Copying from what I wrote on the openconnect-devel mailing list…
Nikos's proposed fix is to change "-VERS-TLS-ALL:+VERS-TLS1.0" to
"-VERS-SSL3.0".
It's useful to consider the total set of possible effects of this change
on Ubuntu 14.04's openconnect:
1) Good: Fixes the incompatibility reported h
The upstream fix for this has included moving on to depending strictly
on later versions of GnuTLS.
I just want to point out that this version of OpenConnect was
deliberately built against GnuTLS 2.12, even though GnuTLS 3.2.11 was
available in both the Debian and Ubuntu archives at the time. I be