Option Protocol gp (Palo Alto GlobalProtect) missing on nmcli

Status changed to 'Confirmed' because the bug affects multiple users.

Apparently, version 1.2.6 has GP support, but Ubuntu still has version 1.2.4. It would be nice to bump the package version.

https://gitlab.gnome.org/GNOME/NetworkManager-openconnect/blob/master/NEWS

In development branch, in Ubuntu 20.04, now it has version 1.2.4. I think same as denilsonsa, it would be nice to update to 1.2.6 version. Is There another way to request this?

The following 2 patches we have in Debian can be added on 1.2.4 to support GP:

https://salsa.debian.org/debian/network-manager-openconnect/-/raw/master/debian/patches/0001-PAN-GlobalProtect-pass-gp-protocol-to-openconnect.patch
https://salsa.debian.org/debian/network-manager-openconnect/-/raw/master/debian/patches/0002-PAN-GlobalProtect-Add-gp-to-supported-protocols-list.patch

It would be really great if they could be picked up in time for 20.04, so that it can ship with support for GP. We use it at work in Microsoft and Ubuntu users rely on this.

Thanks!

The Debian version in experimental, 1.2.4-3, has the two patches mentioned in the previous comment that fix the issue for me.

Rather than the hard-coded GP support, it would be better to merge the
later fix which just gets the list of protocols directly from
libopenconnect.

That would be even better, but as far as I understand also requires a new version of openconnect itself. Personally I'd be happy with just the hard-coded solution, as it solves the immediate problem of the VPN not being usable at all, but if the full work could be done for 20.04 that would be of course much better.

Debian Unstable now has the patch to enable gp via nmcli. It also has all the patches that were added downstream on Ubuntu in 19.10 and 20.04.

I verified the old fixes (and update maintainers)
+git_certkey_export.patch
+git_reported_os.patch
+git_sigint_disconnect.patch
+git_can_persist.patch
+git_tpm2_key.patch
+git_password_config.patch

Cross comparing:
network-manager-openconnect_1.2.4-2ubuntu1.dsc
network-manager-openconnect_1.2.4-2.dsc
network-manager-openconnect_1.2.4-4.dsc

Verified that all changes are in.
They are plus new fixes but no features that bother the Feature Freeze.

One confusing bit was git_sigint_disconnect.patch, but there the patch didn't just get polished but now appears as debian/patches/0003-service-use-SIGINT-to-stop-openconnect-on-disconnect.patch

Ack, this suffice as a fix-only update that should be synced

This bug was fixed in the package network-manager-openconnect - 1.2.4-4

---------------
network-manager-openconnect (1.2.4-4) unstable; urgency=medium

  * Add myself to Uploaders.
  * Bump Standards-Version to 4.5.0, no changes.
  * Use https in d/control, d/copyright and d/watch.
  * Set Rules-Requires-Root: no.
  * Import patches shipped by Ubuntu 19.10 and 20.04.
  * Reformat patches imported from Ubuntu to follow DEP-3.

 -- Luca Boccassi <email address hidden> Thu, 12 Mar 2020 20:16:34 +0000

network-manager-openconnect (1.2.4-3) experimental; urgency=medium

  [ Luca Boccassi ]
  * Cherry-pick patches to support GlobalProtect (Closes: #925081)
  * Cherry-pick patch to use SIGINT rather than SIGTERM (Closes: #820892)

 -- Mike Miller <email address hidden> Mon, 06 May 2019 16:39:10 -0700

The sync happened and is in, but didn't pass proposed migration yet.
=> https://launchpad.net/ubuntu/+source/network-manager-openconnect/1.2.4-4

git_sigint_disconnect.patch and debian/patches/0003-service-use-SIGINT-to-stop-openconnect-on-disconnect.patch are the same, both distros backported the same fix independently at the same time. In the Debian repo the latter was there first, so I dropped the one from the Ubuntu package. Patch is the exactly the same.

Thanks!

Fixed in Ubuntu 20.04 in version 1.2.6-1.