ocserv 0.3.1
Nikos Mavrogiannopoulos
nmav at gnutls.org
Sun Feb 16 03:37:30 EST 2014
Hello,
I've just released ocserv 0.3.1. ocserv is a VPN server that implements
the AnyConnect SSL VPN protocol and targets small embedded Linux
devices.
* Version 0.3.1 (released 2014-02-16)
- Corrected decoding of cookies. That will prevent issues where
the server is unable to parse client cookies.
- Changed the method X-CSTP-MTU is taken into account to avoid
smaller MTU sizes than the intended.
- Corrected IPv6 address assignment in Linux (the equivalent code
for BSD-derivatives is untested).
- Default configuration file changed to /etc/ocserv/ocserv.conf and
default password file for ocpasswd to /etc/ocserv/ocpasswd.
- Added support for multiple DNS and NBNS servers in ocserv.conf.
The 'local' keyword is no longer supported.
- Added the new config options split-dns and custom-header.
- When seccomp is being used the forbidden system calls will
return error instead of the process being killed.
- Rekey time can now be configured using the rekey-time option, and
can also be disabled when setting it to zero.
- Rekey method changed to SSL to use rehandshakes instead of new
tunnels.
- Added support for the "new" IPv6 address sending headers. That
is enabled if the client sends "X-CSTP-Full-IPv6-Capability: true".
- occtl: fixed gathering of interface statistics.
The current release is available at:
ftp://ftp.infradead.org/pub/ocserv/ocserv-0.3.1.tar.xz
ftp://ftp.infradead.org/pub/ocserv/ocserv-0.3.1.tar.xz.sig
The VPN server's web-site is at:
http://www.infradead.org/ocserv
regards,
Nikos
More information about the openconnect-devel
mailing list