ocserv

mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-03-14 06:48:16 +08:00

Author	SHA1	Message	Date
Nikos Mavrogiannopoulos	95a0b6abc3	Added the rekey-method config option.	2014-02-22 12:51:34 +01:00
Nikos Mavrogiannopoulos	25afdb5949	use RND_RANDOM for the generation of SID	2014-02-22 10:00:32 +01:00
Nikos Mavrogiannopoulos	5ac591a37e	doc update	2014-02-18 19:42:21 +01:00
Nikos Mavrogiannopoulos	7b73aee479	when mobile-dpd and mobile-idle-timeout are not set, they get values from their non-mobile counterpart.	2014-02-18 19:39:37 +01:00
Nikos Mavrogiannopoulos	c47266ede0	doc update	2014-02-18 18:56:40 +01:00
Nikos Mavrogiannopoulos	6ee0899e22	Added the mobile-idle-timeout config option.	2014-02-18 18:54:50 +01:00
Nikos Mavrogiannopoulos	b550489c88	better messages from pam authentication module	2014-02-18 18:39:44 +01:00
Nikos Mavrogiannopoulos	d361bd608d	only print an authentication failure message if the maximum tries have been reached	2014-02-18 18:36:58 +01:00
Nikos Mavrogiannopoulos	a609cf58b7	send disconnect packet instead of server terminate when disconnecting a user.	2014-02-18 18:32:10 +01:00
Nikos Mavrogiannopoulos	367976ca34	Implemented Idle timeout. When set, a client that does not have any non-control traffic for that period is getting disconnected.	2014-02-18 18:09:23 +01:00
Nikos Mavrogiannopoulos	2399aafe35	modified priorities	2014-02-18 13:11:38 +01:00
Nikos Mavrogiannopoulos	bc10b97207	added debug message in remove_proc	2014-02-18 09:04:21 +01:00
Nikos Mavrogiannopoulos	c5c38e92bd	Do not allow DPD to be disabled. Doing so would prevent the server from dropping inactive connections. If the dpd values are not configured, set some reasonable defaults.	2014-02-17 22:40:32 +01:00
Nikos Mavrogiannopoulos	faf0a7133b	doc update	2014-02-17 22:22:07 +01:00
Nikos Mavrogiannopoulos	2bd6f5a6a1	Added the mobile-dpd configuration option. This option allows setting a different DPD value for mobile clients to allow them going to sleep for longer time.	2014-02-17 22:17:09 +01:00
Nikos Mavrogiannopoulos	821f56f5e1	doc update	2014-02-17 20:21:08 +01:00
Nikos Mavrogiannopoulos	be332174f8	Simplified debugging by allowing multiple levels. 'ocserv -d' now accepts a numeric option from 0 (no debugging) to 9 (maximum verbosity).	2014-02-17 20:19:39 +01:00
Nikos Mavrogiannopoulos	1eab85479c	better log names.	2014-02-17 15:53:34 +01:00
Nikos Mavrogiannopoulos	4cf84152e5	doc update	2014-02-17 15:46:35 +01:00
Nikos Mavrogiannopoulos	882c37b17a	Added profile.xml to the distributed files	2014-02-17 15:36:33 +01:00
Nikos Mavrogiannopoulos	8c2acab693	Added 'See Also' section in occtl.8	2014-02-17 15:25:07 +01:00
Nikos Mavrogiannopoulos	f85ee029a8	doc update	2014-02-17 08:43:28 +01:00
Nikos Mavrogiannopoulos	3cf1d409db	better wording	2014-02-16 22:48:15 +01:00
Nikos Mavrogiannopoulos	991455065f	simplified handling of CISCO reconnecting clients. Instead of having a client use the initial SID over and over, re-set the SID cookie, during authentication when needed. That way we avoid having expensive checks to ensure uniqueness of SID.	2014-02-16 22:47:45 +01:00
Nikos Mavrogiannopoulos	9d3453877f	eliminated double [m]	2014-02-16 21:31:32 +01:00
Nikos Mavrogiannopoulos	247ac9e683	Indicate the main process in message logging, to distinguish from worker messages.	2014-02-16 19:25:15 +01:00
Nikos Mavrogiannopoulos	d339be261e	Better messages in password asking.	2014-02-16 19:19:25 +01:00
Nikos Mavrogiannopoulos	24403dddcb	doc update	2014-02-16 19:12:54 +01:00
Nikos Mavrogiannopoulos	fd7f3e65ce	Allow a number of retries in plain password authentication.	2014-02-16 19:10:49 +01:00
Nikos Mavrogiannopoulos	83f3cbac19	set output buffer based on DTLS MTU, and ensure a minimum value	2014-02-16 13:59:02 +01:00
Nikos Mavrogiannopoulos	936fefd79d	distribute test-stress	2014-02-16 10:13:06 +01:00
Nikos Mavrogiannopoulos	0f0683b7fd	released 0.3.1 ocserv_0_3_1	2014-02-16 09:34:20 +01:00
Nikos Mavrogiannopoulos	17f3fb8518	check for auth context presence when locating a previous session	2014-02-16 08:40:51 +01:00
Nikos Mavrogiannopoulos	a329982c97	removed the periodic printing of TCP MSS	2014-02-15 21:08:00 +01:00
Nikos Mavrogiannopoulos	55de932cdb	corrected typo	2014-02-15 15:25:00 +01:00
Nikos Mavrogiannopoulos	ac5a9062c6	added example of IPv6 route	2014-02-15 15:19:13 +01:00
Nikos Mavrogiannopoulos	0faee9fbbf	print errors when an invalid IPv6 prefix is found.	2014-02-15 15:16:19 +01:00
Nikos Mavrogiannopoulos	489da30c93	doc update	2014-02-15 13:53:21 +01:00
Nikos Mavrogiannopoulos	3b9971b7e8	Added support for the "new" type of IP6 support in AnyConnect. If the client sends "X-CSTP-Full-IPv6-Capability: true", then we use the headers: X-CSTP-Address-IP6: 2001:db8:1000:1000::1/64 X-CSTP-Split-Include-IP6: 2001:db8:1000:1001::/64 X-CSTP-Split-Include-IP6: 2001:db8:1000:1002::/64 (see corresponding openconnect change)	2014-02-15 13:51:03 +01:00
Nikos Mavrogiannopoulos	4e8d7e7a58	corrected typo	2014-02-15 13:44:05 +01:00
Nikos Mavrogiannopoulos	c8986508c0	doc update	2014-02-15 09:58:07 +01:00
Nikos Mavrogiannopoulos	8ffca1fcd9	eliminate small leak	2014-02-15 09:57:52 +01:00
Nikos Mavrogiannopoulos	828814862b	Added stress test	2014-02-15 09:53:57 +01:00
Nikos Mavrogiannopoulos	dd3bd9dcdd	Do not enforce safe negotiation on the main TLS channel. This is only set when in CISCO compatibility mode, as CISCO clients come from the past.	2014-02-14 21:35:41 +01:00
Nikos Mavrogiannopoulos	452ff7973a	simplified type usage	2014-02-14 12:47:22 +01:00
Nikos Mavrogiannopoulos	ea39d512dc	switch to strtok_r() and other small fixes.	2014-02-14 12:43:54 +01:00
Nikos Mavrogiannopoulos	af6714605b	when a user is rejected due to multiple connections set an appropriate status.	2014-02-14 10:37:35 +01:00
Nikos Mavrogiannopoulos	f8f30bffa4	set a reasonable default rekey time	2014-02-12 11:07:14 +01:00
Nikos Mavrogiannopoulos	6d8841cae7	sample.conf update	2014-02-12 11:05:14 +01:00
Nikos Mavrogiannopoulos	c8a9ab3191	removed exclamation mark	2014-02-12 11:05:11 +01:00

... 3 4 5 6 7 ...

1136 Commits