Nikos Mavrogiannopoulos
04f3923ca2
occtl: fix json output in show status
2015-07-03 16:22:10 +02:00
Nikos Mavrogiannopoulos
49de6d0586
occtl: added option --no-pager
2015-07-03 15:36:38 +02:00
Nikos Mavrogiannopoulos
7b87fa4459
occtl: document -j in manpage
2015-07-03 15:31:41 +02:00
Nikos Mavrogiannopoulos
6e77f14bad
corrected JSON array output
2015-07-03 14:24:14 +02:00
Nikos Mavrogiannopoulos
f895ff54fd
Only include grouplist functions when they are needed
2015-07-01 20:59:54 +02:00
Nikos Mavrogiannopoulos
62050bec87
occtl: corrected bug in json checks
2015-07-01 11:42:51 +02:00
Nikos Mavrogiannopoulos
800021234c
don't set the wr_set in select (previously it was only ignored in pselect)
2015-06-29 15:59:41 +02:00
Nikos Mavrogiannopoulos
3f48b31a9e
use quotes in all examples to avoid issues in modifications
2015-06-29 15:33:16 +02:00
Nikos Mavrogiannopoulos
8b186fb53a
Allow specifying a PIN and SRK PIN in the config file
...
That pin will be used to decrypt encrypted key files as well.
2015-06-25 14:12:57 +02:00
Nikos Mavrogiannopoulos
9d621d2b5d
certificates and keys were moved to permanent configuration
2015-06-25 13:38:59 +02:00
Nikos Mavrogiannopoulos
696b64dd98
worker: provide log messages in more failure paths
2015-06-23 09:59:01 +02:00
Nikos Mavrogiannopoulos
321bb72ede
combined cfg.h and common-config.h
2015-06-17 09:56:50 +02:00
Nikos Mavrogiannopoulos
59e0d574fc
improved variable name
2015-06-17 09:54:00 +02:00
Nikos Mavrogiannopoulos
a5b2175219
Lifted the limit by MAX_CONFIG_ENTRIES
...
Now entries in the configuration file are limited by available
memory.
2015-06-17 09:52:02 +02:00
Nikos Mavrogiannopoulos
042a0729f3
gssapi: allow auto-select-group option to work
2015-06-11 15:54:10 +02:00
Nikos Mavrogiannopoulos
005d3f4376
gssapi: allow group setting using getpwnam
2015-06-11 15:40:42 +02:00
Nikos Mavrogiannopoulos
d1a209c369
radius: add PW_ACCT_INTERIM_INTERVAL when compiling against old implementations
2015-06-09 09:24:12 +02:00
Nikos Mavrogiannopoulos
808832d40e
radius: updated radcli header
2015-06-08 20:32:52 +02:00
Nikos Mavrogiannopoulos
ac3945268a
define perm_cfg_st as struct in cfg.h to reduce warnings
2015-06-08 09:22:41 +02:00
Nikos Mavrogiannopoulos
29acc1f524
when using a UNIX socket get our IP from the UDP socket
...
That is only for DTLS clients, and for the IP the worker advertizes
to the security module.
2015-06-08 09:18:21 +02:00
Nikos Mavrogiannopoulos
21f08be56a
improved error messages when radius packet forming fails
2015-06-06 08:37:29 +02:00
Nikos Mavrogiannopoulos
2bce9455a0
use radcli as the radius library if found
2015-06-05 22:36:02 +02:00
Nikos Mavrogiannopoulos
16ea4a059f
When we receive a data packet in the CSTP channel switch communication to it
...
That will reduce delay time if the DTLS channel is unresponsive and our
peer switched to CSTP already. That switch will be undone if our peer
switches back and starts sending DTLS.
2015-06-05 14:56:23 +02:00
Nikos Mavrogiannopoulos
54ad0a413c
occtl: properly escape JSON strings
2015-05-29 09:52:54 +02:00
Nikos Mavrogiannopoulos
374ae17a4d
split KKDCP config line parsing from config.c
2015-05-28 15:53:26 +02:00
Nikos Mavrogiannopoulos
70f9256d8c
Allow IPv6 addresses in KKDCP
2015-05-28 14:37:33 +02:00
Nikos Mavrogiannopoulos
b63f0b4cce
ping: check for ICMPv6 unreachable packets when in IPv6
2015-05-27 12:04:40 +02:00
Nikos Mavrogiannopoulos
a0c2ac4c3f
ping: cleanup code
2015-05-27 11:06:07 +02:00
Nikos Mavrogiannopoulos
89500cb205
removed dbus option
2015-05-26 16:12:49 +02:00
Nikos Mavrogiannopoulos
1ca573ff16
occtl: added --json option
...
This allows to parse the output data using automated tools.
2015-05-26 16:09:25 +02:00
Nikos Mavrogiannopoulos
542b9b6f24
plain auth: use strsep() to allow an empty group string
2015-05-26 10:45:08 +02:00
Nikos Mavrogiannopoulos
647f36041a
pcl: include headers for getpid and memcpy
2015-05-26 10:25:14 +02:00
Nikos Mavrogiannopoulos
26e2534404
use casts for systems where time_t is longer than 32-bits
...
Suggested by Stuart Henderson.
2015-05-26 10:24:16 +02:00
Nikos Mavrogiannopoulos
f7412a7fdd
better text for group prompt
2015-05-25 13:11:30 +02:00
Nikos Mavrogiannopoulos
36bd7e10fd
use IPV6_PATHMTU socket option instead of IPV6_MTU
...
The former is portable and available on BSD systems.
2015-05-24 17:04:49 +02:00
Nikos Mavrogiannopoulos
00213a4e41
don't exit if isolated-workers isset
2015-05-24 11:14:59 +02:00
Nikos Mavrogiannopoulos
9c0ebd3c81
document the fact that some clients fail if rekey is disabled
2015-05-23 11:15:07 +02:00
Nikos Mavrogiannopoulos
95ae123a57
added dots to prompt messages
2015-05-22 06:45:49 +02:00
Nikos Mavrogiannopoulos
c371a91736
corrected memset usage
2015-05-21 11:04:30 +02:00
Nikos Mavrogiannopoulos
80a925a2cf
avoid null pointer dereference in config parsing
2015-05-21 11:02:43 +02:00
Nikos Mavrogiannopoulos
73c9c56a01
check the return value of inet_pton
2015-05-21 10:58:46 +02:00
Nikos Mavrogiannopoulos
76f2c91e6b
move the password counter to the label
...
That addresses issue with anyconnect clients which require
the name to be called password.
2015-05-20 13:17:18 +02:00
Nikos Mavrogiannopoulos
7b786ed486
when the password label matches the message, set no message
2015-05-20 11:25:34 +02:00
Nikos Mavrogiannopoulos
75646402ee
PAM: improved log message in conv to include prompt
2015-05-20 10:04:16 +02:00
Nikos Mavrogiannopoulos
c60a0bce50
Combined password prompt and message
...
That is because there are clients (anyconnect) which only print
the message but not the prompt.
2015-05-20 10:01:25 +02:00
Nikos Mavrogiannopoulos
705f1f3efc
do not print error message when a new password is requested
2015-05-20 09:55:30 +02:00
Nikos Mavrogiannopoulos
2d386261ac
don't use default messages for first prompt - allow worker to set it
2015-05-19 18:28:01 +02:00
Nikos Mavrogiannopoulos
cdd5dcd9c3
updated for new format of msgs
2015-05-19 18:27:41 +02:00
Nikos Mavrogiannopoulos
c9b45fabef
do not send interim-updates on init
2015-05-19 18:05:12 +02:00
Nikos Mavrogiannopoulos
27b1541c31
print information on the config backend used
2015-05-19 18:04:30 +02:00
