GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 08:46:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,219 Commits 19 Branches 88 Tags
4489ff3cc6cf5bae9ee44cb990252b4bf4c95024
Commit Graph

1219 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
4489ff3cc6 removed dbus from the dependencies 2014-06-02 23:35:57 +02:00
Nikos Mavrogiannopoulos
3bbfc46280 doc update 2014-06-02 23:32:02 +02:00
Nikos Mavrogiannopoulos
3248651120 ocpasswd: added parameter to delete a user. 2014-06-02 23:31:40 +02:00
Nikos Mavrogiannopoulos
f69353fedc bumped version 2014-06-02 15:23:10 +02:00
Nikos Mavrogiannopoulos
961171e73b doc update 2014-06-02 14:52:23 +02:00
Nikos Mavrogiannopoulos
cbe4d80b1e No longer install d-bus or systemd files. 2014-06-02 14:52:13 +02:00
Nikos Mavrogiannopoulos
fb2b1e5504 doc update 2014-06-02 14:39:37 +02:00
Brian Chu
2a6111eef8 Fix tun IPv6 on platforms that use SIOCAIFADDR_IN6. 
Also remove a redundant call to SIOCDIFADDR. A freshly
cloned tun interface should not have existing aliases.
 2014-06-02 14:37:46 +02:00
Nikos Mavrogiannopoulos
2e5bd4bbf8 removed double header inclusion 2014-06-02 11:54:40 +02:00
Brian Chu
4001719560 Fix insufficient arguments in an error message. 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2014-06-02 11:52:41 +02:00
Nikos Mavrogiannopoulos
8c55420a12 Avoid warning due to unused variables. 2014-06-02 11:49:58 +02:00
Brian Chu
de0388a3f7 Fix tun device usage on *BSD. 
SIOCSIFADDR is deprecated on *BSD. Instead, use SIOCAIFADDR to
add an alias. Also destroy the tun device with SIOCIFDESTROY when
the client disconnects.
 2014-06-02 11:49:08 +02:00
Nikos Mavrogiannopoulos
264114e799 doc update 2014-06-02 09:33:26 +02:00
Nikos Mavrogiannopoulos
6f3c07ca2d SID is no longer being randomized in main. 
This was unecessary as it is now being set (and generated) by sec-mod.
 2014-06-02 09:28:36 +02:00
Nikos Mavrogiannopoulos
af7e967063 reduced the severity on several worker log messages. 2014-06-02 09:21:08 +02:00
Nikos Mavrogiannopoulos
429195987c corrected string comparison 2014-06-02 08:50:29 +02:00
Nikos Mavrogiannopoulos
3db871bb43 Do a more graceful termination of the client if main server closes the CMD fd. 2014-06-01 13:00:33 +02:00
Nikos Mavrogiannopoulos
48c2477d1f doc update 2014-05-31 22:12:22 +02:00
Nikos Mavrogiannopoulos
0c21e47f85 Always use the native endianness. 2014-05-31 22:09:09 +02:00
Nikos Mavrogiannopoulos
ade4f84e70 autogenerate args files if version.inc is update. 2014-05-31 21:47:56 +02:00
Nikos Mavrogiannopoulos
d47f8b56c1 removed no longer applicable message 2014-05-31 18:43:18 +02:00
Nikos Mavrogiannopoulos
a9375dfbba released 0.8.0 ocserv_0_8_0 2014-05-31 18:31:05 +02:00
Nikos Mavrogiannopoulos
6f5ec79678 use a more portable way to kill the openconnect process. 2014-05-31 18:30:28 +02:00
Nikos Mavrogiannopoulos
cd635fd8cb full-test: be more resilient to docker errors. 2014-05-31 18:22:56 +02:00
Nikos Mavrogiannopoulos
37daebaf84 corrected compilation with local protobuf 2014-05-31 18:12:02 +02:00
Nikos Mavrogiannopoulos
936932c29c doc update 2014-05-30 08:55:33 +02:00
Nikos Mavrogiannopoulos
70dc25dce6 Listed previous releases. 2014-05-30 07:44:11 +02:00
Nikos Mavrogiannopoulos
68516206b2 bumped version 2014-05-29 21:11:04 +02:00
Nikos Mavrogiannopoulos
c6519a74c3 main: correct hashing of cookie 2014-05-29 00:29:27 +02:00
Nikos Mavrogiannopoulos
98ed640258 more debug messages 2014-05-29 00:27:20 +02:00
Nikos Mavrogiannopoulos
1e48d0d0de main: removed the inactive ban_list. 2014-05-29 00:20:13 +02:00
Nikos Mavrogiannopoulos
ff4f895cb0 main: deactivate the cookie when releasing proc. 2014-05-29 00:19:24 +02:00
Nikos Mavrogiannopoulos
5759032ef9 worker: only check for friendly names, if there are any 2014-05-29 00:14:28 +02:00
Nikos Mavrogiannopoulos
d11d8ae47c increased the maintainance time to 15 mins 2014-05-28 10:56:03 +02:00
Nikos Mavrogiannopoulos
3dd67c3f19 inline revive_cookie() 2014-05-28 10:48:27 +02:00
Nikos Mavrogiannopoulos
9eb68a381a No need for safe_memset() of the cookie hash. 2014-05-28 10:34:26 +02:00
Nikos Mavrogiannopoulos
e5c60a7a44 Limit the number of TLS resumption requests to one. 2014-05-28 10:32:35 +02:00
Nikos Mavrogiannopoulos
3a18882a40 Store a hash of the client's cookie instead of the cookie itself. 
That ensures that the cookies cannot be leaked from the server.
On a hash collision, the IP of the other cookie in use will be
hijacked.
 2014-05-28 10:13:08 +02:00
Nikos Mavrogiannopoulos
0f0cf31a79 zeroize cookies and TLS session data after read. 2014-05-28 10:11:17 +02:00
Nikos Mavrogiannopoulos
7ccdba8234 doc update 2014-05-27 16:04:53 +02:00
Nikos Mavrogiannopoulos
aaa06e3157 TLS sessions expire the at cookie timeout. 2014-05-27 16:01:14 +02:00
Nikos Mavrogiannopoulos
a872850b1e better printing of module name. 2014-05-27 16:01:09 +02:00
Nikos Mavrogiannopoulos
68071646c6 Report the number of active cookies and TLS resumed sessions to occtl 2014-05-27 16:01:03 +02:00
Nikos Mavrogiannopoulos
25fbdfbf70 Keep track of cookies internally. 
That allows to restrict the cookie validity time to the absolutely minimum
required to establish and reconnect a recently disconnected session.
That deprecates the cookie-validity option and introduces the cookie-timeout
option.
 2014-05-27 16:00:57 +02:00
Nikos Mavrogiannopoulos
a2728265b3 corrected safe_memset() of expired sessions. 2014-05-27 15:59:22 +02:00
Nikos Mavrogiannopoulos
01211c610c Allow memset of zero 2014-05-27 15:58:12 +02:00
Nikos Mavrogiannopoulos
0586e4c5fa Simplified the TLS hash table initialization. 2014-05-27 15:00:13 +02:00
Nikos Mavrogiannopoulos
8c82e8c96c Overwrite TLS session data prior to release. 2014-05-27 14:56:30 +02:00
Nikos Mavrogiannopoulos
b4fcf4df82 use macros for reason messages 2014-05-27 11:00:30 +02:00
Nikos Mavrogiannopoulos
2e1c1bb29f require the certificate being present on the sec-mod session initialization. 2014-05-27 10:46:16 +02:00