On Tue, 2015-12-22 at 00:33 +0000, Daniel Lenski wrote: > > However, if I use one process to get the webvpn cookie, and another > process to feed the cookie to the gateway, it is rejected, even if > the cookie is used IMMEDIATELY: > > $ echo -n password \ > | openconnect gateway.com -u USER --passwd-on-stdin --cookie-only \ > | openconnect gateway.com --cookie-on-stdin --dump-http-traffic > > Is there some other piece of "state" which is preserved within each > openconnect process, which changes when I try to use the cookie from > another process? No, there really shouldn't be anything. Certainly nothing deliberate. The requests should be identical. If you compare the requests with --dump-http-traffic can you see any differences? Also use tcpdump to capture the traffic on the wire, and we'll see if there's any unexpected difference in the TLS negotiation. When your single process repeats the connection, is it coming from the same local port number? -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5691 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20151222/8530d521/attachment.bin>
