ocserv 0.11.5

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Fri Sep 23 00:43:23 PDT 2016

  I've released ocserv 0.11.5. This is a bug fix and feature
update release in the 0.11.x branch.

* Version 0.11.5 (released 2016-09-23)
- Added getrandom() to the accepted list of seccomp calls. This allows ocserv
  to run with gnutls 3.5.x under recent kernels.
- ocserv: relaxed the restrictions for DTLS-PSK negotiation. No longer
  require that the cipher/mac combination of TLS match the DTLS one. Introduced
  config option 'match-tls-dtls-ciphers' for this purpose.
- ocserv: added the config option 'dtls-psk'; this option allows to disable
  the DTLS-PSK protocol and utilize only the legacy version.
- ocserv: added the config option 'dtls-legacy'. When disabled it will
disable the
  legacy pre-draft-DTLS negotiation.

The current release is available at:

The VPN server's web-site is at:


More information about the openconnect-devel mailing list