ocserv

mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 00:37:00 +08:00

Author	SHA1	Message	Date
Nikos Mavrogiannopoulos	90b3c439fb	tests: server-cert-rsa-pss moved to xfail set Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 14:22:46 +02:00
Nikos Mavrogiannopoulos	21694d54dc	tlslib: set public key algorithm with gnutls_privkey_import_ext4 Previously we would require communication with sec-mod, which is not setup during configuration time. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-14 14:22:46 +02:00
Nikos Mavrogiannopoulos	9cdd2be7f0	include crypt.h to use crypt() This is necessary in Fedora28 as it doesn't provide crypt() prototype in unistd.h https://bugzilla.redhat.com/show_bug.cgi?id=1566464 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-04-12 14:59:05 +02:00
Nikos Mavrogiannopoulos	1b313b9e80	tlslib: added missing struct element Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>	2018-04-12 13:08:47 +02:00
Nikos Mavrogiannopoulos	c69c702818	Merge branch 'tmp-replace-tests' into 'master' tests: replace docker tests with tests based on namespaces See merge request ocserv/ocserv!77	2018-04-10 19:59:54 +00:00
Nikos Mavrogiannopoulos	158b099c9f	tests: added test with compression enabled Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-06 06:53:27 +02:00
Nikos Mavrogiannopoulos	017bd414f9	.gitlab-ci.yml: update code coverage Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-05 20:09:36 +02:00
Nikos Mavrogiannopoulos	265e30dab7	tests: full-test was moved into traffic test The new traffic test only requires namespaces and no docker. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-05 20:06:27 +02:00
Nikos Mavrogiannopoulos	490a201826	haproxy-connect: split into lib Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-05 18:59:41 +02:00
Nikos Mavrogiannopoulos	6aaf37913f	Merge branch 'tmp-haproxy' into 'master' Added testsuite with haproxy See merge request ocserv/ocserv!75	2018-04-04 05:38:05 +00:00
Nikos Mavrogiannopoulos	86fe0fc457	tests: added check with haproxy connection Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-04 07:22:49 +02:00
Nikos Mavrogiannopoulos	d6332cd428	proc_table_update_ip: do not update IP if the previous IP is not found That adds a safety net in case there is a mismatch of IPs, to prevent adding two entries in the hashtable for the same IP. Resolves #146 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-02 23:04:39 +02:00
Nikos Mavrogiannopoulos	bd5ad4d7c3	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-01 13:31:59 +02:00
Nikos Mavrogiannopoulos	8eda81e033	proc-search: indentation fixes Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-01 13:30:47 +02:00
Nikos Mavrogiannopoulos	63b7e81e87	tests: added test with proxy-protocol That tests operation under haproxy with proxy-protocol without docker. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-01 13:30:47 +02:00
Nikos Mavrogiannopoulos	5c719b4264	worker: properly handle the haproxy health commands That is, do not close that connection, but follow up and accept it, according to the protocol. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-04-01 13:30:47 +02:00
Nikos Mavrogiannopoulos	e09f54ea77	NEWS: document only entries which are not available in 0.11.x branch Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-22 08:46:26 +01:00
Nikos Mavrogiannopoulos	348a45902e	Merge branch 'tmp-bsd-rename' into 'master' Rename the tun device on FreeBSD See merge request ocserv/ocserv!71	2018-03-22 07:41:06 +00:00
Nikos Mavrogiannopoulos	1aa3056849	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-21 12:55:04 +01:00
Nikos Mavrogiannopoulos	d8731fbb99	configure: warn when no worker isolation is available Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-21 12:52:04 +01:00
Nikos Mavrogiannopoulos	0247db65d2	tun: better separation of OS dependent tun functionality Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-21 12:52:04 +01:00
Nikos Mavrogiannopoulos	511fe9a0d3	combined bsd_open_tun with bsd_ifrename Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-21 12:52:04 +01:00
Nikos Mavrogiannopoulos	6913b1fb33	rename tun device on FreeBSD Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-21 12:52:04 +01:00
Nikos Mavrogiannopoulos	e996e2fe06	Merge branch 'tmp-fix-multi-line-val' into 'master' Allow more than 128+96 configuration options Closes #141 See merge request ocserv/ocserv!74	2018-03-21 11:40:22 +00:00
Nikos Mavrogiannopoulos	1e88a224ee	_add_multi_line_val: corrected array size extension The current implementation would impose an artificial limit of configuration options to (DEFAULT_CONFIG_ENTRIES+128) after which the server would crash on loading. With that change we allow for an arbitrary number of configuration options. Resolves #141 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-21 12:28:26 +01:00
Nikos Mavrogiannopoulos	0de68ef4b1	tests: added reproducer for #141 This tests whether more than 128 options can be read in routes or dns fields. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-21 12:28:24 +01:00
Nikos Mavrogiannopoulos	7b4c1bae5a	.gitlab-ci.yml: added ubsan build Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-12 21:56:03 +01:00
Nikos Mavrogiannopoulos	dfab7f6e30	Create coverage report and depend on pre-built CI images It will be made available at: https://ocserv.gitlab.io/ocserv/coverage/ Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-12 21:54:44 +01:00
Nikos Mavrogiannopoulos	96efa890e9	config: allow empty device name on vhosts Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-11 15:12:23 +01:00
Nikos Mavrogiannopoulos	704763ac40	config: corrected check for empty device name Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-11 06:40:20 +01:00
Nikos Mavrogiannopoulos	c2a519572b	sec-mod: move variable in the ifdef block it is used at Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-11 06:33:37 +01:00
Nikos Mavrogiannopoulos	8b0b1e6067	tlslib: added support for gnutls 3.6.3 (unreleased) That adds support for GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS which is necessary for RSA-PSS private keys. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-10 19:19:07 +01:00
Nikos Mavrogiannopoulos	a56d1b7900	README.md: better presentation of badges [ci skip] Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-10 18:01:38 +01:00
Nikos Mavrogiannopoulos	71f7b81b28	.travis.yml: removed; ocserv cannot be built in ubuntu14.04 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-10 17:59:06 +01:00
Nikos Mavrogiannopoulos	3365eb8ab4	worker.h: removed socklen_t non-presence work-around The socklen_t use is spread out in the code, making that work around non-functional. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-10 17:56:12 +01:00
Nikos Mavrogiannopoulos	56a2d4b7e4	use casts to avoid various clang warnings under BSD systems Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-10 17:56:12 +01:00
Nikos Mavrogiannopoulos	8245843166	updated URI Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-10 08:05:07 +01:00
Nikos Mavrogiannopoulos	ecf9132495	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-06 20:42:33 +01:00
Nikos Mavrogiannopoulos	5d0205332d	tests: introduced test program to check basic vhost functionality This checks whether connecting to different virtual hosts with different authentication methods works. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-06 20:42:33 +01:00
Nikos Mavrogiannopoulos	ba6921ed9a	Introduced the notion of virtual hosts This provides virtualized server configurations which take effect after client connection when client hello is received. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-06 20:42:31 +01:00
Nikos Mavrogiannopoulos	26bc265652	.gitlab-ci.yml: disabled rawhide build The fedora image is broken since long time. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-02 19:36:18 +01:00
Nikos Mavrogiannopoulos	d211b3d795	config: properly warn on duplicate pid-file option Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-02 19:35:44 +01:00
Nikos Mavrogiannopoulos	274415d050	tests: use the --pid-file and -p options in ocserv This allows detecting issues like in #143 where these two options regressed. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-01 19:18:54 +01:00
Nikos Mavrogiannopoulos	8769b2e041	ocserv: avoid crash when --pid-file is used Resolves #143 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-03-01 19:13:57 +01:00
Nikos Mavrogiannopoulos	cc12fe7131	doc update Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-27 07:04:28 +01:00
Nikos Mavrogiannopoulos	9bb7799fc2	worker: only switch to GSSAPI authentication if not already used certificate That allows using gssapi as primary and certificate as fallback. Resolves #108 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-25 16:41:59 +01:00
Nikos Mavrogiannopoulos	d3c29765a3	worker: use explicit parenthesis for clarity Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-25 16:40:24 +01:00
Nikos Mavrogiannopoulos	15fd4c9fbb	tests: introduced tests with gssapi falling back to pass or certs Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-25 16:31:55 +01:00
Nikos Mavrogiannopoulos	55bf469dce	worker: simplified fallback to next authentication method That, also allows falling back from certificate authentication failure, allowing it being listed as primary, with alternatives present. Resolves #108 Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-25 16:03:50 +01:00
Nikos Mavrogiannopoulos	b59a12591c	config.c: clarify if clause Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2018-02-25 16:03:50 +01:00

1 2 3 4 5 ...

2958 Commits