Description of problem: I have been using OpenConnect to connect my company's ASA VPN server for a while. However, after it is upgraded to 2.20 recently, it stopped working. When I tried to connect, it just hung after it finished SSL negotiation. I was not even prompted for user name and password. Version-Release number of selected component (if applicable): openconnect 2.20 How reproducible: The problem is consistent, as far as I can tell. Steps to Reproduce: 1. Open NetworkManager, select VPN connection 2. Select the server I need connect to. 3. Actual results: It just hung. According to the log, it found the server and finished SSL negotiation. Expected results: I would b e prompted for username and password. Additional info: I down graded openconnect to 2.12 and it started working again.
Eep. Sorry about that. You forgot to tell me the address of your VPN server, but thankfully Google provided that information. I was about to go down a rathole looking for problems in the UI code, but actually the problem is elsewhere -- it just fails on the initial connection even when you use openconnect on the command line. The first response from the server is an HTTP redirect -- and in your case it looks like that's an HTTP 1.0 response not HTTP 1.1. And it looks like this commit was broken: http://git.infradead.org/users/dwmw2/openconnect.git/commitdiff/7733c517 The code is now waiting for the HTTP server to send the response body and then close the connection -- but the HTTP server actually sent 'Connection: Keep-Alive' and 'Content-Length: 0' headers and _doesn't_ close the connection. So openconnect waits for ever. It needs to be fixed to realise the HTTP 1.0 servers can use the Content-Length: header too. I've committed a fix for that and will do a little more testing, then make a new release. Thanks for the bug report, and sorry for the inconvenience.
Please could you test the build at http://koji.fedoraproject.org/koji/taskinfo?taskID=1911084
Sorry, I forgot to include the info about my VPN server. I will be more inclusive in the future. The new build fixed my problem. Thanks.
Hi David, I need the same patch for F11 as well. Can you send the link for the patch, src RPM or F11 x86_64 RPM? Thanks again for the quick fix.
The source RPM for the scratch build in comment #2 will rebuild on F-11. Koji hides the source packages with the PPC binary packages for some reason -- you can find it if you follow the 'ppc' buildarch link from the above-linked scratch build, to http://koji.fedoraproject.org/koji/taskinfo?taskID=1911085 Alternatively, the patch is in the git tree which I linked to above. To make it apply cleanly, you'll want to apply the previous commit (the one about case sensitivity) too.
Thanks. Both my F12 and F11 are working properly now.
openconnect-2.21-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
openconnect-2.21-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.