1. 15 May, 2017 1 commit
  2. 14 May, 2017 2 commits
    • Daniel Lenski's avatar
      add oncp_bye() to logout the Juniper session · df273812
      Daniel Lenski authored
      The nc protocol lacked a .vpn_close_session function; without logout, the
      VPN cookie remains active and can be used to restart the session, which is a
      security hazard—especially when passing around OpenConnect logs on the
      mailing list for development and troubleshooting.
      
      Juniper logout is straightforward: GET /dana-na/auth/logout.cgi (with the
      appropriate DSID cookie set).
      Signed-off-by: default avatarDaniel Lenski <dlenski@gmail.com>
      Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
      df273812
    • Daniel Lenski's avatar
      enumerate supported VPN protocols via openconnect_get_supported_protocols() · 40802e45
      Daniel Lenski authored
      Add two new public functions:
      
      * int openconnect_get_supported_protocols(struct oc_vpn_proto **protos)
      
        Fetches a list of protocols supported by the client.  Each supported
        protocol has a short name (as accepted by the --protocol command-line
        option), pretty name, longer description, and list of flags.
      
        The return value of the function is the number of protocols supported (or
        negative if an error occurred).
      
        The flags indicate features that are meaningful for this protocol, to be
        used by tools like the Networkmanager configuration UI. Current flags:
      
          * OC_PROTO_PROXY: can connect via HTTP or SOCKS proxy
          * OC_PROTO_CSD: supports verification of the client via CSD trojan
          * OC_PROTO_AUTH_CERT: supports authentication by client certificate
          * OC_PROTO_AUTH_OTP: supports authentication by OATH HOTP/TOTP token
          * OC_PROTO_AUTH_STOKEN: supports authentication by RSA SecurID token (stoken)
      
      * void openconnect_free_supported_protocols(struct oc_vpn_proto *protos)
      
        Frees the list of protocols fetched by openconnect_get_supported_protocols()
      
      The description of the "anyconnect" protocol matches the IETF draft
      standard for openconnect VPN (https://tools.ietf.org/html/draft-mavrogiannopoulos-openconnect-00).
      Signed-off-by: default avatarDaniel Lenski <dlenski@gmail.com>
      Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
      40802e45
  3. 13 Dec, 2016 3 commits
  4. 12 Oct, 2016 1 commit
  5. 23 Sep, 2016 2 commits
  6. 21 Sep, 2016 1 commit
  7. 12 Sep, 2016 1 commit
  8. 10 Sep, 2016 4 commits
  9. 31 Aug, 2016 1 commit
  10. 30 Aug, 2016 3 commits
  11. 25 Aug, 2016 4 commits
  12. 08 Jul, 2016 1 commit
  13. 04 Jul, 2016 1 commit
  14. 16 May, 2016 1 commit
  15. 06 May, 2016 2 commits
  16. 08 Mar, 2016 3 commits
  17. 22 Jan, 2016 1 commit
  18. 05 Dec, 2015 2 commits
  19. 06 Oct, 2015 1 commit
  20. 06 Aug, 2015 2 commits
  21. 26 Mar, 2015 1 commit
  22. 14 Mar, 2015 2 commits