GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 00:37:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,540 Commits 19 Branches 88 Tags
d925276da8e6cb0298e0d30006fbd162e043ff03
Commit Graph

1082 Commits

Author SHA1 Message Date
Aron Xu
d4b6d97697 Replace LIBSYSTEMD_DAEMON with LIBSYSTEMD 
Signed-off-by: Aron Xu <aron@debian.org>
 2015-01-24 10:15:05 +01:00
Aron Xu
aeb034222a Update call parameters of str_init() for --with-dbus 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
 2015-01-24 08:50:50 +01:00
Nikos Mavrogiannopoulos
cbcb9a6a7d doc update 2015-01-21 15:13:11 +01:00
Nikos Mavrogiannopoulos
c907496136 worker: calculate MTU prior to sending IPv6 addresses 
That way we can disable IPv6 if the calculated MTU size is
less than the allowed by IPv6.
 2015-01-21 10:28:45 +01:00
Nikos Mavrogiannopoulos
ac80bbdbf0 include http-heads.h into ocserv's sources 2015-01-21 07:51:03 +01:00
Nikos Mavrogiannopoulos
bcef2eb16b doc update 2015-01-20 14:26:42 +01:00
Nikos Mavrogiannopoulos
c0cd87b0e3 properly disable safe_fork 2015-01-20 10:40:16 +01:00
Nikos Mavrogiannopoulos
2a25795170 corrected isolate-workers typo 2015-01-20 10:40:09 +01:00
Nikos Mavrogiannopoulos
ec1ee46250 ocpasswd: attempt to use sha2crypt only in glibc 
uclibc's crypt(3) is so dumb it will not error if
$5$ is specified as salt, but not supported.
 2015-01-19 14:46:37 +01:00
Nikos Mavrogiannopoulos
0ce83be801 ocpasswd: corrected fallback to MD5 crypt 2015-01-19 14:46:35 +01:00
Nikos Mavrogiannopoulos
cb5499a6b7 only define safe_fork() in systems with linux namespaces 2015-01-19 10:49:01 +01:00
Nikos Mavrogiannopoulos
c954e45e53 silence debugging messages from sec-mod when not in debug 2015-01-18 17:34:59 +01:00
Nikos Mavrogiannopoulos
5179a064ab doc update 2015-01-18 16:51:34 +01:00
Nikos Mavrogiannopoulos
310855cb7c move more http-related functions to worker-http 2015-01-16 11:55:17 +01:00
Nikos Mavrogiannopoulos
6d1f848e1d updated copyright information in LZS code 2015-01-16 11:17:52 +01:00
Nikos Mavrogiannopoulos
0638d85631 combined parsing of CSTP and DTLS encoding 2015-01-16 11:12:16 +01:00
Nikos Mavrogiannopoulos
4a372f4e05 Replace header_check() mess with a gperf table 2015-01-16 11:07:10 +01:00
Nikos Mavrogiannopoulos
dcf47899e0 Moved HTTP parts of worker to worker-http.c 2015-01-16 10:56:35 +01:00
Nikos Mavrogiannopoulos
04a9381068 Compression is disabled by default 2015-01-16 10:45:53 +01:00
Nikos Mavrogiannopoulos
d3159c6973 lzs.h: added license 2015-01-16 10:23:00 +01:00
Nikos Mavrogiannopoulos
85d3162f45 Added support for LZS 2015-01-15 22:58:17 +01:00
Nikos Mavrogiannopoulos
8d2a562af1 increased MIN_NO_COMPRESS_LIMIT 2015-01-15 21:00:32 +01:00
Nikos Mavrogiannopoulos
eddb0b9297 fixed compression to use the correct start of buffer 2015-01-15 20:21:10 +01:00
Nikos Mavrogiannopoulos
24f348226f only enforce undumpable if we are not debugging 2015-01-15 19:18:59 +01:00
Nikos Mavrogiannopoulos
6f714d6f2e report the compression algorithms to occtl 2015-01-15 19:04:43 +01:00
Nikos Mavrogiannopoulos
048b25ba45 Made the no-compress-limit configurable 2015-01-15 18:31:33 +01:00
Nikos Mavrogiannopoulos
67f621976b Allow compression to fail, and in that case send uncompressed packets 
That allows to cancel compression early, if it seems to expand the
packet. Suggested by David Woodhouse.
 2015-01-15 17:43:48 +01:00
Nikos Mavrogiannopoulos
7f997cc3fc only transmit a compressed packet, if it reduces the size 2015-01-15 17:13:26 +01:00
Nikos Mavrogiannopoulos
27168673f0 added option to disable compression 2015-01-15 16:42:29 +01:00
Nikos Mavrogiannopoulos
850181ed4e Moved negotiation/parsing of parameters using HTTP headers to worker-extras.c 2015-01-15 16:42:17 +01:00
Nikos Mavrogiannopoulos
3c023ffe5e Added support for LZ4 compression 2015-01-15 16:39:36 +01:00
Nikos Mavrogiannopoulos
831abcb76d corrected typo 2015-01-15 16:34:58 +01:00
Nikos Mavrogiannopoulos
fe848ad153 replaced use-seccomp by isolate-workers 
That, if enabled, includes the Linux namespaces restrictions into workers.
 2015-01-15 10:25:23 +01:00
Nikos Mavrogiannopoulos
7a51462abd reorganized to avoid compiler warnings 2015-01-15 09:59:38 +01:00
Nikos Mavrogiannopoulos
65a4646d2f include linux/sched.h to compile on systems with older libc 2015-01-15 09:55:51 +01:00
Nikos Mavrogiannopoulos
8b65df1ce3 remove the CLONE_NEWNET isolation option as it's performance cost is too high 2015-01-14 21:05:19 +01:00
Nikos Mavrogiannopoulos
4dee583e29 In linux run the server in it's own container with separate IPC and PID namespace 2015-01-14 17:08:01 +01:00
Nikos Mavrogiannopoulos
b124f68f12 do not allow the processes to be traced in linux 
That would prevent a worker process tracing one
from another user.
 2015-01-13 22:44:08 +01:00
Nikos Mavrogiannopoulos
a02dbb1fb2 removed unneeded variable 2015-01-12 10:53:47 +01:00
Nikos Mavrogiannopoulos
9f619b3a79 corrected check for non-empty pull buffer 2015-01-12 10:50:10 +01:00
Nikos Mavrogiannopoulos
4a56dd95c9 prevent a memory leak when multiple fds are received in short time 2015-01-12 10:45:37 +01:00
Nikos Mavrogiannopoulos
8c24dd8dd7 occtl: re-arranged user-agent and MTU printing 2015-01-11 12:42:08 +01:00
Nikos Mavrogiannopoulos
9477340b86 added more precise match of version 2015-01-11 12:40:04 +01:00
Nikos Mavrogiannopoulos
406c171069 avoid repeating username in logs 2015-01-11 12:28:01 +01:00
Nikos Mavrogiannopoulos
2f3d520c85 do not enforce PFS on default strings 
That allows legacy clients connect.
 2015-01-11 12:22:27 +01:00
Nikos Mavrogiannopoulos
c3417f0830 simplified DTLS fd handling and dtls_pull() 2015-01-11 11:40:22 +01:00
Nikos Mavrogiannopoulos
a04599afc8 always forward the first message when forwarding fd 2015-01-11 11:33:44 +01:00
Nikos Mavrogiannopoulos
41d61c4225 cleanups 2015-01-11 11:27:06 +01:00
Nikos Mavrogiannopoulos
286ea8ff7b only set IPV6_RECVPKTINFO on IPv6 sockets 2015-01-11 10:57:02 +01:00
Nikos Mavrogiannopoulos
a4c2967e02 simplified forward_udp_to_owner() by introducing oc_recvfrom_at() 2015-01-11 10:53:29 +01:00