On Mon, Apr 20, 2020 at 7:20 PM The Wanderer <wanderer@xxxxxxxxxxx> wrote: > If no difference is made, then barring any further lightbulbs, I'll bite > the bullet and bisect. I think this is a promising lead, though, and I > do thank you for investigating this far. Sounds good. I am very cautiously optimistic that running with the hipreport.sh script specified will fix it, and if that's the case then I am very confident that the patch will make OpenConnect do the Right Thing even when no HIP script is specified. And apparently the Right Thing is to ask the server a question where we already know the answer, over and over and over… As we've both observed, whatever is going on here… it is a maddeningly difficult thing to track down, since a behavioral difference can only be observed after waiting for 3 hours. “Faking” a rekey prior to [whatever thing is expiring after 3 hours] probably does nothing at all. -Dan _______________________________________________ openconnect-devel mailing list openconnect-devel@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/openconnect-devel
