[PATCH 3/3] add support for checking and submitting HIP reports
Daniel Lenski
dlenski at gmail.com
Mon Dec 18 08:47:11 PST 2017
On Sun, Dec 17, 2017 at 2:33 PM, Daniel Lenski <dlenski at gmail.com> wrote:
> Signed-off-by: Daniel Lenski <dlenski at gmail.com>
> ---
> auth-globalprotect.c | 29 +++++---
> gpst.c | 158 +++++++++++++++++++++++++++++++++++++++++++
> hipreport.sh | 182 ++++++++++++++++++++++++++++++++++++++++++++++++++
> www/Makefile.am | 2 +-
> www/features.xml | 2 +-
> www/globalprotect.xml | 7 ++
> www/hip.xml | 89 ++++++++++++++++++++++++
> 7 files changed, 459 insertions(+), 10 deletions(-)
> create mode 100755 hipreport.sh
> create mode 100644 www/hip.xml
This patch has a flaw: it generates the csd_token in the
authentication phase, but since the HIP report submission actually
occurs in the connection phase, we cannot rely on the connection phase
having run in the same process.
This explains a problem reported with NM:
https://github.com/dlenski/network-manager-openconnect/issues/4
Revised patch follows…
-Dan
More information about the openconnect-devel
mailing list