Bug 282282 - Openconnect VPN connections only work once
Summary: Openconnect VPN connections only work once
Status: RESOLVED FIXED
Alias: None
Product: Network Management
Classification: Miscellaneous
Component: Control Module (show other bugs)
Version: unspecified
Platform: Fedora RPMs Linux
: NOR normal
Target Milestone: ---
Assignee: Ilia Kats
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-09-18 14:16 UTC by Volker Fröhlich
Modified: 2011-09-19 20:46 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Volker Fröhlich 2011-09-18 14:16:18 UTC
Version:           unspecified (using Devel) 
OS:                Linux

Each Openconnect VPN connection only works once. A cookie is stored in the connection file that causes the problem. Removing the cookie entry helps, but I can't see how to know that in the first place or set it via the GUI.

Reproducible: Didn't try

Steps to Reproduce:
- Create a new Openconnect connection
- Connect
- Fill out form
- ** Works fine **
- Disconnect

Actual Results:  
- Try to connect again
- ** Doesn't work **

Expected Results:  
- Should connect again or at least show something useful

When you create a new connection, the configuration file looks like this, before you connect for the first time:

-----------------------

[connection]
id=vpnconn
uuid=e85d80d8-b4f3-4179-9923-ef18dc3166ee
type=vpn
permissions=user:volker:;
autoconnect=false

[vpn]
service-type=org.freedesktop.NetworkManager.openconnect
gateway=vpn.meduniwien.ac.at
pem_passphrase_fsid=no
enable_csd_trojan=no

[ipv6]
method=ignore

[ipv4]
method=auto

-----------------------

After the first connection, it looks like that:

-----------------------

[connection]
id=vpnconn
uuid=e85d80d8-b4f3-4179-9923-ef18dc3166ee
type=vpn
permissions=user:volker:;
autoconnect=false

[vpn]
service-type=org.freedesktop.NetworkManager.openconnect
gateway=vpn.meduniwien.ac.at
pem_passphrase_fsid=no
enable_csd_trojan=no

[vpn-secrets]
cookie=<some_hash>
autoconnect=no
form:main:group_list=muwvpntunnelODG
form:main:username=vfroeh82
gwcert=<some_hash>
gateway=vpn.meduniwien.ac.at:443
lasthost=vpn.meduniwien.ac.at

[ipv6]
method=ignore

[ipv4]
method=auto

-----------------------

It stores a cookie. With this cookie present, you can't connect. The messages log shows, you get a 401.

- If you remove the cookie, the connection will work again one time
- If you add "cookie-flags=2" to the vpn section, it works
- If you add "cookie-flags=2" in the first place, you never get a cookie entry

I don't know where I originally had the cookie-flags setting from, but I had it in one of my older connection files. Nevertheless, snapshot 20110828 and 20110907 both seem to have this problem. I can't find anything in the GUI to control the cookie behaviour.
Comment 1 Volker Fröhlich 2011-09-18 14:17:20 UTC
"Reproducible" should be "every time".
Comment 2 Ilia Kats 2011-09-19 01:12:43 UTC
Git commit bbc125ac46cf0aac2ae7e993fd48dd90af48a5c4 by Ilia Kats.
Committed on 19/09/2011 at 03:11.
Pushed by iliakats into branch 'nm09'.

mark some OpenConnect secrets as NotSaved, since they are changing every
session.

BUG: 282282

M  +1    -1    plasma_nm_version.h
M  +5    -0    vpnplugins/openconnect/openconnectwidget.cpp

http://commits.kde.org/networkmanagement/bbc125ac46cf0aac2ae7e993fd48dd90af48a5c4
Comment 3 Kevin Kofler 2011-09-19 09:58:40 UTC
Thanks Ilia!

Volker, please try kde-plasma-networkmanagement-0.9-0.59.20110919git.nm09.fc15:
http://koji.fedoraproject.org/koji/buildinfo?buildID=264147
Comment 4 Volker Fröhlich 2011-09-19 20:46:04 UTC
Works fine for me now, thank you!