Comment 0 for bug 1655279

The Juniper protocol lacks a .vpn_close_session function; without logout, the
VPN cookie remains active and can be used to restart the session from an unrelated computer.

This is a security hazard, especially when passing around OpenConnect logs on the
mailing list for development and troubleshooting.

Patch is straightforward: http://lists.infradead.org/pipermail/openconnect-devel/2017-January/004161.html

(Ubuntu 16.04.1 LTS, openconnect v7.06)