OpenConnect

~mamarley/openconnect/+git/gitlab-main:nx

Last commit made on 2021-05-23

Get this branch:: git clone -b nx https://git.launchpad.net/~mamarley/openconnect/+git/gitlab-main

Branch merges

Branch information

Name:: nx

Repository:: lp:~mamarley/openconnect/+git/gitlab-main

Recent commits

135c787... by Andreas Gnau on 2021-05-23

nx: Send X-NE-SESSIONPROMPT: true header

Apparently, X-NE-SESSIONPROMPT: true seems to be needed in some rare (?)
situations, where the tunnel will come up but no packets are
transferred. See:

https://github.com/abrasive/nxBender/commit/454dedc6c72fc62eedb7be18e62c6b7ee5f82bb3

Of all the clients tested, ONLY NetExtender for Windows sends this
header, so this behaviour might be related to some specific
(mis-)configuration of the server...

Signed-off-by: Andreas Gnau <email address hidden>

d5436bd... by Andreas Gnau on 2021-05-23

nx: Remove TODO and debug prints regarding headers

So far, we have only one encountered one NX server that was enforcing a
certain client version and thus User-Agent header. Remove the TODO
pondering whether to add it or not and some leftover debug-print.

If we realise later, that this is more common, we can always add such a
header. In initial tests, the server did not do a 1:1 string comparison,
so we could still be transparent about being OpenConnect by prepending
or appending OpenConnect to the "approved" User-Agent string.

Signed-off-by: Andreas Gnau <email address hidden>

74268bd... by Andreas Gnau on 2021-05-16

nx: Send X-NX-Client-Platform header according to OS

Send X-NX-Client-Platform header, by translating the OpenConnect
vpninfo->platname (AnyConnect derived) to the ones sent by the offical
SonicWall NX clients.

Signed-off-by: Andreas Gnau <email address hidden>

c1a6f85... by Andreas Gnau on 2021-05-06

nx: Enable error handling on connection establishment

Signed-off-by: Andreas Gnau <email address hidden>

052bad0... by Andreas Gnau on 2021-05-02

Add parameter to allow specifying no IP install_vpn_opts

NX also uses IPCP for getting its IPv4-IP while all the other connection
parameters are retrieved via HTTP. This increases the number of
protocols that need special treatment in install_vpn_opts to two.
Add a generic parameter `allow_no_ip` to install_vpn_opts which is set
to true when called from F5 and NX, thus keeping the code free of
protocol-specific bits.

Signed-off-by: Andreas Gnau <email address hidden>

d08ef20... by Andreas Gnau on 2021-05-02

nx: Fix formatting of cookie to be without name

Make vpninfo->cookie be the raw cookie value like other protocols. Also
make consumption and writing of the value consistent, so that passing to
cookie from --authenticate to --cookie-on-stdin works flawlessly like
for the other protocols.

Signed-off-by: Andreas Gnau <email address hidden>

ba2408e... by Andreas Gnau on 2021-05-02

ppp: nx: Fix encapsulation of NX

NX encapsulation is 32-bit big (not little) endian size of the whole
payload, which is not necessarily equal to the size of of the HDLC
frame, because there may be multiple frames.

Fix the code accordingly.

Signed-off-by: Andreas Gnau <email address hidden>

98d5af1... by Andreas Gnau on 2021-05-02

nx: Start PPP TCP mainloop on connection

Signed-off-by: Andreas Gnau <email address hidden>

1b22831... by dwmw2 on 2021-04-27

Update ip_info and opts handling for NX

Commit 3d845bc9bf ("Rework cstp_options and ip_info handling") cleaned up
a bunch of the string ownership issues; fix up the NX code to match.

Signed-off-by: David Woodhouse <email address hidden>

4dd40a6... by dwmw2 on 2021-04-26

Merge branch 'rondom_new_nx' of gitlab.com:Rondom/openconnect

»