2013-12-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 0.2.3

2013-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: disabled limits that break the worker

2013-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, src/Makefile.am: generated files added to
	BUILT_SOURCES to fix parallel compilation

2013-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: avoid @AUTOGEN@

2013-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: Added newline

2013-12-13  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* TODO: doc update

2013-12-13  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* libopts/m4/libopts.m4: the generation of makefile isn't
	conditional

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* TODO: updated

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/cookies.c, src/cookies.h, src/ip-lease.c, src/main-auth.c,
	src/main.h: reduced cookie size by only writing down the ipv4 seed.

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/cookies.c, src/cookies.h, src/ip-lease.c, src/main-auth.c,
	src/main.h: Augmented cookie format to store the seeds used to
	generate IPv4 and IPv6 addresses.  This ensures that if the IP previously used by a user is free, it
	will be reassigned to him after a reconnection with the same cookie.

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: corrected typo

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: use IPV6_CHECKSUM only when available.

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/worker-tun.c: reorder

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: corrected typo

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: include netinet/ip.h prior to ip_icmp.h to have
	struct ip defined.

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: define ICMP_DEST_UNREACH in systems where it is
	not available

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: corrected typo

2013-12-10  Kevin Cernekee <cernekee@gmail.com>

	* src/main-auth.c: Fix multiple session disconnect when
	max-same-clients is 0 max-same-clients is used to limit the number of outstanding sessions (cookies).  If set to 0, it means an unlimited number of active
	cookies can be owned by each user.  But it doesn't mean that the
	same cookie can be reused for multiple CSTP connections with
	different IPs, as the protocol does not normally work this way.

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ip-lease.c: more verbose messages.

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ip-lease.c: updated debug messages.

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* doc/sample.config, src/config.c, src/group-config.c,
	src/main-misc.c, src/main.c, src/main.h, src/ocserv-args.def,
	src/vpn.h: Added support for cgroups

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/config.c, src/group-config.c: simplified reading the
	net-priority option

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/worker-vpn.c: corrected DPD sending in TLS. Reported by Kevin
	Cernekee.

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/group-config.c,
	src/ocserv-args.def, src/vpn.h, src/worker-vpn.c: Allow setting
	directly the IP_TOS from net-priority.

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: conditionally use SO_PRIORITY

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: do check the username validity only when a
	certificate is present.

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c: adjusted severity

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-tun.c, src/worker-vpn.c,
	src/worker.h: simplified setting of additional configuration in the
	worker process

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: corrected typo

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: do not require a certificate when authenticating
	with cookie and always-require-cert is set to false.

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/worker-auth.c: Added more verbose logging

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* config.h.in, configure.ac, src/sec-mod.c: sec-mod ensures that
	requests come from the correct user.

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ocserv-args.def: doc update

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* doc/sample.config, src/Makefile.am, src/config.c,
	src/group-config.c, src/main-auth.c, src/main-config.c,
	src/main-misc.c, src/ocserv-args.def, src/vpn.h, src/worker-auth.c,
	src/worker-vpn.c, src/worker.h: Added the net-priority configuration
	option.  That option allows setting the protocol-defined priority (via
	SO_PRIORITY) for the UDP and TCP sockets, per user/group or
	globally.

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main.c: enforce the RLIMIT_FSIZE and RLIMIT_AS

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* config.h.in, configure.ac, src/icmp-ping.c: use iphdr only when
	available

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: doc update

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: do not return empty usernames

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-pam, tests/test-pam.config: Added
	test-pam (which is only run manually)

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/test-cert, tests/test-iroute, tests/test-iroute.config,
	tests/test-multi-cookie, tests/test-multi-cookie.config,
	tests/test-pass, tests/test-pass-cert, tests/test-pass-script: 
	reduced fragility of the tests

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-iroute: store temp files in a fixed
	dir

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/main-auth.c, src/main-auth.h, src/pam.c, src/plain.c: 
	Allow PAM to update username

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: explicitly initialize module

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: removed newline from log messages

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ip-lease.c: Only add new leases to hash table (and print the
	assigned IPs).

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: print more details on certificate verification
	failure.

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/icmp-ping.c, src/tun.c: 
	Conditionally include system specific headers.

2013-12-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: if no udp port is set do not bother sending DTLS
	info to client.

2013-12-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: doc update

2013-12-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: removed unneeded include

2013-12-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/config.c, src/main.c: udp-port can now be unset, and
	that will disable listening to UDP.

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* TODO: doc update

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* README: doc update

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main-auth.c, src/main-misc.c, src/main.c, src/script-list.h: 
	initialize values prior to list_for_each() calls, to avoid static
	analysers complaints on garbage values.

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ccan/list/list.h: undefine LIST_HEAD and LIST_HEAD_INIT

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* configure.ac: bumped version

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* config.h.in, configure.ac, src/system.c, src/system.h: Use the
	correct sighandler definition on different systems.

2013-12-05  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* tests/test-iroute: use regex for comparison

2013-12-05  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* tests/Makefile.am, tests/test-multi-cookie,
	tests/test-multi-cookie.config: Added test case for the
	disconnection due to cookie re-use case.

2013-12-05  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS, src/ip-lease.c, src/main-auth.c, src/main-misc.c,
	src/main.h: When a new connection presents a cookie of an existing
	session the previous session is disconnected.

2013-12-05  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/Makefile.am: fixed issue when compiling with -j

2013-11-12  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/pam.c: further increase the PAM stack size to allow for more
	complex PAM modules

2013-12-05  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ip-lease.c: properly initialize rnd IP to avoid valgrind
	complaints

2013-12-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated todo

2013-12-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-30  Kevin Cernekee <cernekee@gmail.com>

	* README: README: Add info on build dependencies

2013-11-30  Kevin Cernekee <cernekee@gmail.com>

	* build-aux/.gitignore: Add build-aux/.gitignore

2013-11-30  Kevin Cernekee <cernekee@gmail.com>

	* build-aux/ar-lib, build-aux/compile, build-aux/depcomp,
	build-aux/install-sh, build-aux/missing, build-aux/test-driver: 
	Remove autogenerated scripts from git repo These get dirtied every time somebody runs autogen.sh.

2013-12-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-11-30  Kevin Cernekee <cernekee@gmail.com>

	* src/worker-vpn.c: Add X-CSTP-License header for mobile client
	compatibility The Android AnyConnect client passes authentication but refuses to
	establish a VPN link if this header is missing.

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: updated title

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, gl/m4/extern-inline.m4: updated gnulib

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/test-cert, tests/test-iroute, tests/test-iroute.config,
	tests/test-pass, tests/test-pass-cert, tests/test-pass-script,
	tests/test-pass-script.config, tests/test1.config,
	tests/test2.config, tests/test3.config: use different ports per test

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/test-iroute.config, tests/test-pass-script.config,
	tests/test1.config, tests/test2.config, tests/test3.config: daemon
	group is available in more systems. Use that for testing.

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: updated libopts detection

2013-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: doc update

2013-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/common.sh: relicensed after all authors agreed.

2013-11-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: use definitions to avoid discrepancies.

2013-11-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: corrected size of explicit nonce

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: The Salsa20 ciphersuites are used over DTLS 1.2,
	and their names follow the new encoding.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: be more precise in MTU calculation even without
	gnutls_est_record_overhead_size().

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Do not use an MTU that is bigger than the
	originally suggested one. Openconnect doesn't like that.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c, src/worker-vpn.c: Better estimate the record
	overhead.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/log.c, src/main.c,
	src/ocserv-args.def, src/vpn.h, src/worker-auth.c,
	src/worker-extras.c, src/worker-vpn.c: Added the --http-debug option
	to ocserv to avoid printing full HTTP messages to normal debug mode.

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: more changes for the new
	ciphersuites

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Added ciphersuites OC-AES-GCM.

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/vpn.h: corrected include to http-parser

2013-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/test-cert, tests/test-iroute, tests/test-pass,
	tests/test-pass-cert, tests/test-pass-script: relicensed files.

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/Makefile.am, src/worker-auth.c,
	src/worker-tun.c, src/worker-vpn.c: Check for local http_parser
	library. If found use it instead of the included one.

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: test before copy

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, configure.ac: Distribute the autogen'erated files as
	.bak and enable them only if local libopts is being used.

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: better phrasing.

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/ocserv-script: remove usage of wondershaper

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-bandwidth.c, src/worker-bandwidth.h, src/worker-vpn.c: 
	reduce the calls to gettime().

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/gettime.h: use CLOCK_REALTIME_COARSE if available.

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in: update

2013-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: separated auto-generated files into special
	libraries to allow compilation using make -jx, x>1

2013-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* LICENSE: mentioned the libopts license

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: print package version on initialization

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: updated

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: added the srcdir prefix

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: delete libopts generated files if system libopts is
	being used

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: ensure that auto-generated files will be
	auto-generated during compilation.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: removed no longer relevant item

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/ag-char-map.h, libopts/ao-strs.c, libopts/ao-strs.h,
	libopts/autoopts/options.h, libopts/autoopts/usage-txt.h,
	libopts/compat/compat.h, libopts/compat/strchr.c,
	libopts/configfile.c, libopts/genshell.c, libopts/genshell.h,
	libopts/m4/libopts.m4, libopts/option-value-type.c,
	libopts/option-value-type.h, libopts/option-xat-attribute.c,
	libopts/option-xat-attribute.h, libopts/pgusage.c, libopts/proto.h,
	libopts/streqvcmp.c, libopts/text_mmap.c, libopts/usage.c: updated
	to libopts 5.18.2

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in: updated

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/Makefile.am, libopts/ag-char-map.h, libopts/alias.c,
	libopts/ao-strs.c, libopts/ao-strs.h, libopts/autoopts.c,
	libopts/autoopts.h, libopts/autoopts/options.h,
	libopts/autoopts/project.h, libopts/autoopts/usage-txt.h,
	libopts/compat/pathfind.c, libopts/configfile.c, libopts/enum.c,
	libopts/find.c, libopts/genshell.c, libopts/genshell.h,
	libopts/gettext.h, libopts/init.c, libopts/load.c,
	libopts/m4/libopts.m4, libopts/makeshell.c,
	libopts/option-value-type.c, libopts/option-value-type.h,
	libopts/option-xat-attribute.c, libopts/option-xat-attribute.h,
	libopts/pgusage.c, libopts/proto.h, libopts/putshell.c,
	libopts/restore.c, libopts/save.c, libopts/stack.c,
	libopts/text_mmap.c, libopts/usage.c, libopts/version.c: updated
	libopts to 5.18

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 0.2.1

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/main-config.c,
	src/ocserv-args.def, src/worker-bandwidth.c, src/worker-bandwidth.h: 
	count bandwidth in kb/sec to avoid overflows on high bandwidth.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocpasswd-args.c, src/ocpasswd-args.h, src/ocserv-args.c,
	src/ocserv-args.h: removed auto-generated files.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/ocpasswd.c, src/str.c, src/str.h,
	src/worker-vpn.c: updated code to avoid memory leaks.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/sec-mod.c: do not ignore errors from system calls

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: autogenerate changelog prior to release

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: call setgroups() after setgid() to avoid staying with
	an unexpected group set.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/ocserv-args.def: Added pid-file command line
	option, that overrides the configured pid-file.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/ocpasswd-args.c, src/ocpasswd-args.h,
	src/ocserv-args.c, src/ocserv-args.h: reorganized file generation
	and removed auto-generated files.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: increased stack size for PAM coroutines to 64k.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac: link with libopts only if autogen is
	found. This avoids incompatibility issues with different
	autogen/libopts version.

2013-11-05  Mike Miller <mtmiller@ieee.org>

	* Makefile.am, configure.ac, src/Makefile.am: Allow linking with
	system libopts if installed

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/Makefile.am: removed unneeded check for gdbm

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: Move ocserv to sbin

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* AUTHORS, COPYING, src/common.c, src/common.h, src/config.c,
	src/cookies.c, src/cookies.h, src/gettime.h, src/html.c,
	src/html.h, src/icmp-ping.c, src/icmp-ping.h, src/ip-lease.c,
	src/ip-lease.h, src/ipc.h, src/log.c, src/main-auth.c,
	src/main-auth.h, src/main-config.c, src/main-misc.c,
	src/main-resume.c, src/main-user.c, src/main.c, src/main.h,
	src/ocpasswd.c, src/pam.c, src/pam.h, src/plain.c, src/plain.h,
	src/route-add.c, src/route-add.h, src/script-list.h, src/sec-mod.c,
	src/sec-mod.h, src/setproctitle.c, src/setproctitle.h, src/str.c,
	src/str.h, src/system.c, src/system.h, src/tlslib.c, src/tlslib.h,
	src/tun.c, src/tun.h, src/vpn.h, src/worker-auth.c,
	src/worker-bandwidth.c, src/worker-bandwidth.h,
	src/worker-extras.c, src/worker-misc.c, src/worker-privs.c,
	src/worker-resume.c, src/worker-tun.c, src/worker-vpn.c,
	src/worker.h: updated license information and authors

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, build-aux/config.rpath, config.h.in, configure.ac,
	gl/Makefile.am, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/m4/lib-ld.m4, gl/m4/lib-link.m4, gl/m4/lib-prefix.m4,
	m4/lib-link.m4: Added lib-link.m4 via gnulib.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-11-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/Makefile.am, src/config.c, src/gettime.h,
	src/main-auth.c, src/main-config.c, src/main-misc.c,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/str.c, src/str.h, src/vpn.h, src/worker-auth.c,
	src/worker-bandwidth.c, src/worker-bandwidth.h, src/worker-vpn.c,
	src/worker.h: Added directives to allow bandwidth limitation.

2013-11-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-config.c: do not fail if a configuration file is empty

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: reduced the severity of several messages.

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: more informative message

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: avoid multiple calls to time(0)

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-misc.c: added error message

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-pass-script,
	tests/test-pass-script.config: Added login-test when a connect or
	disconnect script is set.

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 0.2.0

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/worker-auth.c: Avoid calling
	handle_script_exit() twice on user connect.

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: return correct error code

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-user.c: corrected typo

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-resume.c, src/worker-auth.c, src/worker-resume.c: small
	updates

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main.c, src/vpn.h: Always terminate the
	worker unless he has already been dead.

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.h, src/worker-misc.c: Corrected behavior on error during
	receiving a UDP fd.

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/main-misc.c, src/main.c, src/main.h: Avoid forwarding
	the UDP fd within a minute. That is to avoid duplicate messages
	messing the worker session.

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ccan/htable/htable.c, src/ip-lease.c, src/main.h,
	src/tlslib.c: updates in hash table usage.

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-iroute, tests/test-iroute.config,
	tests/user-config/test: Added test to check the application of user
	routes.

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/str.c, src/str.h, src/vpn.h,
	src/worker-auth.c, src/worker-vpn.c, src/worker.h: Avoid many system
	calls when sending serialized data.

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ipc.h, src/main-auth.c, src/worker-auth.c: Simplified
	auth_reply transfer from main to worker.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated todo list

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: doc update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: doc update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/route-add.c: increased level of spawn errors.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in: updated

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: do not try load configuration on empty string
	groups

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: corrected bug

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/main-misc.c, src/worker-auth.c,
	src/worker-resume.c: Added more debugging information.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/dup2.c, gl/getdtablesize.c, gl/m4/dup2.m4,
	gl/m4/extern-inline.m4, gl/m4/getdtablesize.m4,
	gl/m4/gnulib-comp.m4, gl/m4/unistd_h.m4, gl/stdio-impl.h,
	gl/stdio.in.h, gl/unistd.in.h: updated gnulib

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-resume.c: small update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: Corrected certificate authentication.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-cert, tests/test-pass,
	tests/test-pass-cert, tests/test3.config: Added test with only a
	certificate.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac: bumped version

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/main-config.c, src/main-misc.c,
	src/main.c, src/main.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/route-add.c, src/route-add.h, src/tun.c,
	src/vpn.h: Added the 'iroute' directive to allow routes set on
	server.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/route-add.c,
	src/route-add.h, src/vpn.h: Added commands to add and remove a
	route.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-config.c, src/main-misc.c: relocated function

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/common.c, src/common.h,
	src/config.c, src/main-config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h: Added the ipv6-prefix
	configuration option

2013-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/common.c, src/common.h, src/ip-lease.c,
	src/ip-lease.h, src/ipc.h, src/main-auth.c, src/main-config.c,
	src/main-misc.c, src/main-resume.c, src/main-user.c, src/main.c,
	src/main.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tun.c, src/tun.h, src/vpn.h,
	src/worker-auth.c, src/worker-tun.c, src/worker-vpn.c, src/worker.h: 
	Increased the number of directives allowed in group and user
	configurations.

2013-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/Makefile.am, src/common.c,
	src/common.h, src/config.c, src/ipc.h, src/main-auth.c,
	src/main-config.c, src/main-misc.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h,
	src/worker-auth.c, src/worker-vpn.c, src/worker.h: Allow loading
	additional configuration files per user or per group.  The directives currently allowed are: ipv4/6_dns and route.

2013-10-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, config.h.in, configure.ac: bumped version

2013-10-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/config.c: Configuration file parsing was modified to
	allow detecting mispellings of directives and unknown options.

2013-10-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h, src/worker-vpn.c: 
	Added config options 'mtu' and 'output-buffer'.

2013-10-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: doc update

2013-10-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c, src/tlslib.h, src/worker-vpn.c: Do not wait for
	socket to be ready when sending DTLS data.

2013-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/worker-vpn.c: Reduce limit of output buffer on DTLS
	socket to reduce latency (following similar openconnect change).

2013-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: doc update

2013-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: corrected MTU suggestion when DTLS isn't used

2013-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Suggest a single MTU value instead of two
	distinct for DTLS and CSTP.

2013-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: better calculation of suggested to the peer MTU

2013-09-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac: released 0.1.6

2013-08-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/ocserv-args.def: doc update

2013-07-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-08-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocpasswd-args.c, src/ocpasswd-args.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h: doc update

2013-07-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/ag-char-map.h: Applied Bruce Korb's fix on unacceptable
	chars.

2013-07-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/ag-char-map.h: Revert "Ignore non-ascii characters in
	configuration file." This reverts commit f7a938e5d7fd07144062ea64a6ab028cf43bb3e6.

2013-07-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/ag-char-map.h: Ignore non-ascii characters in
	configuration file.  This is a quick fix for

	http://lists.infradead.org/pipermail/openconnect-devel/2013-July/001126.html

2013-07-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, configure.ac, src/Makefile.am, src/ocpasswd-args.c,
	src/ocpasswd-args.def, src/ocpasswd-args.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/version.def.in,
	src/version.inc.in: regenerate autogen'ed files when making a
	distribution.

2013-07-21  Mike Miller <mtmiller@ieee.org>

	* tests/test-pass, tests/test-pass-cert: Fix path to common.sh when
	tests run from another directory

2013-07-21  Mike Miller <mtmiller@ieee.org>

	* doc/Makefile.am: Add autogen search path to work when building out
	of the source tree

2013-07-21  Mike Miller <mtmiller@ieee.org>

	* src/ocpasswd-args.c, src/ocpasswd-args.def, src/ocpasswd-args.h: 
	Improve ocpasswd short description, re-run autogen

2013-07-21  Mike Miller <mtmiller@ieee.org>

	* src/main-resume.c, src/main.c, src/main.h: Fix typo maintainance
	-> maintenance

2013-07-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocpasswd.c: Ask the password twice to avoid mistakes.

2013-07-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 0.1.5

2013-07-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/plain.c: removed debugging

2013-07-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: use c_strcase in config file parsing

2013-07-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/html.c: check for errors in sscanf

2013-07-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, config.h.in, doc/sample.config, doc/sample.passwd,
	gl/Makefile.am, gl/c-ctype.h, gl/c-strcase.h, gl/c-strcasecmp.c,
	gl/c-strncasecmp.c, gl/fseeko.c, gl/m4/extern-inline.m4,
	gl/m4/fseeko.m4, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/msvc-inval.c, src/Makefile.am, src/html.c, src/html.h,
	src/plain.c, src/worker-auth.c, tests/test-pass, tests/test1.passwd: 
	Added decoder for HTML-encoded and URL-encoded passwords and
	usernames.  This prevents special characters from not being recognized. Reported
	by P.H.Vos.  Also updated gnulib and added c-strncasecmp

2013-07-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-extras.c, src/worker-vpn.c, src/worker.h: Added
	additional handlers for requested files.

2013-07-07  Kevin Cernekee <cernekee@gmail.com>

	* src/worker-extras.c, src/worker-vpn.c, src/worker.h: bypass
	AnyConnect client auto-update mechanism

2013-07-07  Kevin Cernekee <cernekee@gmail.com>

	* src/tlslib.c: add missing GnuTLS version checks around >= v3.2.0
	features

2013-07-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: use existing files

2013-07-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-07-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/common.sh, tests/test-pass, tests/test-pass-cert: moved
	common tests to common.sh

2013-07-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-pass, tests/test-pass-cert,
	tests/test1, tests/test2: renamed scripts and added additional test
	with wrong username.

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: doc update

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, build-aux/depcomp, build-aux/test-driver,
	configure.ac, tests/Makefile.am, tests/ca-key.pem, tests/ca.pem,
	tests/common.sh, tests/server-cert.pem, tests/server-key.pem,
	tests/test1, tests/test1.config, tests/test1.passwd, tests/test2,
	tests/test2.config, tests/user-cert.pem, tests/user-key.pem: Added
	test suite that depends on openconnect.

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: common check for user and group match.

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.h, src/main-misc.c, src/main.h, src/pam.c: Put a
	limit in the number of allowed authentication requests, and
	increased size of stack for co-routines.

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: silence warnings

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/tlslib.c: more fixes

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: automate the clang static check of code.

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: avoid deinitializing garbage

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main-user.c: corrected null pointer deferences

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/tun.c: corrected dead assignments

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: doc update

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.c, src/cookies.h, src/main-auth.c, src/main-misc.c,
	src/main.h: better function names and parameter order

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: print proper message when changing password in PAM.

2013-07-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: Allow session resumption database access, and
	allow more graceful cleanup on authentication failure.

2013-07-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pcl/pcl_config.h: Do not need the multi-threaded version of
	PCL.

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main.h, src/tun.c, src/tun.h, src/vpn.h: 
	leases belong to users as well. That way IPs are properly re-used.

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: cookie-db no longer exists.

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/plain.c: Corrected plain passwd authentication to read group
	name when needed.

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/plain.c: properly initialize group name in plain passwd.

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/worker-auth.c, src/worker-vpn.c,
	src/worker.h: allow cookie-only authentication (fixes previously
	introduced bug)

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: disallow mixing multiple username/password
	authentication methods

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/cookies-gdbm.c,
	src/cookies-hash.c, src/cookies.c, src/cookies.h, src/ipc.h,
	src/log.c, src/main-auth.c, src/main-misc.c, src/main.c,
	src/main.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tun.c, src/tun.h, src/vpn.h: Cookies are no
	longer persistent

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: document way to force PFS

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, INSTALL, build-aux/ar-lib, build-aux/compile,
	build-aux/depcomp, build-aux/install-sh, build-aux/missing: updated
	auto-generated scripts.

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: enable ability to change password with PAM

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: removed debugging info

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, config.h.in, configure.ac, src/Makefile.am,
	src/pcl/Makefile.am, src/pcl/pcl.c, src/pcl/pcl.h,
	src/pcl/pcl_config.h, src/pcl/pcl_private.c, src/pcl/pcl_private.h,
	src/pcl/pcl_version.c: Allow compilation without the PCL library

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ipc.h, src/main-auth.c, src/main-auth.h, src/main.h,
	src/pam.c, src/plain.c, src/worker-auth.c: small fixes to avoid
	relying on properly null-terminated strings.

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.h: described authentication process.

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: removed debugging message

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* INSTALL, build-aux/ar-lib, build-aux/compile, build-aux/depcomp,
	build-aux/install-sh, build-aux/missing, doc/sample.config: 
	autogen'ed files update

2013-06-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/Makefile.am, src/ipc.h, src/main-auth.c,
	src/main-auth.h, src/main-misc.c, src/main.c, src/main.h,
	src/pam.c, src/pam.h, src/plain.c, src/plain.h, src/vpn.h,
	src/worker-auth.c, src/worker-vpn.c, src/worker.h: Advanced auth
	implemented

2013-06-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: Revert "Use the new type of XML" This reverts commit 2163836ad8d3ff5974a69373cfac2d7c2463f2e4.

2013-06-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: Revert "simplified opaque handling" This reverts commit 0af9c45e8c0bca97673f80f63ac73b77f8a23a13.

2013-06-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: simplified opaque handling

2013-06-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: Use the new type of XML

2013-06-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/pam.c, src/pam.h: set PAM_RHOST variable
	using the clients's IP.

2013-06-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* INSTALL, NEWS, build-aux/ar-lib, build-aux/compile,
	build-aux/depcomp, build-aux/install-sh, build-aux/missing,
	configure.ac: bumped version

2013-06-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/worker-vpn.c: ensure that the actual reads on DTLS are
	at maximum MTU-1.

2013-06-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: bumped version

2013-06-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/tlslib.c, src/tlslib.h, src/worker-vpn.c: corrected
	values returned in X-CSTP-MTU and X-DTLS-MTU

2013-06-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/vpn.h, src/worker-extras.c,
	src/worker-vpn.c, src/worker.h: Removed ability to send binary
	files.

2013-06-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: use X-SALSA20 to avoid any future conflicts

2013-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-extras.c: keep the connection alive

2013-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-extras.c: do not try to send binaries if no path is
	setup

2013-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def, src/worker-extras.c, src/worker-vpn.c,
	src/worker.h: reorganized compatibility layer

2013-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/Makefile.am, src/config.c,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/vpn.h, src/worker-extras.c, src/worker-vpn.c, src/worker.h: 
	Allow downloading raw files from 1/binaries

2013-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c: use gnutls_privkey_sign_hash() when available.

2013-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: Check X-CSTP-Address-Type and
	don't send addresses that were not requested.

2013-05-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-privs.c: Added gettimeofday in the list of syscalls

2013-05-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-05-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: doc update

2013-05-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-privs.c: updated seccomp code

2013-05-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: more verbose printing of signal deaths

2013-05-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: simplified seccomp check

2013-05-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/str.c, src/worker-vpn.c: use strtok() to parse client provided
	string.

2013-05-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: require gnutls 3.2.1 to enable salsa20

2013-05-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/m4/libopts.m4: relax check on requirement on headers for
	libopts.

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/gettime.h: Added missing file

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in: updated header

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* LICENSE: updated license information

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, configure.ac, src/main-user.c: emulate gettime

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/c-ctype.c, gl/c-ctype.h, gl/cloexec.c,
	gl/cloexec.h, gl/close.c, gl/dup2.c, gl/errno.in.h, gl/fcntl.c,
	gl/fcntl.in.h, gl/fd-hook.c, gl/fd-hook.h, gl/fseek.c, gl/fseeko.c,
	gl/fstat.c, gl/getdelim.c, gl/getdtablesize.c, gl/getline.c,
	gl/getpass.c, gl/getpass.h, gl/gettime.c, gl/gettimeofday.c,
	gl/lseek.c, gl/m4/clock_time.m4, gl/m4/extensions.m4,
	gl/m4/extern-inline.m4, gl/m4/gettime.m4, gl/m4/gettimeofday.m4,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/sys_socket_h.m4,
	gl/m4/sys_time_h.m4, gl/m4/timespec.m4, gl/malloc.c, gl/memchr.c,
	gl/memmem.c, gl/minmax.h, gl/msvc-inval.c, gl/msvc-inval.h,
	gl/msvc-nothrow.c, gl/msvc-nothrow.h, gl/realloc.c,
	gl/stdbool.in.h, gl/stddef.in.h, gl/stdint.in.h, gl/stdio-impl.h,
	gl/stdio.in.h, gl/stdlib.in.h, gl/str-two-way.h, gl/strdup.c,
	gl/string.in.h, gl/sys_stat.in.h, gl/sys_time.in.h,
	gl/sys_types.in.h, gl/time.in.h, gl/timespec.c, gl/timespec.h,
	gl/unistd.in.h: updated gnulib

2013-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: doc fix

2013-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: do not restrict worker's memory

2013-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: estream ciphersuite was given priority

2013-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: increased priority

2013-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: print DTLS ciphersuite

2013-05-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, TODO: doc update

2013-05-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/str.c, src/str.h: added missing files.

2013-05-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/m4/libopts.m4: configure proceeds if regex library isn't
	found

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: corrected cipher names

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: Allow for a ciphersuite
	negotiation

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: small fixes

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/main.h, src/worker-vpn.c, src/worker.h: 
	reorganized HTTP header reading.

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: corrected typo

2013-05-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2013-05-16  Faidon Liambotis <paravoid@debian.org>

	* src/worker-privs.c, src/worker-vpn.c: Make seccomp failures
	non-fatal & lower log prio Building a binary with --enable-seccomp and then running it on a <
	3.5 kernel, results in seccomp_load() failing and ocserv's worker
	process aborting. This might be okay-ish for users who ./configure
	&& make install on their own systems but it's obviously non-ideal
	for e.g.  distributions that need to distribute binaries.  Unfortunately there doesn't seem to be a good way (that I could
	find) to check if the running kernel has seccomp -- uname/uts isn't
	a good solution as Ubuntu has backported it to 3.2, custom kernels
	might have CONFIG_SECCOMP=n etc.  So, this makes a tradeoff call and removes the exit_worker() call on
	seccomp failures, lowers the seccomp error logs to LOG_DEBUG from
	LOG_WARNING and the "could not disable system calls" to LOG_INFO
	from LOG_ERR.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-05-16  Faidon Liambotis <paravoid@debian.org>

	* src/worker-privs.c: Workaround libseccomp bug & fix error handling libseccomp has a bug where -EDOM is returned when seccomp_rule_add
	is called for pseudo system calls (i.e. < -99). This was triggered
	by adding the send() system call on my x86_64 machine. The bug seems
	to have been recently (May 7th, 2013) reported and fixed on
	libseccomp upstream but it will take a while to find its way to a
	release and distributions.  Additionally, there was a bug on how libseccomp calls were error
	handled: libseccomp functions don't actually set errno, but set
	errno values in their return value instead. This resulted in the
	seccomp_rule_add call above to print "could not add send to seccomp
	filter: Success".  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-05-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: fixed length checks

2013-05-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: check for children cleanup prior to checking for
	termination.  That allows to quickly terminate after the secmod death is detected.

2013-05-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: updated example

2013-05-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/http-parser/http_parser.c: use gnulib's ctype

2013-05-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released

2013-05-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/m4/libopts.m4: do not check for a working libregex if it
	is disabled

2013-05-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac: bumped version

2013-05-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: check for setproctitle

2013-05-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/c-ctype.c, gl/c-ctype.h: added missing files

2013-05-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* : design update

2013-05-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h, src/worker-vpn.c: 
	Added X-CSTP-Default-Domain option.

2013-05-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/die.c, src/die.h, src/main-misc.c,
	src/main-resume.c, src/main-user.c, src/main.c, src/sec-mod.c,
	src/system.c, src/system.h, src/worker-vpn.c: Use sigaction() to
	have a consistent behavior across systems for signals.

2013-04-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated TODO

2013-04-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, doc/profile.xml, doc/sample.config,
	gl/Makefile.am, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/sys_time.in.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tlslib.c, src/worker-auth.c,
	src/worker-vpn.c: Updates for cisco's client.

2013-04-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: corrected bug in anyconnect compat

2013-04-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-04-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/icmp-ping.c: verify the ICMP IDs prior to checking response.

2013-04-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/icmp-ping.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h: Added config file
	option ping-leases.

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocpasswd.c: corrected bug which prevented ocpasswd adding more
	than a single user.

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/ocpasswd-args.c, src/ocpasswd-args.def,
	src/ocpasswd-args.h: updated ocpasswd doc

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: make ocpasswd manpage

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocpasswd-args.c, src/ocpasswd-args.def, src/ocpasswd-args.h,
	src/ocpasswd.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: Updated autogen generated files, and added more
	options to ocpasswd.  ocpasswd now accepts the --lock and --unlock options and accepts the
	username as the last argument.

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, libopts/COPYING.gplv3, libopts/COPYING.lgplv3,
	libopts/Makefile.am, libopts/README, libopts/ag-char-map.h,
	libopts/alias.c, libopts/ao-strs.c, libopts/ao-strs.h,
	libopts/autoopts.c, libopts/autoopts.h, libopts/autoopts/options.h,
	libopts/autoopts/project.h, libopts/autoopts/usage-txt.h,
	libopts/boolean.c, libopts/check.c, libopts/compat/compat.h,
	libopts/compat/pathfind.c, libopts/compat/snprintf.c,
	libopts/compat/strchr.c, libopts/compat/strdup.c,
	libopts/compat/windows-config.h, libopts/configfile.c,
	libopts/cook.c, libopts/enum.c, libopts/env.c, libopts/file.c,
	libopts/find.c, libopts/genshell.c, libopts/genshell.h,
	libopts/gettext.h, libopts/init.c, libopts/libopts.c,
	libopts/load.c, libopts/m4/libopts.m4, libopts/m4/liboptschk.m4,
	libopts/makeshell.c, libopts/nested.c, libopts/numeric.c,
	libopts/option-value-type.c, libopts/option-value-type.h,
	libopts/option-xat-attribute.c, libopts/option-xat-attribute.h,
	libopts/parse-duration.c, libopts/parse-duration.h,
	libopts/pgusage.c, libopts/proto.h, libopts/putshell.c,
	libopts/reset.c, libopts/restore.c, libopts/save.c, libopts/sort.c,
	libopts/stack.c, libopts/streqvcmp.c, libopts/text_mmap.c,
	libopts/time.c, libopts/tokenize.c, libopts/usage.c,
	libopts/version.c: updated libopts

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, config.h.in, configure.ac, src/Makefile.am,
	src/icmp-ping.c, src/icmp-ping.h, src/log.c, src/tun.c, src/vpn.h: 
	Prior to leasing an IPv4 ping it to check if it is already in use.

2013-04-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tun.c: read device name in FreeBSD

2013-04-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/Makefile.am, src/cookies-gdbm.c, src/cookies.c,
	src/die.c, src/die.h, src/main-misc.c, src/main-user.c, src/main.c,
	src/pam.c, src/setproctitle.c, src/setproctitle.h, src/tun.c,
	src/vpn.h: several updates to allow compilation on FreeBSD

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: updated
	doc

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* LICENSE, Makefile.am: Added license file

2013-03-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c, src/tlslib.h, src/worker-vpn.c: removed session
	ticket support

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README, TODO: doc update

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker.h: removed unused variable

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/worker-vpn.c, src/worker.h: MTU discovery simplified

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: MTU handling updates

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main.c: clear any lists prior to running sec
	mod

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: Revert "run sec mod earlier to save memory" This reverts commit a8152e8c59fb7007b9dee5718bcb46f55b3d0e68.

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: when debugging do not set memory limits

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: run sec mod earlier to save memory

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: deinitialize memory taken by configuration parser.

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: disable dh-params by default

2013-03-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-03-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: 
	doc update

2013-03-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: added dh-params option into sample file

2013-03-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: make clear that anyconnect compat layer is
	experimental

2013-03-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/main-resume.c, src/sec-mod.c, src/tlslib.c: 
	depend on gnutls 3.1.10

2013-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: updated
	doc

2013-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: use quotes when printing password file

2013-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: cookies are overwritten prior to fork

2013-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: Added anyconnect options to sample config

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: updated

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: readjusted log levels

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: reduce MTU on mtu failure in a less steep way

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: changed level of messages

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/ocserv-args.c, src/ocserv-args.h: consider
	chroot environment when creating socket file.

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def, src/sec-mod.c: simplified umask

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main.c, src/sec-mod.c, src/sec-mod.h,
	src/tlslib.c: updates in unix socket creation

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: added missing file

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c: use pkcs11_reinit() only when defined.

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: adjust buffer size if needed.

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: consider TCP MSS in MTU
	calculations.

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: set certain limits on the worker process using
	setrlimit()

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c, src/plain.c: Added copyright headers

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ccan/list/list.c, src/http-parser/http_parser.c: include
	config.h in all files

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c: reinitialize PKCS #11 modules after fork

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c, src/tlslib.c: combine writes to a single system
	call.

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-privs.c: updated syscall list in seccomp

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS, TODO, configure.ac, doc/Makefile.am,
	doc/sample.config, doc/sample.passwd, src/Makefile.am,
	src/common.c, src/common.h, src/config.c, src/main-misc.c,
	src/main.c, src/main.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sec-mod.c, src/sec-mod.h, src/tlslib.c,
	src/tlslib.h, src/vpn.h, src/worker-tun.c, src/worker-vpn.c: The TLS
	private keys are kept into a privileged process.  That process is called security-module (sec-mod) and communicates
	with the workers using a unix domain socket.

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: Always send the provided password to PAM irrespective
	of the prompt.

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS, TODO, config.h.in, configure.ac,
	gl/Makefile.am, gl/fseek.c, gl/fseeko.c, gl/fstat.c, gl/getpass.c,
	gl/getpass.h, gl/lseek.c, gl/m4/fseek.m4, gl/m4/fseeko.m4,
	gl/m4/fstat.m4, gl/m4/getpass.m4, gl/m4/gnulib-cache.m4,
	gl/m4/gnulib-comp.m4, gl/m4/largefile.m4, gl/m4/lseek.m4,
	gl/m4/minmax.m4, gl/m4/strdup.m4, gl/m4/sys_stat_h.m4,
	gl/m4/sys_types_h.m4, gl/malloc.c, gl/minmax.h, gl/stdio-impl.h,
	gl/strdup.c, gl/sys_stat.in.h, gl/unistd.in.h, src/Makefile.am,
	src/ocpasswd-args.c, src/ocpasswd-args.def, src/ocpasswd-args.h,
	src/ocpasswd.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/plain.c, src/vpn.h: crypt(3) is used in the
	plain password file.  In addition, ocpasswd program was added to generate password file
	entries.

2013-03-14  Nikos Mavrogiannopoulos <nikos@esat.kuleuven.be>

	* src/Makefile.am, src/ocpasswd.c, src/plain.c: Added ocpasswd

2013-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/sample.config, doc/scripts/ocserv-down,
	doc/scripts/ocserv-script, doc/scripts/ocserv-up: Updated sample
	script.

2013-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/log.c, src/main-auth.c, src/main-misc.c,
	src/main-user.c, src/main.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/script-list.h,
	src/tun.c, src/worker-auth.c: Do not let scripts block the server
	operation.

2013-03-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, build-aux/snippet/_Noreturn.h, config.h.in,
	doc/sample.config, gl/Makefile.am, gl/errno.in.h, gl/getdelim.c,
	gl/getline.c, gl/m4/errno_h.m4, gl/m4/extensions.m4,
	gl/m4/extern-inline.m4, gl/m4/getdelim.m4, gl/m4/getline.m4,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/malloc.m4,
	gl/m4/realloc.m4, gl/m4/stdio_h.m4, gl/m4/stdlib_h.m4,
	gl/realloc.c, gl/stdio.in.h, gl/stdlib.in.h, gl/unistd.in.h,
	src/Makefile.am, src/config.c, src/main-auth.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/plain.c, src/plain.h,
	src/vpn.h: Added plain password format

2013-03-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: small doc updates

2013-03-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/tlslib.c, src/tlslib.h, src/worker-vpn.c: enable session
	tickets.

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: manual page moved to section 8

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/config.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tlslib.c, src/vpn.h: Added ability to specify
	multiple certificate and key pairs.

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tlslib.c, src/tlslib.h, src/vpn.h: Allow
	setting DH parameters.

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: check the server certificate prior to initialization

2013-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: Added sanity check on certificate and key reading.

2013-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: Exit when mandatory configuration options are not
	present

2013-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: rate-limit-ms is no longer mandatory to set

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: updated
	doc

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 0.0.2

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: updated text

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: seccomp is disabled by default

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tlslib.c, src/vpn.h: Allow setting OCSP
	responses.

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-tun.c: corrected advertized address

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: small optimizations

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c, src/worker.h: unified POST
	handlers, and auto-detect xml content

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: corrected check for banned entries

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: Eliminated memory leaks on lists.

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/config.c, src/main-auth.c,
	src/main-misc.c, src/main.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h: Allow setting a
	reconnection delay time after a failed authentication attempt (added
	min-reauth-time option).

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: Allow longer sleeps than a second.

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* : corrected typo

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/config.c, src/main.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h: Allow setting a
	rate limit on the number of connections.

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated doc

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: do not link against 3.1.7 or 8 version of gnutls.

2013-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h,
	src/worker-auth.c, src/worker-vpn.c: Anyconnect client compatibility
	is optional.

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: simplified certificate request and require setting.

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/worker-tun.c: fix the 'local' keyword in DNS server
	settings.

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: corrected cert require rule

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/tlslib.c, src/vpn.h,
	src/worker-auth.c, src/worker.h: Added option to allow sending a
	cookie without the corresponding certificate.  This option is required for the cisco clients, that do not always
	use the client certificate. When this option is set to false it
	means that the cookie itself is sufficient for authentication. This
	is bad practice of smart cards are in use.

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: use chdir prior to chroot.

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/profile.xml, doc/sample.config,
	src/Makefile.am, src/config.c, src/main.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/tlslib.c, src/tlslib.h,
	src/vpn.h, src/worker-auth.c, src/worker-vpn.c: Several updates to
	handle URLs requested by the cisco client.

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c, src/worker.h: Send correct
	replies.

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: Added title into success message

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: always set max-age

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/vpn.h, src/worker-auth.c: include banner in the
	XML success message.

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: ocserv.1 built is optional

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: more verbose in client methods

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-02-26  Jason Cooper <jason@lakedaemon.net>

	* configure.ac, doc/Makefile.am, src/Makefile.am: warn if autogen
	isn't installed Signed-off-by: Jason Cooper <jason@lakedaemon.net>

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/vpn.h, src/worker-vpn.c: Banner was made
	configurable.

2013-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-resume.c: log message updates

2013-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Added timeout to handshake().

2013-02-26  Jason Cooper <jason@lakedaemon.net>

	* .gitignore, doc/ocserv.1: doc/ocserv.1 is generated, don't track
	it Signed-off-by: Jason Cooper <jason@lakedaemon.net>

2013-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: doc update

2013-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: message updates

2013-02-26  Jason Cooper <jason@lakedaemon.net>

	* .gitignore, Makefile.am, configure.ac: add cscope/ctags make
	targets Newcomers to the code often use these tools to learn their way
	around.  Integrate them into the build so that we don't accidentally
	track their files.  Signed-off-by: Jason Cooper <jason@lakedaemon.net> Signed-off-by:
	Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-02-26  Jason Cooper <jason@lakedaemon.net>

	* src/main.c: main: check return of daemon() Signed-off-by: Jason Cooper <jason@lakedaemon.net> Signed-off-by:
	Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: remove Werror from automake flags

2013-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/main.c: updated

2013-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* autogen.sh: Added autogen file.

2013-02-25  Jason Cooper <jason@lakedaemon.net>

	* .gitignore, aclocal.m4: don't track aclocal.m4, it's a generated
	file Signed-off-by: Jason Cooper <jason@lakedaemon.net> Signed-off-by:
	Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/Makefile.am, src/main.c: Added
	support for TCP wrappers (libwrap)

2013-02-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Added some more CSTP headers

2013-02-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h, src/worker-vpn.c: 
	Allow setting NBNS.

2013-02-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2013-02-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: updated installation instructions

2013-02-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: depend on automake 1.11.3

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c, src/worker.h: more complete
	http body handling

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: better initialization of req.

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* aclocal.m4, build-aux/ar-lib, configure.ac: Added AM_PROG_AR to
	keep automake-1.12 happy. Reported by David Woodhouse.

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Corrected issue with openconnect <= 4.00.
	Reported by Mike Miller.

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: Fix out-of-source tree build. Patch by Mike
	Miller.

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO, doc/ocserv.1, doc/sample.config, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h: doc update

2013-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: small update

2013-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: small update

2013-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: updated manual

2013-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: added news

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: updates in DPD handling When have not received DPD for long try sending instead of
	immediately failing.  Also treat any received message as DPD to
	prevent kicking an active client.

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: DPD_TRIES was defined and increased to 5 from 3

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: small optimizations

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: updated sample config

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* AUTHORS: updated

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: print the DPD time.

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/main.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/worker-misc.c: when receive a new UDP
	session, forward the fd and replace the old.

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/tlslib.c: simplified TLS file load and reload.

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c, src/tlslib.h: Load PINs early.

2013-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/config.c, src/main.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/tlslib.c, src/vpn.h: 
	Added configuration options for PIN files.

2013-02-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c, src/worker.h: print debugging
	information on the received HTTP headers

2013-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: doc update

2013-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h, src/worker-vpn.c: 
	mtu discovery via DPD is optional

2013-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, configure.ac, doc/ocserv.1, src/Makefile.am,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/version.def.in: Added version.def.in

2013-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: doc update

2013-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: updated
	bug report address

2013-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-gdbm.c, src/cookies-hash.c, src/main-auth.c: when
	restoring a cookie connection, extend the lifetime of the cookie.

2013-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO, doc/sample.config, src/tlslib.c, src/worker-vpn.c,
	src/worker.h: Added some kind of path MTU discovery using DPD.

2013-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: simplified messages

2013-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-hash.c, src/main-resume.c: better log messages

2013-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-hash.c, src/main-resume.c, src/tlslib.h: Enable
	maintainance when maximum TLS sessions have been reached. Set more
	sane defaults for max sessions.

2013-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-hash.c, src/main.c, src/main.h: When the cookie DB is
	full enforce maintainance.

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/tun.c: simplified (and corrected) TUN device
	creation and re-use

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: postpone usage of cork and uncork

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: corrected typo

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: simplified main loop

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-hash.c: reduced the default hash table size.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-privs.c: Added missing ioctl().

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: Allow NULL PAM auth token. This would allow to have
	password authentication on certain users that have a certificate.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/ocserv.1, doc/scripts/ocserv-down,
	doc/scripts/ocserv-up, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: Added example scripts and updated documentation.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/sample.config: Added missing files

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/main-auth.c, src/main-user.c,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: Simplify
	script calling by using the environment

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: quit if no TCP port is available.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main.c, src/main.h, src/tlslib.c: write the
	correct PID in pid file

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/config.c, src/cookies.h, src/ipc.h,
	src/main-auth.c, src/main-misc.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/pam.c, src/pam.h,
	src/vpn.h, src/worker-auth.c: Use PAM account management and added
	support for user groups.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, README, configure.ac, src/config.c, src/log.c,
	src/main.c, src/main.h, src/tlslib.c, src/tlslib.h, src/vpn.h,
	src/worker-tun.c, src/worker-vpn.c: HUP signal reloads configuration

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config: Updated documentation

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: use common function to exit

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/log.c, src/tun.h, src/worker-auth.c, src/worker-tun.c,
	src/worker-vpn.c: small updates

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/Makefile.am, src/worker-privs.c,
	src/worker-vpn.c, src/worker.h: Added support for seccomp (untested)

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main.c, src/main.h, src/worker-misc.c: 
	connect occurs before sending the fd to worker.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-user.c: set time to entry only when writing the WTMP file

2013-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: corrected definition

2013-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c: DTLS-Rekey time is set to be
	the 2/3 of cookie validity

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-gdbm.c, src/main.c: fork moved to gdbm backend
	expiration

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/config.rpath: added missing file

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: better set socket options

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-user.c: Write wtmp file if possible.

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-hash.c, src/main-misc.c, src/main.c: increased cookie
	hash table size and better cleanup resources on errors

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-gdbm.c, src/cookies-hash.c, src/cookies.c,
	src/cookies.h, src/main.c, src/sample.config: erase cookie data
	before forking to unprivileged process.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: when expiring stuff, do it on the main process unless
	we use gdbm.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main-auth.c, src/main-misc.c, src/main.h,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/sample.config, src/vpn.h: enforce maximum number of same clients

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: Set a default config file.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config: Added PID file

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main-resume.c, src/ocserv-args.c,
	src/ocserv-args.h, src/worker-misc.c, src/worker-vpn.c,
	src/worker.h: small reorganization

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: Added OID examples

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: ignore certificate in DTLS session

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: more explicit debug messages.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: do not require certificate on DTLS session

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/log.c, src/main.c: simplified logging in debug mode

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, aclocal.m4, config.h.in, configure.ac,
	m4/lib-link.m4, src/config.c, src/log.c, src/main-auth.c,
	src/main-user.c, src/main.c, src/pam.c, src/tlslib.c, src/tun.c: 
	Several changes to compile on old linux kernels, and in constrained
	libgnutls libraries

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: kick out the peer if non DPD
	packets are received for 3x the DPD time

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Ignore non-fatal DTLS errors.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/setproctitle.c, src/setproctitle.h: Use a compatible with
	BSD's setproctitle.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: changes in debugging messages

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: Added wait_fd state in UDP channel

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/setproctitle.c, src/setproctitle.h: used a more
	sane setproctitle

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/main.c, src/setproctitle.c,
	src/setproctitle.h: set process title

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* COPYING: added license

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/ipc.h, src/main-auth.c, src/main-misc.c,
	src/main.h, src/worker-auth.c, src/worker-misc.c, src/worker-tun.c,
	src/worker-vpn.c, src/worker.h: MTU is now set via the main server

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config, src/vpn.h, src/worker-vpn.c: 
	Added configurable DPD

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/worker-vpn.c: explicitly close the logging
	subsystem

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/worker-tun.c, src/worker-vpn.c, src/worker.h: 
	separated tun handling code from main worker code.

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: correctly send termination signal to peer

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/worker-vpn.c: added a more graceful termination of
	workers.

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-gdbm.c, src/cookies-hash.c, src/cookies.h,
	src/main-auth.c, src/main.c, src/main.h, src/worker-vpn.c: several
	updates in cookies, and tun handling.

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: fixes for newer gnutls

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: set tun device MTU based on minimum MTU of DTLS
	and TLS.

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sample.config: sample config uses cookie DB

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.h, src/tlslib.c, src/tlslib.h,
	src/worker-auth.c, src/worker-vpn.c: use gnutls cork() and uncork()
	when available

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/main.h, src/ocserv-args.def, src/sample.config,
	src/tlslib.c, src/tlslib.h, src/vpn.h, src/worker.h: cleaned up TLS
	code which was moved to tlslib

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: mtu cleanups

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/Makefile.am, src/config.c,
	src/cookies-gdbm.c, src/cookies-hash.c, src/cookies.c,
	src/cookies.h, src/main.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/sample.config,
	src/vpn.h: gdbm was re-added and made optional.

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README, src/sample.config: updated readme

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* : updated

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/vpn.h, src/worker-vpn.c, src/worker.h: Honour client's MTU
	choice.

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: removed warning

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* : Added a description of the server

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO, src/config.c, src/ipc.h, src/log.c, src/main-auth.c,
	src/main-resume.c, src/main.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/sample.config,
	src/tun.c, src/tun.h, src/vpn.h, src/worker-auth.c,
	src/worker-vpn.c, src/worker.h: Use a single UDP port in the server.  Several modifications to use a single UDP port in the server. This
	is currently done using a hack, i.e., pass the UDP socket to worker,
	close it on the main server and then re-open it (using REUSEADDR).  Also several updates in TUN handling to allow more than one clients
	connecting.

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-user.c: removed unneeded warning

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/config.c, src/cookies.c,
	src/cookies.h, src/main-auth.c, src/main.c, src/main.h,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/sample.config, src/tlslib.c, src/tlslib.h, src/vpn.h: dropped
	dependency on gdbm. Cookies are stored in a hash.

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-user.c: corrected issue in utmp

2013-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: removed uneeded text

2013-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/main-auth.c,
	src/main-script.c, src/main-user.c, src/main.c, src/main.h,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/sample.config, src/vpn.h: Added explicit logging to UTMP file.

2013-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, gl/Makefile.am, gl/hash-pjw-bare.c,
	gl/hash-pjw-bare.h, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	src/Makefile.am, src/ccan/build_assert/build_assert.h,
	src/ccan/check_type/check_type.h,
	src/ccan/container_of/container_of.h, src/ccan/hash/hash.c,
	src/ccan/hash/hash.h, src/ccan/htable/htable.c,
	src/ccan/htable/htable.h, src/ccan/htable/htable_type.h,
	src/ccan/licenses/BSD-MIT, src/ccan/licenses/CC0,
	src/ccan/licenses/LGPL-2.1, src/ccan/list/list.c,
	src/ccan/list/list.h, src/hash.h, src/hashtable.h, src/list.h,
	src/main-auth.c, src/main-resume.c, src/main-script.c, src/main.c,
	src/main.h, src/tlslib.c, src/tlslib.h, src/tun.c, src/tun.h: Use
	CCAN hashes and lists.

2013-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: added fixme

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/log.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/vpn.h, src/worker-auth.c, src/worker-vpn.c: 
	corrected DTLS packet handling.

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.h, src/log.c, src/main.c, src/main.h, src/tlslib.h,
	src/vpn.h, src/worker-resume.c, src/worker.h: reorganized headers

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.h, src/ipc.h, src/main-auth.c, src/main-script.c,
	src/main.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config, src/worker-auth.c: store
	hostname of the user, and pass it to scripts.

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: reply to the correct interface

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config, src/vpn.h, src/worker-vpn.c: 
	changes to enable VPN functionality.

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: be less verbose about children dying

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/main-script.c, src/main.h: call connect
	script with explicit lease

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/vpn.h, src/worker-vpn.c: Send X-CSTP-Version and read
	hostname.

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/tlslib.c, src/tlslib.h, src/tun.h: deinitialize
	the TLS cache prior to fork

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: depend on the correct gnutls version

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: added missing files

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.c, src/cookies.h, src/ipc.h, src/main.c: simplified
	call to expire cookies

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, TODO, aclocal.m4, config.h.in: updated

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: Check for root permissions after parsing command line

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-script.c, src/main.c, src/tun.c: use close-on-exec flag
	on fds

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/cloexec.c, gl/cloexec.h, gl/close.c,
	gl/dup2.c, gl/fcntl.c, gl/fcntl.in.h, gl/fd-hook.c, gl/fd-hook.h,
	gl/getdtablesize.c, gl/m4/close.m4, gl/m4/dup2.m4,
	gl/m4/fcntl-o.m4, gl/m4/fcntl.m4, gl/m4/fcntl_h.m4,
	gl/m4/getdtablesize.m4, gl/m4/gnulib-cache.m4,
	gl/m4/gnulib-comp.m4, gl/m4/msvc-inval.m4, gl/m4/msvc-nothrow.m4,
	gl/m4/off_t.m4, gl/m4/ssize_t.m4, gl/m4/stdbool.m4,
	gl/m4/sys_types_h.m4, gl/m4/unistd_h.m4, gl/msvc-inval.c,
	gl/msvc-inval.h, gl/msvc-nothrow.c, gl/msvc-nothrow.h,
	gl/stdbool.in.h, gl/sys_types.in.h, gl/unistd.c, gl/unistd.in.h: 
	added cloexec module

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-script.c, src/main.c, src/main.h: clear all fds and mem
	prior to exec

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/main-auth.c,
	src/main-script.c, src/main.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/sample.config,
	src/vpn.h: Added connect and disconnect scripts

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: handle disconnections

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: print the pid of dying processes

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-resume.c: removed debugging info

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-resume.c, src/main.c, src/main.h, src/sample.config,
	src/tlslib.c, src/tlslib.h, src/worker-vpn.c: Added automatic TLS
	session expiration.

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/main-resume.c, src/worker-resume.c: reduce
	the number of data exchanged during a resumption.

2013-02-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: Added missing file

2013-02-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, gl/Makefile.am, gl/hash-pjw-bare.c,
	gl/hash-pjw-bare.h, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/stdint.in.h, gl/sys_time.in.h, src/Makefile.am, src/hash.h,
	src/hashtable.h, src/ipc.h, src/list.h, src/main-auth.c,
	src/main-resume.c, src/main.c, src/main.h, src/tlslib.c,
	src/tlslib.h, src/vpn.h, src/worker-auth.c, src/worker-auth.h,
	src/worker-resume.c, src/worker-vpn.c, src/worker.h: Added session
	resumption to TLS server.

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: updated

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in: updated config.h.in

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: use the full certificate DN if no username is
	set

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c, src/vpn.h, src/worker-vpn.c: Added some primitive
	mtu handling

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/gettime.c, gl/gettimeofday.c, gl/m4/clock_time.m4,
	gl/m4/extern-inline.m4, gl/m4/gettime.m4, gl/m4/gettimeofday.m4,
	gl/m4/sys_socket_h.m4, gl/m4/sys_time_h.m4, gl/m4/time_h.m4,
	gl/m4/timespec.m4, gl/sys_time.in.h, gl/time.in.h, gl/timespec.c,
	gl/timespec.h: Added missing files

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/cookies.c, src/vpn.h: better name for db_file

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.h, src/main-auth.c, src/vpn.h, src/worker-auth.c,
	src/worker-auth.h: master secret doesn't need to be generated by the
	server

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main.c, src/sample.config, src/vpn.h: set a
	maximum number of clients

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/sample.config: set a default priority string if
	not set.

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: updated

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO, src/worker-vpn.c: cleanups

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO, aclocal.m4, gl/Makefile.am, gl/dummy.c,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, src/config.c,
	src/cookies.h, src/main-auth.c, src/main.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/sample.config,
	src/vpn.h, src/worker-auth.c, src/worker-auth.h, src/worker-vpn.c: 
	Fixed UDP side.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/worker-vpn.c: Allow a graceful shutdown.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.h, src/worker-vpn.c: Allow worker to received
	asynchronous commands from main.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/sample.config: chroot worker process

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: added missing file

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: Added todo

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/Makefile.am, src/main-auth.c,
	src/pam.c, src/pam.h: Added PAM authentication.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/cookies.c, src/cookies.h,
	src/log.c, src/main-auth.c, src/main.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/sample.config,
	src/tun.c, src/vpn.h, src/worker-auth.c, src/worker-auth.h,
	src/worker-vpn.c: several updates and fixes in auth

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/cookies.h, src/http_auth.c,
	src/http_auth.h, src/main.c, src/tun.c, src/vpn.c, src/vpn.h,
	src/worker-auth.c, src/worker-vpn.c: better file structure

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: silence background operation

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: notify that root access is required

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: daemonize

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config: small updates. Added sample
	configuration.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/log.c, src/main.c, src/vpn.c: Associate a gnutls session with
	the worker state ptr.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h: Read
	configuration file

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/vpn.c: make local option work

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, build-aux/compile: Added compile

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, Makefile.am, aclocal.m4, config.h.in, configure.ac,
	libopts/COPYING.gplv3, libopts/COPYING.lgplv3,
	libopts/COPYING.mbsd, libopts/MakeDefs.inc, libopts/Makefile.am,
	libopts/README, libopts/ag-char-map.h, libopts/alias.c,
	libopts/ao-strs.c, libopts/ao-strs.h, libopts/autoopts.c,
	libopts/autoopts.h, libopts/autoopts/options.h,
	libopts/autoopts/project.h, libopts/autoopts/usage-txt.h,
	libopts/boolean.c, libopts/check.c, libopts/compat/compat.h,
	libopts/compat/pathfind.c, libopts/compat/snprintf.c,
	libopts/compat/strchr.c, libopts/compat/strdup.c,
	libopts/compat/windows-config.h, libopts/configfile.c,
	libopts/cook.c, libopts/enum.c, libopts/env.c, libopts/file.c,
	libopts/find.c, libopts/genshell.c, libopts/genshell.h,
	libopts/libopts.c, libopts/load.c, libopts/m4/libopts.m4,
	libopts/m4/liboptschk.m4, libopts/makeshell.c, libopts/nested.c,
	libopts/numeric.c, libopts/parse-duration.c,
	libopts/parse-duration.h, libopts/pgusage.c, libopts/proto.h,
	libopts/putshell.c, libopts/reset.c, libopts/restore.c,
	libopts/save.c, libopts/sort.c, libopts/stack.c,
	libopts/streqvcmp.c, libopts/text_mmap.c, libopts/time.c,
	libopts/tokenize.c, libopts/usage.c, libopts/value-type.c,
	libopts/value-type.h, libopts/version.c, libopts/xat-attribute.c,
	libopts/xat-attribute.h, src/Makefile.am, src/config.c, src/main.c,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/vpn.h: use autogen for command line options

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/http_auth.c, src/main.c, src/vpn.c, src/vpn.h: better notation

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/vpn.c: Allow a certain number of requests to the HTTP server

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.c, src/cookies.h, src/http_auth.c, src/http_auth.h,
	src/log.c, src/main.c, src/vpn.c, src/vpn.h: server_st -> worker_st

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tun.c: bring up tun interface

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: initialize memory

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/http_auth.c, src/main.c, src/tun.c,
	src/tun.h, src/vpn.c, src/vpn.h: Provide client with normal leased
	IPs.

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/log.c, src/main.c, src/tun.c, src/tun.h, src/vpn.h: use const

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/vpn.c, src/vpn.h: main server keeps list of client
	IPs

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* main.c, src/http_auth.c, src/main.c, src/tun.c, src/tun.h,
	src/vpn.c, src/vpn.h: updated

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/main.c, src/tun.c, src/tun.h: separated tun
	code from main

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, build-aux/snippet/arg-nonnull.h,
	build-aux/snippet/c++defs.h, build-aux/snippet/warn-on-use.h: Added
	missing files

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/Makefile.am, src/auth.c, src/auth.h,
	src/http_auth.c, src/http_auth.h, src/main.c, src/vpn.c, src/vpn.h: 
	updated server.

2013-01-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* main.c: Added missing file

2013-01-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* root/index.xml, root/login.xml, src/auth.c, src/auth.h, src/vpn.c: 
	Fixed connection issue with new openconnect client.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, src/main.c, src/vpn.c: small fixes

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.c, src/main.c, src/vpn.h: Allow dropping privileges

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/vpn.c: set configured addresses to tun device.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/auth.c, src/tlslib.h, src/vpn.c: tls_print -> tls_puts to
	distinguish from printf

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/auth.c, src/auth.h, src/main.c, src/vpn.c, src/vpn.h: 
	preliminary configuration for networks.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/auth.c, src/common.h, src/cookies.c,
	src/log.c, src/main.c, src/tlslib.c, src/vpn.c, src/vpn.h: Added
	internal logging subsystem.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, AUTHORS, COPYING, ChangeLog, INSTALL, Makefile,
	Makefile.am, NEWS, README, aclocal.m4, build-aux/depcomp,
	build-aux/install-sh, build-aux/missing, config.h.in, configure.ac,
	gl/Makefile.am, gl/dummy.c, gl/m4/00gnulib.m4, gl/m4/extensions.m4,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-common.m4,
	gl/m4/gnulib-comp.m4, gl/m4/gnulib-tool.m4, gl/m4/include_next.m4,
	gl/m4/longlong.m4, gl/m4/memchr.m4, gl/m4/memmem.m4,
	gl/m4/mmap-anon.m4, gl/m4/multiarch.m4, gl/m4/stddef_h.m4,
	gl/m4/stdint.m4, gl/m4/string_h.m4, gl/m4/warn-on-use.m4,
	gl/m4/wchar_t.m4, gl/memchr.c, gl/memchr.valgrind, gl/memmem.c,
	gl/stddef.in.h, gl/stdint.in.h, gl/str-two-way.h, gl/string.in.h,
	src/Makefile.am, src/auth.c, src/cookies.c, src/main.c,
	src/tlslib.c, src/vpn.c: Added automake/autoconf system

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* auth.c, auth.h, common.h, cookies.c, cookies.h,
	http-parser/http_parser.c, http-parser/http_parser.h, list.h,
	main.c, src/auth.c, src/auth.h, src/common.h, src/cookies.c,
	src/cookies.h, src/http-parser/http_parser.c,
	src/http-parser/http_parser.h, src/list.h, src/main.c,
	src/tlslib.c, src/tlslib.h, src/vpn.c, src/vpn.h, tlslib.c,
	tlslib.h, vpn.c, vpn.h: Moved sources

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* vpn.c, vpn.h: better handling of headers.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* auth.c, cookies.h, main.c, vpn.h: extract username from
	certificate.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* vpn.c: removed unused code

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile, auth.c, auth.h, common.h, cookies.c, cookies.h,
	http-parser/http_parser.c, http-parser/http_parser.h, list.h,
	main.c, root/index.xml, root/login.xml, server.c, tlslib.c,
	tlslib.h, vpn.c, vpn.h: updated server

2013-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile: a.out -> server Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-01-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile, server.c: updated for gnutls Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-01-04  David Woodhouse <David.Woodhouse@intel.com>

	* Initial import of test hack Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

