GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,594 Commits 19 Branches 88 Tags
3eec11bfcd4653586a70a2deb3b3ffd7fbefe5b4
Commit Graph

320 Commits

Author SHA1 Message Date
Nikos Mavrogiannopoulos
113ae94f13 removed unused option 2014-12-14 14:06:03 +01:00
Nikos Mavrogiannopoulos
173301744c updated radius documentation 2014-12-13 22:22:28 +01:00
Nikos Mavrogiannopoulos
a32c5db859 Added README.radius 2014-12-11 12:09:56 +01:00
Nikos Mavrogiannopoulos
93125ea945 updated documentation on radius 2014-12-10 11:46:17 +01:00
Nikos Mavrogiannopoulos
320773e80a Added support for radius interim updates 2014-12-10 11:18:29 +01:00
Nikos Mavrogiannopoulos
766afb591a Added support for reading user configuration from radius. 2014-12-09 15:38:27 +01:00
Nikos Mavrogiannopoulos
2194e11b39 Added support for radius authentication 2014-12-09 10:59:18 +01:00
Nikos Mavrogiannopoulos
cb9dcde387 Notify the client that the server may have a dynamic DNS address 
That is send "X-CSTP-DynDNS: true", in CSTP headers if the
server is configured as having a dynamic DNS address.
 2014-11-30 11:30:08 +01:00
Nikos Mavrogiannopoulos
74aa65bfa0 enhanced sample.config 2014-11-26 17:09:54 +01:00
Nikos Mavrogiannopoulos
0320f61e3f Disable RC4 in the default priority strings 2014-11-18 22:23:02 +01:00
Nikos Mavrogiannopoulos
2069af24a8 disable SSL 3.0 on the default priorities 2014-10-17 11:01:28 +02:00
Nikos Mavrogiannopoulos
c2856e2ee6 disabled session control by default in sample.config 2014-10-15 07:58:36 +02:00
Nikos Mavrogiannopoulos
3a455f4178 listen-file -> listen-clear-file 2014-09-28 09:06:14 +02:00
Nikos Mavrogiannopoulos
e2585b2f26 unix-conn-file -> listen-file 2014-09-26 08:54:41 +02:00
Nikos Mavrogiannopoulos
4ea5a56ace Allow the CSTP layer to operate without TLS 
That also introduces a unix domain socket under which connections to the
server can occur.
 2014-09-23 16:08:29 +02:00
Nikos Mavrogiannopoulos
18cef50ebe doc update 2014-06-12 15:36:39 +02:00
Nikos Mavrogiannopoulos
9e4be33533 Added sequence diagram describing the session control operation. 2014-06-10 15:39:10 +02:00
Nikos Mavrogiannopoulos
021febe5d8 doc update 2014-06-10 15:16:54 +02:00
Nikos Mavrogiannopoulos
cbe4d80b1e No longer install d-bus or systemd files. 2014-06-02 14:52:13 +02:00
Nikos Mavrogiannopoulos
7ccdba8234 doc update 2014-05-27 16:04:53 +02:00
Nikos Mavrogiannopoulos
7ba0fffb07 Added the configuration option deny-roaming. 
That required moving the read of the group configuration during the
cookie authentication phase.
 2014-05-25 10:17:28 +02:00
Nikos Mavrogiannopoulos
78132e2a6d Added auto group listing on PAM authentication as well. 
In addition a configuration option to print group IDs over a
certain number was added.
 2014-05-23 16:36:48 +02:00
Nikos Mavrogiannopoulos
d51a7cb7e7 re-use the string replace API for route add/del replacements. 2014-05-23 11:32:07 +02:00
Nikos Mavrogiannopoulos
57d848d228 The replaced keywords were put into brackets. 2014-05-23 11:19:42 +02:00
Nikos Mavrogiannopoulos
51494e0df1 doc update 2014-05-23 11:08:23 +02:00
Nikos Mavrogiannopoulos
2276acf57b limit the cookie validity time to 3 hours in the configuration examples. 2014-05-22 13:48:09 +02:00
Nikos Mavrogiannopoulos
177c1c95bd Allow aliases to group names. 2014-05-21 12:25:26 +02:00
Nikos Mavrogiannopoulos
2668fe63b4 Added the default-select-group directive. 2014-05-19 20:00:35 +02:00
Nikos Mavrogiannopoulos
4755ee48c5 Added the select-group and auto-select-group config options. 
These options allow to prompt the user for a group prior to login.
That in addition enhances the password file format and multiple groups
can be specified on a comma separated list, as:
user:group1,group2,group3:$5$encodedpassword
 2014-05-19 18:25:25 +02:00
Nikos Mavrogiannopoulos
0f0f96ef5c sample.config: comment out the occtl-socket-file. 2014-05-17 08:47:27 +02:00
Nikos Mavrogiannopoulos
b25deaf742 Updated authentication state and design figures. 2014-05-14 14:50:03 +02:00
Nikos Mavrogiannopoulos
788560b9ce Added default-user-config and default-group-config configuration options. 
These allow setting a configuration file that will be loaded if a
user-specific or group-specific configuration file isn't found.
 2014-05-14 13:27:51 +02:00
Nikos Mavrogiannopoulos
9434334918 updated sample.config 2014-05-11 14:23:43 +02:00
Nikos Mavrogiannopoulos
d6583945f9 Added the STATS_DURATION script environment variable. 
This variable reports the duration of the session in seconds.
 2014-05-04 11:20:32 +02:00
Nikos Mavrogiannopoulos
593ce2c9fa sample config update 2014-05-04 11:13:44 +02:00
Nikos Mavrogiannopoulos
4598a1b53b updated example script to account for STATS_BYTES variables. 2014-04-28 17:40:00 +02:00
Nikos Mavrogiannopoulos
8e73f98502 changed the default DPD time to 90 seconds, to prevent UDP port from changing in several NATs. 2014-04-19 08:30:10 +02:00
Nikos Mavrogiannopoulos
0b9c6ff633 Added diagram with authentication state machine. 2014-03-25 13:49:11 +01:00
Nikos Mavrogiannopoulos
35c46d05c5 Do not set the output-buffer in the default configuration. 2014-03-25 11:25:42 +01:00
Nikos Mavrogiannopoulos
de1f63605b updated sample 2014-02-22 12:54:40 +01:00
Nikos Mavrogiannopoulos
faf0a7133b doc update 2014-02-17 22:22:07 +01:00
Nikos Mavrogiannopoulos
882c37b17a Added profile.xml to the distributed files 2014-02-17 15:36:33 +01:00
Nikos Mavrogiannopoulos
6d8841cae7 sample.conf update 2014-02-12 11:05:14 +01:00
Nikos Mavrogiannopoulos
5bf791bdfa doc update 2014-02-01 19:03:33 +01:00
Nikos Mavrogiannopoulos
0ec67882c0 Added support for multiple DNS and NBNS servers. 
This patch also combines ipv4-dns and ipv6-dns options
that are now handled as aliases to dns.

A side-effect of this patch is that the local keyword is no
longer supported.
 2014-02-01 14:50:52 +01:00
Nikos Mavrogiannopoulos
7129b7b316 change default ipv6 to link-local 2014-01-30 09:43:18 +01:00
Nikos Mavrogiannopoulos
8a29216228 doc update 2014-01-29 15:13:33 +01:00
Thomas Glanzmann
885f394f95 Allow Remote Desktop Users to establish AnyConnect connections 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2014-01-29 13:58:28 +01:00
Nikos Mavrogiannopoulos
41e8a949b3 only install DBUS and systemd files if they don't exist. 2014-01-28 18:04:38 +01:00
Nikos Mavrogiannopoulos
ec10295d9c Added two versions of systemd socket files, a standalone and a socket activate. 
From the standalone is installed by default.
 2014-01-28 18:01:31 +01:00