summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* BUGFIX (1/2) ... implemented worker side fix of shutdown bugDavid Sommerseth2008-10-311-1/+9
|
* Updated TODODavid Sommerseth2008-10-311-0/+9
|
* Updated TODODavid Sommerseth2008-10-221-0/+4
|
* Created install rules via cmakeDavid Sommerseth2008-10-215-6/+39
|
* Updated .gitignore to ignore several CMakeFiles folders.David Sommerseth2008-10-211-0/+2
|
* Added (untested) firewall block when IP addresses are blacklistedDavid Sommerseth2008-10-215-11/+66
| | | | | | | | If the configuration variable 'firewall_blacklist_destination' is set, it will insert DROP rules when a blacklisted IP address is attempted. Feature not tested yet.
* Reorganised the source codeDavid Sommerseth2008-10-1534-141/+150
| | | | | | | | Moved all OpenVPN plug-in related things into ./plugins, including firewall Moved all shared code into ./common and moved the generic part of the database files into ./database Updated all CMakeLists.txt files and created a new one for the root directory
* Implemented firewall initialisation and stateful checking on VPN clientsv0.9.1_betaDavid Sommerseth2008-10-082-15/+53
| | | | | | | | | | | | Changed from flushing the defined iptables chain for VPN users to a initialisation call. This call will first flush the chain and then insert a generic -m state --state ESTABLISHED,RELATED -j ACCEPT rule. When a new VPN client connects, it will add -m state --state NEW to the rule. Reorganised the efw_iptables.c a little bit to allow several iptables call in one process_input(...) call.
* Merge branch 'master' into cmakev0.9_betaDavid Sommerseth2008-10-084-28/+26
|\
| * Logging when username/password is authenticatedDavid Sommerseth2008-10-081-0/+2
| |
| * Moved TLS authentication logging from database module to eurephia.cDavid Sommerseth2008-10-083-28/+15
| | | | | | | | Also differentiated log level from user certs (depth == 0) and other depths.
| * Added more ideas to TODODavid Sommerseth2008-10-041-0/+9
| |
* | Fixed wrong search in dist-cleanDavid Sommerseth2008-10-041-1/+1
| |
* | configure now appends dist-clean rule to Makefile. Removed unneed CMakeLists.inDavid Sommerseth2008-10-042-101/+11
| |
* | Merge branch 'master' into cmakeDavid Sommerseth2008-10-041-1/+1
|\|
| * BUGFIX: Fixed typo which came after commit ↵David Sommerseth2008-10-041-1/+1
| | | | | | | | e66dc10a1fee86d0c09651a09f8e5e926b22e88b
* | Removed dependency on sed and CmakeLists.inDavid Sommerseth2008-10-043-3/+102
| |
* | Merge branch 'master' into cmakeDavid Sommerseth2008-10-0413-235/+244
|\|
| * Updated TODODavid Sommerseth2008-10-042-2/+2
| |
| * Log review - last round for now. Recategorised a few errors and warnings.David Sommerseth2008-10-042-5/+5
| |
| * Log review - changed log levels for all DEBUG(...) callsDavid Sommerseth2008-10-0410-89/+88
| |
| * Log review (part 1) - log categoriesDavid Sommerseth2008-10-038-142/+152
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Went through all parts of the code, and reorganised log categories. The following "rules" where used for categorisation: LOG_INFO - General info, should avoid log level higher than 5 LOG_DEBUG - Using DEBUG function only log level always > 10 LOG_WARNING - When something action fails, but not as severe that the process cannot continue. Log level never > 2 LOG_ERROR - API errors, but not severe, can continue LOG_FATAL - Action failed and we cannot continue in this function. Log level always < 2 LOG_PANIC - Action failed and eurephia-auth cannot continue to work any more (program restart needed). Log level always 0
* | Moved away from using environment variable for OPENVPN_SRC_DIR. Forcing use ↵David Sommerseth2008-10-033-9/+11
| | | | | | | | of ./configure
* | Made building more dynamic, improved parameter handling in configure and ↵David Sommerseth2008-10-032-5/+60
| | | | | | | | added more parameters
* | Made cmake also create template databaseDavid Sommerseth2008-10-031-0/+10
| |
* | Added ./configure script to simplify cmake for "normal" usersDavid Sommerseth2008-10-031-0/+53
| |
* | Updated .gitignore to ignore files created by cmakeDavid Sommerseth2008-10-031-1/+7
| |
* | Improved cmake rulesDavid Sommerseth2008-10-033-8/+88
| | | | | | | | | | | | - Added checks for external libraries that we use - Linking now links in needed shared libraries - Added better check if OPENVPN_SRC_DIR is set
* | Removed Makefile.global, after changing to cmake (commit ↵David Sommerseth2008-10-021-18/+0
| | | | | | | | c89f879053170722f38073586eb3c1bc858df05c)
* | Adjusted to match new cmake regimeDavid Sommerseth2008-10-022-0/+6
| |
* | Added support for cmakeDavid Sommerseth2008-10-026-132/+45
|/
* Improved language in compiler warnings when debug is enabledDavid Sommerseth2008-10-011-4/+6
|
* Fixed compiler warningsDavid Sommerseth2008-09-302-5/+4
| | | | | Fixed some warnings which appeared after commit 2d4ae799159155510dbf564048b9ee754ea1bf92 when not enabling debugging.
* Added mutex locking while writing to log fileDavid Sommerseth2008-09-303-4/+9
|
* Updated TODO with even more thoughtsDavid Sommerseth2008-09-291-2/+8
|
* Updated TODODavid Sommerseth2008-09-291-4/+25
|
* Simplified log codeDavid Sommerseth2008-09-291-5/+3
| | | | Simplified and cleaned up commit e10a78562e28e35d6d7b360f691d8499447d45cb
* Added password masking if SHOW_SECRETS not defined when dumping environment ↵David Sommerseth2008-09-293-9/+17
| | | | variables.
* BUGFIX: Fixed crash on startDavid Sommerseth2008-09-291-2/+2
| | | | | In commit 6a508ab21e6e0127830a99410070476f9f94c7d1 the API changed for get_env(...), and it was not corrected in eurephia-auth.c
* Merge branch 'master' of ssh://john/home/gitrepo/eurephiaDavid Sommerseth2008-09-271-37/+45
|\
| * Changed logging behaviour in get_env(...)David Sommerseth2008-09-271-37/+45
| | | | | | | | | | | | | | | | | | Added extra parameter to tell get_env to show or to mask the value it is looking up in the environment variables. If SHOW_SECRETS is defined, no masking will be done at all. Added also an extra #ifdef ENABLE_DEBUG block to avoid some checks if debug logging is not enabled, to save CPU work.
* | Show all environment variables and and all arguments in log fileDavid Sommerseth2008-09-271-0/+14
|/ | | | | If ENABLE_DEBUG is enabled and log level > 30, environment and arguments are dumped into log file
* Added timestamp to log entriesDavid Sommerseth2008-09-261-1/+22
|
* Improved description in database driver template regarding argument parsingDavid Sommerseth2008-09-261-7/+20
|
* BUGFIX: Changed SQLite database schema to allow mulitple identical sessionseedsDavid Sommerseth2008-09-261-1/+2
| | | | | | | | | This is to comply to the new behaviour after commit fc8a177bc86fc7e68b15045ba7a791e2504f4b5c. Now we might get several identical session seeds, but some of them might be connected to sessions getting destroyed, while one of them would be connected to an already active session. sessionkey is now the primary key.
* BUGFIX: Will now not return a new session if registration of sessionkey fails.David Sommerseth2008-09-261-1/+8
|
* BUGFIX: Follow up on the commit fc8a177bc86fc7e68b15045ba7a791e2504f4b5cDavid Sommerseth2008-09-262-2/+8
| | | | | Make sure that eDBget_sessionkey_macaddr(...) only returns sessionkeys for sessions ready to be destroyed, ie. sessionstatus must be 3.
* BUGFIX: Made sure that eDBget_sessionkey_seed(...) only returns a sessionkey ↵David Sommerseth2008-09-262-3/+12
| | | | | | | | | | | | | | | | | | | | | | for sessions which is in open status (sessionstatus is 1 or 2). When a client does a disconnect for session_A, the status of the session is 3, as logged out but not yet deleted. In this status, the session is not deleted, nor is the record in openvpn_sessionkeys for that sessions's sessionseed. If the client then does a new reconnection (session_B) before the session is deleted, it will get the sessionkey for the session which was just logged out, session_A's sessionkey. When OpenVPN then calls the learn_address function to delete the session_A, that session will be closed. This results in that session_B will then do not match any open sessions at all, since session_A and session_B shared the sessionseed to a sessionkey. By changing the eDBget_sessionkey_seed(...) to check that the sessionstatus is 1 or 2 (open session statuses), it should generate a new sessionkey for the session_B, since no sessionkey would be returned for that sessionseed. The destruction of the session (done via eurephia_learn_address(...)) will still work, since this function uses the MAC address of the client and not the sessionseed.
* Fixed a typo, do not do a critical exit from process_input() on unparseable ↵David Sommerseth2008-09-251-2/+2
| | | | input. Fixed error message.
* Downgraded a few LOG_DEBUG messages to LOG_INFO in efw_iptables, which is ↵David Sommerseth2008-09-251-4/+4
| | | | fine for normal operations
generated by cgit (git 2.34.1) at 2025-09-30 20:34:07 +0000