GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,338 Commits 19 Branches 88 Tags
945699097d6bd55eb617e5fbbe070fff7dd0e2e2
Commit Graph

3338 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
c4f9d6cffb Merge branch 'tmp-fix-disconnect-script' into 'master' 
tests: try to reproduce #231

See merge request openconnect/ocserv!127
 2020-02-19 21:55:19 +00:00
Nikos Mavrogiannopoulos
d852195e64 tests: reproduce #231 
This modifies test-pass-script to force a DPD timeout to
verify whether ${IP_REMOTE} is set on the disconnect script.

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-19 22:17:31 +01:00
Alan Jowett
8d1aa343b4 Ban score should always increase. 
Resolves: #246

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2020-02-15 21:12:19 +01:00
Nikos Mavrogiannopoulos
17957ed98f Merge branch 'tmp-reorg-gitlab-ci-yml' into 'master' 
.gitlab-ci.yml: avoid the use of '&&'

See merge request openconnect/ocserv!131
 2020-02-13 22:39:16 +00:00
Nikos Mavrogiannopoulos
d28846404d Merge branch 'tmp-centos8' into 'master' 
.gitlab-ci.yml: added centos8 build

See merge request openconnect/ocserv!129
 2020-02-13 22:15:17 +00:00
Nikos Mavrogiannopoulos
5aea4680f5 Merge branch 'tmp-check-multi-users' into 'master' 
tests: added test to check whether server blocks if script blocks

Closes #241

See merge request openconnect/ocserv!126
 2020-02-13 22:15:06 +00:00
Nikos Mavrogiannopoulos
a6994ef1e7 .gitlab-ci.yml: specify the master branch coverity and web pages generation runs 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 23:04:38 +01:00
Nikos Mavrogiannopoulos
613242f343 .gitlab-ci.yml: added epel8 rpm build 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 23:02:55 +01:00
Nikos Mavrogiannopoulos
476638a52a .gitlab-ci.yml: avoid the use of '&&' 
gitlab CI will often mask a failure when multiple '&&' are
present.

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 22:50:00 +01:00
Nikos Mavrogiannopoulos
f4126fa095 .gitlab-ci.yml: change raddb permissions 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 22:45:42 +01:00
Nikos Mavrogiannopoulos
a8d34a80b9 tests: radius: save log on CI failure 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 22:25:13 +01:00
Nikos Mavrogiannopoulos
fc901e03c4 .gitlab-ci.yml: use parallel builds 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 22:06:22 +01:00
Nikos Mavrogiannopoulos
243c5e9fa2 .gitlab-ci.yml: added centos8 build 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2020-02-11 12:33:39 +01:00
Nikos Mavrogiannopoulos
1bce6526f3 updated NEWS entries [ci skip] 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-07 22:50:00 +01:00
Nikos Mavrogiannopoulos
ebe7c3bfb4 tests: added test to check whether server blocks if script blocks 
This test verifies that the server will continue to operate
even if the up script will block indefinitely.

Resolves: #241

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-07 22:46:21 +01:00
Nikos Mavrogiannopoulos
cd4aac2305 inih: updated to latest version 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-07 22:43:51 +01:00
Nikos Mavrogiannopoulos
0402df11de config: avoid crash on invalid entries 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-07 22:43:51 +01:00
Nikos Mavrogiannopoulos
ea3f6900c1 common.sh: print message when script cannot run 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2020-02-07 17:12:59 +01:00
Nikos Mavrogiannopoulos
1a6776c3a7 doc: updated ronn usage and fail when manpage cannot be generated 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2020-02-07 17:12:59 +01:00
Nikos Mavrogiannopoulos
9bd3c136e1 .gitlab-ci.yml: run jobs on linux only 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-01-26 09:25:44 +01:00
Nikos Mavrogiannopoulos
1d7a7088bf released 0.12.6 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
0.12.6 ocserv_0_12_6 		2019-12-28 20:19:44 +01:00
Nikos Mavrogiannopoulos
0f0a1b58e7 AUTHORS: updated mailmap [ci skip] 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2019-12-28 20:18:42 +01:00
Nikos Mavrogiannopoulos
79f6671237 doc update 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-12-28 20:14:59 +01:00
Nikos Mavrogiannopoulos
b94449211f AUTHORS: auto-generate 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-12-27 22:53:22 +01:00
Nikos Mavrogiannopoulos
4e5c9ad6c8 README.md: updated badge URI 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-12-17 16:07:18 +01:00
Nikos Mavrogiannopoulos
a3fe249541 Merge branch 'tmp-add-openat' into 'master' 
seccomp: allow openat()

Closes #185

See merge request openconnect/ocserv!123
 2019-12-17 15:05:27 +00:00
Nikos Mavrogiannopoulos
95991950c9 Merge branch 'tmp-check-multi-users' into 'master' 
check_multiple_users: do not account disconnected ones

Closes #223

See merge request openconnect/ocserv!122
 2019-12-17 15:04:35 +00:00
Nikos Mavrogiannopoulos
58836af0f3 seccomp: allow openat() 
It seems some libc uses openat() directly when open()
is called.

Resolves: #185

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-12-16 21:30:37 +01:00
Nikos Mavrogiannopoulos
55d5af2ebc check_multiple_users: do not account disconnected ones 
When max-same-clients is set to 1 and a user re-using a cookie
connects, check_multiple_users() would prevent the user from
reconnecting. This corrects the issue by taking into account
only valid sessions that have not yet been disconnected.

Resolves: #223

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-12-16 21:30:24 +01:00
Nikos Mavrogiannopoulos
935818346d seccomp: work around API breakage in libseccomp 2.4.2 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-12-16 21:30:11 +01:00
Nikos Mavrogiannopoulos
cfa62cf6b4 Merge branch 'tmp-test-kerberos' into 'master' 
tests: added kerberos test case

See merge request openconnect/ocserv!116
 2019-12-12 15:29:35 +00:00
Nikos Mavrogiannopoulos
714688879d maxmind: added license 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-12-12 14:59:53 +01:00
Nikos Mavrogiannopoulos
f68a44e5fd Merge branch 'new-ua' into 'master' 
Adapt UA detection for newer AnyConnect versions

See merge request openconnect/ocserv!121
 2019-12-07 13:23:07 +00:00
Nikos Mavrogiannopoulos
9b1e9aeeb4 Merge branch 'tmp-split-dns' into 'master' 
ocserv: added support for per-user split-dns directive

Closes #229

See merge request openconnect/ocserv!120
 2019-12-07 13:22:22 +00:00
Marcos Del Sol Vives
fa253b7741 Adapt UA detection for newer AnyConnect versions 
Signed-off-by: Marcos Del Sol Vives <marcos@orca.pet>
 2019-12-02 17:17:21 +01:00
Nikos Mavrogiannopoulos
c9e907c841 tests: replaced docker-based kerberos test case with one that runs in CI 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 14:51:21 +01:00
Nikos Mavrogiannopoulos
ea845a57fc tests: clean-up pam server initiation 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 11:10:19 +01:00
Nikos Mavrogiannopoulos
4bcf29643d ocserv: added support for per-user split-dns directive 
Resolves: #229

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 11:06:47 +01:00
Nikos Mavrogiannopoulos
6739529e05 Merge branch 'tmp-anyconnect' into 'master' 
Improve IPv6 support for anyconnect clients

See merge request openconnect/ocserv!119
 2019-11-17 10:03:18 +00:00
Leendert van Doorn
f73269175a AnyConnect clients expect a different verb (X-CSTP-DNS-IP6) for passing IPv6 DNS addresses. 
Signed-off-by: Leendert van Doorn <leendert@paramecium.org>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 09:07:16 +01:00
Leendert van Doorn
e9b79254e7 Detect AnyConnect clients and allow IPV6 routes to be passed through. 
Signed-off-by: Leendert van Doorn <leendert@paramecium.org>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 09:01:53 +01:00
Nikos Mavrogiannopoulos
cb138ede03 sample.config: documented script exit code handling [ci skip] 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-10-30 08:24:06 +01:00
Nikos Mavrogiannopoulos
a5a1b2d62f .gitlab-ci.yml: added coverity build 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-10-23 10:37:46 +02:00
Nikos Mavrogiannopoulos
962de41fba released 0.12.5 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
ocserv_0_12_5 		2019-10-16 21:32:24 +02:00
Nikos Mavrogiannopoulos
caf8ed2d48 Merge branch 'tmp-maxmind' into 'master' 
occtl: use maxminddb when available

See merge request openconnect/ocserv!115
 2019-10-16 19:32:02 +00:00
Nikos Mavrogiannopoulos
960032e065 occtl: use maxminddb when available 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-10-15 12:11:17 +02:00
Nikos Mavrogiannopoulos
6c2c09362e README.md: removed references to git2cl [ci skip] 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-10-14 20:23:03 +02:00
Nikos Mavrogiannopoulos
b9ff297c7d NEWS: updated 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-10-03 09:21:25 +02:00
Nikos Mavrogiannopoulos
e4621ebcde Merge branch 'FreeBSD-tun' into 'master' 
FreeBSD tun(4)

See merge request openconnect/ocserv!114
 2019-10-03 07:19:12 +00:00
Trond Endrestøl
aa07f183f2 FreeBSD tun(4) 
FreeBSD has a mechanism by which a tunnel has a single controlling process,
and only that one process may close the tunnel.

Kyle Evans of the FreeBSD Project authored these changes.

See issue 213.

Signed-off-by: Trond Endrestøl <trond.endrestol@ximalas.info>
 2019-10-02 14:00:26 +00:00