[GIT PULL] DTLS and other improvements to openconnect
Nikos Mavrogiannopoulos
nmav at gnutls.org
Sun Feb 2 06:10:49 EST 2014
I've rewritten the patches for DTLS and other improvements to openconnect.
They are now rebased on the current master, and allow elliptic curves
with gnutls 3.2.9 or later where the issue with the F5 firewall
is addressed using the %COMPAT keyword (I've also added some text
discussing the issue).
Still the most important addition is the support for AES-GCM, which is
not only better to AES-CBC due to side-channels, but is also more
UDP-friendly as it requires no padding and has a shorter nonce.
They are available from:
git://gitorious.org/openconnect-x/openconnect-x.git privacy-improvements
regards,
Nikos
More information about the openconnect-devel
mailing list