Trouble with network-manager-openconnect-gnome when using a gateway with multiple IP addresses
David Woodhouse
dwmw2 at infradead.org
Mon Feb 4 18:34:34 EST 2013
On Mon, 2013-02-04 at 18:21 -0500, Brian D Peyser PhD wrote:
> $ openconnect --script=/etc/vpnc/vpnc-script remoteaccessvpn.nih.gov
...
> TUNSETIFF failed: Operation not permitted
That's expected, if you're not running it as root. Everything worked OK,
but it wasn't able to create and configure the tunnel network device.
But it would have worked from the command line anyway. It was caching
the result of the DNS lookup and using the same IP address every time it
had to make a new connection, so you'd never have seen the original
issue there. It was only when you had the *separate* authentication and
connection stages (for example with the NM GUI, or using openconnect
--authenticate followed by
openconnect -C $COOKIE --servercert $FINGERPRINT $HOST
> When I try to use the Network-Manager-openconnect GUI I get a segfault.
That shouldn't happen. First thing I'd do is check that you aren't
mixing versions. If you just ran './configure' then it probably installs
to /usr/local, leaving the packaged versions in place? Try adding
--prefix=/usr to the configure command line?
And run 'ldd /usr/libexec/nm-openconnect-auth-dialog' (or wherever
Ubuntu puts it) to check which version of the library it's running.
Was it a segfault in the auth-dialog? Or in openconnect itself when it
tries to connect?
> Is there anything I did here that is wrong? When I cloned the git I
> looked at ssl.c and it seemed to be updated with the patches in
> http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/b0b4b34f.
Yes, you have the latest patched version.
> Maybe I need to do a reboot? Haven't done that yet.
No, that shouldn't be necessary.
> Hmm was just thinking maybe I missed the openssl-dev package. I'll need
> that too, right?
It'll use GnuTLS if you have it.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6171 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20130204/9cd1ee49/attachment.bin>
More information about the openconnect-devel
mailing list