[PATCH 0/3] further patches to your gpst branch
Daniel Lenski
dlenski at gmail.com
Sun Dec 17 14:33:18 PST 2017
Hi David,
These patches will apply cleanly to your gpst branch (currently @
82d4430da8f593109f90637fafb799a41a937330,
http://git.infradead.org/users/dwmw2/openconnect.git/shortlog/refs/heads/gpst)
*after* merging the latest changes from your master branch (currently
@ fdaba772b27d66f92a3d035d18d7b4e15292f6b9).
Even better--I've tested that they build and connect correctly as
well. :-D
They simplify the gingerly interaction of the HTTPS and ESP tunnels
which are necessary for GlobalProtect ESP to work, add tunnel-based
rekey, and add support for checking and submitting the "HIP report."
HIP is basically GlobalProtect's CSD/TNCC equivalent; the one good
thing I'll say about it is that it *doesn't* involve downloading and
running a Trojan binary.
-Dan
Daniel Lenski (3):
Improve GPST/ESP not-stepping-on-toes tap dance
Add support for tunnel-based rekey for GlobalProtect
add support for checking and submitting HIP reports
auth-globalprotect.c | 29 ++++++--
gpst.c | 195 +++++++++++++++++++++++++++++++++++++++++++++----
hipreport.sh | 182 +++++++++++++++++++++++++++++++++++++++++++++
mainloop.c | 2 +-
openconnect-internal.h | 1 +
www/Makefile.am | 2 +-
www/features.xml | 2 +-
www/globalprotect.xml | 7 ++
www/hip.xml | 89 ++++++++++++++++++++++
9 files changed, 482 insertions(+), 27 deletions(-)
create mode 100755 hipreport.sh
create mode 100644 www/hip.xml
--
2.7.4
More information about the openconnect-devel
mailing list