GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
631 Commits 19 Branches 88 Tags
c6a08db6dbd80aaf60094b9a0bc0456f2cc0afb8
Commit Graph

631 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
c6a08db6db Added support for cgroups 2013-12-10 11:07:08 +01:00
Nikos Mavrogiannopoulos
fd25969aca simplified reading the net-priority option 2013-12-10 10:05:36 +01:00
Nikos Mavrogiannopoulos
b4c2aebd9e doc update 2013-12-10 08:41:09 +01:00
Nikos Mavrogiannopoulos
74385e6a30 corrected DPD sending in TLS. Reported by Kevin Cernekee. 2013-12-10 08:35:48 +01:00
Nikos Mavrogiannopoulos
b21f05df06 Allow setting directly the IP_TOS from net-priority. 2013-12-09 22:59:44 +01:00
Nikos Mavrogiannopoulos
d601a8506a conditionally use SO_PRIORITY 2013-12-09 22:15:31 +01:00
Nikos Mavrogiannopoulos
ca93854758 do check the username validity only when a certificate is present. 2013-12-09 22:13:35 +01:00
Nikos Mavrogiannopoulos
b267ba203f adjusted severity 2013-12-09 22:10:29 +01:00
Nikos Mavrogiannopoulos
c5e656a916 simplified setting of additional configuration in the worker process 2013-12-09 19:59:46 +01:00
Nikos Mavrogiannopoulos
e367acc41d corrected typo 2013-12-09 19:56:50 +01:00
Nikos Mavrogiannopoulos
e2c5db109e doc update 2013-12-09 19:49:01 +01:00
Nikos Mavrogiannopoulos
480c5f5a44 do not require a certificate when authenticating with cookie and always-require-cert is set to false. 2013-12-09 19:47:52 +01:00
Nikos Mavrogiannopoulos
8f40c5c18e Added more verbose logging 2013-12-09 19:45:29 +01:00
Nikos Mavrogiannopoulos
3fbac00817 sec-mod ensures that requests come from the correct user. 2013-12-09 15:39:40 +01:00
Nikos Mavrogiannopoulos
665d390746 doc update 2013-12-09 15:39:23 +01:00
Nikos Mavrogiannopoulos
4f9a09a3ff doc update 2013-12-09 15:16:59 +01:00
Nikos Mavrogiannopoulos
6cb553e9a8 Added the net-priority configuration option. 
That option allows setting the protocol-defined priority (via SO_PRIORITY)
for the UDP and TCP sockets, per user/group or globally.
 2013-12-09 14:40:55 +01:00
Nikos Mavrogiannopoulos
74a566c540 enforce the RLIMIT_FSIZE and RLIMIT_AS 2013-12-09 11:44:22 +01:00
Nikos Mavrogiannopoulos
8148367e16 use iphdr only when available 2013-12-09 10:27:30 +01:00
Nikos Mavrogiannopoulos
f3dd34d409 doc update 2013-12-08 14:00:34 +01:00
Nikos Mavrogiannopoulos
bfb272ff99 do not return empty usernames 2013-12-08 13:57:02 +01:00
Nikos Mavrogiannopoulos
cd2a4d1abf Added test-pam (which is only run manually) 2013-12-08 13:42:57 +01:00
Nikos Mavrogiannopoulos
816c51c7d2 reduced fragility of the tests 2013-12-08 13:28:26 +01:00
Nikos Mavrogiannopoulos
32bfe5f6ae store temp files in a fixed dir 2013-12-08 13:07:10 +01:00
Nikos Mavrogiannopoulos
c256f14c33 Allow PAM to update username 2013-12-08 13:00:28 +01:00
Nikos Mavrogiannopoulos
babf53c442 explicitly initialize module 2013-12-08 12:43:59 +01:00
Nikos Mavrogiannopoulos
d407ef7978 removed newline from log messages 2013-12-08 11:37:27 +01:00
Nikos Mavrogiannopoulos
a30abe3bb7 Only add new leases to hash table (and print the assigned IPs). 2013-12-08 11:32:43 +01:00
Nikos Mavrogiannopoulos
d8f1ec4473 print more details on certificate verification failure. 2013-12-08 08:41:06 +01:00
Nikos Mavrogiannopoulos
842025c979 Conditionally include system specific headers. 2013-12-08 08:35:14 +01:00
Nikos Mavrogiannopoulos
56f10baad3 if no udp port is set do not bother sending DTLS info to client. 2013-12-07 20:42:36 +01:00
Nikos Mavrogiannopoulos
85eedc9f05 doc update 2013-12-07 18:58:56 +01:00
Nikos Mavrogiannopoulos
16629faffd removed unneeded include 2013-12-07 18:28:25 +01:00
Nikos Mavrogiannopoulos
8a919d236f udp-port can now be unset, and that will disable listening to UDP. 2013-12-07 17:44:31 +01:00
Nikos Mavrogiannopoulos
a53c4dba8e doc update 2013-12-06 17:52:38 +01:00
Nikos Mavrogiannopoulos
5929c7a171 doc update 2013-12-06 17:09:04 +01:00
Nikos Mavrogiannopoulos
55b6af3460 doc update 2013-12-06 16:17:48 +01:00
Nikos Mavrogiannopoulos
d4a56c6a33 initialize values prior to list_for_each() calls, to avoid static analysers complaints on garbage values. 2013-12-06 14:50:48 +01:00
Nikos Mavrogiannopoulos
b90c160b01 undefine LIST_HEAD and LIST_HEAD_INIT 2013-12-06 14:18:57 +01:00
Nikos Mavrogiannopoulos
f1ddf6729e bumped version 2013-12-06 10:11:58 +01:00
Nikos Mavrogiannopoulos
cde9324363 Use the correct sighandler definition on different systems. 2013-12-06 09:46:59 +01:00
Nikos Mavrogiannopoulos
190e81707e use regex for comparison 2013-12-05 20:53:35 +01:00
Nikos Mavrogiannopoulos
4eebd6eaa7 Added test case for the disconnection due to cookie re-use case. 2013-12-05 20:53:30 +01:00
Nikos Mavrogiannopoulos
8bb4e81f6f When a new connection presents a cookie of an existing session the previous session is disconnected. 2013-12-05 20:53:27 +01:00
Nikos Mavrogiannopoulos
d5dcee6fb0 fixed issue when compiling with -j 2013-12-05 20:53:24 +01:00
Nikos Mavrogiannopoulos
059458919d further increase the PAM stack size to allow for more complex PAM modules 2013-12-05 20:53:21 +01:00
Nikos Mavrogiannopoulos
3d5b15ccd3 properly initialize rnd IP to avoid valgrind complaints 2013-12-05 20:53:16 +01:00
Nikos Mavrogiannopoulos
d1a79b3fcd updated todo 2013-12-01 11:34:53 +01:00
Nikos Mavrogiannopoulos
a6298001bd doc update 2013-12-01 11:08:39 +01:00
Kevin Cernekee
972bce3bde README: Add info on build dependencies 2013-12-01 11:07:23 +01:00