On Tue, 2014-02-04 at 09:44 +0100, Nikos Mavrogiannopoulos wrote: > > gnutls uses gnulib (which I found out that sometimes could have > side-effects - such as replacing recv and send). Would loading succeed > if done in openconnect directly? This *is* in openconnect directly. http://git.infradead.org/users/dwmw2/openconnect.git/blob/HEAD:/gnutls.c#l230 Don't get me started (again) on how much we have to do in openconnect directly because the various crypto libraries don't give us a simple "use <this> cert/key that the user specified on the command line" that Does The Right Thing? :) -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5745 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20140204/709044b8/attachment-0001.bin>