A few fixups for the GnuTLS version check; mostly making it a runtime check so that distributions can patch GnuTLS without upgrading it wholesale. Don't abort the connection if the CSD wrapper returns non-zero. Nothing ever cared about the return value before, and some scripts do return harmless error values. Allow it for now; we can fix them and then re- enable the error behaviour in a future release. Also support passthrough of the TOS value for ESP as well as DTLS. ftp://ftp.infradead.org/pub/openconnect/openconnect-8.07.tar.gz ftp://ftp.infradead.org/pub/openconnect/openconnect-8.07.tar.gz.asc Daniel Lenski (6): fix off-by-one error in GnuTLS version check (v3.6.12 is known-bad), and also warn at compile time make --passtos work with ESP as well as DTLS update the manual and `--help` to explain `--passtos` a little more add Java wrapper function for setPassTOS() Changelog entry Fix compilation on GnuTLS prior to 3.5.0 David Woodhouse (9): Don't abort Pulse connection for bad cert MD5 Fix up Dan's aversion to writing changelog entries... Merge branch 'fix-gnutls-check' of gitlab.com:mrueg/openconnect Reduce duplication in start_dtls_handshake() Merge branch 'ignore-empty-select-tag' of gitlab.com:klyr/openconnect Don't abort if CSD wrapper returns non-zero Merge branch 'passtos_for_ESP_too' of gitlab.com:dlenski/openconnect Update translations from GNOME Tag version 8.07 Julien Barbot (1): Do not process <select/> nodes with no children Luca Boccassi (1): DTLS: check at runtime whether GnuTLS is giving us a zero'ed ClientHello Manuel Rüger (1): configure.ac: Fix gnutls version check
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
