GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-03-11 07:17:02 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,906 Commits 17 Branches 89 Tags
dea550798dd92c8ff51610c197a0bc70fea84005
Commit Graph

1906 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
39494d54ed fixed sample.config 2015-02-21 16:59:52 +01:00
Nikos Mavrogiannopoulos
979a2be68f sec-mod: check for expiration time of -1 2015-02-21 16:51:34 +01:00
Nikos Mavrogiannopoulos
89ca2a3889 sec-mod: prevent an auth init message when not in inactive mode 2015-02-21 16:40:53 +01:00
Nikos Mavrogiannopoulos
06e0c69f1d sec-mod: maintainance time was increased to be over the default cookie expiration time 2015-02-21 16:34:55 +01:00
Nikos Mavrogiannopoulos
30300cf65e sec-mod: more verbose logging 2015-02-21 16:32:14 +01:00
Nikos Mavrogiannopoulos
218162458e sec-mod: corrected usage counting issue in client entries kept 2015-02-21 10:03:33 +01:00
Nikos Mavrogiannopoulos
349cced46f doc update 2015-02-21 08:25:58 +01:00
Nikos Mavrogiannopoulos
f3dc88f427 radius: improved log messages consistency 2015-02-21 08:20:35 +01:00
Nikos Mavrogiannopoulos
c1a6f4730b Added the configure option server-name 
If set it will be used to set the NAS_IDENTIFIER in radius.
 2015-02-21 08:20:16 +01:00
Nikos Mavrogiannopoulos
4e459c578a tests: use env variable to leave the docker image open 2015-02-20 14:06:57 +01:00
Nikos Mavrogiannopoulos
4a3668897d log http status replies 2015-02-20 14:06:28 +01:00
Nikos Mavrogiannopoulos
f3ba75146f renamed X-Support-SPNEGO to X-Support-HTTP-Auth 2015-02-20 12:28:36 +01:00
Nikos Mavrogiannopoulos
2557944bf0 eliminated unneeded variable 2015-02-19 19:29:03 +01:00
Nikos Mavrogiannopoulos
b8964373c8 radius-test: fixed wrong password test 2015-02-19 17:41:32 +01:00
Nikos Mavrogiannopoulos
ecf5ec3391 tests: added the kerberos libs as dependencies 2015-02-19 17:41:20 +01:00
Nikos Mavrogiannopoulos
d7b4a28325 radius: fixed config string parsing 2015-02-19 17:38:19 +01:00
Nikos Mavrogiannopoulos
35a586a85c tests: fixed explicit-ip check 2015-02-19 17:20:52 +01:00
Nikos Mavrogiannopoulos
98f88f2060 sec-mod-auth: use auth_user module function only when a module is available 2015-02-19 17:11:56 +01:00
Nikos Mavrogiannopoulos
08d4f7cfe3 tests: added PAM test suite 2015-02-19 17:08:24 +01:00
Nikos Mavrogiannopoulos
35817b9642 tests: added negative authentication checks 2015-02-19 16:03:56 +01:00
Nikos Mavrogiannopoulos
62be0ef470 tests: added kerberos-test 2015-02-19 15:41:04 +01:00
Nikos Mavrogiannopoulos
661d92cfc6 bumped version and updated NEWS 2015-02-19 15:31:55 +01:00
Nikos Mavrogiannopoulos
cc86c2d174 tests: added kerberos test suite 2015-02-19 15:27:58 +01:00
Nikos Mavrogiannopoulos
9a3be087b4 kkdcp: allow the handling of multiple realms per URL 2015-02-19 15:27:55 +01:00
Nikos Mavrogiannopoulos
5f1f0ce87e reduced level of command socket closed error 2015-02-19 15:27:52 +01:00
Nikos Mavrogiannopoulos
ab74201b99 gssapi: better log messages 2015-02-19 15:27:50 +01:00
Nikos Mavrogiannopoulos
4e9a329b59 pam: return empty message when not in the appropriate state 2015-02-19 15:27:47 +01:00
Nikos Mavrogiannopoulos
953241fc56 gssapi: require the localname to login 2015-02-19 15:27:42 +01:00
Nikos Mavrogiannopoulos
85de70c621 kkdcp: attempt to read the whole message 2015-02-19 15:27:40 +01:00
Nikos Mavrogiannopoulos
3e33936f0c corrected DER message construction 2015-02-19 15:27:37 +01:00
Nikos Mavrogiannopoulos
f591cb0181 sanitized strcmp check 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
7a46da3379 Use content-length: 0 when closing connection 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
fbce6f5924 when cookie is present avoid basic authentication 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
4a940145ad doc update 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
597d1a6a47 update username in GSSAPI 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
773d277802 kkdcp: perform the proper encoding and decoding on exchanged data 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
6334bada15 renamed urlfw to kkdcp 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
b5a0fe354f more specific log message 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
b300177eb7 Added max-password-retries config option 
That makes the number of retries prior to banning the IP
configurable.
 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
108d34f613 Ban an IP only when the MAX_PASSWORD_TRIES attempts have been exceeded 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
1fc59e0099 gssapi: better error printing and restrict to SPNEGO 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
1459f39790 X-Need-SPNEGO renamed to X-Support-SPNEGO 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
1f128219ae if gssapi authentication fails, switch to password auth if possible 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
06f2147155 prohibit worker from sending an auth_type of zero 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
c0ceeba0f8 Fail if authentication modules are changed on reload 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
bfeab4b015 Additional data are passed only to auth module's global_init 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
2d72c0a526 doc update 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
01ec22db27 Allow setting content-type urlfw, and allow tcp 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
ac4ca3cd70 updated documentation 2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos
494738dd55 Added url-fw config option 
That allows to specify a class of URLs where, if a client
POSTS to it, the data will be forwarded to the configured server,
and the client will receive its reply.
 2015-02-19 11:47:20 +01:00