Juniper SSL VPN login fails
Tom Metro
tmetro+openconnect at gmail.com
Mon Apr 13 14:38:40 PDT 2015
David Woodhouse wrote:
> GnuTLS returns the GNUTLS_E_REHANDSHAKE "error" code when we attempt
> to read from the socket. We are expected to react accordingly, if we
> want to actually do the renegotiation.
>
> Try the patch below.
Fantastic. That worked. Thanks for taking the time to create the patch.
> ...actually the OpenSSL build seems to renegotiate all by itself
> without requiring the application to do anything.
My expectations are that an SSL library would provide hooks, in case you
want to do something custom, but by default handle this internally. I
guess the GnuTLS developers disagree.
-Tom
More information about the openconnect-devel
mailing list