GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,471 Commits 19 Branches 88 Tags
cbcd4c8279be99e6674319ac2202d777431144e5
Commit Graph

2471 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
cbcd4c8279 sup-config/file: Addressed issue with ipv4-network not reading prefix 
That is the syntax now accepts options such as:
"ipv4-network = x.x.x.x/y". Reported by Frank Rosquin.
 2016-02-23 14:47:41 +01:00
Nikos Mavrogiannopoulos
260b07955c tests: allow compilation with included protobuf 2016-02-23 14:19:02 +01:00
Nikos Mavrogiannopoulos
a2f031a018 Allow compilation with local libopts 2016-02-22 14:12:42 +01:00
Nikos Mavrogiannopoulos
ef2456ab85 allow compilation with included protobuf 2016-02-22 14:07:36 +01:00
Nikos Mavrogiannopoulos
f6f957487e main: fixed issue with disconnection reason logging 
It was logged before it was made known.
 2016-02-21 15:23:19 +01:00
Nikos Mavrogiannopoulos
96796fc6e2 Renamed proc_search_ip() to proc_search_single_ip() 
This better reflects the purpose of the function and will
prevent misuse.
 2016-02-21 13:25:02 +01:00
Nikos Mavrogiannopoulos
06d8d65249 overwrite the memory of every packed message 2016-02-21 12:43:44 +01:00
Nikos Mavrogiannopoulos
d9a72ce629 doc update 2016-02-21 12:43:42 +01:00
Nikos Mavrogiannopoulos
aa6bd829d4 increased the default cookie rekey time to 3 days 2016-02-21 12:43:20 +01:00
Nikos Mavrogiannopoulos
796b5e0648 doc update 2016-02-20 18:33:27 +01:00
Nikos Mavrogiannopoulos
5dce846fef occtl: fixed compilation issue in OpenBSD 
Reported by Björn Ketelaars.
 2016-02-20 18:29:34 +01:00
Nikos Mavrogiannopoulos
fc0b90f889 tun: fixed compilation issue in OpenBSD 
Reported by Björn Ketelaars.
 2016-02-20 18:26:16 +01:00
Nikos Mavrogiannopoulos
176bf532ec released 0.11.0 ocserv_0_11_0 2016-02-19 10:57:33 +01:00
Nikos Mavrogiannopoulos
a2655972e8 bumped version 2016-02-19 10:51:44 +01:00
Nikos Mavrogiannopoulos
837b5989f8 configure: depend on radcli 1.2.5 
Previous versions have a bug which caused crashes under certain
circumstances.
 2016-02-19 10:50:18 +01:00
Nikos Mavrogiannopoulos
0d91834624 tests: allow compilation without http-parser lib 2016-02-19 10:05:48 +01:00
Nikos Mavrogiannopoulos
b3fe8afe3a tests: added check for human_addr() output 2016-02-19 10:04:21 +01:00
Nikos Mavrogiannopoulos
029e42d07d moved human_addr2() to ip-util.c 2016-02-19 09:56:21 +01:00
Nikos Mavrogiannopoulos
007e390d63 doc update 2016-02-18 18:08:57 +01:00
Nikos Mavrogiannopoulos
d3ebbe6afb tlslib: don't use GNUTLS_X509_CRT_LIST_SORT; it is buggy 2016-02-18 16:50:42 +01:00
Nikos Mavrogiannopoulos
83dde24620 tests: reference debian testing by name 2016-02-14 14:50:49 +01:00
Nikos Mavrogiannopoulos
b130bd9214 config: increased the default auth-timeout value to 4mins 
This provides slow users more time to enter their username,
password.
 2016-02-13 14:49:08 +01:00
Nikos Mavrogiannopoulos
57d79d524b Allow compilation without http-parser library 2016-02-10 13:09:15 +01:00
Nikos Mavrogiannopoulos
89f02bad02 config: put kkdcp options into brackets 
That is not necessary for the existing examples, but may be
in future ones, as they may contain characters that libopts doesn't
like.
 2016-02-08 19:27:39 +01:00
Nikos Mavrogiannopoulos
fb79008695 released 0.11.0rc1 2016-02-03 09:44:45 +01:00
Nikos Mavrogiannopoulos
5dbe753512 tests: increase timeout for radius accounting report 2016-01-28 15:22:22 +01:00
Nikos Mavrogiannopoulos
9b165b9e06 doc update 2016-01-28 13:57:32 +01:00
Nikos Mavrogiannopoulos
336c2dc8cd bumped version to rc1 2016-01-28 13:57:27 +01:00
Nikos Mavrogiannopoulos
ff5b2b7aad Use 32-bit length variable for transferring between occtl and ocserv 
This allows to handle the transfer of long data between ocserv and occtl.
Reported by Liviu.

Resolves #29
 2016-01-28 13:53:21 +01:00
Nikos Mavrogiannopoulos
353bd39686 replaced select() calls will poll() calls 
This allows to handle descriptors more than the maximum limit
allowed by select(), and thus handle more clients than 1024.
 2016-01-28 13:53:08 +01:00
Nikos Mavrogiannopoulos
f035ae170d human_addr2: Avoid the usage of getnameinfo and use the simpler inet_ntop 
This simplifies the function.
 2016-01-27 16:11:37 +01:00
Nikos Mavrogiannopoulos
1e3171685b Added sanity checks to CMSG_DATA() access 2016-01-27 15:54:00 +01:00
Nikos Mavrogiannopoulos
43a8ba526f main: fixed IP unbanning 2016-01-27 14:36:39 +01:00
Nikos Mavrogiannopoulos
3389286f34 occtl: corrected the printing of IPv4 IP ban points 2016-01-27 14:32:46 +01:00
Nikos Mavrogiannopoulos
06b855533b main: don't exit on setrlimit() failures 
Exiting would prevent operation under valgrind.
 2016-01-27 14:25:15 +01:00
Nikos Mavrogiannopoulos
b66b1f6390 main: don't attempt to access client configuration if not already set 
This prevents crash introduced by cefd77b633
 2016-01-27 14:24:49 +01:00
Nikos Mavrogiannopoulos
22b7df3131 ip-lease: do not attempt to calculate more than FIXED_IPS predictable IPs per user 
That allows to have an unlimited number of connections per user.
 2016-01-27 14:03:14 +01:00
Nikos Mavrogiannopoulos
727fc31ede Immediately terminate on session_close() error 
This is not a recoverable error.
 2016-01-27 13:53:03 +01:00
Nikos Mavrogiannopoulos
0315aa7c4f main: terminate sec-mod after every worker process has been sent a signal 
That is to reduce any possible timeouts caused by a defunc sec-mod on
termination.
 2016-01-27 13:51:05 +01:00
Nikos Mavrogiannopoulos
ced5e9b3f4 sec-mod: ensure keys are always initialized to NULL 
Addresses crash due to b6df22c8c3
 2016-01-27 12:08:33 +01:00
Nikos Mavrogiannopoulos
d49d3f2253 tests: fixed test-sighup-key-change to be able to cope with diffent build dir 2016-01-27 11:56:50 +01:00
Nikos Mavrogiannopoulos
d6b2d1696c doc update 2016-01-27 11:20:00 +01:00
Nikos Mavrogiannopoulos
1941c52c24 main: destroy the event loop on fork 
This reduces memory used by worker processes.
 2016-01-27 11:18:46 +01:00
Nikos Mavrogiannopoulos
a1d67c48ba main: ensure we call ev_child_stop() on child cleanup handlers 2016-01-27 10:54:00 +01:00
Kevin Cernekee
8c2d6adde1 Return HTML error message on 404 
Currently ocserv's 404 errors show up as a blank page in most web
browsers.  Add a simple HTML error page.
 2016-01-27 10:00:06 +01:00
Kevin Cernekee
8bf668c0f7 Use helper functions to send common HTTP headers/responses 
Factor out duplicated code in the AnyConnect compatibility handlers.
 2016-01-27 09:58:47 +01:00
Nikos Mavrogiannopoulos
b3c9da4ce1 doc update 2016-01-26 12:51:33 +01:00
Nikos Mavrogiannopoulos
ed2edd65c5 tests: added check for certificate update on reload 2016-01-26 12:51:05 +01:00
Nikos Mavrogiannopoulos
b6df22c8c3 Reload the certificates and private keys on SIGHUP 
Until now this part of the configuration was static, but
there is the need to reload certificates and keys, e.g., on
renewal.
 2016-01-26 12:51:05 +01:00
Nikos Mavrogiannopoulos
0681aa1e3c main.h: corrected typo in comment 2016-01-25 11:23:16 +01:00