Nikos Mavrogiannopoulos
b21f05df06
Allow setting directly the IP_TOS from net-priority.
2013-12-09 22:59:44 +01:00
Nikos Mavrogiannopoulos
6cb553e9a8
Added the net-priority configuration option.
...
That option allows setting the protocol-defined priority (via SO_PRIORITY)
for the UDP and TCP sockets, per user/group or globally.
2013-12-09 14:40:55 +01:00
Nikos Mavrogiannopoulos
8a919d236f
udp-port can now be unset, and that will disable listening to UDP.
2013-12-07 17:44:31 +01:00
Nikos Mavrogiannopoulos
e08f70987a
Added the --http-debug option to ocserv to avoid printing full HTTP messages to normal debug mode.
2013-11-16 17:33:50 +01:00
Nikos Mavrogiannopoulos
615e16cc41
count bandwidth in kb/sec to avoid overflows on high bandwidth.
2013-11-05 20:32:23 +01:00
Nikos Mavrogiannopoulos
3dc2637c6f
Added pid-file command line option, that overrides the configured pid-file.
2013-11-05 20:03:23 +01:00
Nikos Mavrogiannopoulos
85f4db201c
updated license information and authors
2013-11-05 19:38:30 +01:00
Nikos Mavrogiannopoulos
2f5141b00f
Added directives to allow bandwidth limitation.
2013-11-03 17:06:02 +01:00
Nikos Mavrogiannopoulos
e4d2e5803d
Added commands to add and remove a route.
2013-10-29 11:07:03 +01:00
Nikos Mavrogiannopoulos
30f0e93e70
Added the ipv6-prefix configuration option
2013-10-29 10:01:53 +01:00
Nikos Mavrogiannopoulos
00554b2f28
Allow loading additional configuration files per user or per group.
...
The directives currently allowed are: ipv4/6_dns and route.
2013-10-28 11:43:05 +01:00
Nikos Mavrogiannopoulos
87684c1c0d
Configuration file parsing was modified to allow detecting mispellings of directives and unknown options.
2013-10-21 10:29:44 +02:00
Nikos Mavrogiannopoulos
988116bbeb
Added config options 'mtu' and 'output-buffer'.
2013-10-20 17:45:51 +02:00
Nikos Mavrogiannopoulos
9c60dfc0e0
use c_strcase in config file parsing
2013-07-10 16:17:00 +02:00
Nikos Mavrogiannopoulos
531b457c64
silence warnings
2013-07-06 11:45:22 +02:00
Nikos Mavrogiannopoulos
2fce51004b
more fixes
2013-07-05 15:10:54 +02:00
Nikos Mavrogiannopoulos
3d18c41b4d
corrected null pointer deferences
2013-07-05 15:01:09 +02:00
Nikos Mavrogiannopoulos
a7eb7b2e6e
disallow mixing multiple username/password authentication methods
2013-07-01 12:23:01 +02:00
Nikos Mavrogiannopoulos
126c52ab5c
Cookies are no longer persistent
2013-07-01 12:18:51 +02:00
Nikos Mavrogiannopoulos
1521a3caaa
Removed ability to send binary files.
2013-06-07 11:36:34 +02:00
Nikos Mavrogiannopoulos
10246b78c4
Allow downloading raw files from 1/binaries
2013-05-31 17:29:52 +02:00
Nikos Mavrogiannopoulos
e0a7ad9fe6
Added X-CSTP-Default-Domain option.
2013-05-06 10:56:21 +03:00
Nikos Mavrogiannopoulos
6ee0af050c
corrected bug in anyconnect compat
2013-04-29 02:27:29 +03:00
Nikos Mavrogiannopoulos
947214a9a4
Added config file option ping-leases.
2013-04-29 00:12:37 +03:00
Nikos Mavrogiannopoulos
c1db9b9711
deinitialize memory taken by configuration parser.
2013-03-24 08:46:16 +01:00
Nikos Mavrogiannopoulos
55c62d25b9
use quotes when printing password file
2013-03-17 09:56:07 +01:00
Nikos Mavrogiannopoulos
5a4ce846b7
The TLS private keys are kept into a privileged process.
...
That process is called security-module (sec-mod) and communicates
with the workers using a unix domain socket.
2013-03-15 17:47:38 +01:00
Nikos Mavrogiannopoulos
b552f27ddb
Do not let scripts block the server operation.
2013-03-13 19:18:52 +01:00
Nikos Mavrogiannopoulos
0c4b013b3f
Added plain password format
2013-03-12 23:40:11 +01:00
Nikos Mavrogiannopoulos
23977b5359
Added ability to specify multiple certificate and key pairs.
2013-03-07 09:51:50 +01:00
Nikos Mavrogiannopoulos
a0f1867c58
Allow setting DH parameters.
2013-03-07 09:19:25 +01:00
Nikos Mavrogiannopoulos
f828de76b4
Exit when mandatory configuration options are not present
2013-03-06 23:46:05 +01:00
Nikos Mavrogiannopoulos
b2e8137dde
rate-limit-ms is no longer mandatory to set
2013-03-06 23:43:51 +01:00
Nikos Mavrogiannopoulos
6c54a37e69
Allow setting OCSP responses.
2013-03-05 01:42:25 +01:00
Nikos Mavrogiannopoulos
432a2da897
Allow setting a reconnection delay time after a failed authentication attempt (added min-reauth-time option).
2013-03-04 19:42:10 +01:00
Nikos Mavrogiannopoulos
ecd90b533e
Allow setting a rate limit on the number of connections.
2013-03-04 06:23:58 +01:00
Nikos Mavrogiannopoulos
62392660cd
Anyconnect client compatibility is optional.
2013-03-02 15:35:16 +01:00
Nikos Mavrogiannopoulos
9900ff6060
simplified certificate request and require setting.
2013-03-01 23:39:47 +01:00
Nikos Mavrogiannopoulos
f532a7275c
corrected cert require rule
2013-03-01 22:01:18 +01:00
Nikos Mavrogiannopoulos
ef18851237
Added option to allow sending a cookie without the corresponding certificate.
...
This option is required for the cisco clients, that do not always use the
client certificate. When this option is set to false it means that the cookie
itself is sufficient for authentication. This is bad practice of smart cards
are in use.
2013-03-01 21:54:49 +01:00
Nikos Mavrogiannopoulos
41e8d020b5
Several updates to handle URLs requested by the cisco client.
2013-03-01 19:52:10 +01:00
Nikos Mavrogiannopoulos
83c9793033
include banner in the XML success message.
2013-02-27 22:29:10 +01:00
Nikos Mavrogiannopoulos
833b1979ec
Banner was made configurable.
2013-02-27 19:16:46 +01:00
Nikos Mavrogiannopoulos
d06de0c46b
Allow setting NBNS.
2013-02-24 11:24:14 +01:00
Nikos Mavrogiannopoulos
628877881d
Added configuration options for PIN files.
2013-02-18 23:47:20 +01:00
Nikos Mavrogiannopoulos
ba80139452
mtu discovery via DPD is optional
2013-02-16 16:46:37 +01:00
Nikos Mavrogiannopoulos
7270341e62
write the correct PID in pid file
2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos
e8f6332f36
Use PAM account management and added support for user groups.
2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos
121b2491aa
HUP signal reloads configuration
2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos
184b8d7a66
enforce maximum number of same clients
2013-02-09 20:23:46 +01:00
