lp:~mamarley/openconnect/+git/gitlab-main
- Get this repository:
-
git clone
https://git.launchpad.net/~mamarley/openconnect/+git/gitlab-main
Import details
This repository is an import of the Git repository at https://gitlab.com/openconnect/openconnect.git.
Last successful import was .
Branches
Name | Last Modified | Last Commit |
---|---|---|
workaround_ |
2024-04-25 17:14:57 UTC |
Update changelog
Author:
Dan Lenski
Update changelog Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
Update_Android | 2024-04-05 19:04:09 UTC |
DEBUG
Author:
Dimitri Papadopoulos Orfanos
DEBUG Signed-off-by: Dimitri Papadopoulos Orfanos <3350651- |
ipv6-tests | 2024-04-05 17:34:02 UTC |
Allow tests to run over IPv6 as well as Legacy IP
Author:
dwmw2
Allow tests to run over IPv6 as well as Legacy IP When run in an environment with no Legacy IP addresses, or no IPv6 addresses, So when running in an IPv6-only environment, ocserv doesn't listen on Legacy Some of the python test servers which don't use AI_ADDRCONFIG do still work We recently added '-4' to the socat invocation for the nullppp tests, for Closes #721 Signed-off-by: David Woodhouse <dwmw2@ |
script_setpgid | 2024-04-05 16:14:59 UTC |
Consistency between tun.c and script.c
Author:
Dimitri Papadopoulos
Consistency between tun.c and script.c Signed-off-by: Dimitri Papadopoulos <3350651- |
bug-report | 2024-04-05 16:06:22 UTC |
Use new AC_INIT() arguments in actual code
Author:
Dimitri Papadopoulos Orfanos
Use new AC_INIT() arguments in actual code Signed-off-by: Dimitri Papadopoulos Orfanos <3350651- |
master | 2024-04-05 10:07:08 UTC |
Merge branch 'Fedora_ppp-over-tls' into 'master'
Author:
dwmw2
Merge branch 'Fedora_ Verbose logs to debug and fix ppp-over-tls Closes #720 See merge request openconnect/ |
coverity | 2024-02-28 05:42:32 UTC |
Merge branch 'rekey' into master
Author:
Dan Lenski
Merge branch 'rekey' into master Fix logging of rekey / trojan invocation delay See merge request openconnect/ |
test-remove- |
2024-02-20 17:02:17 UTC |
Try removing Fedora 38 CI image
Author:
Dan Lenski
Try removing Fedora 38 CI image See discussion at https:/ Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
tmp-latest-fedora | 2024-01-15 22:06:47 UTC |
Use latest fedora (39) for CI
Author:
Nikos Mavrogiannopoulos
Use latest fedora (39) for CI This moves all CI images to Fedora39 except OpenSSL builds Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannop |
pulse_concatena |
2024-01-06 21:13:45 UTC |
Handle concatenated and/or split packets in Pulse TLS tunnel
Author:
Dan Lenski
Handle concatenated and/or split packets in Pulse TLS tunnel Borrows the approach of ppp.c. Should fix #456. I have managed to test the handling of both concatenated and I'm not precisely certain of the server version, but it's older than 9.1R14; 1. The test server can be induced to reply with concatenated packets by Resulting trace-level log messages: ``` 2. Test server can be induced to reply with split packets by sending it Resulting trace-level log messages (omitting the outgoing bits for brevity): ``` Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
GP_prelogin_ |
2023-09-25 17:10:10 UTC |
Send 'cas-support=yes' in GlobalProtect prelogin request
Author:
Dan Lenski
Send 'cas-support=yes' in GlobalProtect prelogin request Per https:/ CAS is not supported by the client. Minimum client version is 6.0 It appears that CAS ("Central Authentication Server"; Per https:/ Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
nx-merge- |
2023-09-14 14:32:35 UTC |
Merge branch 'master' of gitlab.com:openconnect/openconnect
Author:
Andreas Gnau
Merge branch 'master' of gitlab. |
jpfleischer- |
2023-09-10 18:34:33 UTC |
What is this 'static' doing there?
Author:
Dan Lenski
What is this 'static' doing there? Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
658-anyconnect- |
2023-09-02 05:37:28 UTC |
Shim for renaming of GNUTLS_NO_EXTENSIONS in GnuTLS v3.8.1
Author:
Dan Lenski
Shim for renaming of GNUTLS_ The constant `GNUTLS_ We need to re-add the constant ourselves in order to build correctly with Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
parse_HTML_as_utf8 | 2023-08-09 23:03:38 UTC |
Reject HTML documents if charset from Content-Type isn't UTF-8/US-ASCII
Author:
Dan Lenski
Reject HTML documents if charset from Content-Type isn't UTF-8/US-ASCII We do not (yet) have a mechanism to convey the correct encoding to the Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
handle_ |
2023-08-08 17:11:22 UTC |
Update changelog
Author:
Dan Lenski
Update changelog Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
add_ipvX_ |
2023-07-26 20:05:01 UTC |
Set ipv[46]_unreachable flags for Pulse
Author:
Dan Lenski
Set ipv[46]_unreachable flags for Pulse Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
pulse-esp-off | 2023-07-25 21:18:27 UTC |
ESP reconnect hackery
Author:
dwmw2
ESP reconnect hackery Signed-off-by: David Woodhouse <dwmw2@ |
csd_post_ |
2023-07-25 16:44:31 UTC |
csd-post.sh: Unconditionally re-enable UnsafeLegacyRenegotiation for OpenSSL 3.x
Author:
Dan Lenski
csd-post.sh: Unconditionally re-enable UnsafeLegacyRen Our csd-post.sh script (CSD Trojan emulation) uses cURL to submit its This causes csd-post.sh to fail without any clear explanation why. We In order to re-enable ULR, we need to create a custom OpenSSL configuration See https:/ Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
test_non_ |
2023-07-23 18:22:09 UTC |
fake-juniper-server: Include literal values of realms in HTML, and test with ...
Author:
Dan Lenski
fake-juniper- This should help us debug Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
android_ndk_update | 2023-06-13 14:25:02 UTC |
Don't override Android toolchain dir
Author:
dwmw2
Don't override Android toolchain dir Signed-off-by: David Woodhouse <dwmw2@ |
nobash | 2023-05-22 17:27:06 UTC |
Don't use bash for symbols test
Author:
dwmw2
Don't use bash for symbols test Might fix #614? |
freebsd | 2023-05-19 17:28:48 UTC |
os-tcp-mtu.c: Explicitly include <netinet/in.h> for sockaddr_in(6|)
Author:
dwmw2
os-tcp-mtu.c: Explicitly include <netinet/in.h> for sockaddr_in(6|) This doesn't get pulled in automatically in FreeBSD. Signed-off-by: David Woodhouse <dwmw2@ |
mac-no-pmtu-sockopt | 2023-05-19 11:15:45 UTC |
Disable explict setting of IP_PMTUDISC_DO on MacOS
Author:
dwmw2
Disable explict setting of IP_PMTUDISC_DO on MacOS Fixes: #612 |
time_T | 2023-05-19 11:07:56 UTC |
Fix time_t handling in parsing F5 session timeout
Author:
dwmw2
Fix time_t handling in parsing F5 session timeout We can't assume that time_t is 'long'. When building for win64 we get: Make it explicitly 'unsigned long long' instead. Signed-off-by: David Woodhouse <dwmw2@ |
checksyms | 2023-05-18 17:21:28 UTC |
Move openconnect_set_sni() to API v5.9
Author:
dwmw2
Move openconnect_ We retrospectively added openconnect_ Fix that by retconning it into a @OPENCONNECT_5_9 version which will be We have a unit test to prevent us from doing it again, and this commit Fixes: 494edf49e628 ("Add openconnect_set_sni API function and Java setSNI() wrapper") |
newca | 2023-05-17 08:53:17 UTC |
Rebuild all test certificates
Author:
dwmw2
Rebuild all test certificates The CA has expired. Rebuild it (and remove the old GnuTLS CA from the Rebuild all other certificates while we're at it, but leave the keys Dan seems young and healthy; maybe he can thank me then for pedantially Most of it worked out of the box this time, but I re-imported the certs Arguably we should rewrite those rules to import things the same way The SoftHSM modifications also had to be done with an older version Fixes: #609 |
win32-extbrowser | 2023-05-11 16:59:54 UTC |
Attempt to spawn browser on Windows
Author:
dwmw2
Attempt to spawn browser on Windows Fixes: #553 |
warn_about_ |
2023-05-09 05:28:47 UTC |
Warn about blocked DTLS 0.9/1.0 in recent builds of OpenSSL, suggest --allow-...
Author:
Dan Lenski
Warn about blocked DTLS 0.9/1.0 in recent builds of OpenSSL, suggest --allow- Recent distro builds of OpenSSL prevent the use of pre-1.2 TLS via default * Ubuntu's build of OpenSSL starting with 1.1.1f (https:/ Discussion on mailing list at This adds a warning when DTLS handshake fails with OpenSSL 1.1.1f+, and Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
catch-fortinet- |
2023-05-08 18:51:59 UTC |
Catch Fortinet DTLS heartbeat packets
Author:
Dan Lenski
Catch Fortinet DTLS heartbeat packets This should fix https:/ Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
esp-probes | 2023-04-28 07:22:19 UTC |
Rework ESP probe retries
Author:
dwmw2
Rework ESP probe retries We weren't attempting to resend ESP probes at all, except at the retry Drop the loops in the protocol-specific udp_send_probes() functions Fix up the reconnect handling with vpninfo- Fixes: #601 |
oncp-braindamage | 2023-04-19 15:48:20 UTC |
Fix oncp Legacy IP check
Author:
dwmw2
Fix oncp Legacy IP check Signed-off-by: David Woodhouse <dwmw2@ |
oncp-debug | 2023-04-18 14:17:20 UTC |
oNCP framing debug
Author:
dwmw2
oNCP framing debug Signed-off-by: David Woodhouse <dwmw2@ |
eap-tls | 2023-04-18 13:40:26 UTC |
Attempting to reject EAP-TLS request
Author:
dwmw2
Attempting to reject EAP-TLS request If we claim to be a new enough client, and the Pulse server is configured Looks like rejecting it with EAP_TYPE_NAK, and even sending a fatal 'no Signed-off-by: David Woodhouse <dwmw2@ |
sudo | 2023-04-11 08:38:10 UTC |
Ad --sudo argument to allow running authentication unprivileged
Author:
dwmw2
Ad --sudo argument to allow running authentication unprivileged Actually I'm having second thoughts about this; there are multiple better This hack works, but it's a bunch of work to make it *right*. We can't It's also fairly trivial to do this approach in a shell script using Signed-off-by: David Woodhouse <dwmw2@ |
proposed-9.02 | 2023-04-10 18:42:47 UTC |
Tag version 9.02
Author:
Dan Lenski
Tag version 9.02 Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
queue_saturatio |
2023-03-18 17:36:46 UTC |
Statistics on queue saturation
Author:
Dan Lenski
Statistics on queue saturation Our default maximum packet queue length (max_qlen) of 10 appears to be too FIXME/WHY??? Testing by dwmw2 in 2021 suggested queue length of 10 was Add trace-level logging messages for when we hit the outgoing and incoming Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
Ubuntu_22.04 | 2023-03-06 06:37:59 UTC |
No need to change crypto-policies on Fedora
Author:
Dimitri Papadopoulos
No need to change crypto-policies on Fedora We do not test DSA keys, because they have been removed from the LEGACY Signed-off-by: Dimitri Papadopoulos <3350651- |
apple_utun_clue | 2023-03-01 01:26:10 UTC |
Tell Apple users not to use '-i tunX', but '-i utunX' instead.
Author:
Dan Lenski
Tell Apple users not to use '-i tunX', but '-i utunX' instead. Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
periodic_ |
2023-01-28 01:03:53 UTC |
allow --force-trojan to override TNCC interval with a shorter one
Author:
Dan Lenski
allow --force-trojan to override TNCC interval with a shorter one See https:/ Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
preserve_ |
2022-11-05 04:29:41 UTC |
Fortinet: Ensure that SVPNCOOKIE is not overwritten/deleted by config requests
Author:
Dan Lenski
Fortinet: Ensure that SVPNCOOKIE is not overwritten/deleted by config requests This should fix #514 Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
debug_466 | 2022-07-10 23:38:54 UTC |
Distinguish XML and non-XML error paths in gpst_xml_or_error
Author:
Dan Lenski
Distinguish XML and non-XML error paths in gpst_xml_or_error This should help with debugging https:/ Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
tags/FAKE_ |
2022-07-09 17:49:24 UTC |
Persist Windows installer artifacts (openconnect-installer.exe) for tagged co...
Author:
Dan Lenski
Persist Windows installer artifacts (openconnect- We shouldn't expire these, as explained in Solution is based on the Gitlab-CI formula described at Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
handle_ |
2022-06-21 00:28:41 UTC |
Untested WIP: Handle concatenated and/or split packets in Pulse TLS tunnel
Author:
Dan Lenski
Untested WIP: Handle concatenated and/or split packets in Pulse TLS tunnel Borrows the approach of ppp.c, not tested at all yet. Ping #456 Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
check_tcp_mtu_tool | 2022-06-20 00:56:54 UTC |
Tunnel MTU calculation diagrams
Author:
Dan Lenski
Tunnel MTU calculation diagrams Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
calculate_ |
2022-06-15 22:04:57 UTC |
[QUICK-AND-DIRTY] Calculate Pulse MTU independently of the server and overrid...
Author:
Dan Lenski
[QUICK-AND-DIRTY] Calculate Pulse MTU independently of the server and override if the server's value seems too high See comments inline for what's going on here. Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
clearer_ |
2022-05-28 21:39:36 UTC |
Clearer error for list-system-keys on Unix-like platforms
Author:
Dan Lenski
Clearer error for list-system-keys on Unix-like platforms It appears that the `gnutls_ Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
arraymulti | 2022-05-26 10:11:15 UTC |
Quick hack to test corking performance
Author:
dwmw2
Quick hack to test corking performance Signed-off-by: David Woodhouse <dwmw2@ |
too_many_ |
2022-05-17 22:21:32 UTC |
OpenConnect has too many slightly-varying and undocumented interfaces for ext...
Author:
Dan Lenski
OpenConnect has too many slightly-varying and undocumented interfaces for external scripts with similar functions Document them in 'What needs doing?' for now. Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
no-success-auth | 2022-05-16 16:48:49 UTC |
Assume success when a session-token is given
Author:
dwmw2
Assume success when a session-token is given Should fix https:/ Signed-off-by: David Woodhouse <dwmw2@ |
list-system-keys | 2022-05-16 15:36:16 UTC |
Print full cert info
Author:
dwmw2
Print full cert info Signed-off-by: David Woodhouse <dwmw2@ |
ext_browser_ |
2022-05-12 03:10:46 UTC |
Cisco STRAP key refinements
Author:
Dan Lenski
Cisco STRAP key refinements Sending STRAP keys appears to restrict the ability to reuse the webvpn cookie Therefore we should avoid generating and offering STRAP keys unless. 1. We are doing authentication and may potentially use external- Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
winesp | 2022-05-10 07:02:37 UTC |
Fix ESP recv() error handling for Windows
Author:
dwmw2
Fix ESP recv() error handling for Windows Fixes: #427 Signed-off-by: David Woodhouse <dwmw2@ |
hpke-win32 | 2022-04-28 18:45:21 UTC |
Attempt to spawn browser on Windows.
Author:
dwmw2
Attempt to spawn browser on Windows. Seems to fail with err 148. No idea why. Signed-off-by: David Woodhouse <dwmw2@ |
request_ |
2022-04-22 21:36:11 UTC |
Add openconnect_set_requested_ip() and --request-ip to explicitly request spe...
Author:
Dan Lenski
Add openconnect_ Protocol support: - GlobalProtect supports requesting either Legacy IP or IPv6 addresses. Currently, this option is only a request. OpenConnect will print an error The openconnect_ We assume that any real VPN server that provides IP addresses in text form Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
translations | 2022-04-15 19:34:51 UTC |
Import translations from GNOME
Author:
dwmw2
Import translations from GNOME Signed-off-by: David Woodhouse <dwmw2@ |
multicert | 2022-04-14 15:50:25 UTC |
Increase server delay for fake server tests
Author:
dwmw2
Increase server delay for fake server tests Doesn't look like 1 second is enough of a delay in all cases. Signed-off-by: David Woodhouse <dwmw2@ |
verbosity_fix | 2022-04-08 18:10:42 UTC |
Bugfix verbosity level
Author:
Dan Lenski
Bugfix verbosity level I messed things up in 48de4c0d240579f Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
oNCP_allow_ |
2022-02-07 22:36:00 UTC |
Update changelog
Author:
Dan Lenski
Update changelog Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
add_local_id_option | 2022-02-03 20:05:40 UTC |
Update manual to include `--local-id` with examples thereof
Author:
Dan Lenski
Update manual to include `--local-id` with examples thereof Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
Windows_ |
2022-01-13 05:51:04 UTC |
dumb_socketpair(): extra debugging output via fprintf
Author:
Dan Lenski
dumb_socketpair(): extra debugging output via fprintf Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
install_ |
2021-10-14 02:17:06 UTC |
Make install_vpn_opts tolerate missing IP addresses on reconnect
Author:
Dan Lenski
Make install_vpn_opts tolerate missing IP addresses on reconnect Some protocols don't always send IP address(es) in configuration packets in Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
less_noisy_ |
2021-08-31 20:53:10 UTC |
Only log UDP SO_SNDBUF getsockopt() if it differs from intended value
Author:
Dan Lenski
Only log UDP SO_SNDBUF getsockopt() if it differs from intended value Ping #299. (The increase in UDP sndbuf was added in d4ba1e1d.) Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
aesni | 2021-07-02 09:16:46 UTC |
Add AES-NI ESP implementation
Author:
dwmw2
Add AES-NI ESP implementation Signed-off-by: David Woodhouse <dwmw2@ |
hacks2 | 2021-07-01 21:04:03 UTC |
Add AES-NI ESP implementation
Author:
dwmw2
Add AES-NI ESP implementation Signed-off-by: David Woodhouse <dwmw2@ |
epoll | 2021-07-01 16:04:20 UTC |
Clear epoll_fd after forking to background self
Author:
dwmw2
Clear epoll_fd after forking to background self Otherwise we remove the events from the epoll_fd before we exit in Signed-off-by: David Woodhouse <dwmw2@ |
pulse_Juniper2_ |
2021-06-23 22:24:25 UTC |
Speculative fix for #255
Author:
Dan Lenski
Speculative fix for #255 This field: AVP 79: 01 01 00 12 fe 00 0a 4c [00 00 00 05] 01 [00 11 5d bf 60] … is very similar to the Juniper/2 PASSREQ case: AVP 79: 01 01 00 12 fe 00 0a 4c 00 00 00 02 01 … except for 2 → 5, and extra bytes at the end. Just log these bytes, and Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
IP_and_ |
2021-06-17 23:12:51 UTC |
CSTP: Always set Legacy IP netmask to 0.0.0.0 unless split-includes received
Author:
Dan Lenski
CSTP: Always set Legacy IP netmask to 0.0.0.0 unless split-includes received As described in the previous patch, we think that Cisco servers expect us to However, Cisco servers may also send another "main" Legacy IP route via Once this is merged, we'll be able to remove from vpnc-script the following Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
811 | 2021-06-12 09:43:31 UTC |
Unconditionally bypass system crypto policy
Author:
dwmw2
Unconditionally bypass system crypto policy This makes me extremely sad, but they rolled it out with *no* way to It's just unworkable and incomplete as currently implemented in the Signed-off-by: David Woodhouse <dwmw2@ |
add_fake- |
2021-05-25 01:20:48 UTC |
Use check_http_status in cstp.c
Author:
Dan Lenski
Use check_http_status in cstp.c This function was added in d257a7e7cec848c With this change, there is no longer any place where OpenConnect *expects* This simplifies fake-cisco- Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
nx | 2021-05-23 16:48:39 UTC |
nx: Send X-NE-SESSIONPROMPT: true header
Author:
Andreas Gnau
nx: Send X-NE-SESSIONPROMPT: true header Apparently, X-NE-SESSIONPROMPT: true seems to be needed in some rare (?) https:/ Of all the clients tested, ONLY NetExtender for Windows sends this Signed-off-by: Andreas Gnau <rondom@rondom.de> |
test | 2021-05-19 17:53:52 UTC |
GnuTLS: Make load_certificate() return an allocate gtls_cert_info
Author:
dwmw2
GnuTLS: Make load_certificate() return an allocate gtls_cert_info Signed-off-by: David Woodhouse <dwmw2@ |
alloccertinfo | 2021-05-19 17:53:52 UTC |
GnuTLS: Make load_certificate() return an allocate gtls_cert_info
Author:
dwmw2
GnuTLS: Make load_certificate() return an allocate gtls_cert_info Signed-off-by: David Woodhouse <dwmw2@ |
simplify_ |
2021-05-10 17:30:54 UTC |
centralize/simplify versioning in version.sh
Author:
Dan Lenski
centralize/simplify versioning in version.sh Let's not make the Makefile jump through so many hoops to generate Windows-ified version strings. Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
extreme_ |
2021-04-20 17:12:24 UTC |
Add ASCII-art diagram of MTUs that OpenConnect needs to track
Author:
Dan Lenski
Add ASCII-art diagram of MTUs that OpenConnect needs to track Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
jun2pulse_ |
2021-04-17 10:46:07 UTC |
encourage use of this monstrosity if Juniper auth works, but tunnel isn't sup...
Author:
Dan Lenski
encourage use of this monstrosity if Juniper auth works, but tunnel isn't supported Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
fix_delay_close | 2021-04-14 23:09:59 UTC |
Simplify resetting of delay_close and delay_tunnel_reason
Author:
Dan Lenski
Simplify resetting of delay_close and delay_tunnel_reason When delay_close and delay_tunnel_reason were added in This ensures that they will be reset on each iteration, thereby making the Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
new_nx | 2021-04-12 17:27:20 UTC |
clean up memory error (caught by static analyzer)
Author:
Dan Lenski
clean up memory error (caught by static analyzer) Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
temp/Ubuntu_ |
2021-04-04 17:14:14 UTC |
juniper-sso-auth: fix Ubuntu CI
Author:
Dan Lenski
juniper-sso-auth: fix Ubuntu CI Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
Windows_ |
2021-03-31 13:46:50 UTC |
Fix output redirection under Windows
Author:
dwmw2
Fix output redirection under Windows If WriteConsoleW() fails, convert to the *console* code page and write to Mostly researched by bers in !177. Fixes: #229 Signed-off-by: David Woodhouse <dwmw2@ |
wintun | 2021-03-30 22:23:29 UTC |
Attempt to configure interface
Author:
dwmw2
Attempt to configure interface vpnc-script-win.js seems to wait until the Legacy IP address of the Signed-off-by: David Woodhouse <dwmw2@ |
temp/FIXME_ |
2021-03-29 04:04:08 UTC |
FIXME Centos7 f5/forti tests
Author:
Dan Lenski
FIXME Centos7 f5/forti tests Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
disable_ |
2021-03-25 22:38:14 UTC |
disable stdout buffering on Windows
Author:
Dan Lenski
disable stdout buffering on Windows See https:/ Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
explicit_ |
2021-03-23 17:52:26 UTC |
HTTP requests: add explicit 'Connection: keep-alive' header unless --no-http-...
Author:
Dan Lenski
HTTP requests: add explicit 'Connection: keep-alive' header unless --no-http-keepalive specified This is *supposed* to be the HTTP/1.1 default, but some servers appear not to follow it unless explicitly requested. The oNCP protocol includes one request (GET-tunnel) which unconditionally requires the header 'Connection: close' to work properly. Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
temp-centos6 | 2021-02-26 02:24:54 UTC |
centos6 ppp test flailing
Author:
Dan Lenski
centos6 ppp test flailing Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
temp-test-centos7 | 2021-02-22 20:33:41 UTC |
why Centos7 failing now?
Author:
Dan Lenski
why Centos7 failing now? Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
change_ |
2021-02-20 01:40:07 UTC |
redirect all ftp/http/https links to Gitlab rather than infradead.org
Author:
Dan Lenski
redirect all ftp/http/https links to Gitlab rather than infradead.org Except for past release tarballs and their signatures. TODO: figure out if we can do signed releases on Gitlab. Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
temp_test | 2021-02-09 01:13:22 UTC |
Ubuntu test --enable-ppp-tests
Author:
Dan Lenski
Ubuntu test --enable-ppp-tests Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
periodic_TNCC_fix | 2020-12-16 21:53:41 UTC |
allow --force-trojan to override TNCC interval with a shorter one
Author:
Dan Lenski
allow --force-trojan to override TNCC interval with a shorter one See https:/ Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
the_great_renaming | 2020-12-08 23:44:14 UTC |
update man-page caveat regarding IPv6 and vpnc-script
Author:
Dan Lenski
update man-page caveat regarding IPv6 and vpnc-script Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
remove_ |
2020-11-30 03:12:10 UTC |
CSD XML tag and nostub are entirely protocol-specific and used in only one place
Author:
Dan Lenski
CSD XML tag and nostub are entirely protocol-specific and used in only one place This patch replaces them with inline functions (modeled after gpst_os_name), TODO: further clarify, separate, and consolidate protocol-specific data in Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
gp_handle_ |
2020-11-29 22:09:51 UTC |
fix memory leaks (start and dns) caught by static analyzer
Author:
Dan Lenski
fix memory leaks (start and dns) caught by static analyzer Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
dlenski-master | 2020-10-15 05:01:37 UTC |
finesse the URL-decoding of the GP login args
Author:
Dan Lenski
finesse the URL-decoding of the GP login args Unsurprisingly, it's messier than I thought it was. Some of them definitely Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
temp-force-ci | 2020-10-15 02:31:40 UTC |
add tests/obsolete-server-crypto to XFAIL on all CI using OpenSSL 1.1.0+
Author:
Dan Lenski
add tests/obsolete- OpenSSL 1.1.0+ removes 3DES and RC4 from the default build: https:/ There is no way to re-enable without rebuilding from source. Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
handle- |
2020-10-06 19:40:49 UTC |
handle <dynamic-split-include-domains> (from authentication-response <opaque>)
Author:
Dan Lenski
handle <dynamic- See https:/ Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
f5 | 2020-05-24 21:50:42 UTC |
nx: Implement logout
Author:
Andreas Gnau
nx: Implement logout Signed-off-by: Andreas Gnau <rondom@rondom.de> |
delay_tunnel_ |
2020-05-20 16:46:33 UTC |
make Mingw32/64 CI happy
Author:
Dan Lenski
make Mingw32/64 CI happy Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
multiple_ |
2020-05-15 16:26:51 UTC |
Merge branch 'multiple_auth_feature' of gitlab.com:incentive.design/openconnect
Author:
dwmw2
Merge branch 'multiple_ |
stop_hardcoding |
2020-05-05 22:27:01 UTC |
stop sending 'PAN GlobalProtect' as UA; recent server versions don't appear t...
Author:
Dan Lenski
stop sending 'PAN GlobalProtect' as UA; recent server versions don't appear to enforce this Add a comment in the manual about older servers where spoofing this value may still may be necessary. See https:/ Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
explain_ |
2020-04-21 23:25:17 UTC |
explain exit status in HIP/CSD scripts
Author:
Dan Lenski
explain exit status in HIP/CSD scripts Follow-up to b2a2c7a9c244505 Signed-off-by: Daniel Lenski <dlenski@gmail.com> |
1 → 100 of 120 results | First • Previous • Next • Last |