GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-10 16:57:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

Added configuration option 'dtls-psk'

Browse Source 
When this option is set to false, the DTLS-PSK protocol
will not be negotiated by worker processes. The process will fallback
to the legacy protocol in that case.
This commit is contained in:
Nikos Mavrogiannopoulos
2016-09-22 15:16:34 +02:00
parent 33089ab74e
commit 4c85fa97f0
7 changed files with 25 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
doc/sample.config
View File

@@ -588,6 +588,12 @@ no-route = 192.168.5.0/255.255.255.0
# and openconnect clients < 7.08.
cisco-client-compat = true
# This option will disable the DTLS-PSK negotiation (enabled by default).
# The DTLS-PSK negotiation was introduced in ocserv 0.11.5 to deprecate
# the pre-draft-DTLS negotiation inherited from AnyConnect. It allows the
# DTLS channel to negotiate its ciphers and the DTLS protocol version.
#dtls-psk = false
# Client profile xml. A sample file exists in doc/profile.xml.
# It is required by some of the CISCO clients.
# This file must be accessible from inside the worker's chroot.