GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,061 Commits 19 Branches 88 Tags
96cf2ca6745faa84c0a394e607d7878cb3b07926
Commit Graph

2061 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
9e3e039dc3 released 0.10.2 ocserv_0_10_2 2015-03-29 19:07:26 +02:00
Nikos Mavrogiannopoulos
4a40ec6afa reduce messages sent by main to sec-mod 2015-03-26 07:48:02 +01:00
Nikos Mavrogiannopoulos
bb5500854d bumped version 2015-03-26 07:12:46 +01:00
Nikos Mavrogiannopoulos
5395f481e8 tests: rely on fedora's openconnect for kerberos-test 2015-03-25 14:01:36 +01:00
Nikos Mavrogiannopoulos
8edbdf4292 doc update 2015-03-23 11:17:12 +01:00
Nikos Mavrogiannopoulos
7ea22d3aac receive SM_CMD_AUTH_BAN_IP_REPLY asynchronously to prevent race conditions 2015-03-23 11:13:26 +01:00
Nikos Mavrogiannopoulos
bf7394b091 worker: don't use getsockopt(TCP_MAXSEG) on unix sockets 
That avoids unhelpful warnings on the log. Reported by Claudio Luck.
 2015-03-17 12:30:10 +01:00
Nikos Mavrogiannopoulos
a2e33f71a1 tests: corrected full-test checks 2015-03-16 16:00:17 +01:00
Nikos Mavrogiannopoulos
cbed2ac57b doc update 2015-03-16 15:48:51 +01:00
Nikos Mavrogiannopoulos
f64e373084 worker: when receiving auth_cookie_reply from main update the SID 
That fixes an issue where the worker didn't know its correct
SID, because (1) we didn't always send the SID as cookie - corrected in
the previous patch, and (2) openconnect client doesn't honour all cookies,
only the webvpnc one. In all cases it is more trustworthy to check our
view of the SID rather than rely on the cookie.

Resolves issue with stats not being transmitted to sec-module when
using certificate authentication.
 2015-03-16 15:47:23 +01:00
Nikos Mavrogiannopoulos
89ecadf183 worker: always set the webvpncontext cookie 2015-03-16 15:41:14 +01:00
Nikos Mavrogiannopoulos
b9c9904903 full-test: set PORT_OCSERV 2015-03-16 14:07:05 +01:00
Nikos Mavrogiannopoulos
53aa95bc1e print unknown SIDs 2015-03-16 14:06:45 +01:00
Nikos Mavrogiannopoulos
e81c6755ee released 0.10.1 ocserv_0_10_1 2015-03-15 16:47:36 +01:00
Nikos Mavrogiannopoulos
419ac8ecff ensure that sendmsg and recvmsg don't get interrupted 2015-03-15 11:25:09 +01:00
Nikos Mavrogiannopoulos
872f39f777 sec-mod: handle unknown messages as bad commands 2015-03-15 11:20:42 +01:00
Nikos Mavrogiannopoulos
95b9f61f90 doc update 2015-03-15 11:14:00 +01:00
Nikos Mavrogiannopoulos
542597d08b bumped version 2015-03-14 19:24:33 +01:00
Nikos Mavrogiannopoulos
87fe1747b8 call session_close only when session_open has succeeded 2015-03-14 19:19:41 +01:00
Nikos Mavrogiannopoulos
fac64468dc tests: enhance test-cookie-timeout to detect issues with main-sec-mod not in sync 2015-03-14 19:15:47 +01:00
Nikos Mavrogiannopoulos
da29bb99f3 doc update 2015-03-14 18:57:59 +01:00
Nikos Mavrogiannopoulos
423540b757 tolerate session close in unusual cases, and avoid desync 2015-03-14 18:54:22 +01:00
Nikos Mavrogiannopoulos
6c1f88a090 sec-mod: only exit on ERR_BAD_COMMAND errors from main msg handler 2015-03-14 18:46:17 +01:00
Nikos Mavrogiannopoulos
00e775dac6 radius-test: include radius accounting test 2015-03-13 15:53:07 +01:00
Nikos Mavrogiannopoulos
fed17e005a config: simplified comparison 2015-03-12 09:12:47 +01:00
Nikos Mavrogiannopoulos
d3c0d6a2c8 icmp-ping: explicitly specify type 2015-03-12 09:12:47 +01:00
Nikos Mavrogiannopoulos
d9fb482361 configure: removed stray ',' 2015-03-12 09:12:47 +01:00
Nikos Mavrogiannopoulos
551f22f57c released 0.10.0 ocserv_0_10_0 2015-03-10 18:22:30 +01:00
Nikos Mavrogiannopoulos
54dfdf3d59 doc update 2015-03-06 13:56:25 +01:00
Nikos Mavrogiannopoulos
755f8ad6c2 document GSSAPI authentication 2015-03-06 13:49:22 +01:00
Nikos Mavrogiannopoulos
e3df6c9cf0 doc update 2015-03-06 13:42:50 +01:00
Nikos Mavrogiannopoulos
b27ff28971 updated sample.config 2015-03-04 10:28:15 +01:00
Nikos Mavrogiannopoulos
17edec6bc6 disable DTLS if there is no ciphersuite in common 2015-03-04 10:25:26 +01:00
Nikos Mavrogiannopoulos
642edaae59 doc update: mention that banning cannot be combined with listen-clear-file 2015-03-03 15:37:58 +01:00
Nikos Mavrogiannopoulos
adc8473328 chroot_dir, occtl_socket_file and socket_file_prefix were moved to permanent config options 2015-03-03 11:50:48 +01:00
Nikos Mavrogiannopoulos
b4347e4971 updated documentation with options that will be read in reload 2015-03-03 11:44:51 +01:00
Nikos Mavrogiannopoulos
cf483b046b increased the maximum configuration options to 96 
That allows for up to 96 routes to be sent by the server.
 2015-03-03 11:28:53 +01:00
Nikos Mavrogiannopoulos
81b6b6bd3c doc update 2015-03-03 11:26:44 +01:00
Nikos Mavrogiannopoulos
b732a6e91e doc update 2015-03-03 11:19:30 +01:00
Nikos Mavrogiannopoulos
3693f1baa5 tests: check whether local-map in gssapi is required by default 2015-03-03 11:13:28 +01:00
Nikos Mavrogiannopoulos
f33b7f9559 doc update 2015-03-03 11:06:54 +01:00
Nikos Mavrogiannopoulos
09f7b81f20 don't call exit from main process; use the termination path 2015-03-03 11:00:51 +01:00
Nikos Mavrogiannopoulos
05accfeb0d always check tmsg for null prior to freeing it 2015-03-02 16:28:22 +01:00
Nikos Mavrogiannopoulos
3da0b450b9 corrected default value of DPD 2015-03-02 16:27:14 +01:00
Nikos Mavrogiannopoulos
d90600b46c avoid warnings on type of the parameter used for the allocation pool 2015-03-02 16:23:12 +01:00
Nikos Mavrogiannopoulos
cdb1b70822 do not send IPv6 accounting with radius; there is a bug in freeradius-client 2015-03-02 13:19:00 +01:00
Nikos Mavrogiannopoulos
d4a26b9fbe clear_cfg_file() -> clear_cfg() 2015-03-02 13:18:58 +01:00
Nikos Mavrogiannopoulos
bf23bb82ba cast CMSG_DATA to avoid warnings 2015-03-02 13:18:56 +01:00
Nikos Mavrogiannopoulos
cc16a65819 separated permanent configuration options from the reloaded ones 2015-03-02 13:18:52 +01:00
Nikos Mavrogiannopoulos
e232ebc764 tests: added check of behavior when SIGHUP is given 2015-03-02 09:04:17 +01:00