On Fri, Nov 04, 2016 at 14:02:28 -0500, Brent S. Elmer Ph.D. wrote: > I have found a fix thanks to Tibor Boesze. He fixed an older version > of Ubuntu so I applied the fix to debian. The only change is in > /auth-dialog/main.c. > > @@ -997,6 +997,7 @@ static int get_config (GHashTable *optio > if (csd_wrapper && !csd_wrapper[0]) > csd_wrapper = NULL; > > + openconnect_set_xmlpost(vpninfo, 0); > openconnect_setup_csd(vpninfo, getuid(), 1, OC3DUP > (csd_wrapper)); > } > > > His comments were > * Do not attempt to post XML authentication requests when a cds > wrapper is configured. > > I have never made a patch before but I tried. I will attach my attempt > at a patch. > > Once I make the small change, network-manager-openconnect connects to > my vpn. > > I am guessing that the change above is doing what > --no-xmlpost is doing in the openconnect command line connection that > works.
Right. But this is not a general solution that can be applied to the package for everyone. The openconnect man page describes the --no-xmlpost as a fallback option. IOW you should not have to use this setting at all. If you need it to connect to your gateway, there may be some compatibility problem that needs to be fixed. Can you report this upstream and help come up with a better fix that works for you? See /usr/share/doc/openconnect/html/mail.html. Otherwise all I can do is close this as won't fix, because making nm-openconnect use --no-xmlpost is not a solution. -- mike