My attempts to port openconnect to windows (cygwin)
Johannes Michler
orgler at gmail.com
Sun Feb 20 13:45:23 EST 2011
Hi,
I just spend my day trying to get openconnect to work with windows (using
cygwin). I may prepend: I successfully got a connection on linux, so the
interoperability between openconnect and my vpn server should be save.
unfortunately I have no access to this server.
Here is what I've done so far: I first installed cygwin with these packages:
openssl,openssl-devel,libopenssl098,make,libxml2,libxml2-devel,libiconv,libiconv2,automake,make,gcc4.
I then cloned the latest git-revision and tried to compile. Of cause this
failed :-(
Then I looked at vpnc and tried to understand what has to be done
differently with cygwin. I think most changes should appear in the
tun.c-file, most other files should be platform-independent. So I wrote some
code to open the tun-device (copied a log from vpnc). I finally managed to
compile openconnect. When trying to connect to the server, first everything
seems fine. I'm getting the usual connection-messages, I'm being asked for
my credentials, and finally (in verbose-mode) I'm getting X-CSTP-Information
from my network. So this seems to be fine.
Then I'm being assigned an IP-Adress, and my vpnc-win-script manages to set
these infos on my "TAP-Win32 Adapter V9". when looking at these information
using ipconfig and route, everything seems to be fine. But I just can't
manage to transfer any data. Unfortunately, I don't have access to the
server, so I cannot do any logging on the server-side to validate if any
packages arrive.
I've attached my patched tun.c, a slightly modified ssl.c, the
vpnc-connect-scripts for windows and a log from my connection. Unfortunately
I'm a git-noob, so I don't know what would be the best way to provide these
files in a git-conform-way.
Any ideas on why I can't get any connection over the openconnect-tunnel?
Best regards,
orgler
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0001.html>
-------------- next part --------------
$ ./openconnect.exe -v --script=./vpnc-script-win MY_SERVER_IP
Attempting to connect to MY_SERVER_IP:443
SSL negotiation with MY_SERVER_IP
Server certificate verify failed: self signed certificate
Certificate from VPN server "MY_SERVER_IP" failed verification.
Reason: self signed certificate
Enter 'yes' to accept, 'no' to abort; anything else to view: yes
Connected to HTTPS on MY_SERVER_IP
GET https://MY_SERVER_IP/
Got HTTP response: HTTP/1.1 302 Object Moved
Server: Cisco AWARE 2.0
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Cache-Control: no-cache
Pragma: no-cache
Connection: Keep-Alive
Date: Sun, 20 Feb 2011 18:23:04 GMT
Location: /+webvpn+/index.html
Set-Cookie: tg=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/
HTTP body length: (0)
GET https://MY_SERVER_IP/+webvpn+/index.html
Got HTTP response: HTTP/1.1 200 OK
Server: Virata-EmWeb/R6_2_0
Transfer-Encoding: chunked
Content-Type: text/xml
Cache-Control: max-age=0
Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/
Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/
Set-Cookie: webvpnlogin=1
X-Transcend-Version: 1
HTTP body chunked (-2)
Fixed options give
Please enter your username and password.
USERNAME:MY_USERNAME
Password:wont_tell_this
POST https://MY_SERVER_IP/+webvpn+/index.html
Got HTTP response: HTTP/1.1 200 OK
Server: Virata-EmWeb/R6_2_0
Transfer-Encoding: chunked
Content-Type: text/xml
Cache-Control: max-age=0
Set-Cookie: webvpnlogin=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/
Set-Cookie: webvpn=<elided>;PATH=/
Set-Cookie: webvpnc=SECRET :-)
X-Transcend-Version: 1
HTTP body chunked (-2)
Got CONNECT response: HTTP/1.1 200 OK
X-CSTP-Version: 1
X-CSTP-Address: 10.115.1.232
X-CSTP-Netmask: 255.255.255.0
X-CSTP-DNS: correct...
X-CSTP-DNS: correct...
X-CSTP-NBNS: correct...
X-CSTP-NBNS: correct...
X-CSTP-Lease-Duration: 1209600
X-CSTP-Session-Timeout: none
X-CSTP-Idle-Timeout: 1800
X-CSTP-Disconnected-Timeout: 1800
X-CSTP-Keep: true
X-CSTP-DPD: 30
X-CSTP-Keepalive: 20
X-CSTP-MSIE-Proxy: bypass-local
X-CSTP-MSIE-Proxy-Server: correct...
X-CSTP-Smartcard-Removal-Disconnect: true
X-CSTP-Content-Encoding: deflate
X-DTLS-Session-ID: DON'T KNOW IF THIS IS SECRET
17A
X-DTLS-Port: 443
X-DTLS-Keepalive: 20
X-DTLS-DPD: 30
X-CSTP-MTU: 1370
X-DTLS-CipherSuite: AES128-SHA
CSTP connected. DPD 30, Keepalive 20
Device: LAN-Verbindung 2
TAP-Win32 Driver Version 9.8
Microsoft (R) Windows Script Host, Version 5.8
Copyright (C) Microsoft Corporation 1996-2001. Alle Rechte vorbehalten.
VPN Gateway: MY_SERVER_IP
Internal Address: 10.115.1.232
Internal Netmask: 255.255.255.0
Interface: "LAN-Verbindung 2"
Configuring "LAN-Verbindung 2" interface...
done.
Configuring networks:
Route configuration done.
DTLS option X-DTLS-Session-ID : SECRET
DTLS option X-DTLS-Port : 443
DTLS option X-DTLS-Keepalive : 20
DTLS option X-DTLS-DPD : 30
DTLS option X-DTLS-CipherSuite : AES128-SHA
DTLS connected. DPD 30, Keepalive 20
Connected LAN-Verbindung 2 as 10.115.1.232, using SSL + deflate
Sending compressed data packet of 344 bytes
Sending compressed data packet of 42 bytes
Sending compressed data packet of 42 bytes
Sending compressed data packet of 342 bytes
Sending compressed data packet of 42 bytes
Sending compressed data packet of 42 bytes
Sending compressed data packet of 42 bytes
Sending compressed data packet of 54 bytes
Sending compressed data packet of 54 bytes
Sending compressed data packet of 66 bytes
No work to do; sleeping for 16000 ms...
Established DTLS connection
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 66 bytes; SSL_write() returned 67
Sent DTLS packet of 54 bytes; SSL_write() returned 55
Sent DTLS packet of 62 bytes; SSL_write() returned 63
Sent DTLS packet of 528 bytes; SSL_write() returned 529
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 70 bytes; SSL_write() returned 71
Sent DTLS packet of 70 bytes; SSL_write() returned 71
Sent DTLS packet of 70 bytes; SSL_write() returned 71
Sent DTLS packet of 42 bytes; SSL_write() returned 43
No work to do; sleeping for 19000 ms...
Sent DTLS packet of 70 bytes; SSL_write() returned 71
Sent DTLS packet of 70 bytes; SSL_write() returned 71
Sent DTLS packet of 70 bytes; SSL_write() returned 71
Sent DTLS packet of 476 bytes; SSL_write() returned 477
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 540 bytes; SSL_write() returned 541
Sent DTLS packet of 175 bytes; SSL_write() returned 176
Sent DTLS packet of 556 bytes; SSL_write() returned 557
Sent DTLS packet of 485 bytes; SSL_write() returned 486
No work to do; sleeping for 18000 ms...
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 175 bytes; SSL_write() returned 176
Sent DTLS packet of 542 bytes; SSL_write() returned 543
Sent DTLS packet of 528 bytes; SSL_write() returned 529
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 165 bytes; SSL_write() returned 166
Sent DTLS packet of 167 bytes; SSL_write() returned 168
Sent DTLS packet of 171 bytes; SSL_write() returned 172
Sent DTLS packet of 175 bytes; SSL_write() returned 176
No work to do; sleeping for 16000 ms...
Sent DTLS packet of 476 bytes; SSL_write() returned 477
Sent DTLS packet of 54 bytes; SSL_write() returned 55
Sent DTLS packet of 54 bytes; SSL_write() returned 55
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 54 bytes; SSL_write() returned 55
Sent DTLS packet of 54 bytes; SSL_write() returned 55
Sent DTLS packet of 66 bytes; SSL_write() returned 67
Sent DTLS packet of 54 bytes; SSL_write() returned 55
Sent DTLS packet of 66 bytes; SSL_write() returned 67
Sent DTLS packet of 42 bytes; SSL_write() returned 43
No work to do; sleeping for 16000 ms...
Sent DTLS packet of 54 bytes; SSL_write() returned 55
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 540 bytes; SSL_write() returned 541
Sent DTLS packet of 175 bytes; SSL_write() returned 176
Sent DTLS packet of 556 bytes; SSL_write() returned 557
Sent DTLS packet of 485 bytes; SSL_write() returned 486
Sent DTLS packet of 175 bytes; SSL_write() returned 176
Sent DTLS packet of 542 bytes; SSL_write() returned 543
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 175 bytes; SSL_write() returned 176
No work to do; sleeping for 14000 ms...
Sent DTLS packet of 528 bytes; SSL_write() returned 529
Sent DTLS packet of 165 bytes; SSL_write() returned 166
Sent DTLS packet of 167 bytes; SSL_write() returned 168
Sent DTLS packet of 171 bytes; SSL_write() returned 172
Sent DTLS packet of 175 bytes; SSL_write() returned 176
Sent DTLS packet of 476 bytes; SSL_write() returned 477
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 540 bytes; SSL_write() returned 541
No work to do; sleeping for 12000 ms...
Sent DTLS packet of 556 bytes; SSL_write() returned 557
Sent DTLS packet of 485 bytes; SSL_write() returned 486
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 66 bytes; SSL_write() returned 67
Sent DTLS packet of 66 bytes; SSL_write() returned 67
Sent DTLS packet of 219 bytes; SSL_write() returned 220
Sent DTLS packet of 243 bytes; SSL_write() returned 244
Sent DTLS packet of 542 bytes; SSL_write() returned 543
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 175 bytes; SSL_write() returned 176
No work to do; sleeping for 11000 ms...
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 219 bytes; SSL_write() returned 220
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 219 bytes; SSL_write() returned 220
Sent DTLS packet of 175 bytes; SSL_write() returned 176
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 42 bytes; SSL_write() returned 43
Sent DTLS packet of 219 bytes; SSL_write() returned 220
Sent DTLS packet of 42 bytes; SSL_write() returned 43
No work to do; sleeping for 7000 ms...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vpnc-script-win
Type: application/octet-stream
Size: 141 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: vpnc-script-win.js
Type: application/x-javascript
Size: 3016 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0001.js>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl.c
Type: text/x-csrc
Size: 29143 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0003.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tap-win32.h
Type: text/x-chdr
Size: 3531 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0004.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tun.c
Type: text/x-csrc
Size: 23121 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20110220/3e4ceddb/attachment-0005.bin>
More information about the openconnect-devel
mailing list