OpenConnect 4.00 release

David Woodhouse dwmw2 at infradead.org
Wed Jun 20 15:03:28 EDT 2012 

A bunch of fixes since the 3.99 beta release. Thanks to everyone who
tested it.

This release has full functionality even with GnuTLS 2.12, although it
uses OpenSSL for DTLS in that case. The GnuTLS support code is cleaned
up a little... and then made messier by adding support for the old
OpenSSL encrypted PEM files.

This release also adds support for keys from the Android keystore.

ftp://ftp.infradead.org/pub/openconnect/openconnect-4.00.tar.gz
ftp://ftp.infradead.org/pub/openconnect/openconnect-4.00.tar.gz.asc

David Woodhouse (41):
      Fix GnuTLS 2.12 library still referencing OpenSSL ERR_print_errors_cb()
      Fix Solaris build, again
      Document SHA1 buffer requirements more clearly
      Fix wording of comment about string handling
      Fix memory leak of TPM key password
      Cope with lack of gnutls_certificate_set_key() in GnuTLS 2.12
      Fix BER encoding of hash in sign_dummy_data()
      Clean up handling of gnutls_pkcs12.c
      Move TPM code out into gnutls_tpm.c
      Split assign_privkey_gtls3() to separate function
      Split assign_privkey_gtls2() to separate function
      Move setting of vpninfo->my_p11key to somewhere tidier
      Unify assign_privkey() function for GnuTLS 2 and 3
      Clean up GnuTLS load_certificate() and improve comments
      Don't repack extra_certs[] when matching key; just cope with it being sparse
      Add gnutls_tpm.c to POTFILES
      Remove separate POTFILES list and build potfile from real sources lists
      Clean up feature/index web pages a little
      Fix build for OpenSSL without DTLS
      Fix Android build
      Add Android keystore support
      OpenSSL: Fix recognition of repeated 'wrong passphrase' errors
      Automatically keep Android.mk in sync with source lists from Makefile.am
      Remove POTFILES.in from po/ EXTRA_DIST
      Add gnutls.h to noinst_HEADERS
      Add trousers to list of optional build deps
      Fix Android keystore support for older keystore_get.h
      Fix fake Android keystore_get() to return -1 on failure
      Fix double-free of BIO in loading cert from keystore
      Switch from Android's keystore_get() to our own keystore_fetch()
      Add missing includes and libs to Android.mk
      Add Android keystore support for --cafile
      Fix PKCS#11 cleanup when no SSL certificate is set
      NUL-terminate blobs from Andoird keystore
      Fix memory leaks in text-mode process_form_opts
      Support old-style OpenSSL encrypted PEM keys
      Fix typo in error message
      Add translations that GNOME NetworkManager-openconnect has, that we don't
      Run msgmerge after importing translations from Transifex
      Update translations from Transifex
      Tag version 4.00


-- 
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6171 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120620/49089636/attachment.bin>

More information about the openconnect-devel mailing list