ocserv

mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 00:37:00 +08:00

Author	SHA1	Message	Date
Nikos Mavrogiannopoulos	30d4b4e677	test-pass-opt-cert: modified not to require root access Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-25 16:03:50 +01:00
Nikos Mavrogiannopoulos	86ae99864b	tests: check whether ocserv is build with oath support prior to running otp tests Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-25 16:03:33 +01:00
Nikos Mavrogiannopoulos	66f9f97d1d	test: replaced docker otp-test with cwrap test-otp Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-25 16:00:09 +01:00
Nikos Mavrogiannopoulos	00c6f566cb	tests: introduced test with OTP-password and certificate auth Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-25 14:38:19 +01:00
Nikos Mavrogiannopoulos	9dfe964def	amend: plain: avoid crash on locked accounts The null pointer dereference fix broke plain OTP setup of ocserv. Resolves #114, #137 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-25 14:37:42 +01:00
Nikos Mavrogiannopoulos	31854eb208	unix: corrected header size when receiving events Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-22 22:26:27 +01:00
Nikos Mavrogiannopoulos	896894a6b6	README.md: removed references to autogen Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-22 22:17:28 +01:00
Nikos Mavrogiannopoulos	5ebea1e475	doc update [ci skip] Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-22 19:59:12 +01:00
Nikos Mavrogiannopoulos	53a166500f	Hash the peer's DTLS IP separately from its CSTP IP This allows keeping track of clients which have their DTLS stream come from a different IP location than their CSTP stream. Relates ocserv/ocserv#61	2018-02-22 08:25:18 -08:00
Nikos Mavrogiannopoulos	b7a14f1c4a	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-19 20:18:38 +01:00
Nikos Mavrogiannopoulos	83d37ace16	.gitlab-ci.yml: rawhide: do not rely on tcp wrappers They are no longer part of Fedora28. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-02-19 16:07:43 +01:00
Nikos Mavrogiannopoulos	a157fc7068	doc: clarify auth and enable-auth Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-02-19 15:41:36 +01:00
Nikos Mavrogiannopoulos	e2a0be65e4	worker: mark new UDP fd received as UDP data reception time That prevents errors such as switching to TCP when no UDP packets are received immediatelly after connection establishment. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-11 12:02:30 +01:00
Nikos Mavrogiannopoulos	e61029445c	gnutls: increased dependency to 3.3.0 That way PKCS#11 reinitialization and global initialization are implicit. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-11 12:02:30 +01:00
Nikos Mavrogiannopoulos	7d762748db	.gitlab-ci.yml: corrected artifacts dir in builds Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-30 20:19:58 +01:00
Nikos Mavrogiannopoulos	553dbd3df7	ax_code_coverage: updated to latest version Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-01-29 17:10:12 +01:00
Kevin Cernekee	85fe81d0e0	Set AGENT_OPENCONNECT for Java/Android clients These use a slightly different User-Agent string. If they are not detected correctly, then IPv6-only VPNs will not work. Since the Android bindings did not exist until 6.00, the V3 check is unnecessary. Signed-off-by: Kevin Cernekee <cernekee@gmail.com>	2018-01-29 12:32:45 +01:00
Nikos Mavrogiannopoulos	e6c4d5e492	bumped version Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-23 21:11:57 +01:00
Nikos Mavrogiannopoulos	dbaecfa80e	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-23 21:11:39 +01:00
Nikos Mavrogiannopoulos	760199a33c	doc: man-pages are modified to be generated using ronn That eliminates the need for autogen and also combines doc/sample.config and manpage contents. Now the doc/sample.config is the primary config documentation location. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-23 21:07:18 +01:00
Nikos Mavrogiannopoulos	894cdb7a52	config: skip unknown sections This would allow future extensibility, by making clients which don't support a section to skip it. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-23 21:07:18 +01:00
Nikos Mavrogiannopoulos	1b8079a11a	Replaced the configuration parser with inih parser That eliminates the dependency on libopts as well as autogen. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-23 21:07:18 +01:00
Nikos Mavrogiannopoulos	533677bd73	ocserv: use getopt for command line parsing The complexity of its command line options didn't require the use of libopts, and by eliminating that dependency for cmd parsing, we can chose another parser for config file parsing. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-23 21:07:18 +01:00
Nikos Mavrogiannopoulos	6b7d09485e	ocpasswd: removed dependency on autogen The complexity of its command line options didn't require the linking to yet another library. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-23 21:07:18 +01:00
Nikos Mavrogiannopoulos	cbac133b07	.gitlab-ci.yml: added a -Werror build under F27 That helps catch any potential issues early. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-23 21:07:18 +01:00
Nikos Mavrogiannopoulos	8ebe287f1c	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-17 20:50:54 +01:00
Nikos Mavrogiannopoulos	ee1cada66a	worker: check for POLLERR condition When checking the events returned from poll, handle the POLLERR condition. This fixes an infinite loop on the worker's main loop. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-01-16 16:20:32 +01:00
Nikos Mavrogiannopoulos	ba92389b0c	.gitlab-ci.yml: correctly point to scan-build artifacts Also added missing gperf package. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-14 19:14:56 +01:00
Nikos Mavrogiannopoulos	c578c787b2	.gitignore: ignore static libs Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-14 19:14:56 +01:00
Nikos Mavrogiannopoulos	2559d68366	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-14 19:14:56 +01:00
Daniel Lenski	fbdf8f875e	Make escape_url() percent-escape fewer characters and escape ' ' as '+' Per RFC 3986, neither ASCII alphanumeric characters, nor any of '-', '_', '.', '~', need to be escaped anywhere in a URL or query string.	2018-01-13 13:11:33 -08:00
Daniel Lenski	38ebf44620	tests for unescaping decimal HTML escapes and '+' in URLs	2018-01-13 12:56:59 -08:00
Daniel Lenski	92f4d5076e	Correctly unescape '+' in URLs and decimal escapes in XML (e.g. ' ' instead of ' ') This patch changes only URL/XML unescaping, not escaping--changing escaping would remove the reversibility of the tests. I've been meaning to submit this ever since http://lists.infradead.org/pipermail/openconnect-devel/2016-October/004042.html but didn't have a particularly good reason. However, I recently ran into a (weirdly-customized) version of AnyConnect which actually sends '+' in one of the authentication forms. So this should improve AnyConnect compatibility in some corner cases.	2018-01-13 12:56:59 -08:00
Nikos Mavrogiannopoulos	b0f217ce43	replaced 'const static' definitions with 'static const' Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-01-12 13:45:05 +01:00
Nikos Mavrogiannopoulos	924ebdf143	configure: use the -Wextra gcc flag for warnings Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-01-12 13:43:58 +01:00
Nikos Mavrogiannopoulos	fb299001ea	config: fixed incorrect sign check Resolves #132 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-01-12 13:39:25 +01:00
Nikos Mavrogiannopoulos	647b44343f	README.md: updated link on technical info Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-07 16:47:11 +01:00
Nikos Mavrogiannopoulos	d8b507f68d	updated auto-generated files Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> ocserv_0_11_10	2018-01-07 16:36:06 +01:00
Nikos Mavrogiannopoulos	f6a6f0bc34	bumped version Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-07 16:34:37 +01:00
Nikos Mavrogiannopoulos	ea6b0d5da9	occtl: sessions: print the location when printing the remote IP Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-07 11:47:19 +01:00
Nikos Mavrogiannopoulos	4c4b60a5b6	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-07 11:43:37 +01:00
Nikos Mavrogiannopoulos	907c34c520	occtl: improved session output That is, do not print expiration time in sessions that are in use (they don't expire during that time), and print whether a session is in use. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-07 11:42:09 +01:00
Nikos Mavrogiannopoulos	a680af6a50	ocserv: improved session disconnection due to re-use messages Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-07 11:27:02 +01:00
Nikos Mavrogiannopoulos	6abd2dc5e6	occtl: introduced 'show session' option This allows printing information related to a session. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-07 11:15:45 +01:00
Nikos Mavrogiannopoulos	c027d4165b	sec-mod: always mark an active (open) session Previously it was only marked when an accounting module was present, though now that we export data to occtl, that information is useful even without accounting module. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-07 11:15:45 +01:00
Nikos Mavrogiannopoulos	3bdd6bc7dc	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-06 18:46:05 +01:00
Nikos Mavrogiannopoulos	fbd760372c	occtl: don't print compatibility fields by default Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-06 18:44:54 +01:00
Nikos Mavrogiannopoulos	b19dda27c3	sec-mod: avoid infinite loop in listing for sessions When having only a single expired session, the security module could enter an infinite loop attempting to list it. Resolves #130 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-06 18:35:27 +01:00
Nikos Mavrogiannopoulos	324f01f5ba	occtl: Last-Modified session printout moved to compatibility options Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-06 18:31:27 +01:00
Nikos Mavrogiannopoulos	7a19296119	tests: updated for increase in slack time Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-01-06 08:55:02 +01:00

1 2 3 4 5 ...

2907 Commits