Findings With Latest 7.07-2.el6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Forgot to mention, this is happening on a Juniper VPN.

On Wed, Jul 13, 2016 at 4:05 PM, David Woodhouse <dwmw2 at infradead.org> wrote:
> On Wed, 2016-07-13 at 14:52 -0400, Oliver Hernandez wrote:
>> Quick testing of the build at
>>
>> https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-ce3a833dca
>>
>> revealed a couple issues:
>>
>> 1. Server certificate validation no longer works using the --cafile
>> option.  OpenConnect still warns that verification failed.
>
> Hm, that's odd. Can you (offline) send me the CAs in question and the
> server address? Since it's (necessarily) public-facing it'll be
> receiving thousands of probe connections daily anyway; no harm in me
> doing one or two more to test this.
>
> What was the previous version of OpenConnect that you are comparing
> with, where this worked as expected?
>
>> 2. Not an issue really, but improved behavior: if the --cookie option
>> is used, along with the -c option to load a cert from a PKCS#11 token,
>> OpenConnect is now smart enough to know authenticating is not
>> necessary, and will ignore -c option and not prompt for a CAC PIN.
>
> Hm, I don't remember changing that but OK...
>
> --
> dwmw2



[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux