ocserv

mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 08:46:58 +08:00

Author	SHA1	Message	Date
Nikos Mavrogiannopoulos	579cfc0ead	Added support for AES-256-CBC This enables support for AES-256 for anyconnect clients which do not support AES-GCM. Also prioritized the 256-bit ciphers higher than the 128-bit ones. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-07-20 21:58:49 +02:00
Nikos Mavrogiannopoulos	5a2bed6a58	.gitlab-ci.yml: updated for new debian build name Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-06-26 03:26:13 +02:00
Nikos Mavrogiannopoulos	6bc5da342f	.gitlab-ci.yml: updated for new project Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-06-26 03:13:35 +02:00
Nikos Mavrogiannopoulos	2c460034a3	ocserv.8: link to openconnect(8) Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-06-26 02:24:34 +02:00
Nikos Mavrogiannopoulos	52c3a9fd09	worker-vpn: more reasonable messages for timeout and disconnections Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-06-19 16:52:23 +02:00
Nikos Mavrogiannopoulos	59e8dced79	radius: be more verbose with groups found Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-27 09:06:10 +02:00
Nikos Mavrogiannopoulos	20f7ea1355	README-radius.md: mention groupconfig=true relevance for Class attribute [ci skip] Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-13 08:37:54 +02:00
Nikos Mavrogiannopoulos	68c16a56b1	NEWS: updated for release Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-12 11:23:03 +02:00
Nikos Mavrogiannopoulos	9ca7da7689	added missing file Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> ocserv_0_12_1	2018-05-12 08:20:59 +02:00
Nikos Mavrogiannopoulos	3dc6f95a6a	released 0.12.1 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-12 08:17:22 +02:00
Nikos Mavrogiannopoulos	fefbce19dc	Merge branch 'tmp-dont-break-configure' into 'master' configure: don't break on ubuntu See merge request ocserv/ocserv!85	2018-05-12 05:34:44 +00:00
Nikos Mavrogiannopoulos	c1aee4fe9a	configure: bumped version Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-12 05:20:02 +00:00
Nikos Mavrogiannopoulos	ece70b0d6c	configure: always work-around brokenness of gnutls_certificate_set_key That is, instead of requiring the user to explicitly pass --with-broken-gnutls warn at the end of the configure script. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-12 05:20:02 +00:00
Nikos Mavrogiannopoulos	107b6440ad	Merge branch 'tmp-fix-forking-behavior' into 'master' fix ocserv's forking behavior Closes #154 See merge request ocserv/ocserv!84	2018-05-11 20:22:23 +00:00
Nikos Mavrogiannopoulos	807ce345de	main: create a sec-mod socket file independent of pid That addresses the issue of not being able to run under systemd, or under non-forking mode. Added test case to detect proper operation. Resolves #154 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-11 22:04:28 +02:00
Nikos Mavrogiannopoulos	579d99ee39	ocserv: added the --no-chdir command line option This allows running on the background but without changing the current directory. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-10 20:03:50 +02:00
Nikos Mavrogiannopoulos	e1c3ed95b0	doc update [ci skip] Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-04 23:37:34 +02:00
Nikos Mavrogiannopoulos	187774d597	Merge branch 'tmp-fix-cert-release' into 'master' configure: refuse to compile with known dependency issues Closes #152 See merge request ocserv/ocserv!83	2018-05-04 21:36:24 +00:00
Nikos Mavrogiannopoulos	094145bf54	configure: refuse to compile with known dependency issues In particular require gnutls 3.5.5 which fixes cleanups in gnutls_certificate_set_key(), or a recent version of the 3.3.x branch. When forced to use a broken version work-around issues (at the cost of a memory leak). Resolves #152 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-05-04 23:21:37 +02:00
Nikos Mavrogiannopoulos	bbc7958490	doc: fail safe when ronn is not available Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-23 22:07:10 +02:00
Nikos Mavrogiannopoulos	d989b925c4	doc: corrected typo in manpage generation Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-23 21:57:16 +02:00
Nikos Mavrogiannopoulos	3a74ea81ea	doc: dist_man_MANS are defined unconditionally Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-04-23 11:16:56 +02:00
Nikos Mavrogiannopoulos	a65b3444cb	tests: ship missing test [ci skip] Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-04-23 11:13:13 +02:00
Nikos Mavrogiannopoulos	601ce35a89	doc: added missing file Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> ocserv_0_12_0	2018-04-22 10:54:58 +02:00
Nikos Mavrogiannopoulos	66656388c6	bumped version Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-22 10:43:29 +02:00
Nikos Mavrogiannopoulos	5b3fc7eb03	Merge branch 'tmp-comp-tests' into 'master' tests: enhanced compression tests See merge request ocserv/ocserv!82	2018-04-15 19:08:18 +00:00
Nikos Mavrogiannopoulos	a4525385bb	lzs: updated from openconnect source code Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-15 20:53:17 +02:00
Nikos Mavrogiannopoulos	90e1b5cbde	.gitignore: ignore new tests Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-15 17:27:51 +02:00
Nikos Mavrogiannopoulos	4111f598b8	tests: separated compression tests to lzs and lz4 That allows testing both code paths separately. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-15 17:25:27 +02:00
Nikos Mavrogiannopoulos	b1e3ff580f	config: added options to change compression algorithm priorities Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-15 17:25:27 +02:00
Nikos Mavrogiannopoulos	2ae4c2b2ed	sample.config: the example paths reflect real system paths Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-15 17:25:27 +02:00
Nikos Mavrogiannopoulos	d49ba40fb2	Merge branch 'tmp-maintenance-check' into 'master' address issue in maintenance cycle See merge request ocserv/ocserv!81	2018-04-15 07:40:03 +00:00
Nikos Mavrogiannopoulos	03bccbcaef	main/sec-mod: handle sec-mod reload via synchronous communication This eliminates race-conditions related to signal handling and potential main/sec-mod desynchronizations related to cert/key pairs. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-15 09:25:55 +02:00
Nikos Mavrogiannopoulos	a40ac19c49	ms_sleep: do wait for the specified amount of time That is, do not return earlier due to a signal. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-15 09:25:55 +02:00
Nikos Mavrogiannopoulos	432c12dcce	tests: added test to unit test the maintenance cycle This allows to catch issues like crashes late in the server operation as in #149 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-15 09:25:51 +02:00
Nikos Mavrogiannopoulos	5fd5a1b349	main: allow forcing maintenance cycle with SIGUSR2 This is done for testing purposes; allow test the maintenance cycle without waiting for the necessary time. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-15 08:25:37 +02:00
Nikos Mavrogiannopoulos	55b8ce4b08	main: corrected call of CRL reload Resolves #149 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-15 08:15:34 +02:00
Nikos Mavrogiannopoulos	b117a165a6	gssapi auth: set the virtual host data early That prevents a crash on its use from get_name() later in the initialization. Resolves #145 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 21:30:43 +02:00
Nikos Mavrogiannopoulos	61e5d23f48	Merge branch 'tmp-minor-fixes' into 'master' Minor updates on master branch See merge request ocserv/ocserv!79	2018-04-14 19:19:49 +00:00
Nikos Mavrogiannopoulos	b4bb6c2049	.gitlab-ci.yml: do not use PAM under asan PAM tests would fail due to address sanitizer not detecting the stack switches. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 18:55:10 +02:00
Nikos Mavrogiannopoulos	0bb085de4a	tests: pam-test was restricted to pam_matrix valgrind and asan were indicating issues with pam_oath, so avoid using it in the testsuite. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 18:36:03 +02:00
Nikos Mavrogiannopoulos	cf8304cadf	sec-mod/main: eliminate mem leaks related to vhost transition Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 18:34:12 +02:00
Nikos Mavrogiannopoulos	9af953383e	tests: properly handle memory in cfg_parse_ports() unit test Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 14:23:21 +02:00
Nikos Mavrogiannopoulos	f1e3d1e0a7	trim_trailing_whitespace: avoid invalid memory access/read Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 14:23:21 +02:00
Nikos Mavrogiannopoulos	82bc4fb841	proxy protocol: added check to avoid memcpy on zero data Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 14:23:21 +02:00
Nikos Mavrogiannopoulos	eb41aa8f45	.gitlab-ci.yml: corrected run of ubsan/asan Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 14:23:21 +02:00
Nikos Mavrogiannopoulos	9ecafa9d73	configure: do not warn on string truncation Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 14:23:21 +02:00
Nikos Mavrogiannopoulos	aec5112609	radius: allow more space in route from txt to avoid truncation Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 14:23:21 +02:00
Nikos Mavrogiannopoulos	f4cef63501	pam: corrected check for empty password Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 14:23:21 +02:00
Nikos Mavrogiannopoulos	b4b3f8978d	tlslib: eliminated unneeded code for GnuTLS >= 3.3.0 We already require GnuTLS 3.3.0 or later. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 14:23:09 +02:00

1 2 3 4 5 ...

3009 Commits