On Mon, 2013-05-20 at 11:40 +0300, Modestas Vainius wrote: > It appears VPN is behind firewall which does IP filtering of some sort > hence it is not publically accessible. > > Is there anything else I can do? Would capturing the whole gateway<- > >openconnect conversation at protocol level (SSL-decryted obviously) > help?
That's basically what I'd be trying to do, and then trying to work out what we're doing wrong. In http.c, in do_https_request() can you print the contents of 'buf->data' immediately before the call to openconnect_SSL_write() at about line 880, and also print the contents of 'form_buf' immediately after the call to process_http_response() a few lines down? I don't think there should be any sensitive information in there (it's all before any authentication, of course), but do give it a quick look before sending it. -- dwmw2
smime.p7s
Description: S/MIME cryptographic signature