OpenConnect Clients And Companies Using OpenConnect

2018-03-07 Thread Martin Hennrich
Hi, do you have a list somewhere where the companies using OpenConnect are listed? For example, TorGuard supports OpenConnect and that is extremely amazing and wonderful. Do you have other examples? If you do not have a list yet, maybe it would suit the wiki

Re: [PATCH 2/5] add PAN GlobalProtect protocol support (HTTPS tunnel only)

2018-03-07 Thread David Woodhouse
On Wed, 2018-03-07 at 10:01 +0200, Daniel Lenski wrote: > What do you prefer? Refactoring the two versions of xmlnode_get_text() > down to a single function, renaming the gpst.c version, something > else…? Don't know... one option is to ditch it entirely. Some of those cases where you're just

Re: [PATCH 2/5] add PAN GlobalProtect protocol support (HTTPS tunnel only)

2018-03-07 Thread David Woodhouse
On Wed, 2018-03-07 at 09:34 +, David Woodhouse wrote: > > Maybe we should pass the xmlNode into add_option() not a string? Then > it's nice and simple. And more xmlnode_get_text() invocations can turn > into simple xmlnode_is_named()? The above code becomes > > for (xml_node =

Re: [PATCH 2/5] add PAN GlobalProtect protocol support (HTTPS tunnel only)

2018-03-07 Thread Daniel Lenski
On Tue, Mar 6, 2018 at 11:40 AM, David Woodhouse wrote: > Thanks for tidying this up. Pushed to my gpst branch with one fixup so > far, still reading through... > > On Sun, 2018-03-04 at 11:31 +0200, Daniel Lenski wrote: >> >> +/* similar to auth.c's xmlnode_get_text,

Re: [PATCH 2/5] add PAN GlobalProtect protocol support (HTTPS tunnel only)

2018-03-07 Thread Daniel Lenski
Here is a small patch to fix the comment on add_option… diff --git a/gpst.c b/gpst.c index 85987b2..1d5c748 100644 --- a/gpst.c +++ b/gpst.c @@ -84,11 +84,10 @@ static int xmlnode_get_text(xmlNode *xml_node, const char *name, char **var) return 0; } -/* We behave like CSTP — create a

[PATCH to fix my PATCH 2/5] fix a bug by which a malicious "GlobalProtect JavaScript mess" could cause a buffer overflow

2018-03-07 Thread Daniel Lenski
David Woodhouse wrote: > > Daniel Lenski wrote: > > > > Also, in parse_javascript(), consider an input line which looks like: > > > >var respMsg = ";\n > > > > When you set '*prompt = strndup(start, end-start-2); > > > > ... what is the value of 'end-start-2'? > Signed-off-by: Daniel Lenski