Some compatibility fixes for GnuTLS ? we need to advertise TLSv1 not SSLv3 in the ClientHello, and we also need to support old cipher suites like RC4-MD5 because that's all that some servers will permit. There's also a fix for the MTU handling in the upcoming GnuTLS 3.0.21 release ? we were relying on buggy behaviour of GnuTLS and now we're more robust. And another MTU-related fix for the fact that we confusing the MTU that we *requested* from the server, and the MTU that it subsequently *told* us to use. This release adds support for more types of encrypted OpenSSL PEM file (although 3DES is the common one, which was already supported in 4.00). Finally, Tiago Vignatti provided a fix to the --no-proxy option which has been lacking a 'break' in the switch statement and falling through to the subsequent option, ever since we first introduced it. ftp://ftp.infradead.org/pub/openconnect/openconnect-4.03.tar.gz ftp://ftp.infradead.org/pub/openconnect/openconnect-4.03.tar.gz.asc David Woodhouse (7): Improve cipher coverage of OpenSSL encrypted PEM support for GnuTLS Remove hard-coded table of ciphers for PEM decryption Advertise TLS1.0 not SSL3.0 in GnuTLS ClientHello Fix GnuTLS DTLS MTU for GnuTLS 3.0.21 and above Separate requested from received MTU settings Update changelog Tag version 4.03 Tiago Vignatti (1): Fix --no-proxy option -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 6171 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120702/dc922103/attachment.bin>
