1082 Commits

Author	SHA1	Message	Date
Nikos Mavrogiannopoulos	a8b32ed8f0	ensure that in all cases the tun fd is closed	2014-09-21 01:35:50 +02:00
Nikos Mavrogiannopoulos	0cd8002f0c	when a UDP packet error occurs print the IP of the packet	2014-09-20 00:04:01 +02:00
Nikos Mavrogiannopoulos	552e7b24e7	fail when a tun device has no name	2014-09-19 21:29:30 +02:00
Nikos Mavrogiannopoulos	d5d27b2379	updated comment	2014-09-10 22:38:25 +02:00
Nikos Mavrogiannopoulos	88fb5ab33c	reduced the severity of debug messages	2014-09-09 16:15:50 +02:00
Nikos Mavrogiannopoulos	0da35d20fa	added more debugging messages in pam module	2014-09-09 14:13:30 +02:00
Nikos Mavrogiannopoulos	913274b44e	pam messages made more specific	2014-09-09 13:48:39 +02:00
Nikos Mavrogiannopoulos	265e723cdb	send the IPv6 netmask in a compatible with cisco servers way	2014-09-09 09:36:48 +02:00
Nikos Mavrogiannopoulos	06c02caa02	In IPv6 send the prefix instead of the netmask ... That allows vpnc-script in windows to apply the correct settings.	2014-09-08 13:50:47 +02:00
Nikos Mavrogiannopoulos	c79eefcf9c	Revert "print the per-user RX and TX bytes from occtl" ... This reverts commit ecd6e316a9.	2014-09-03 19:15:08 +02:00
Nikos Mavrogiannopoulos	ecd6e316a9	print the per-user RX and TX bytes from occtl	2014-09-02 11:44:03 +02:00
Nikos Mavrogiannopoulos	a40c5afcc8	sec-mod-auth: don't print misleading message on session control	2014-09-01 00:45:20 +02:00
Nikos Mavrogiannopoulos	abe6d2d190	when the default group is selected, don't treat it as no selection	2014-08-28 10:08:42 +02:00
Nikos Mavrogiannopoulos	b52c49f133	doc update	2014-08-28 09:58:51 +02:00
Nikos Mavrogiannopoulos	91c0566523	made the comparison for XML fiels case insensitive ... Suggested by sskaje, based on an issue with the Anyconnect iOS client.	2014-08-28 09:26:27 +02:00
Nikos Mavrogiannopoulos	718fc4565a	avoid calling gnutls_record_get_discarded() when a DTLS session isn't available	2014-08-27 16:57:57 +02:00
Nikos Mavrogiannopoulos	77380a02b7	updated to protobuf 1.0.1	2014-08-25 21:54:59 +02:00
Nikos Mavrogiannopoulos	60bea96cce	corrected included protobuf's path, to align with protobuf 1.0.0	2014-08-24 08:15:42 +02:00
Nikos Mavrogiannopoulos	a186da0fdb	corrected typo	2014-08-23 18:28:42 +02:00
Nikos Mavrogiannopoulos	6f4f60db5a	added work-around for infinite loop if the UDP descriptor becomes invalid	2014-08-23 17:54:01 +02:00
Nikos Mavrogiannopoulos	817f757577	after fork restore the default signal mask	2014-08-22 15:23:16 +02:00
Nikos Mavrogiannopoulos	c567a129f4	worker: when the UDP socket is updated, update the DTLS session	2014-08-22 12:04:36 +02:00
Nikos Mavrogiannopoulos	e7f9f152bd	updated bsd's getpeereid() check to match the Linux behavior	2014-08-16 20:31:12 +02:00
Nikos Mavrogiannopoulos	9be381859d	worker: call sigprocmask() prior to entering main loop	2014-08-08 12:27:08 +02:00
Nikos Mavrogiannopoulos	f194a59ba3	protobuf-c: upgraded to 1.0.0	2014-08-05 16:24:03 +02:00
Nikos Mavrogiannopoulos	215f0d7254	only consider DTLS pending data if the UDP port is in active state ... That may address a possibility for an infinite loop.	2014-08-05 16:21:01 +02:00
Nikos Mavrogiannopoulos	c781bea7cd	user-profile is now allowed in per-user configuration	2014-07-31 14:57:09 +02:00
Nikos Mavrogiannopoulos	60dcb9d62f	/profiles request allows partial match	2014-07-27 14:05:19 +02:00
Nikos Mavrogiannopoulos	40d499ac1a	better error messages when certificate username limit is reached	2014-07-27 11:21:36 +02:00
Nikos Mavrogiannopoulos	6de26b9408	made macro usage safer ... That solves an issue where the pid_file would be overwritten on a configuration file reload.	2014-07-26 10:59:26 +02:00
Nikos Mavrogiannopoulos	6079cdb833	doc update	2014-06-28 22:59:29 +02:00
Nikos Mavrogiannopoulos	eb6e3fea81	doc update	2014-06-28 22:57:16 +02:00
Nikos Mavrogiannopoulos	def560ec75	doc: do not explicitly set serial number in generated certificate ... That would allow certtool to use a random one.	2014-06-28 22:48:51 +02:00
Nikos Mavrogiannopoulos	ff0e39bae1	pam: deinitialize co-routine when session is open to save memory	2014-06-28 20:49:30 +02:00
Nikos Mavrogiannopoulos	bb4f2ae453	pam: reduced default stack size	2014-06-28 20:45:43 +02:00
Nikos Mavrogiannopoulos	5aeab28cae	initialize str to null	2014-06-27 09:08:31 +02:00
Nikos Mavrogiannopoulos	53c7bbeb1d	ocserv: corrected debug message	2014-06-26 13:47:54 +02:00
Nikos Mavrogiannopoulos	309ad41475	ocserv: print the correct message when only selecting a group.	2014-06-26 13:46:31 +02:00
Nikos Mavrogiannopoulos	3de707b0fe	introduced str_append_printf()	2014-06-26 13:46:31 +02:00
Nikos Mavrogiannopoulos	4fa0053d54	ocserv: prompt the user for group selection even if only certificate authentication is used.	2014-06-26 13:46:31 +02:00
Nikos Mavrogiannopoulos	caa98a05fd	document how to convert key to pkcs12 file	2014-06-26 08:29:54 +02:00
Nikos Mavrogiannopoulos	3fac1c4e0c	search for group_list in addition to group%5flist ... That allows to read the group from AnyConnect clients.	2014-06-25 21:58:00 +02:00
Nikos Mavrogiannopoulos	e48ad13e82	Set the applicable DNS and NBNS servers in complete_vpn_info().	2014-06-25 10:11:00 +02:00
Nikos Mavrogiannopoulos	a144fde0e4	Eliminated the MAX_ROUTES requirement.	2014-06-25 10:05:34 +02:00
Nikos Mavrogiannopoulos	4a0b16fb98	Forward the appropriate DNS and NBNS values when using a per-user/group config.	2014-06-25 10:02:16 +02:00
Nikos Mavrogiannopoulos	4117bf2661	Use a more terse, but with more dynamic information version string.	2014-06-23 21:09:43 +02:00
Nikos Mavrogiannopoulos	0629345022	Avoid using snprintf() and simply use strcpy().	2014-06-23 17:30:15 +02:00
Nikos Mavrogiannopoulos	85288fd96f	Ignore the return code of snprintf(); it is useless.	2014-06-23 17:26:01 +02:00
Nikos Mavrogiannopoulos	1d2f36f9bf	When renegotiating, verify that any certificate received from the client contains the same username.	2014-06-13 15:08:40 +02:00
Nikos Mavrogiannopoulos	70623591d5	Seccomp is now compiled in by default, and can be enabled at run-time.	2014-06-12 15:35:45 +02:00