GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
973 Commits 19 Branches 88 Tags
0b9c6ff633e652ca2940674017610c2df1a063e9
Commit Graph

973 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
0b9c6ff633 Added diagram with authentication state machine. 2014-03-25 13:49:11 +01:00
Nikos Mavrogiannopoulos
35c46d05c5 Do not set the output-buffer in the default configuration. 2014-03-25 11:25:42 +01:00
Nikos Mavrogiannopoulos
1900a23e97 updated comment 2014-03-24 16:03:54 +01:00
Nikos Mavrogiannopoulos
214ae42cd3 The IP don't fragment bit is only set if try-mtu-discovery is true. 2014-03-24 13:22:22 +01:00
Nikos Mavrogiannopoulos
dd11a06951 better naming of variables. 2014-03-23 18:26:23 +01:00
Nikos Mavrogiannopoulos
4c4650ea17 dropped support for Salsa20 and UMAC. 
They are not supported by openconnect and the latest IETF
drafts use Chacha20 with poly1305.
 2014-03-20 22:54:58 +01:00
Nikos Mavrogiannopoulos
1879207f37 No longer send IPv6 information to CISCO clients that may not be able to handle it. 
Now IPv6 information is only forwarded if the client is openconnect, or if
the client is unknown and has advertised full IPv6 support.
 2014-03-20 22:51:30 +01:00
Nikos Mavrogiannopoulos
6eccb69c23 doc update 2014-03-20 22:35:05 +01:00
Nikos Mavrogiannopoulos
9ff9105df7 doc update 2014-03-20 22:26:45 +01:00
Nikos Mavrogiannopoulos
cb11549e44 doc update 2014-03-20 14:56:33 +01:00
Nikos Mavrogiannopoulos
6f875650c9 when printing link-local addresses do not include the zone info. 2014-03-20 07:29:17 +01:00
Nikos Mavrogiannopoulos
1324660760 doc update 2014-03-19 15:15:16 +01:00
Nikos Mavrogiannopoulos
9d98b07e46 fixed formatting of news 2014-03-19 15:11:01 +01:00
Nikos Mavrogiannopoulos
533e00ae6f doc update 2014-03-13 22:01:29 +01:00
Nikos Mavrogiannopoulos
1d611d793d doc update ocserv_0_3_2 2014-03-13 21:38:25 +01:00
Nikos Mavrogiannopoulos
9f1f6a8e60 doc update 2014-03-11 13:19:30 +01:00
Nikos Mavrogiannopoulos
4a2a80dc7d Updated the included http-parser 2014-03-11 13:19:06 +01:00
Nikos Mavrogiannopoulos
8a1ab0e32d Print a compact version of the DTLS ciphersuite. 2014-03-10 19:25:47 +01:00
Nikos Mavrogiannopoulos
35c31bc0b7 Allow TUN_MTU command only in authenticated state 2014-03-10 10:41:27 +01:00
Nikos Mavrogiannopoulos
6028e5d81d simplified handle_auth_res() 2014-03-10 10:41:27 +01:00
Nikos Mavrogiannopoulos
f55185b39c doc update 2014-03-09 21:42:00 +01:00
Nikos Mavrogiannopoulos
4f9e06d16d Do not block in TLS and DTLS reads 
This prevents an issue where a client disconnects but the server
is blocked on a DTLS read without being able to detect the
disconnection.
 2014-03-09 21:40:07 +01:00
Nikos Mavrogiannopoulos
a0723ccee9 check return value of tls_send() 2014-03-09 21:37:33 +01:00
Nikos Mavrogiannopoulos
6c331db70a move bytes2human in occtl.c to allow compilation without libnl 2014-03-09 21:31:51 +01:00
Nikos Mavrogiannopoulos
28e64c4eec doc update 2014-03-02 19:36:50 +01:00
Nikos Mavrogiannopoulos
e72414459a provide the bandwidth limit through d-bus 2014-03-02 13:24:44 +01:00
Nikos Mavrogiannopoulos
949fbacf32 doc update 2014-03-01 17:38:22 +01:00
Nikos Mavrogiannopoulos
a0ba998222 occtl will print the user's dns, nbns, routes, and iroutes. 2014-03-01 15:29:17 +01:00
Nikos Mavrogiannopoulos
20cc945383 Warn when setting a default route the wrong way. 2014-03-01 14:23:22 +01:00
Nikos Mavrogiannopoulos
65f8be6eb6 bumped version 2014-02-26 23:10:07 +01:00
Nikos Mavrogiannopoulos
cbc827ae99 doc update 2014-02-24 21:22:18 +01:00
Nikos Mavrogiannopoulos
c75dad511d doc update 2014-02-24 21:21:47 +01:00
Nikos Mavrogiannopoulos
1a996e5ebe doc update 2014-02-24 19:15:32 +01:00
Nikos Mavrogiannopoulos
66d66ba1c5 Added options to explicitly disable checking for certain libraries 2014-02-24 19:13:05 +01:00
Nikos Mavrogiannopoulos
194462a600 use remove_proc() instead of user_disconnected() when killing children. 2014-02-23 11:50:01 +01:00
Nikos Mavrogiannopoulos
3dfeab0174 doc update 2014-02-22 12:54:55 +01:00
Nikos Mavrogiannopoulos
de1f63605b updated sample 2014-02-22 12:54:40 +01:00
Nikos Mavrogiannopoulos
95a0b6abc3 Added the rekey-method config option. 2014-02-22 12:51:34 +01:00
Nikos Mavrogiannopoulos
25afdb5949 use RND_RANDOM for the generation of SID 2014-02-22 10:00:32 +01:00
Nikos Mavrogiannopoulos
5ac591a37e doc update 2014-02-18 19:42:21 +01:00
Nikos Mavrogiannopoulos
7b73aee479 when mobile-dpd and mobile-idle-timeout are not set, they get values from their non-mobile counterpart. 2014-02-18 19:39:37 +01:00
Nikos Mavrogiannopoulos
c47266ede0 doc update 2014-02-18 18:56:40 +01:00
Nikos Mavrogiannopoulos
6ee0899e22 Added the mobile-idle-timeout config option. 2014-02-18 18:54:50 +01:00
Nikos Mavrogiannopoulos
b550489c88 better messages from pam authentication module 2014-02-18 18:39:44 +01:00
Nikos Mavrogiannopoulos
d361bd608d only print an authentication failure message if the maximum tries have been reached 2014-02-18 18:36:58 +01:00
Nikos Mavrogiannopoulos
a609cf58b7 send disconnect packet instead of server terminate when disconnecting a user. 2014-02-18 18:32:10 +01:00
Nikos Mavrogiannopoulos
367976ca34 Implemented Idle timeout. 
When set, a client that does not have any non-control traffic
for that period is getting disconnected.
 2014-02-18 18:09:23 +01:00
Nikos Mavrogiannopoulos
2399aafe35 modified priorities 2014-02-18 13:11:38 +01:00
Nikos Mavrogiannopoulos
bc10b97207 added debug message in remove_proc 2014-02-18 09:04:21 +01:00
Nikos Mavrogiannopoulos
c5c38e92bd Do not allow DPD to be disabled. 
Doing so would prevent the server from dropping inactive
connections. If the dpd values are not configured, set some
reasonable defaults.
 2014-02-17 22:40:32 +01:00