OpenConnect 4.05 release

[David Woodhouse]

This fixes credential re-use for the case where you use the GUI and
change the host that you're connecting to. Since v3.99 it had started
asking you for the certificate passphrase again in that case. Which was
especially problematic for the key-password-from-fsid case where the
user never even knew what it was in the first place.

It also fixes a couple of things in PKCS#11 handling — where a PIN was
required for more than one PKCS#11 token it would go into an endless
loop, and also it was stripping out the parts of the PKCS#11 URL which
identified the token on which to look for the key — which is necessary
for things like the Gooze.eu Feitian ePass token, which doesn't even
admit to the existence of the key until you've logged in.

Finally an OpenBSD build fix when using GnuTLS v3, and a fix to use the
correct CSD script on OS X.

ftp://ftp.infradead.org/pub/openconnect/openconnect-4.05.tar.gz
ftp://ftp.infradead.org/pub/openconnect/openconnect-4.05.tar.gz.asc

David Woodhouse (12):
      Fix 'make update-translations' not to remove file headers
      Update translations from Transifex
      Don't forget key password on reconnect / change hosts in GUI.
      Use P11_KIT_URI_FOR_ANY to preserve all attributes in PKCS#11 URIs
      Fix endless loop when multiple PKCS#11 tokens need PINs
      Remove obsolete --key-type option from usage help text
      Import translations from GNOME
      Remove -vpnclient arg from CSD invocation
      Only setuid() for CSD if a user was specified.
      Remove CSD script when done with it
      Use correct XML tag for CSD script on Mac
      Tag version 4.05

Stuart Henderson (1):
      mainloop.c - malloc without a prototype


-- 
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6171 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120712/e0e74666/attachment-0001.bin>