support --dtls12-ciphers option
I regularly need to connect to an anyconnect vpn concatenator, which I do not control, that has reportedly been intentionally configured to not allow any cipher sets with forward secrecy. In order to for openconnect to establish a session I need to pass --dtls12-ciphers=TLS_RSA_WITH_AES_256_CBC_SHA256
. At present, there isn't even an escape hatch to allow the manual setting of flag(s).
Edited by Ghost User