GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,386 Commits 19 Branches 88 Tags
57cbb43a3bd07be32d7131f31a071754092a9c68
Commit Graph

1386 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
57cbb43a3b advertise a new DTLS session only when it is one 2014-11-15 12:32:31 +01:00
Nikos Mavrogiannopoulos
79668eb5e5 partially reverted b924eba1ac 
The timeouts were reset to the original values.
 2014-11-15 10:21:26 +01:00
Nikos Mavrogiannopoulos
845562201a doc update 2014-11-15 10:10:18 +01:00
Nikos Mavrogiannopoulos
a4ec19eb55 disable matching of IPs when the listen-clear-file option is set 2014-11-15 09:50:35 +01:00
Nikos Mavrogiannopoulos
b924eba1ac reduced the severity of log messages when forwarding packets and reduced the timeouts 2014-11-10 16:05:02 +01:00
Nikos Mavrogiannopoulos
0311dc6291 doc update 2014-10-31 11:37:52 +01:00
Nikos Mavrogiannopoulos
12fb56a3b6 when reporting errors, mention the username of the relevant client 2014-10-31 11:37:29 +01:00
Nikos Mavrogiannopoulos
c9c9c9c32d corrected typo 2014-10-31 11:37:29 +01:00
Nikos Mavrogiannopoulos
00cb1762ac doc update 2014-10-27 23:53:39 +01:00
Nikos Mavrogiannopoulos
96b4d922e8 increased the SID_SIZE (cookie used during authentication phase) to 128 bits 2014-10-27 23:51:55 +01:00
Nikos Mavrogiannopoulos
5fa95fe9e7 send session information from worker to parent twice 
That allows to account changes after DTLS is established (e.g.,
send the DTLS ciphersuite name).
 2014-10-27 23:49:33 +01:00
Nikos Mavrogiannopoulos
f9627732ff TODO update 2014-10-27 17:05:23 +01:00
Nikos Mavrogiannopoulos
53005a2cfd use hash tables to locate proc entries 
That would avoid a walk on all connected clients, when a
new UDP session starts.
 2014-10-27 15:01:05 +01:00
Nikos Mavrogiannopoulos
81107b80f8 doc update 2014-10-27 13:46:16 +01:00
Nikos Mavrogiannopoulos
be2c8b3cc5 when selecting a DTLS ciphersuite try to ensure it matches the CSTP 2014-10-27 11:03:38 +01:00
Nikos Mavrogiannopoulos
f0871989a8 remove the disable safe renegotiation flag from DTLS 2014-10-27 10:14:54 +01:00
Nikos Mavrogiannopoulos
ad049ddd74 updated synopsis 2014-10-26 16:15:57 +01:00
Nikos Mavrogiannopoulos
ea057ed7f4 released 0.8.7 ocserv_0_8_7 2014-10-26 12:37:48 +01:00
Nikos Mavrogiannopoulos
caaf71c792 use 3des-pkcs12 in the documentation for the generation of PKCS #12 structures 
That format seems to be compatible with more clients (e.g. Anyconnect).
 2014-10-19 22:41:47 +02:00
Nikos Mavrogiannopoulos
2069af24a8 disable SSL 3.0 on the default priorities 2014-10-17 11:01:28 +02:00
Nikos Mavrogiannopoulos
c2856e2ee6 disabled session control by default in sample.config 2014-10-15 07:58:36 +02:00
Nikos Mavrogiannopoulos
b5d64c2040 doc update 2014-10-11 08:29:51 +02:00
Nikos Mavrogiannopoulos
120e49b26b only enable session control when a username/password authentication is used 2014-10-11 08:28:04 +02:00
Nikos Mavrogiannopoulos
473ceebe4c Added sanity checks into sec-mod 
That prevents a crash when certificate authentication is
used but session control is enabled. Reported by George Panda.
 2014-10-11 08:25:17 +02:00
Nikos Mavrogiannopoulos
1a32efbe20 enable non-blocking DTLS timers 2014-10-10 10:49:52 +02:00
Nikos Mavrogiannopoulos
739276fcbe removed no longer relevant todo entries 2014-10-09 20:17:29 +02:00
Nikos Mavrogiannopoulos
aafa981ed9 doc update 2014-10-09 20:15:53 +02:00
Nikos Mavrogiannopoulos
ba6455c6e1 bumped version 2014-10-08 23:14:22 +02:00
Nikos Mavrogiannopoulos
b2a608dfec doc update 2014-10-08 23:14:22 +02:00
Nikos Mavrogiannopoulos
ccfa8cd936 corrected typo 2014-10-07 15:46:07 +02:00
Nikos Mavrogiannopoulos
288a81f4c9 changes for non-blocking sockets 2014-10-06 00:07:58 +02:00
Nikos Mavrogiannopoulos
ccd07f96fc use non-blocking sockets in worker process 2014-10-05 22:13:08 +02:00
Nikos Mavrogiannopoulos
db48e3db07 added set_non_block() 2014-10-05 22:00:53 +02:00
Nikos Mavrogiannopoulos
5a32ad3f3f corrected typo 2014-10-05 19:34:28 +02:00
Nikos Mavrogiannopoulos
4cf06b934c released 0.8.6 ocserv_0_8_6 2014-10-05 19:30:27 +02:00
Nikos Mavrogiannopoulos
2ab42ed1f2 simplified FATAL_ERR_CMD() 2014-10-05 14:47:21 +02:00
Nikos Mavrogiannopoulos
60d3891b3b doc update 2014-10-05 14:43:15 +02:00
Nikos Mavrogiannopoulos
0390f21db6 added recv_timeout() to replace force_read_timeout() in socket reading 2014-10-05 14:41:45 +02:00
Nikos Mavrogiannopoulos
02dcbe6e56 cleanup of cstp_recv() and cstp_recv_nb() 2014-10-05 14:41:44 +02:00
Nikos Mavrogiannopoulos
c2640d0076 updated to libopts 5.18.4 ocserv_0_8_5_1 2014-10-04 10:09:31 +02:00
Nikos Mavrogiannopoulos
442ea48f2b released 0.8.5 ocserv_0_8_5 2014-10-03 20:32:51 +02:00
Nikos Mavrogiannopoulos
9118736555 eliminated last uses of force_close() 2014-10-02 09:37:21 +02:00
Nikos Mavrogiannopoulos
ef7fb7d594 Revert "use force_close() on server to avoid descriptor leaks" 
This reverts commit f622f6696c.
 2014-10-02 09:36:22 +02:00
Nikos Mavrogiannopoulos
3a455f4178 listen-file -> listen-clear-file 2014-09-28 09:06:14 +02:00
Nikos Mavrogiannopoulos
e2585b2f26 unix-conn-file -> listen-file 2014-09-26 08:54:41 +02:00
Nikos Mavrogiannopoulos
1cb35b8b09 use more reasonable names to open and close a session 2014-09-25 16:41:54 +02:00
Nikos Mavrogiannopoulos
4674508188 override the user's group prior to opening the group configuration file 
That prevented opening group configuration for users that had their
group in a certificate. Reported by Norbert Paschedag.
 2014-09-25 12:17:03 +02:00
Nikos Mavrogiannopoulos
bdcd27d13e optional-certificate was renamed to certificate[optional] 2014-09-25 10:36:46 +02:00
Nikos Mavrogiannopoulos
accdb24050 allow positive values to waitpid 2014-09-25 10:26:50 +02:00
Nikos Mavrogiannopoulos
f4de7e7757 increased the verbosity of shutdown messages 2014-09-25 10:04:00 +02:00