Nikos Mavrogiannopoulos
6647ddcbd3
tests: use unique temp files
2015-02-24 16:22:34 +01:00
Nikos Mavrogiannopoulos
cb52dd943e
worker: if a client retries a POST/GET request without the X-Support-HTTP header switch method
...
That allows openconnect to retry using password authentication if it
has no ticket or so. To advertize that behavior we set the header
X-HTTP-Auth-Support: fallback
in our 401 response.
2015-02-24 16:15:01 +01:00
Nikos Mavrogiannopoulos
ca9b7e6e7d
check all methods when using ws_switch_auth_to()
2015-02-24 15:49:30 +01:00
Nikos Mavrogiannopoulos
12ebe6b005
unix-test: added lz4 in fedora
2015-02-24 14:50:54 +01:00
Nikos Mavrogiannopoulos
6494ea6600
when stealing values do not reallocate them
2015-02-24 13:53:41 +01:00
Nikos Mavrogiannopoulos
29e834da4d
plain authentication uses the new parsing method
2015-02-24 13:53:37 +01:00
Nikos Mavrogiannopoulos
c5bba80854
pam uses the new sub-config format
2015-02-24 13:39:46 +01:00
Nikos Mavrogiannopoulos
43caa1be14
radius will use the new sub-config format
2015-02-24 13:04:28 +01:00
Nikos Mavrogiannopoulos
efa0f510d7
tests: test-gssapi: use require-local-user-map=false
2015-02-24 11:52:00 +01:00
Nikos Mavrogiannopoulos
e16ae6614c
Added more advanced suboption parser
...
That adds the ability to parse options in the form:
auth = "gssapi[option1=value1,option2=value2,...]
It also introduces the keytab, and require-local-user-map
suboptions for gssapi.
2015-02-24 11:50:55 +01:00
Nikos Mavrogiannopoulos
7b9e5a9f2a
when printing session information in log restrict to 5 chars
2015-02-24 10:41:34 +01:00
Nikos Mavrogiannopoulos
9b10323c2f
tests: fix IPs in unix-test
2015-02-23 19:20:18 +01:00
Nikos Mavrogiannopoulos
3c36f96de5
tests: set the proper hostname to KDC in kerberos-test
2015-02-23 19:12:14 +01:00
Nikos Mavrogiannopoulos
08c5ddea7e
tests: updated checks for gssapi
2015-02-23 16:52:50 +01:00
Nikos Mavrogiannopoulos
3caa7bb144
README: added krb5 dependency
2015-02-23 16:04:01 +01:00
Nikos Mavrogiannopoulos
6b0b8e5afc
tests: changed IP addresses of radius and PAM tests to not collide with full-test
2015-02-23 15:53:52 +01:00
Nikos Mavrogiannopoulos
4934cecdd6
doc update
2015-02-23 15:21:11 +01:00
Nikos Mavrogiannopoulos
40e96aae45
Separated accounting from authentication.
2015-02-23 15:19:44 +01:00
Nikos Mavrogiannopoulos
783be933e5
tests: updated kerberos-test
2015-02-23 09:34:06 +01:00
Nikos Mavrogiannopoulos
88e008cda3
radius: when sending accounting information include any updated IP
2015-02-23 09:34:06 +01:00
Nikos Mavrogiannopoulos
551e3b38c5
tests: added liblz4 into unix test and fixed IP addresses
2015-02-22 22:17:40 +01:00
Nikos Mavrogiannopoulos
e7f0b1f947
keep statistics over the lifetime of a session rather than closing and opening the session multiple times
2015-02-22 22:01:47 +01:00
Nikos Mavrogiannopoulos
40829b037e
when generating a unique SID check if it already exists
2015-02-22 11:02:21 +01:00
Nikos Mavrogiannopoulos
1fbbfa7862
tests: added more dependencies for debian docker image
2015-02-22 10:48:06 +01:00
Nikos Mavrogiannopoulos
31fe29c433
test gssapi/kerberos only when compiled with gssapi support
2015-02-22 10:40:51 +01:00
Nikos Mavrogiannopoulos
bc7c1bf8d9
check state on session cmd
2015-02-22 10:35:52 +01:00
Nikos Mavrogiannopoulos
9682a0f635
when combining multiple auth methods as primary, combine the name as well
2015-02-22 10:31:55 +01:00
Nikos Mavrogiannopoulos
151b716cb1
corrected command issue check
2015-02-22 10:14:03 +01:00
Nikos Mavrogiannopoulos
de932ec60a
removed pointless check
2015-02-22 10:08:10 +01:00
Nikos Mavrogiannopoulos
646b4ee1ec
main print username in new cookie session
2015-02-21 17:14:23 +01:00
Nikos Mavrogiannopoulos
f1bc754169
add part of the session ID in logs to differentiate them
2015-02-21 17:14:09 +01:00
Nikos Mavrogiannopoulos
39494d54ed
fixed sample.config
2015-02-21 16:59:52 +01:00
Nikos Mavrogiannopoulos
979a2be68f
sec-mod: check for expiration time of -1
2015-02-21 16:51:34 +01:00
Nikos Mavrogiannopoulos
89ca2a3889
sec-mod: prevent an auth init message when not in inactive mode
2015-02-21 16:40:53 +01:00
Nikos Mavrogiannopoulos
06e0c69f1d
sec-mod: maintainance time was increased to be over the default cookie expiration time
2015-02-21 16:34:55 +01:00
Nikos Mavrogiannopoulos
30300cf65e
sec-mod: more verbose logging
2015-02-21 16:32:14 +01:00
Nikos Mavrogiannopoulos
218162458e
sec-mod: corrected usage counting issue in client entries kept
2015-02-21 10:03:33 +01:00
Nikos Mavrogiannopoulos
349cced46f
doc update
2015-02-21 08:25:58 +01:00
Nikos Mavrogiannopoulos
f3dc88f427
radius: improved log messages consistency
2015-02-21 08:20:35 +01:00
Nikos Mavrogiannopoulos
c1a6f4730b
Added the configure option server-name
...
If set it will be used to set the NAS_IDENTIFIER in radius.
2015-02-21 08:20:16 +01:00
Nikos Mavrogiannopoulos
4e459c578a
tests: use env variable to leave the docker image open
2015-02-20 14:06:57 +01:00
Nikos Mavrogiannopoulos
4a3668897d
log http status replies
2015-02-20 14:06:28 +01:00
Nikos Mavrogiannopoulos
f3ba75146f
renamed X-Support-SPNEGO to X-Support-HTTP-Auth
2015-02-20 12:28:36 +01:00
Nikos Mavrogiannopoulos
2557944bf0
eliminated unneeded variable
2015-02-19 19:29:03 +01:00
Nikos Mavrogiannopoulos
b8964373c8
radius-test: fixed wrong password test
2015-02-19 17:41:32 +01:00
Nikos Mavrogiannopoulos
ecf5ec3391
tests: added the kerberos libs as dependencies
2015-02-19 17:41:20 +01:00
Nikos Mavrogiannopoulos
d7b4a28325
radius: fixed config string parsing
2015-02-19 17:38:19 +01:00
Nikos Mavrogiannopoulos
35a586a85c
tests: fixed explicit-ip check
2015-02-19 17:20:52 +01:00
Nikos Mavrogiannopoulos
98f88f2060
sec-mod-auth: use auth_user module function only when a module is available
2015-02-19 17:11:56 +01:00
Nikos Mavrogiannopoulos
08d4f7cfe3
tests: added PAM test suite
2015-02-19 17:08:24 +01:00
