GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 08:46:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
271 Commits 19 Branches 88 Tags
72e086be00be636b8c5c76228a937cd5c4e95d49
Commit Graph

271 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
72e086be00 combine writes to a single system call. 2013-03-15 18:49:54 +01:00
Nikos Mavrogiannopoulos
3883e930c7 updated syscall list in seccomp 2013-03-15 18:42:32 +01:00
Nikos Mavrogiannopoulos
5a4ce846b7 The TLS private keys are kept into a privileged process. 
That process is called security-module (sec-mod) and communicates
with the workers using a unix domain socket.
 2013-03-15 17:47:38 +01:00
Nikos Mavrogiannopoulos
73a532b5c5 Always send the provided password to PAM irrespective of the prompt. 2013-03-14 16:26:16 +01:00
Nikos Mavrogiannopoulos
0be2b2a054 crypt(3) is used in the plain password file. 
In addition, ocpasswd program was added to generate password file entries.
 2013-03-14 16:23:47 +01:00
Nikos Mavrogiannopoulos
8d6af501c0 Added ocpasswd 2013-03-14 13:05:30 +01:00
Nikos Mavrogiannopoulos
9224a02b77 Updated sample script. 2013-03-13 19:19:45 +01:00
Nikos Mavrogiannopoulos
b552f27ddb Do not let scripts block the server operation. 2013-03-13 19:18:52 +01:00
Nikos Mavrogiannopoulos
0c4b013b3f Added plain password format 2013-03-12 23:40:11 +01:00
Nikos Mavrogiannopoulos
4c5c9110e8 small doc updates 2013-03-11 19:51:12 +01:00
Nikos Mavrogiannopoulos
1eeb33d5d7 enable session tickets. 2013-03-11 19:49:33 +01:00
Nikos Mavrogiannopoulos
979729e8a3 manual page moved to section 8 2013-03-07 10:45:36 +01:00
Nikos Mavrogiannopoulos
b0a99ad57c doc update 2013-03-07 10:43:45 +01:00
Nikos Mavrogiannopoulos
23977b5359 Added ability to specify multiple certificate and key pairs. 2013-03-07 09:51:50 +01:00
Nikos Mavrogiannopoulos
a0f1867c58 Allow setting DH parameters. 2013-03-07 09:19:25 +01:00
Nikos Mavrogiannopoulos
fcd075e6ac check the server certificate prior to initialization 2013-03-07 00:26:52 +01:00
Nikos Mavrogiannopoulos
67c6f0f4d5 Added sanity check on certificate and key reading. 2013-03-06 23:46:41 +01:00
Nikos Mavrogiannopoulos
f828de76b4 Exit when mandatory configuration options are not present 2013-03-06 23:46:05 +01:00
Nikos Mavrogiannopoulos
b2e8137dde rate-limit-ms is no longer mandatory to set 2013-03-06 23:43:51 +01:00
Nikos Mavrogiannopoulos
66a8ab6ad8 updated doc 2013-03-05 22:09:43 +01:00
Nikos Mavrogiannopoulos
99e34f13a2 updated 2013-03-05 09:05:01 +01:00
Nikos Mavrogiannopoulos
b87baa4b3b released 0.0.2 ocserv_0_0_2 2013-03-05 08:54:27 +01:00
Nikos Mavrogiannopoulos
f68a039e59 updated text 2013-03-05 08:50:35 +01:00
Nikos Mavrogiannopoulos
d47d4b8da5 seccomp is disabled by default 2013-03-05 08:39:55 +01:00
Nikos Mavrogiannopoulos
6c54a37e69 Allow setting OCSP responses. 2013-03-05 01:42:25 +01:00
Nikos Mavrogiannopoulos
8ffe2f9d26 corrected advertized address 2013-03-04 22:22:27 +01:00
Nikos Mavrogiannopoulos
f05c0c839e small optimizations 2013-03-04 21:18:15 +01:00
Nikos Mavrogiannopoulos
d547cbea65 doc update 2013-03-04 20:45:42 +01:00
Nikos Mavrogiannopoulos
90517977e2 updated 2013-03-04 20:20:39 +01:00
Nikos Mavrogiannopoulos
4a114e7641 unified POST handlers, and auto-detect xml content 2013-03-04 20:07:30 +01:00
Nikos Mavrogiannopoulos
244135268f corrected check for banned entries 2013-03-04 19:50:08 +01:00
Nikos Mavrogiannopoulos
efd36016a5 Eliminated memory leaks on lists. 2013-03-04 19:43:32 +01:00
Nikos Mavrogiannopoulos
432a2da897 Allow setting a reconnection delay time after a failed authentication attempt (added min-reauth-time option). 2013-03-04 19:42:10 +01:00
Nikos Mavrogiannopoulos
2674af5aec Allow longer sleeps than a second. 2013-03-04 18:52:47 +01:00
Nikos Mavrogiannopoulos
ce3bf1c22a corrected typo 2013-03-04 18:44:56 +01:00
Nikos Mavrogiannopoulos
ecd90b533e Allow setting a rate limit on the number of connections. 2013-03-04 06:23:58 +01:00
Nikos Mavrogiannopoulos
2037c62b6e updated doc 2013-03-04 06:05:49 +01:00
Nikos Mavrogiannopoulos
e086214aa3 do not link against 3.1.7 or 8 version of gnutls. 2013-03-04 06:03:08 +01:00
Nikos Mavrogiannopoulos
62392660cd Anyconnect client compatibility is optional. 2013-03-02 15:35:16 +01:00
Nikos Mavrogiannopoulos
9900ff6060 simplified certificate request and require setting. 2013-03-01 23:39:47 +01:00
Nikos Mavrogiannopoulos
4ca6484129 fix the 'local' keyword in DNS server settings. 2013-03-01 23:32:06 +01:00
Nikos Mavrogiannopoulos
10d1215a1f doc update 2013-03-01 22:07:37 +01:00
Nikos Mavrogiannopoulos
f532a7275c corrected cert require rule 2013-03-01 22:01:18 +01:00
Nikos Mavrogiannopoulos
ef18851237 Added option to allow sending a cookie without the corresponding certificate. 
This option is required for the cisco clients, that do not always use the
client certificate. When this option is set to false it means that the cookie
itself is sufficient for authentication. This is bad practice of smart cards
are in use.
 2013-03-01 21:54:49 +01:00
Nikos Mavrogiannopoulos
394493dbcb use chdir prior to chroot. 2013-03-01 21:26:19 +01:00
Nikos Mavrogiannopoulos
41e8d020b5 Several updates to handle URLs requested by the cisco client. 2013-03-01 19:52:10 +01:00
Nikos Mavrogiannopoulos
27b3378d40 Send correct replies. 2013-02-27 23:29:07 +01:00
Nikos Mavrogiannopoulos
0dd43943a2 Added title into success message 2013-02-27 23:20:52 +01:00
Nikos Mavrogiannopoulos
6636541d7c always set max-age 2013-02-27 23:10:28 +01:00
Nikos Mavrogiannopoulos
83c9793033 include banner in the XML success message. 2013-02-27 22:29:10 +01:00