Released versions of OpenConnect are available from the FTP site:
Release tarballs (since 3.13) are signed with the PGP key 67E2F359.
- Add RFC4226 HOTP token support.
- Tolerate servers closing connection uncleanly after HTTP/1.0 response (Ubuntu #1225276).
- Add support for IPv6 split tunnel configuration.
- Add Windows support with MinGW (tested with both IPv6 and Legacy IP with latest vpnc-script-win.js)
- Change library API to support updating the auth form when the authgroup is changed (Ubuntu #1229195).
- Change --os mac to --os mac-intel, to match the identifier used by Cisco clients.
- Add new API functions to support invoking the VPN mainloop directly from an application.
- Add JNI interface and sample Java application.
- Fix junk in --cookieonly output when CSD is enabled.
- Enable TOTP, stoken, and JNI support in the Android builds.
- Add --pfs option to enforce perfect forward secrecy.
- Enable elliptic curves with GnuTLS 3.2.9+, where there is a workaround for certain firewalls that fail with client hellos between 256 and 512 bytes.
- Add padding when sending password, to avoid leakage of password and username length.
- Add support for DTLS 1.2 and AES-GCM when connecting to ocserv.
- Add support for server name indication when compiled with GnuTLS 3.2.9+.
For older releases and change logs, see the changelog page.
(Note: Due to a longstanding Fedora bug you may occasionally find that the FTP server is accessible only by IPv6 and not Legacy IP. If this happens, please let me know by sending me an email. Or just join us in the 21st century and get IPv6.)
The latest source code is available from the git repository at:
or browseable in gitweb at: