David Woodhouse [Wed, 25 Mar 2009 13:29:12 +0000 (13:29 +0000)]
Merge branch 'nm-ui-rewrite' of git://github.com/jku/openconnect
David Woodhouse [Wed, 18 Mar 2009 15:28:46 +0000 (15:28 +0000)]
Tag version 1.00
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Jussi Kukkonen [Tue, 3 Feb 2009 12:30:30 +0000 (14:30 +0200)]
Merge branch 'master' into nm-ui-rewrite
Conflicts:
nm-auth-dialog.c
Jussi Kukkonen [Tue, 3 Feb 2009 12:13:41 +0000 (14:13 +0200)]
make cert validation dialog smaller (nicer on small screens)
Jussi Kukkonen [Tue, 3 Feb 2009 12:00:51 +0000 (14:00 +0200)]
fix crasher: cert validation dialog must run in main loop
David Woodhouse [Tue, 3 Feb 2009 10:27:00 +0000 (10:27 +0000)]
Merge branch 'fixes' of git://github.com/jku/openconnect
Jussi Kukkonen [Thu, 29 Jan 2009 20:24:39 +0000 (22:24 +0200)]
add gthread-2.0 to cflags and libs
David Woodhouse [Wed, 28 Jan 2009 22:47:48 +0000 (09:47 +1100)]
Fix memory leak on handled packets
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Jussi Kukkonen [Tue, 27 Jan 2009 13:35:20 +0000 (15:35 +0200)]
fix regression with return values
return 0 only when there really is a cookie
Jussi Kukkonen [Tue, 27 Jan 2009 13:12:47 +0000 (15:12 +0200)]
fix login button mnemonic
Jussi Kukkonen [Tue, 27 Jan 2009 10:11:12 +0000 (12:11 +0200)]
minor UI improvements
Jussi Kukkonen [Mon, 26 Jan 2009 20:29:29 +0000 (22:29 +0200)]
fix handling of long labels
now usingwidget_set_size_request(), which isn't ideal but better than
before
Jussi Kukkonen [Mon, 26 Jan 2009 18:59:17 +0000 (20:59 +0200)]
add log textview
Jussi Kukkonen [Sun, 25 Jan 2009 21:30:44 +0000 (23:30 +0200)]
fix return values on error and on window close
Jussi Kukkonen [Sun, 25 Jan 2009 19:33:20 +0000 (21:33 +0200)]
fix possible thread synchronization bug
Jussi Kukkonen [Sun, 25 Jan 2009 19:30:58 +0000 (21:30 +0200)]
minor ui fixes, better dialog default size
Jussi Kukkonen [Sun, 25 Jan 2009 12:31:44 +0000 (14:31 +0200)]
add NM_AUTH_DIALOG_AUTOCONNECT compile flag
connects to the default host when dialog opens
Jussi Kukkonen [Sun, 25 Jan 2009 12:02:23 +0000 (14:02 +0200)]
fix possible race condition in form entry creation/submission
Jussi Kukkonen [Sun, 25 Jan 2009 12:01:32 +0000 (14:01 +0200)]
fix details in handling the challenge-response cycle
Jussi Kukkonen [Sun, 25 Jan 2009 12:00:38 +0000 (14:00 +0200)]
clear ssl form on ui_open()
Jussi Kukkonen [Sat, 24 Jan 2009 18:23:25 +0000 (20:23 +0200)]
refactor nm-openconnect-auth-dialog main()
Jussi Kukkonen [Sat, 24 Jan 2009 18:21:23 +0000 (20:21 +0200)]
rewrite nm-openconnect-auth-dialog, integrate ssl dialogs
ssl UI fragments get inserted into the authentication dialog.
openconnect_obtain_cookie() is now run in a worker thread
to keep UI responsive.
Jussi Kukkonen [Sat, 24 Jan 2009 18:19:29 +0000 (20:19 +0200)]
support user cancel in openconnect_obtain_cookie()
Note changed return values:
< 0 error
= 0 no cookie (user cancel)
= 1 obtained cookie
Jussi Kukkonen [Sat, 24 Jan 2009 18:18:39 +0000 (20:18 +0200)]
ssl_ui_gtk: fix flusher return value
Return value for user cancel is -1.
Jussi Kukkonen [Sat, 24 Jan 2009 18:17:39 +0000 (20:17 +0200)]
improve ssl ui dialogs
Make dialogs show up in taskbar and pager, add window titles.
Jussi Kukkonen [Sat, 24 Jan 2009 18:16:57 +0000 (20:16 +0200)]
use GTK_STOCK_DIALOG_AUTHENTICATION as default icon
Jussi Kukkonen [Sat, 24 Jan 2009 18:16:21 +0000 (20:16 +0200)]
improve nm-auth-dialog dialogs
Make dialogs show up in taskbar and pager, add window titles.
Make 'window close' work as cancel in host selection.
Add 'name' to openconnect_info struct.
David Woodhouse [Tue, 16 Dec 2008 20:02:03 +0000 (20:02 +0000)]
Tag version 0.99
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Wu, Fengguang [Fri, 12 Dec 2008 14:23:45 +0000 (14:23 +0000)]
quit on interrupted sleep
Quit openconnect if sleep was interrupted by signal(e.g. ^C).
Signed-off-by: Wu Fengguang <fengguang.wu@intel.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Wu, Fengguang [Fri, 12 Dec 2008 14:23:43 +0000 (14:23 +0000)]
use adaptive reconnect_interval
Start reconnect attempts in 10s interval and enlarge
the interval by 10s each time until it reaches 100s.
This makes reasonable retry density for both small/large reconnect timeouts.
Signed-off-by: Wu Fengguang <fengguang.wu@intel.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Wu, Fengguang [Fri, 12 Dec 2008 14:23:44 +0000 (14:23 +0000)]
fix SEGV on lost connection
Stop cstp_bye() when the https connection was already lost.
Signed-off-by: Wu Fengguang <fengguang.wu@intel.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Wu, Fengguang [Fri, 12 Dec 2008 14:23:42 +0000 (14:23 +0000)]
add option --reconnect-timeout
Users could specify large reconnect-timeout to
survive unstable network connections.
Signed-off-by: Wu Fengguang <fengguang.wu@intel.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 11 Dec 2008 12:07:18 +0000 (12:07 +0000)]
After DPD, keep retrying to connect for longer.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Sat, 6 Dec 2008 10:32:40 +0000 (10:32 +0000)]
Fix select µsec calculation to avoid integer overflow.
Pointed out by Sergey Svishchev.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Fri, 5 Dec 2008 14:41:50 +0000 (14:41 +0000)]
NetBSD fixes from Sergey Svishchev
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 25 Nov 2008 00:29:32 +0000 (00:29 +0000)]
Turn certsigs gconf key into a string.
Otherwise, NetworkManager will keep deleting it.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Mon, 24 Nov 2008 14:29:29 +0000 (14:29 +0000)]
Don't keep retrying DTLS if OpenSSL doesn't support it
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 20 Nov 2008 18:58:49 +0000 (18:58 +0000)]
Tag version 0.98
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 20 Nov 2008 18:58:09 +0000 (18:58 +0000)]
Fix up licensing headers
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 20 Nov 2008 18:57:15 +0000 (18:57 +0000)]
Remove OpenSSL patches
They can be handled separately. Two are upstream already, and the other
one needs redoing anyway.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 13 Nov 2008 18:44:22 +0000 (18:44 +0000)]
Tag version 0.97
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 13 Nov 2008 18:42:17 +0000 (18:42 +0000)]
Allow empty 'select' choice element in auth form.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 13 Nov 2008 03:40:41 +0000 (03:40 +0000)]
Use NULL not 0 for pointers
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 13 Nov 2008 03:30:10 +0000 (03:30 +0000)]
Forget password after using it once
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 13 Nov 2008 03:24:34 +0000 (03:24 +0000)]
Ask user to accept certs in NM auth-dialog
We store the signature of accepted certs in gconf.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 13 Nov 2008 03:22:32 +0000 (03:22 +0000)]
Fix cert valididation with CA files, allow manual cert validation callback.
We need to clear the 'purpose' field, because we seem to be using
certificates which don't have that correctly set, and that causes normal
certificate validation to fail.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 4 Nov 2008 15:49:14 +0000 (15:49 +0000)]
Report reason for 'service unavailable' results from server
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 4 Nov 2008 13:04:11 +0000 (13:04 +0000)]
Add --no-passwd option. When certificate fails, fail immediately.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 4 Nov 2008 12:55:13 +0000 (12:55 +0000)]
Set vpninfo->progress earlier to avoid segfaults with XML file
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 30 Oct 2008 11:12:23 +0000 (11:12 +0000)]
Add man page
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Wed, 29 Oct 2008 17:12:59 +0000 (17:12 +0000)]
Use -s for tag commits
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Wed, 29 Oct 2008 17:11:28 +0000 (17:11 +0000)]
Use vpninfo->progress for more messages, instead of printf/perror
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 28 Oct 2008 08:42:09 +0000 (08:42 +0000)]
Tag version 0.96
David Woodhouse [Sun, 26 Oct 2008 13:46:27 +0000 (13:46 +0000)]
Allow SecurID tokens to be scripted/generated
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Sun, 26 Oct 2008 10:58:06 +0000 (10:58 +0000)]
Allow queue length to be configured
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Sun, 26 Oct 2008 10:40:26 +0000 (10:40 +0000)]
Limit outgoing packet queue length
If we were using TCP and the socket stalled, we'd just keep sucking
packets from the kernel, allocating memory and queuing them
internally with no limit except the size of the swap space. Not clever.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Sun, 26 Oct 2008 10:11:00 +0000 (10:11 +0000)]
Remove unused variable 'success'
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Nick Andrew [Sun, 26 Oct 2008 04:42:40 +0000 (15:42 +1100)]
Treat an empty cookie (null string) as undefined
This allows bootstrapping a cookie file. Initially do:
echo '' > cookie-file
In the setup script, write the received cookie value to the
cookie file, so it will be used next time the VPN is started.
Signed-off-by: Nick Andrew <nick@nick-andrew.net>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Nick Andrew [Sun, 26 Oct 2008 03:15:21 +0000 (14:15 +1100)]
Reorder options string; remove extra 'h'
Put the options string into alphabetical order and remove a dupe 'h'.
Signed-off-by: Nick Andrew <nick@nick-andrew.net>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Nick Andrew [Sun, 26 Oct 2008 04:42:38 +0000 (15:42 +1100)]
Add option to read password from standard input
Signed-off-by: Nick Andrew <nick@nick-andrew.net>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Nick Andrew [Sun, 26 Oct 2008 03:15:20 +0000 (14:15 +1100)]
Remove argument from some long options
These long options do not take an argument:
--script-tun
--tpm-key
--verbose
--version
Signed-off-by: Nick Andrew <nick@nick-andrew.net>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Ross Burton [Fri, 24 Oct 2008 15:45:16 +0000 (16:45 +0100)]
Flush X event queue after closing dialog
David Woodhouse [Fri, 24 Oct 2008 12:54:56 +0000 (13:54 +0100)]
detect success from auth_id
David Woodhouse [Fri, 24 Oct 2008 12:53:36 +0000 (13:53 +0100)]
Handle SecurID pin in next_tokencode mode too
David Woodhouse [Fri, 24 Oct 2008 12:33:06 +0000 (13:33 +0100)]
Use separate prompt for SecurID PIN
David Woodhouse [Fri, 24 Oct 2008 12:06:04 +0000 (13:06 +0100)]
Use prompts from server
David Woodhouse [Fri, 24 Oct 2008 10:49:45 +0000 (11:49 +0100)]
Handle split-includes
David Woodhouse [Mon, 20 Oct 2008 12:21:58 +0000 (13:21 +0100)]
Add --setuid option to drop privs after connect.
David Woodhouse [Mon, 20 Oct 2008 12:09:07 +0000 (13:09 +0100)]
Add --syslog option
David Woodhouse [Thu, 16 Oct 2008 09:02:55 +0000 (10:02 +0100)]
don't report quit message twice
David Woodhouse [Thu, 16 Oct 2008 08:58:22 +0000 (09:58 +0100)]
Fix Ctrl-C handling
David Woodhouse [Wed, 15 Oct 2008 12:20:38 +0000 (13:20 +0100)]
Move to using select() instead of poll(). poll() doesn't work on MacOS
David Woodhouse [Wed, 15 Oct 2008 11:46:27 +0000 (12:46 +0100)]
Rip the OpenSSL UI bits out on Linux too; it was just an example.
Dirk Hohndel [Wed, 15 Oct 2008 11:36:16 +0000 (12:36 +0100)]
Add MacOS support to tun.c
Dirk Hohndel [Wed, 15 Oct 2008 11:35:19 +0000 (12:35 +0100)]
Build fixes for MacOS
David Woodhouse [Wed, 15 Oct 2008 11:33:01 +0000 (12:33 +0100)]
Remove the MTU hack; it didn't work anyway, and we fixed the real bug
Dirk Hohndel [Wed, 15 Oct 2008 11:30:54 +0000 (12:30 +0100)]
Build fixes for MacOS
David Woodhouse [Tue, 14 Oct 2008 13:32:10 +0000 (14:32 +0100)]
Fix bogus indenting
David Woodhouse [Tue, 14 Oct 2008 13:25:11 +0000 (14:25 +0100)]
Document $(OPENSSL) use case a little better
David Woodhouse [Thu, 9 Oct 2008 22:15:32 +0000 (23:15 +0100)]
Tag version 0.95
David Woodhouse [Thu, 9 Oct 2008 12:31:11 +0000 (13:31 +0100)]
Update patches
David Woodhouse [Wed, 8 Oct 2008 15:12:45 +0000 (16:12 +0100)]
include ctype.h
David Woodhouse [Tue, 7 Oct 2008 12:53:11 +0000 (13:53 +0100)]
Kill dtls_state, fix --no-dtls
David Woodhouse [Tue, 7 Oct 2008 12:50:13 +0000 (13:50 +0100)]
Handle disconnect request gracefully
David Woodhouse [Tue, 7 Oct 2008 12:34:52 +0000 (13:34 +0100)]
initialise combo box entry counter
David Woodhouse [Mon, 6 Oct 2008 23:31:21 +0000 (00:31 +0100)]
fix broken memset
David Woodhouse [Mon, 6 Oct 2008 21:48:14 +0000 (22:48 +0100)]
Tag version 0.94
David Woodhouse [Mon, 6 Oct 2008 21:41:18 +0000 (22:41 +0100)]
cookie on stdin
David Woodhouse [Mon, 6 Oct 2008 21:26:14 +0000 (22:26 +0100)]
Handle 'script' going away
David Woodhouse [Mon, 6 Oct 2008 21:18:25 +0000 (22:18 +0100)]
Add option for passing all traffic to a filedescript of the 'script'
This means we can just make it run something using lwip to provide a
SOCKS server.
David Woodhouse [Mon, 6 Oct 2008 21:01:09 +0000 (22:01 +0100)]
move environment setting to separate function
David Woodhouse [Mon, 6 Oct 2008 20:49:24 +0000 (21:49 +0100)]
print ifname
David Woodhouse [Mon, 6 Oct 2008 20:49:17 +0000 (21:49 +0100)]
Use pointopoint mode
David Woodhouse [Mon, 6 Oct 2008 08:36:23 +0000 (09:36 +0100)]
mention server cert
David Woodhouse [Mon, 6 Oct 2008 07:27:09 +0000 (08:27 +0100)]
Add DTLS test hacks
David Woodhouse [Mon, 6 Oct 2008 07:25:33 +0000 (08:25 +0100)]
explain the dtls wrong-packet problem now we know the cause
David Woodhouse [Sun, 5 Oct 2008 21:10:55 +0000 (22:10 +0100)]
Don't abort on all http response failures
David Woodhouse [Sun, 5 Oct 2008 18:05:18 +0000 (19:05 +0100)]
Only set write_new_config() callback if user gives a filename
David Woodhouse [Sun, 5 Oct 2008 16:54:58 +0000 (17:54 +0100)]
Tag version 0.93
David Woodhouse [Sun, 5 Oct 2008 16:54:23 +0000 (17:54 +0100)]
no gnomeui