GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,592 Commits 19 Branches 88 Tags
cbc4dde44b684704339c1355580e72e1781a8161
Commit Graph

2592 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
cbc4dde44b tests: moved passwd files to data/ 2016-06-17 11:54:05 +02:00
Nikos Mavrogiannopoulos
f3a182dbdf tests: moved config files to data/ 2016-06-17 11:54:03 +02:00
Nikos Mavrogiannopoulos
5c88ee7715 tests: moved all certificates and keys in certs/ 2016-06-17 11:53:50 +02:00
Nikos Mavrogiannopoulos
0810cc0aa7 doc update ocserv_0_11_3 2016-06-16 08:49:52 +02:00
Nikos Mavrogiannopoulos
05badbea7a doc update 2016-06-16 08:28:42 +02:00
Nikos Mavrogiannopoulos
bb1ba34bdc ocserv-fw: updated with Lance LeFlore's version 2016-06-16 08:27:22 +02:00
Nikos Mavrogiannopoulos
c49b395a54 ocserv: better log message on terminating worker processes 2016-06-08 19:37:17 +02:00
Nikos Mavrogiannopoulos
aa27271f3b tests: remove the explicit docker pull commands from docker-common.sh 2016-06-08 17:01:48 +02:00
Nikos Mavrogiannopoulos
7a6a7c707a worker: wait for confirmation on messages sent during disconnect 
when disconnecting and sending stats and info to main and sec-mod
ensure that messages have been processed prior to exiting. That makes
sure that these messages are accounted and are not lost. This addresses
issue where the stats on disconnect were not properly reported to
sec-mod.
 2016-06-05 11:35:51 +02:00
Nikos Mavrogiannopoulos
d83c523661 sec-mod: process_packet -> process_worker_packet 2016-06-05 11:25:52 +02:00
Nikos Mavrogiannopoulos
1276ebeb48 ocserv: eliminated race condition with up/down scripts 
If a user is disconnected while the connect script is running,
kill the script and wait for its termination. If it successfully
terminated (exit code = 0) then run the user disconnect (down) script.
 2016-06-05 10:38:34 +02:00
Nikos Mavrogiannopoulos
ceed05b030 doc update 2016-06-05 10:14:34 +02:00
Nikos Mavrogiannopoulos
55cb72522a doc update 2016-06-04 20:03:40 +02:00
Nikos Mavrogiannopoulos
ab5d22c005 tests: added check for host-update-script being run 2016-06-04 20:02:15 +02:00
Nikos Mavrogiannopoulos
5c9cda67fb ocserv: added a host-update-script config option 
This option will set a script to be called once the user is
connected and provides a hostname to be used with his IP. That
script can be used to update a DNS server or so.

Relates #39
 2016-06-04 19:49:03 +02:00
Andrew Karpow
db31e9def3 ocserv: fix ipv6 tun control on OpenBSD 
This fixes ipv6 tunnel support on OpenBSD. OpenBSD network stack doesn't
enable the multicast flag on tun devices like FreeBSD - but this is
obligatory for ipv6.

Error message without this patch:
main: tun.c:260: tun0: Error setting IPv6: Invalid argument

Signed-off-by: Andrew Karpow <andy@ndyk.de>
 2016-06-01 22:10:51 +02:00
Nikos Mavrogiannopoulos
8c3990cfde doc update 2016-06-01 15:41:13 +02:00
Nikos Mavrogiannopoulos
9e4ee0551a ocserv: improved old openconnect version detection 
That is enhance detection to detect openconnect version 3 and _earlier_.

Resolves #51
 2016-06-01 15:37:17 +02:00
Nikos Mavrogiannopoulos
63e4500f09 bumped version 2016-05-29 11:57:33 +02:00
Nikos Mavrogiannopoulos
0c9feb2b8b Added travis automatic builds 2016-05-29 11:46:07 +02:00
Nikos Mavrogiannopoulos
c7200bb3cf configure.ac: reduced libtasn1 dependency to 3.4 
This allows building in travis systems.
 2016-05-29 11:46:02 +02:00
Nikos Mavrogiannopoulos
0ee0ef79fb documented the available URL handlers 2016-05-17 14:50:52 +02:00
Nikos Mavrogiannopoulos
788f40253b doc update 2016-05-17 14:47:36 +02:00
Nikos Mavrogiannopoulos
a9c5a8271c tests: added check for the CA certificate handler 2016-05-17 14:46:12 +02:00
Nikos Mavrogiannopoulos
f87871fc48 ocserv: added '/ca.pem' and '/ca.cer' HTTP handler 
This handler will return the server's CA certificate to the requester
in PEM and DER formats.
 2016-05-17 14:42:09 +02:00
Nikos Mavrogiannopoulos
edabd11b4a strcasestr.m4: explicitly unblock SIGALRM 
This works around an issue in the freebsd CI which fails on this test.
For some reason that signal is blocked while running the test.
 2016-05-17 13:11:48 +02:00
Nikos Mavrogiannopoulos
7b8e886502 ocserv: avoid calling exit() on signal handlers 2016-05-16 14:48:55 +02:00
Nikos Mavrogiannopoulos
7f65577fbd ocserv: enforce a default auth timeout value 
That is to prevent processes hanging on inactive sessions.
 2016-05-16 14:47:15 +02:00
Nikos Mavrogiannopoulos
465389a82a main-worker-cmd: more precise messages 2016-05-15 09:50:08 +02:00
Nikos Mavrogiannopoulos
db5b81c1b7 doc update 2016-05-14 20:39:58 +02:00
Nikos Mavrogiannopoulos
3a834fad26 occtl: print the cookie associated with a user on user info 
This allows to map existing cookies to connected users.
 2016-05-14 20:37:12 +02:00
Nikos Mavrogiannopoulos
f08b143398 memmem/strcasestr.m4: don't call exit() from signal handler 2016-05-13 11:29:49 +02:00
Nikos Mavrogiannopoulos
cb01bed65e Increased the minimum acceptable MTU size under IPv4 
This is because lower MTUs than 576 are unreasonable today, and RFC791
(from 1981) requires that all hosts must be prepared to receive 576-byte
datagrams.
 2016-05-11 17:01:40 +02:00
Nikos Mavrogiannopoulos
2a59aa87ea ocserv: on DTLS rehandshake or new fd reset the MTU 
This allows to avoid an indefinite drop of MTU without any possibility
to reset.
 2016-05-11 17:01:40 +02:00
Nikos Mavrogiannopoulos
4dabfe0afd doc update 2016-05-09 14:04:24 +02:00
Nikos Mavrogiannopoulos
a15fb587c8 doc: mention that restrict-user-* are experimental options 2016-05-09 12:44:49 +02:00
Nikos Mavrogiannopoulos
becd51e799 ocserv: corrected setting of UDP socket options 2016-05-09 12:12:09 +02:00
Nikos Mavrogiannopoulos
6b9b80e487 README.md: doc update 2016-05-01 00:39:30 +02:00
Nikos Mavrogiannopoulos
f77217f0f5 gnutls_pem_base64_encode2 was replaced with gnutls_pem_base64_encode_alloc 
The latter version is available in older GnuTLS versions than 3.4.0.
 2016-04-30 17:51:00 +02:00
Nikos Mavrogiannopoulos
106f0a4f5b doc update 2016-04-30 13:53:32 +02:00
Nikos Mavrogiannopoulos
6687220e48 tests: added check for cert handler validity 2016-04-30 13:53:32 +02:00
Nikos Mavrogiannopoulos
9a27c0537b sec-mod: when receiving invalid headers from main, bail out 2016-04-30 13:53:32 +02:00
Nikos Mavrogiannopoulos
43a7fe41b3 ocserv: added '/cert.pem' and '/cert.cer' HTTP handler 
This handler will return the server's certificate to the requester
in PEM and DER formats.
 2016-04-30 13:53:32 +02:00
Nikos Mavrogiannopoulos
e6c566ac76 doc update 2016-04-29 16:33:56 +02:00
Nikos Mavrogiannopoulos
5caf3f82ad .gitlab-ci.yml: enhanced separate build dir check with code coverage output 2016-04-29 16:33:41 +02:00
Nikos Mavrogiannopoulos
3f367c36bc ax_code_coverage.m4: updated to latest version 2016-04-29 16:33:36 +02:00
Nikos Mavrogiannopoulos
e142202583 README.md: updated build badge 2016-04-26 21:46:00 +02:00
Nikos Mavrogiannopoulos
4779fb0fa5 doc: updated copyright dates 2016-04-26 21:45:27 +02:00
Nikos Mavrogiannopoulos
3bc5c0607c doc update ocserv_0_11_2 2016-04-25 22:55:52 +02:00
Nikos Mavrogiannopoulos
46a53437d0 ocpasswd-test: updated grep check for more portability across systems 2016-04-19 16:57:08 +02:00