On Sun, 2016-02-21 at 14:08 -0500, Ian Turner wrote: > I was thinking of putting some work in to get Juniper mode working with > NetworkManager, That would be *excellent*. Thanks in anticipation! > and also fixing some other OpenConnect/NetworkManager > issues (for example, currently user specified ipv4 configuration is > ignored). Hm, do you have a bug number for the that one? I personally run a NetworkManager configuration which eschews the server-provided IPv4 configuration (a full tunnel with the default route) and sets up a bunch of explicit routes for a split tunnel. It works fine. > Before I begin, I thought to ask some questions: > * Is anyone else working with this feature set? > * Is there a development branch someplace that I should patch against? > * Anything else I should know before getting started? I'd been vaguely intending to work on Juniper, but that's not the same thing as actually doing so. If you look at the latest commit in the git tree (9da02cb356ab) it is a *step* in the right direction. Currently, the OpenConnect handling of Juniper's HTML auth forms is a horribly limited hack. It has special cases to recognise the simplest templates that Juniper ships, and turn them into the 'struct oc_auth_form' that it can pass up to the NetworkManager UI to be filled in by the user. We need to kill that, and actually pass up the HTML form to be rendered by GtkWebKit (or whatever the UI wants to use). I envision a callback *similar* to process_auth_form() which takes the HTML. Other than that, enabling Juniper for NM is *relatively* simple. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5691 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20160221/1035d74f/attachment.bin>
