GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,881 Commits 19 Branches 88 Tags
a85dfcc3d810eea5cc2cdb30b85acac5ae98ec6c
Commit Graph

1881 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
a85dfcc3d8 doc update: remove dbus from the non-recommended options 2015-04-03 13:15:07 +02:00
Nikos Mavrogiannopoulos
0654a191b2 install dbus config file if DBUS is enabled 2015-04-03 13:13:10 +02:00
Nikos Mavrogiannopoulos
de955d19c4 doc update 2015-04-03 13:11:20 +02:00
Nikos Mavrogiannopoulos
92c9dafbb1 dbus: use terminate_proc 2015-04-03 13:10:05 +02:00
Nikos Mavrogiannopoulos
c50ad8021c dbus: include no-route information in the user info 2015-04-03 13:09:13 +02:00
Nikos Mavrogiannopoulos
913ebf767d dbus: include DTLS/CSTP compression and MTU in the user info 2015-04-03 13:08:58 +02:00
Nikos Mavrogiannopoulos
e65c4f5c60 dbus status command is in par with unix sockets one 2015-04-03 12:49:32 +02:00
Nikos Mavrogiannopoulos
bef3ace904 dbus: fixed new commands for ban/list 2015-04-03 12:41:15 +02:00
Nikos Mavrogiannopoulos
cf7852b751 removed old todo items 2015-04-03 12:23:37 +02:00
Nikos Mavrogiannopoulos
b2585e30b3 enable dbus 2015-04-03 10:56:46 +02:00
Nikos Mavrogiannopoulos
ba65936859 dbus: more debugging messages 2015-04-03 10:55:38 +02:00
Nikos Mavrogiannopoulos
fdaac88e37 dbus: added new commands for ban/list 2015-04-03 10:38:17 +02:00
Nikos Mavrogiannopoulos
a35f020b32 server header moved to X-CSTP-Server 
That would allow viewing the server from openconnect verbose output.
 2015-04-02 15:59:02 +02:00
Nikos Mavrogiannopoulos
a9d562064a tlslib: define DTLS1_2 when needed 2015-03-31 13:37:43 +02:00
Nikos Mavrogiannopoulos
9ab82246de configure: no need to require libtasn1 3.9 2015-03-31 10:58:49 +02:00
Nikos Mavrogiannopoulos
3741cdb2f8 doc update 2015-03-31 10:46:22 +02:00
Nikos Mavrogiannopoulos
1483f51062 ciphersuite check is made dynamic 
That would allow ocserv to be compiled with GnuTLS earlier than
3.2.7 but still use GCM if linked with a proper version.
 2015-03-31 10:30:29 +02:00
Nikos Mavrogiannopoulos
e09eac37cb tests: docker-common includes common.sh 2015-03-31 10:14:19 +02:00
Nikos Mavrogiannopoulos
0967f05f8d sec-mod: do not impose timeouts on reads from main 2015-03-31 10:13:13 +02:00
Nikos Mavrogiannopoulos
eba415def6 tests: openconnect binary is now set in variable 2015-03-29 19:38:38 +02:00
Nikos Mavrogiannopoulos
9e3e039dc3 released 0.10.2 ocserv_0_10_2 2015-03-29 19:07:26 +02:00
Nikos Mavrogiannopoulos
4a40ec6afa reduce messages sent by main to sec-mod 2015-03-26 07:48:02 +01:00
Nikos Mavrogiannopoulos
bb5500854d bumped version 2015-03-26 07:12:46 +01:00
Nikos Mavrogiannopoulos
5395f481e8 tests: rely on fedora's openconnect for kerberos-test 2015-03-25 14:01:36 +01:00
Nikos Mavrogiannopoulos
8edbdf4292 doc update 2015-03-23 11:17:12 +01:00
Nikos Mavrogiannopoulos
7ea22d3aac receive SM_CMD_AUTH_BAN_IP_REPLY asynchronously to prevent race conditions 2015-03-23 11:13:26 +01:00
Nikos Mavrogiannopoulos
bf7394b091 worker: don't use getsockopt(TCP_MAXSEG) on unix sockets 
That avoids unhelpful warnings on the log. Reported by Claudio Luck.
 2015-03-17 12:30:10 +01:00
Nikos Mavrogiannopoulos
a2e33f71a1 tests: corrected full-test checks 2015-03-16 16:00:17 +01:00
Nikos Mavrogiannopoulos
cbed2ac57b doc update 2015-03-16 15:48:51 +01:00
Nikos Mavrogiannopoulos
f64e373084 worker: when receiving auth_cookie_reply from main update the SID 
That fixes an issue where the worker didn't know its correct
SID, because (1) we didn't always send the SID as cookie - corrected in
the previous patch, and (2) openconnect client doesn't honour all cookies,
only the webvpnc one. In all cases it is more trustworthy to check our
view of the SID rather than rely on the cookie.

Resolves issue with stats not being transmitted to sec-module when
using certificate authentication.
 2015-03-16 15:47:23 +01:00
Nikos Mavrogiannopoulos
89ecadf183 worker: always set the webvpncontext cookie 2015-03-16 15:41:14 +01:00
Nikos Mavrogiannopoulos
b9c9904903 full-test: set PORT_OCSERV 2015-03-16 14:07:05 +01:00
Nikos Mavrogiannopoulos
53aa95bc1e print unknown SIDs 2015-03-16 14:06:45 +01:00
Nikos Mavrogiannopoulos
e81c6755ee released 0.10.1 ocserv_0_10_1 2015-03-15 16:47:36 +01:00
Nikos Mavrogiannopoulos
419ac8ecff ensure that sendmsg and recvmsg don't get interrupted 2015-03-15 11:25:09 +01:00
Nikos Mavrogiannopoulos
872f39f777 sec-mod: handle unknown messages as bad commands 2015-03-15 11:20:42 +01:00
Nikos Mavrogiannopoulos
95b9f61f90 doc update 2015-03-15 11:14:00 +01:00
Nikos Mavrogiannopoulos
542597d08b bumped version 2015-03-14 19:24:33 +01:00
Nikos Mavrogiannopoulos
87fe1747b8 call session_close only when session_open has succeeded 2015-03-14 19:19:41 +01:00
Nikos Mavrogiannopoulos
fac64468dc tests: enhance test-cookie-timeout to detect issues with main-sec-mod not in sync 2015-03-14 19:15:47 +01:00
Nikos Mavrogiannopoulos
da29bb99f3 doc update 2015-03-14 18:57:59 +01:00
Nikos Mavrogiannopoulos
423540b757 tolerate session close in unusual cases, and avoid desync 2015-03-14 18:54:22 +01:00
Nikos Mavrogiannopoulos
6c1f88a090 sec-mod: only exit on ERR_BAD_COMMAND errors from main msg handler 2015-03-14 18:46:17 +01:00
Nikos Mavrogiannopoulos
00e775dac6 radius-test: include radius accounting test 2015-03-13 15:53:07 +01:00
Nikos Mavrogiannopoulos
fed17e005a config: simplified comparison 2015-03-12 09:12:47 +01:00
Nikos Mavrogiannopoulos
d3c0d6a2c8 icmp-ping: explicitly specify type 2015-03-12 09:12:47 +01:00
Nikos Mavrogiannopoulos
d9fb482361 configure: removed stray ',' 2015-03-12 09:12:47 +01:00
Nikos Mavrogiannopoulos
551f22f57c released 0.10.0 ocserv_0_10_0 2015-03-10 18:22:30 +01:00
Nikos Mavrogiannopoulos
54dfdf3d59 doc update 2015-03-06 13:56:25 +01:00
Nikos Mavrogiannopoulos
755f8ad6c2 document GSSAPI authentication 2015-03-06 13:49:22 +01:00