[Bug 1649227] Re: TPM support
This bug was fixed in the package openconnect - 7.08-1 --- openconnect (7.08-1) unstable; urgency=medium * New upstream version 7.08 - Fix MTU detection (Closes: #847135) * d/libopenconnect5.{shlibs,symbols}: Update for new release * d/p/juniper-content-length.patch: Drop, applied upstream * d/p/fix-tests-shell-syntax.patch: Fix test suite shell bashisms * d/p/softhsm2-module-workaround.patch: Hard-code Debian location of libsofthsm2.so * d/control: - Add Build-Depends: libsocket-wrapper, libuid-wrapper, ocserv, openssl, and softhsm2 for test suite - Add Build-Depends: libpcsclite-dev to enable Yubikey support (LP: #1649227) - Add Build-Depends: dpkg-dev (>= 1.17.14) for build profiles support - Drop obsolete Build-Depends: liboath-dev - Reorder fields according to "cme fix dpkg-control" * Bump debhelper compatibility level to 10 * Drop explicit dependency on dh-autoreconf and disabling silent rules, now enabled by default -- Mike MillerSat, 24 Dec 2016 10:50:15 -0800 ** Changed in: openconnect (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1649227 Title: TPM support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/1649227/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1649227] Re: TPM support
We do build with GSSAPI (as of 7.07-1), but I don't see any direct dependency from Kerberos to OpenSSL on Debian or Ubuntu systems, only if the (non-default) krb5-k5tls or krb5-pkinit plugins are installed. So yeah, for now 7.08-1 will have Yubikey but still no TPM support. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1649227 Title: TPM support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/1649227/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1649227] Re: TPM support
Isn't that true of Kerberos too? Or do you not build with GSSAPI support either? I really ought to add that to 'openconnect --version' output. Perhaps when addressing the OpenSSL 1.1 build problems, we could port it to GnuTLS instead? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1649227 Title: TPM support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/1649227/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1649227] Re: TPM support
Yubikey support is enabled in the packaging repo, will be in the next release, either 7.07-3 or 7.08-1, whichever comes first. https://anonscm.debian.org/cgit/collab- maint/openconnect.git/commit/?id=0649b9a1e1cbc3965a8847ff0c90653c1f3c4b9c ** Changed in: openconnect (Ubuntu) Status: Confirmed => In Progress ** Changed in: openconnect (Ubuntu) Assignee: (unassigned) => Mike Miller (mtmiller) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1649227 Title: TPM support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/1649227/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1649227] Re: TPM support
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: openconnect (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1649227 Title: TPM support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/1649227/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1649227] Re: TPM support
I can certainly build with libpcsclite for Yubikey support. Correct me if I'm wrong, but it looks to me like libtspi links with libssl, so we'd want to avoid linking that into libopenconnect. Moreover, there is some OpenSSL 1.0 → 1.1 transition trouble at the moment, and the state of libtspi in Debian looks a little unstable at this point, so I'd rather avoid adding a dependency on it this close to the freeze. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1649227 Title: TPM support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/1649227/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs