~mamarley/openconnect/+git/gitlab-main:coverity

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

d2025f9... by Dan Lenski on 2024-02-28

Merge branch 'rekey' into master

Fix logging of rekey / trojan invocation delay

See merge request openconnect/openconnect!539

29815ae... by Dan Lenski on 2024-02-27

Update changelog

Signed-off-by: Daniel Lenski <email address hidden>

17b45cd... by Wade Cline on 2024-02-28

Fix logging of rekey / trojan invocation delay

Closes #677

The rekey / trojan invocation is supposed to happen in the future.
Therefore subtract current time from expected time of rekey / invocation,
not the reverse.

These delays have been shown incorrectly ever since the SIGUSR1 handler was
added in b156b581e894b03e7169827b9e293ca2f13e1366.

Originally submitted at
https://lists.infradead.org/pipermail/openconnect-devel/2024-February/005400.html

Signed-off-by: Cline, Wade <email address hidden>
Signed-off-by: Dimitri Papadopoulos <email address hidden>
Signed-off-by: Daniel Lenski <email address hidden>

8489956... by Dan Lenski on 2024-02-25

Merge branch 'tmp-build-mingw' into 'master'

MinGW build improvements

See merge request openconnect/openconnect!537

53adf49... by Marios Paouris <email address hidden> on 2024-02-22

MinGW build improvements

- Decoupled wintun and vpnc-script-win.js from building installer.
- Added required dependencies for downloading wintun and vpnc-script-win.js.
- Install wintun, vpnc-script-win.js and list-system-keys by default.
- Added configure option to disable building installer (doesn't work in
  msys/mingw builds, can also speedup build when no installer required).

Signed-off-by: Marios Paouris <email address hidden>

6585378... by Dan Lenski on 2024-02-22

Merge branch 'tmp-fix-openssl-3.0.6' into 'master'

Fix compatibility with openssl 3.1 and later versions

See merge request openconnect/openconnect!536

5567854... by Dan Lenski on 2024-02-22

Update changelog

Signed-off-by: Daniel Lenski <email address hidden>

7f81a2b... by Nikos Mavrogiannopoulos on 2024-02-21

openssl-dtls: use DTLS 1.2 for PSK-NEGOTIATE

Avoid reducing the security level for PSK-NEGOTIATE by
setting DTLS 1.2. This works well because all PSK-NEGOTIATE
ocserv servers are using gnutls that supports DTLS 1.2.

This addresses a previously undetermined issue with DTLS on centos7.

Signed-off-by: Nikos Mavrogiannopoulos <email address hidden>

e4fbc39... by Nikos Mavrogiannopoulos on 2024-02-21

.gitlab-ci.yml: use fedora39 for all builds

Signed-off-by: Nikos Mavrogiannopoulos <email address hidden>

6b603d1... by Nikos Mavrogiannopoulos on 2024-02-21

openssl-dtls: set security level to zero when negotiating DTLS 1.0 or earlier

This addresses the issue of openssl 3.1 running in fedora39.

Signed-off-by: Nikos Mavrogiannopoulos <email address hidden>
Signed-off-by: Daniel Lenski <email address hidden>