service: include --csd-wrapper script in openconnect arguments (!2) · Merge requests · GNOME / NetworkManager-openconnect

Daniel Lenski requested to merge dlenski/NetworkManager-openconnect:connection_phase_csd into main Jun 06, 2018

This is needed to fully support the GlobalProtect protocol, as implemented in current openconnect master. Ping @dwmw2.

At least one protocol (GlobalProtect) requires the security checker ("CSD") script to be invoked during the tunnel/connection phase, rather than the authentication phase, because the access-enabling mechanism depends on knowing the IP address(es) of the client in the internal network. See check_or_submit_hip_report() in cstp.c in OpenConnect.

Edited Mar 11, 2022 by Lubomir Rintel

service: include --csd-wrapper script in openconnect arguments

Merge request reports