mirror of
https://gitlab.com/openconnect/ocserv.git
synced 2026-02-10 16:57:00 +08:00
1cb7ab38e9
Several modifications to use a single UDP port in the server. This is currently done using a hack, i.e., pass the UDP socket to worker, close it on the main server and then re-open it (using REUSEADDR). Also several updates in TUN handling to allow more than one clients connecting.
10 lines
513 B
Plaintext
10 lines
513 B
Plaintext
* Add a simple username/password back-end
|
|
* Certificate authentication to the main process (can it be done without
|
|
moving the TLS handshake over the main thread?)
|
|
* Keep the TLS key and certificates into the privileged process and use IPC
|
|
for operations (this will make the privileged process a bottleneck).
|
|
* Handle multiple clients in a single tun device (check if needed at all)
|
|
* Add path MTU discovery
|
|
* Allow the usage of PSK ciphersuites instead of the non-standard cisco
|
|
resumption mode for DTLS.
|