This should fix the build on Debian systems where they restrict the
available OpenSSL symbols. It also enables a bunch of compiler warnings
that would have highlighted that issue sooner... and then fixes a bunch
of (harmless) compiler warnings.
It improves the handling of expired and expiring certificates by adding
an option to change the warning from its default 60 days, and printing a
warning when the server doesn't like the client cert.
It adds NLS support, although there are very few actual translations
yet.
The web pages are also updated somewhat.
I *haven't* yet moved the openconnect binary into $sbindir. I'll
probably do that in the next release.
David Woodhouse (45):
Clean up DTLS timer workaround to make it work with Debian OpenSSL, hopefully
Enable AM_SILENT_RULES so that warnings are more visible.
Enable various compiler warnings
Make match_cert_hostname() static to avoid compiler complaints
Fix char pointers in check_certificate_expiry() to be const
Make 'print_equals' string const to avoid compiler complaints
Make parse_xml_response() method and request_body_type args const
Fix compiler warnings about constness of csd_argv[]
Make usage() static to avoid compiler complaints
Make 'base' arg to openconnect_create_useragent() const
Avoid unused 'autoproxy' variable when built without libproxy support.
Make vpninfo->quit_reason const to avoid compiler complaints
Fix another const char warning in start_cstp_connection()
Make in_ex and route args to process_split_xxclude const
Fix handling of vpninfo->ifname. Always strdup()
Refactor xmlnode_msg() not to use server-provided string as asprintf() format.
Update changelog
Fix DTLS-may-fail warning when built against OpenSSL 1.0.0e and run with older
Fix libproxy build.
Add translation support
Make user-visible strings translatable
Use dgettext() so the domain is always correct even in libopenconnect
Reduce certificate warning to PRG_INFO
Fix build instructions on web page.
Add error message when SSL cert fails
Add (empty) translation files from Transifex
Add Transifex config file so 'tx pull' works in any checkout.
Translatability fix for 'Discard bad split xxclude' message
Add new version of web pages
Update new web pages in release, not openconnect.html
Use automake for www/ directory
Fix up distro status page.
Fix header on connecting page
Add links to manual page, don't number 'started' subpages
Man page update: clarify which fsid is used, forget Solaris tuntap IPv6 patch.
Add OpenSuSE to distribution status list
Update transations from Transifex
Switch to using PNG image in web site. Android can't show SVG. Still!
Clean up DTLS Session-ID length warning
Make certificate expiry warning time variable (still default 60 days)
Add --cert-expire-warning,-e option to set warning level
Update changelog
Update translations from Transifex
Add openconnect_set_cert_expiry_warning() to library
Tag version 3.13
--
David Woodhouse Open Source Technology Centre
David.Woodhouse at intel.com Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5818 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110930/af23fddb/attachment.bin>
