AW: Default long output (similar to "--verbose") under OpenConnect v8.20

Schütz Dominik Dominik.Schuetz at esolutions.de
Mon Apr 25 23:52:33 PDT 2022 

Hi,

I have now compiled OpenConnect with the fix (https://gitlab.com/openconnect/openconnect/-/issues/401) and now the output looks good (for "--protocol=pulse" and "--protocol=nc"):

dominik at host2:~$ sudo openconnect --script=/root/vpnc-script --protocol=pulse https://vpn-gateway/linux
Connected to xxx.xxx.xxx.xxx:443
SSL negotiation with vpn-gateway
Connected to HTTPS on vpn-gateway with ciphersuite TLSv1.2-AES128-GCM-SHA256
Got HTTP response: HTTP/1.1 101 Switching Protocols
Enter user credentials:
Username:dominik at domain
Password:
Unexpected IF-T/TLS packet when expecting configuration.
Configured as xxx.xxx.xxx.xxx, with SSL connected and ESP in progress
Session authentication will expire at Tue Apr 26 09:58:00 2022

ESP session established with server
< 0000:  00 00 0a 4c 00 00 00 01  00 00 00 80 00 00 01 ff  |...L............|
< 0010:  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
< 0020:  21 20 24 00 00 00 00 00  00 00 00 70 00 00 00 54  |! $........p...T|
< 0030:  01 00 00 00 e3 e1 a0 f3  00 40 8b 4d a5 9f 1f e2  |......... at .M....|
< 0040:  16 cc 06 23 f9 7f d9 10  9f 12 40 ad ad 0f 75 b0  |...#...... at ...u.|
< 0050:  a2 cd f5 c7 0e f2 b8 ca  6a ee 33 99 b5 b9 72 2a  |........j.3...r*|
< 0060:  b2 00 53 2c 6e 13 8d 39  95 4c 1d ce 28 09 10 52  |..S,n..9.L..(..R|
< 0070:  fa 2f f1 e7 eb a1 e7 1a  76 c3 00 00 00 00 00 00  |./......v.......|

Without the fix, I have the long output again by default.


One thing I noticed is that over time after the "ESP session established with server" an output appears, is this intentional?


Would it be possible to make the version that will be released soon (maybe v8.21) and includes this fix with the output (https://gitlab.com/openconnect/openconnect/-/issues/401) available for Ubuntu (Ubuntu 20.04 and Ubuntu 22.04) at "https://launchpad.net/~dwmw2/+archive/ubuntu/openconnect"?
Because I need OpenConnect with smartcard and TPM2 support and compiling for smartcard and TPM2 is not nice.

Greetings
Dominik

-----Ursprüngliche Nachricht-----
Von: David Woodhouse <dwmw2 at infradead.org> 
Gesendet: Dienstag, 19. April 2022 17:29
An: Schütz Dominik <Dominik.Schuetz at esolutions.de>; openconnect-devel at lists.infradead.org
Betreff: Re: Default long output (similar to "--verbose") under OpenConnect v8.20

On Tue, 2022-04-19 at 12:19 +0000, Schütz Dominik wrote:
> 
> when will the long output (similar to "--verbose" under Openconnect
> v8.10) under OpenConnect v8.20 be fixed?
> If I include a "--quiet" this unfortunately does not change the 
> output.

I think this was fixed in
https://gitlab.com/openconnect/openconnect/-/merge_requests/351 wasn't it?

There are one or two other issues which need fixing too, and we'll do another release shortly. Probably based on the master branch including the full SAML support, but perhaps a minimal v8.21 release if we really don't have confidence in that.

I'll push the loglevel thing to the Fedora packages in the interim.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6003 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20220426/0cb8c186/attachment-0001.p7s>

More information about the openconnect-devel mailing list