https://bugs.kde.org/show_bug.cgi?id=439612
Bug ID: 439612 Summary: Applet does not prompt for login when connecting to GlobalProtect VPN Product: plasma-nm Version: 5.21.5 Platform: Archlinux Packages OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: general Assignee: jgrul...@redhat.com Reporter: mason2...@gmail.com Target Milestone: --- Created attachment 139926 --> https://bugs.kde.org/attachment.cgi?id=139926&action=edit Screenshot of kdialog missing the username and password fields SUMMARY When connecting to a global protect vpn via the plasma-nm applet, the auth dialog appears, but does not have fields for username and password. If the connect button next to the selected gateway is pressed, an error appears stating 'Unexpected 200 result'. I've done some debugging, and it appears that the problem is that Network Manager (verified with nmcli) does not run the authenticate step of openconnect and just asks for the gateway, certificate, and cookie (the results of an openconnect --authenticate command). I'm not sure if this would be considered a Network Manager bug, but I think that the plasma applet should account for this to insulate the user from the technical login process, even if network manager and nmcli are not user-friendly. Note that I am able to connect to the vpn using a script (see ADDITIONAL INFORMATION), so the openconnect system is working. The problem is that the applet (and nmcli) do not perform the intermediate authentication steps that the user shouldn't have to worry about. STEPS TO REPRODUCE 1. Install plasma-nm 5.21.5-1, networkmanager-openconnect 1.2.7, and networkmanager 1.30.4-3 (these are the current versions in a Manjaro system) 2. Add a vpn connection via the plasma network settings, set to globalprotect 3. Attempt to connect to the new vpn connection OBSERVED RESULT The authentication dialog appears with no fields for username and password EXPECTED RESULT The authentication dialog should have fields to enter a username and password, to be passed to the command `openconnect --authenticate`, whose output would be passed to network manager SOFTWARE/OS VERSIONS Manjaro Linux 5.10.42-1-MANJARO KDE Plasma Version: 5.21.5 KDE Frameworks Version: 5.82.0 Qt Version: 5.15.2 ADDITIONAL INFORMATION The following script properly connects to the vpn as expected: #!/usr/bin/env bash tmp=$(mktemp) chmod 600 "$tmp" eval "$(ksshaskpass | openconnect --protocol=gp --authenticate --user=me vpn.domain --passwd-on-stdin)" cat <<EOF > "$tmp" vpn.secrets.cookie:$COOKIE vpn.secrets.gwcert:$FINGERPRINT vpn.secrets.gateway:$HOST EOF nmcli --ask con up connection-name passwd-file "$tmp" rm "$tmp" -- You are receiving this mail because: You are watching all bug changes.