summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* BUGFIX: Set ctx->loglevel correctlyDavid Sommerseth2008-09-241-1/+1
|
* BUGFIX: changed argv[1] to argv[0] due to new parameter handling in eurephia.cDavid Sommerseth2008-09-241-3/+3
|
* Fixed potentinal failure when --log-destination is not given. Log via ↵David Sommerseth2008-09-241-9/+14
| | | | openvpn in this case
* Improved argument parsing for the eurephia-auth arguments passed from the ↵David Sommerseth2008-09-241-36/+75
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | config file. Using getopt_long(...) to handle arguments. The following options are available: [--log-destination | -l] {<filename> | openvpn: | none: } If openvpn: is given, all errors will be written to stderr which OpenVPN then will take care for getting logged If none: is given, no logging will happen in eurephia-auth In all other cases, a file with the given name will be opened and all logs will go here. If no --log-destination is given, it will let openvpn do the logging. [--log-level | -L ] <log level> Sets log thresold level [--database-interface | -i] <database driver> Tells eurephia-auth which database driver (.so) file to load for database handling After these options, a '--' (double ones!) should be given, at least to clarify that we are done with arguments for eurephia-auth. All arguments after '--' will be sent directly and unparsed further to the database module. The database module can then use it's own argument parsing. For the eurephiadb-sqlite.so, it takes only one parameter - database file. OpenVPN config example: plugin /etc/openvpn/eurephia/eurephia-auth.so --log-destination /var/log/eurephia-auth.log --log-level 2 --database-interface /etc/openvpn/eurephia/eurephiadb-sqlite.so -- /etc/openvpn/eurephia/eurephiadb Or a shorter version would be: plugin /etc/openvpn/eurephia/eurephia-auth.so -l /var/log/eurephia-auth.log -L 2 -i /etc/openvpn/eurephia/eurephiadb-sqlite.so -- /etc/openvpn/eurephia/eurephiadb
* Do not try to write to log file if log file is not openedDavid Sommerseth2008-09-241-0/+3
|
* Removed memwatch files. We should not distribute these files.David Sommerseth2008-09-242-3371/+0
|
* Updated TODO - db driver template doneDavid Sommerseth2008-09-192-3/+3
|
* Fixed some sqlite_free_result() issues - missing or incorrectly placedDavid Sommerseth2008-09-191-3/+3
|
* Updated database driver template to match the most recent needed APIDavid Sommerseth2008-09-191-281/+388
|
* Improved code security. LOG_DEBUG statements are only compiled if DEBUG=1 ↵David Sommerseth2008-09-1911-108/+102
| | | | | | | | | | | | | is sent to make. Since several parts of the code where LOG_DEBUG was used with eurephia_log(...) contains security sensitive information (like logging password retrieved with get_env(...)), all debug logging is now done via the DEBUG macro. This macro will not produce any security relevant eurephia_log(...) statements unless the source is compiled with -DENABLE_DEBUG. This is activated via make by adding DEBUG=1 before the make targets. When not enabled, the binaries will not do any debug logging at all.
* Fixed Makefile check for OPENVPN_SRC_DIR being set for compilation. Added ↵David Sommerseth2008-09-192-5/+12
| | | | DEBUG check, to enable debug statements in the code
* Added flushing of firewall chain on shutdown as well.David Sommerseth2008-09-191-2/+20
|
* BUGFIX: Fixed wrong freeing of msg pointer in eFW_RunFirewall/process_inputDavid Sommerseth2008-09-191-3/+4
|
* Renamed openvpn_lastlog.session_del to session_deletedDavid Sommerseth2008-09-193-3/+3
|
* Fixed compile error, forgot to update one function call during previous commitDavid Sommerseth2008-09-191-1/+1
|
* Added (untested) logging of time_duration into openvpn_lastlog.session_durationDavid Sommerseth2008-09-196-43/+46
|
* Updated TODO filesDavid Sommerseth2008-09-192-12/+12
|
* Added (untested) logging of VPN MAC addresses into openvpn_macaddr_historyDavid Sommerseth2008-09-192-0/+19
|
* Removed no longer needed file with firewall ideasDavid Sommerseth2008-09-191-31/+0
|
* Added (untested) flushing of firewall destination chain on firewall module ↵David Sommerseth2008-09-182-31/+73
| | | | startup. Improved some debug info as well.
* Updated TODOsDavid Sommerseth2008-09-171-16/+25
|
* Changed to use proto_1 environment variable instead of proto, due to changes ↵David Sommerseth2008-09-171-1/+1
| | | | in openvpn-2.1_rc8
* - Changed from using eDBopen_session(...) to use eDBopen_session_seed(...)alpha_0.6David Sommerseth2008-09-151-9/+27
| | | | | | | - Changed eurephia_learn_address(...) to use eDBopen_session_macaddr(...) when a session is going to be deleted/destroyed. - Fixed firewall update so that MAC address is not deleted from the firewall setup when session is closed.
* - Renamed eDBopen_session(...) to eDBopen_session_seed(...), for openingDavid Sommerseth2008-09-152-8/+41
| | | | | | session when we only have session seeds available - Added eDBopen_session_macaddr(...) for those times when we have MAC address available
* - Renamed eDBget_sessionkey(...) to eDBget_sessionkey_seed(...)David Sommerseth2008-09-153-35/+36
| | | | | - Added eDBget_sessionkey_macaddr(...) to retrieve sessionkey based on MAC address - Changed eDBdestroy_session(...) to use eurephiaSESSION instead of MAC address string
* Moved creation and destruction of semaphores and message queue into an own ↵alpha_0.5David Sommerseth2008-09-146-54/+143
| | | | helper file. eFW_StartFirewall() now creates and eFW_RunFirewall() destructs, using this helper file.
* Moved eurephia FW from using Posix threads to standard fork. To avoid that ↵David Sommerseth2008-09-144-49/+63
| | | | the eFW worker keep root privileges
* Flushing message queue for firewall updates before telling firewall thread ↵David Sommerseth2008-09-141-0/+26
| | | | we are ready
* Fixed execution of firewall command, forgot to fork out process before ↵David Sommerseth2008-09-143-10/+59
| | | | execve. Made IPTABLES_CMD a configuration parameter (firewall_command) instead of a defined constant.
* First attempt to make efw_iptables do some real iptables workDavid Sommerseth2008-09-147-23/+83
|
* Moved away from srandom. Now using OpenSSL RAND_* functions and ↵alpha_0.4David Sommerseth2008-09-122-25/+39
| | | | /dev/urandom for getting random data for the sessionkey. Seems to have fixed stability issues.
* Fixed some valgrind errors. Added missing frees. Added checks if malloc ↵David Sommerseth2008-09-101-6/+51
| | | | fails, to return in an earlier point.
* Changed to using sqlite3_vmprintf() function instead of vsnprintf()David Sommerseth2008-09-102-33/+34
|
* Finally found the bug which did not create unique sessionkeysDavid Sommerseth2008-09-071-1/+1
|
* Attempt to fix the get_randstring not being enough randomDavid Sommerseth2008-09-061-9/+9
|
* Added first attempt to make the firewall interface communictateDavid Sommerseth2008-08-253-2/+32
|
* Small fixes to make the eFW interface load and start upDavid Sommerseth2008-08-252-2/+4
|
* Fixed failing password authentication due to len variable not being set ↵David Sommerseth2008-08-251-1/+2
| | | | correctly
* Added main loop for the firewall interface moduleDavid Sommerseth2008-08-253-1/+75
|
* Merged in compile warning fix from the alpha branchDavid Sommerseth2008-08-241-2/+0
|\
| * Fixed compile warningalpha_0.3David Sommerseth2008-08-241-2/+0
| |
| * Reverting last merge, due to failures in merging procedureDavid Sommerseth2008-08-2410-626/+527
| |
| * Merged in SHA1 to SHA512 patch from master branchDavid Sommerseth2008-08-2410-527/+626
| |
* | Merge branch 'alpha'David Sommerseth2008-08-244-34/+31
|\|
| * Added more debug info on eurephia core functionsDavid Sommerseth2008-08-241-7/+12
| |
| * Another attempt to avoid eFree_values_func to core dumpDavid Sommerseth2008-08-241-12/+10
| |
| * Let eDBfree_session(...) make use of eFree_values(...) to free session valuesDavid Sommerseth2008-08-243-15/+9
| |
* | Cleaned up my bad EnglishDavid Sommerseth2008-08-222-2/+2
| |
* | Clarified text regarding the licensesDavid Sommerseth2008-08-221-3/+17
| |
* | Allan Saddi gave approval of inclusion of sha512.[ch] in this project,David Sommerseth2008-08-221-0/+43
| | | | | | | | | | | | | | licensed under BSD. Added BSD license in LICENSE.txt, marking that default license of all files are GPLv2 unless stated otherwise
generated by cgit (git 2.34.1) at 2025-10-01 01:41:44 +0000