[PATCH 0/8] GlobalProtect patches with a coherent story line (hopefully!)

Daniel Lenski dlenski at gmail.com
Mon Aug 14 21:34:31 PDT 2017


I've sent updated versions of patches 2, 3, 7, and 8 from the series
(matching the latest GP support from
https://github.com/dlenski/openconnect/tree/globalprotect/).

The list won't see [PATCH v2 3/8], since it exceeds the size limit,
unless manually moderated in…

-Dan

On Mon, Aug 14, 2017 at 12:00 PM, Daniel Lenski <dlenski at gmail.com> wrote:
> On Mon, Aug 14, 2017 at 9:33 AM, David Woodhouse <dwmw2 at infradead.org> wrote:
>> On Sat, 2017-05-20 at 15:43 -0700, Daniel Lenski wrote:
>>> As requested, I've restructured the remaining diffs from my
>>> GlobalProtect-supporting fork (https://github.com/dlenski/openconnect)
>>> into a more coherent story line of patches.
>>>
>>> I've verified that each patch along the way builds correctly and still
>>> connects to Juniper VPNs correctly (in the case of the patches that touch
>>> ESP).
>>>
>>> Daniel Lenski (8):
>>>   factor out common dump_buf_hex() and free_optlist() utility functions
>>>   add OC_FORM_OPT_FILL_{USERNAME,PASSWORD} flags to hint at purpose of a
>>>     form field without requiring a specific name
>>>   add PAN GlobalProtect protocol support (HTTPS tunnel only)
>>>   tweak the dtls_state handling in preparation for supporting
>>>     GlobalProtect ESP
>>>   add vpn_proto member functions .udp_send_probes and .udp_catch_probe
>>>     in preparation for supporting GlobalProtect ESP
>>>   add new_keys argument to esp_setup_keys() in preparation for
>>>     supporting GlobalProtect ESP
>>>   Add support for GlobalProtect ESP tunnel
>>>   when connecting to a GlobalProtect portal (not gateway), generate an
>>>     xmlconfig so that NetworkManager can list all the gateway servers
>>
>> I have merged patches 1, 4, 5 and 6 of your series. Could I trouble you
>> for an up-to-date and tested copy of the rest? Apologies for the delay
>> in applying these...
>
> I will do that as follows…
>
> - Fix 2/8 (once you let me know how you'd like it changed)
> - Rebase most recent changes into same 8-part structure, while
> squashing the recent changes into 3/8 (HTTPS stuff, auth) and 7/8
> (ESP).
>
> -Dan



More information about the openconnect-devel mailing list