ocserv 0.11.5
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Fri Sep 23 00:43:23 PDT 2016
Hello,
I've released ocserv 0.11.5. This is a bug fix and feature
update release in the 0.11.x branch.
* Version 0.11.5 (released 2016-09-23)
- Added getrandom() to the accepted list of seccomp calls. This allows ocserv
to run with gnutls 3.5.x under recent kernels.
- ocserv: relaxed the restrictions for DTLS-PSK negotiation. No longer
require that the cipher/mac combination of TLS match the DTLS one. Introduced
config option 'match-tls-dtls-ciphers' for this purpose.
- ocserv: added the config option 'dtls-psk'; this option allows to disable
the DTLS-PSK protocol and utilize only the legacy version.
- ocserv: added the config option 'dtls-legacy'. When disabled it will
disable the
legacy pre-draft-DTLS negotiation.
The current release is available at:
ftp://ftp.infradead.org/pub/ocserv/ocserv-0.11.5.tar.xz
ftp://ftp.infradead.org/pub/ocserv/ocserv-0.11.5.tar.xz.sig
The VPN server's web-site is at:
http://www.infradead.org/ocserv
regards,
Nikos
More information about the openconnect-devel
mailing list