ocserv

mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00

Author	SHA1	Message	Date
Nikos Mavrogiannopoulos	ddae1e8339	check for children cleanup prior to checking for termination. That allows to quickly terminate after the secmod death is detected.	2013-05-13 22:53:21 +02:00
Nikos Mavrogiannopoulos	67e83f89d7	Use sigaction() to have a consistent behavior across systems for signals.	2013-05-02 11:46:02 +03:00
Nikos Mavrogiannopoulos	6c43eedf50	several updates to allow compilation on FreeBSD	2013-04-12 17:00:52 +02:00
Nikos Mavrogiannopoulos	123eae6510	clear any lists prior to running sec mod	2013-03-24 09:36:42 +01:00
Nikos Mavrogiannopoulos	2a8bd08288	Revert "run sec mod earlier to save memory" This reverts commit `a8152e8c59`.	2013-03-24 09:31:46 +01:00
Nikos Mavrogiannopoulos	b433e20682	when debugging do not set memory limits	2013-03-24 09:11:02 +01:00
Nikos Mavrogiannopoulos	a8152e8c59	run sec mod earlier to save memory	2013-03-24 08:50:40 +01:00
Nikos Mavrogiannopoulos	c6f3f5b428	cookies are overwritten prior to fork	2013-03-17 09:54:13 +01:00
Nikos Mavrogiannopoulos	82df00f0b0	updates in unix socket creation	2013-03-16 21:27:58 +01:00
Nikos Mavrogiannopoulos	be6033e7b4	set certain limits on the worker process using setrlimit()	2013-03-15 20:01:56 +01:00
Nikos Mavrogiannopoulos	5a4ce846b7	The TLS private keys are kept into a privileged process. That process is called security-module (sec-mod) and communicates with the workers using a unix domain socket.	2013-03-15 17:47:38 +01:00
Nikos Mavrogiannopoulos	b552f27ddb	Do not let scripts block the server operation.	2013-03-13 19:18:52 +01:00
Nikos Mavrogiannopoulos	efd36016a5	Eliminated memory leaks on lists.	2013-03-04 19:43:32 +01:00
Nikos Mavrogiannopoulos	432a2da897	Allow setting a reconnection delay time after a failed authentication attempt (added min-reauth-time option).	2013-03-04 19:42:10 +01:00
Nikos Mavrogiannopoulos	2674af5aec	Allow longer sleeps than a second.	2013-03-04 18:52:47 +01:00
Nikos Mavrogiannopoulos	ecd90b533e	Allow setting a rate limit on the number of connections.	2013-03-04 06:23:58 +01:00
Nikos Mavrogiannopoulos	394493dbcb	use chdir prior to chroot.	2013-03-01 21:26:19 +01:00
Nikos Mavrogiannopoulos	41e8d020b5	Several updates to handle URLs requested by the cisco client.	2013-03-01 19:52:10 +01:00
Jason Cooper	a017004302	main: check return of daemon() Signed-off-by: Jason Cooper <jason@lakedaemon.net> Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>	2013-02-26 18:31:12 +01:00
Nikos Mavrogiannopoulos	faf4736532	updated	2013-02-25 21:22:19 +01:00
Nikos Mavrogiannopoulos	9cb139bdb0	Added support for TCP wrappers (libwrap)	2013-02-25 21:12:14 +01:00
Nikos Mavrogiannopoulos	a98e48b9b7	when receive a new UDP session, forward the fd and replace the old.	2013-02-19 19:12:05 +01:00
Nikos Mavrogiannopoulos	e5198dd40f	simplified TLS file load and reload.	2013-02-19 07:42:42 +01:00
Nikos Mavrogiannopoulos	628877881d	Added configuration options for PIN files.	2013-02-18 23:47:20 +01:00
Nikos Mavrogiannopoulos	6b70200777	When the cookie DB is full enforce maintainance.	2013-02-14 08:04:48 +01:00
Nikos Mavrogiannopoulos	c60be929e0	simplified main loop	2013-02-13 18:04:33 +01:00
Nikos Mavrogiannopoulos	2f1cdb5800	quit if no TCP port is available.	2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos	7270341e62	write the correct PID in pid file	2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos	121b2491aa	HUP signal reloads configuration	2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos	356da3fbe4	connect occurs before sending the fd to worker.	2013-02-12 18:57:05 +01:00
Nikos Mavrogiannopoulos	9bf5d7100f	corrected definition	2013-02-11 20:41:33 +01:00
Nikos Mavrogiannopoulos	4060c80469	fork moved to gdbm backend expiration	2013-02-10 13:50:56 +01:00
Nikos Mavrogiannopoulos	f8713edc3f	better set socket options	2013-02-10 13:40:37 +01:00
Nikos Mavrogiannopoulos	3784aa6ddc	increased cookie hash table size and better cleanup resources on errors	2013-02-10 10:04:42 +01:00
Nikos Mavrogiannopoulos	985da9e264	erase cookie data before forking to unprivileged process.	2013-02-09 21:28:30 +01:00
Nikos Mavrogiannopoulos	478c6ca2ce	when expiring stuff, do it on the main process unless we use gdbm.	2013-02-09 21:15:24 +01:00
Nikos Mavrogiannopoulos	e94ad75905	more explicit debug messages.	2013-02-09 13:09:18 +01:00
Nikos Mavrogiannopoulos	43fed529bb	simplified logging in debug mode	2013-02-09 12:40:49 +01:00
Nikos Mavrogiannopoulos	519f0a13ef	Several changes to compile on old linux kernels, and in constrained libgnutls libraries	2013-02-09 12:15:55 +01:00
Nikos Mavrogiannopoulos	0fee2289be	used a more sane setproctitle	2013-02-08 22:48:45 +01:00
Nikos Mavrogiannopoulos	6aae1d60d5	set process title	2013-02-08 22:37:41 +01:00
Nikos Mavrogiannopoulos	5f4b8711ef	Added configurable DPD	2013-02-08 21:51:58 +01:00
Nikos Mavrogiannopoulos	6ac7986342	explicitly close the logging subsystem	2013-02-08 19:30:14 +01:00
Nikos Mavrogiannopoulos	089bbed715	added a more graceful termination of workers.	2013-02-08 19:19:11 +01:00
Nikos Mavrogiannopoulos	4434fd70fe	several updates in cookies, and tun handling.	2013-02-08 18:22:18 +01:00
Nikos Mavrogiannopoulos	bacf821953	cleaned up TLS code which was moved to tlslib	2013-02-08 18:20:17 +01:00
Nikos Mavrogiannopoulos	14460456e7	gdbm was re-added and made optional.	2013-02-07 20:43:11 +01:00
Nikos Mavrogiannopoulos	2478c519b2	removed warning	2013-02-07 18:08:11 +01:00
Nikos Mavrogiannopoulos	1cb7ab38e9	Use a single UDP port in the server. Several modifications to use a single UDP port in the server. This is currently done using a hack, i.e., pass the UDP socket to worker, close it on the main server and then re-open it (using REUSEADDR). Also several updates in TUN handling to allow more than one clients connecting.	2013-02-07 17:49:51 +01:00
Nikos Mavrogiannopoulos	4370f88001	dropped dependency on gdbm. Cookies are stored in a hash.	2013-02-07 00:57:17 +01:00

1 2

92 Commits