From 4835271e779ec8d33c343f5f77ea3e094480430d Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 17 Feb 2014 08:27:55 +0100 Subject: [PATCH 1/3] new upstream release --- .gitignore | 1 + ocserv.conf | 14 +++++++------- ocserv.spec | 7 +++++-- sources | 2 +- 4 files changed, 14 insertions(+), 10 deletions(-) diff --git a/.gitignore b/.gitignore index a04b424..00aafc8 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ /ocserv-0.2.1.tar.xz /ocserv-0.2.3.tar.xz /ocserv-0.3.0.tar.xz +/ocserv-0.3.1.tar.xz diff --git a/ocserv.conf b/ocserv.conf index 53e1af5..9e452c8 100644 --- a/ocserv.conf +++ b/ocserv.conf @@ -30,6 +30,9 @@ udp-port = 4443 # Keepalive in seconds keepalive = 32400 +# Rekey time in seconds +rekey-time 172800 + # Dead peer detection in seconds dpd = 60 @@ -160,18 +163,15 @@ device = vpns #ipv4-network = 192.168.1.0 #ipv4-netmask = 255.255.255.0 -# Use the keywork local to advertize the local P-t-P address as DNS server -# ipv4-dns = 192.168.2.1 -#ipv4-dns = local +#ipv4-dns = 192.168.2.1 # The NBNS server (if any) #ipv4-nbns = 192.168.2.3 -#ipv6-address = -#ipv6-dns = - -# The IPv6 subnet prefix +# The IPv6 subnet +#ipv6-network = #ipv6-prefix = +#ipv6-dns = # Prior to leasing any IP from the pool ping it to verify that # it is not in use by another (unrelated to this server) host. diff --git a/ocserv.spec b/ocserv.spec index 76af3da..f0f92af 100644 --- a/ocserv.spec +++ b/ocserv.spec @@ -1,6 +1,6 @@ Name: ocserv -Version: 0.3.0 -Release: 2%{?dist} +Version: 0.3.1 +Release: 1%{?dist} Summary: OpenConnect SSL VPN server # For a breakdown of the licensing, see PACKAGE-LICENSING @@ -157,6 +157,9 @@ rm -rf %{buildroot} %{_unitdir}/ocserv.service %changelog +* Mon Feb 17 2014 Nikos Mavrogiannopoulos - 0.3.1-1 +- new upstream release + * Wed Jan 29 2014 Nikos Mavrogiannopoulos - 0.3.0-2 - Generated certificates no longer carry an expiration date. diff --git a/sources b/sources index a5c1666..d6781a1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -f6d64451ac8c458c7bdd40ee8ff51192 ocserv-0.3.0.tar.xz +22bd81fd4f60e27fe85aac8fd73dada3 ocserv-0.3.1.tar.xz From 8afbd5807d30cc1e88c0a4e1dbc038ce3f5d2e94 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 17 Feb 2014 08:36:36 +0100 Subject: [PATCH 2/3] fixes in default config --- ocserv.conf | 4 ++-- ocserv.spec | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/ocserv.conf b/ocserv.conf index 9e452c8..4b523d2 100644 --- a/ocserv.conf +++ b/ocserv.conf @@ -163,7 +163,7 @@ device = vpns #ipv4-network = 192.168.1.0 #ipv4-netmask = 255.255.255.0 -#ipv4-dns = 192.168.2.1 +#dns = 192.168.2.1 # The NBNS server (if any) #ipv4-nbns = 192.168.2.3 @@ -171,7 +171,7 @@ device = vpns # The IPv6 subnet #ipv6-network = #ipv6-prefix = -#ipv6-dns = +#dns = # Prior to leasing any IP from the pool ping it to verify that # it is not in use by another (unrelated to this server) host. diff --git a/ocserv.spec b/ocserv.spec index f0f92af..29ce110 100644 --- a/ocserv.spec +++ b/ocserv.spec @@ -1,6 +1,6 @@ Name: ocserv Version: 0.3.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: OpenConnect SSL VPN server # For a breakdown of the licensing, see PACKAGE-LICENSING @@ -157,7 +157,7 @@ rm -rf %{buildroot} %{_unitdir}/ocserv.service %changelog -* Mon Feb 17 2014 Nikos Mavrogiannopoulos - 0.3.1-1 +* Mon Feb 17 2014 Nikos Mavrogiannopoulos - 0.3.1-2 - new upstream release * Wed Jan 29 2014 Nikos Mavrogiannopoulos - 0.3.0-2 From 2e7890b870be1458e94c2326d5864a6329318add Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 17 Feb 2014 08:42:45 +0100 Subject: [PATCH 3/3] more config updates --- ocserv.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ocserv.conf b/ocserv.conf index 4b523d2..43391e2 100644 --- a/ocserv.conf +++ b/ocserv.conf @@ -166,7 +166,7 @@ device = vpns #dns = 192.168.2.1 # The NBNS server (if any) -#ipv4-nbns = 192.168.2.3 +#nbns = 192.168.2.3 # The IPv6 subnet #ipv6-network = @@ -196,8 +196,8 @@ output-buffer = 100 # Configuration files that will be applied per user connection or # per group. Each file name on these directories must match the username # or the groupname. -# The options allowed in the configuration files are ipv?-dns, ipv?-nbns, -# ipv?-network, ipv?-netmask, ipv6-prefix, iroute and route. +# The options allowed in the configuration files are dns, nbns, +# ipv?-network, ipv4-netmask, ipv6-prefix, iroute and route. # # Note that the 'iroute' option allows to add routes on the server # based on a user or group. The syntax depends on the input accepted