OpenConnect 7.04 release

David Woodhouse dwmw2 at infradead.org
Sun Jan 25 15:43:14 PST 2015 

This release is all about compression.

LZS and LZ4 compression are now supported on both the CSTP (TCP) channel
*and* the DTLS (UDP) channel. The current Cisco ASAs support LZS, and
ocserv 0.9.0 supports both.

Deflate compression on the CSTP channel is now disabled by default,
because of concerns about stateful compression allowing information
leaks. It can be enabled at runtime with '--compression=all'.

This looks like it will be the last release of OpenConnect which doesn't
support the Juniper SSL VPN.

ftp://ftp.infradead.org/pub/openconnect/openconnect-7.04.tar.gz
ftp://ftp.infradead.org/pub/openconnect/openconnect-7.04.tar.gz.asc

David Woodhouse (34):
      Add decompress-only support for LZS
      Add LZS compression support
      Add support for LZS decompression in DTLS
      Add support for LZS compression in DTLS
      Add LZS test harness
      Reduce per-packet computation overhead for LZS compression
      Simplify LZS compression again
      Revert LZS optimisation experiments
      Simplify the common (literal) case in LZS compression
      Unroll PUT_BITS() loop and improve compile-time visibility.
      Consolidate PUT_BITS() calls
      Update hash table for first byte at start of LZS compression loop
      Increase LZS hash to 16 bits
      Do not initialise LZS hash_chain array
      Clean up datatypes in LZS
      Let the compiler eliminate more code in LZS GET_BITS()
      Optimise lzs_decompress() for literal bytes
      Rewrite lzs_compress() loop
      Simplify input length check in lzs_decompress() loop
      Fix buffer size check in lzs_compress()
      Import translations from GNOME
      Merge git://git.infradead.org/~dwmw2/openconnect-lzs
      Factor out compress_packet() function to be used for both CSTP and DTLS
      Copyright fixes
      Make lzstest build conditional
      Update changelog
      Fix deflate compression
      Add --compression argument and openconnect_set_compression_mode()
      Disable stateful compression by default
      Make --dump-http-traffic dump the CONNECT request too
      Update translations from GNOME
      Resync translations with sources
      Remove Transifex translation setup
      Tag version 7.04

Nikos Mavrogiannopoulos (2):
      Clean up compression type handling
      Added support for LZ4

-- 
David Woodhouse                            Open Source Technology Centre
David.Woodhouse at intel.com                              Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150125/b02da4c1/attachment.bin>

More information about the openconnect-devel mailing list