GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,394 Commits 19 Branches 88 Tags
0320f61e3f5cc6a455becfd6105ec7f941569d76
Commit Graph

1394 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
0320f61e3f Disable RC4 in the default priority strings 2014-11-18 22:23:02 +01:00
Nikos Mavrogiannopoulos
dc8c340bed bumped version 2014-11-17 20:16:47 +01:00
Nikos Mavrogiannopoulos
141bc755ad when generating the DTLS session ID set its size as well 2014-11-16 12:36:20 +01:00
Nikos Mavrogiannopoulos
bf2e8c8cd6 added oclog_hex() 2014-11-16 12:34:30 +01:00
Nikos Mavrogiannopoulos
6103f5066d doc update 2014-11-16 10:04:59 +01:00
Nikos Mavrogiannopoulos
78b3685f7a Generate a new DTLS session ID on every cookie connection 
That allows openconnect to distinguish when the DTLS key has switched.
 2014-11-16 10:00:15 +01:00
Nikos Mavrogiannopoulos
01bbb5cfa1 print the username earlier in log 2014-11-16 09:15:28 +01:00
Nikos Mavrogiannopoulos
f1e71ec597 improved logged messages 2014-11-15 12:47:30 +01:00
Nikos Mavrogiannopoulos
57cbb43a3b advertise a new DTLS session only when it is one 2014-11-15 12:32:31 +01:00
Nikos Mavrogiannopoulos
79668eb5e5 partially reverted b924eba1ac 
The timeouts were reset to the original values.
 2014-11-15 10:21:26 +01:00
Nikos Mavrogiannopoulos
845562201a doc update 2014-11-15 10:10:18 +01:00
Nikos Mavrogiannopoulos
a4ec19eb55 disable matching of IPs when the listen-clear-file option is set 2014-11-15 09:50:35 +01:00
Nikos Mavrogiannopoulos
b924eba1ac reduced the severity of log messages when forwarding packets and reduced the timeouts 2014-11-10 16:05:02 +01:00
Nikos Mavrogiannopoulos
0311dc6291 doc update 2014-10-31 11:37:52 +01:00
Nikos Mavrogiannopoulos
12fb56a3b6 when reporting errors, mention the username of the relevant client 2014-10-31 11:37:29 +01:00
Nikos Mavrogiannopoulos
c9c9c9c32d corrected typo 2014-10-31 11:37:29 +01:00
Nikos Mavrogiannopoulos
00cb1762ac doc update 2014-10-27 23:53:39 +01:00
Nikos Mavrogiannopoulos
96b4d922e8 increased the SID_SIZE (cookie used during authentication phase) to 128 bits 2014-10-27 23:51:55 +01:00
Nikos Mavrogiannopoulos
5fa95fe9e7 send session information from worker to parent twice 
That allows to account changes after DTLS is established (e.g.,
send the DTLS ciphersuite name).
 2014-10-27 23:49:33 +01:00
Nikos Mavrogiannopoulos
f9627732ff TODO update 2014-10-27 17:05:23 +01:00
Nikos Mavrogiannopoulos
53005a2cfd use hash tables to locate proc entries 
That would avoid a walk on all connected clients, when a
new UDP session starts.
 2014-10-27 15:01:05 +01:00
Nikos Mavrogiannopoulos
81107b80f8 doc update 2014-10-27 13:46:16 +01:00
Nikos Mavrogiannopoulos
be2c8b3cc5 when selecting a DTLS ciphersuite try to ensure it matches the CSTP 2014-10-27 11:03:38 +01:00
Nikos Mavrogiannopoulos
f0871989a8 remove the disable safe renegotiation flag from DTLS 2014-10-27 10:14:54 +01:00
Nikos Mavrogiannopoulos
ad049ddd74 updated synopsis 2014-10-26 16:15:57 +01:00
Nikos Mavrogiannopoulos
ea057ed7f4 released 0.8.7 ocserv_0_8_7 2014-10-26 12:37:48 +01:00
Nikos Mavrogiannopoulos
caaf71c792 use 3des-pkcs12 in the documentation for the generation of PKCS #12 structures 
That format seems to be compatible with more clients (e.g. Anyconnect).
 2014-10-19 22:41:47 +02:00
Nikos Mavrogiannopoulos
2069af24a8 disable SSL 3.0 on the default priorities 2014-10-17 11:01:28 +02:00
Nikos Mavrogiannopoulos
c2856e2ee6 disabled session control by default in sample.config 2014-10-15 07:58:36 +02:00
Nikos Mavrogiannopoulos
b5d64c2040 doc update 2014-10-11 08:29:51 +02:00
Nikos Mavrogiannopoulos
120e49b26b only enable session control when a username/password authentication is used 2014-10-11 08:28:04 +02:00
Nikos Mavrogiannopoulos
473ceebe4c Added sanity checks into sec-mod 
That prevents a crash when certificate authentication is
used but session control is enabled. Reported by George Panda.
 2014-10-11 08:25:17 +02:00
Nikos Mavrogiannopoulos
1a32efbe20 enable non-blocking DTLS timers 2014-10-10 10:49:52 +02:00
Nikos Mavrogiannopoulos
739276fcbe removed no longer relevant todo entries 2014-10-09 20:17:29 +02:00
Nikos Mavrogiannopoulos
aafa981ed9 doc update 2014-10-09 20:15:53 +02:00
Nikos Mavrogiannopoulos
ba6455c6e1 bumped version 2014-10-08 23:14:22 +02:00
Nikos Mavrogiannopoulos
b2a608dfec doc update 2014-10-08 23:14:22 +02:00
Nikos Mavrogiannopoulos
ccfa8cd936 corrected typo 2014-10-07 15:46:07 +02:00
Nikos Mavrogiannopoulos
288a81f4c9 changes for non-blocking sockets 2014-10-06 00:07:58 +02:00
Nikos Mavrogiannopoulos
ccd07f96fc use non-blocking sockets in worker process 2014-10-05 22:13:08 +02:00
Nikos Mavrogiannopoulos
db48e3db07 added set_non_block() 2014-10-05 22:00:53 +02:00
Nikos Mavrogiannopoulos
5a32ad3f3f corrected typo 2014-10-05 19:34:28 +02:00
Nikos Mavrogiannopoulos
4cf06b934c released 0.8.6 ocserv_0_8_6 2014-10-05 19:30:27 +02:00
Nikos Mavrogiannopoulos
2ab42ed1f2 simplified FATAL_ERR_CMD() 2014-10-05 14:47:21 +02:00
Nikos Mavrogiannopoulos
60d3891b3b doc update 2014-10-05 14:43:15 +02:00
Nikos Mavrogiannopoulos
0390f21db6 added recv_timeout() to replace force_read_timeout() in socket reading 2014-10-05 14:41:45 +02:00
Nikos Mavrogiannopoulos
02dcbe6e56 cleanup of cstp_recv() and cstp_recv_nb() 2014-10-05 14:41:44 +02:00
Nikos Mavrogiannopoulos
c2640d0076 updated to libopts 5.18.4 ocserv_0_8_5_1 2014-10-04 10:09:31 +02:00
Nikos Mavrogiannopoulos
442ea48f2b released 0.8.5 ocserv_0_8_5 2014-10-03 20:32:51 +02:00
Nikos Mavrogiannopoulos
9118736555 eliminated last uses of force_close() 2014-10-02 09:37:21 +02:00