Hm, I added a call to this in the Java process_auth_form() callback, to print the cipher before asking the user to fill in the form. Just as a test. It's crashing with Connection:close or HTTP/1.0, because by the time we call openconnect_get_cstp_cipher() vpninfo->https_sess is NULL. There's an obvious defensive-coding fix to make it return NULL in this case, but perhaps we *do* actually want it to return valid results? We could potentially declare that it's only valid to call openconnect_get_cstp_cipher() when CSTP is actually *connected*... but CSTP can disconnect due to DPD and reconnect at *any* time, so that seems a little inappropriate. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5745 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20141103/e228583d/attachment.bin>
