© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
I don't know if this should be a separate ticket, but I also have a confirmed case where --no-xmlpost corrects the problem. I need to specify --authgroup XXX where XXX is NOT one of the valid options listed in the response from the sever. The server probably shouldn't be setup that way, but it's not under my control. :-( By looking at the code in auth.c, it appears that the user supplied authgroup is now validated against the list returned from the server as part of the xmlpost code. Adding --no-xmlpost corrects the problem because there's no list to validate against. I propose as a fix that when specified explicitly, that openconnect attempt to use the specifed authgroup value before rejecting it as invalid.
The problem appeared during an Ubuntu 13.04 to 13.10 upgrade.
The version of openconnect requiring the --no-xmlpost option is:
OpenConnect version v5.01
Using GnuTLS. Features present: PKCS#11, TOTP software token, DTLS (using OpenSSL)