ocserv 0.2.3

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Dec 15 03:54:58 EST 2013

 I've just released ocserv 0.2.3. ocserv is a VPN server that implements
the AnyConnect SSL VPN protocol and targets small embedded Linux

This release fixes known bugs, adds support for the AnyConnect mobile clients,
and support for cgroups in Linux that can be set per user or group.

* Version 0.2.3 (released 2013-12-15)

- Added X-CSTP-License header to client reply for mobile client
  compatibility. Patch by Kevin Cernekee.
- When a new connection presents a cookie of an existing session
  the previous session of this cookie is disconnected (and its IP is hijacked).
  If no previous session is active, the server will attempt to assign
  the previously used IP.
- If udp-port is unset or set to zero then the server will not listen
  for UDP sessions.
- When using PAM allow it to update the username.
- When always-require-cert is set to false do not require a certificate
  for cookie authentication.
- Added the net-priority configuration option.
- Corrected sending of DPD in the main TLS channel. Report and initial
  fix by Kevin Cernekee.
- Added support for cgroups in Linux.

The current release is available at:

The VPN server's web-site is at:


More information about the openconnect-devel mailing list