GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-09 16:26:59 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,110 Commits 19 Branches 88 Tags
55d5af2ebcfb8314059a652cd425d2b7df91decd
Commit Graph

34 Commits

Author SHA1 Message Date
Nikos Mavrogiannopoulos
55d5af2ebc check_multiple_users: do not account disconnected ones 
When max-same-clients is set to 1 and a user re-using a cookie
connects, check_multiple_users() would prevent the user from
reconnecting. This corrects the issue by taking into account
only valid sessions that have not yet been disconnected.

Resolves: #223

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-12-16 21:30:24 +01:00
Nikos Mavrogiannopoulos
cfa62cf6b4 Merge branch 'tmp-test-kerberos' into 'master' 
tests: added kerberos test case

See merge request openconnect/ocserv!116
 2019-12-12 15:29:35 +00:00
Nikos Mavrogiannopoulos
c9e907c841 tests: replaced docker-based kerberos test case with one that runs in CI 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 14:51:21 +01:00
Nikos Mavrogiannopoulos
ea845a57fc tests: clean-up pam server initiation 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 11:10:19 +01:00
Nikos Mavrogiannopoulos
4bcf29643d ocserv: added support for per-user split-dns directive 
Resolves: #229

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 11:06:47 +01:00
Lele Long
17ed47488d Add udp-listen-host option for DTLS 
This option supports different listen addresses for tcp and
udp such as haproxy for tcp, but support dtls at the same time (haproxy
does not support UDP at the moment)
 2019-09-30 09:01:55 +08:00
Alexey Dotsenko
0153172c03 tests: add radius otp test 
tests (radius-otp): add a check radcli version (atleast 1.2.7), since debian uses version
1.2.6, which does not support Access-Challenge server response.

tests: show debug messages only in VERBOSE mode

tests (radius-otp): replace test for option max_challenge to macro MAX_CHALLENGE

Signed-off-by: Alexey Dotsenko <lex@rwx.su>
 2019-06-24 17:25:44 +03:00
Nikos Mavrogiannopoulos
15380220ac tests: rewrite the radius tests using namespaces 
This simplifies the test and makes it runnable in our CI.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-06-03 22:47:23 +02:00
Nikos Mavrogiannopoulos
27c83dcf42 tests: consistently disable isolate-workers in tests 
That is to prevent coverage reporting in tests.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-01-20 06:43:47 +01:00
Nikos Mavrogiannopoulos
b181f20a2e tests: added functionality test for config-per-group 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-11-18 21:06:22 +01:00
Nikos Mavrogiannopoulos
579cfc0ead Added support for AES-256-CBC 
This enables support for AES-256 for anyconnect clients which
do not support AES-GCM. Also prioritized the 256-bit ciphers
higher than the 128-bit ones.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-07-20 21:58:49 +02:00
Nikos Mavrogiannopoulos
807ce345de main: create a sec-mod socket file independent of pid 
That addresses the issue of not being able to run under systemd,
or under non-forking mode. Added test case to detect proper
operation.

Resolves #154

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-05-11 22:04:28 +02:00
Nikos Mavrogiannopoulos
4111f598b8 tests: separated compression tests to lzs and lz4 
That allows testing both code paths separately.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-04-15 17:25:27 +02:00
Nikos Mavrogiannopoulos
432c12dcce tests: added test to unit test the maintenance cycle 
This allows to catch issues like crashes late in the server
operation as in #149

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-04-15 09:25:51 +02:00
Nikos Mavrogiannopoulos
0bb085de4a tests: pam-test was restricted to pam_matrix 
valgrind and asan were indicating issues with pam_oath, so
avoid using it in the testsuite.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-04-14 18:36:03 +02:00
Nikos Mavrogiannopoulos
158b099c9f tests: added test with compression enabled 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-04-06 06:53:27 +02:00
Nikos Mavrogiannopoulos
265e30dab7 tests: full-test was moved into traffic test 
The new traffic test only requires namespaces and no docker.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-04-05 20:06:27 +02:00
Nikos Mavrogiannopoulos
86fe0fc457 tests: added check with haproxy connection 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-04-04 07:22:49 +02:00
Nikos Mavrogiannopoulos
63b7e81e87 tests: added test with proxy-protocol 
That tests operation under haproxy with proxy-protocol without docker.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-04-01 13:30:47 +02:00
Nikos Mavrogiannopoulos
0de68ef4b1 tests: added reproducer for #141 
This tests whether more than 128 options can be read in
routes or dns fields.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-03-21 12:28:24 +01:00
Nikos Mavrogiannopoulos
5d0205332d tests: introduced test program to check basic vhost functionality 
This checks whether connecting to different virtual hosts
with different authentication methods works.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-03-06 20:42:33 +01:00
Nikos Mavrogiannopoulos
15fd4c9fbb tests: introduced tests with gssapi falling back to pass or certs 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-02-25 16:31:55 +01:00
Nikos Mavrogiannopoulos
4ecfed7ed0 tests: added check cert or pass auth 
This is the similar to the test case (test-pass-opt-cert) of pass or cert,
but in that case the certificate method is set as primary.

Relates #108

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-02-25 16:03:50 +01:00
Nikos Mavrogiannopoulos
30d4b4e677 test-pass-opt-cert: modified not to require root access 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-02-25 16:03:50 +01:00
Nikos Mavrogiannopoulos
66f9f97d1d test: replaced docker otp-test with cwrap test-otp 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-02-25 16:00:09 +01:00
Nikos Mavrogiannopoulos
00c6f566cb tests: introduced test with OTP-password and certificate auth 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-02-25 14:38:19 +01:00
Nikos Mavrogiannopoulos
8eafacf2a9 tests: test-gssapi is now run as non-root 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2017-09-09 10:51:42 +02:00
Nikos Mavrogiannopoulos
077e16e36d tests: check server functionality with Ed25519/RSA-PSS certs 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2017-08-23 12:00:15 +02:00
Nikos Mavrogiannopoulos
5d74492a59 tests: verify correct operation with locked account 
That checks whether connecting to a locked account will have
unexpected effects (e.g., login allowed).

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2017-08-23 09:26:58 +02:00
Nikos Mavrogiannopoulos
b3cbfbbcd5 tests: Added check for certificate alternative name checking 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2017-01-28 15:23:17 +01:00
Nikos Mavrogiannopoulos
e12d2e6818 tests: made pam check independent of builddir 2016-06-29 10:05:00 +02:00
Nikos Mavrogiannopoulos
ae3c20c3ed tests: pam tests were converted to use pam-wrapper 
This allows running the PAM tests without requiring root access
 2016-06-25 23:05:18 +02:00
Nikos Mavrogiannopoulos
cbc4dde44b tests: moved passwd files to data/ 2016-06-17 11:54:05 +02:00
Nikos Mavrogiannopoulos
f3a182dbdf tests: moved config files to data/ 2016-06-17 11:54:03 +02:00