summaryrefslogtreecommitdiff
path: root/accel-pppd/ctrl/sstp
AgeCommit message (Collapse)Author
2018-01-10sstp: drop unnecessary ssl reinitializationVladislav Grishenko
2018-01-06sstp: reuse general logging frameworkVladislav Grishenko
2018-01-05sstp: possible sync ppp mode fixVladislav Grishenko
2018-01-05sstp: fix default max mtu to fit standard 1500 mediaVladislav Grishenko
2017-12-30sstp: add generic base for parsing http header values, improve host-name ↵Vladislav Grishenko
checking
2017-12-30sstp: log current SSL mode for referenceVladislav Grishenko
2017-12-30sstp: optimize SSL context & config reload handlingVladislav Grishenko
2017-12-30sstp: fix obsolete contexts leakVladislav Grishenko
2017-12-30sstp: rework certificate load, fix build issue with some openssl versionVladislav Grishenko
2017-12-30sstp: fix va_start/va_end usage on x64 platformsVladislav Grishenko
2017-12-30sstp: http: protect against oversized headers and improve parsingVladislav Grishenko
2017-12-30sstp: implement HTTP host header and TLS SNI checkingVladislav Grishenko
2017-12-30sstp: drop ssl_mode_auto_retry, not required afer ↵Vladislav Grishenko
7945857927b4cedab365ba86934d771281eeb213
2017-12-30sstp: use HTTP status code 510 for HTTP method errorsVladislav Grishenko
2017-12-30sstp: http: get rid of static reply bufferVladislav Grishenko
2017-12-30sstp: fix eof result of ssl read/write ops although no harm was really happenedVladislav Grishenko
2017-12-30sstp: allow colons in cert-hash-* hex valuesVladislav Grishenko
Simplify copy-pasting from openssl x509 -fingerprint output: Examples: openssl x509 -in cert.pem -noout -fingerprint -sha1 openssl x509 -in cert.pem -noout -fingerprint -sha256
2017-12-30sstp: use ssl-keyfile option for certificate private keyVladislav Grishenko
if not set, fallback to private key in the same ssl-pemfile
2017-12-30sstp: treat SSL errors as EIOVladislav Grishenko
2017-12-30sstp: keep default ssl ciphers for better compatibilityVladislav Grishenko
2017-12-30sstp: allow to prefer server ciphers with ssl-prefer-server-ciphers optionVladislav Grishenko
2017-12-30sstp: implement Crypto Binding's Certificate hash & proto checking per 3.3.5.2.3Vladislav Grishenko
Warning: config options are changed aligned with general accel-ppp style. Following cases, including no-openssl build are supported: ssl | ssl-pemfile | behavior 1 set get both sha1 & sha256 from the certificate 0 set get both sha1 & sha256 from the certificate 0 unset use cert-hash-sha1 and/or cert-hash-sha256 hex options no-openssl use cert-hash-sha1 and/or cert-hash-sha256 hex options cert-hash-sha1 and/or cert-hash-sha256 hex options override certificate's, so it's possible to turn certficate hash verification off with just empty values (default).
2017-12-30sstp: implement Crypto Binding attr & nonce checking per 3.3.5.2.3Vladislav Grishenko
2017-12-30sstp: fix thread crash on certificate-error diconnectVladislav Grishenko
2017-12-30sstp: zero allocated packets, fix non-zero reserved fieldsVladislav Grishenko
2017-12-30sstp: make sstp great again. simplify ssl handlers, fix crashes, move to ↵Vladislav Grishenko
async ppp TODO: accounting/statistics, minimize syscall & memory usage
2017-12-30sstp: implement ifname option supportVladislav Grishenko
2017-12-30sstp: allow 3 nak replies per 3.3.5.2.2Vladislav Grishenko
2017-12-30sstp: implement preliminar sstp protocol supportVladislav Grishenko
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-01 10:57:17 +0000