GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
918 Commits 19 Branches 88 Tags
4cf84152e56b97c8fd8aa99a0d8b5a52e5a266ef
Commit Graph

918 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
4cf84152e5 doc update 2014-02-17 15:46:35 +01:00
Nikos Mavrogiannopoulos
882c37b17a Added profile.xml to the distributed files 2014-02-17 15:36:33 +01:00
Nikos Mavrogiannopoulos
8c2acab693 Added 'See Also' section in occtl.8 2014-02-17 15:25:07 +01:00
Nikos Mavrogiannopoulos
f85ee029a8 doc update 2014-02-17 08:43:28 +01:00
Nikos Mavrogiannopoulos
3cf1d409db better wording 2014-02-16 22:48:15 +01:00
Nikos Mavrogiannopoulos
991455065f simplified handling of CISCO reconnecting clients. 
Instead of having a client use the initial SID over and over,
re-set the SID cookie, during authentication when needed. That
way we avoid having expensive checks to ensure uniqueness of SID.
 2014-02-16 22:47:45 +01:00
Nikos Mavrogiannopoulos
9d3453877f eliminated double [m] 2014-02-16 21:31:32 +01:00
Nikos Mavrogiannopoulos
247ac9e683 Indicate the main process in message logging, to distinguish from worker messages. 2014-02-16 19:25:15 +01:00
Nikos Mavrogiannopoulos
d339be261e Better messages in password asking. 2014-02-16 19:19:25 +01:00
Nikos Mavrogiannopoulos
24403dddcb doc update 2014-02-16 19:12:54 +01:00
Nikos Mavrogiannopoulos
fd7f3e65ce Allow a number of retries in plain password authentication. 2014-02-16 19:10:49 +01:00
Nikos Mavrogiannopoulos
83f3cbac19 set output buffer based on DTLS MTU, and ensure a minimum value 2014-02-16 13:59:02 +01:00
Nikos Mavrogiannopoulos
936fefd79d distribute test-stress 2014-02-16 10:13:06 +01:00
Nikos Mavrogiannopoulos
0f0683b7fd released 0.3.1 ocserv_0_3_1 2014-02-16 09:34:20 +01:00
Nikos Mavrogiannopoulos
17f3fb8518 check for auth context presence when locating a previous session 2014-02-16 08:40:51 +01:00
Nikos Mavrogiannopoulos
a329982c97 removed the periodic printing of TCP MSS 2014-02-15 21:08:00 +01:00
Nikos Mavrogiannopoulos
55de932cdb corrected typo 2014-02-15 15:25:00 +01:00
Nikos Mavrogiannopoulos
ac5a9062c6 added example of IPv6 route 2014-02-15 15:19:13 +01:00
Nikos Mavrogiannopoulos
0faee9fbbf print errors when an invalid IPv6 prefix is found. 2014-02-15 15:16:19 +01:00
Nikos Mavrogiannopoulos
489da30c93 doc update 2014-02-15 13:53:21 +01:00
Nikos Mavrogiannopoulos
3b9971b7e8 Added support for the "new" type of IP6 support in AnyConnect. 
If the client sends "X-CSTP-Full-IPv6-Capability: true", then we
use the headers:
     X-CSTP-Address-IP6: 2001:db8:1000:1000::1/64
     X-CSTP-Split-Include-IP6: 2001:db8:1000:1001::/64
     X-CSTP-Split-Include-IP6: 2001:db8:1000:1002::/64

(see corresponding openconnect change)
 2014-02-15 13:51:03 +01:00
Nikos Mavrogiannopoulos
4e8d7e7a58 corrected typo 2014-02-15 13:44:05 +01:00
Nikos Mavrogiannopoulos
c8986508c0 doc update 2014-02-15 09:58:07 +01:00
Nikos Mavrogiannopoulos
8ffca1fcd9 eliminate small leak 2014-02-15 09:57:52 +01:00
Nikos Mavrogiannopoulos
828814862b Added stress test 2014-02-15 09:53:57 +01:00
Nikos Mavrogiannopoulos
dd3bd9dcdd Do not enforce safe negotiation on the main TLS channel. 
This is only set when in CISCO compatibility mode, as CISCO clients
come from the past.
 2014-02-14 21:35:41 +01:00
Nikos Mavrogiannopoulos
452ff7973a simplified type usage 2014-02-14 12:47:22 +01:00
Nikos Mavrogiannopoulos
ea39d512dc switch to strtok_r() and other small fixes. 2014-02-14 12:43:54 +01:00
Nikos Mavrogiannopoulos
af6714605b when a user is rejected due to multiple connections set an appropriate status. 2014-02-14 10:37:35 +01:00
Nikos Mavrogiannopoulos
f8f30bffa4 set a reasonable default rekey time 2014-02-12 11:07:14 +01:00
Nikos Mavrogiannopoulos
6d8841cae7 sample.conf update 2014-02-12 11:05:14 +01:00
Nikos Mavrogiannopoulos
c8a9ab3191 removed exclamation mark 2014-02-12 11:05:11 +01:00
Nikos Mavrogiannopoulos
22ffb526dd DTLS rekey time and method was aligned with CSTP. 2014-02-12 10:48:10 +01:00
Nikos Mavrogiannopoulos
001fd57c71 Allow rehandshakes on the DTLS channel. 2014-02-11 16:18:08 +01:00
Nikos Mavrogiannopoulos
8f559e89e5 doc update 2014-02-11 15:48:55 +01:00
Nikos Mavrogiannopoulos
c92925e727 Rekey time is now configurable and can be disabled. 2014-02-11 15:47:20 +01:00
Nikos Mavrogiannopoulos
fa4b24ddac removed unused label 2014-02-11 15:30:25 +01:00
Nikos Mavrogiannopoulos
266b06f7d2 when the tcp channel is terminated attempt to close the DTLS channel as well. 2014-02-10 09:45:12 +01:00
Nikos Mavrogiannopoulos
295a87b8ab bumped version 2014-02-05 19:27:44 +01:00
Nikos Mavrogiannopoulos
638228e284 Use brackets in DEL macro 2014-02-05 09:56:06 +01:00
Nikos Mavrogiannopoulos
eb5f78c748 seccomp will make the forbidden system calls to return an error. 2014-02-02 09:45:34 +01:00
Nikos Mavrogiannopoulos
cfc10eec81 reduced the number of allowed ioctl() to the ones used. 2014-02-02 09:44:09 +01:00
Nikos Mavrogiannopoulos
5bf791bdfa doc update 2014-02-01 19:03:33 +01:00
Nikos Mavrogiannopoulos
91ceefb1f3 Added the split-dns config option. 2014-02-01 18:59:50 +01:00
Nikos Mavrogiannopoulos
311d5ddd20 Added configuration option to send custom headers to client. 2014-02-01 18:55:27 +01:00
Nikos Mavrogiannopoulos
0ec67882c0 Added support for multiple DNS and NBNS servers. 
This patch also combines ipv4-dns and ipv6-dns options
that are now handled as aliases to dns.

A side-effect of this patch is that the local keyword is no
longer supported.
 2014-02-01 14:50:52 +01:00
Nikos Mavrogiannopoulos
5c49678568 doc update 2014-02-01 10:27:49 +01:00
Nikos Mavrogiannopoulos
51c0e1bee1 Added untested code to set an IPv6 on FreeBSD. 2014-02-01 10:25:41 +01:00
Nikos Mavrogiannopoulos
97c2a4428f separated linux-specific code to allow easier portability fixes. 2014-02-01 09:57:18 +01:00
Nikos Mavrogiannopoulos
16f731bd2e on systems without IPv6 support remove the IPv6 lease. 2014-02-01 09:49:10 +01:00