ocserv 0.10.3
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed May 6 06:02:31 PDT 2015
On Wed, May 6, 2015 at 1:37 PM, jacky he <jacky.he at gmail.com> wrote:
> I have test the git version, the error still.
> ocserv[17086]: sec-mod: initiating session for user 'vpnuser' (session: jxejo)
> ocserv[17086]: sec-mod: initiating session for user 'vpnuser' (session: jxejo)
> ocserv[17082]: main[vpnuser]: WiFi network IP:62699 user disconnected
> ocserv[17086]: sec-mod: temporarily closing session for vpnuser
> (session: jxejo)
> ocserv[17082]: main[vpnuser]: Cellular network IP:9142 user disconnected
> ocserv[17086]: sec-mod: invalidating session of user 'vpnuser' (session: jxejo)
I have misunderstood here. It seems that the client re-uses the first
connection from the new IP, the wifi IP is disconnected (possibly due
to an RST), and then the client sends a disconnect command over the
Cell IP. Then it tries to re-use the cookie which it has just
invalidated intentionally.
I'm not sure how to handle that, except for adding a flag to not
invalidate sessions on client request, which is a pretty ugly
workaround.
regards,
Nikos
More information about the openconnect-devel
mailing list