~mamarley/openconnect/+git/gitlab-main:j2hack

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

fef9e78... by dwmw2 on 2020-03-12

j/5 is longer, which implies that it really is different but let's try anyway...

Signed-off-by: David Woodhouse <email address hidden>

a4d88b3... by dwmw2 on 2020-03-12

Attempt to handle extended EAP Juniper/5 just like Juniper/2

https://gitlab.com/openconnect/openconnect/issues/104
Signed-off-by: David Woodhouse <email address hidden>

8820105... by dwmw2 on 2020-02-26

Add some basic hostscan support to csd-post.sh

Fetch the data.xml, handle File and Process data requests.

This should save a little bit of manual work in crafting acceptable
responses for some users/configurations.

There's still a bunch of random crap that the real hostscan trojan can
do that we aren't attempting; some of which we probably never still.

Signed-off-by: David Woodhouse <email address hidden>

112fb1c... by dwmw2 on 2020-02-24

Fix double colon in DTLS12 ciphersuite list

Signed-off-by: David Woodhouse <email address hidden>

79c6ffc... by dwmw2 on 2020-01-15

pulse: Fix another error-path leak in pulse_eap_ttls_recv()

Spotted by Coverity. We need to return buf_free(frag) not jut buf_error().

Signed-off-by: David Woodhouse <email address hidden>

77bdf33... by dwmw2 on 2020-01-15

pulse: Fix memory leaks in pulse_eap_ttls_send()

A couple of leaks spotted by Coverity, and a couple more I spotted while
staring at it.

Signed-off-by: David Woodhouse <email address hidden>

01ef9ea... by dwmw2 on 2020-01-15

http: Retry request (once) on error receiving response

A Juniper server has been encountered in the wild which sends an initial
302 redirect without Connection:close, but then just closes the connection
when it receives the next request.

This happens only for the first redirect to /dana-na/auth/… and not for
subsequent redirects through cookie-check and realm stuff. So instead of
a preemptive hack to avoid connection reuse for *all* redirects in NC,
just cope with it when it happens.

Since rq_retry is only set when the connection is already open, it won't
get set again the second time round, thus avoiding endless retries.

Fixes: #96

Signed-off-by: David Woodhouse <email address hidden>

1da8ab7... by dwmw2 on 2020-01-14

Update translations from GNOME

Signed-off-by: David Woodhouse <email address hidden>

6ec20de... by dwmw2 on 2019-12-30

Update translations from GNOME, prioritising GNOME translations

Previously, translations from NetworkManager-openconnect have only been
pulled in if there was no existing translation in OpenConnect. Since the
GNOME translations are maintained and corrected, it's better to let them
overide the ones in OpenConnect.

Signed-off-by: David Woodhouse <email address hidden>

c02ccd5... by dwmw2 on 2019-12-30

Resync translations with sources

Signed-off-by: David Woodhouse <email address hidden>