GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-11 09:16:59 +08:00
Code Issues Packages Projects Releases Wiki Activity
643 Commits 19 Branches 88 Tags
cb5092e820332f49eeeaf8993bd52596aaaee062
Commit Graph

42 Commits

Author SHA1 Message Date
Nikos Mavrogiannopoulos
cb5092e820 Augmented cookie format to store the seeds used to generate IPv4 and IPv6 addresses. 
This ensures that if the IP previously used by a user is free, it will
be reassigned to him after a reconnection with the same cookie.
 2013-12-11 10:03:47 +01:00
Nikos Mavrogiannopoulos
c6a08db6db Added support for cgroups 2013-12-10 11:07:08 +01:00
Nikos Mavrogiannopoulos
8bb4e81f6f When a new connection presents a cookie of an existing session the previous session is disconnected. 2013-12-05 20:53:27 +01:00
Nikos Mavrogiannopoulos
85f4db201c updated license information and authors 2013-11-05 19:38:30 +01:00
Nikos Mavrogiannopoulos
ac1621df0b Corrected behavior on error during receiving a UDP fd. 2013-10-31 11:44:36 +01:00
Nikos Mavrogiannopoulos
929b8dcaec Avoid forwarding the UDP fd within a minute. That is to avoid duplicate messages messing the worker session. 2013-10-31 09:30:44 +01:00
Nikos Mavrogiannopoulos
aa71216a65 updates in hash table usage. 2013-10-30 13:00:19 +01:00
Nikos Mavrogiannopoulos
3c583e3a35 Added the 'iroute' directive to allow routes set on server. 2013-10-29 11:37:57 +01:00
Nikos Mavrogiannopoulos
2480a2cf58 Increased the number of directives allowed in group and user configurations. 2013-10-29 09:39:06 +01:00
Nikos Mavrogiannopoulos
00554b2f28 Allow loading additional configuration files per user or per group. 
The directives currently allowed are: ipv4/6_dns and route.
 2013-10-28 11:43:05 +01:00
Mike Miller
5e0e286c27 Fix typo maintainance -> maintenance 2013-07-23 21:33:18 +02:00
Nikos Mavrogiannopoulos
b4982477d4 Put a limit in the number of allowed authentication requests, and increased size of stack for co-routines. 2013-07-06 14:29:06 +02:00
Nikos Mavrogiannopoulos
718ccd79c1 better function names and parameter order 2013-07-05 12:01:35 +02:00
Nikos Mavrogiannopoulos
f4c5a54d39 leases belong to users as well. That way IPs are properly re-used. 2013-07-01 14:18:27 +02:00
Nikos Mavrogiannopoulos
126c52ab5c Cookies are no longer persistent 2013-07-01 12:18:51 +02:00
Nikos Mavrogiannopoulos
4f202afefc small fixes to avoid relying on properly null-terminated strings. 2013-06-26 16:54:12 +02:00
Nikos Mavrogiannopoulos
e5def94e6a Advanced auth implemented 2013-06-26 16:28:35 +02:00
Nikos Mavrogiannopoulos
e679fd643f reorganized HTTP header reading. 2013-05-17 20:07:58 +02:00
Nikos Mavrogiannopoulos
5a4ce846b7 The TLS private keys are kept into a privileged process. 
That process is called security-module (sec-mod) and communicates
with the workers using a unix domain socket.
 2013-03-15 17:47:38 +01:00
Nikos Mavrogiannopoulos
b552f27ddb Do not let scripts block the server operation. 2013-03-13 19:18:52 +01:00
Nikos Mavrogiannopoulos
432a2da897 Allow setting a reconnection delay time after a failed authentication attempt (added min-reauth-time option). 2013-03-04 19:42:10 +01:00
Nikos Mavrogiannopoulos
6b70200777 When the cookie DB is full enforce maintainance. 2013-02-14 08:04:48 +01:00
Nikos Mavrogiannopoulos
7270341e62 write the correct PID in pid file 2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos
e8f6332f36 Use PAM account management and added support for user groups. 2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos
121b2491aa HUP signal reloads configuration 2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos
356da3fbe4 connect occurs before sending the fd to worker. 2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos
184b8d7a66 enforce maximum number of same clients 2013-02-09 20:23:46 +01:00
Nikos Mavrogiannopoulos
d1946bbb3c MTU is now set via the main server 2013-02-08 22:17:46 +01:00
Nikos Mavrogiannopoulos
4434fd70fe several updates in cookies, and tun handling. 2013-02-08 18:22:18 +01:00
Nikos Mavrogiannopoulos
bacf821953 cleaned up TLS code which was moved to tlslib 2013-02-08 18:20:17 +01:00
Nikos Mavrogiannopoulos
14460456e7 gdbm was re-added and made optional. 2013-02-07 20:43:11 +01:00
Nikos Mavrogiannopoulos
1cb7ab38e9 Use a single UDP port in the server. 
Several modifications to use a single UDP port in the server. This
is currently done using a hack, i.e., pass the UDP socket to worker,
close it on the main server and then re-open it (using REUSEADDR).

Also several updates in TUN handling to allow more than one clients connecting.
 2013-02-07 17:49:51 +01:00
Nikos Mavrogiannopoulos
4370f88001 dropped dependency on gdbm. Cookies are stored in a hash. 2013-02-07 00:57:17 +01:00
Nikos Mavrogiannopoulos
e380053caa Added explicit logging to UTMP file. 2013-02-06 20:18:53 +01:00
Nikos Mavrogiannopoulos
10d9b144be Use CCAN hashes and lists. 2013-02-06 09:20:08 +01:00
Nikos Mavrogiannopoulos
1e0bcc269d reorganized headers 2013-02-05 22:11:38 +01:00
Nikos Mavrogiannopoulos
40c9a094a7 store hostname of the user, and pass it to scripts. 2013-02-05 21:21:40 +01:00
Nikos Mavrogiannopoulos
1759016be5 call connect script with explicit lease 2013-02-05 19:45:09 +01:00
Nikos Mavrogiannopoulos
f5507a7161 clear all fds and mem prior to exec 2013-02-04 20:56:35 +01:00
Nikos Mavrogiannopoulos
61ae5a9c06 Added connect and disconnect scripts 2013-02-04 20:43:28 +01:00
Nikos Mavrogiannopoulos
ceca403691 Added automatic TLS session expiration. 2013-02-04 19:16:04 +01:00
Nikos Mavrogiannopoulos
1fb76ce890 Added session resumption to TLS server. 2013-02-03 21:23:29 +01:00