Overview Repositories Revisions Requests Users Attributes Meta

Revisions of ocserv

Michael Du's avatar Michael Du (stawidy) accepted request 818635 from Michael Du's avatar Michael Du (stawidy) (revision 32) 
Fix source verification.
Michael Du's avatar Michael Du (stawidy) accepted request 818634 from Michael Du's avatar Michael Du (stawidy) (revision 31) 
- Update to version 1.1.0:
  * Switch from fork to fork/exec model to achieve better scaling 
    and ASLR protection. This introduces an ocserv-worker application 
    which should be installed at the same path as ocserv (#285).
  * When Linux OOM takes control kill ocserv workers before 
    ocserv-main or ocserv-secmod (#283).
  * Disable TCP queuing on the TLS port.
  * Fix leak of GnuTLS session when DTLS connection is 
    re-established (#293).
- Verify source with keyring before build.
Michael Du's avatar Michael Du (stawidy) accepted request 796111 from Martin Hauke's avatar Martin Hauke (mnhauke) (revision 30) 
- Add signature and keyring for source verification
- Build with support for maxminddb
- Build with support for OATH
- Update to version 1.0.1
  * Prevent clients that use broken versions of gnutls from
    connecting using DTLS.
  * occtl: added machine-readable fields in json output.
  * occtl: IPs in ban list value is now reflecting the actual
    banned IPs rather than the database size.
- Update to version 1.0.0
  * Avoid crash on invalid configuration values.
  * Updated manpage generation to work with newer versions of ronn.
  * Ensure scripts have all the information on all disconnection
    types.
  * Several updates to further restrict the control that worker
    processes have on the main process.
  * Add support for RFC6750 bearer tokens. This adds the "auth=oidc"
    config option. See doc/README-oidc.md for more information.
  * Add USER_AGENT, DEVICE_TYPE and DEVICE_PLATFORM environment
    variables when connect/disconnect scripts execute.
  * Corrected issue with DTLS-PSK negotiation which prevented it
    from being enabled.
  * Improved IPv6 handling of AnyConnect client for Apple ios.
  * Fixed issue with Radius accounting.
- Update to version 0.12.6
  * Improved IPv6 support for anyconnect clients.
  * The 'split-dns' configuration directive can be used per-user.
  * The max-same-clients=1 configuration option no longer refuses
    the reconnection of an already connected user.
  * Added openat() to the accepted list of seccomp calls. This
buildservice-autocommit accepted request 766080 from Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) (revision 29) 
baserev update by copy to link target
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 758221 from Dominique Leuenberger's avatar Dominique Leuenberger (dimstar) (revision 28) 
- BuildRequire pkgconfig(libsystemd) instead of systemd-devel:
  Allow OBS to shortcut through the -mini flavors.
buildservice-autocommit accepted request 723235 from Marguerite Su's avatar Marguerite Su (MargueriteSu) (revision 27) 
baserev update by copy to link target
Marguerite Su's avatar Marguerite Su (MargueriteSu) accepted request 718270 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 26) 
- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
  firewalld, see [1].
  [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
buildservice-autocommit accepted request 697985 from Marguerite Su's avatar Marguerite Su (MargueriteSu) (revision 25) 
baserev update by copy to link target
Marguerite Su's avatar Marguerite Su (MargueriteSu) accepted request 697022 from Michael Du's avatar Michael Du (stawidy) (revision 24) 
- Update to version 0.12.3:
  * Fixed crash when no DTLS ciphersuite is negotiated.
  * Fixed crash happening arbitrarily depending on handled string 
    sizes (#197).
  * Fixed compatibility issue with GnuTLS 3.3.x (#201).
  * occtl: print the TLS session information, even if the DTLS 
    channel is not established.
buildservice-autocommit accepted request 668707 from Marguerite Su's avatar Marguerite Su (MargueriteSu) (revision 23) 
baserev update by copy to link target
Marguerite Su's avatar Marguerite Su (MargueriteSu) accepted request 668674 from Michael Du's avatar Michael Du (stawidy) (revision 22) 
- Update to version 0.12.2:
  * Added support for AES256-SHA legacy cipher. This allows the 
    anyconnect clients to use AES256.
  * Added support for the DTLS1.2 protocol hack used by new 
    Anyconnect clients.
buildservice-autocommit accepted request 612713 from Marguerite Su's avatar Marguerite Su (MargueriteSu) (revision 21) 
baserev update by copy to link target
Marguerite Su's avatar Marguerite Su (MargueriteSu) accepted request 610047 from Michael Du's avatar Michael Du (stawidy) (revision 20) 
- Update to version 0.12.1:
  * Fixed crash on initialization when server was running on background
  * Work around issues with GnuTLS 3.4.x on ubuntu 16.04, at the cost of a memory leak on key reload
buildservice-autocommit accepted request 606702 from Marguerite Su's avatar Marguerite Su (MargueriteSu) (revision 19) 
baserev update by copy to link target
Marguerite Su's avatar Marguerite Su (MargueriteSu) accepted request 606481 from Michael Du's avatar Michael Du (stawidy) (revision 18) 
- Update to version 0.12.0
  * Allow DTLS stream to come from different IP from TLS stream. There are situations where internet providers send the UDP stream from different IP.
  * Increased possibilities of allowed combinations of authentication methods.
  * Corrected regression since 0.11.8 with OTP authentication.
  * Added support for hostname-based virtual hosts, utilizing TLS SNI. With that change it is possible to configure multiple servers running over the same port.
  * Rename the tun device on BSD systems which support SIOCSIFNAME ioctl.
  * Correctly handle proxy-protocol’s health commands. That eliminates few connection drops when proxy protocol is in use.
  * Corrected crash on certain cases when proxy protocol is in use.
- Update ocserv.config.patch due to upstream changes
buildservice-autocommit accepted request 580606 from Marguerite Su's avatar Marguerite Su (MargueriteSu) (revision 17) 
baserev update by copy to link target
Marguerite Su's avatar Marguerite Su (MargueriteSu) committed (revision 16)
Marguerite Su's avatar Marguerite Su (MargueriteSu) accepted request 580402 from Marguerite Su's avatar Marguerite Su (MargueriteSu) (revision 15) 
- add firewalld service
buildservice-autocommit accepted request 580001 from Marguerite Su's avatar Marguerite Su (MargueriteSu) (revision 14) 
baserev update by copy to link target
Marguerite Su's avatar Marguerite Su (MargueriteSu) accepted request 580000 from Marguerite Su's avatar Marguerite Su (MargueriteSu) (revision 13) 
- update version 0.11.10
  * see NEWS
- drop boo1021353-ocserv-doc-racing-in-parallel-build.patch
  * upstreamed
- add ocserv-LZ4_compress_default.patch
  * leap doesn't have LZ4_compress_default
Displaying revisions 21 - 40 of 52
openSUSE Build Service is sponsored by
Places