David Woodhouse [Thu, 2 Oct 2008 08:33:14 +0000 (09:33 +0100)]
mv -f
David Woodhouse [Thu, 2 Oct 2008 08:05:44 +0000 (09:05 +0100)]
compr send from pkt structure too
David Woodhouse [Thu, 2 Oct 2008 07:55:32 +0000 (08:55 +0100)]
header in pkt for ssl too
David Woodhouse [Thu, 2 Oct 2008 07:55:22 +0000 (08:55 +0100)]
header in pkt
David Woodhouse [Thu, 2 Oct 2008 07:52:41 +0000 (08:52 +0100)]
stop poll loop when close dtls
David Woodhouse [Thu, 2 Oct 2008 07:51:27 +0000 (08:51 +0100)]
don't try new dtls ver
David Woodhouse [Thu, 2 Oct 2008 06:36:23 +0000 (07:36 +0100)]
fix SEGV on engine failure
David Woodhouse [Thu, 2 Oct 2008 04:57:38 +0000 (05:57 +0100)]
same dpd fixes as in dtls, for ssl
David Woodhouse [Thu, 2 Oct 2008 04:57:25 +0000 (05:57 +0100)]
fix dpd in dtls
David Woodhouse [Thu, 2 Oct 2008 04:56:36 +0000 (05:56 +0100)]
fix version in useragent
David Woodhouse [Thu, 2 Oct 2008 03:45:17 +0000 (04:45 +0100)]
tag and tarball helper targets
David Woodhouse [Thu, 2 Oct 2008 03:33:42 +0000 (04:33 +0100)]
don't build getwebvpn by default any more
David Woodhouse [Thu, 2 Oct 2008 03:32:10 +0000 (04:32 +0100)]
fix deps on version.h for new checkouts
David Woodhouse [Thu, 2 Oct 2008 03:30:35 +0000 (04:30 +0100)]
add missing version.sh
David Woodhouse [Thu, 2 Oct 2008 03:27:52 +0000 (04:27 +0100)]
change version with tags too
David Woodhouse [Thu, 2 Oct 2008 03:26:18 +0000 (04:26 +0100)]
print it so that we get the new one, not the old
David Woodhouse [Thu, 2 Oct 2008 03:24:09 +0000 (04:24 +0100)]
report version string when building
David Woodhouse [Thu, 2 Oct 2008 03:22:30 +0000 (04:22 +0100)]
depend on version.sh so that a new tag causes a new version.h
David Woodhouse [Thu, 2 Oct 2008 03:20:48 +0000 (04:20 +0100)]
add a version number
David Woodhouse [Thu, 2 Oct 2008 02:48:58 +0000 (03:48 +0100)]
fix uninitialised cookieonly var, add 'printcookie' option
David Woodhouse [Wed, 1 Oct 2008 21:11:20 +0000 (22:11 +0100)]
Add --cookieonly option
David Woodhouse [Wed, 1 Oct 2008 20:21:36 +0000 (21:21 +0100)]
Remove Neon stuff
David Woodhouse [Wed, 1 Oct 2008 18:04:20 +0000 (19:04 +0100)]
Submit request in a single SSL record.
David Woodhouse [Wed, 1 Oct 2008 16:38:50 +0000 (17:38 +0100)]
include ctype.h
David Woodhouse [Wed, 1 Oct 2008 16:36:20 +0000 (17:36 +0100)]
remove typo
David Woodhouse [Wed, 1 Oct 2008 16:31:31 +0000 (17:31 +0100)]
support mangling in SecurID PIN
David Woodhouse [Wed, 1 Oct 2008 16:07:41 +0000 (17:07 +0100)]
quieten a little more, don't get name twice
David Woodhouse [Wed, 1 Oct 2008 15:54:50 +0000 (16:54 +0100)]
don't remember username if not from command line
David Woodhouse [Wed, 1 Oct 2008 15:17:08 +0000 (16:17 +0100)]
slight cleanup
David Woodhouse [Wed, 1 Oct 2008 14:41:00 +0000 (15:41 +0100)]
Attempt second form
David Woodhouse [Wed, 1 Oct 2008 13:20:26 +0000 (14:20 +0100)]
remember username
David Woodhouse [Wed, 1 Oct 2008 13:17:37 +0000 (14:17 +0100)]
move more form handling out into separate function
David Woodhouse [Wed, 1 Oct 2008 12:59:02 +0000 (13:59 +0100)]
move error and message stuff into UI; print cookie
David Woodhouse [Wed, 1 Oct 2008 12:53:47 +0000 (13:53 +0100)]
username has to be allocated since we might free it
David Woodhouse [Wed, 1 Oct 2008 12:42:16 +0000 (13:42 +0100)]
use username if given
David Woodhouse [Wed, 1 Oct 2008 12:38:39 +0000 (13:38 +0100)]
Add user argument
David Woodhouse [Wed, 1 Oct 2008 12:38:16 +0000 (13:38 +0100)]
echo input
David Woodhouse [Wed, 1 Oct 2008 12:31:33 +0000 (13:31 +0100)]
use OpenSSL UI for prompting user. Don't abort on login fail
David Woodhouse [Wed, 1 Oct 2008 12:17:20 +0000 (13:17 +0100)]
Attempt form handling
David Woodhouse [Wed, 1 Oct 2008 12:01:35 +0000 (13:01 +0100)]
attempt to handle POST
David Woodhouse [Wed, 1 Oct 2008 11:56:11 +0000 (12:56 +0100)]
let method change
David Woodhouse [Wed, 1 Oct 2008 11:51:26 +0000 (12:51 +0100)]
Submit cookies with request
David Woodhouse [Wed, 1 Oct 2008 11:47:00 +0000 (12:47 +0100)]
Handle cookie deletion properly
David Woodhouse [Wed, 1 Oct 2008 11:27:21 +0000 (12:27 +0100)]
start to parse xml response
David Woodhouse [Wed, 1 Oct 2008 11:01:26 +0000 (12:01 +0100)]
move cookie func to http.c
David Woodhouse [Wed, 1 Oct 2008 11:00:35 +0000 (12:00 +0100)]
Single function to obtain cookie
David Woodhouse [Wed, 1 Oct 2008 10:59:41 +0000 (11:59 +0100)]
Some cookies have no attributes
David Woodhouse [Wed, 1 Oct 2008 10:44:08 +0000 (11:44 +0100)]
Only check config sha1 if we have a config
David Woodhouse [Wed, 1 Oct 2008 10:39:26 +0000 (11:39 +0100)]
Tidy up cookie handling, check XML config file sha1 against server
David Woodhouse [Wed, 1 Oct 2008 10:02:20 +0000 (11:02 +0100)]
Attempt to avoid the assert() which Marcel saw.
David Woodhouse [Wed, 1 Oct 2008 09:14:23 +0000 (10:14 +0100)]
Justify wheel re-invention
David Woodhouse [Wed, 1 Oct 2008 02:30:47 +0000 (03:30 +0100)]
fixme: cookies
David Woodhouse [Wed, 1 Oct 2008 02:28:21 +0000 (03:28 +0100)]
Bugger it. Own HTTP parsing
David Woodhouse [Wed, 1 Oct 2008 00:04:45 +0000 (01:04 +0100)]
Start of code to use neon. This doesn't work either.
Maybe I will just fall back to doing the bloody http parsing for myself.
David Woodhouse [Tue, 30 Sep 2008 23:41:02 +0000 (00:41 +0100)]
Switch to using Neon for XML parsing.
Marcel Holtmann [Tue, 30 Sep 2008 22:38:16 +0000 (00:38 +0200)]
Use SecurID based login to retrieve webvpn cookie
David Woodhouse [Tue, 30 Sep 2008 21:21:31 +0000 (22:21 +0100)]
fixme: redirects happen
David Woodhouse [Tue, 30 Sep 2008 21:18:25 +0000 (22:18 +0100)]
Look up hosts in XML config file
David Woodhouse [Tue, 30 Sep 2008 17:29:10 +0000 (18:29 +0100)]
Remove a bunch of stuff from TODO
David Woodhouse [Tue, 30 Sep 2008 13:13:00 +0000 (14:13 +0100)]
Make cert and key options a little saner
David Woodhouse [Tue, 30 Sep 2008 08:40:18 +0000 (09:40 +0100)]
doh. Fix latency fuckup
David Woodhouse [Tue, 30 Sep 2008 08:20:55 +0000 (09:20 +0100)]
Clean up exit handling a little
David Woodhouse [Tue, 30 Sep 2008 08:20:29 +0000 (09:20 +0100)]
Enable compression by default, allow DTLS to be disabled
David Woodhouse [Tue, 30 Sep 2008 07:39:22 +0000 (08:39 +0100)]
Change name of MTU environment variable
David Woodhouse [Tue, 30 Sep 2008 07:15:15 +0000 (08:15 +0100)]
fix up server verification a bit
David Woodhouse [Tue, 30 Sep 2008 04:01:17 +0000 (05:01 +0100)]
Add server cert verification
David Woodhouse [Tue, 30 Sep 2008 03:34:00 +0000 (04:34 +0100)]
handle SIGHUP too
David Woodhouse [Tue, 30 Sep 2008 03:31:59 +0000 (04:31 +0100)]
Clean up messages a little
David Woodhouse [Tue, 30 Sep 2008 03:20:48 +0000 (04:20 +0100)]
Clean up CSTP option handling
David Woodhouse [Mon, 29 Sep 2008 17:53:26 +0000 (18:53 +0100)]
admit what we know about xml download
David Woodhouse [Mon, 29 Sep 2008 14:51:24 +0000 (15:51 +0100)]
Add comments on OpenSSL patches
David Woodhouse [Mon, 29 Sep 2008 14:41:42 +0000 (15:41 +0100)]
Tidy up option handling a little
David Woodhouse [Mon, 29 Sep 2008 14:23:27 +0000 (15:23 +0100)]
Add capability to use vpnc's route mangling script
David Woodhouse [Mon, 29 Sep 2008 13:56:53 +0000 (14:56 +0100)]
set up for invoking script for config
David Woodhouse [Mon, 29 Sep 2008 13:48:25 +0000 (14:48 +0100)]
FD_CLOEXEC
David Woodhouse [Mon, 29 Sep 2008 12:31:22 +0000 (13:31 +0100)]
Remove the 'FIXME: keepalive' comment. I implemented that already
David Woodhouse [Mon, 29 Sep 2008 12:27:02 +0000 (13:27 +0100)]
Implement DTLS rekey
David Woodhouse [Mon, 29 Sep 2008 12:06:32 +0000 (13:06 +0100)]
Start of DTLS rekey support, clean up comments about protocol
David Woodhouse [Mon, 29 Sep 2008 12:00:28 +0000 (13:00 +0100)]
Add OpenSSL patches
David Woodhouse [Mon, 29 Sep 2008 08:54:17 +0000 (09:54 +0100)]
Use SSL_OP_CISCO_ANYCONNECT option to match the patch I sent upstream
David Woodhouse [Mon, 29 Sep 2008 08:52:44 +0000 (09:52 +0100)]
commit makefile hacks for openssl testing
David Woodhouse [Mon, 29 Sep 2008 01:15:33 +0000 (02:15 +0100)]
Latency will be a lot better if we actually select on the right fd
David Woodhouse [Mon, 29 Sep 2008 01:15:10 +0000 (02:15 +0100)]
Use explicit numbers for DTLS1_BAD_VER and DTLS1_VERSION
That way it can build against either 0.9.8e or 0.9.8f
David Woodhouse [Sun, 28 Sep 2008 08:17:54 +0000 (09:17 +0100)]
Set MTU too.
From the server's response, rather than what we asked the server for.
David Woodhouse [Sat, 27 Sep 2008 07:05:44 +0000 (01:05 -0600)]
Set default UI method so it works for PEM passphrases too.
Looks like this means we can't set the UI userdata to vpninfo,
unfortunately.
David Woodhouse [Sat, 27 Sep 2008 06:45:10 +0000 (00:45 -0600)]
fixme for cert passphrase
David Woodhouse [Sat, 27 Sep 2008 06:41:39 +0000 (00:41 -0600)]
Demonstrate how to do callback for TPM password; proper UIs will need this
David Woodhouse [Sat, 27 Sep 2008 05:47:33 +0000 (23:47 -0600)]
Take TPM SRK password on command line too, optionally
The callback does seem to work; a GUI client might want something more
special.
David Woodhouse [Sat, 27 Sep 2008 05:27:59 +0000 (23:27 -0600)]
Use OpenSSL TPM engine
David Woodhouse [Sat, 27 Sep 2008 05:27:38 +0000 (23:27 -0600)]
quieter
David Woodhouse [Sat, 27 Sep 2008 05:27:12 +0000 (23:27 -0600)]
Make interface name configurable
Marcel Holtmann [Fri, 26 Sep 2008 16:46:28 +0000 (18:46 +0200)]
Add IPv4 address and netmask configuration
David Woodhouse [Fri, 26 Sep 2008 16:43:05 +0000 (09:43 -0700)]
silence warnings, and output
David Woodhouse [Thu, 25 Sep 2008 01:08:33 +0000 (18:08 -0700)]
Add cookie fetching code, given a certificate. This bit sucks
David Woodhouse [Thu, 25 Sep 2008 01:06:36 +0000 (18:06 -0700)]
Another response seen in the wild
David Woodhouse [Wed, 24 Sep 2008 22:03:21 +0000 (15:03 -0700)]
fix curl_err uninitialised
David Woodhouse [Wed, 24 Sep 2008 21:43:37 +0000 (14:43 -0700)]
Remove abstraction crap
David Woodhouse [Tue, 23 Sep 2008 23:31:49 +0000 (16:31 -0700)]
Fall back to SSL if DTLS dies
David Woodhouse [Tue, 23 Sep 2008 23:25:40 +0000 (16:25 -0700)]
Sort out DPD and Keepalive
This could be cleaner -- and shared between DTLS and SSL. But this seems
to work...
David Woodhouse [Tue, 23 Sep 2008 22:47:38 +0000 (15:47 -0700)]
one fewer FIXME...