David Woodhouse <dwmw2 at infradead.org> wrote: > If you want to have a go at making OpenConnect use gnutls as a > build-time option, just for the TCP connections, that would give me the > extra motivation to fix up the DTLS bits. Puh, don't overestimate my programming skills. Is there anything like a documentation of the state-machine running in Anyconnect during connection establishment? Am I right in the assumption that the authorization part of the protocoll is pure https? As connection via gnutls-cli and talking http manually works, I just took a slightly adapted Version of http://www.gnu.org/software/gnutls/manual/html_node/Client-using-a-smart-card-with-TLS.html and tried to connect to the VPN Server. Looks like this already succeed somehow, because here is what I get when I request "/+CSCOE+/logon.html?fcadbadd=1": Location: /+CSCOE+/logon.html Set-Cookie: tg=0SSLVPN_IOSB_TG; path=/; secure As IOSB is the name of my OU the system already seems to know my target. This Information seems to be mapped from the smartcard OU. Sven -- Der "normale B?rger" ist nicht an der TU Dresden und schreibt auch nicht mit mutt. (Ulli Kuhnle in de.comp.os.unix.discussion) /me is giggls at ircnet, http://sven.gegg.us/ on the Web -- Das Internet ist kein rechtsfreier Raum, das Internet ist aber auch kein b?rgerrechtsfreier Raum. (Wolfgang Wieland B?ndnis 90/Die Gr?nen) /me is giggls at ircnet, http://sven.gegg.us/ on the Web
