On Mon, 2015-05-18 at 21:18 -0400, Tom Metro wrote: > Failed to read from SSL socket: A TLS packet with unexpected length was > received. > Failed to obtain WebVPN cookie > > > When searching for answers, the most relevant hit was: > > https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/1225276 > > from 2013, which suggested this patch: > > http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/c7077b96b > > which I confirmed is already in the version of the code I'm using. Apologies for delayed response. I suspect your failing box is using an ancient version of GnuTLS which didn't have the explicit GNUTLS_E_PREMATURE_TERMINATION error code, and just returned the 'unexpected length' error instead. Coffeee.... archives.... brain... Hah. This came up before: http://comments.gmane.org/gmane.network.vpn.openconnect.devel/1324 I had a workaround, as described there. I'd even got confirmation from Nikos that it wasn't entirely the wrong thing to do. But I didn't bother to apply it because it was only ever seen with Juniper servers, and at the time we didn't support Juniper at all; this was a rather bizarre user trying OpenConnect against a Juniper server in the days when it *only* supported AnyConnect. I've just pushed a fix; can you test it please? -- David Woodhouse Open Source Technology Centre David.Woodhouse at intel.com Intel Corporation -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5691 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150806/f6792b1a/attachment.bin>
