October 24, 2010 | ||
---|---|---|
View 3cf9dd8
Implement challenge/response authentication support in client mode, where credentials are entered from stdin. This capability is compiled when ENABLE_CLIENT_CR is defined in syshead.h (enabled by default).James Yonan authored on 2010/10/24 18:12:47 |
August 29, 2010 | ||
---|---|---|
View 2e8ff6c
Allow PKCS12 file content to be included inline in configuration file, rendered as base64.James Yonan authored on 2010/08/29 14:24:15 |
July 27, 2010 | ||
---|---|---|
View dc85dae
Fixed an issue where application payload transmissions on the TLS control channel (such as AUTH_FAILED) that occur during or immediately after a TLS renegotiation might be dropped.James Yonan authored on 2010/07/27 16:10:01 |
June 1, 2010 | ||
---|---|---|
View aaf7297
Implemented a key/value auth channel from client to server.James Yonan authored on 2010/06/01 16:12:27 |
April 29, 2010 | ||
---|---|---|
View 564a210
Updated copyright date to 2010.James Yonan authored on 2010/04/29 01:31:36 |
March 12, 2010 | ||
---|---|---|
View 8c7c6be
Modified ">PASSWORD:Verification Failed" management interface notification to include a client reason string:James Yonan authored on 2010/03/12 12:05:34 |
March 7, 2010 | ||
---|---|---|
View 112e670
Fixed an issue where if reneg-sec was set to 0 on the client, so that the server-side value would take precedence, the auth_deferred_expire_window function would incorrectly return a window period of 0 seconds. In this case, the correct window period should be the handshake window period.James Yonan authored on 2010/03/07 00:38:23 |
January 16, 2010 | ||
---|---|---|
View a345b41
Fixed an issue where AUTH_FAILED was not being properly delivered to the client when a bad password is given for mid-session reauth.james authored on 2010/01/16 12:24:07 |
November 13, 2009 | ||
---|---|---|
View b9437c6
Increase MAX_CERT_DEPTH to 16 (from 8), and when exceeded, make it a hard failure, rather than just a warning.james authored on 2009/11/13 20:09:47 |
October 26, 2009 | ||
---|---|---|
View ec4a500
On server, lock client-provided certs against mid-session TLS renegotiations -- this is similer to how the common name is also locked.james authored on 2009/10/26 00:51:04 |
October 24, 2009 | ||
---|---|---|
View 71b557b
On server, lock session username against changes in mid-session TLS renegotiations -- this is similer to how the common name is also locked.james authored on 2009/10/24 10:08:30 |
September 30, 2009 | ||
---|---|---|
View 5733ef6
Added the ability for the server to provide a custom reason string when an AUTH_FAILED message is returned to the client. This string can be set by the server-side managment interface and read by the client-side management interface.james authored on 2009/09/30 08:10:14 |
September 27, 2009 | ||
---|---|---|
View 3eee126
Eliminated the limitation on the number of options that can be pushed to clients, including routes. Previously, all pushed options needed to fit within a 1024 byte options string.james authored on 2009/09/27 11:12:15 |
May 31, 2009 | ||
---|---|---|
View d7fa38f
Update copyright to 2009.james authored on 2009/05/31 06:38:49 |
||
View 6aa7fb8
Fixed issue of symbol conflicts interfering with Windows CryptoAPI functionality (Alon Bar-Lev).james authored on 2009/05/31 04:53:49 |