ocserv

mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00

Author	SHA1	Message	Date
Nikos Mavrogiannopoulos	03c76eb873	worker: workarounds string is made applicable for gnutls 3.3 The %NO_SESSION_HASH priority string does not work with gnutls 3.3. This fix does not include it into the priority string. Resolves: #201 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2019-03-12 12:02:24 +01:00
Nikos Mavrogiannopoulos	d9967aa63a	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2019-02-22 08:47:00 +01:00
Nikos Mavrogiannopoulos	0d8fd8d2b6	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2019-02-22 08:45:49 +01:00
Nikos Mavrogiannopoulos	b425d9f9a5	Merge branch 'patch-1' into 'master' Fix the bug of "ocserv-worker: segfault at 0 ip b76d6747 sp bf851c70",... See merge request openconnect/ocserv!99	2019-02-22 07:44:10 +00:00
Frank Huang	d3cb2e8f53	Fix the bug of "ocserv-worker: segfault at 0 ip b76d6747 sp bf851c70", https://gitlab.com/openconnect/ocserv/issues/197 It must be some caller does not add extra size for null at the end Signed-off-by: Frank Huang <chuang213@gmail.com>	2019-02-17 08:12:42 +00:00
Nikos Mavrogiannopoulos	2d42c22919	main: removed unused code Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-31 07:57:37 +01:00
Nikos Mavrogiannopoulos	16c48bdf38	Merge branch 'tmp-coverage' into 'master' updates in code coverage calculation See merge request openconnect/ocserv!97	2019-01-30 18:50:22 +00:00
Nikos Mavrogiannopoulos	383c25e239	.gitlab-ci.yml: run code coverage with -O0 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-30 19:23:05 +01:00
Nikos Mavrogiannopoulos	75c8211fd6	README.md: updated URIs for new gitlab group Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-30 19:03:10 +01:00
Nikos Mavrogiannopoulos	020a985119	Merge branch 'tmp-tests-cleanup' into 'master' tests: several cleanups See merge request openconnect/ocserv!96	2019-01-30 17:00:55 +00:00
Nikos Mavrogiannopoulos	385af4e831	.gitlab-ci.yml: ensure gcov scripts are writeable Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-20 06:44:29 +01:00
Nikos Mavrogiannopoulos	27c83dcf42	tests: consistently disable isolate-workers in tests That is to prevent coverage reporting in tests. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-20 06:43:47 +01:00
Nikos Mavrogiannopoulos	a1d5ec1e1c	Merge branch 'tmp-fix-tls-ciphersuite' into 'master' occtl: print the TLS session information, even if no DTLS channel See merge request openconnect/ocserv!95	2019-01-19 19:29:12 +00:00
Nikos Mavrogiannopoulos	8ba3987f4c	occtl: print the TLS session information, even if no DTLS channel This ensures that the main process receives the TLS channel information early and does not depend on DTLS channel establishment. Furthermore, we refactor to make setup_dtls_psk_keys() fail early when no TLS channel is available. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-19 20:09:53 +01:00
Nikos Mavrogiannopoulos	bfa7682d3f	Merge branch 'tmp-test-aes-gcm' into 'master' tests: added tests for anyconnect's DTLS1.2 support See merge request openconnect/ocserv!94	2019-01-19 17:50:16 +00:00
Nikos Mavrogiannopoulos	e0f847b984	worker: added safety check for selected DTLS ciphersuite prior to use This avoids a crash when no DTLS ciphersuite is selected and adds a test case for negotiation without DTLS. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-19 18:19:11 +01:00
Nikos Mavrogiannopoulos	71ef4e4b6a	worker: allow negotiating AC-DTLS12 with openconnect This doesn't have the anyconnect client bug with parsing the server hello. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-19 18:19:11 +01:00
Nikos Mavrogiannopoulos	7fc4e0d0ee	tests: added tests for anyconnect's DTLS1.2 support Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-19 18:19:09 +01:00
Nikos Mavrogiannopoulos	ef468d6a24	test-cookie-timeout: updated for new openconnect kill semantics Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-19 13:42:35 +01:00
Nikos Mavrogiannopoulos	c640ffd955	test-cookie-timeout: updated for new openconnect kill semantics Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-19 13:39:11 +01:00
Nikos Mavrogiannopoulos	cafd66d33d	corrected typo Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> ocserv_0_12_2	2019-01-10 20:01:58 +01:00
Nikos Mavrogiannopoulos	dfc8f95ee8	released 0.12.2 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-10 19:55:15 +01:00
Nikos Mavrogiannopoulos	19cbf2db98	Makefile: allow out-of-tree builds with bundled protobuf Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-10 19:54:38 +01:00
Nikos Mavrogiannopoulos	aa57ee9f3b	Merge branch 'tmp-harmonize-strings' into 'master' worker-http: use the same workaround string for all ciphersuites Closes #193 See merge request openconnect/ocserv!93	2019-01-10 18:47:04 +00:00
Nikos Mavrogiannopoulos	a67c45099f	.gitlab-ci.yml: removed XFAIL from centos6; previous changes seem to fix it Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-10 19:30:36 +01:00
Nikos Mavrogiannopoulos	c02320ee50	worker-http: use the same workaround string for all ciphersuites Resolves #193 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-10 19:11:22 +01:00
Nikos Mavrogiannopoulos	a196fd3328	Merge branch 'tmp-dtls12' into 'master' Added support for DTLS1.2 with anyconnect clients Closes #193 and #188 See merge request openconnect/ocserv!92	2019-01-10 13:43:58 +00:00
Nikos Mavrogiannopoulos	232de85d17	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-10 13:03:03 +01:00
Nikos Mavrogiannopoulos	ec5ebd33a4	setup_dtls0_9_keys: renamed and updated log messages for clarity Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-10 13:03:03 +01:00
Nikos Mavrogiannopoulos	21bebfff41	worker-http: dropped txt_version All the versions checked were prior to the minimum gnutls version we require. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-10 13:03:03 +01:00
Nikos Mavrogiannopoulos	acdd6d156b	worker-http: added support for anyconnect DTLS1.2 ciphersuites This adds support for DTLS1.2 ciphersuite header as sent by anyconnect clients. Resolves #188 Resolves #193 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-10 13:02:40 +01:00
Nikos Mavrogiannopoulos	c441017f27	README.md: updated instructions on debian Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-06 20:10:48 +01:00
Nikos Mavrogiannopoulos	a5502022c2	.gitlab-ci.yml: skip Centos6 tests that fail Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-06 20:07:53 +01:00
Nikos Mavrogiannopoulos	923f697014	cfg_ini_handler: notify static analyzers that defvhost is always non-null Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-06 20:07:53 +01:00
Nikos Mavrogiannopoulos	2dfa37784d	tests: moved server-cert-rsa-pss to dist_check_scripts The gnutls included in distributions is expected to work well with RSA-PSS. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2019-01-06 20:07:53 +01:00
Nikos Mavrogiannopoulos	c1cb9c02f9	Merge branch 'add-logging-ipv6' into 'master' Add logging output when IPv6 is disabled. See merge request openconnect/ocserv!90	2018-11-19 05:42:43 +00:00
pumpkin031	34b39d213c	Add logging output when IPv6 is disabled. Signed-off-by: pumpkin031 <www.carrotsoft@gmail.com>	2018-11-19 10:04:29 +09:00
Nikos Mavrogiannopoulos	bba393868e	Merge branch 'tmp-fix-per-group' into 'master' Enhance testsuite on per-group configuration and a minor fix See merge request openconnect/ocserv!89	2018-11-18 20:22:50 +00:00
Nikos Mavrogiannopoulos	d4a4e780fc	plain: skip the empty group Previously we were incorrectly setting the '*' as the group name. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-11-18 21:06:24 +01:00
Nikos Mavrogiannopoulos	63479d6394	sec-mod: log sucessful authentication Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-11-18 21:06:24 +01:00
Nikos Mavrogiannopoulos	b181f20a2e	tests: added functionality test for config-per-group Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-11-18 21:06:22 +01:00
Nikos Mavrogiannopoulos	9fcd4d1597	Merge branch 'tmp-pam-fix' into 'master' tests: added check with empty password See merge request openconnect/ocserv!88	2018-11-04 10:40:13 +00:00
Nikos Mavrogiannopoulos	39c6d578b5	doc: clarification on cookie operation This clarifies how cookies are expired, and how they affect session accounting in radius. Relates #166 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-09-22 21:35:57 +02:00
Nikos Mavrogiannopoulos	4e51e2a0ac	tests: added check with empty password Relates #171 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-09-22 21:11:19 +02:00
Timo Förster	8f7a416aa4	Change documentation url for UsersFile. Fixes #163 Signed-off-by: Timo Förster <tfoerster@webfoersterei.de>	2018-08-07 10:35:31 +02:00
Nikos Mavrogiannopoulos	c9c50909b9	.gitlab-ci.yml: disabled asan job as it conflicts with cwrap tools in F28 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-07-23 21:18:44 +02:00
Nikos Mavrogiannopoulos	d6271f4470	Merge branch 'tmp-add-aes-256' into 'master' Added support for AES-256-CBC See merge request openconnect/ocserv!86	2018-07-20 20:31:52 +00:00
Nikos Mavrogiannopoulos	4f79db43b6	.gitlab-ci.yml: parallelize make check in fedora build Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-07-20 22:15:42 +02:00
Nikos Mavrogiannopoulos	3a330b8d85	tests: added unit tests for AES-128-GCM and AES-256-GCM Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-07-20 22:06:11 +02:00
Nikos Mavrogiannopoulos	579cfc0ead	Added support for AES-256-CBC This enables support for AES-256 for anyconnect clients which do not support AES-GCM. Also prioritized the 256-bit ciphers higher than the 128-bit ones. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-07-20 21:58:49 +02:00

1 2 3 4 5 ...

3058 Commits