On Tue, 2014-11-04 at 11:15 +0100, Peter Magnusson wrote: > In the server logs it says "Certificate was succesfully validated" > over and over each time it loops trough the parts above. Nothing more. > > The interesting part is if i wait for exactly 2 minutes and try again > it will work again like it did the first time. So this seems like a > timeout of some sort. > > However, if i try the openconnect command with ??no?xmlpost it works > perfectly every time. The problem is that in the next step i would > like to use the Openconnect NetworkManager plugin and this does not > seem to have support for the ??no?xmlpost flag. Also the manual > (http://www.infradead.org/openconnect/manual.html) says to report if > the ??no?xmlpost flag is needed. > > Can anyone give me any suggestions as to why this is not working as > expected ? Please let me know if i can provide any more information. You should get a lot of log output in ~/.cisco/hostscan/log/cstub.log ? especially if you set '-log debug' in your csd-wrapper.sh. Can you compare those logs between successful and unsuccessful runs? Also, how are you killing openconnect? Does it make a difference if you send it SIGHUP and let it sign off gracefully, vs. SIGTERM to just kill it. You're looking for a message saying 'Send BYE packet:' in the graceful termination case. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5745 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20141104/4f6dfe48/attachment.bin>
