Unable to build openconnect-3.16 in Solaris 10 (x86)

[David Woodhouse]

On Fri, 2012-04-20 at 14:41 +0800, chua wei yang wrote:
> *Output START*
> Attempting to connect to ourProxyServer:80
> Requesting HTTP proxy connection to sam.ncs.com.sg:443
> Unexpected continuation line after CONNECT response: 'Proxy-agent:BlueCoat-Security-Appliance'

Small bug in openconnect proxy support there, I think, but it seems to
be harmless. I'll investigate and fix.

> I do have the script at /tmp/csdFoaalx but I have no idea what it's
> trying to do; at the binary part.

You could try running it on a Linux system and see what it does (with
strace, by looking at the logs it leaves in your home directory, etc.).
You'll probably find it just does a bunch of checks and then an HTTP
POST to the server essentially saying "OK". You can use something like
mitmproxy (mitmproxy.org) to watch exactly what it posts.

You can then make a 'csd-wrapper' script which does just the same, using
something like curl. OpenConnect is able to run a script of your own
choosing *instead* of the script that it downloads from the server (it
still downloads the server's script, and passes it to your wrapper in
case you need to use it in some way).

> I am looking at this Brandz thing at
> http://hub.opensolaris.org/bin/view/Community+Group+brandz/brandz_lae_faq,
> will it work or is it relevant for my situation?

That looks like full-system virtualisation. If you need to run the
actual trojan you get from the server, and can't just replace it, then I
think you want lxrun:http://www.ugcs.caltech.edu/~steven/lxrun/

Of course, you *might* be better off trying to get the CSD trojan for
Windows and using that under Wine? :)

-- 
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5818 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120420/9d6d8296/attachment.bin>