On Wed, Dec 26, 2018 at 3:02 AM Adam Mercer <ramercer at gmail.com> wrote: > > Hi > > Work have recently switched to a GlobalProtect VPN so in order to > connect from Linux I've need to build the client from git. I cloned > the repository, built and was unable to connect to the VPN, it would > fail with: > > ram:~/ $ sudo openconnect --protocol=gp --user=<username> <vpn-url> > Failed to obtain WebVPN cookie > ram:~/ $ > > A colleague had built the client a while ago, from revision > 02dfe03955a12b873aa7bad836fa9ed1c1a76dbd, and had no problems > connecting. I checked out that same version and was able to connect > using the client built from that. I bisected the tree using > 02dfe03955a12b873aa7bad836fa9ed1c1a76dbd as a good revision and HEAD > as bad. Rebuilding, and testing at each step. This gave the bad commit > as: > > commit f08767d9644029bd3ac0e83bf160a7bf03a5c8de > Author: David Woodhouse <dwmw2 at infradead.org> > Date: Fri Dec 21 22:03:48 2018 +0000 > > Clear TCG TSS2 auth passwords on free > > Signed-off-by: David Woodhouse <dwmw2 at infradead.org> > > :100644 100644 b0bdd9bd093960a3eae7ce5808b6710d1c2f2abb > b86440e288051e1897ddd5a9a6a85961bae0965e M auth-common.c > :100644 100644 61f0fbe86d6e67088f3cbf99ed8332fd3ee2dee2 > 399369d7aa46db341375f26c586fa4ef0ddfcf0c M auth-globalprotect.c > :100644 100644 e848319db7549e188121eb9ea9c1e86391331aac > 0a6bc4375e2bcc7d48e7e92e4b27dffdb3748cc7 M gnutls_tpm2_esys.c > :100644 100644 ecaaba1c30d6122f36743ab64f2ba2c2fec24895 > f9a89e4168e3cdebd2cf9eac464ad08cb5ee55be M openconnect-internal.h > > If I revert this is my local checkout of master then I am able to > connect so it seems that the above commit introduces this problem. > > Cheers > > Adam > > _______________________________________________ > openconnect-devel mailing list > openconnect-devel at lists.infradead.org > http://lists.infradead.org/mailman/listinfo/openconnect-devel Good sleuthing. In the commit you bisected to, f08767d9644029bd3ac0e83bf160a7bf03a5c8de, the return value of asprintf() isn't being checked correctly. I've submitted a MR to fix this: https://gitlab.com/openconnect/openconnect/merge_requests/22 (ping David!) The same bug was also reported to Ubuntu: https://bugs.launchpad.net/bugs/1809839 Thanks, Dan
