy.conf.5.xml b/radsecproxy.conf.5.xml
@@ -360,7 +360,10 @@ We already discussed the
 one of <literal>udp</literal>, <literal>tcp</literal>, <literal>tls</literal>
 or <literal>dtls</literal>. The value of <literal>secret</literal> is the
 shared RADIUS key used with this client. If the secret contains whitespace,
-the value must be quoted. This option is optional for TLS/DTLS.
+the value must be quoted.  A secret must be supplied for UDP/TCP.  If
+no secret is supplied for TLS/DTLS, a default value of "mysecret" is 
+being used.  This value will change in a future release to match the 
+upcoming standard.
     </para>
     <para>
 For a TLS/DTLS client you may also specify the <literal>tls</literal> option.