October 24, 2010 | ||
---|---|---|
View 3cf9dd8
Implement challenge/response authentication support in client mode, where credentials are entered from stdin. This capability is compiled when ENABLE_CLIENT_CR is defined in syshead.h (enabled by default).James Yonan authored on 2010/10/24 18:12:47 |
July 27, 2010 | ||
---|---|---|
View dc85dae
Fixed an issue where application payload transmissions on the TLS control channel (such as AUTH_FAILED) that occur during or immediately after a TLS renegotiation might be dropped.James Yonan authored on 2010/07/27 16:10:01 |
June 1, 2010 | ||
---|---|---|
View aaf7297
Implemented a key/value auth channel from client to server.James Yonan authored on 2010/06/01 16:12:27 |
April 29, 2010 | ||
---|---|---|
View 564a210
Updated copyright date to 2010.James Yonan authored on 2010/04/29 01:31:36 |
November 13, 2009 | ||
---|---|---|
View b9437c6
Increase MAX_CERT_DEPTH to 16 (from 8), and when exceeded, make it a hard failure, rather than just a warning.james authored on 2009/11/13 20:09:47 |
October 26, 2009 | ||
---|---|---|
View ec4a500
On server, lock client-provided certs against mid-session TLS renegotiations -- this is similer to how the common name is also locked.james authored on 2009/10/26 00:51:04 |
October 24, 2009 | ||
---|---|---|
View 71b557b
On server, lock session username against changes in mid-session TLS renegotiations -- this is similer to how the common name is also locked.james authored on 2009/10/24 10:08:30 |
September 30, 2009 | ||
---|---|---|
View 5733ef6
Added the ability for the server to provide a custom reason string when an AUTH_FAILED message is returned to the client. This string can be set by the server-side managment interface and read by the client-side management interface.james authored on 2009/09/30 08:10:14 |
September 28, 2009 | ||
---|---|---|
View e1e977f
Added --server-poll-timeout option : when polling possible remote servers to connect to in a round-robin fashion, spend no more than n seconds waiting for a response before trying the next server.james authored on 2009/09/28 16:27:22 |
September 27, 2009 | ||
---|---|---|
View 3eee126
Eliminated the limitation on the number of options that can be pushed to clients, including routes. Previously, all pushed options needed to fit within a 1024 byte options string.james authored on 2009/09/27 11:12:15 |
May 31, 2009 | ||
---|---|---|
View d7fa38f
Update copyright to 2009.james authored on 2009/05/31 06:38:49 |
||
View 6aa7fb8
Fixed issue of symbol conflicts interfering with Windows CryptoAPI functionality (Alon Bar-Lev).james authored on 2009/05/31 04:53:49 |
November 18, 2008 | ||
---|---|---|
View 09cc9c8
Added server-side --opt-verify option: clients that connect with options that are incompatible with those of the server will be disconnected.james authored on 2008/11/18 12:22:52 |
October 31, 2008 | ||
---|---|---|
View ed30424
Added --no-name-remapping option to allow Common Name, X509 Subject, and username strings to include any printable character including space, but excluding control characters such as tab, newline, and carriage-return.james authored on 2008/10/31 16:04:51 |
October 29, 2008 | ||
---|---|---|
View 24ce3b2
Added server-side --auth-user-pass-optional directive, to allow connections by clients that do not specify a username/password, when a user-defined authentication script/module is in place (via --auth-user-pass-verify, --management-client-auth, or a plugin module).james authored on 2008/10/29 05:01:05 |