Openconnect no-xmlpost
David Woodhouse
dwmw2 at infradead.org
Tue Nov 4 04:27:32 PST 2014
On Tue, 2014-11-04 at 11:15 +0100, Peter Magnusson wrote:
> In the server logs it says "Certificate was succesfully validated"
> over and over each time it loops trough the parts above. Nothing more.
>
> The interesting part is if i wait for exactly 2 minutes and try again
> it will work again like it did the first time. So this seems like a
> timeout of some sort.
>
> However, if i try the openconnect command with −−no−xmlpost it works
> perfectly every time. The problem is that in the next step i would
> like to use the Openconnect NetworkManager plugin and this does not
> seem to have support for the −−no−xmlpost flag. Also the manual
> (http://www.infradead.org/openconnect/manual.html) says to report if
> the −−no−xmlpost flag is needed.
>
> Can anyone give me any suggestions as to why this is not working as
> expected ? Please let me know if i can provide any more information.
You should get a lot of log output in ~/.cisco/hostscan/log/cstub.log —
especially if you set '-log debug' in your csd-wrapper.sh.
Can you compare those logs between successful and unsuccessful runs?
Also, how are you killing openconnect? Does it make a difference if you
send it SIGHUP and let it sign off gracefully, vs. SIGTERM to just kill
it. You're looking for a message saying 'Send BYE packet:' in the
graceful termination case.
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20141104/4f6dfe48/attachment.bin>
More information about the openconnect-devel
mailing list