ocserv

mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 08:46:58 +08:00

Author	SHA1	Message	Date
Nikos Mavrogiannopoulos	7abfb3e800	call disconnect script only if the user was on connected state	2014-12-02 08:34:20 +01:00
Nikos Mavrogiannopoulos	6bfd5db245	separate log messages between up and down script	2014-12-02 08:27:32 +01:00
Nikos Mavrogiannopoulos	230b6adca0	doc update	2014-12-01 23:15:31 +01:00
Nikos Mavrogiannopoulos	af91c73924	tests: satisfy latest docker's restrictions	2014-12-01 23:14:22 +01:00
Nikos Mavrogiannopoulos	5019c4cebe	tests: try to check stats only when file is present	2014-12-01 23:08:12 +01:00
Nikos Mavrogiannopoulos	d7ec6a168e	run the down script even if the client's IP address has been re-used	2014-12-01 22:56:31 +01:00
Nikos Mavrogiannopoulos	7b0e20e6ad	sec-mod: made logging consistent with the main server	2014-12-01 22:49:09 +01:00
Nikos Mavrogiannopoulos	c402c03d09	doc update	2014-11-30 14:44:08 +01:00
Nikos Mavrogiannopoulos	cb9dcde387	Notify the client that the server may have a dynamic DNS address That is send "X-CSTP-DynDNS: true", in CSTP headers if the server is configured as having a dynamic DNS address.	2014-11-30 11:30:08 +01:00
Nikos Mavrogiannopoulos	9a7a9a36a1	use define _XOPEN_SOURCE to get crypt()	2014-11-29 19:49:38 +01:00
Nikos Mavrogiannopoulos	987974a59e	sec-mod: print whether a certificate is present	2014-11-27 13:33:02 +01:00
Nikos Mavrogiannopoulos	74aa65bfa0	enhanced sample.config	2014-11-26 17:09:54 +01:00
Nikos Mavrogiannopoulos	ece3324e40	forward to gnutls manual for priority string documentation	2014-11-25 21:59:40 +01:00
Nikos Mavrogiannopoulos	f96177ebe8	released 0.8.8 ocserv_0_8_8	2014-11-22 15:25:38 +01:00
Nikos Mavrogiannopoulos	8f84801c32	use TCP_NOPUSH in systems that support it (FreeBSD)	2014-11-18 22:29:37 +01:00
Nikos Mavrogiannopoulos	0320f61e3f	Disable RC4 in the default priority strings	2014-11-18 22:23:02 +01:00
Nikos Mavrogiannopoulos	dc8c340bed	bumped version	2014-11-17 20:16:47 +01:00
Nikos Mavrogiannopoulos	141bc755ad	when generating the DTLS session ID set its size as well	2014-11-16 12:36:20 +01:00
Nikos Mavrogiannopoulos	bf2e8c8cd6	added oclog_hex()	2014-11-16 12:34:30 +01:00
Nikos Mavrogiannopoulos	6103f5066d	doc update	2014-11-16 10:04:59 +01:00
Nikos Mavrogiannopoulos	78b3685f7a	Generate a new DTLS session ID on every cookie connection That allows openconnect to distinguish when the DTLS key has switched.	2014-11-16 10:00:15 +01:00
Nikos Mavrogiannopoulos	01bbb5cfa1	print the username earlier in log	2014-11-16 09:15:28 +01:00
Nikos Mavrogiannopoulos	f1e71ec597	improved logged messages	2014-11-15 12:47:30 +01:00
Nikos Mavrogiannopoulos	57cbb43a3b	advertise a new DTLS session only when it is one	2014-11-15 12:32:31 +01:00
Nikos Mavrogiannopoulos	79668eb5e5	partially reverted `b924eba1ac` The timeouts were reset to the original values.	2014-11-15 10:21:26 +01:00
Nikos Mavrogiannopoulos	845562201a	doc update	2014-11-15 10:10:18 +01:00
Nikos Mavrogiannopoulos	a4ec19eb55	disable matching of IPs when the listen-clear-file option is set	2014-11-15 09:50:35 +01:00
Nikos Mavrogiannopoulos	b924eba1ac	reduced the severity of log messages when forwarding packets and reduced the timeouts	2014-11-10 16:05:02 +01:00
Nikos Mavrogiannopoulos	0311dc6291	doc update	2014-10-31 11:37:52 +01:00
Nikos Mavrogiannopoulos	12fb56a3b6	when reporting errors, mention the username of the relevant client	2014-10-31 11:37:29 +01:00
Nikos Mavrogiannopoulos	c9c9c9c32d	corrected typo	2014-10-31 11:37:29 +01:00
Nikos Mavrogiannopoulos	00cb1762ac	doc update	2014-10-27 23:53:39 +01:00
Nikos Mavrogiannopoulos	96b4d922e8	increased the SID_SIZE (cookie used during authentication phase) to 128 bits	2014-10-27 23:51:55 +01:00
Nikos Mavrogiannopoulos	5fa95fe9e7	send session information from worker to parent twice That allows to account changes after DTLS is established (e.g., send the DTLS ciphersuite name).	2014-10-27 23:49:33 +01:00
Nikos Mavrogiannopoulos	f9627732ff	TODO update	2014-10-27 17:05:23 +01:00
Nikos Mavrogiannopoulos	53005a2cfd	use hash tables to locate proc entries That would avoid a walk on all connected clients, when a new UDP session starts.	2014-10-27 15:01:05 +01:00
Nikos Mavrogiannopoulos	81107b80f8	doc update	2014-10-27 13:46:16 +01:00
Nikos Mavrogiannopoulos	be2c8b3cc5	when selecting a DTLS ciphersuite try to ensure it matches the CSTP	2014-10-27 11:03:38 +01:00
Nikos Mavrogiannopoulos	f0871989a8	remove the disable safe renegotiation flag from DTLS	2014-10-27 10:14:54 +01:00
Nikos Mavrogiannopoulos	ad049ddd74	updated synopsis	2014-10-26 16:15:57 +01:00
Nikos Mavrogiannopoulos	ea057ed7f4	released 0.8.7 ocserv_0_8_7	2014-10-26 12:37:48 +01:00
Nikos Mavrogiannopoulos	caaf71c792	use 3des-pkcs12 in the documentation for the generation of PKCS #12 structures That format seems to be compatible with more clients (e.g. Anyconnect).	2014-10-19 22:41:47 +02:00
Nikos Mavrogiannopoulos	2069af24a8	disable SSL 3.0 on the default priorities	2014-10-17 11:01:28 +02:00
Nikos Mavrogiannopoulos	c2856e2ee6	disabled session control by default in sample.config	2014-10-15 07:58:36 +02:00
Nikos Mavrogiannopoulos	b5d64c2040	doc update	2014-10-11 08:29:51 +02:00
Nikos Mavrogiannopoulos	120e49b26b	only enable session control when a username/password authentication is used	2014-10-11 08:28:04 +02:00
Nikos Mavrogiannopoulos	473ceebe4c	Added sanity checks into sec-mod That prevents a crash when certificate authentication is used but session control is enabled. Reported by George Panda.	2014-10-11 08:25:17 +02:00
Nikos Mavrogiannopoulos	1a32efbe20	enable non-blocking DTLS timers	2014-10-10 10:49:52 +02:00
Nikos Mavrogiannopoulos	739276fcbe	removed no longer relevant todo entries	2014-10-09 20:17:29 +02:00
Nikos Mavrogiannopoulos	aafa981ed9	doc update	2014-10-09 20:15:53 +02:00

1 2 3 4 5 ...

1409 Commits