Nikos Mavrogiannopoulos
1b7e4c1075
doc update
2015-08-22 20:13:46 +02:00
Nikos Mavrogiannopoulos
8ed48a14bb
tests: check whether IPs are being passed correctly to script when in proxyproto
...
That is check whether the remote IP passed is other than localhost,
and there is a non-empty IP_REAL_LOCAL.
2015-08-22 20:13:46 +02:00
Nikos Mavrogiannopoulos
f8c7bccfa1
occtl: print the Local Device IP (the IP the user connected to)
2015-08-22 20:13:46 +02:00
Nikos Mavrogiannopoulos
d03f364058
proxyproto: corrected address type setting in our address
2015-08-22 20:13:46 +02:00
Nikos Mavrogiannopoulos
8ae336f2ba
worker: notify early main on session info
...
That allows to pass TLS information early, but more importantly
to pass information on the IP of the client (and our listen IP),
to main, which will be provided in turn to the up and down scripts,
as well as occtl.
2015-08-22 20:13:46 +02:00
Nikos Mavrogiannopoulos
344167fd5c
Be more verbose when CRLs are being loaded
2015-08-21 13:23:37 +02:00
Nikos Mavrogiannopoulos
0dbcb02861
doc: mention the facility log messages are sent to
2015-08-17 14:31:36 +02:00
Nikos Mavrogiannopoulos
ab93ea4d82
Log info message when the control socket is disabled
2015-08-17 14:27:11 +02:00
Nikos Mavrogiannopoulos
6085ec6ef3
On BSD systems only set IP_RECVDSTADDR when using IPv4
2015-08-17 14:24:35 +02:00
Nikos Mavrogiannopoulos
2a949e99c4
configure: discover suitable sed program
2015-08-17 14:20:41 +02:00
Nikos Mavrogiannopoulos
af6a44c346
config: remove whitespace from the end of strings
2015-08-17 14:13:12 +02:00
Nikos Mavrogiannopoulos
7b53d4063b
use ':' instead of /bin/true for non-existing programs
2015-08-07 10:34:29 +02:00
Nikos Mavrogiannopoulos
c43d2ba82f
bumped version
2015-08-06 18:43:24 +02:00
Nikos Mavrogiannopoulos
6586d39ed3
tests: don't expose any ports in docker tests
2015-08-06 17:32:57 +02:00
Nikos Mavrogiannopoulos
584c2dda5b
proxyproto: use it to figure our IP
...
Also made more precise the length checks in proxyproto values.
2015-08-06 17:32:27 +02:00
Nikos Mavrogiannopoulos
67f6be9e9b
proxyproto: allow for headers which have precisely 520-bytes of data
2015-08-05 15:08:56 +02:00
Nikos Mavrogiannopoulos
27509d267b
tests: allow compilation without libopts
2015-07-23 20:54:38 +03:00
Nikos Mavrogiannopoulos
4468b64fb4
doc update
2015-07-16 11:53:21 +02:00
Nikos Mavrogiannopoulos
d9a80b184f
tests: increased waiting time for radius-test-config
...
That avoids random failures of script.
2015-07-16 11:51:54 +02:00
Nikos Mavrogiannopoulos
ef761cfdb7
doc update
2015-07-16 11:51:23 +02:00
Nikos Mavrogiannopoulos
aa3bdc03d2
doc update
2015-07-16 11:43:41 +02:00
Nikos Mavrogiannopoulos
587fcdfc36
Separated the proxy protocol code
2015-07-16 11:43:04 +02:00
Nikos Mavrogiannopoulos
20937ee29a
tests: Added check for proxy protocol with certificates
2015-07-16 10:01:13 +02:00
Nikos Mavrogiannopoulos
b75c3ecf30
make explicit the rejection of certificate messages
2015-07-16 10:00:50 +02:00
Nikos Mavrogiannopoulos
bc4f866ec0
Added support for reading the client cert verification status and CN from proxy protocol
2015-07-16 09:58:15 +02:00
Nikos Mavrogiannopoulos
3d36aedb6c
doc update
2015-07-15 13:06:43 +02:00
Nikos Mavrogiannopoulos
f7c9379971
tests: added check for proxy protocol
2015-07-15 13:05:48 +02:00
Nikos Mavrogiannopoulos
17e71dccd8
Added support for proxy protocol (v2)
2015-07-15 13:03:58 +02:00
Nikos Mavrogiannopoulos
7992d58fc7
doc update
2015-07-10 10:59:08 +02:00
Nikos Mavrogiannopoulos
8b4bc75b3f
tests: fixed unreliable password entry in PAM test
2015-07-10 10:54:03 +02:00
Nikos Mavrogiannopoulos
48dc6c8ca1
radius: set the NAS_PORT via the rc_aaa() API
...
This avoids a duplicate NAS-Port entry with the
freeradius-client library.
2015-07-10 10:40:08 +02:00
Nikos Mavrogiannopoulos
c342fc6f09
tests: increased waiting time in radius tests to account for time fuzz
2015-07-10 10:07:52 +02:00
Nikos Mavrogiannopoulos
5d19fde60e
tests: fixed unreliable password entry in radius tests
2015-07-10 10:07:50 +02:00
Nikos Mavrogiannopoulos
68f00582dd
Apply a fuzzying factor rekey_time and stats_report_time
...
That factor would prevent the case of all worker processes
contacting main or sec-mod at exactly the same time.
2015-07-10 10:07:46 +02:00
Nikos Mavrogiannopoulos
c36d2acb79
removed duplicate header entry
2015-07-08 13:26:33 +02:00
Nikos Mavrogiannopoulos
747346c7e6
avoid including linux/in6.h, it causes issues in several systems
2015-07-08 13:14:23 +02:00
Nikos Mavrogiannopoulos
63fa6baa85
doc update
2015-07-03 16:52:35 +02:00
Nikos Mavrogiannopoulos
04f3923ca2
occtl: fix json output in show status
2015-07-03 16:22:10 +02:00
Nikos Mavrogiannopoulos
49de6d0586
occtl: added option --no-pager
2015-07-03 15:36:38 +02:00
Nikos Mavrogiannopoulos
7b87fa4459
occtl: document -j in manpage
2015-07-03 15:31:41 +02:00
Nikos Mavrogiannopoulos
6e77f14bad
corrected JSON array output
2015-07-03 14:24:14 +02:00
Nikos Mavrogiannopoulos
f895ff54fd
Only include grouplist functions when they are needed
2015-07-01 20:59:54 +02:00
Nikos Mavrogiannopoulos
2911ad5047
released 0.10.6
2015-07-01 20:51:19 +02:00
Nikos Mavrogiannopoulos
62050bec87
occtl: corrected bug in json checks
2015-07-01 11:42:51 +02:00
Nikos Mavrogiannopoulos
800021234c
don't set the wr_set in select (previously it was only ignored in pselect)
2015-06-29 15:59:41 +02:00
Nikos Mavrogiannopoulos
1d3bf55609
bumped version
2015-06-29 15:55:34 +02:00
Nikos Mavrogiannopoulos
3f48b31a9e
use quotes in all examples to avoid issues in modifications
2015-06-29 15:33:16 +02:00
Nikos Mavrogiannopoulos
b2ca1cd069
tests: verify that groupname is read correctly when in kerberos auth
2015-06-29 14:52:08 +02:00
Nikos Mavrogiannopoulos
7716f725ff
doc update
2015-06-25 14:32:01 +02:00
Nikos Mavrogiannopoulos
e007a20e42
tests: check the ability to load encrypted key files
2015-06-25 14:31:56 +02:00
