1. 20 Feb, 2021 2 commits
  2. 14 Dec, 2020 1 commit
    • Daniel Lenski's avatar
      Add `openconnect_get_auth_expiration` function to library and JNI · f152cf7d
      Daniel Lenski authored
      This allows protocols to save the moment when a session's authentication
      (`vpninfo->cookie`) is expected to expire and no longer be useful for
      reconnection.
      
      The motivation is to eventually allow front-ends to know whether
      reauthentication is needed, or whether they should try using a cached
      cookie.
      
      Current state:
      
      - AnyConnect protocol: expiration is determined from the CONNECT
        response header `X-CSTP-Session-Timeout-Remaining` (with
        `X-CSTP-Session-Timeout` or `X-CSTP-Lease-Duration` as upper bounds in its
        absence)
      - GlobalProtect protocol: expiration is determined from the `<lifetime>` tag of
        the XML config.
      - Juniper Network Connect protocol: no currently known way to determine
        expiration. The `DSID` cookie is a standard HTTP cookie, so perhaps its
        expiration timestamp is intended for this purpose; however, I can find
        no real-world case where it has an expiration timestamp set.
      - None of the currently-supported protocols provide the expiration
        timestamp until the connection phase, so it can't be obtained for
        export by the `--authenticate` option.
      Signed-off-by: default avatarDaniel Lenski <dlenski@gmail.com>
      f152cf7d
  3. 04 Nov, 2020 1 commit
  4. 01 Apr, 2020 1 commit
  5. 30 Mar, 2020 1 commit
  6. 15 Oct, 2018 1 commit
    • Ralph Schmieder's avatar
      chg: add --version-string · 13b64166
      Ralph Schmieder authored
      I've included a patch that provides better compatibility with CSD on
      ASA head ends. E.g. it allows to specify the version string that is
      presented to the ASA. Previous to this patch, OC presents its own
      version e.g. 0.7.8 but that could cause rejection on the head end if
      it looks for a matching AC version string.
      
      [dwmw2: All the library ABI support for the new function]
      Signed-off-by: default avatarRalph Schmieder <ralph.schmieder@gmail.com>
      Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
      13b64166
  7. 11 Oct, 2018 1 commit
  8. 15 Aug, 2018 1 commit
  9. 06 Aug, 2018 1 commit
  10. 05 Aug, 2018 2 commits
  11. 06 May, 2016 3 commits
  12. 08 Mar, 2016 3 commits
  13. 06 Oct, 2015 1 commit
  14. 20 Nov, 2014 2 commits
  15. 17 Nov, 2014 1 commit
  16. 06 Nov, 2014 1 commit
  17. 28 Oct, 2014 2 commits
  18. 27 Oct, 2014 1 commit
  19. 17 Aug, 2014 1 commit
  20. 12 Aug, 2014 1 commit
  21. 20 Jun, 2014 1 commit
  22. 10 Jun, 2014 3 commits
  23. 26 Apr, 2014 2 commits
    • Kevin Cernekee's avatar
      jni: Allow other threads to call setLogLevel() · e0a43fb3
      Kevin Cernekee authored
      It is useful to allow the user to toggle PRG_TRACE logging on an active
      connection for debugging purposes.  But currently this would involve
      releasing the class lock held by the mainloop.  So we will use asyncLock
      to protect the shared variable.
      
      Timings conducted on a Nexus 7 (2012) show that the new
      MonitorEnter/MonitorExit pair adds about 700ns to each progress_cb (which
      is called on each packet).  This isn't great, but it's probably small
      enough to make it worth doing things the right way (using a lock) instead
      of just declaring loglevel as volatile.
      Signed-off-by: default avatarKevin Cernekee <cernekee@gmail.com>
      e0a43fb3
    • Kevin Cernekee's avatar
      jni: Change cancelLock so it can be used from native code · 3e5f76c4
      Kevin Cernekee authored
      Rename cancelLock to asyncLock and store a global reference so it can
      be acquired by various JNI functions.
      Signed-off-by: default avatarKevin Cernekee <cernekee@gmail.com>
      3e5f76c4
  24. 06 Feb, 2014 1 commit
  25. 15 Jan, 2014 1 commit