[PATCH] Re: OpenConnect, Juniper and NetworkManager
brett at hpe.com
Mon May 9 15:44:50 PDT 2016
On Mon, 2016-05-09 at 09:02 +0100, David Woodhouse wrote:
> On Sun, 2016-05-08 at 18:36 -0400, Ian Turner wrote:
> > OK, patches attached. Feedback welcome; if the response here is
> > positive (or silent), then I will go ahead and submit to GNOME and
> > KDE.
I'm missing the context for this, as I could only find the previous patch
submission messsage on openconnect-devel (and I'm only subscribed to
networkmanager-list). Is Ian providing patches for the networkmanager-
openconnect plugin, so that it supports --juniper mode? If so, that's awesome
> Could we drop the boolean NM_OPENCONNECT_KEY_JUNIPER_MODE and just have
> a string key that contains exactly the string that's passed to
> openconnect_set_protocol(), please? And if it's absent/empty then we do
> nothing and hence default to AnyConnect. That makes it nice and generic
> and easier to support other VPN protocols in future. We do have at
> *least* Junos Pulse in the works — I have it decoded, and just need to
> find the time and motivation to hook up all the EAP nonsense. Or
> preferably a willing volunteer who actually *uses* it :)
<raises hand>. I use openconnect on the command line, and would love to test
patches that integrate it into NM, assuming that's what we're talking about
here. So I'll volunteer :)
> Can we make this appear to NetworkManager as two *separate* plugins,
> that just happen to use (mostly) the same binaries? The properties
> plugin does have the name hard-coded so it can't be *entirely* the same
> binaries... but see GNOME bug #765732 where the GTK parts are all taken
> out into a *separately* loaded library anyway, so that can still be
> shared while the plugin itself is built for both Juniper and
> AnyConnect, returning different values for PROP_NAME/PROP_DESC?
Again, without any context, it's hard to tell what Ian's original code/patches
look like, but having two separate plugin names seems like it'd solve the UI
problem. The current plugin says "Cisco AnyConnect Compatibe VPN(openconnect)".
It seems consistent to also have a "Juniper NetConnect VPN(openconnect)" (or
something like that) entry.
Brett Johnson<brett at hpe.com>
"Consider how hard it is to change yourself and you'll understand what little
chance you have in trying to change others."
~~ Jacob M Braude
More information about the openconnect-devel