David Woodhouse [Thu, 13 Nov 2008 03:24:34 +0000 (03:24 +0000)]
Ask user to accept certs in NM auth-dialog
We store the signature of accepted certs in gconf.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 13 Nov 2008 03:22:32 +0000 (03:22 +0000)]
Fix cert valididation with CA files, allow manual cert validation callback.
We need to clear the 'purpose' field, because we seem to be using
certificates which don't have that correctly set, and that causes normal
certificate validation to fail.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 4 Nov 2008 15:49:14 +0000 (15:49 +0000)]
Report reason for 'service unavailable' results from server
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 4 Nov 2008 13:04:11 +0000 (13:04 +0000)]
Add --no-passwd option. When certificate fails, fail immediately.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 4 Nov 2008 12:55:13 +0000 (12:55 +0000)]
Set vpninfo->progress earlier to avoid segfaults with XML file
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Thu, 30 Oct 2008 11:12:23 +0000 (11:12 +0000)]
Add man page
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Wed, 29 Oct 2008 17:12:59 +0000 (17:12 +0000)]
Use -s for tag commits
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Wed, 29 Oct 2008 17:11:28 +0000 (17:11 +0000)]
Use vpninfo->progress for more messages, instead of printf/perror
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Tue, 28 Oct 2008 08:42:09 +0000 (08:42 +0000)]
Tag version 0.96
David Woodhouse [Sun, 26 Oct 2008 13:46:27 +0000 (13:46 +0000)]
Allow SecurID tokens to be scripted/generated
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Sun, 26 Oct 2008 10:58:06 +0000 (10:58 +0000)]
Allow queue length to be configured
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Sun, 26 Oct 2008 10:40:26 +0000 (10:40 +0000)]
Limit outgoing packet queue length
If we were using TCP and the socket stalled, we'd just keep sucking
packets from the kernel, allocating memory and queuing them
internally with no limit except the size of the swap space. Not clever.
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
David Woodhouse [Sun, 26 Oct 2008 10:11:00 +0000 (10:11 +0000)]
Remove unused variable 'success'
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Nick Andrew [Sun, 26 Oct 2008 04:42:40 +0000 (15:42 +1100)]
Treat an empty cookie (null string) as undefined
This allows bootstrapping a cookie file. Initially do:
echo '' > cookie-file
In the setup script, write the received cookie value to the
cookie file, so it will be used next time the VPN is started.
Signed-off-by: Nick Andrew <nick@nick-andrew.net>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Nick Andrew [Sun, 26 Oct 2008 03:15:21 +0000 (14:15 +1100)]
Reorder options string; remove extra 'h'
Put the options string into alphabetical order and remove a dupe 'h'.
Signed-off-by: Nick Andrew <nick@nick-andrew.net>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Nick Andrew [Sun, 26 Oct 2008 04:42:38 +0000 (15:42 +1100)]
Add option to read password from standard input
Signed-off-by: Nick Andrew <nick@nick-andrew.net>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Nick Andrew [Sun, 26 Oct 2008 03:15:20 +0000 (14:15 +1100)]
Remove argument from some long options
These long options do not take an argument:
--script-tun
--tpm-key
--verbose
--version
Signed-off-by: Nick Andrew <nick@nick-andrew.net>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Ross Burton [Fri, 24 Oct 2008 15:45:16 +0000 (16:45 +0100)]
Flush X event queue after closing dialog
David Woodhouse [Fri, 24 Oct 2008 12:54:56 +0000 (13:54 +0100)]
detect success from auth_id
David Woodhouse [Fri, 24 Oct 2008 12:53:36 +0000 (13:53 +0100)]
Handle SecurID pin in next_tokencode mode too
David Woodhouse [Fri, 24 Oct 2008 12:33:06 +0000 (13:33 +0100)]
Use separate prompt for SecurID PIN
David Woodhouse [Fri, 24 Oct 2008 12:06:04 +0000 (13:06 +0100)]
Use prompts from server
David Woodhouse [Fri, 24 Oct 2008 10:49:45 +0000 (11:49 +0100)]
Handle split-includes
David Woodhouse [Mon, 20 Oct 2008 12:21:58 +0000 (13:21 +0100)]
Add --setuid option to drop privs after connect.
David Woodhouse [Mon, 20 Oct 2008 12:09:07 +0000 (13:09 +0100)]
Add --syslog option
David Woodhouse [Thu, 16 Oct 2008 09:02:55 +0000 (10:02 +0100)]
don't report quit message twice
David Woodhouse [Thu, 16 Oct 2008 08:58:22 +0000 (09:58 +0100)]
Fix Ctrl-C handling
David Woodhouse [Wed, 15 Oct 2008 12:20:38 +0000 (13:20 +0100)]
Move to using select() instead of poll(). poll() doesn't work on MacOS
David Woodhouse [Wed, 15 Oct 2008 11:46:27 +0000 (12:46 +0100)]
Rip the OpenSSL UI bits out on Linux too; it was just an example.
Dirk Hohndel [Wed, 15 Oct 2008 11:36:16 +0000 (12:36 +0100)]
Add MacOS support to tun.c
Dirk Hohndel [Wed, 15 Oct 2008 11:35:19 +0000 (12:35 +0100)]
Build fixes for MacOS
David Woodhouse [Wed, 15 Oct 2008 11:33:01 +0000 (12:33 +0100)]
Remove the MTU hack; it didn't work anyway, and we fixed the real bug
Dirk Hohndel [Wed, 15 Oct 2008 11:30:54 +0000 (12:30 +0100)]
Build fixes for MacOS
David Woodhouse [Tue, 14 Oct 2008 13:32:10 +0000 (14:32 +0100)]
Fix bogus indenting
David Woodhouse [Tue, 14 Oct 2008 13:25:11 +0000 (14:25 +0100)]
Document $(OPENSSL) use case a little better
David Woodhouse [Thu, 9 Oct 2008 22:15:32 +0000 (23:15 +0100)]
Tag version 0.95
David Woodhouse [Thu, 9 Oct 2008 12:31:11 +0000 (13:31 +0100)]
Update patches
David Woodhouse [Wed, 8 Oct 2008 15:12:45 +0000 (16:12 +0100)]
include ctype.h
David Woodhouse [Tue, 7 Oct 2008 12:53:11 +0000 (13:53 +0100)]
Kill dtls_state, fix --no-dtls
David Woodhouse [Tue, 7 Oct 2008 12:50:13 +0000 (13:50 +0100)]
Handle disconnect request gracefully
David Woodhouse [Tue, 7 Oct 2008 12:34:52 +0000 (13:34 +0100)]
initialise combo box entry counter
David Woodhouse [Mon, 6 Oct 2008 23:31:21 +0000 (00:31 +0100)]
fix broken memset
David Woodhouse [Mon, 6 Oct 2008 21:48:14 +0000 (22:48 +0100)]
Tag version 0.94
David Woodhouse [Mon, 6 Oct 2008 21:41:18 +0000 (22:41 +0100)]
cookie on stdin
David Woodhouse [Mon, 6 Oct 2008 21:26:14 +0000 (22:26 +0100)]
Handle 'script' going away
David Woodhouse [Mon, 6 Oct 2008 21:18:25 +0000 (22:18 +0100)]
Add option for passing all traffic to a filedescript of the 'script'
This means we can just make it run something using lwip to provide a
SOCKS server.
David Woodhouse [Mon, 6 Oct 2008 21:01:09 +0000 (22:01 +0100)]
move environment setting to separate function
David Woodhouse [Mon, 6 Oct 2008 20:49:24 +0000 (21:49 +0100)]
print ifname
David Woodhouse [Mon, 6 Oct 2008 20:49:17 +0000 (21:49 +0100)]
Use pointopoint mode
David Woodhouse [Mon, 6 Oct 2008 08:36:23 +0000 (09:36 +0100)]
mention server cert
David Woodhouse [Mon, 6 Oct 2008 07:27:09 +0000 (08:27 +0100)]
Add DTLS test hacks
David Woodhouse [Mon, 6 Oct 2008 07:25:33 +0000 (08:25 +0100)]
explain the dtls wrong-packet problem now we know the cause
David Woodhouse [Sun, 5 Oct 2008 21:10:55 +0000 (22:10 +0100)]
Don't abort on all http response failures
David Woodhouse [Sun, 5 Oct 2008 18:05:18 +0000 (19:05 +0100)]
Only set write_new_config() callback if user gives a filename
David Woodhouse [Sun, 5 Oct 2008 16:54:58 +0000 (17:54 +0100)]
Tag version 0.93
David Woodhouse [Sun, 5 Oct 2008 16:54:23 +0000 (17:54 +0100)]
no gnomeui
David Woodhouse [Sun, 5 Oct 2008 16:02:35 +0000 (17:02 +0100)]
vpn name in title
David Woodhouse [Sun, 5 Oct 2008 16:02:21 +0000 (17:02 +0100)]
we have some form of error feedback now, at least
David Woodhouse [Sun, 5 Oct 2008 15:42:21 +0000 (16:42 +0100)]
Display dialog box on connect failure.
It's still horrid but at least it's better than nothing.
David Woodhouse [Sun, 5 Oct 2008 15:25:36 +0000 (16:25 +0100)]
Use progress callback for output
David Woodhouse [Sun, 5 Oct 2008 13:54:23 +0000 (14:54 +0100)]
make write_new_config a callback
David Woodhouse [Sun, 5 Oct 2008 13:45:55 +0000 (14:45 +0100)]
update todo for auth-dialog
David Woodhouse [Sun, 5 Oct 2008 13:29:40 +0000 (14:29 +0100)]
Fix disconnections with JF endpoint.
David Woodhouse [Sun, 5 Oct 2008 12:51:32 +0000 (13:51 +0100)]
kill host selection dialog when done with it
David Woodhouse [Sun, 5 Oct 2008 12:45:19 +0000 (13:45 +0100)]
choose host to connect to
David Woodhouse [Sun, 5 Oct 2008 11:37:21 +0000 (12:37 +0100)]
update xmlconfig into gconf
David Woodhouse [Sun, 5 Oct 2008 11:36:47 +0000 (12:36 +0100)]
silent when downloading config
David Woodhouse [Sun, 5 Oct 2008 11:25:40 +0000 (12:25 +0100)]
fix sha1 comparison
David Woodhouse [Sun, 5 Oct 2008 11:13:29 +0000 (12:13 +0100)]
Eliminate references to xmlconfig path in generic code
David Woodhouse [Sun, 5 Oct 2008 09:49:51 +0000 (10:49 +0100)]
Tag version 0.92
David Woodhouse [Sun, 5 Oct 2008 09:47:56 +0000 (10:47 +0100)]
todo update
David Woodhouse [Sun, 5 Oct 2008 09:41:41 +0000 (10:41 +0100)]
install auth dialog
David Woodhouse [Sun, 5 Oct 2008 09:24:06 +0000 (10:24 +0100)]
don't include version.h
David Woodhouse [Sun, 5 Oct 2008 09:23:05 +0000 (10:23 +0100)]
Rename to openconnect to avoid potential trademark issues
David Woodhouse [Sun, 5 Oct 2008 08:49:28 +0000 (09:49 +0100)]
clean up version handling a little
David Woodhouse [Sun, 5 Oct 2008 08:39:52 +0000 (09:39 +0100)]
Add NM auth dialog
David Woodhouse [Sat, 4 Oct 2008 21:24:45 +0000 (22:24 +0100)]
fix make clean
David Woodhouse [Sat, 4 Oct 2008 21:20:57 +0000 (22:20 +0100)]
oops. Forgot cstp.c
David Woodhouse [Sat, 4 Oct 2008 21:00:01 +0000 (22:00 +0100)]
close on enter
David Woodhouse [Sat, 4 Oct 2008 20:52:24 +0000 (21:52 +0100)]
Add sample GTK UI callbacks for OpenSSL
Not pretty, but functional.
David Woodhouse [Sat, 4 Oct 2008 18:32:18 +0000 (19:32 +0100)]
Refactor to make auth bits into library
David Woodhouse [Sat, 4 Oct 2008 18:02:53 +0000 (19:02 +0100)]
Move ui and cstp stuff out of ssl.c
David Woodhouse [Sat, 4 Oct 2008 17:15:04 +0000 (18:15 +0100)]
start to split up ssl vs. cstp functions
David Woodhouse [Sat, 4 Oct 2008 17:10:43 +0000 (18:10 +0100)]
Switch to LGPLv2.1
David Woodhouse [Sat, 4 Oct 2008 16:59:09 +0000 (17:59 +0100)]
Split out write_new_config so that NM plugin can do something different
David Woodhouse [Sat, 4 Oct 2008 13:54:27 +0000 (14:54 +0100)]
exit with code 2 for a login failure
David Woodhouse [Sat, 4 Oct 2008 13:41:13 +0000 (14:41 +0100)]
Automatic tun device naming
David Woodhouse [Sat, 4 Oct 2008 10:11:16 +0000 (11:11 +0100)]
oops, most of TODO items vanished...
David Woodhouse [Thu, 2 Oct 2008 21:15:54 +0000 (22:15 +0100)]
Tag version 0.91
David Woodhouse [Thu, 2 Oct 2008 21:15:03 +0000 (22:15 +0100)]
fix tag check
David Woodhouse [Thu, 2 Oct 2008 21:10:19 +0000 (22:10 +0100)]
kill neon.c
David Woodhouse [Thu, 2 Oct 2008 21:09:29 +0000 (22:09 +0100)]
use correct file for key
David Woodhouse [Thu, 2 Oct 2008 21:06:51 +0000 (22:06 +0100)]
remove curl.c
David Woodhouse [Thu, 2 Oct 2008 20:59:34 +0000 (21:59 +0100)]
Handle PIN and code in either order
David Woodhouse [Thu, 2 Oct 2008 20:21:55 +0000 (21:21 +0100)]
fix up append_opt length handling and escaping
David Woodhouse [Thu, 2 Oct 2008 18:20:56 +0000 (19:20 +0100)]
download config
David Woodhouse [Thu, 2 Oct 2008 16:11:05 +0000 (17:11 +0100)]
Asynchronous DTLS (re)connection
David Woodhouse [Thu, 2 Oct 2008 13:57:04 +0000 (14:57 +0100)]
new dtls_state var
David Woodhouse [Thu, 2 Oct 2008 13:44:49 +0000 (14:44 +0100)]
reconnect on dtls dpd
David Woodhouse [Thu, 2 Oct 2008 13:19:34 +0000 (14:19 +0100)]
No need to SSL_CTX_add_session()
projects / platform / upstream / openconnect.git / log