This release should fix compatibility with the strange version of OpenSSL on Ubuntu 10.04, which was broken in v3.12 by our attempt to avoid ChangeCipherSpec retransmits that upset the server. This also adds proper cancellation to the libopenconnect library, so authentication dialogs can *abort* a connection attempt immediately. Before, they had to wait for it to complete. Which in some cases might never happen. Users were reporting that the KDE dialog (and thus the whole of kded) were locking up when they were behind a captive portal which would accept HTTPS connections but never return any data. I've updated the GNOME NetworkManager auth dialog to use this facility; others like the KDE one are left as an exercise for their users. It also adds the facility to use a config file, which contains long options one per line, as they would appear on the command line except without the leading --. This was inspired by, and based on an original patch by, Fabian J?ger (whose Shimo VPN UI for OSX uses openconnect for its AnyConnect support). ftp://ftp.infradead.org/pub/openconnect/openconnect-3.19.tar.gz ftp://ftp.infradead.org/pub/openconnect/openconnect-3.19.tar.gz.asc David Woodhouse (44): Prepare for config file support; don't use getopt_long() and optarg directly Add --config option for reading options from file Add local getline() for Solaris 10 build Fix ENGINE_by_id() and dtls1_stop_timer() checks with non-system OpenSSL Expand OpenSSL DTLS compatibility to include Ubuntu 10.04 (Lucid Lynx) Add (unused) cancel_fd to vpninfo struct Handling cancellation during initial connect() Add vpninfo arg to proxy I/O functions, use proxy_read() from proxy_gets() Fix handling of error from proxy_write() in process_http_proxy() Add cancellation handling to proxy I/O functions Add cancellation handling to SSL_connect() for https connection Add vpninfo arg to openconnect_SSL_{printf,gets} functions Return non-blocking socket from openconnect_open_https() Add cancellable openconnect_SSL_write(), use it from openconnect_SSL_printf() Handle cancellation in openconnect_SSL_gets() Write initial auth GET request in non-blocking mode Add openconnect_SSL_read() functional which handles cancellation Use openconnect_SSL_read() for fetching HTTP response Add openconnect_set_cancel_fd() to library Export openconnect_version as a pointer rather than an array Add symbol versioning to libopenconnect shared library Remove inappropriate exit() from library code Fix corruption of input string to openconnect_parse_url() Update copyright years Update changelog Make symbol versioning work on Solaris too Define _WITH_GETLINE for BSD systems Add library.c and compat.c to POTFILES.in for translation Remove duplicate library API version number from Makefile.am Make compat symbols @@OPENCONNECT_PRIVATE Fix up the historical version tags in libopenconnect.map Add OPENCONNECT_CHECK_VER() macro for compatibility testing Refuse to redirect to a non-https URL Remove internal_parse_url() from the library exports. Namespace cleanup: s/set_http_proxy/openconnect_set_http_proxy/ Clean up BIO_set_nbio() calls for DTLS Call BIO_set_nbio() for SSL BIO at startup Update translations from Transifex Fix error message when too many command line arguments Fix --non-inter option so it still allows username/password from command line Use SOCK_CLOEXEC when opening TCP socket Update translations from Transifex Update changelog Tag version 3.19 Fabian J?ger (1): Flush progress output immediately. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 6171 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120517/8c8bd381/attachment.bin>
