This also modifies `tests/fake-fortinet-server.py` to delimit search domains
using such escapes, as a test/example for OpenConnect to parse.
Signed-off-by: Daniel Lenski <email address hidden>
db3722f...
by
Audric Schiltknecht <email address hidden>
Fix invalid reset of URL variable in csd-wrapper
The URL variable is constructed from the CSD_HOSTNAME at the beginning of
the script. However, prior to parsing the command line, it was reset to
an empty value.
Request help with the interpretation of F5 URIs in the docs
Some F5 VPNs use these to complete authentication and handoff to the
proprietary client, and we currently don't know how to interpret them in a
way that would allow OpenConnect to be used instead.
This was added under v9.12 instead of the HEAD section. Next person to do
that gets to implement a CI test for it :)
Perhaps we should have a policy of adding in reverse chronological order
so that newly-added lines are always immediately below the 'HEAD' title,
which would mean that merging older PRs would *conflict* instead of
silently merging into the older changelog?
Fixes: ff86be7281 ("update changelog")
Signed-off-by: David Woodhouse <email address hidden>
In 57160c9f2673adbbe468db137b28da4187549061, I updated
fake-juniper-server.py to use a "persistent" configuration (as already done
for fake GlobalProtect, Fortinet, F5 servers), but thne I somehow forgot to
update the actual juniper-auth test script accordingly.
Signed-off-by: Daniel Lenski <email address hidden>
The article "Why TCP Over TCP Is A Bad Idea" is very useful for explaining
why VPNs perform better when using UDP-based transport (DTLS or ESP) rather
than TCP-based transport (TLS), but unfortunately the original site is no
longer available.