As easy as in Android???? Hopefully...

Kevin Cernekee cernekee at gmail.com
Tue Mar 31 12:34:21 PDT 2015


On Tue, Mar 31, 2015 at 11:19 AM, Nicolás Escudero
<nicolasescudero at gmail.com> wrote:
> Wow, no clue...
>
> Yes, I have curl:
>
> pi at raspberrypi ~ $ curl --version
> curl 7.38.0 (arm-unknown-linux-gnueabihf) libcurl/7.38.0
> OpenSSL/1.0.1k zlib/1.2.8 libidn/1.29 libssh2/1.4.3 librtmp/2.3
> Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
> pop3 pop3s rtmp rtsp scp sftp smtp smtps telnet tftp
> Features: AsynchDNS IDN IPv6 Largefile GSS-API SPNEGO NTLM NTLM_WB SSL
> libz TLS-SRP
>
> and:
> pi at raspberrypi ~ $ openconnect --version
> OpenConnect version v6.00
> Using GnuTLS. Features present: PKCS#11, RSA software token, HOTP
> software token, TOTP software token, DTLS
> pi at raspberrypi ~ $
>
>
> Tried letting it run for several minutes and the resfresh loop never ends...
>
> I'm not even sure I'm getting what the issue is here.. No idea how to
> further troubleshoot this...
>
> Any ideas??

Can you get a TOKEN_SUCCESS or TOKEN_INVALID response from the server
by feeding the CSD parameters back into the script?  e.g.

CSD_TOKEN=3F9F847F56CE819E5C1AD3D9 CSD_HOSTNAME=32.59.2.56 \
        /tmp/android_csd.sh /foobar -ticket "7A1D19AA785BD4956A844C4C" \
        -stub "0" -group "" -certhash "3C7CBD3FB35F41A34E4F0A66C9C33645:" \
        -url "https://32.59.2.56/CACHE/sdesktop/install/result.htm" \
        -langselen

When I run this, I see:

<?xml version="1.0" encoding="ISO-8859-1"?>
<hostscan><status>TOKEN_SUCCESS</status></hostscan>

(although this ticket might be tied to my IP, or it might expire
before you try it, so it wouldn't be shocking if it came back with
TOKEN_INVALID)



More information about the openconnect-devel mailing list