A bunch of fixes since the 3.99 beta release. Thanks to everyone who tested it. This release has full functionality even with GnuTLS 2.12, although it uses OpenSSL for DTLS in that case. The GnuTLS support code is cleaned up a little... and then made messier by adding support for the old OpenSSL encrypted PEM files. This release also adds support for keys from the Android keystore. ftp://ftp.infradead.org/pub/openconnect/openconnect-4.00.tar.gz ftp://ftp.infradead.org/pub/openconnect/openconnect-4.00.tar.gz.asc David Woodhouse (41): Fix GnuTLS 2.12 library still referencing OpenSSL ERR_print_errors_cb() Fix Solaris build, again Document SHA1 buffer requirements more clearly Fix wording of comment about string handling Fix memory leak of TPM key password Cope with lack of gnutls_certificate_set_key() in GnuTLS 2.12 Fix BER encoding of hash in sign_dummy_data() Clean up handling of gnutls_pkcs12.c Move TPM code out into gnutls_tpm.c Split assign_privkey_gtls3() to separate function Split assign_privkey_gtls2() to separate function Move setting of vpninfo->my_p11key to somewhere tidier Unify assign_privkey() function for GnuTLS 2 and 3 Clean up GnuTLS load_certificate() and improve comments Don't repack extra_certs[] when matching key; just cope with it being sparse Add gnutls_tpm.c to POTFILES Remove separate POTFILES list and build potfile from real sources lists Clean up feature/index web pages a little Fix build for OpenSSL without DTLS Fix Android build Add Android keystore support OpenSSL: Fix recognition of repeated 'wrong passphrase' errors Automatically keep Android.mk in sync with source lists from Makefile.am Remove POTFILES.in from po/ EXTRA_DIST Add gnutls.h to noinst_HEADERS Add trousers to list of optional build deps Fix Android keystore support for older keystore_get.h Fix fake Android keystore_get() to return -1 on failure Fix double-free of BIO in loading cert from keystore Switch from Android's keystore_get() to our own keystore_fetch() Add missing includes and libs to Android.mk Add Android keystore support for --cafile Fix PKCS#11 cleanup when no SSL certificate is set NUL-terminate blobs from Andoird keystore Fix memory leaks in text-mode process_form_opts Support old-style OpenSSL encrypted PEM keys Fix typo in error message Add translations that GNOME NetworkManager-openconnect has, that we don't Run msgmerge after importing translations from Transifex Update translations from Transifex Tag version 4.00 -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 6171 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120620/49089636/attachment.bin>
