Hi Dan. Thanks for picking this up and improving it. I'm all in favor of adding these configuration options. Those who don't need them are fine with the defaults and don't care. And those who might run into a VPN headend which otherwise would deny access will appreciate having the option.
Thanks, -ralph > On May 5, 2020, at 19:50, Daniel Lenski <[email protected]> wrote: > > Ralph, > You may be interested in > https://gitlab.com/openconnect/openconnect/-/merge_requests/103 > > I'm proposing this as a more general-purpose replacement for the > `openconnect_set_mobile_info` API function that you created a while > back, to accommodate various little bits of host- and VPN-specific > identifying information in a more flexible and maintainable way. > > -Dan > > > On Sat, Apr 25, 2020 at 5:24 PM Daniel Lenski <[email protected]> wrote: >> >> On Thu, Apr 23, 2020, 10:27 PM Ralph Schmieder >> <[email protected]> wrote: >>> >>> Because there’s always IT departments in large corporations who have silly >>> (in the eye of the beholder) rules and work-inhibiting standards and >>> policies. >>> >>> Say: can’t do split tunneling. Must use client X. Must run on THIS >>> hardware. There is no argument allowed. Either take it or leave it. So some >>> people will get creative. >> >> Oh definitely. I butted heads with a number of them while I was a >> consultant in 2015-20. That's pretty much how I got involved with >> OpenConnect in the first place: out of necessity and frustration. >> >> I can't say that I ever ran into a VPN which refused to work if I >> didn't spoof the exact device ID of another computer though. Ugh. >> >> Dan _______________________________________________ openconnect-devel mailing list [email protected] http://lists.infradead.org/mailman/listinfo/openconnect-devel
