AMajor/SoftEtherVPN
1
0
Fork 0
mirror of https://github.com/SoftEtherVPN/SoftEtherVPN.git synced 2025-07-07 16:25:01 +03:00
Code Releases Activity

Reworked EAP-TLS 1.3 to account for RFC9190, implemented searching by certificate instead of certificate CN

Browse Source
This commit is contained in:
Evengard
2023-01-31 18:37:16 +03:00
parent 26403c70e3
commit edcdc923ad
14 changed files with 197 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/bin/hamcore/strtable_en.stb
View File

@ -568,7 +568,7 @@ HUB_AO_DetectDormantSessionInterval If you set this option to non-zero value,
HUB_AO_NoPhysicalIPOnPacketLog If you set this option to non-zero value, then the physical IP addresses of VPN clients of either the source VPN session or the destination VPN session will not be recorded on the packet log file.
HUB_AO_UseHubNameAsDhcpUserClassOption If you set this option to non-zero value, then the Virtual Hub Name will be added to a DHCP request to an external DHCP server as the "User-Class" option. This allows to use separate pools of IP addresses for each Virtual Hub. (For only L2TP/IPsec and OpenVPN sessions.)
HUB_AO_UseHubNameAsRadiusNasId If you set this option to non-zero value, then the NAS-Identifier RADIUS attribute will be set to a name of the Virtual Hub. This allows to determine on RADIUS server whether access to the Virtual Hub should be granted or denied.
HUB_AO_AllowEapMatchUserByCert If you enable (set to 1) this option, the Virtual Hub will attempt to match the EAP Identity not only with usernames, but also with user certificate CNs during the PPP EAP authentication flow.
HUB_AO_AllowEapMatchUserByCert If you enable (set to 1) this option, the Virtual Hub will attempt to match the EAP Identity not only with usernames, but also with user certificates during the PPP EAP authentication flow.
# Concerning failed connection dialogs