const char *prio;
const char *min_gnutls_version;
} gnutls_dtls_ciphers[] = {
+ { "DHE-RSA-AES128-SHA", GNUTLS_DTLS0_9, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_DHE_RSA, GNUTLS_MAC_SHA1,
+ "NONE:+VERS-DTLS0.9:+COMP-NULL:+AES-128-CBC:+SHA1:+DHE-RSA:%COMPAT", "3.0.0" },
+ { "DHE-RSA-AES256-SHA", GNUTLS_DTLS0_9, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_DHE_RSA, GNUTLS_MAC_SHA1,
+ "NONE:+VERS-DTLS0.9:+COMP-NULL:+AES-256-CBC:+SHA1:+DHE-RSA:%COMPAT", "3.0.0" },
{ "AES128-SHA", GNUTLS_DTLS0_9, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_RSA, GNUTLS_MAC_SHA1,
"NONE:+VERS-DTLS0.9:+COMP-NULL:+AES-128-CBC:+SHA1:+RSA:%COMPAT", "3.0.0" },
{ "AES256-SHA", GNUTLS_DTLS0_9, GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_RSA, GNUTLS_MAC_SHA1,
#endif
buf_append(buf, "OC-DTLS1_2-AES256-GCM:OC-DTLS1_2-AES128-GCM:");
#endif
+ buf_append(buf, "DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:");
buf_append(buf, "AES256-SHA:AES128-SHA:DES-CBC3-SHA:DES-CBC-SHA");
}
<ul>
<li><b>OpenConnect HEAD</b>
<ul>
+ <li>Enable DHE ciphers for Cisco DTLS.</li>
<li>Increase initial oNCP configuration buffer size.</li>
<li>Reopen <tt>CONIN$</tt> when stdin is redirected on Windows.</li>
<li>Improve support for point-to-point routing on Windows.</li>
projects / users / dwmw2 / openconnect.git / commitdiff