GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,085 Commits 19 Branches 88 Tags
708147d60a0c4e763e3d3f4851a643fe1d9d9234
Commit Graph

3085 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
aa57ee9f3b Merge branch 'tmp-harmonize-strings' into 'master' 
worker-http: use the same workaround string for all ciphersuites

Closes #193

See merge request openconnect/ocserv!93
 2019-01-10 18:47:04 +00:00
Nikos Mavrogiannopoulos
a67c45099f .gitlab-ci.yml: removed XFAIL from centos6; previous changes seem to fix it 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-01-10 19:30:36 +01:00
Nikos Mavrogiannopoulos
c02320ee50 worker-http: use the same workaround string for all ciphersuites 
Resolves #193

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-01-10 19:11:22 +01:00
Nikos Mavrogiannopoulos
a196fd3328 Merge branch 'tmp-dtls12' into 'master' 
Added support for DTLS1.2 with anyconnect clients

Closes #193 and #188

See merge request openconnect/ocserv!92
 2019-01-10 13:43:58 +00:00
Nikos Mavrogiannopoulos
232de85d17 doc update 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-01-10 13:03:03 +01:00
Nikos Mavrogiannopoulos
ec5ebd33a4 setup_dtls0_9_keys: renamed and updated log messages for clarity 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-01-10 13:03:03 +01:00
Nikos Mavrogiannopoulos
21bebfff41 worker-http: dropped txt_version 
All the versions checked were prior to the minimum gnutls
version we require.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-01-10 13:03:03 +01:00
Nikos Mavrogiannopoulos
acdd6d156b worker-http: added support for anyconnect DTLS1.2 ciphersuites 
This adds support for DTLS1.2 ciphersuite header as sent by anyconnect
clients.

Resolves #188
Resolves #193

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-01-10 13:02:40 +01:00
Nikos Mavrogiannopoulos
c441017f27 README.md: updated instructions on debian 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-01-06 20:10:48 +01:00
Nikos Mavrogiannopoulos
a5502022c2 .gitlab-ci.yml: skip Centos6 tests that fail 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-01-06 20:07:53 +01:00
Nikos Mavrogiannopoulos
923f697014 cfg_ini_handler: notify static analyzers that defvhost is always non-null 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-01-06 20:07:53 +01:00
Nikos Mavrogiannopoulos
2dfa37784d tests: moved server-cert-rsa-pss to dist_check_scripts 
The gnutls included in distributions is expected to work well
with RSA-PSS.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-01-06 20:07:53 +01:00
Nikos Mavrogiannopoulos
c1cb9c02f9 Merge branch 'add-logging-ipv6' into 'master' 
Add logging output when IPv6 is disabled.

See merge request openconnect/ocserv!90
 2018-11-19 05:42:43 +00:00
pumpkin031
34b39d213c Add logging output when IPv6 is disabled. 
Signed-off-by: pumpkin031 <www.carrotsoft@gmail.com>
 2018-11-19 10:04:29 +09:00
Nikos Mavrogiannopoulos
bba393868e Merge branch 'tmp-fix-per-group' into 'master' 
Enhance testsuite on per-group configuration and a minor fix

See merge request openconnect/ocserv!89
 2018-11-18 20:22:50 +00:00
Nikos Mavrogiannopoulos
d4a4e780fc plain: skip the empty group 
Previously we were incorrectly setting the '*' as the group name.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-11-18 21:06:24 +01:00
Nikos Mavrogiannopoulos
63479d6394 sec-mod: log sucessful authentication 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-11-18 21:06:24 +01:00
Nikos Mavrogiannopoulos
b181f20a2e tests: added functionality test for config-per-group 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-11-18 21:06:22 +01:00
Nikos Mavrogiannopoulos
9fcd4d1597 Merge branch 'tmp-pam-fix' into 'master' 
tests: added check with empty password

See merge request openconnect/ocserv!88
 2018-11-04 10:40:13 +00:00
Nikos Mavrogiannopoulos
39c6d578b5 doc: clarification on cookie operation 
This clarifies how cookies are expired, and how they affect
session accounting in radius.

Relates #166

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-09-22 21:35:57 +02:00
Nikos Mavrogiannopoulos
4e51e2a0ac tests: added check with empty password 
Relates #171

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-09-22 21:11:19 +02:00
Timo Förster
8f7a416aa4 Change documentation url for UsersFile. Fixes #163 
Signed-off-by: Timo Förster <tfoerster@webfoersterei.de>
 2018-08-07 10:35:31 +02:00
Nikos Mavrogiannopoulos
c9c50909b9 .gitlab-ci.yml: disabled asan job as it conflicts with cwrap tools in F28 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-07-23 21:18:44 +02:00
Nikos Mavrogiannopoulos
d6271f4470 Merge branch 'tmp-add-aes-256' into 'master' 
Added support for AES-256-CBC

See merge request openconnect/ocserv!86
 2018-07-20 20:31:52 +00:00
Nikos Mavrogiannopoulos
4f79db43b6 .gitlab-ci.yml: parallelize make check in fedora build 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-07-20 22:15:42 +02:00
Nikos Mavrogiannopoulos
3a330b8d85 tests: added unit tests for AES-128-GCM and AES-256-GCM 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-07-20 22:06:11 +02:00
Nikos Mavrogiannopoulos
579cfc0ead Added support for AES-256-CBC 
This enables support for AES-256 for anyconnect clients which
do not support AES-GCM. Also prioritized the 256-bit ciphers
higher than the 128-bit ones.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-07-20 21:58:49 +02:00
Nikos Mavrogiannopoulos
5a2bed6a58 .gitlab-ci.yml: updated for new debian build name 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-06-26 03:26:13 +02:00
Nikos Mavrogiannopoulos
6bc5da342f .gitlab-ci.yml: updated for new project 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-06-26 03:13:35 +02:00
Nikos Mavrogiannopoulos
2c460034a3 ocserv.8: link to openconnect(8) 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-06-26 02:24:34 +02:00
Nikos Mavrogiannopoulos
52c3a9fd09 worker-vpn: more reasonable messages for timeout and disconnections 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2018-06-19 16:52:23 +02:00
Nikos Mavrogiannopoulos
59e8dced79 radius: be more verbose with groups found 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-05-27 09:06:10 +02:00
Nikos Mavrogiannopoulos
20f7ea1355 README-radius.md: mention groupconfig=true relevance for Class attribute [ci skip] 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-05-13 08:37:54 +02:00
Nikos Mavrogiannopoulos
68c16a56b1 NEWS: updated for release 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-05-12 11:23:03 +02:00
Nikos Mavrogiannopoulos
9ca7da7689 added missing file 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
ocserv_0_12_1 		2018-05-12 08:20:59 +02:00
Nikos Mavrogiannopoulos
3dc6f95a6a released 0.12.1 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-05-12 08:17:22 +02:00
Nikos Mavrogiannopoulos
fefbce19dc Merge branch 'tmp-dont-break-configure' into 'master' 
configure: don't break on ubuntu

See merge request ocserv/ocserv!85
 2018-05-12 05:34:44 +00:00
Nikos Mavrogiannopoulos
c1aee4fe9a configure: bumped version 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-05-12 05:20:02 +00:00
Nikos Mavrogiannopoulos
ece70b0d6c configure: always work-around brokenness of gnutls_certificate_set_key 
That is, instead of requiring the user to explicitly pass --with-broken-gnutls
warn at the end of the configure script.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-05-12 05:20:02 +00:00
Nikos Mavrogiannopoulos
107b6440ad Merge branch 'tmp-fix-forking-behavior' into 'master' 
fix ocserv's forking behavior

Closes #154

See merge request ocserv/ocserv!84
 2018-05-11 20:22:23 +00:00
Nikos Mavrogiannopoulos
807ce345de main: create a sec-mod socket file independent of pid 
That addresses the issue of not being able to run under systemd,
or under non-forking mode. Added test case to detect proper
operation.

Resolves #154

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-05-11 22:04:28 +02:00
Nikos Mavrogiannopoulos
579d99ee39 ocserv: added the --no-chdir command line option 
This allows running on the background but without changing the
current directory.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-05-10 20:03:50 +02:00
Nikos Mavrogiannopoulos
e1c3ed95b0 doc update [ci skip] 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-05-04 23:37:34 +02:00
Nikos Mavrogiannopoulos
187774d597 Merge branch 'tmp-fix-cert-release' into 'master' 
configure: refuse to compile with known dependency issues

Closes #152

See merge request ocserv/ocserv!83
 2018-05-04 21:36:24 +00:00
Nikos Mavrogiannopoulos
094145bf54 configure: refuse to compile with known dependency issues 
In particular require gnutls 3.5.5 which fixes cleanups in
gnutls_certificate_set_key(), or a recent version of
the 3.3.x branch. When forced to use a broken version work-around
issues (at the cost of a memory leak).

Resolves #152

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-05-04 23:21:37 +02:00
Nikos Mavrogiannopoulos
bbc7958490 doc: fail safe when ronn is not available 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-04-23 22:07:10 +02:00
Nikos Mavrogiannopoulos
d989b925c4 doc: corrected typo in manpage generation 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2018-04-23 21:57:16 +02:00
Nikos Mavrogiannopoulos
3a74ea81ea doc: dist_man_MANS are defined unconditionally 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2018-04-23 11:16:56 +02:00
Nikos Mavrogiannopoulos
a65b3444cb tests: ship missing test [ci skip] 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2018-04-23 11:13:13 +02:00
Nikos Mavrogiannopoulos
601ce35a89 doc: added missing file 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
ocserv_0_12_0 		2018-04-22 10:54:58 +02:00