On Sat, 2011-07-09 at 17:45 -0400, Jason wrote: > > > Ahhh... there was some critical info. :-) My little test setup worked > for 'openconnect -s /path/to/script -u jason https://url.local' It > asked for a password, and everything went fine. Looks like I'll need to > rethink it a little. See http://git.gnome.org/browse/network-manager-openconnect/tree/auth-dialog/README You can probably declare that you don't suppose CSD, so don't worry about that. You can declare that you don't need a TPM either, so any HTTP client library (or class) will do as long as you can control its behaviour well enough. In particular you must make a *new* TCP connection after an HTTP redirect, if you're using SSL certificates for authentication. Please do support certificates, or at least be aware that someone will be along to do that shortly if you don't! > > As long as you have the cookie, you can just pass that to mtpd, which is > > C code, and then it can spawn openconnect to make the connection, can't > > it? > > That is what currently happens, minus the cookie part. After filling in > the arbitrary webform, what's the correct, or current, way to pass the > cookie back? You pass it to openconnect with the '--cookie-on-stdin' option. See the NetworkManager or ConnMan code for examples. -- dwmw2