GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 08:46:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,246 Commits 19 Branches 88 Tags
ce66485ee6eb50fe30b9187b60c818d8353dd337
Commit Graph

3246 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
91de6c889e Merge branch 'tmp-coverity' into 'master' 
.gitlab-ci.yml: coverity jobs only run on schedules

See merge request openconnect/ocserv!138
 2020-02-22 23:21:16 +00:00
Nikos Mavrogiannopoulos
bc092793f0 .gitlab-ci.yml: coverity jobs only run on schedules 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-22 23:43:48 +01:00
Nikos Mavrogiannopoulos
6ad8da8671 Merge branch 'tmp-ubuntu18' into 'master' 
added ubuntu18 build and minor cleanup

See merge request openconnect/ocserv!136
 2020-02-22 22:21:56 +00:00
Nikos Mavrogiannopoulos
c3ff69e7c4 added ubuntu18 build and minor cleanup 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-22 22:43:55 +01:00
Nikos Mavrogiannopoulos
2932043dd9 Merge branch 'issue244' into 'master' 
ocserv-main should limit the maximum message size a client can send

Closes #244

See merge request openconnect/ocserv!132
 2020-02-20 16:47:52 +00:00
Nikos Mavrogiannopoulos
f333e600b5 Merge branch 'issue247' into 'master' 
Resolves: #247 - Bound negotiated MTU between RFC 791 defined minimum and configured maximum.

Closes #247

See merge request openconnect/ocserv!135
 2020-02-20 16:46:07 +00:00
Alan Jowett
87b1dc65ba Bound negotited MTU between RFC 791 defined minumum and configured maximum. 
Resolves: #247

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2020-02-19 15:26:55 -07:00
Alan Jowett
f410a5c637 ocserv-main should limit the maximum message size a client can send 
Resolves: #244

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2020-02-19 15:11:03 -07:00
Nikos Mavrogiannopoulos
c4f9d6cffb Merge branch 'tmp-fix-disconnect-script' into 'master' 
tests: try to reproduce #231

See merge request openconnect/ocserv!127
 2020-02-19 21:55:19 +00:00
Nikos Mavrogiannopoulos
d852195e64 tests: reproduce #231 
This modifies test-pass-script to force a DPD timeout to
verify whether ${IP_REMOTE} is set on the disconnect script.

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-19 22:17:31 +01:00
Alan Jowett
8d1aa343b4 Ban score should always increase. 
Resolves: #246

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2020-02-15 21:12:19 +01:00
Nikos Mavrogiannopoulos
17957ed98f Merge branch 'tmp-reorg-gitlab-ci-yml' into 'master' 
.gitlab-ci.yml: avoid the use of '&&'

See merge request openconnect/ocserv!131
 2020-02-13 22:39:16 +00:00
Nikos Mavrogiannopoulos
d28846404d Merge branch 'tmp-centos8' into 'master' 
.gitlab-ci.yml: added centos8 build

See merge request openconnect/ocserv!129
 2020-02-13 22:15:17 +00:00
Nikos Mavrogiannopoulos
5aea4680f5 Merge branch 'tmp-check-multi-users' into 'master' 
tests: added test to check whether server blocks if script blocks

Closes #241

See merge request openconnect/ocserv!126
 2020-02-13 22:15:06 +00:00
Nikos Mavrogiannopoulos
a6994ef1e7 .gitlab-ci.yml: specify the master branch coverity and web pages generation runs 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 23:04:38 +01:00
Nikos Mavrogiannopoulos
613242f343 .gitlab-ci.yml: added epel8 rpm build 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 23:02:55 +01:00
Nikos Mavrogiannopoulos
476638a52a .gitlab-ci.yml: avoid the use of '&&' 
gitlab CI will often mask a failure when multiple '&&' are
present.

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 22:50:00 +01:00
Nikos Mavrogiannopoulos
f4126fa095 .gitlab-ci.yml: change raddb permissions 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 22:45:42 +01:00
Nikos Mavrogiannopoulos
a8d34a80b9 tests: radius: save log on CI failure 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 22:25:13 +01:00
Nikos Mavrogiannopoulos
fc901e03c4 .gitlab-ci.yml: use parallel builds 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-13 22:06:22 +01:00
Nikos Mavrogiannopoulos
243c5e9fa2 .gitlab-ci.yml: added centos8 build 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2020-02-11 12:33:39 +01:00
Nikos Mavrogiannopoulos
1bce6526f3 updated NEWS entries [ci skip] 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-07 22:50:00 +01:00
Nikos Mavrogiannopoulos
ebe7c3bfb4 tests: added test to check whether server blocks if script blocks 
This test verifies that the server will continue to operate
even if the up script will block indefinitely.

Resolves: #241

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-07 22:46:21 +01:00
Nikos Mavrogiannopoulos
cd4aac2305 inih: updated to latest version 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-07 22:43:51 +01:00
Nikos Mavrogiannopoulos
0402df11de config: avoid crash on invalid entries 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-02-07 22:43:51 +01:00
Nikos Mavrogiannopoulos
ea3f6900c1 common.sh: print message when script cannot run 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2020-02-07 17:12:59 +01:00
Nikos Mavrogiannopoulos
1a6776c3a7 doc: updated ronn usage and fail when manpage cannot be generated 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2020-02-07 17:12:59 +01:00
Nikos Mavrogiannopoulos
9bd3c136e1 .gitlab-ci.yml: run jobs on linux only 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-01-26 09:25:44 +01:00
Nikos Mavrogiannopoulos
1d7a7088bf released 0.12.6 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
0.12.6 ocserv_0_12_6 		2019-12-28 20:19:44 +01:00
Nikos Mavrogiannopoulos
0f0a1b58e7 AUTHORS: updated mailmap [ci skip] 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2019-12-28 20:18:42 +01:00
Nikos Mavrogiannopoulos
79f6671237 doc update 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-12-28 20:14:59 +01:00
Nikos Mavrogiannopoulos
b94449211f AUTHORS: auto-generate 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-12-27 22:53:22 +01:00
Nikos Mavrogiannopoulos
4e5c9ad6c8 README.md: updated badge URI 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-12-17 16:07:18 +01:00
Nikos Mavrogiannopoulos
a3fe249541 Merge branch 'tmp-add-openat' into 'master' 
seccomp: allow openat()

Closes #185

See merge request openconnect/ocserv!123
 2019-12-17 15:05:27 +00:00
Nikos Mavrogiannopoulos
95991950c9 Merge branch 'tmp-check-multi-users' into 'master' 
check_multiple_users: do not account disconnected ones

Closes #223

See merge request openconnect/ocserv!122
 2019-12-17 15:04:35 +00:00
Nikos Mavrogiannopoulos
58836af0f3 seccomp: allow openat() 
It seems some libc uses openat() directly when open()
is called.

Resolves: #185

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-12-16 21:30:37 +01:00
Nikos Mavrogiannopoulos
55d5af2ebc check_multiple_users: do not account disconnected ones 
When max-same-clients is set to 1 and a user re-using a cookie
connects, check_multiple_users() would prevent the user from
reconnecting. This corrects the issue by taking into account
only valid sessions that have not yet been disconnected.

Resolves: #223

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-12-16 21:30:24 +01:00
Nikos Mavrogiannopoulos
935818346d seccomp: work around API breakage in libseccomp 2.4.2 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2019-12-16 21:30:11 +01:00
Nikos Mavrogiannopoulos
cfa62cf6b4 Merge branch 'tmp-test-kerberos' into 'master' 
tests: added kerberos test case

See merge request openconnect/ocserv!116
 2019-12-12 15:29:35 +00:00
Nikos Mavrogiannopoulos
714688879d maxmind: added license 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-12-12 14:59:53 +01:00
Nikos Mavrogiannopoulos
f68a44e5fd Merge branch 'new-ua' into 'master' 
Adapt UA detection for newer AnyConnect versions

See merge request openconnect/ocserv!121
 2019-12-07 13:23:07 +00:00
Nikos Mavrogiannopoulos
9b1e9aeeb4 Merge branch 'tmp-split-dns' into 'master' 
ocserv: added support for per-user split-dns directive

Closes #229

See merge request openconnect/ocserv!120
 2019-12-07 13:22:22 +00:00
Marcos Del Sol Vives
fa253b7741 Adapt UA detection for newer AnyConnect versions 
Signed-off-by: Marcos Del Sol Vives <marcos@orca.pet>
 2019-12-02 17:17:21 +01:00
Nikos Mavrogiannopoulos
c9e907c841 tests: replaced docker-based kerberos test case with one that runs in CI 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 14:51:21 +01:00
Nikos Mavrogiannopoulos
ea845a57fc tests: clean-up pam server initiation 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 11:10:19 +01:00
Nikos Mavrogiannopoulos
4bcf29643d ocserv: added support for per-user split-dns directive 
Resolves: #229

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 11:06:47 +01:00
Nikos Mavrogiannopoulos
6739529e05 Merge branch 'tmp-anyconnect' into 'master' 
Improve IPv6 support for anyconnect clients

See merge request openconnect/ocserv!119
 2019-11-17 10:03:18 +00:00
Leendert van Doorn
f73269175a AnyConnect clients expect a different verb (X-CSTP-DNS-IP6) for passing IPv6 DNS addresses. 
Signed-off-by: Leendert van Doorn <leendert@paramecium.org>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 09:07:16 +01:00
Leendert van Doorn
e9b79254e7 Detect AnyConnect clients and allow IPV6 routes to be passed through. 
Signed-off-by: Leendert van Doorn <leendert@paramecium.org>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-11-17 09:01:53 +01:00
Nikos Mavrogiannopoulos
cb138ede03 sample.config: documented script exit code handling [ci skip] 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2019-10-30 08:24:06 +01:00