GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,981 Commits 19 Branches 88 Tags
0ca7389c5dd6b627a2e5dc68c5751e4d38bc9ed1
Commit Graph

16 Commits

Author SHA1 Message Date
Nikos Mavrogiannopoulos
0ca7389c5d radius: set our IP in the request explicitly 2015-05-11 14:19:47 +02:00
Nikos Mavrogiannopoulos
41bcc9d0c0 radius: put the process ID into NAS-Port 2015-05-11 14:15:25 +02:00
Nikos Mavrogiannopoulos
2932f170a6 gssapi: avoid comparison with null mechanism 2015-04-29 13:24:56 +02:00
Nikos Mavrogiannopoulos
e54f6e2ac2 Added config option 'tgt-freshness-time' for GSSAPI 
This allows to set the maximum number of seconds a TGT ticket will
be valid for logging in the VPN. That can be used to prevent
a valid for a day TGT ticket from being used to login to VPN, and
addresses the use-case of where a laptop with a valid TGT ticket is
stolen.
 2015-04-29 10:41:27 +02:00
Nikos Mavrogiannopoulos
7619895a25 removed server-name config option 2015-02-26 11:00:07 +01:00
Nikos Mavrogiannopoulos
e16ae6614c Added more advanced suboption parser 
That adds the ability to parse options in the form:
auth = "gssapi[option1=value1,option2=value2,...]
It also introduces the keytab, and require-local-user-map
suboptions for gssapi.
 2015-02-24 11:50:55 +01:00
Nikos Mavrogiannopoulos
c1a6f4730b Added the configure option server-name 
If set it will be used to set the NAS_IDENTIFIER in radius.
 2015-02-21 08:20:16 +01:00
Nikos Mavrogiannopoulos
ab74201b99 gssapi: better log messages 2015-02-19 15:27:50 +01:00
Nikos Mavrogiannopoulos
953241fc56 gssapi: require the localname to login 2015-02-19 15:27:42 +01:00
Nikos Mavrogiannopoulos
597d1a6a47 update username in GSSAPI 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
1fc59e0099 gssapi: better error printing and restrict to SPNEGO 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
bfeab4b015 Additional data are passed only to auth module's global_init 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
11f43f144a eliminated auth message upper limit 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
065bcbd2ea increased maximum message size to 2048 2015-02-19 11:47:20 +01:00
Kevin Cernekee
370fa01de6 gssapi: Don't include gssapi header files if !HAVE_GSSAPI 
This fixes:

      CC       auth/gssapi.o
    auth/gssapi.c:30:27: fatal error: gssapi/gssapi.h: No such file or directory
     #include <gssapi/gssapi.h>
                               ^
 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
8bb0af61bc Added GSSAPI as an additional password auth mechanism 
That also adds the ability to support an OR composition of multiple
authentication methods. That is using the 'enable-auth' config option.
 2015-02-19 11:47:20 +01:00