Update nmcli/nmtui authentication for OpenConnect (!1625) · Merge requests · NetworkManager / NetworkManager

David Woodhouse requested to merge dwmw2/NetworkManager:openconnect-cli into main May 10, 2023

Since OpenConnect 8.20, 'openconnect --authenticate' will return the full gateway URL, including the hostname and the path. This allows servers behind SNI-based proxies to work. To ensure we end up at the same IP address even behind round-robin DNS, there is a separate --resolve argument.

Update nmcli/nmtui to use this, as NetworkManager-openconnect does.

Also consolidate some of the duplicated logic in nmtui/nmcli into the nm_vpn_openconnect_authenticate_helper() function and fix non-AnyConnect support as well as a bunch of other missing config options which were being ignored.

Finally, make nmtui connect if openconnect returns the secrets, instead of still presenting a dialog to the user.

Edited May 11, 2023 by David Woodhouse

Update nmcli/nmtui authentication for OpenConnect

Merge request reports