David Woodhouse <dwmw2 at infradead.org> ?rta (2009. szeptember 16. 16:56): > On Wed, 2009-09-16 at 16:49 +0200, Horv?th Szabolcs wrote: >> >> //vpninfo->quit_reason = "Client received SIGINT"; >> vpninfo->quit_reason = "\xb0The user has requested to disconnect the >> connection."; > > Aha. I assume that it's just the 0xB0 at the beginning which makes the > difference, and the text isn't relevant? > > Normally, we find that a session can be re-used. If you first > authenticate by using 'openconnect --cookieonly', then you can connect > as many times as you like using that same cookie until it expires. > > With your change, does the session expire after you disconnect the first > time? If so, we might need to give some thought to when we do this. Yes. First I did "openconnect --cookieonly". I got the cookie. Then I did "openconnect -C 2736652[...]". I successfully connected. Then I disconnected by pressing control-c. Properly disconnected session on the ASA. Then I tried to connect with "openconnect -C 2736652[...]" again (re-using the cookie). Attempting to connect to vpn.company.hu SSL negotiation with vpn.company.hu Connected to HTTPS on vpn.company.hu Got inappropriate HTTP CONNECT response: HTTP/1.1 401 Unauthorized Szabolcs
