We now have support for Juniper 'Network Connect' in NetworkManager-openconnect. It is implemented as a separate top-level VPN service 'org.freedesktop.NetworkManager.openconnect.nc' as discussed at https://bugzilla.gnome.org/show_bug.cgi?id=767197 We need support for adding/configuring the VPN, and for authenticating (which is all basically the same as the existing AnyConnect support). Reproducible: Always
We did this differently in the end, but the above-referenced GNOME bug still describes it. In the short term, to just support *connecting* to a Juniper network and not necessarily *configuring* one, we mostly just need to support the NM_OPENCONNECT_KEY_PROTOCOL field and call openconnect_set_protocol() with its contents.
Does anyone plan to work on this bug? I might be interested in helping, if someone could give me some pointers where to start.
I have a working patch but it is not ready for public submission. There have been some offline discussions, to which I will subscribe you.
Git commit 05a80ff9311c0880bb08fe7a00dcda3d1f34e864 by Jan Grulich. Committed on 05/10/2016 at 19:14. Pushed by grulich into branch 'master'. Add support for Juniper Openconnect VPN REVIEW:129105 M +12 -1 editor/connectioneditor.cpp M +1 -0 vpn/openconnect/CMakeLists.txt M +1 -0 vpn/openconnect/nm-openconnect-service.h M +5 -0 vpn/openconnect/openconnectwidget.cpp A +18 -0 vpn/openconnect/plasmanetworkmanagement_openconnect_juniperui.desktop M +1 -0 vpn/openconnect/plasmanetworkmanagement_openconnectui.desktop http://commits.kde.org/plasma-nm/05a80ff9311c0880bb08fe7a00dcda3d1f34e864
Created attachment 102579 [details] 0001-Pass-protocol-type-to-Openconnect.patch
So I was trying to get this working today and it was complaining: > XML response has no "auth" node I remembered this from the CLI when I forgot to pass the --juniper argument, so I assumed the code was doing the same. Please see attached patch to pass through the protocol information from NM to OpenConnect, I've successfully used this patch to connect to a juniper endpoint. Apologies for my terrible C++.
Looks good, can you please push it? If you don't have access I can do it instead of you. Also don't forget to mention this bug in the commit message.
(In reply to Jan Grulich from comment #7) > Looks good, can you please push it? If you don't have access I can do it > instead of you. Also don't forget to mention this bug in the commit message. I dont have commit access so please push this for me, feel free to edit the commit message as you see fit.
Git commit e12f39760596efc697f84aa486c260cb5825914e by Jan Grulich, on behalf of Ian Whyman. Committed on 05/12/2016 at 09:00. Pushed by grulich into branch 'master'. Pass protocol type to openconnect M +4 -0 vpn/openconnect/openconnectauth.cpp https://commits.kde.org/plasma-nm/e12f39760596efc697f84aa486c260cb5825914e
Git commit a51e9c5c2a2c32ef8d2f354af33532cbc35bfa9e by Jan Grulich, on behalf of Ian Whyman. Committed on 05/12/2016 at 09:02. Pushed by grulich into branch 'Plasma/5.8'. Pass protocol type to openconnect M +4 -0 vpn/openconnect/openconnectauth.cpp https://commits.kde.org/plasma-nm/a51e9c5c2a2c32ef8d2f354af33532cbc35bfa9e
This creates a build failure in KDE neon http://build.neon.kde.org/job/xenial_stable_plasma_plasma-nm_bin_amd64/56/console vpn/openconnect/openconnectauth.cpp:196:18: error: ‘NM_OPENCONNECT_KEY_PROTOCOL’ was not declared in this scope if (!dataMap[NM_OPENCONNECT_KEY_PROTOCOL].isEmpty()) {
You need NetworkManager-openconnect-1.2.4 for the juniper stuff to work.
Fixed, this should not have been pushed to Plasma/5.8 branch. I didn't realize that Juniper support is only in master.
If this means the dependencies were rised, then this needs to be reverted in 5.8 branch.
(ignore last comment, I was reading an outdated conversation)
yay build works again