SUMMARY After a recent update I can't connect to a Cisco Openconnect server that I have been using. Downgrading plasma-nm to 5.14.3 allows me to connect normally again. I have login and password saved for this connection (no certificate file). When I click "Login" I see "Login failed." Under "View Log" I see this: POST https://<server ip>/ Attempting to connect to server <server ip>:443 Connected to <server ip>:443 SSL negotiation with <server ip> Server certificate verify failed: signer not found Connected to HTTPS on <server ip> Got HTTP response: HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Cache-Control: no-cache Pragma: no-cache Connection: Keep-Alive Date: Thu, 29 Nov 2018 23:42:44 GMT X-Frame-Options: SAMEORIGIN X-Aggregate-Auth: 1 HTTP body chunked (-2) XML POST enabled POST https://<server ip>/ Got HTTP response: HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Cache-Control: no-cache Pragma: no-cache Connection: Keep-Alive Date: Thu, 29 Nov 2018 23:42:47 GMT X-Frame-Options: SAMEORIGIN X-Aggregate-Auth: 1 HTTP body chunked (-2) And in the system journal: NetworkManager[511]: <error> [1543535084.6572] vpn-connection[0x56360245c100,75d78a0c-a0df-4843-986c-75517fc85a44,"<connection name>",0]: Failed to request VPN secrets #3: No agents were available for this request. SOFTWARE/OS VERSIONS Linux/KDE Plasma: KDE Plasma Version: 5.14.4 KDE Frameworks Version: 5.52.0 Qt Version: 5.11.2
Did you downgrade just plasma-nm or also other packages? There was just one change related to Openconnect in Plasma 5.14.4, it's this one [1], but I don't think this might cause your problem. You say you have password and login safed for this connection, do they get filled in the dialog when you try to connect your connection from the applet? [1] - https://cgit.kde.org/plasma-nm.git/commit/?h=Plasma/5.14&id=00d18e2d9cef69cd8066b63c2c5dc40748c8e61e
Yes, downgrading only plasma-nm is enough and I can connect again. With the latest version, login and password are filled in as usual.
Are you able to try to clone plasma-nm from here [1], checkout to "Plasma/5.14" branch and just revert latest patch, build and install it? To see if this latest change broke it for you? [1] - https://cgit.kde.org/plasma-nm.git/
Yes, looks like it works after reverting the patch above.
Did you restart kded5 after you installed plasma-nm from git? Are you sure the kded5 module from plasma-nm is installed to the correct location? I want to be sure it's this commit which causes this problem. Maybe you want to downgrade to Plasma-nm 5.14.3 to be sure you have the broken version and install the one from git to verify it's fixed.
Here's what I did specifically. 1. Installed plasma-nm 5.14.4, the broken version. Made sure it's broken. 2. Checked out the git version. 3. Reverted the patch. 4. cmake, make (in local dir). 5. sudo cp bin/libplasmanetworkmanagement_openconnectui.so /usr/lib/qt/plugins/ 6. Reboot. Made sure that it works now. To double-check: went and applied the patch again, repeated steps 4-6, it broke again.
Thanks for testing. I don't have any Openconnect server I could use for testing so it is more complicated for me to fix and verify this. I'll try to setup a local server so I can reproduce this issue and fix it properly.
Created attachment 116645 [details] Proposed patch to fix this issue Can you please try this patch? Apply it on top of Plasma/5.14 branch.
Ignore the proposed patch, I reverted the change which broke it.
Bulk transfer as requested in T17796