Overview Repositories Revisions Requests Users Attributes Meta

Revisions of openconnect

Oleksandr Chumachenko's avatar Oleksandr Chumachenko (Ledest) committed (revision 4) 
- update to version 7.08
  * Add SHA256 support for server cert hashes.
  * Enable DHE ciphers for Cisco DTLS.
  * Increase initial oNCP configuration buffer size.
  * Improve support for point-to-point routing on Windows.
  * Check for non-resumed DTLS sessions which may indicate a MiTM attack.
  * Fix compatibility with Pulse Secure 8.2R5.
  * Support DTLS automatic negotiation.
  * Support --key-password for GnuTLS PKCS#11 PIN.
  * Support automatic DTLS MTU detection with OpenSSL.
  * Update OpenSSL to allow TLSv1.2, improve compatibility options.
  * Remove --no-cert-check option. It was being (mis)used.
  * Fix OpenSSL support for PKCS#11 EC keys without public key.
  * Fix polling/retry on "tun" socket when buffers full.
  * Fix AnyConnect server-side MTU setting.
  * Fix ESP replay detection.
  * Add certificate torture test suite.
  * Support PKCS#11 PIN via pin-value= and --key-password for OpenSSL.
  * Fix integer overflow issues with ESP packet replay detection.
  * Add --pass-tos option as in OpenVPN.
  * Support role selection form in Juniper VPN.
  * Support DER-format certificates, add certificate format torture tests.
  * For OpenSSL >= 1.0.2, fix certificate validation when only an
    intermediate CA is specified with the --cafile option.
  * Support Juniper "Pre Sign-in Message".
- dropped juniper-fix-for-upstream-sources.patch, upstreamed
- juniper-fix-for-upstream-sources.patch included to fix upgraded Juniper servers
Oleksandr Chumachenko's avatar Oleksandr Chumachenko (Ledest) committed (revision 3) 
- Upgraded to 7.07, included fix for Juniper vpn

- Update to version 7.0.7
  * More fixes for OpenSSL 1.1 build.
  * Support Juniper "Post Sign-in Message".
  * Add --protocol option.
  * Fix ChaCha20-Poly1305 cipher suite to reflect final standard.
  * Add ability to disable IPv6 support via library API.
  * Set groups appropriately when using setuid().
  * Automatic DTLS MTU detection.
  * Support SSL client certificate authentication with Juniper servers.
  * Revamp SSL certificate validation for OpenSSL and stop supporting OpenSSL older than 0.9.8.
  * Fix handling of multiple DNS search domains with Network Connect.
  * Fix handling of large configuration packets for Network Connect.
  * Enable SNI when built with OpenSSL (1.0.1g or later).
  * Add --resolve and --local-hostname options to command line.
- Included patch to fix upgraded Juniper servers
  * Submitted to upstream, not yet included in release
Oleksandr Chumachenko's avatar Oleksandr Chumachenko (Ledest) committed (revision 2) 
- Update to version 7.0.7
  * More fixes for OpenSSL 1.1 build.
  * Support Juniper "Post Sign-in Message".
  * Add --protocol option.
  * Fix ChaCha20-Poly1305 cipher suite to reflect final standard.
  * Add ability to disable IPv6 support via library API.
  * Set groups appropriately when using setuid().
  * Automatic DTLS MTU detection.
  * Support SSL client certificate authentication with Juniper servers.
  * Revamp SSL certificate validation for OpenSSL and stop supporting OpenSSL older than 0.9.8.
  * Fix handling of multiple DNS search domains with Network Connect.
  * Fix handling of large configuration packets for Network Connect.
  * Enable SNI when built with OpenSSL (1.0.1g or later).
  * Add --resolve and --local-hostname options to command line.
Oleksandr Chumachenko's avatar Oleksandr Chumachenko (Ledest) committed (revision 1)
Displaying all 4 revisions
openSUSE Build Service is sponsored by
Places