Hi David, Apologies, I was working with Daniel Lenski in the other thread (titled VPN seems to connect but fails to get a response from the peer). All the best, Adam On Tue, Dec 3, 2019 at 3:43 PM Adam Allgood <avram.meir@xxxxxxxxx> wrote: > > Hi David, > > On Tue, Dec 3, 2019 at 2:44 PM David Woodhouse <dwmw2@xxxxxxxxxxxxx> wrote: > > > > Why are you building against OpenSSL? If you build against GnuTLS it > > should work. > > PKCS#11 does indeed work when built with GnuTLS. However, I am > continuing to work on the lack of communication after connection > problem discussed in a different thread on this listserv. I showed the > logs to a Linux SA at my office, and the only thing he saw was that > the cyphersuite used was old. I thought that OpenSSL might provide > newer or at least different cyphersuites. > > In the other thread we discussed capturing the HTTPS traffic with MITM > proxy to see what's different between the connection with AnyConnect > on Windows and OpenConnect in my Linux chroot, but I do not have a > Windows device at home to test, and the SA gave me a funny look when I > mentioned MITM while testing my connection on a work laptop. So > unfortunately I'm left with throwing darts in the dark. > > > I suspect you are suffering the fact that Ubuntu has a known-broken > > version (0.4.7) of libp11. > > I will look into this, thank you. > > Adam _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
