ocserv

mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 00:37:00 +08:00

Author	SHA1	Message	Date
Nikos Mavrogiannopoulos	445ea63783	made the ban points configurable	2015-02-26 11:23:06 +01:00
Nikos Mavrogiannopoulos	7619895a25	removed server-name config option	2015-02-26 11:00:07 +01:00
Nikos Mavrogiannopoulos	c9efcae416	doc update	2015-02-26 09:24:24 +01:00
Nikos Mavrogiannopoulos	0aa2c86f08	Added points in KKDCP connections to prevent DoS attacks.	2015-02-25 14:31:21 +01:00
Nikos Mavrogiannopoulos	a3f5ae2551	Add a cost in number of connections per IP to prevent DoS attacks	2015-02-25 13:24:42 +01:00
Nikos Mavrogiannopoulos	a617485232	enforce of IP banning was moved to main	2015-02-25 13:16:56 +01:00
Nikos Mavrogiannopoulos	2f2f4a77d2	allow explicitly specifying the NAS identifier in radius	2015-02-24 18:59:05 +01:00
Nikos Mavrogiannopoulos	29e834da4d	plain authentication uses the new parsing method	2015-02-24 13:53:37 +01:00
Nikos Mavrogiannopoulos	43caa1be14	radius will use the new sub-config format	2015-02-24 13:04:28 +01:00
Nikos Mavrogiannopoulos	e16ae6614c	Added more advanced suboption parser That adds the ability to parse options in the form: auth = "gssapi[option1=value1,option2=value2,...] It also introduces the keytab, and require-local-user-map suboptions for gssapi.	2015-02-24 11:50:55 +01:00
Nikos Mavrogiannopoulos	40e96aae45	Separated accounting from authentication.	2015-02-23 15:19:44 +01:00
Nikos Mavrogiannopoulos	39494d54ed	fixed sample.config	2015-02-21 16:59:52 +01:00
Nikos Mavrogiannopoulos	349cced46f	doc update	2015-02-21 08:25:58 +01:00
Nikos Mavrogiannopoulos	c1a6f4730b	Added the configure option server-name If set it will be used to set the NAS_IDENTIFIER in radius.	2015-02-21 08:20:16 +01:00
Nikos Mavrogiannopoulos	9a3be087b4	kkdcp: allow the handling of multiple realms per URL	2015-02-19 15:27:55 +01:00
Nikos Mavrogiannopoulos	773d277802	kkdcp: perform the proper encoding and decoding on exchanged data	2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos	b300177eb7	Added max-password-retries config option That makes the number of retries prior to banning the IP configurable.	2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos	2d72c0a526	doc update	2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos	01ec22db27	Allow setting content-type urlfw, and allow tcp	2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos	494738dd55	Added url-fw config option That allows to specify a class of URLs where, if a client POSTS to it, the data will be forwarded to the configured server, and the client will receive its reply.	2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos	afef74fa23	removed the certificate[optional] auth type	2015-02-19 11:47:20 +01:00
Nikos Mavrogiannopoulos	b6ef99b443	doc update	2015-02-12 21:10:12 +01:00
Nikos Mavrogiannopoulos	23586bdb9c	no longer document the auth option certificate[optional]	2015-02-12 21:08:41 +01:00
Nikos Mavrogiannopoulos	aa10eb53c1	doc update	2015-02-11 11:44:57 +01:00
Nikos Mavrogiannopoulos	bcea928abe	Added support for no-routes (X-Split-Exclude)	2015-02-06 14:05:10 +01:00
Nikos Mavrogiannopoulos	df7f3c528c	updated design documents	2015-01-25 09:52:08 +01:00
Nikos Mavrogiannopoulos	29760b0fa4	account freeradius-client version 1.1.7 in README.radius.	2015-01-25 08:34:53 +01:00
Nikos Mavrogiannopoulos	99c9a8ef6a	enable min-reauth-time in default configuration	2015-01-24 13:56:41 +01:00
Aron Xu	39248a6596	Run after network-online.target, instead of network.target Signed-off-by: Aron Xu <aron@debian.org>	2015-01-24 10:16:08 +01:00
Aron Xu	d925276da8	Remove syslog.target from systemd service files syslog is now socket-activated on all major distributions, hence the target is deprecated. Signed-off-by: Aron Xu <aron@debian.org>	2015-01-24 10:15:57 +01:00
Aron Xu	e2c609505b	Run in foreground when using systemd Signed-off-by: Aron Xu <aron@debian.org>	2015-01-24 10:15:18 +01:00
Aron Xu	dfc5f33f85	Listen to Port 443 as in sample.config Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2015-01-24 09:07:09 +01:00
Nikos Mavrogiannopoulos	bcef2eb16b	doc update	2015-01-20 14:26:42 +01:00
Nikos Mavrogiannopoulos	04a9381068	Compression is disabled by default	2015-01-16 10:45:53 +01:00
Nikos Mavrogiannopoulos	8d2a562af1	increased MIN_NO_COMPRESS_LIMIT	2015-01-15 21:00:32 +01:00
Nikos Mavrogiannopoulos	048b25ba45	Made the no-compress-limit configurable	2015-01-15 18:31:33 +01:00
Nikos Mavrogiannopoulos	fe848ad153	replaced use-seccomp by isolate-workers That, if enabled, includes the Linux namespaces restrictions into workers.	2015-01-15 10:25:23 +01:00
Nikos Mavrogiannopoulos	2f3d520c85	do not enforce PFS on default strings That allows legacy clients connect.	2015-01-11 12:22:27 +01:00
Nikos Mavrogiannopoulos	50f2fb88f6	simplify the input of IPv6 networks The prefix is specified as part of the network.	2014-12-29 20:15:36 +02:00
Nikos Mavrogiannopoulos	90b0ac7932	radius: added support for Framed-IPv6-Prefix	2014-12-29 20:00:45 +02:00
Nikos Mavrogiannopoulos	496f563686	doc update	2014-12-27 11:11:06 +02:00
Nikos Mavrogiannopoulos	80459cfbd5	the default strings will enforce PFS	2014-12-25 10:56:19 +02:00
Nikos Mavrogiannopoulos	4cf2797afc	radius: use Framed-Route and Framed-IPv6-Route That is read and if format is the expected, they are forwarded to client.	2014-12-14 20:37:50 +01:00
Nikos Mavrogiannopoulos	113ae94f13	removed unused option	2014-12-14 14:06:03 +01:00
Nikos Mavrogiannopoulos	173301744c	updated radius documentation	2014-12-13 22:22:28 +01:00
Nikos Mavrogiannopoulos	a32c5db859	Added README.radius	2014-12-11 12:09:56 +01:00
Nikos Mavrogiannopoulos	93125ea945	updated documentation on radius	2014-12-10 11:46:17 +01:00
Nikos Mavrogiannopoulos	320773e80a	Added support for radius interim updates	2014-12-10 11:18:29 +01:00
Nikos Mavrogiannopoulos	766afb591a	Added support for reading user configuration from radius.	2014-12-09 15:38:27 +01:00
Nikos Mavrogiannopoulos	2194e11b39	Added support for radius authentication	2014-12-09 10:59:18 +01:00

1 2 3 4

163 Commits