summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
David Woodhouse [Sat, 27 Sep 2008 05:27:59 +0000 (23:27 -0600)]
Use OpenSSL TPM engine
David Woodhouse [Sat, 27 Sep 2008 05:27:38 +0000 (23:27 -0600)]
quieter
David Woodhouse [Sat, 27 Sep 2008 05:27:12 +0000 (23:27 -0600)]
Make interface name configurable
Marcel Holtmann [Fri, 26 Sep 2008 16:46:28 +0000 (18:46 +0200)]
Add IPv4 address and netmask configuration
David Woodhouse [Fri, 26 Sep 2008 16:43:05 +0000 (09:43 -0700)]
silence warnings, and output
David Woodhouse [Thu, 25 Sep 2008 01:08:33 +0000 (18:08 -0700)]
Add cookie fetching code, given a certificate. This bit sucks
David Woodhouse [Thu, 25 Sep 2008 01:06:36 +0000 (18:06 -0700)]
Another response seen in the wild
David Woodhouse [Wed, 24 Sep 2008 22:03:21 +0000 (15:03 -0700)]
fix curl_err uninitialised
David Woodhouse [Wed, 24 Sep 2008 21:43:37 +0000 (14:43 -0700)]
Remove abstraction crap
David Woodhouse [Tue, 23 Sep 2008 23:31:49 +0000 (16:31 -0700)]
Fall back to SSL if DTLS dies
David Woodhouse [Tue, 23 Sep 2008 23:25:40 +0000 (16:25 -0700)]
Sort out DPD and Keepalive
This could be cleaner -- and shared between DTLS and SSL. But this seems
to work...
David Woodhouse [Tue, 23 Sep 2008 22:47:38 +0000 (15:47 -0700)]
one fewer FIXME...
David Woodhouse [Tue, 23 Sep 2008 22:46:27 +0000 (15:46 -0700)]
check DPD config
David Woodhouse [Tue, 23 Sep 2008 22:46:16 +0000 (15:46 -0700)]
tidy up, add DPD
David Woodhouse [Tue, 23 Sep 2008 22:39:54 +0000 (15:39 -0700)]
macros for packet types
David Woodhouse [Tue, 23 Sep 2008 22:08:38 +0000 (15:08 -0700)]
data transport over DTLS working
David Woodhouse [Tue, 23 Sep 2008 22:08:15 +0000 (15:08 -0700)]
don't send data over SSL while DTLS active
David Woodhouse [Tue, 23 Sep 2008 21:45:42 +0000 (14:45 -0700)]
attempt actual data transport over DTLS. Not working yet
David Woodhouse [Tue, 23 Sep 2008 21:05:34 +0000 (14:05 -0700)]
fix typo
David Woodhouse [Tue, 23 Sep 2008 21:02:11 +0000 (14:02 -0700)]
wheee. dtls works... at least with their library
David Woodhouse [Tue, 23 Sep 2008 07:56:41 +0000 (00:56 -0700)]
Add readahead to UDP socket, to avoid throwing away ends of packets.
Still doesn't work though -- but it's the same failure mode as when I run
the Cisco client with my own build of OpenSSL.
David Woodhouse [Tue, 23 Sep 2008 06:57:57 +0000 (23:57 -0700)]
Attempt DTLS setup. Broken.
David Woodhouse [Tue, 23 Sep 2008 00:06:04 +0000 (17:06 -0700)]
connect in separate func
David Woodhouse [Tue, 23 Sep 2008 00:00:08 +0000 (17:00 -0700)]
Start on DTLS setup
David Woodhouse [Mon, 22 Sep 2008 22:58:47 +0000 (15:58 -0700)]
move DTLS comments
David Woodhouse [Mon, 22 Sep 2008 22:55:41 +0000 (15:55 -0700)]
document ssl packetisation
David Woodhouse [Mon, 22 Sep 2008 22:47:25 +0000 (15:47 -0700)]
quit cleanly when receive unknown packet
David Woodhouse [Mon, 22 Sep 2008 22:45:34 +0000 (15:45 -0700)]
simplify payload_len handling
David Woodhouse [Mon, 22 Sep 2008 22:43:28 +0000 (15:43 -0700)]
a little more debug
David Woodhouse [Mon, 22 Sep 2008 22:35:33 +0000 (15:35 -0700)]
move inflate_and_queue_packet() into ssl.c
David Woodhouse [Mon, 22 Sep 2008 22:32:59 +0000 (15:32 -0700)]
split out queue_packet()
David Woodhouse [Mon, 22 Sep 2008 20:02:16 +0000 (13:02 -0700)]
server cert check in TODO
David Woodhouse [Mon, 22 Sep 2008 19:59:57 +0000 (12:59 -0700)]
add todo list
David Woodhouse [Mon, 22 Sep 2008 09:31:03 +0000 (02:31 -0700)]
Add compression support
David Woodhouse [Mon, 22 Sep 2008 08:22:28 +0000 (01:22 -0700)]
oops, anyconnect.h too
David Woodhouse [Mon, 22 Sep 2008 06:11:02 +0000 (23:11 -0700)]
actually send BYE packet on exit
David Woodhouse [Mon, 22 Sep 2008 06:03:48 +0000 (23:03 -0700)]
Add bye handling, not that it's used yet
David Woodhouse [Mon, 22 Sep 2008 05:57:47 +0000 (22:57 -0700)]
oops, forgot mainloop.c
David Woodhouse [Mon, 22 Sep 2008 05:46:08 +0000 (22:46 -0700)]
Drop wrong-length packets now that we don't see them
David Woodhouse [Mon, 22 Sep 2008 05:44:46 +0000 (22:44 -0700)]
Implement CSTP keepalive
David Woodhouse [Mon, 22 Sep 2008 05:44:32 +0000 (22:44 -0700)]
fix typo in DTLS failure warning
David Woodhouse [Mon, 22 Sep 2008 05:01:16 +0000 (22:01 -0700)]
Comment on write queue full situation
David Woodhouse [Mon, 22 Sep 2008 05:00:06 +0000 (22:00 -0700)]
Add comment about poll() handling
David Woodhouse [Mon, 22 Sep 2008 04:51:47 +0000 (21:51 -0700)]
First attempt at a mainloop
David Woodhouse [Mon, 22 Sep 2008 02:50:09 +0000 (19:50 -0700)]
Rename cisco.c to main.c, and output program to anyconnect
David Woodhouse [Mon, 22 Sep 2008 02:49:11 +0000 (19:49 -0700)]
fix up makefile
David Woodhouse [Mon, 22 Sep 2008 02:38:50 +0000 (19:38 -0700)]
Restructure somewhat
David Woodhouse [Mon, 22 Sep 2008 01:34:14 +0000 (18:34 -0700)]
Add licence boilerplate.
I'd prefer to use GPLv2, but that isn't compatible with either OpenSSL
(which is required; GNUTLS doesn't do DTLS), or lwip. And it's not as if
people are massively likely to 'steal' it for commercial products
without contributing back.
David Woodhouse [Mon, 22 Sep 2008 01:32:40 +0000 (18:32 -0700)]
get connect/response handling working
David Woodhouse [Mon, 22 Sep 2008 00:23:53 +0000 (17:23 -0700)]
Initial attempt at using cURL.
This is probably just going to be too much of a pain in the arse -- it's
going to be complex to handle the CONNECT request, and even harder
dealing with the TPM -- we don't know what SSL engine cURL will be
compiled with. And we have to be linked against OpenSSL _anyway_.
The only thing cURL buys us, really, is the redirect handling and HTTP
response parsing -- and most of that is trivial enough anyway.
Left here just in case I change my mind when it comes to actually
submitting the forms...
David Woodhouse [Sun, 21 Sep 2008 19:59:05 +0000 (12:59 -0700)]
Try using OpenSSL directly
David Woodhouse [Sun, 21 Sep 2008 06:36:55 +0000 (23:36 -0700)]
Add simple makefile
David Woodhouse [Sat, 20 Sep 2008 02:43:32 +0000 (19:43 -0700)]
First import of test code
projects / platform / upstream / openconnect.git / log