GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
329 Commits 19 Branches 88 Tags
e0a7ad9fe6c744700be62356e1d36c58d8253a6e
Commit Graph

48 Commits

Author SHA1 Message Date
Nikos Mavrogiannopoulos
e0a7ad9fe6 Added X-CSTP-Default-Domain option. 2013-05-06 10:56:21 +03:00
Nikos Mavrogiannopoulos
6ee0af050c corrected bug in anyconnect compat 2013-04-29 02:27:29 +03:00
Nikos Mavrogiannopoulos
947214a9a4 Added config file option ping-leases. 2013-04-29 00:12:37 +03:00
Nikos Mavrogiannopoulos
c1db9b9711 deinitialize memory taken by configuration parser. 2013-03-24 08:46:16 +01:00
Nikos Mavrogiannopoulos
55c62d25b9 use quotes when printing password file 2013-03-17 09:56:07 +01:00
Nikos Mavrogiannopoulos
5a4ce846b7 The TLS private keys are kept into a privileged process. 
That process is called security-module (sec-mod) and communicates
with the workers using a unix domain socket.
 2013-03-15 17:47:38 +01:00
Nikos Mavrogiannopoulos
b552f27ddb Do not let scripts block the server operation. 2013-03-13 19:18:52 +01:00
Nikos Mavrogiannopoulos
0c4b013b3f Added plain password format 2013-03-12 23:40:11 +01:00
Nikos Mavrogiannopoulos
23977b5359 Added ability to specify multiple certificate and key pairs. 2013-03-07 09:51:50 +01:00
Nikos Mavrogiannopoulos
a0f1867c58 Allow setting DH parameters. 2013-03-07 09:19:25 +01:00
Nikos Mavrogiannopoulos
f828de76b4 Exit when mandatory configuration options are not present 2013-03-06 23:46:05 +01:00
Nikos Mavrogiannopoulos
b2e8137dde rate-limit-ms is no longer mandatory to set 2013-03-06 23:43:51 +01:00
Nikos Mavrogiannopoulos
6c54a37e69 Allow setting OCSP responses. 2013-03-05 01:42:25 +01:00
Nikos Mavrogiannopoulos
432a2da897 Allow setting a reconnection delay time after a failed authentication attempt (added min-reauth-time option). 2013-03-04 19:42:10 +01:00
Nikos Mavrogiannopoulos
ecd90b533e Allow setting a rate limit on the number of connections. 2013-03-04 06:23:58 +01:00
Nikos Mavrogiannopoulos
62392660cd Anyconnect client compatibility is optional. 2013-03-02 15:35:16 +01:00
Nikos Mavrogiannopoulos
9900ff6060 simplified certificate request and require setting. 2013-03-01 23:39:47 +01:00
Nikos Mavrogiannopoulos
f532a7275c corrected cert require rule 2013-03-01 22:01:18 +01:00
Nikos Mavrogiannopoulos
ef18851237 Added option to allow sending a cookie without the corresponding certificate. 
This option is required for the cisco clients, that do not always use the
client certificate. When this option is set to false it means that the cookie
itself is sufficient for authentication. This is bad practice of smart cards
are in use.
 2013-03-01 21:54:49 +01:00
Nikos Mavrogiannopoulos
41e8d020b5 Several updates to handle URLs requested by the cisco client. 2013-03-01 19:52:10 +01:00
Nikos Mavrogiannopoulos
83c9793033 include banner in the XML success message. 2013-02-27 22:29:10 +01:00
Nikos Mavrogiannopoulos
833b1979ec Banner was made configurable. 2013-02-27 19:16:46 +01:00
Nikos Mavrogiannopoulos
d06de0c46b Allow setting NBNS. 2013-02-24 11:24:14 +01:00
Nikos Mavrogiannopoulos
628877881d Added configuration options for PIN files. 2013-02-18 23:47:20 +01:00
Nikos Mavrogiannopoulos
ba80139452 mtu discovery via DPD is optional 2013-02-16 16:46:37 +01:00
Nikos Mavrogiannopoulos
7270341e62 write the correct PID in pid file 2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos
e8f6332f36 Use PAM account management and added support for user groups. 2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos
121b2491aa HUP signal reloads configuration 2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos
184b8d7a66 enforce maximum number of same clients 2013-02-09 20:23:46 +01:00
Nikos Mavrogiannopoulos
429b0bb213 Set a default config file. 2013-02-09 20:10:01 +01:00
Nikos Mavrogiannopoulos
8b2ae25e58 Added PID file 2013-02-09 20:06:10 +01:00
Nikos Mavrogiannopoulos
519f0a13ef Several changes to compile on old linux kernels, and in constrained libgnutls libraries 2013-02-09 12:15:55 +01:00
Nikos Mavrogiannopoulos
5f4b8711ef Added configurable DPD 2013-02-08 21:51:58 +01:00
Nikos Mavrogiannopoulos
14460456e7 gdbm was re-added and made optional. 2013-02-07 20:43:11 +01:00
Nikos Mavrogiannopoulos
1cb7ab38e9 Use a single UDP port in the server. 
Several modifications to use a single UDP port in the server. This
is currently done using a hack, i.e., pass the UDP socket to worker,
close it on the main server and then re-open it (using REUSEADDR).

Also several updates in TUN handling to allow more than one clients connecting.
 2013-02-07 17:49:51 +01:00
Nikos Mavrogiannopoulos
4370f88001 dropped dependency on gdbm. Cookies are stored in a hash. 2013-02-07 00:57:17 +01:00
Nikos Mavrogiannopoulos
e380053caa Added explicit logging to UTMP file. 2013-02-06 20:18:53 +01:00
Nikos Mavrogiannopoulos
99824ebd94 corrected DTLS packet handling. 2013-02-05 23:56:28 +01:00
Nikos Mavrogiannopoulos
03edf5b5bc changes to enable VPN functionality. 2013-02-05 21:03:40 +01:00
Nikos Mavrogiannopoulos
61ae5a9c06 Added connect and disconnect scripts 2013-02-04 20:43:28 +01:00
Nikos Mavrogiannopoulos
65a3ac4cb4 better name for db_file 2013-02-01 08:16:18 +01:00
Nikos Mavrogiannopoulos
92b1d573eb set a maximum number of clients 2013-01-31 22:52:39 +01:00
Nikos Mavrogiannopoulos
a923a8a29a set a default priority string if not set. 2013-01-31 22:40:45 +01:00
Nikos Mavrogiannopoulos
6608f7ad7f Fixed UDP side. 2013-01-31 20:18:29 +01:00
Nikos Mavrogiannopoulos
0a8b951022 several updates and fixes in auth 2013-01-30 21:20:16 +01:00
Nikos Mavrogiannopoulos
25b0617081 better file structure 2013-01-30 19:00:29 +01:00
Nikos Mavrogiannopoulos
0b6fc4c696 Read configuration file 2013-01-30 17:33:17 +01:00
Nikos Mavrogiannopoulos
8c2735d1e1 use autogen for command line options 2013-01-30 01:39:14 +01:00