GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,083 Commits 19 Branches 88 Tags
4b1dc9b38e87425c266e5df00fd467404f295c2e
Commit Graph

1083 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
4b1dc9b38e Added missing files. 2014-05-10 23:12:15 +02:00
Nikos Mavrogiannopoulos
d0729cf454 use safe_memset() where needed. 2014-05-10 13:48:00 +02:00
Nikos Mavrogiannopoulos
127fd35d2e Use a static buffer to read the password file entries from. 
That allows easier overwrite of the parameters read.
 2014-05-10 13:43:09 +02:00
Nikos Mavrogiannopoulos
93db512921 do not separately allocate buffer, but place it instead into worker structure. 2014-05-10 13:26:22 +02:00
Nikos Mavrogiannopoulos
0c86299a18 doc update 2014-05-09 21:13:52 +02:00
Nikos Mavrogiannopoulos
435a0bf5b0 corrected function prototype. 2014-05-09 21:05:24 +02:00
Nikos Mavrogiannopoulos
f21079b667 use malloc_trim() to return memory to OS after fork(). 2014-05-09 20:42:04 +02:00
Nikos Mavrogiannopoulos
929bf5e211 Fixes in talloc usage in occtl in combination with readline. 2014-05-09 16:52:16 +02:00
Nikos Mavrogiannopoulos
fe150f8ab3 better interplay between use-dbus and use-occtl. 2014-05-09 16:38:28 +02:00
Nikos Mavrogiannopoulos
ecfb7cf513 When deinitializing the IP-leases table disable the lease destructor. 2014-05-09 16:28:37 +02:00
Nikos Mavrogiannopoulos
2c3d7ff978 updated docker test. 2014-05-09 16:13:18 +02:00
Nikos Mavrogiannopoulos
969e684960 Use talloc() for all allocations to reduce the possibility of memory leaks. 2014-05-09 16:13:11 +02:00
Nikos Mavrogiannopoulos
fbb168e00a bumped version 2014-05-09 16:12:43 +02:00
Nikos Mavrogiannopoulos
b0e10065a0 Support for the unix socket is now configurable. 2014-05-09 16:12:37 +02:00
Nikos Mavrogiannopoulos
840c35e902 Added configure option --without-pam 2014-05-08 09:07:10 +02:00
Nikos Mavrogiannopoulos
71104b36a3 Added support for unix sockets for the occtl communication. 
D-BUS support is left, but is not enabled by default.
 2014-05-07 13:54:58 +02:00
Nikos Mavrogiannopoulos
6f694915c7 Added talloc. 2014-05-06 16:22:50 +02:00
Nikos Mavrogiannopoulos
89ddd81c0e Use exit_worker() or gnutls fatal errors instead of plain exit(). 
That solves issue with stats not being reported to the main process.
 2014-05-04 14:16:47 +02:00
Nikos Mavrogiannopoulos
d6583945f9 Added the STATS_DURATION script environment variable. 
This variable reports the duration of the session in seconds.
 2014-05-04 11:20:32 +02:00
Nikos Mavrogiannopoulos
593ce2c9fa sample config update 2014-05-04 11:13:44 +02:00
Nikos Mavrogiannopoulos
5c07b36b9b doc update 2014-05-04 11:13:16 +02:00
Nikos Mavrogiannopoulos
521edbccd3 name the cli stats packet. 2014-05-04 11:12:20 +02:00
Nikos Mavrogiannopoulos
d949b2844b Resumed sessions are assigned the correct auth_state. 2014-05-04 11:12:16 +02:00
Nikos Mavrogiannopoulos
d1e3b3f1b7 doc update 2014-05-01 14:11:47 +02:00
Nikos Mavrogiannopoulos
f9e2a029ce released 0.3.4 ocserv_0_3_4 2014-05-01 13:38:50 +02:00
Nikos Mavrogiannopoulos
ca8ac737b7 initialize values to avoid compiler warnings. 2014-05-01 12:08:23 +02:00
Nikos Mavrogiannopoulos
bb2b3ae508 check for posix_memalign presence. 2014-05-01 12:02:45 +02:00
Nikos Mavrogiannopoulos
f1b0d85da3 doc update 2014-04-30 11:06:53 +02:00
Nikos Mavrogiannopoulos
0b977f770f bumped version 2014-04-30 11:04:04 +02:00
Nikos Mavrogiannopoulos
1c46031539 doc update 2014-04-30 11:03:09 +02:00
Nikos Mavrogiannopoulos
b7b3f3416d doc update 2014-04-28 17:40:43 +02:00
Nikos Mavrogiannopoulos
4598a1b53b updated example script to account for STATS_BYTES variables. 2014-04-28 17:40:00 +02:00
Nikos Mavrogiannopoulos
b8bfbde41d Test whether the statistics are exported to disconnect script. 2014-04-28 17:36:02 +02:00
Nikos Mavrogiannopoulos
2a0cc77c2e Export TUN device statistics from the worker process. 
When a worker process terminates in authenticated state, then
export statistics from the tun device (currently bytes_in and
bytes_out). These statistics are sent to main process using an
informational message just prior to process exit. The statistics
are also exported to the disconnect script using the STATS_BYTES_IN
and STATS_BYTES_OUT environment variables.
 2014-04-28 17:32:51 +02:00
Nikos Mavrogiannopoulos
2c213d4e52 Active session timeout was reduced to 30 secs. 2014-04-21 14:08:50 +02:00
Nikos Mavrogiannopoulos
d090075502 corrected sigstack permissions. 2014-04-19 13:18:24 +02:00
Nikos Mavrogiannopoulos
d2931cfd88 Avoid running test if our conditions are not met. 2014-04-19 12:15:16 +02:00
Nikos Mavrogiannopoulos
03f6e7cc16 Setup an alternative stack for signals on heap. 2014-04-19 12:03:40 +02:00
Nikos Mavrogiannopoulos
2577f8bfa7 Allow the worker signal handlers to operate under seccomp. 2014-04-19 11:47:13 +02:00
Nikos Mavrogiannopoulos
bae34112fb Added sigprocmask to the list of seccomp allowed calls. 2014-04-19 10:57:16 +02:00
Nikos Mavrogiannopoulos
46c2965a67 doc update 2014-04-19 10:32:04 +02:00
Nikos Mavrogiannopoulos
489368c58e When receiving unexpected UDP packets, check if they match a known IP and forward them. 
This will not work for many clients that come from a single IP but will
work-around issues, when clients are behind a NAT that keeps their UDP port
state for shorter time than DPD.
 2014-04-19 10:29:57 +02:00
Nikos Mavrogiannopoulos
8e73f98502 changed the default DPD time to 90 seconds, to prevent UDP port from changing in several NATs. 2014-04-19 08:30:10 +02:00
Nikos Mavrogiannopoulos
bd7240e1d5 When a DTLS hello message is received, print the source address. 2014-04-18 20:37:27 +02:00
Nikos Mavrogiannopoulos
0258824647 corrected program name in license 2014-04-18 16:16:31 +02:00
Nikos Mavrogiannopoulos
cf759e33ed Added note on enable-local-libopts for full-test 2014-04-17 19:01:54 +02:00
Nikos Mavrogiannopoulos
f4e8bcc904 Modified full test for debian. 2014-04-17 18:51:34 +02:00
Nikos Mavrogiannopoulos
8e5bea0851 doc update 2014-04-17 16:27:13 +02:00
Nikos Mavrogiannopoulos
7bf24821ae Added a full test between openconnect and ocserv based on docker. 
That allows testing the establishment of a connection plus
the transferring of packets.
 2014-04-17 15:25:19 +02:00
Nikos Mavrogiannopoulos
62110975a7 Revert "Delay the cleanup of resources of a worker if a disconnect script is set." 
This reverts commit 7e0ee385c2.
 2014-04-16 12:00:16 +02:00