2014-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/test-iroute.config, tests/test-multi-cookie.config,
	tests/test-pam.config, tests/test-pass-script.config,
	tests/test1.config, tests/test2.config, tests/test3.config: updated
	config files

2014-01-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: removed pre0

2014-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c: indented file

2014-01-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/sec-mod.c: Added support for getpeereid

2014-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, README, src/worker-privs.c: updated seccomp rules.

2014-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: Do not rehandshake on the DTLS
	channel.

2014-01-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: better detect original readline

2014-01-21  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/worker-vpn.c, src/worker.h: protect the server from multiple
	rehandshakes.

2014-01-21  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/tlslib.c, src/worker-vpn.c: when the client requests a
	rehandshake accept there request.

2014-01-21  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* configure.ac, src/Makefile.am, src/occtl.c: When libreadline isn't
	available try editline.

2014-01-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: better checking for readline

2014-01-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/Makefile.am,
	src/google/protobuf-c/protobuf-c.c,
	src/google/protobuf-c/protobuf-c.h,
	src/protobuf/google/protobuf-c/protobuf-c.c,
	src/protobuf/google/protobuf-c/protobuf-c.h: Changes to avoid the
	embedded protobuf files being included when not needed.

2014-01-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/main-misc.c, src/occtl.c: code cleanup

2014-01-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: do not duplicate technical info

2014-01-20  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* README, configure.ac, src/Makefile.am,
	src/google/protobuf-c/protobuf-c.c,
	src/google/protobuf-c/protobuf-c.h: protocolbuf-c was made an
	optional dependency.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: more reasonable line wrapping

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: better order of options

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/base64.c, gl/base64.h, gl/gettimeofday.c,
	gl/m4/absolute-header.m4, gl/m4/base64.m4, gl/m4/gettimeofday.m4,
	gl/m4/sys_socket_h.m4, gl/m4/sys_time_h.m4, gl/sys_time.in.h: Added
	gnulib's missing files

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: simplified ciphersuite selection
	method and select ciphers based on server's desire.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.h, src/vpn.h, src/worker-auth.c, src/worker-vpn.c,
	src/worker.h: better definition names.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: increased minimum maintainance time, and decreased log
	level of maintainance message.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/config.rpath, build-aux/snippet/arg-nonnull.h,
	build-aux/snippet/c++defs.h, build-aux/snippet/warn-on-use.h,
	gl/Makefile.am, gl/c-ctype.c, gl/c-ctype.h, gl/c-strcase.h,
	gl/c-strcasecmp.c, gl/c-strncasecmp.c, gl/cloexec.c, gl/cloexec.h,
	gl/close.c, gl/dup2.c, gl/errno.in.h, gl/fcntl.c, gl/fcntl.in.h,
	gl/fd-hook.c, gl/fd-hook.h, gl/fseek.c, gl/fseeko.c, gl/fstat.c,
	gl/getdelim.c, gl/getdtablesize.c, gl/getline.c, gl/getpass.c,
	gl/getpass.h, gl/lseek.c, gl/m4/00gnulib.m4, gl/m4/close.m4,
	gl/m4/dup2.m4, gl/m4/errno_h.m4, gl/m4/extensions.m4,
	gl/m4/extern-inline.m4, gl/m4/fcntl-o.m4, gl/m4/fcntl.m4,
	gl/m4/fcntl_h.m4, gl/m4/fseek.m4, gl/m4/fseeko.m4, gl/m4/fstat.m4,
	gl/m4/getdelim.m4, gl/m4/getdtablesize.m4, gl/m4/getline.m4,
	gl/m4/getpass.m4, gl/m4/gnulib-cache.m4, gl/m4/gnulib-common.m4,
	gl/m4/gnulib-comp.m4, gl/m4/gnulib-tool.m4, gl/m4/include_next.m4,
	gl/m4/largefile.m4, gl/m4/lib-ld.m4, gl/m4/lib-link.m4,
	gl/m4/lib-prefix.m4, gl/m4/longlong.m4, gl/m4/lseek.m4,
	gl/m4/malloc.m4, gl/m4/memchr.m4, gl/m4/memmem.m4, gl/m4/minmax.m4,
	gl/m4/mmap-anon.m4, gl/m4/msvc-inval.m4, gl/m4/msvc-nothrow.m4,
	gl/m4/multiarch.m4, gl/m4/off_t.m4, gl/m4/realloc.m4,
	gl/m4/ssize_t.m4, gl/m4/stdbool.m4, gl/m4/stddef_h.m4,
	gl/m4/stdint.m4, gl/m4/stdio_h.m4, gl/m4/stdlib_h.m4,
	gl/m4/strdup.m4, gl/m4/string_h.m4, gl/m4/sys_stat_h.m4,
	gl/m4/sys_types_h.m4, gl/m4/time_h.m4, gl/m4/unistd_h.m4,
	gl/m4/warn-on-use.m4, gl/m4/wchar_t.m4, gl/malloc.c, gl/memchr.c,
	gl/memmem.c, gl/minmax.h, gl/msvc-inval.c, gl/msvc-inval.h,
	gl/msvc-nothrow.c, gl/msvc-nothrow.h, gl/realloc.c,
	gl/stdbool.in.h, gl/stddef.in.h, gl/stdint.in.h, gl/stdio-impl.h,
	gl/stdio.in.h, gl/stdlib.in.h, gl/str-two-way.h, gl/strdup.c,
	gl/string.in.h, gl/sys_stat.in.h, gl/sys_types.in.h, gl/time.in.h,
	gl/unistd.in.h: updated gnulib

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c, src/worker-misc.c: on unknown messages print the
	number of the message when cmd_request_to_str() is used.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c: evened out the level of some
	debug messages.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/log.c, src/main-auth.c, src/main-resume.c, src/main.h: 
	mslog_hex() will allow printing values encoded in base64.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: better debug messge

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ipc.proto, src/main.c, src/main.h, src/worker-auth.c,
	src/worker-vpn.c, src/worker.h: Use base64 to encode Cookies. That
	reduces the size of the cookie.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-ctl-handler.c, src/main-misc.c, src/main.h: Added proc_st
	status PS_AUTH_FAILED to prevent users that failed authentication to
	leave a zombie proc_st.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: use pselect() in worker process as well.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: better message when cannot reach server.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-ctl-handler.c: main-ctl-handler.c when disconnecting IDs and ID==-1 then continue looping until all
	zombies have been cleaned up.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: list users -> show users

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: remove zombie proc_st when its state has been
	'stolen'

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: reduce maintainance time to remove zombie processes
	sooner.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: when taking the state of a proc_st set its status
	to zombie.

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-ctl-handler.c: do not give information on zombie
	processes

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl-nl.c, src/occtl-time.c, src/occtl.c: info printing
	updates

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: updated copyright date

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: updated authors

2014-01-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ipc.proto, src/main-auth.c, src/main.c, src/main.h,
	src/vpn.h, src/worker-auth.c, src/worker-vpn.c, src/worker.h: 
	instead of using the TLS session ID as session identifier prior to
	authentication use the webvpncontext cookie.

2014-01-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/main-misc.c: send auth reply failure when
	needed.

2014-01-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ipc.proto: Added sketch of authentication protocol between
	main and worker.

2014-01-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/common.c, src/cookies.c, src/ipc.proto,
	src/main-auth.c, src/main-ctl-handler.c, src/main-misc.c,
	src/main-resume.c, src/main.c, src/main.h, src/vpn.h,
	src/worker-auth.c, src/worker-vpn.c, src/worker.h: enabling
	cisco-client-compat allows 'stealing' of processes.  This change puts a proc_st that its client has terminated to a
	"zombie" state. That state will allow a client that connects later
	using the same TLS session ID to reclaim it. That way clients that
	try to authenticate by sending their credentials in different
	sessions can still authenticate with ocserv. That however puts more
	trust to worker processes (as the main process has no way of telling
	whether a TLS session is certainly resumed).

2014-01-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main-auth.c, src/ocserv-args.def, src/tlslib.c,
	src/vpn.h, src/worker-auth.c: replace always-require-cert with
	cisco-client-compat.

2014-01-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: added missing dependency

2014-01-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: documented all dependencies

2014-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: configure info update

2014-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl-nl.c: corrected prototype

2014-01-14  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main-ctl-handler.c: send empty array instead of nothing when a
	user or ID aren't found.

2014-01-14  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/occtl.c: print correct error when a user or ID are not found

2014-01-13  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* configure.ac, src/Makefile.am, src/occtl-nl.c, src/occtl.c,
	src/occtl.h: Added function to print network interface statistics.

2014-01-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: free the output of gnutls_session_get_desc

2014-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-user.c, src/ocserv-args.def: export ID env variable

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.h: print file name instead of function name

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c, src/common.h, src/main-misc.c, src/main.h,
	src/worker-auth.c, src/worker-resume.c, src/worker.h: print textual
	name of messages exchanged.

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ipc.proto, src/main-ctl-handler.c, src/main-misc.c,
	src/main.h, src/occtl.c, src/vpn.h, src/worker-vpn.c, src/worker.h: 
	Store User-Agent information and send to occtl.

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: unset needs_compact_auth if client changes its
	mind.

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: use a common version message.

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: use config-auth header in success message

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: removed vpn-client-pkg-version which didn't
	seem to affect anything.

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: combined CSCOT URLs

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c, src/worker.h: Replaced the
	username cookie with a compact auth option.  That option performs authentication of username, password in a
	single go for clients that request Connection: Close.

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: use config-auth XML format.

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: corrected size calculation for CONFIG_MSG

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker.h: report the file name plus line instead of function
	name.

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c, src/tlslib.h, src/worker-auth.c: Indicate properly
	the status of TLS authentication when a client has reconnected.

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/worker-auth.c, src/worker-vpn.c: updated
	copyrights

2014-01-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/html.c, src/html.h, src/worker-auth.c, src/worker-vpn.c,
	src/worker.h: Allow a client to reconnect and continue
	authentication.  That allows clients like CISCO anyconnect to resume authentication
	in a different session by keeping the username in a cookie. That
	works only when a single password is used.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: Advertize a very low version of client.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: stricter check of acceptable states.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: more debug messages and be more strict when
	cannot read the password.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/html.c, src/worker-auth.c: Added more debugging messages.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c, src/vpn.h: increased maximum name size of DTLS cipher
	and other occtl cleanups.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/log.c, src/main-ctl-handler.c, src/vpn.h: Added human_addr2()
	which will display port number only when requested.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: reduced space for IPs

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: corrected reporting of VPN IP addresses.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: better reporting of ciphersuite and group name.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: corrected default pager behavior

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.h, src/vpn.h: increased sizes for ciphersuite name, and
	decreased maximum size for the DTLS ciphersuite (as we use openssl's
	short names)

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: removed dbus_message_iter_has_next() as it behaves
	differently on different versions.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-ctl-handler.c: more debugging info

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: ignore sigpipe and print (none) when no group is
	available.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/occtl-pager.c: Added configure option to specify
	the default pager for occtl.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main-user.c, src/worker-auth.c: Better error
	checking and cleaned up support for scripts.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/common.c: make sure that recvmsg() will continue after signal

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tun.c: use TUNSETPERSIST

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: systemd file installation is optional

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: corrected args file generation

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: combined EXTRA_DIST

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README, configure.ac, src/main.c: use pselect only when available.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: added missing file

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: Added SEE ALSO man section.

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-ctl-handler.c, src/ocpasswd-args.def,
	src/ocserv-args.def: updated copyright notices

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, src/Makefile.am, src/occtl-args.def,
	src/occtl-cache.c, src/occtl-pager.c, src/occtl-time.c, src/occtl.c: 
	Added occtl.8

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: removed CISCO example policy

2014-01-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: when used non-interactively return error codes to
	shell on failure.

2014-01-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/occtl.c: display proper error when server sends no reply on
	D-BUS.

2014-01-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* TODO: doc update

2014-01-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* config.h.in: removed auto-generated file

2014-01-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* doc/sample.config, src/ocserv-args.def: Added more conservative
	priority strings.

2014-01-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/Makefile.am, src/occtl-cache.c, src/occtl.c, src/occtl.h: Add
	usernames and session IDs to readline cache.  This allows auto-completion to show user, and show id, after list
	users is executed.

2014-01-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main-ctl-handler.c, src/occtl.c: shorter names for states

2014-01-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main-ctl-handler.c, src/occtl.c, src/worker-vpn.c: The
	ciphersuite of the client is transferred from the D-BUS interface.

2014-01-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ipc.proto, src/main-misc.c, src/main.h, src/vpn.h,
	src/worker-vpn.c: worker will send information on the negotiated
	TLS/DTLS ciphersuites to main.

2014-01-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* configure.ac, src/occtl-pager.c: do not start pager when not on a
	tty.

2014-01-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: updated commands and descriptions.

2014-01-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: print the license in the interactive client.

2014-01-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/main-ctl-handler.c,
	src/ocserv-args.def, src/vpn.h: Added configuration option use-dbus
	to allow disabling D-BUS usage.

2014-01-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: unblock signals in children.

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/config.c, src/main-ctl-handler.c, src/main.c, src/main.h,
	src/tlslib.c, src/tlslib.h: Try to release as much memory as
	possible to be able to detect real memory leaks.

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/config.c, src/main-misc.c: eliminated memory leaks

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main.c: block signals on the proper time.

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/occtl.c: use c_strncasecmp() and c_strcasecmp() for matching.

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/occtl-time.c: doc update

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/Makefile.am, src/occtl-time.c, src/occtl.c, src/occtl.h: print
	the connection time in a compact way

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/log.c: print brackets in IPs only when needed (IPv6+port)

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main-ctl-handler.c, src/occtl.c: Added commands to obtain
	information on a user or an ID.

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/Makefile.am, src/occtl-pager.c, src/occtl.c, src/occtl.h: Use
	pager in list users command.

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main-ctl-handler.c, src/main.c, src/main.h, src/occtl.c: Added
	reload and 'stop now' D-BUS commands.

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/occtl.c: print help when arguments are missing

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main.c: force kill if there are alive children after some time

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main.c: force kill if not every process dies.

2014-01-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main-ctl-handler.c, src/occtl.c: Simplified method handling.

2014-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: SIGINT doesn't terminate occtl

2014-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/occtl.c: better matching of higher level commands, and
	addition of the reset cmd.

2014-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main.c: remove_proc() calls
	remove_from_script_list().  This will prevent a race in the case where a proc is deleted (i.e.,
	user is disconnected) but a running script terminates afterwards and
	tries to reference the deleted proc.

2014-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: set sockets to non-blocking outside the loop.

2014-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/main-ctl-handler.c, src/main.c, src/main.h: 
	better names to lists

2014-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2014-01-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac: added subdir-objects

2014-01-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: use pselect() instead of select()

2014-01-08  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/occtl.c: terminate on EOF

2014-01-08  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/occtl.c: interface improvements in occtl

2014-01-08  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* .gitignore: more files to ignore

2014-01-08  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* configure.ac, doc/Makefile.am,
	doc/dbus/org.infradead.ocserv.conf,
	doc/dbus/org.infradead.ocserv.service: install D-BUS and systemd
	files.

2014-01-08  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2014-01-08  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* configure.ac, src/Makefile.am, src/main-ctl-handler.c,
	src/occtl.c: Added occtl a D-BUS client to query and send commands
	to server.

2014-01-08  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main-misc.c: when disconnecting a user make sure that no race
	conditions exist when killing the process.

2014-01-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* config.h.in, configure.ac, src/Makefile.am,
	src/main-ctl-handler.c, src/main.c, src/main.h, src/vpn.h: Added
	support for control commands using D-BUS.

2014-01-07  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/log.c: do not print a port number if it is not available

2014-01-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/config.c, src/main.c: when using systemd socket activation the
	tcp-port option is optional.  Moreover the UDP and TCP ports are "discovered" from the provided
	file descriptors.

2014-01-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* doc/Makefile.am, doc/systemd/ocserv.service,
	doc/systemd/ocserv.socket: Added example systemd socket and service
	files.

2014-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: Detect protobuf-c in systems without pkg-config.

2014-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/main.h: store the time a client connected.

2014-01-01  Kevin Cernekee <cernekee@gmail.com>

	* src/worker-vpn.c: Remove unnecessary AnyConnect /2/* files As long as all of our supported OSes are listed under /1/*, the /2/*
	files can be omitted.

2014-01-01  Kevin Cernekee <cernekee@gmail.com>

	* src/worker-vpn.c: Add support for Mac AnyConnect client Populate the 0-byte /1/Darwin_i386 file to prevent the following
	error:     The AnyConnect package on the secure gateway could not be
	    located.  You may be experiencing network connectivity issues.
	    Please try connecting again.  Tested with AnyConnect 3.1.03103.

2014-01-01  Kevin Cernekee <cernekee@gmail.com>

	* src/worker-extras.c: Fix auto-update regression on AnyConnect
	clients If /1/<OS> exists for every valid OS, then the client will never
	even try to request /2/binaries/update.txt.  Instead, it will
	request /1/binaries/update.txt, and then get very confused when the
	response looks like an XML document instead of a version string.

2014-01-01  Kevin Cernekee <cernekee@gmail.com>

	* README: README: Update dependencies

2013-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: set socket options in sockets received by systemd as
	well.

2013-12-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, config.h.in, configure.ac, src/Makefile.am, src/main.c: 
	Added support for systemd's socket activatable service.

2013-12-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: doc update

2013-12-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c, src/worker-vpn.c: Added comments

2013-12-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-12-19  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* .gitignore, configure.ac, src/Makefile.am, src/common.c,
	src/common.h, src/ipc.h, src/ipc.proto, src/log.c, src/main-auth.c,
	src/main-misc.c, src/main-resume.c, src/main.c, src/main.h,
	src/vpn.h, src/worker-auth.c, src/worker-extras.c,
	src/worker-misc.c, src/worker-resume.c, src/worker-tun.c,
	src/worker-vpn.c, src/worker.h: Converted IPC messaging to
	protocolbuffers-c That adds a dependency on protocolbuffers-c, but simplifies the
	worker-main communication protocol handling.

2013-12-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: removed dist-lzip

2013-12-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: moved length check to correct position

2013-12-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: doc update

2013-12-17  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ocserv-args.def: doc update

2013-12-17  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ocserv-args.def: Added text on generating the server
	certificate

2013-12-16  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ocserv-args.def: doc update

2013-12-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: doc update

2013-12-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: doc update

2013-12-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 0.2.3

2013-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: disabled limits that break the worker

2013-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, src/Makefile.am: generated files added to
	BUILT_SOURCES to fix parallel compilation

2013-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: avoid @AUTOGEN@

2013-12-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: Added newline

2013-12-13  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* TODO: doc update

2013-12-13  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* libopts/m4/libopts.m4: the generation of makefile isn't
	conditional

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* TODO: updated

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/cookies.c, src/cookies.h, src/ip-lease.c, src/main-auth.c,
	src/main.h: reduced cookie size by only writing down the ipv4 seed.

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/cookies.c, src/cookies.h, src/ip-lease.c, src/main-auth.c,
	src/main.h: Augmented cookie format to store the seeds used to
	generate IPv4 and IPv6 addresses.  This ensures that if the IP previously used by a user is free, it
	will be reassigned to him after a reconnection with the same cookie.

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: corrected typo

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: use IPV6_CHECKSUM only when available.

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/worker-tun.c: reorder

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: corrected typo

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: include netinet/ip.h prior to ip_icmp.h to have
	struct ip defined.

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: define ICMP_DEST_UNREACH in systems where it is
	not available

2013-12-11  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/icmp-ping.c: corrected typo

2013-12-10  Kevin Cernekee <cernekee@gmail.com>

	* src/main-auth.c: Fix multiple session disconnect when
	max-same-clients is 0 max-same-clients is used to limit the number of outstanding sessions (cookies).  If set to 0, it means an unlimited number of active
	cookies can be owned by each user.  But it doesn't mean that the
	same cookie can be reused for multiple CSTP connections with
	different IPs, as the protocol does not normally work this way.

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ip-lease.c: more verbose messages.

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ip-lease.c: updated debug messages.

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* doc/sample.config, src/config.c, src/group-config.c,
	src/main-misc.c, src/main.c, src/main.h, src/ocserv-args.def,
	src/vpn.h: Added support for cgroups

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/config.c, src/group-config.c: simplified reading the
	net-priority option

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-10  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/worker-vpn.c: corrected DPD sending in TLS. Reported by Kevin
	Cernekee.

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/group-config.c,
	src/ocserv-args.def, src/vpn.h, src/worker-vpn.c: Allow setting
	directly the IP_TOS from net-priority.

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: conditionally use SO_PRIORITY

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: do check the username validity only when a
	certificate is present.

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c: adjusted severity

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-tun.c, src/worker-vpn.c,
	src/worker.h: simplified setting of additional configuration in the
	worker process

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: corrected typo

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: do not require a certificate when authenticating
	with cookie and always-require-cert is set to false.

2013-12-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/worker-auth.c: Added more verbose logging

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* config.h.in, configure.ac, src/sec-mod.c: sec-mod ensures that
	requests come from the correct user.

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ocserv-args.def: doc update

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* doc/sample.config, src/Makefile.am, src/config.c,
	src/group-config.c, src/main-auth.c, src/main-config.c,
	src/main-misc.c, src/ocserv-args.def, src/vpn.h, src/worker-auth.c,
	src/worker-vpn.c, src/worker.h: Added the net-priority configuration
	option.  That option allows setting the protocol-defined priority (via
	SO_PRIORITY) for the UDP and TCP sockets, per user/group or
	globally.

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main.c: enforce the RLIMIT_FSIZE and RLIMIT_AS

2013-12-09  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* config.h.in, configure.ac, src/icmp-ping.c: use iphdr only when
	available

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: doc update

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: do not return empty usernames

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-pam, tests/test-pam.config: Added
	test-pam (which is only run manually)

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/test-cert, tests/test-iroute, tests/test-iroute.config,
	tests/test-multi-cookie, tests/test-multi-cookie.config,
	tests/test-pass, tests/test-pass-cert, tests/test-pass-script: 
	reduced fragility of the tests

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-iroute: store temp files in a fixed
	dir

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/main-auth.c, src/main-auth.h, src/pam.c, src/plain.c: 
	Allow PAM to update username

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: explicitly initialize module

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: removed newline from log messages

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ip-lease.c: Only add new leases to hash table (and print the
	assigned IPs).

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: print more details on certificate verification
	failure.

2013-12-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/icmp-ping.c, src/tun.c: 
	Conditionally include system specific headers.

2013-12-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: if no udp port is set do not bother sending DTLS
	info to client.

2013-12-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: doc update

2013-12-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: removed unneeded include

2013-12-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/config.c, src/main.c: udp-port can now be unset, and
	that will disable listening to UDP.

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* TODO: doc update

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* README: doc update

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS: doc update

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/main-auth.c, src/main-misc.c, src/main.c, src/script-list.h: 
	initialize values prior to list_for_each() calls, to avoid static
	analysers complaints on garbage values.

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ccan/list/list.h: undefine LIST_HEAD and LIST_HEAD_INIT

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* configure.ac: bumped version

2013-12-06  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* config.h.in, configure.ac, src/system.c, src/system.h: Use the
	correct sighandler definition on different systems.

2013-12-05  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* tests/test-iroute: use regex for comparison

2013-12-05  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* tests/Makefile.am, tests/test-multi-cookie,
	tests/test-multi-cookie.config: Added test case for the
	disconnection due to cookie re-use case.

2013-12-05  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* NEWS, src/ip-lease.c, src/main-auth.c, src/main-misc.c,
	src/main.h: When a new connection presents a cookie of an existing
	session the previous session is disconnected.

2013-12-05  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/Makefile.am: fixed issue when compiling with -j

2013-11-12  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/pam.c: further increase the PAM stack size to allow for more
	complex PAM modules

2013-12-05  Nikos Mavrogiannopoulos <nmav@redhat.com>

	* src/ip-lease.c: properly initialize rnd IP to avoid valgrind
	complaints

2013-12-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated todo

2013-12-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-30  Kevin Cernekee <cernekee@gmail.com>

	* README: README: Add info on build dependencies

2013-11-30  Kevin Cernekee <cernekee@gmail.com>

	* build-aux/.gitignore: Add build-aux/.gitignore

2013-11-30  Kevin Cernekee <cernekee@gmail.com>

	* build-aux/ar-lib, build-aux/compile, build-aux/depcomp,
	build-aux/install-sh, build-aux/missing, build-aux/test-driver: 
	Remove autogenerated scripts from git repo These get dirtied every time somebody runs autogen.sh.

2013-12-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-11-30  Kevin Cernekee <cernekee@gmail.com>

	* src/worker-vpn.c: Add X-CSTP-License header for mobile client
	compatibility The Android AnyConnect client passes authentication but refuses to
	establish a VPN link if this header is missing.

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: updated title

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, gl/m4/extern-inline.m4: updated gnulib

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/test-cert, tests/test-iroute, tests/test-iroute.config,
	tests/test-pass, tests/test-pass-cert, tests/test-pass-script,
	tests/test-pass-script.config, tests/test1.config,
	tests/test2.config, tests/test3.config: use different ports per test

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/test-iroute.config, tests/test-pass-script.config,
	tests/test1.config, tests/test2.config, tests/test3.config: daemon
	group is available in more systems. Use that for testing.

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-11-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: updated libopts detection

2013-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: doc update

2013-11-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/common.sh: relicensed after all authors agreed.

2013-11-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: use definitions to avoid discrepancies.

2013-11-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: corrected size of explicit nonce

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: The Salsa20 ciphersuites are used over DTLS 1.2,
	and their names follow the new encoding.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: be more precise in MTU calculation even without
	gnutls_est_record_overhead_size().

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Do not use an MTU that is bigger than the
	originally suggested one. Openconnect doesn't like that.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c, src/worker-vpn.c: Better estimate the record
	overhead.

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/log.c, src/main.c,
	src/ocserv-args.def, src/vpn.h, src/worker-auth.c,
	src/worker-extras.c, src/worker-vpn.c: Added the --http-debug option
	to ocserv to avoid printing full HTTP messages to normal debug mode.

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: more changes for the new
	ciphersuites

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Added ciphersuites OC-AES-GCM.

2013-11-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/vpn.h: corrected include to http-parser

2013-11-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/test-cert, tests/test-iroute, tests/test-pass,
	tests/test-pass-cert, tests/test-pass-script: relicensed files.

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/Makefile.am, src/worker-auth.c,
	src/worker-tun.c, src/worker-vpn.c: Check for local http_parser
	library. If found use it instead of the included one.

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: test before copy

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, configure.ac: Distribute the autogen'erated files as
	.bak and enable them only if local libopts is being used.

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: better phrasing.

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/scripts/ocserv-script: remove usage of wondershaper

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-bandwidth.c, src/worker-bandwidth.h, src/worker-vpn.c: 
	reduce the calls to gettime().

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/gettime.h: use CLOCK_REALTIME_COARSE if available.

2013-11-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in: update

2013-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: separated auto-generated files into special
	libraries to allow compilation using make -jx, x>1

2013-11-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* LICENSE: mentioned the libopts license

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: print package version on initialization

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: updated

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: added the srcdir prefix

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: delete libopts generated files if system libopts is
	being used

2013-11-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: ensure that auto-generated files will be
	auto-generated during compilation.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: removed no longer relevant item

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/ag-char-map.h, libopts/ao-strs.c, libopts/ao-strs.h,
	libopts/autoopts/options.h, libopts/autoopts/usage-txt.h,
	libopts/compat/compat.h, libopts/compat/strchr.c,
	libopts/configfile.c, libopts/genshell.c, libopts/genshell.h,
	libopts/m4/libopts.m4, libopts/option-value-type.c,
	libopts/option-value-type.h, libopts/option-xat-attribute.c,
	libopts/option-xat-attribute.h, libopts/pgusage.c, libopts/proto.h,
	libopts/streqvcmp.c, libopts/text_mmap.c, libopts/usage.c: updated
	to libopts 5.18.2

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in: updated

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/Makefile.am, libopts/ag-char-map.h, libopts/alias.c,
	libopts/ao-strs.c, libopts/ao-strs.h, libopts/autoopts.c,
	libopts/autoopts.h, libopts/autoopts/options.h,
	libopts/autoopts/project.h, libopts/autoopts/usage-txt.h,
	libopts/compat/pathfind.c, libopts/configfile.c, libopts/enum.c,
	libopts/find.c, libopts/genshell.c, libopts/genshell.h,
	libopts/gettext.h, libopts/init.c, libopts/load.c,
	libopts/m4/libopts.m4, libopts/makeshell.c,
	libopts/option-value-type.c, libopts/option-value-type.h,
	libopts/option-xat-attribute.c, libopts/option-xat-attribute.h,
	libopts/pgusage.c, libopts/proto.h, libopts/putshell.c,
	libopts/restore.c, libopts/save.c, libopts/stack.c,
	libopts/text_mmap.c, libopts/usage.c, libopts/version.c: updated
	libopts to 5.18

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 0.2.1

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/main-config.c,
	src/ocserv-args.def, src/worker-bandwidth.c, src/worker-bandwidth.h: 
	count bandwidth in kb/sec to avoid overflows on high bandwidth.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocpasswd-args.c, src/ocpasswd-args.h, src/ocserv-args.c,
	src/ocserv-args.h: removed auto-generated files.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/ocpasswd.c, src/str.c, src/str.h,
	src/worker-vpn.c: updated code to avoid memory leaks.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/sec-mod.c: do not ignore errors from system calls

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: autogenerate changelog prior to release

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: call setgroups() after setgid() to avoid staying with
	an unexpected group set.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/ocserv-args.def: Added pid-file command line
	option, that overrides the configured pid-file.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/ocpasswd-args.c, src/ocpasswd-args.h,
	src/ocserv-args.c, src/ocserv-args.h: reorganized file generation
	and removed auto-generated files.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: increased stack size for PAM coroutines to 64k.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac: link with libopts only if autogen is
	found. This avoids incompatibility issues with different
	autogen/libopts version.

2013-11-05  Mike Miller <mtmiller@ieee.org>

	* Makefile.am, configure.ac, src/Makefile.am: Allow linking with
	system libopts if installed

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/Makefile.am: removed unneeded check for gdbm

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: Move ocserv to sbin

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* AUTHORS, COPYING, src/common.c, src/common.h, src/config.c,
	src/cookies.c, src/cookies.h, src/gettime.h, src/html.c,
	src/html.h, src/icmp-ping.c, src/icmp-ping.h, src/ip-lease.c,
	src/ip-lease.h, src/ipc.h, src/log.c, src/main-auth.c,
	src/main-auth.h, src/main-config.c, src/main-misc.c,
	src/main-resume.c, src/main-user.c, src/main.c, src/main.h,
	src/ocpasswd.c, src/pam.c, src/pam.h, src/plain.c, src/plain.h,
	src/route-add.c, src/route-add.h, src/script-list.h, src/sec-mod.c,
	src/sec-mod.h, src/setproctitle.c, src/setproctitle.h, src/str.c,
	src/str.h, src/system.c, src/system.h, src/tlslib.c, src/tlslib.h,
	src/tun.c, src/tun.h, src/vpn.h, src/worker-auth.c,
	src/worker-bandwidth.c, src/worker-bandwidth.h,
	src/worker-extras.c, src/worker-misc.c, src/worker-privs.c,
	src/worker-resume.c, src/worker-tun.c, src/worker-vpn.c,
	src/worker.h: updated license information and authors

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, build-aux/config.rpath, config.h.in, configure.ac,
	gl/Makefile.am, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/m4/lib-ld.m4, gl/m4/lib-link.m4, gl/m4/lib-prefix.m4,
	m4/lib-link.m4: Added lib-link.m4 via gnulib.

2013-11-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-11-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/Makefile.am, src/config.c, src/gettime.h,
	src/main-auth.c, src/main-config.c, src/main-misc.c,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/str.c, src/str.h, src/vpn.h, src/worker-auth.c,
	src/worker-bandwidth.c, src/worker-bandwidth.h, src/worker-vpn.c,
	src/worker.h: Added directives to allow bandwidth limitation.

2013-11-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-config.c: do not fail if a configuration file is empty

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: reduced the severity of several messages.

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: more informative message

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: avoid multiple calls to time(0)

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-11-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-misc.c: added error message

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-pass-script,
	tests/test-pass-script.config: Added login-test when a connect or
	disconnect script is set.

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 0.2.0

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/worker-auth.c: Avoid calling
	handle_script_exit() twice on user connect.

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: return correct error code

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-user.c: corrected typo

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-resume.c, src/worker-auth.c, src/worker-resume.c: small
	updates

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main.c, src/vpn.h: Always terminate the
	worker unless he has already been dead.

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.h, src/worker-misc.c: Corrected behavior on error during
	receiving a UDP fd.

2013-10-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/main-misc.c, src/main.c, src/main.h: Avoid forwarding
	the UDP fd within a minute. That is to avoid duplicate messages
	messing the worker session.

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ccan/htable/htable.c, src/ip-lease.c, src/main.h,
	src/tlslib.c: updates in hash table usage.

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-iroute, tests/test-iroute.config,
	tests/user-config/test: Added test to check the application of user
	routes.

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/str.c, src/str.h, src/vpn.h,
	src/worker-auth.c, src/worker-vpn.c, src/worker.h: Avoid many system
	calls when sending serialized data.

2013-10-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ipc.h, src/main-auth.c, src/worker-auth.c: Simplified
	auth_reply transfer from main to worker.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated todo list

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: doc update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: doc update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/route-add.c: increased level of spawn errors.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in: updated

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: do not try load configuration on empty string
	groups

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: corrected bug

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/main-misc.c, src/worker-auth.c,
	src/worker-resume.c: Added more debugging information.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/dup2.c, gl/getdtablesize.c, gl/m4/dup2.m4,
	gl/m4/extern-inline.m4, gl/m4/getdtablesize.m4,
	gl/m4/gnulib-comp.m4, gl/m4/unistd_h.m4, gl/stdio-impl.h,
	gl/stdio.in.h, gl/unistd.in.h: updated gnulib

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-resume.c: small update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: Corrected certificate authentication.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-cert, tests/test-pass,
	tests/test-pass-cert, tests/test3.config: Added test with only a
	certificate.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac: bumped version

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/main-config.c, src/main-misc.c,
	src/main.c, src/main.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/route-add.c, src/route-add.h, src/tun.c,
	src/vpn.h: Added the 'iroute' directive to allow routes set on
	server.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/route-add.c,
	src/route-add.h, src/vpn.h: Added commands to add and remove a
	route.

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-config.c, src/main-misc.c: relocated function

2013-10-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/common.c, src/common.h,
	src/config.c, src/main-config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h: Added the ipv6-prefix
	configuration option

2013-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/common.c, src/common.h, src/ip-lease.c,
	src/ip-lease.h, src/ipc.h, src/main-auth.c, src/main-config.c,
	src/main-misc.c, src/main-resume.c, src/main-user.c, src/main.c,
	src/main.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tun.c, src/tun.h, src/vpn.h,
	src/worker-auth.c, src/worker-tun.c, src/worker-vpn.c, src/worker.h: 
	Increased the number of directives allowed in group and user
	configurations.

2013-10-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/Makefile.am, src/common.c,
	src/common.h, src/config.c, src/ipc.h, src/main-auth.c,
	src/main-config.c, src/main-misc.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h,
	src/worker-auth.c, src/worker-vpn.c, src/worker.h: Allow loading
	additional configuration files per user or per group.  The directives currently allowed are: ipv4/6_dns and route.

2013-10-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, config.h.in, configure.ac: bumped version

2013-10-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/config.c: Configuration file parsing was modified to
	allow detecting mispellings of directives and unknown options.

2013-10-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-10-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h, src/worker-vpn.c: 
	Added config options 'mtu' and 'output-buffer'.

2013-10-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: doc update

2013-10-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c, src/tlslib.h, src/worker-vpn.c: Do not wait for
	socket to be ready when sending DTLS data.

2013-10-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/worker-vpn.c: Reduce limit of output buffer on DTLS
	socket to reduce latency (following similar openconnect change).

2013-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: doc update

2013-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: corrected MTU suggestion when DTLS isn't used

2013-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Suggest a single MTU value instead of two
	distinct for DTLS and CSTP.

2013-09-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: better calculation of suggested to the peer MTU

2013-09-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac: released 0.1.6

2013-08-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/ocserv-args.def: doc update

2013-07-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-08-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocpasswd-args.c, src/ocpasswd-args.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h: doc update

2013-07-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/ag-char-map.h: Applied Bruce Korb's fix on unacceptable
	chars.

2013-07-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/ag-char-map.h: Revert "Ignore non-ascii characters in
	configuration file." This reverts commit f7a938e5d7fd07144062ea64a6ab028cf43bb3e6.

2013-07-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/ag-char-map.h: Ignore non-ascii characters in
	configuration file.  This is a quick fix for

	http://lists.infradead.org/pipermail/openconnect-devel/2013-July/001126.html

2013-07-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, configure.ac, src/Makefile.am, src/ocpasswd-args.c,
	src/ocpasswd-args.def, src/ocpasswd-args.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/version.def.in,
	src/version.inc.in: regenerate autogen'ed files when making a
	distribution.

2013-07-21  Mike Miller <mtmiller@ieee.org>

	* tests/test-pass, tests/test-pass-cert: Fix path to common.sh when
	tests run from another directory

2013-07-21  Mike Miller <mtmiller@ieee.org>

	* doc/Makefile.am: Add autogen search path to work when building out
	of the source tree

2013-07-21  Mike Miller <mtmiller@ieee.org>

	* src/ocpasswd-args.c, src/ocpasswd-args.def, src/ocpasswd-args.h: 
	Improve ocpasswd short description, re-run autogen

2013-07-21  Mike Miller <mtmiller@ieee.org>

	* src/main-resume.c, src/main.c, src/main.h: Fix typo maintainance
	-> maintenance

2013-07-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocpasswd.c: Ask the password twice to avoid mistakes.

2013-07-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 0.1.5

2013-07-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/plain.c: removed debugging

2013-07-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: use c_strcase in config file parsing

2013-07-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/html.c: check for errors in sscanf

2013-07-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, config.h.in, doc/sample.config, doc/sample.passwd,
	gl/Makefile.am, gl/c-ctype.h, gl/c-strcase.h, gl/c-strcasecmp.c,
	gl/c-strncasecmp.c, gl/fseeko.c, gl/m4/extern-inline.m4,
	gl/m4/fseeko.m4, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/msvc-inval.c, src/Makefile.am, src/html.c, src/html.h,
	src/plain.c, src/worker-auth.c, tests/test-pass, tests/test1.passwd: 
	Added decoder for HTML-encoded and URL-encoded passwords and
	usernames.  This prevents special characters from not being recognized. Reported
	by P.H.Vos.  Also updated gnulib and added c-strncasecmp

2013-07-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-extras.c, src/worker-vpn.c, src/worker.h: Added
	additional handlers for requested files.

2013-07-07  Kevin Cernekee <cernekee@gmail.com>

	* src/worker-extras.c, src/worker-vpn.c, src/worker.h: bypass
	AnyConnect client auto-update mechanism

2013-07-07  Kevin Cernekee <cernekee@gmail.com>

	* src/tlslib.c: add missing GnuTLS version checks around >= v3.2.0
	features

2013-07-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: use existing files

2013-07-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-07-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/common.sh, tests/test-pass, tests/test-pass-cert: moved
	common tests to common.sh

2013-07-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* tests/Makefile.am, tests/test-pass, tests/test-pass-cert,
	tests/test1, tests/test2: renamed scripts and added additional test
	with wrong username.

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: doc update

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, build-aux/depcomp, build-aux/test-driver,
	configure.ac, tests/Makefile.am, tests/ca-key.pem, tests/ca.pem,
	tests/common.sh, tests/server-cert.pem, tests/server-key.pem,
	tests/test1, tests/test1.config, tests/test1.passwd, tests/test2,
	tests/test2.config, tests/user-cert.pem, tests/user-key.pem: Added
	test suite that depends on openconnect.

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c: common check for user and group match.

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.h, src/main-misc.c, src/main.h, src/pam.c: Put a
	limit in the number of allowed authentication requests, and
	increased size of stack for co-routines.

2013-07-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: silence warnings

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/tlslib.c: more fixes

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am: automate the clang static check of code.

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: avoid deinitializing garbage

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main-user.c: corrected null pointer deferences

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/tun.c: corrected dead assignments

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: doc update

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.c, src/cookies.h, src/main-auth.c, src/main-misc.c,
	src/main.h: better function names and parameter order

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: print proper message when changing password in PAM.

2013-07-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: Allow session resumption database access, and
	allow more graceful cleanup on authentication failure.

2013-07-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pcl/pcl_config.h: Do not need the multi-threaded version of
	PCL.

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main.h, src/tun.c, src/tun.h, src/vpn.h: 
	leases belong to users as well. That way IPs are properly re-used.

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: cookie-db no longer exists.

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/plain.c: Corrected plain passwd authentication to read group
	name when needed.

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/plain.c: properly initialize group name in plain passwd.

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/worker-auth.c, src/worker-vpn.c,
	src/worker.h: allow cookie-only authentication (fixes previously
	introduced bug)

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: disallow mixing multiple username/password
	authentication methods

2013-07-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/cookies-gdbm.c,
	src/cookies-hash.c, src/cookies.c, src/cookies.h, src/ipc.h,
	src/log.c, src/main-auth.c, src/main-misc.c, src/main.c,
	src/main.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tun.c, src/tun.h, src/vpn.h: Cookies are no
	longer persistent

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: document way to force PFS

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, INSTALL, build-aux/ar-lib, build-aux/compile,
	build-aux/depcomp, build-aux/install-sh, build-aux/missing: updated
	auto-generated scripts.

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: enable ability to change password with PAM

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: removed debugging info

2013-06-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, config.h.in, configure.ac, src/Makefile.am,
	src/pcl/Makefile.am, src/pcl/pcl.c, src/pcl/pcl.h,
	src/pcl/pcl_config.h, src/pcl/pcl_private.c, src/pcl/pcl_private.h,
	src/pcl/pcl_version.c: Allow compilation without the PCL library

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ipc.h, src/main-auth.c, src/main-auth.h, src/main.h,
	src/pam.c, src/plain.c, src/worker-auth.c: small fixes to avoid
	relying on properly null-terminated strings.

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.h: described authentication process.

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: removed debugging message

2013-06-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* INSTALL, build-aux/ar-lib, build-aux/compile, build-aux/depcomp,
	build-aux/install-sh, build-aux/missing, doc/sample.config: 
	autogen'ed files update

2013-06-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/Makefile.am, src/ipc.h, src/main-auth.c,
	src/main-auth.h, src/main-misc.c, src/main.c, src/main.h,
	src/pam.c, src/pam.h, src/plain.c, src/plain.h, src/vpn.h,
	src/worker-auth.c, src/worker-vpn.c, src/worker.h: Advanced auth
	implemented

2013-06-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: Revert "Use the new type of XML" This reverts commit 2163836ad8d3ff5974a69373cfac2d7c2463f2e4.

2013-06-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: Revert "simplified opaque handling" This reverts commit 0af9c45e8c0bca97673f80f63ac73b77f8a23a13.

2013-06-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: simplified opaque handling

2013-06-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: Use the new type of XML

2013-06-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/pam.c, src/pam.h: set PAM_RHOST variable
	using the clients's IP.

2013-06-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* INSTALL, NEWS, build-aux/ar-lib, build-aux/compile,
	build-aux/depcomp, build-aux/install-sh, build-aux/missing,
	configure.ac: bumped version

2013-06-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/worker-vpn.c: ensure that the actual reads on DTLS are
	at maximum MTU-1.

2013-06-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: bumped version

2013-06-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/tlslib.c, src/tlslib.h, src/worker-vpn.c: corrected
	values returned in X-CSTP-MTU and X-DTLS-MTU

2013-06-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/vpn.h, src/worker-extras.c,
	src/worker-vpn.c, src/worker.h: Removed ability to send binary
	files.

2013-06-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: use X-SALSA20 to avoid any future conflicts

2013-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-extras.c: keep the connection alive

2013-06-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-extras.c: do not try to send binaries if no path is
	setup

2013-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def, src/worker-extras.c, src/worker-vpn.c,
	src/worker.h: reorganized compatibility layer

2013-05-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/Makefile.am, src/config.c,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/vpn.h, src/worker-extras.c, src/worker-vpn.c, src/worker.h: 
	Allow downloading raw files from 1/binaries

2013-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c: use gnutls_privkey_sign_hash() when available.

2013-05-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: Check X-CSTP-Address-Type and
	don't send addresses that were not requested.

2013-05-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-privs.c: Added gettimeofday in the list of syscalls

2013-05-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-05-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: doc update

2013-05-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-privs.c: updated seccomp code

2013-05-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: more verbose printing of signal deaths

2013-05-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: simplified seccomp check

2013-05-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/str.c, src/worker-vpn.c: use strtok() to parse client provided
	string.

2013-05-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: require gnutls 3.2.1 to enable salsa20

2013-05-21  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/m4/libopts.m4: relax check on requirement on headers for
	libopts.

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/gettime.h: Added missing file

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in: updated header

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* LICENSE: updated license information

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, configure.ac, src/main-user.c: emulate gettime

2013-05-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/c-ctype.c, gl/c-ctype.h, gl/cloexec.c,
	gl/cloexec.h, gl/close.c, gl/dup2.c, gl/errno.in.h, gl/fcntl.c,
	gl/fcntl.in.h, gl/fd-hook.c, gl/fd-hook.h, gl/fseek.c, gl/fseeko.c,
	gl/fstat.c, gl/getdelim.c, gl/getdtablesize.c, gl/getline.c,
	gl/getpass.c, gl/getpass.h, gl/gettime.c, gl/gettimeofday.c,
	gl/lseek.c, gl/m4/clock_time.m4, gl/m4/extensions.m4,
	gl/m4/extern-inline.m4, gl/m4/gettime.m4, gl/m4/gettimeofday.m4,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/sys_socket_h.m4,
	gl/m4/sys_time_h.m4, gl/m4/timespec.m4, gl/malloc.c, gl/memchr.c,
	gl/memmem.c, gl/minmax.h, gl/msvc-inval.c, gl/msvc-inval.h,
	gl/msvc-nothrow.c, gl/msvc-nothrow.h, gl/realloc.c,
	gl/stdbool.in.h, gl/stddef.in.h, gl/stdint.in.h, gl/stdio-impl.h,
	gl/stdio.in.h, gl/stdlib.in.h, gl/str-two-way.h, gl/strdup.c,
	gl/string.in.h, gl/sys_stat.in.h, gl/sys_time.in.h,
	gl/sys_types.in.h, gl/time.in.h, gl/timespec.c, gl/timespec.h,
	gl/unistd.in.h: updated gnulib

2013-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: doc fix

2013-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: do not restrict worker's memory

2013-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: estream ciphersuite was given priority

2013-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: increased priority

2013-05-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: print DTLS ciphersuite

2013-05-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, TODO: doc update

2013-05-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/str.c, src/str.h: added missing files.

2013-05-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/m4/libopts.m4: configure proceeds if regex library isn't
	found

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: corrected cipher names

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: Allow for a ciphersuite
	negotiation

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: small fixes

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/main.h, src/worker-vpn.c, src/worker.h: 
	reorganized HTTP header reading.

2013-05-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: corrected typo

2013-05-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented fix

2013-05-16  Faidon Liambotis <paravoid@debian.org>

	* src/worker-privs.c, src/worker-vpn.c: Make seccomp failures
	non-fatal & lower log prio Building a binary with --enable-seccomp and then running it on a <
	3.5 kernel, results in seccomp_load() failing and ocserv's worker
	process aborting. This might be okay-ish for users who ./configure
	&& make install on their own systems but it's obviously non-ideal
	for e.g.  distributions that need to distribute binaries.  Unfortunately there doesn't seem to be a good way (that I could
	find) to check if the running kernel has seccomp -- uname/uts isn't
	a good solution as Ubuntu has backported it to 3.2, custom kernels
	might have CONFIG_SECCOMP=n etc.  So, this makes a tradeoff call and removes the exit_worker() call on
	seccomp failures, lowers the seccomp error logs to LOG_DEBUG from
	LOG_WARNING and the "could not disable system calls" to LOG_INFO
	from LOG_ERR.  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-05-16  Faidon Liambotis <paravoid@debian.org>

	* src/worker-privs.c: Workaround libseccomp bug & fix error handling libseccomp has a bug where -EDOM is returned when seccomp_rule_add
	is called for pseudo system calls (i.e. < -99). This was triggered
	by adding the send() system call on my x86_64 machine. The bug seems
	to have been recently (May 7th, 2013) reported and fixed on
	libseccomp upstream but it will take a while to find its way to a
	release and distributions.  Additionally, there was a bug on how libseccomp calls were error
	handled: libseccomp functions don't actually set errno, but set
	errno values in their return value instead. This resulted in the
	seccomp_rule_add call above to print "could not add send to seccomp
	filter: Success".  Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-05-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: fixed length checks

2013-05-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: check for children cleanup prior to checking for
	termination.  That allows to quickly terminate after the secmod death is detected.

2013-05-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: updated example

2013-05-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/http-parser/http_parser.c: use gnulib's ctype

2013-05-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released

2013-05-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* libopts/m4/libopts.m4: do not check for a working libregex if it
	is disabled

2013-05-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac: bumped version

2013-05-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: check for setproctitle

2013-05-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/c-ctype.c, gl/c-ctype.h: added missing files

2013-05-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* : design update

2013-05-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h, src/worker-vpn.c: 
	Added X-CSTP-Default-Domain option.

2013-05-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/die.c, src/die.h, src/main-misc.c,
	src/main-resume.c, src/main-user.c, src/main.c, src/sec-mod.c,
	src/system.c, src/system.h, src/worker-vpn.c: Use sigaction() to
	have a consistent behavior across systems for signals.

2013-04-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated TODO

2013-04-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, configure.ac, doc/profile.xml, doc/sample.config,
	gl/Makefile.am, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/sys_time.in.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tlslib.c, src/worker-auth.c,
	src/worker-vpn.c: Updates for cisco's client.

2013-04-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: corrected bug in anyconnect compat

2013-04-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-04-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/icmp-ping.c: verify the ICMP IDs prior to checking response.

2013-04-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/icmp-ping.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h: Added config file
	option ping-leases.

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocpasswd.c: corrected bug which prevented ocpasswd adding more
	than a single user.

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/ocpasswd-args.c, src/ocpasswd-args.def,
	src/ocpasswd-args.h: updated ocpasswd doc

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: make ocpasswd manpage

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocpasswd-args.c, src/ocpasswd-args.def, src/ocpasswd-args.h,
	src/ocpasswd.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: Updated autogen generated files, and added more
	options to ocpasswd.  ocpasswd now accepts the --lock and --unlock options and accepts the
	username as the last argument.

2013-04-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, libopts/COPYING.gplv3, libopts/COPYING.lgplv3,
	libopts/Makefile.am, libopts/README, libopts/ag-char-map.h,
	libopts/alias.c, libopts/ao-strs.c, libopts/ao-strs.h,
	libopts/autoopts.c, libopts/autoopts.h, libopts/autoopts/options.h,
	libopts/autoopts/project.h, libopts/autoopts/usage-txt.h,
	libopts/boolean.c, libopts/check.c, libopts/compat/compat.h,
	libopts/compat/pathfind.c, libopts/compat/snprintf.c,
	libopts/compat/strchr.c, libopts/compat/strdup.c,
	libopts/compat/windows-config.h, libopts/configfile.c,
	libopts/cook.c, libopts/enum.c, libopts/env.c, libopts/file.c,
	libopts/find.c, libopts/genshell.c, libopts/genshell.h,
	libopts/gettext.h, libopts/init.c, libopts/libopts.c,
	libopts/load.c, libopts/m4/libopts.m4, libopts/m4/liboptschk.m4,
	libopts/makeshell.c, libopts/nested.c, libopts/numeric.c,
	libopts/option-value-type.c, libopts/option-value-type.h,
	libopts/option-xat-attribute.c, libopts/option-xat-attribute.h,
	libopts/parse-duration.c, libopts/parse-duration.h,
	libopts/pgusage.c, libopts/proto.h, libopts/putshell.c,
	libopts/reset.c, libopts/restore.c, libopts/save.c, libopts/sort.c,
	libopts/stack.c, libopts/streqvcmp.c, libopts/text_mmap.c,
	libopts/time.c, libopts/tokenize.c, libopts/usage.c,
	libopts/version.c: updated libopts

2013-04-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, config.h.in, configure.ac, src/Makefile.am,
	src/icmp-ping.c, src/icmp-ping.h, src/log.c, src/tun.c, src/vpn.h: 
	Prior to leasing an IPv4 ping it to check if it is already in use.

2013-04-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tun.c: read device name in FreeBSD

2013-04-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/Makefile.am, src/cookies-gdbm.c, src/cookies.c,
	src/die.c, src/die.h, src/main-misc.c, src/main-user.c, src/main.c,
	src/pam.c, src/setproctitle.c, src/setproctitle.h, src/tun.c,
	src/vpn.h: several updates to allow compilation on FreeBSD

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: updated
	doc

2013-04-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* LICENSE, Makefile.am: Added license file

2013-03-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c, src/tlslib.h, src/worker-vpn.c: removed session
	ticket support

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README, TODO: doc update

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker.h: removed unused variable

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/worker-vpn.c, src/worker.h: MTU discovery simplified

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: MTU handling updates

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main.c: clear any lists prior to running sec
	mod

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: Revert "run sec mod earlier to save memory" This reverts commit a8152e8c59fb7007b9dee5718bcb46f55b3d0e68.

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: when debugging do not set memory limits

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: run sec mod earlier to save memory

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: deinitialize memory taken by configuration parser.

2013-03-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: disable dh-params by default

2013-03-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-03-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: 
	doc update

2013-03-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: added dh-params option into sample file

2013-03-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: make clear that anyconnect compat layer is
	experimental

2013-03-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/main-resume.c, src/sec-mod.c, src/tlslib.c: 
	depend on gnutls 3.1.10

2013-03-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: updated
	doc

2013-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: use quotes when printing password file

2013-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: cookies are overwritten prior to fork

2013-03-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: Added anyconnect options to sample config

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: updated

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: readjusted log levels

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: reduce MTU on mtu failure in a less steep way

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: changed level of messages

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/ocserv-args.c, src/ocserv-args.h: consider
	chroot environment when creating socket file.

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def, src/sec-mod.c: simplified umask

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main.c, src/sec-mod.c, src/sec-mod.h,
	src/tlslib.c: updates in unix socket creation

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: added missing file

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c: use pkcs11_reinit() only when defined.

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: adjust buffer size if needed.

2013-03-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: consider TCP MSS in MTU
	calculations.

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: set certain limits on the worker process using
	setrlimit()

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c, src/plain.c: Added copyright headers

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ccan/list/list.c, src/http-parser/http_parser.c: include
	config.h in all files

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c: reinitialize PKCS #11 modules after fork

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sec-mod.c, src/tlslib.c: combine writes to a single system
	call.

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-privs.c: updated syscall list in seccomp

2013-03-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS, TODO, configure.ac, doc/Makefile.am,
	doc/sample.config, doc/sample.passwd, src/Makefile.am,
	src/common.c, src/common.h, src/config.c, src/main-misc.c,
	src/main.c, src/main.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sec-mod.c, src/sec-mod.h, src/tlslib.c,
	src/tlslib.h, src/vpn.h, src/worker-tun.c, src/worker-vpn.c: The TLS
	private keys are kept into a privileged process.  That process is called security-module (sec-mod) and communicates
	with the workers using a unix domain socket.

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: Always send the provided password to PAM irrespective
	of the prompt.

2013-03-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, NEWS, TODO, config.h.in, configure.ac,
	gl/Makefile.am, gl/fseek.c, gl/fseeko.c, gl/fstat.c, gl/getpass.c,
	gl/getpass.h, gl/lseek.c, gl/m4/fseek.m4, gl/m4/fseeko.m4,
	gl/m4/fstat.m4, gl/m4/getpass.m4, gl/m4/gnulib-cache.m4,
	gl/m4/gnulib-comp.m4, gl/m4/largefile.m4, gl/m4/lseek.m4,
	gl/m4/minmax.m4, gl/m4/strdup.m4, gl/m4/sys_stat_h.m4,
	gl/m4/sys_types_h.m4, gl/malloc.c, gl/minmax.h, gl/stdio-impl.h,
	gl/strdup.c, gl/sys_stat.in.h, gl/unistd.in.h, src/Makefile.am,
	src/ocpasswd-args.c, src/ocpasswd-args.def, src/ocpasswd-args.h,
	src/ocpasswd.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/plain.c, src/vpn.h: crypt(3) is used in the
	plain password file.  In addition, ocpasswd program was added to generate password file
	entries.

2013-03-14  Nikos Mavrogiannopoulos <nikos@esat.kuleuven.be>

	* src/Makefile.am, src/ocpasswd.c, src/plain.c: Added ocpasswd

2013-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/sample.config, doc/scripts/ocserv-down,
	doc/scripts/ocserv-script, doc/scripts/ocserv-up: Updated sample
	script.

2013-03-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/log.c, src/main-auth.c, src/main-misc.c,
	src/main-user.c, src/main.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/script-list.h,
	src/tun.c, src/worker-auth.c: Do not let scripts block the server
	operation.

2013-03-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, build-aux/snippet/_Noreturn.h, config.h.in,
	doc/sample.config, gl/Makefile.am, gl/errno.in.h, gl/getdelim.c,
	gl/getline.c, gl/m4/errno_h.m4, gl/m4/extensions.m4,
	gl/m4/extern-inline.m4, gl/m4/getdelim.m4, gl/m4/getline.m4,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, gl/m4/malloc.m4,
	gl/m4/realloc.m4, gl/m4/stdio_h.m4, gl/m4/stdlib_h.m4,
	gl/realloc.c, gl/stdio.in.h, gl/stdlib.in.h, gl/unistd.in.h,
	src/Makefile.am, src/config.c, src/main-auth.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/plain.c, src/plain.h,
	src/vpn.h: Added plain password format

2013-03-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: small doc updates

2013-03-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/tlslib.c, src/tlslib.h, src/worker-vpn.c: enable session
	tickets.

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: manual page moved to section 8

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/config.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tlslib.c, src/vpn.h: Added ability to specify
	multiple certificate and key pairs.

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tlslib.c, src/tlslib.h, src/vpn.h: Allow
	setting DH parameters.

2013-03-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: check the server certificate prior to initialization

2013-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: Added sanity check on certificate and key reading.

2013-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: Exit when mandatory configuration options are not
	present

2013-03-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: rate-limit-ms is no longer mandatory to set

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: updated
	doc

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: released 0.0.2

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: updated text

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: seccomp is disabled by default

2013-03-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/tlslib.c, src/vpn.h: Allow setting OCSP
	responses.

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-tun.c: corrected advertized address

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: small optimizations

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c, src/worker.h: unified POST
	handlers, and auto-detect xml content

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: corrected check for banned entries

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: Eliminated memory leaks on lists.

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, doc/sample.config, src/config.c, src/main-auth.c,
	src/main-misc.c, src/main.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h: Allow setting a
	reconnection delay time after a failed authentication attempt (added
	min-reauth-time option).

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: Allow longer sleeps than a second.

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* : corrected typo

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/config.c, src/main.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h: Allow setting a
	rate limit on the number of connections.

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: updated doc

2013-03-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: do not link against 3.1.7 or 8 version of gnutls.

2013-03-02  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h,
	src/worker-auth.c, src/worker-vpn.c: Anyconnect client compatibility
	is optional.

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: simplified certificate request and require setting.

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/worker-tun.c: fix the 'local' keyword in DNS server
	settings.

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: doc update

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: corrected cert require rule

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/tlslib.c, src/vpn.h,
	src/worker-auth.c, src/worker.h: Added option to allow sending a
	cookie without the corresponding certificate.  This option is required for the cisco clients, that do not always
	use the client certificate. When this option is set to false it
	means that the cookie itself is sufficient for authentication. This
	is bad practice of smart cards are in use.

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: use chdir prior to chroot.

2013-03-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/profile.xml, doc/sample.config,
	src/Makefile.am, src/config.c, src/main.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/tlslib.c, src/tlslib.h,
	src/vpn.h, src/worker-auth.c, src/worker-vpn.c: Several updates to
	handle URLs requested by the cisco client.

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c, src/worker.h: Send correct
	replies.

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: Added title into success message

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: always set max-age

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/vpn.h, src/worker-auth.c: include banner in the
	XML success message.

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am: ocserv.1 built is optional

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: more verbose in client methods

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: bumped version

2013-02-26  Jason Cooper <jason@lakedaemon.net>

	* configure.ac, doc/Makefile.am, src/Makefile.am: warn if autogen
	isn't installed Signed-off-by: Jason Cooper <jason@lakedaemon.net>

2013-02-27  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/vpn.h, src/worker-vpn.c: Banner was made
	configurable.

2013-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-resume.c: log message updates

2013-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Added timeout to handshake().

2013-02-26  Jason Cooper <jason@lakedaemon.net>

	* .gitignore, doc/ocserv.1: doc/ocserv.1 is generated, don't track
	it Signed-off-by: Jason Cooper <jason@lakedaemon.net>

2013-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: doc update

2013-02-26  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: message updates

2013-02-26  Jason Cooper <jason@lakedaemon.net>

	* .gitignore, Makefile.am, configure.ac: add cscope/ctags make
	targets Newcomers to the code often use these tools to learn their way
	around.  Integrate them into the build so that we don't accidentally
	track their files.  Signed-off-by: Jason Cooper <jason@lakedaemon.net> Signed-off-by:
	Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-02-26  Jason Cooper <jason@lakedaemon.net>

	* src/main.c: main: check return of daemon() Signed-off-by: Jason Cooper <jason@lakedaemon.net> Signed-off-by:
	Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: remove Werror from automake flags

2013-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS, src/main.c: updated

2013-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* autogen.sh: Added autogen file.

2013-02-25  Jason Cooper <jason@lakedaemon.net>

	* .gitignore, aclocal.m4: don't track aclocal.m4, it's a generated
	file Signed-off-by: Jason Cooper <jason@lakedaemon.net> Signed-off-by:
	Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-02-25  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/Makefile.am, src/main.c: Added
	support for TCP wrappers (libwrap)

2013-02-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Added some more CSTP headers

2013-02-24  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h, src/worker-vpn.c: 
	Allow setting NBNS.

2013-02-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: documented update

2013-02-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: updated installation instructions

2013-02-23  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: depend on automake 1.11.3

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c, src/worker.h: more complete
	http body handling

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: better initialization of req.

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* aclocal.m4, build-aux/ar-lib, configure.ac: Added AM_PROG_AR to
	keep automake-1.12 happy. Reported by David Woodhouse.

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Corrected issue with openconnect <= 4.00.
	Reported by Mike Miller.

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: Fix out-of-source tree build. Patch by Mike
	Miller.

2013-02-22  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO, doc/ocserv.1, doc/sample.config, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h: doc update

2013-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: small update

2013-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: small update

2013-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: updated manual

2013-02-20  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* NEWS: added news

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: updates in DPD handling When have not received DPD for long try sending instead of
	immediately failing.  Also treat any received message as DPD to
	prevent kicking an active client.

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: DPD_TRIES was defined and increased to 5 from 3

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: small optimizations

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/sample.config: updated sample config

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* AUTHORS: updated

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: print the DPD time.

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/main.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/worker-misc.c: when receive a new UDP
	session, forward the fd and replace the old.

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/tlslib.c: simplified TLS file load and reload.

2013-02-19  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c, src/tlslib.h: Load PINs early.

2013-02-18  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/config.c, src/main.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/tlslib.c, src/vpn.h: 
	Added configuration options for PIN files.

2013-02-17  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c, src/worker.h: print debugging
	information on the received HTTP headers

2013-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: doc update

2013-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h, src/worker-vpn.c: 
	mtu discovery via DPD is optional

2013-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, configure.ac, doc/ocserv.1, src/Makefile.am,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/version.def.in: Added version.def.in

2013-02-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: doc update

2013-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: updated
	bug report address

2013-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: doc
	update

2013-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-gdbm.c, src/cookies-hash.c, src/main-auth.c: when
	restoring a cookie connection, extend the lifetime of the cookie.

2013-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO, doc/sample.config, src/tlslib.c, src/worker-vpn.c,
	src/worker.h: Added some kind of path MTU discovery using DPD.

2013-02-15  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c: simplified messages

2013-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-hash.c, src/main-resume.c: better log messages

2013-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-hash.c, src/main-resume.c, src/tlslib.h: Enable
	maintainance when maximum TLS sessions have been reached. Set more
	sane defaults for max sessions.

2013-02-14  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-hash.c, src/main.c, src/main.h: When the cookie DB is
	full enforce maintainance.

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/tun.c: simplified (and corrected) TUN device
	creation and re-use

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: postpone usage of cork and uncork

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: corrected typo

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: simplified main loop

2013-02-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-hash.c: reduced the default hash table size.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-privs.c: Added missing ioctl().

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/pam.c: Allow NULL PAM auth token. This would allow to have
	password authentication on certain users that have a certificate.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/ocserv.1, doc/scripts/ocserv-down,
	doc/scripts/ocserv-up, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h: Added example scripts and updated documentation.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/Makefile.am, doc/sample.config: Added missing files

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/main-auth.c, src/main-user.c,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h: Simplify
	script calling by using the environment

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: quit if no TCP port is available.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main.c, src/main.h, src/tlslib.c: write the
	correct PID in pid file

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* doc/ocserv.1, src/config.c, src/cookies.h, src/ipc.h,
	src/main-auth.c, src/main-misc.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/pam.c, src/pam.h,
	src/vpn.h, src/worker-auth.c: Use PAM account management and added
	support for user groups.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, README, configure.ac, src/config.c, src/log.c,
	src/main.c, src/main.h, src/tlslib.c, src/tlslib.h, src/vpn.h,
	src/worker-tun.c, src/worker-vpn.c: HUP signal reloads configuration

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config: Updated documentation

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: use common function to exit

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/log.c, src/tun.h, src/worker-auth.c, src/worker-tun.c,
	src/worker-vpn.c: small updates

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/Makefile.am, src/worker-privs.c,
	src/worker-vpn.c, src/worker.h: Added support for seccomp (untested)

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main.c, src/main.h, src/worker-misc.c: 
	connect occurs before sending the fd to worker.

2013-02-12  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-user.c: set time to entry only when writing the WTMP file

2013-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: corrected definition

2013-02-11  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c, src/worker-vpn.c: DTLS-Rekey time is set to be
	the 2/3 of cookie validity

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-gdbm.c, src/main.c: fork moved to gdbm backend
	expiration

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: more files to ignore

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* build-aux/config.rpath: added missing file

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: better set socket options

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-user.c: Write wtmp file if possible.

2013-02-10  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-hash.c, src/main-misc.c, src/main.c: increased cookie
	hash table size and better cleanup resources on errors

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-gdbm.c, src/cookies-hash.c, src/cookies.c,
	src/cookies.h, src/main.c, src/sample.config: erase cookie data
	before forking to unprivileged process.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: when expiring stuff, do it on the main process unless
	we use gdbm.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main-auth.c, src/main-misc.c, src/main.h,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/sample.config, src/vpn.h: enforce maximum number of same clients

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c: Set a default config file.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config: Added PID file

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-misc.c, src/main-resume.c, src/ocserv-args.c,
	src/ocserv-args.h, src/worker-misc.c, src/worker-vpn.c,
	src/worker.h: small reorganization

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.def: Added OID examples

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: ignore certificate in DTLS session

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: more explicit debug messages.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: do not require certificate on DTLS session

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/log.c, src/main.c: simplified logging in debug mode

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile.am, aclocal.m4, config.h.in, configure.ac,
	m4/lib-link.m4, src/config.c, src/log.c, src/main-auth.c,
	src/main-user.c, src/main.c, src/pam.c, src/tlslib.c, src/tun.c: 
	Several changes to compile on old linux kernels, and in constrained
	libgnutls libraries

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: kick out the peer if non DPD
	packets are received for 3x the DPD time

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: Ignore non-fatal DTLS errors.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/setproctitle.c, src/setproctitle.h: Use a compatible with
	BSD's setproctitle.

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: changes in debugging messages

2013-02-09  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c, src/worker.h: Added wait_fd state in UDP channel

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/setproctitle.c, src/setproctitle.h: used a more
	sane setproctitle

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/main.c, src/setproctitle.c,
	src/setproctitle.h: set process title

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* COPYING: added license

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/ipc.h, src/main-auth.c, src/main-misc.c,
	src/main.h, src/worker-auth.c, src/worker-misc.c, src/worker-tun.c,
	src/worker-vpn.c, src/worker.h: MTU is now set via the main server

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config, src/vpn.h, src/worker-vpn.c: 
	Added configurable DPD

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/worker-vpn.c: explicitly close the logging
	subsystem

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/worker-tun.c, src/worker-vpn.c, src/worker.h: 
	separated tun handling code from main worker code.

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: correctly send termination signal to peer

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/worker-vpn.c: added a more graceful termination of
	workers.

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies-gdbm.c, src/cookies-hash.c, src/cookies.h,
	src/main-auth.c, src/main.c, src/main.h, src/worker-vpn.c: several
	updates in cookies, and tun handling.

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c: fixes for newer gnutls

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: set tun device MTU based on minimum MTU of DTLS
	and TLS.

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/sample.config: sample config uses cookie DB

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/ocserv-args.c, src/ocserv-args.h, src/tlslib.c, src/tlslib.h,
	src/worker-auth.c, src/worker-vpn.c: use gnutls cork() and uncork()
	when available

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/main.h, src/ocserv-args.def, src/sample.config,
	src/tlslib.c, src/tlslib.h, src/vpn.h, src/worker.h: cleaned up TLS
	code which was moved to tlslib

2013-02-08  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: mtu cleanups

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/Makefile.am, src/config.c,
	src/cookies-gdbm.c, src/cookies-hash.c, src/cookies.c,
	src/cookies.h, src/main.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/sample.config,
	src/vpn.h: gdbm was re-added and made optional.

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README, src/sample.config: updated readme

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* : updated

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/vpn.h, src/worker-vpn.c, src/worker.h: Honour client's MTU
	choice.

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: removed warning

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* : Added a description of the server

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO, src/config.c, src/ipc.h, src/log.c, src/main-auth.c,
	src/main-resume.c, src/main.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/sample.config,
	src/tun.c, src/tun.h, src/vpn.h, src/worker-auth.c,
	src/worker-vpn.c, src/worker.h: Use a single UDP port in the server.  Several modifications to use a single UDP port in the server. This
	is currently done using a hack, i.e., pass the UDP socket to worker,
	close it on the main server and then re-open it (using REUSEADDR).  Also several updates in TUN handling to allow more than one clients
	connecting.

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-user.c: removed unneeded warning

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/config.c, src/cookies.c,
	src/cookies.h, src/main-auth.c, src/main.c, src/main.h,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/sample.config, src/tlslib.c, src/tlslib.h, src/vpn.h: dropped
	dependency on gdbm. Cookies are stored in a hash.

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-07  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-user.c: corrected issue in utmp

2013-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: removed uneeded text

2013-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/main-auth.c,
	src/main-script.c, src/main-user.c, src/main.c, src/main.h,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/sample.config, src/vpn.h: Added explicit logging to UTMP file.

2013-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, gl/Makefile.am, gl/hash-pjw-bare.c,
	gl/hash-pjw-bare.h, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	src/Makefile.am, src/ccan/build_assert/build_assert.h,
	src/ccan/check_type/check_type.h,
	src/ccan/container_of/container_of.h, src/ccan/hash/hash.c,
	src/ccan/hash/hash.h, src/ccan/htable/htable.c,
	src/ccan/htable/htable.h, src/ccan/htable/htable_type.h,
	src/ccan/licenses/BSD-MIT, src/ccan/licenses/CC0,
	src/ccan/licenses/LGPL-2.1, src/ccan/list/list.c,
	src/ccan/list/list.h, src/hash.h, src/hashtable.h, src/list.h,
	src/main-auth.c, src/main-resume.c, src/main-script.c, src/main.c,
	src/main.h, src/tlslib.c, src/tlslib.h, src/tun.c, src/tun.h: Use
	CCAN hashes and lists.

2013-02-06  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: added fixme

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/log.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/vpn.h, src/worker-auth.c, src/worker-vpn.c: 
	corrected DTLS packet handling.

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.h, src/log.c, src/main.c, src/main.h, src/tlslib.h,
	src/vpn.h, src/worker-resume.c, src/worker.h: reorganized headers

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.h, src/ipc.h, src/main-auth.c, src/main-script.c,
	src/main.h, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config, src/worker-auth.c: store
	hostname of the user, and pass it to scripts.

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: reply to the correct interface

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config, src/vpn.h, src/worker-vpn.c: 
	changes to enable VPN functionality.

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: be less verbose about children dying

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/main-script.c, src/main.h: call connect
	script with explicit lease

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/vpn.h, src/worker-vpn.c: Send X-CSTP-Version and read
	hostname.

2013-02-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/tlslib.c, src/tlslib.h, src/tun.h: deinitialize
	the TLS cache prior to fork

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac: depend on the correct gnutls version

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: added missing files

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.c, src/cookies.h, src/ipc.h, src/main.c: simplified
	call to expire cookies

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, TODO, aclocal.m4, config.h.in: updated

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: Check for root permissions after parsing command line

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-script.c, src/main.c, src/tun.c: use close-on-exec flag
	on fds

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/Makefile.am, gl/cloexec.c, gl/cloexec.h, gl/close.c,
	gl/dup2.c, gl/fcntl.c, gl/fcntl.in.h, gl/fd-hook.c, gl/fd-hook.h,
	gl/getdtablesize.c, gl/m4/close.m4, gl/m4/dup2.m4,
	gl/m4/fcntl-o.m4, gl/m4/fcntl.m4, gl/m4/fcntl_h.m4,
	gl/m4/getdtablesize.m4, gl/m4/gnulib-cache.m4,
	gl/m4/gnulib-comp.m4, gl/m4/msvc-inval.m4, gl/m4/msvc-nothrow.m4,
	gl/m4/off_t.m4, gl/m4/ssize_t.m4, gl/m4/stdbool.m4,
	gl/m4/sys_types_h.m4, gl/m4/unistd_h.m4, gl/msvc-inval.c,
	gl/msvc-inval.h, gl/msvc-nothrow.c, gl/msvc-nothrow.h,
	gl/stdbool.in.h, gl/sys_types.in.h, gl/unistd.c, gl/unistd.in.h: 
	added cloexec module

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-script.c, src/main.c, src/main.h: clear all fds and mem
	prior to exec

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/main-auth.c,
	src/main-script.c, src/main.c, src/main.h, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/sample.config,
	src/vpn.h: Added connect and disconnect scripts

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-vpn.c: handle disconnections

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: print the pid of dying processes

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-resume.c: removed debugging info

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-resume.c, src/main.c, src/main.h, src/sample.config,
	src/tlslib.c, src/tlslib.h, src/worker-vpn.c: Added automatic TLS
	session expiration.

2013-02-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main-auth.c, src/main-resume.c, src/worker-resume.c: reduce
	the number of data exchanged during a resumption.

2013-02-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: Added missing file

2013-02-03  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, gl/Makefile.am, gl/hash-pjw-bare.c,
	gl/hash-pjw-bare.h, gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4,
	gl/stdint.in.h, gl/sys_time.in.h, src/Makefile.am, src/hash.h,
	src/hashtable.h, src/ipc.h, src/list.h, src/main-auth.c,
	src/main-resume.c, src/main.c, src/main.h, src/tlslib.c,
	src/tlslib.h, src/vpn.h, src/worker-auth.c, src/worker-auth.h,
	src/worker-resume.c, src/worker-vpn.c, src/worker.h: Added session
	resumption to TLS server.

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore: updated

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in: updated config.h.in

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.c: use the full certificate DN if no username is
	set

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tlslib.c, src/vpn.h, src/worker-vpn.c: Added some primitive
	mtu handling

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* gl/gettime.c, gl/gettimeofday.c, gl/m4/clock_time.m4,
	gl/m4/extern-inline.m4, gl/m4/gettime.m4, gl/m4/gettimeofday.m4,
	gl/m4/sys_socket_h.m4, gl/m4/sys_time_h.m4, gl/m4/time_h.m4,
	gl/m4/timespec.m4, gl/sys_time.in.h, gl/time.in.h, gl/timespec.c,
	gl/timespec.h: Added missing files

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/cookies.c, src/vpn.h: better name for db_file

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: updated

2013-02-01  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.h, src/main-auth.c, src/vpn.h, src/worker-auth.c,
	src/worker-auth.h: master secret doesn't need to be generated by the
	server

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/main.c, src/sample.config, src/vpn.h: set a
	maximum number of clients

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/config.c, src/sample.config: set a default priority string if
	not set.

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* README: updated

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO, src/worker-vpn.c: cleanups

2013-01-31  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO, aclocal.m4, gl/Makefile.am, gl/dummy.c,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-comp.m4, src/config.c,
	src/cookies.h, src/main-auth.c, src/main.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/sample.config,
	src/vpn.h, src/worker-auth.c, src/worker-auth.h, src/worker-vpn.c: 
	Fixed UDP side.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/worker-vpn.c: Allow a graceful shutdown.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/worker-auth.h, src/worker-vpn.c: Allow worker to received
	asynchronous commands from main.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/sample.config: chroot worker process

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am: added missing file

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* TODO: Added todo

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* config.h.in, configure.ac, src/Makefile.am, src/main-auth.c,
	src/pam.c, src/pam.h: Added PAM authentication.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/cookies.c, src/cookies.h,
	src/log.c, src/main-auth.c, src/main.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/sample.config,
	src/tun.c, src/vpn.h, src/worker-auth.c, src/worker-auth.h,
	src/worker-vpn.c: several updates and fixes in auth

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/cookies.h, src/http_auth.c,
	src/http_auth.h, src/main.c, src/tun.c, src/vpn.c, src/vpn.h,
	src/worker-auth.c, src/worker-vpn.c: better file structure

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: silence background operation

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: notify that root access is required

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: daemonize

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/ocserv-args.c, src/ocserv-args.def,
	src/ocserv-args.h, src/sample.config: small updates. Added sample
	configuration.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/log.c, src/main.c, src/vpn.c: Associate a gnutls session with
	the worker state ptr.

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/config.c, src/ocserv-args.c,
	src/ocserv-args.def, src/ocserv-args.h, src/vpn.h: Read
	configuration file

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/vpn.c: make local option work

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, build-aux/compile: Added compile

2013-01-30  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, Makefile.am, aclocal.m4, config.h.in, configure.ac,
	libopts/COPYING.gplv3, libopts/COPYING.lgplv3,
	libopts/COPYING.mbsd, libopts/MakeDefs.inc, libopts/Makefile.am,
	libopts/README, libopts/ag-char-map.h, libopts/alias.c,
	libopts/ao-strs.c, libopts/ao-strs.h, libopts/autoopts.c,
	libopts/autoopts.h, libopts/autoopts/options.h,
	libopts/autoopts/project.h, libopts/autoopts/usage-txt.h,
	libopts/boolean.c, libopts/check.c, libopts/compat/compat.h,
	libopts/compat/pathfind.c, libopts/compat/snprintf.c,
	libopts/compat/strchr.c, libopts/compat/strdup.c,
	libopts/compat/windows-config.h, libopts/configfile.c,
	libopts/cook.c, libopts/enum.c, libopts/env.c, libopts/file.c,
	libopts/find.c, libopts/genshell.c, libopts/genshell.h,
	libopts/libopts.c, libopts/load.c, libopts/m4/libopts.m4,
	libopts/m4/liboptschk.m4, libopts/makeshell.c, libopts/nested.c,
	libopts/numeric.c, libopts/parse-duration.c,
	libopts/parse-duration.h, libopts/pgusage.c, libopts/proto.h,
	libopts/putshell.c, libopts/reset.c, libopts/restore.c,
	libopts/save.c, libopts/sort.c, libopts/stack.c,
	libopts/streqvcmp.c, libopts/text_mmap.c, libopts/time.c,
	libopts/tokenize.c, libopts/usage.c, libopts/value-type.c,
	libopts/value-type.h, libopts/version.c, libopts/xat-attribute.c,
	libopts/xat-attribute.h, src/Makefile.am, src/config.c, src/main.c,
	src/ocserv-args.c, src/ocserv-args.def, src/ocserv-args.h,
	src/vpn.h: use autogen for command line options

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/http_auth.c, src/main.c, src/vpn.c, src/vpn.h: better notation

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/vpn.c: Allow a certain number of requests to the HTTP server

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.c, src/cookies.h, src/http_auth.c, src/http_auth.h,
	src/log.c, src/main.c, src/vpn.c, src/vpn.h: server_st -> worker_st

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/tun.c: bring up tun interface

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c: initialize memory

2013-01-29  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/http_auth.c, src/main.c, src/tun.c,
	src/tun.h, src/vpn.c, src/vpn.h: Provide client with normal leased
	IPs.

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/log.c, src/main.c, src/tun.c, src/tun.h, src/vpn.h: use const

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/vpn.c, src/vpn.h: main server keeps list of client
	IPs

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* main.c, src/http_auth.c, src/main.c, src/tun.c, src/tun.h,
	src/vpn.c, src/vpn.h: updated

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/main.c, src/tun.c, src/tun.h: separated tun
	code from main

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, build-aux/snippet/arg-nonnull.h,
	build-aux/snippet/c++defs.h, build-aux/snippet/warn-on-use.h: Added
	missing files

2013-01-28  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* configure.ac, src/Makefile.am, src/auth.c, src/auth.h,
	src/http_auth.c, src/http_auth.h, src/main.c, src/vpn.c, src/vpn.h: 
	updated server.

2013-01-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* main.c: Added missing file

2013-01-16  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* root/index.xml, root/login.xml, src/auth.c, src/auth.h, src/vpn.c: 
	Fixed connection issue with new openconnect client.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, src/main.c, src/vpn.c: small fixes

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/cookies.c, src/main.c, src/vpn.h: Allow dropping privileges

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/main.c, src/vpn.c: set configured addresses to tun device.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/auth.c, src/tlslib.h, src/vpn.c: tls_print -> tls_puts to
	distinguish from printf

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/auth.c, src/auth.h, src/main.c, src/vpn.c, src/vpn.h: 
	preliminary configuration for networks.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* src/Makefile.am, src/auth.c, src/common.h, src/cookies.c,
	src/log.c, src/main.c, src/tlslib.c, src/vpn.c, src/vpn.h: Added
	internal logging subsystem.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* .gitignore, AUTHORS, COPYING, ChangeLog, INSTALL, Makefile,
	Makefile.am, NEWS, README, aclocal.m4, build-aux/depcomp,
	build-aux/install-sh, build-aux/missing, config.h.in, configure.ac,
	gl/Makefile.am, gl/dummy.c, gl/m4/00gnulib.m4, gl/m4/extensions.m4,
	gl/m4/gnulib-cache.m4, gl/m4/gnulib-common.m4,
	gl/m4/gnulib-comp.m4, gl/m4/gnulib-tool.m4, gl/m4/include_next.m4,
	gl/m4/longlong.m4, gl/m4/memchr.m4, gl/m4/memmem.m4,
	gl/m4/mmap-anon.m4, gl/m4/multiarch.m4, gl/m4/stddef_h.m4,
	gl/m4/stdint.m4, gl/m4/string_h.m4, gl/m4/warn-on-use.m4,
	gl/m4/wchar_t.m4, gl/memchr.c, gl/memchr.valgrind, gl/memmem.c,
	gl/stddef.in.h, gl/stdint.in.h, gl/str-two-way.h, gl/string.in.h,
	src/Makefile.am, src/auth.c, src/cookies.c, src/main.c,
	src/tlslib.c, src/vpn.c: Added automake/autoconf system

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* auth.c, auth.h, common.h, cookies.c, cookies.h,
	http-parser/http_parser.c, http-parser/http_parser.h, list.h,
	main.c, src/auth.c, src/auth.h, src/common.h, src/cookies.c,
	src/cookies.h, src/http-parser/http_parser.c,
	src/http-parser/http_parser.h, src/list.h, src/main.c,
	src/tlslib.c, src/tlslib.h, src/vpn.c, src/vpn.h, tlslib.c,
	tlslib.h, vpn.c, vpn.h: Moved sources

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* vpn.c, vpn.h: better handling of headers.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* auth.c, cookies.h, main.c, vpn.h: extract username from
	certificate.

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* vpn.c: removed unused code

2013-01-13  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile, auth.c, auth.h, common.h, cookies.c, cookies.h,
	http-parser/http_parser.c, http-parser/http_parser.h, list.h,
	main.c, root/index.xml, root/login.xml, server.c, tlslib.c,
	tlslib.h, vpn.c, vpn.h: updated server

2013-01-05  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile: a.out -> server Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-01-04  Nikos Mavrogiannopoulos <nmav@gnutls.org>

	* Makefile, server.c: updated for gnutls Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

2013-01-04  David Woodhouse <David.Woodhouse@intel.com>

	* Initial import of test hack Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

