GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 00:37:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,540 Commits 19 Branches 88 Tags
d925276da8e6cb0298e0d30006fbd162e043ff03
Commit Graph

1540 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
4674508188 override the user's group prior to opening the group configuration file 
That prevented opening group configuration for users that had their
group in a certificate. Reported by Norbert Paschedag.
 2014-09-25 12:17:03 +02:00
Nikos Mavrogiannopoulos
bdcd27d13e optional-certificate was renamed to certificate[optional] 2014-09-25 10:36:46 +02:00
Nikos Mavrogiannopoulos
accdb24050 allow positive values to waitpid 2014-09-25 10:26:50 +02:00
Nikos Mavrogiannopoulos
f4de7e7757 increased the verbosity of shutdown messages 2014-09-25 10:04:00 +02:00
Nikos Mavrogiannopoulos
ba508b3d4d doc update 2014-09-24 13:13:12 +02:00
Nikos Mavrogiannopoulos
701559e4b0 Added self-tests for optional certificate authentication 2014-09-24 13:11:41 +02:00
Nikos Mavrogiannopoulos
365ca267d4 added new authentication mode optional-certificate 
That mode allows having only specific group of users that are required
to present a certificate.
 2014-09-24 12:41:31 +02:00
Nikos Mavrogiannopoulos
16cde4dc10 bumped version 2014-09-24 11:37:44 +02:00
Nikos Mavrogiannopoulos
93353f9ee6 doc update 2014-09-24 11:37:19 +02:00
Nikos Mavrogiannopoulos
67c76db309 replaced vasprintf() with correct variant 2014-09-24 11:36:30 +02:00
Nikos Mavrogiannopoulos
30bcf35576 Revert "license upgraded to GPLv3" 
This reverts commit 213f9a63ee.

Conflicts:
	configure.ac
 2014-09-24 11:34:15 +02:00
Nikos Mavrogiannopoulos
aeb0f1edd5 added test for unix socket operation 2014-09-24 11:33:25 +02:00
Nikos Mavrogiannopoulos
de486dbdfe Allow disabling the TCP port completely 2014-09-23 22:47:36 +02:00
Nikos Mavrogiannopoulos
f08612126d doc update 2014-09-23 22:40:37 +02:00
Nikos Mavrogiannopoulos
b479659836 do not allow the combination of AUTH_TYPE_CERTIFICATE and unix-conn-file 2014-09-23 22:33:37 +02:00
Nikos Mavrogiannopoulos
56bcfffed7 allow the group owner of the connection socket to access it 2014-09-23 16:42:30 +02:00
Nikos Mavrogiannopoulos
4ea5a56ace Allow the CSTP layer to operate without TLS 
That also introduces a unix domain socket under which connections to the
server can occur.
 2014-09-23 16:08:29 +02:00
Nikos Mavrogiannopoulos
ddcb609c5d corrected tun device closing order for BSD systems 2014-09-21 08:47:57 +02:00
Nikos Mavrogiannopoulos
f622f6696c use force_close() on server to avoid descriptor leaks 2014-09-21 01:40:36 +02:00
Nikos Mavrogiannopoulos
a8b32ed8f0 ensure that in all cases the tun fd is closed 2014-09-21 01:35:50 +02:00
Nikos Mavrogiannopoulos
0cd8002f0c when a UDP packet error occurs print the IP of the packet 2014-09-20 00:04:01 +02:00
Nikos Mavrogiannopoulos
552e7b24e7 fail when a tun device has no name 2014-09-19 21:29:30 +02:00
Nikos Mavrogiannopoulos
d5d27b2379 updated comment 2014-09-10 22:38:25 +02:00
Nikos Mavrogiannopoulos
88fb5ab33c reduced the severity of debug messages 2014-09-09 16:15:50 +02:00
Nikos Mavrogiannopoulos
0da35d20fa added more debugging messages in pam module 2014-09-09 14:13:30 +02:00
Nikos Mavrogiannopoulos
913274b44e pam messages made more specific 2014-09-09 13:48:39 +02:00
Nikos Mavrogiannopoulos
265e723cdb send the IPv6 netmask in a compatible with cisco servers way 2014-09-09 09:36:48 +02:00
Nikos Mavrogiannopoulos
06c02caa02 In IPv6 send the prefix instead of the netmask 
That allows vpnc-script in windows to apply the correct settings.
 2014-09-08 13:50:47 +02:00
Nikos Mavrogiannopoulos
aa6cacf041 TODO: updated 2014-09-04 16:55:37 +02:00
Nikos Mavrogiannopoulos
ab999fec4f doc update 2014-09-03 19:21:26 +02:00
Nikos Mavrogiannopoulos
1576a3195d modified rx test to an occtl test 2014-09-03 19:18:39 +02:00
Nikos Mavrogiannopoulos
c79eefcf9c Revert "print the per-user RX and TX bytes from occtl" 
This reverts commit ecd6e316a9.
 2014-09-03 19:15:08 +02:00
Nikos Mavrogiannopoulos
be50fb3ac1 updated full-test 2014-09-03 19:06:20 +02:00
Nikos Mavrogiannopoulos
9f42ae8da8 added test for RX data 2014-09-02 13:39:49 +02:00
Nikos Mavrogiannopoulos
ecd6e316a9 print the per-user RX and TX bytes from occtl 2014-09-02 11:44:03 +02:00
Nikos Mavrogiannopoulos
a40c5afcc8 sec-mod-auth: don't print misleading message on session control 2014-09-01 00:45:20 +02:00
Nikos Mavrogiannopoulos
898af172c2 full_test: requires building on debian due to gnutls symbol differences 2014-08-28 10:21:32 +02:00
Nikos Mavrogiannopoulos
186dcf5652 tests: added check for the DEFAULT group in test-pass-group-cert 2014-08-28 10:09:17 +02:00
Nikos Mavrogiannopoulos
abe6d2d190 when the default group is selected, don't treat it as no selection 2014-08-28 10:08:42 +02:00
Nikos Mavrogiannopoulos
b52c49f133 doc update 2014-08-28 09:58:51 +02:00
Nikos Mavrogiannopoulos
91c0566523 made the comparison for XML fiels case insensitive 
Suggested by sskaje, based on an issue with the Anyconnect iOS client.
 2014-08-28 09:26:27 +02:00
Nikos Mavrogiannopoulos
7c7f472f2b gnulib: added strcasestr 2014-08-28 09:21:49 +02:00
Nikos Mavrogiannopoulos
85e9e36e78 full-test: do not require --without-protobuf ocserv_0_8_4 2014-08-27 18:17:08 +02:00
Nikos Mavrogiannopoulos
36d49a524b bumped version 2014-08-27 18:10:38 +02:00
Nikos Mavrogiannopoulos
2d39b710f4 doc update 2014-08-27 18:09:33 +02:00
Nikos Mavrogiannopoulos
718fc4565a avoid calling gnutls_record_get_discarded() when a DTLS session isn't available 2014-08-27 16:57:57 +02:00
Nikos Mavrogiannopoulos
d4ca7ba6c2 full-test: require the --without-protobuf option 2014-08-27 16:43:08 +02:00
Nikos Mavrogiannopoulos
103a357f96 doc update 2014-08-25 21:55:39 +02:00
Nikos Mavrogiannopoulos
77380a02b7 updated to protobuf 1.0.1 2014-08-25 21:54:59 +02:00
Nikos Mavrogiannopoulos
70eea332ff check for stdnoreturn.h presence 2014-08-25 21:52:04 +02:00