On Fri, Mar 4, 2022 at 6:25 AM Eveno, Manuel <mev...@timwi.com> wrote: > Trying to build openconnect 8.20 on ubuntu 20
What is "ubuntu 20"? I assume you mean 20.04 / focal? Running `lsb_release -a` should clarify. > I need to test the fortinet protocol. > I'm trying to build openconnect for the downloaded package. > > But when running the "make" command it fails on tests. > > <snip> > > $ cat openconnect-8.20/tests/test-suite.log > ------------- Output : -------------------- > FAIL: bad_dtls_test 1. If you just want to *use* OpenConnect with a Fortinet VPN, then this failing test result does not matter. This particular test exists only to verify that the "ekstra speshul" weird/broken/non-standard/pre-1.0 version of DTLS used by old **Cisco AnyConnect** VPNs is working correctly. Linux distributions and crypto libraries keep forgetting that this version of DTLS is sadly still needed, so they frequently break it. And we have to figure out who to ask to get the libraries fixed. 😔 This is not used at all when connecting to Fortinet VPNs, so you can Just Ignore It. 2. If you want a fully-working build of OpenConnect that *can* work with old Cisco VPNs, in addition to Fortinet VPNs, then you should build again GnuTLS rather than OpenSSL (`sudo apt install libgnutls28-dev`). While OpenConnect can use either OpenSSL or GnuTLS, we collaborate more closely with the GnuTLS developers than the OpenSSL ones, so we run into fewer problems like this with GnuTLS ☺ Dan _______________________________________________ openconnect-devel mailing list openconnect-devel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/openconnect-devel
