Bug#708928: regression from 3.20-4: cannot connect to some gateways
Package: openconnect Version: 4.99-2 Severity: grave Tags: upstream Hello, I'm no longer able to connect to the gateway (which address I can't reveal) with 4.99-2 while it was possible with 3.20-4 shipped in wheezy (downgrading to that version in current sid helps as well). Currently I get: # openconnect -v https://gwaddress.example.com/ Attempting to connect to server xx.xx.xx.xx:443 SSL negotiation with gwaddress.example.com Connected to HTTPS on gwaddress.example.com POST https://gwaddress.example.com/ Failed to read from SSL socket: A TLS packet with unexpected length was received. Error fetching HTTPS response GET https://gwaddress.example.com/ Failed to write to SSL socket: The specified session has been invalidated for some reason. Failed to obtain WebVPN cookie I.e. I even don't get to the phase where I should enter username/password. On the contrary, with 3.20 I get: # openconnect -v https://gwadddress.example.com/ Attempting to connect to xx.xxx.xx.xx:443 SSL negotiation with gwadddress.example.com Matched DNS altname 'gwadddress.example.com' Connected to HTTPS on gwadddress.example.com GET https://gwadddress.example.com/ Got HTTP response: HTTP/1.1 303 See Other Content-Type: text/html Content-Length: 0 Location: https://gwadddress.example.com:443/webvpn.html Set-Cookie: webvpncontext=00@webvpn; path=/ Connection: Keep-Alive HTTP body length: (0) GET https://gwadddress.example.com/webvpn.html Got HTTP response: HTTP/1.1 200 OK Cache-Control: max-age=0 Content-Type: text/html Set-Cookie: webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/ Set-Cookie: webvpncontext=00@webvpn; path=/ X-Transcend-Version: 1 Content-Length: 473 Connection: close HTTP body length: (473) Fixed options give Please enter your username and password. USERNAME: What is more, I tested 5.00 and saw no improvement. P.S. I know this bug is lacking information but I will try to provide something more definitive later. Feel free to ask. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (110, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.8-1-amd64 (SMP w/4 CPU cores) Locale: LANG=lt_LT.UTF-8, LC_CTYPE=lt_LT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openconnect depends on: ii libc62.17-3 ii libgnutls26 2.12.23-4 ii liboath0 2.0.2-2 ii libopenconnect2 5.00-0mdx1 ii libproxy00.3.1-6 ii libssl1.0.0 1.0.1e-2 ii libxml2 2.8.0+dfsg1-7+nmu1 ii vpnc-scripts 0.1~git20120602-2 ii zlib1g 1:1.2.8.dfsg-1 openconnect recommends no packages. openconnect suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#708928: regression from 3.20-4: cannot connect to some gateways
Hello, Sekmadienis 19 Gegužė 2013 16:01:24 Modestas Vainius rašė: I'm no longer able to connect to the gateway (which address I can't reveal) with 4.99-2 while it was possible with 3.20-4 shipped in wheezy (downgrading to that version in current sid helps as well). Currently I get: # openconnect -v https://gwaddress.example.com/ Attempting to connect to server xx.xx.xx.xx:443 SSL negotiation with gwaddress.example.com Connected to HTTPS on gwaddress.example.com POST https://gwaddress.example.com/ Failed to read from SSL socket: A TLS packet with unexpected length was received. Error fetching HTTPS response GET https://gwaddress.example.com/ Failed to write to SSL socket: The specified session has been invalidated for some reason. Failed to obtain WebVPN cookie I.e. I even don't get to the phase where I should enter username/password. more info: I have built 5.00 against OpenSSL. That didn't help either: # openconnect --no-cert-check -v https://gwaddress.example.com/ Attempting to connect to server xx.xx.xx.xx:443 SSL negotiation with gwaddress.example.com Matched DNS altname 'gwaddress.example.com' Connected to HTTPS on gwaddress.example.com POST https://gwaddress.example.com/ Failed to read from SSL socket Error fetching HTTPS response GET https://gwaddress.example.com/ Failed to read from SSL socket Error fetching HTTPS response Failed to obtain WebVPN cookie So it seems to be a bug in the codebase rather than GnuTLS issue. signature.asc Description: This is a digitally signed message part.
Bug#708928: regression from 3.20-4: cannot connect to some gateways
Control: severity -1 important On Sun, May 19, 2013 at 9:01 AM, Modestas Vainius wrote: I'm no longer able to connect to the gateway (which address I can't reveal) with 4.99-2 while it was possible with 3.20-4 shipped in wheezy [...] What is more, I tested 5.00 and saw no improvement. Hi, thanks for your detailed report and logs. Can you try 4.07 [1] or other 4.x versions to help narrow this down? Make sure you keep the openconnect and libopenconnect2 packages in sync as you are testing. I only mention because I see ii libopenconnect2 5.00-0mdx1 in your package list. [1] http://snapshot.debian.org/package/openconnect/4.07-1/ -- mike -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#708928: regression from 3.20-4: cannot connect to some gateways
Processing control commands: severity -1 important Bug #708928 [openconnect] regression from 3.20-4: cannot connect to some gateways Severity set to 'important' from 'grave' -- 708928: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=708928 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org