GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 00:37:00 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,300 Commits 19 Branches 88 Tags
e677c8b5366eee278e13fab74b2c47b35d253ae7
Commit Graph

3300 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nikos Mavrogiannopoulos
e677c8b536 common: added textual description to all messages 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-25 00:30:52 +02:00
Nikos Mavrogiannopoulos
d0a12f6d8e .gitlab-ci.yml: coverity: use centos8 image 
This addresses incompatibilities with Fedora32.

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-25 00:30:19 +02:00
Nikos Mavrogiannopoulos
0811d7d46b coverity: enable OIDC and latency stats in coverity run 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-23 09:00:20 +02:00
Nikos Mavrogiannopoulos
a1f5fbf206 .gitlab-ci.yml: reduce unnecessary runs in schedules 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-23 08:57:46 +02:00
Nikos Mavrogiannopoulos
3ebd9ecc3e Merge branch 'tmp-nobody' into 'master' 
README.md/sample.config: underline the need for a dedicated user

See merge request openconnect/ocserv!196
 2020-07-22 20:50:57 +00:00
Nikos Mavrogiannopoulos
e75e8d2471 README.md/sample.config: underline the need for a dedicated user 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-20 19:48:11 +02:00
Nikos Mavrogiannopoulos
bf8b22f3b9 Merge branch 'tmp-add-ubuntu20' into 'master' 
.gitlab-ci.yml: updated ubuntu build to 20.04

See merge request openconnect/ocserv!195
 2020-07-18 20:22:45 +00:00
Nikos Mavrogiannopoulos
0d1ae8a53d .gitlab-ci.yml: updated ubuntu build to 20.04 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-18 21:30:12 +02:00
Nikos Mavrogiannopoulos
f53d5e1395 Merge branch 'tmp-disable-tls13' into 'master' 
ocserv: disable TLS1.3 when cisco client compatibility is requested

Closes #318

See merge request openconnect/ocserv!194
 2020-07-18 19:27:10 +00:00
Nikos Mavrogiannopoulos
8d4238db68 README.md: added missing components 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-18 21:19:57 +02:00
Nikos Mavrogiannopoulos
5b8f3320d3 ocserv: disable TLS1.3 when cisco client compatibility is requested 
There are certain anyconnect clients which seem to fail connecting using
TLS1.3.

Resolves: #318

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-16 13:20:21 +02:00
Nikos Mavrogiannopoulos
5882c9468c doc update 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
 2020-07-15 09:05:07 +02:00
Nikos Mavrogiannopoulos
d4824cc1fc Merge branch 'namespace' into 'master' 
add basic namespace support for listen address

See merge request openconnect/ocserv!189
 2020-07-15 07:02:32 +00:00
William Dauchy
1bb2d8800f tests, ns: use namespace option for all ip commands 
simplifies use of of `ip netns exec` when it is about ip commands

Signed-off-by: William Dauchy <w.dauchy@criteo.com>
 2020-07-14 12:15:46 +02:00
William Dauchy
f4c7d41d14 add basic namespace support for listen address 
- this patch adds `listen-netns` parameter
- when set the listening socket will be created in the given namespace

it allows to properly segregate your traffic:
- do the backend traffic in the root namespace
- receive the VIP traffic in a given namespace

All this patch is widely inspired by haproxy implementation which allows
to bind each IP in a given namespace.

Resolves: #316

Signed-off-by: William Dauchy <w.dauchy@criteo.com>
 2020-07-13 18:11:30 +02:00
Nikos Mavrogiannopoulos
a060acf9e3 Merge branch 'tmp-alpine' into 'master' 
.gitlab-ci.yml: added alpine linux CI run

See merge request openconnect/ocserv!193
 2020-07-11 11:40:50 +00:00
Nikos Mavrogiannopoulos
2aaa287a4c icmp-ping: removed unnecessary assignments 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-11 13:00:20 +02:00
Nikos Mavrogiannopoulos
dc042ec327 occtl: fixed issues with unused variables 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-11 12:57:22 +02:00
Nikos Mavrogiannopoulos
541bf6f137 .gitlab-ci.yml: added alpine linux CI run 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-11 12:54:26 +02:00
Nikos Mavrogiannopoulos
4ba30c87e5 worker-privs: use signal.h instead of sys/signal.h 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-11 12:54:26 +02:00
Alan Jowett
6533299b78 Improve accept rate limitation and make it conditional on queue depth. 
Resolves: #310

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2020-07-11 12:51:29 +02:00
Nikos Mavrogiannopoulos
fba372ba0a Merge branch 'issue317' into 'master' 
Check for presence of /dev/net/tun device in tests that need them.

See merge request openconnect/ocserv!192
 2020-07-11 09:33:36 +00:00
Alan Jowett
770c4202f5 Provide option to suppress tests that depend on /dev/net/tun 
Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2020-07-08 14:31:35 -06:00
Nikos Mavrogiannopoulos
9ae0c9831d NEWS: doc update 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-07-03 18:25:53 +02:00
Nikos Mavrogiannopoulos
9210852bb5 Merge branch '#312' into 'master' 
OpenBSD lacks support for procfs

See merge request openconnect/ocserv!184
 2020-07-03 16:21:05 +00:00
Alan Jowett
be17dac16f OpenBSD lacks support for procfs 
Based on
60641282df.

Snapshot of config files are used to ensure that ocserv-sm and
ocserv-worker remain in sync. These snapshots are anonymous files that
are passed via a file descriptor. A worker creates a new file
description and file descriptor by using open(2) on /proc/self/fd.
Unfortunately OpenBSD lacks support for procfs.

Instead of using snapshot of config files let workers use the config
files.

While here add a note to README.md about this limitation, and add a CI
run (from @nmav).

Signed-off-by: Björn Ketelaars <bjorn.ketelaars@hydroxide.nl>
 2020-07-01 16:20:46 +02:00
Nikos Mavrogiannopoulos
baa9ae84db Merge branch 'tmp-coverity-updates' into 'master' 
Fixes related to coverity report

See merge request openconnect/ocserv!190
 2020-06-30 20:36:28 +00:00
Nikos Mavrogiannopoulos
ce89e0f582 Ensure that unchecked function calls are for a reason and fix otherwise 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-30 21:53:34 +02:00
Nikos Mavrogiannopoulos
0307f49a04 config: corrected typo in vhost assignment resulting to dead code 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-30 21:48:03 +02:00
Nikos Mavrogiannopoulos
d0857bd955 session_open: improved check for null config 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-30 21:47:58 +02:00
Nikos Mavrogiannopoulos
99fd5410bf setsockopt: always check its return value 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-30 21:46:32 +02:00
Nikos Mavrogiannopoulos
cc8d4a90a8 config: removed unnecessary null check 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-30 21:46:32 +02:00
Nikos Mavrogiannopoulos
3065b5c54e Merge branch 'issue315' into 'master' 
Filter out sensitive headers when logging

Closes #315

See merge request openconnect/ocserv!187
 2020-06-30 19:43:27 +00:00
Alan Jowett
4204d8a5c0 Resolves: #315 
Filter out sensitive headers when logging

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2020-06-30 08:57:44 -06:00
Nikos Mavrogiannopoulos
e4f5c93381 Merge branch 'tmp-tests-stability' into 'master' 
tests: improve stability of certain tests

See merge request openconnect/ocserv!191
 2020-06-30 11:47:01 +00:00
Nikos Mavrogiannopoulos
fc5a1580e0 .gitlab-ci.yml: updated for new spec file 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-29 12:06:35 +02:00
Nikos Mavrogiannopoulos
6f3b20f17b radius-config: stability updates 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-29 12:06:35 +02:00
Nikos Mavrogiannopoulos
95fb96ee32 test-udp-listen-host: added some reliability improvements 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-29 12:06:29 +02:00
Nikos Mavrogiannopoulos
7a03b9c6a0 Merge branch 'tmp-syslog-fix' into 'master' 
syslog: LOG_AUTH is not a priority

See merge request openconnect/ocserv!188
 2020-06-28 16:05:34 +00:00
Nikos Mavrogiannopoulos
63866a7770 syslog: LOG_AUTH is not a priority 
The first argument of syslog() is a priority indicator.
The LOG_AUTH which was being provided is a facility indicator.
Report the previously LOG_AUTH issues with the LOG_NOTICE
priority.

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-27 15:36:58 +02:00
Nikos Mavrogiannopoulos
8457249a8e README.md: removed badges and added section for supported platforms 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-24 20:22:04 +02:00
Nikos Mavrogiannopoulos
1da9c1b3b0 .gitlab-ci.yml: fix rpm generation 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-16 22:17:07 +02:00
Nikos Mavrogiannopoulos
56794e4b0c bumped version 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
1.1.0 		2020-06-16 19:37:45 +02:00
Nikos Mavrogiannopoulos
dd648772a6 Merge branch 'tmp-311' into 'master' 
tests: detect openconnect's path and fail if not found

Closes #311

See merge request openconnect/ocserv!182
 2020-06-11 21:08:34 +00:00
Nikos Mavrogiannopoulos
fdb80bb23e tests: detect openconnect's path and fail if not found 
Resolves: #311

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-11 22:26:33 +02:00
Nikos Mavrogiannopoulos
62cd787536 Log X-DTLS-App-ID and X-DTLS-Session-ID when sent 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-06-08 10:41:22 +02:00
Nikos Mavrogiannopoulos
f25875c758 Merge branch 'tmp-268' into 'master' 
tests: added test cases for no-route in group and main configuration

See merge request openconnect/ocserv!181
 2020-06-02 10:13:36 +00:00
Nikos Mavrogiannopoulos
1dacbb13a7 tests: added test cases for no-route in group and main configuration 
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
 2020-05-30 10:38:44 +02:00
Nikos Mavrogiannopoulos
59bdd070b6 Merge branch 'latency_stats' into 'master' 
Add reporting of RX latency

Closes #258

See merge request openconnect/ocserv!145
 2020-05-27 08:42:12 +00:00
Alan Jowett
722e030e58 Add reporting of RX latency 
Resolve: #258

Signed-off-by: Alan Jowett <alanjo@microsoft.com>
 2020-05-26 18:14:36 -06:00