5.01 with --no-xmlpost works (see output below), however git master still fails without --no-xmlpost, just like 5.01. $ sudo openconnect -v 213.172.3.40 --no-xmlpost GET https://213.172.3.40/ Attempting to connect to server 213.172.3.40:443 SSL negotiation with 213.172.3.40 Server certificate verify failed: signer not found Certificate from VPN server "213.172.3.40" failed verification. Reason: signer not found Enter 'yes' to accept, 'no' to abort; anything else to view: yes Connected to HTTPS on 213.172.3.40 Got HTTP response: HTTP/1.0 302 Object Moved Content-Type: text/html; charset=utf-8 Content-Length: 0 Cache-Control: no-cache Pragma: no-cache Connection: Close Date: Thu, 26 Dec 2013 09:16:50 GMT Location: /+webvpn+/index.html Set-Cookie: tg=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure HTTP body length: (0) GET https://213.172.3.40/+webvpn+/index.html SSL negotiation with 213.172.3.40 Server certificate verify failed: signer not found Connected to HTTPS on 213.172.3.40 Got HTTP response: HTTP/1.1 200 OK Transfer-Encoding: chunked Content-Type: text/xml Cache-Control: max-age=0 Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpnlogin=1; secure X-Transcend-Version: 1 HTTP body chunked (-2) Please enter your username and password. GROUP: [ADMBankier|ADMCborne|ADMCborne-new|ADMNetwork|ADMOther|ADMPhones|ADMW2K|MobileMGR|WssDocs]:ADMCborne Username:cborne Password: POST https://213.172.3.40/+webvpn+/index.html Got HTTP response: HTTP/1.1 200 OK Transfer-Encoding: chunked Content-Type: text/xml Cache-Control: max-age=0 Set-Cookie: webvpnlogin=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure Set-Cookie: webvpn=<elided>; path=/; secure Set-Cookie: webvpnc=bu:/CACHE/stc/&p:t&iu:1/&sh:9AA6F4978ABEAEC4EB82EDB65A87391F3171214D&lu:/+CSCOT+/translation-table?textdomain%3DAnyConnect%26type%3Dmanifest; path=/; secure Set-Cookie: webvpnx= Set-Cookie: webvpnaac=1; path=/; secure X-Transcend-Version: 1 HTTP body chunked (-2) TCP_INFO rcv mss 1368, snd mss 1368, adv mss 1448, pmtu 1500 Got CONNECT response: HTTP/1.1 200 OK On Wed, Dec 25, 2013 at 8:02 PM, Kevin Cernekee <cernekee at gmail.com> wrote: > On Wed, Dec 25, 2013 at 8:16 AM, Anton Keks <anton at codeborne.com> wrote: >> OK, it seems that 4.07 is getting a redirect, while 5.01 does not: > [...] >> XML POST enabled >> GROUP: [ADMBankier|ADMCborne|ADMCborne-new|ADMNetwork|ADMOther|ADMPhones|ADMW2K|MobileMGR|WssDocs]:ADMCborne > > In current releases, XML POST does not work correctly with a > non-default authgroup. > > As a temporary workaround you can try passing "--no-xmlpost" if it is > supported in the version you are running. > > There's also a fix in the git tree I referenced earlier. But I don't > actually use a VPN gateway that requires an authgroup, so it would be > helpful if you tested it and let me know if everything works as > expected. > > Thanks. -- Anton //codeborne
