ocserv 0.1.0
Nikos Mavrogiannopoulos
nmav at gnutls.org
Sat Mar 23 05:15:46 EDT 2013
Hello,
I've just released ocserv 0.1.0. ocserv is a VPN server that implements
the AnyConnect SSL VPN protocol and targets small embedded Linux devices.
This release completes the feature set I had initially planned, i.e.,
privilege separation and an option to use simple password file format.
My next target is to support Salsa20 [0] and possibly UMAC-96 for
encryption and integrity protection, to reduce the load incurred due to
AES in constrained systems.
[0]. http://tools.ietf.org/html/draft-josefsson-salsa20-tls-01
The changes since 0.0.2 are:
- Corrected issue with ocsp-response configuration field.
- Added ability to specify multiple certificate and key pairs.
- Added support for TLS session tickets.
- Added the "plain" authentication option, which allows a simple
password file format. The ocpasswd tool can be used to generate
entries for this file.
- The private key operations are performed on a special process to
prevent loss of the private key in case of compromise of a worker
process.
The current release is available at:
ftp://ftp.infradead.org/pub/ocserv/ocserv-0.1.0.tar.xz
ftp://ftp.infradead.org/pub/ocserv/ocserv-0.1.0.tar.xz.sig
The VPN server's web-site is at:
http://www.infradead.org/ocserv
regards,
Nikos
More information about the openconnect-devel
mailing list