]> code.communitydata.science - nu-vpn-proxy.git/log
nu-vpn-proxy.git
20 months agofix issue with openssl
Benjamin Mako Hill [Wed, 19 Apr 2023 17:03:40 +0000 (10:03 -0700)]
fix issue with openssl

The scripts seem to be relying on a legacy openssl renegotiation
protocol and this allows it to continue. I don't know if this a
requirement on the NU side or a feature of these scripts but this
works around it in the shorter term.

4 years agoMerge branch 'master' of code.communitydata.science:nu-vpn-proxy into cdsc
Benjamin Mako Hill [Fri, 20 Nov 2020 01:40:23 +0000 (17:40 -0800)]
Merge branch 'master' of code.communitydata.science:nu-vpn-proxy into cdsc

4 years agodisable IPv6 (it doesn't seem to work)
Benjamin Mako Hill [Fri, 20 Nov 2020 01:39:48 +0000 (17:39 -0800)]
disable IPv6 (it doesn't seem to work)

4 years agoMinor changes to README.
Nathan TeBlunthuis [Thu, 8 Oct 2020 06:03:23 +0000 (23:03 -0700)]
Minor changes to README.

4 years agoFixing typo in connecting to kibo via SSH
Jeremy Foote [Wed, 10 Jun 2020 13:20:11 +0000 (09:20 -0400)]
Fixing typo in connecting to kibo via SSH

4 years agodocumentation bug. providing a correct path to the general vpn script in the readme.
aaronshaw [Wed, 10 Jun 2020 01:13:40 +0000 (20:13 -0500)]
documentation bug. providing a correct path to the general vpn script in the readme.

4 years agoupdated documentation with new material
Benjamin Mako Hill [Tue, 9 Jun 2020 23:13:39 +0000 (16:13 -0700)]
updated documentation with new material

4 years agoinitial version of the CDSC version of scripts
Benjamin Mako Hill [Tue, 9 Jun 2020 23:04:15 +0000 (16:04 -0700)]
initial version of the CDSC version of scripts

4 years agohave test-globalprotect-login.py suggest a new invocation of itself (gateway login...
Daniel Lenski [Wed, 13 May 2020 20:09:10 +0000 (13:09 -0700)]
have test-globalprotect-login.py suggest a new invocation of itself (gateway login) after a successful portal getconfig

Based on cookies suggested by @yuezk at https://gitlab.com/openconnect/openconnect/-/merge_requests/109

4 years agouse either PyGObject (import gi, maintained) or pgi (import pgi, old/unmaintained)
Daniel Lenski [Sun, 29 Mar 2020 16:53:03 +0000 (09:53 -0700)]
use either PyGObject (import gi, maintained) or pgi (import pgi, old/unmaintained)

ping #7

4 years agoneed to base64-decode URLs from SAML REDIRECT too
Daniel Lenski [Sun, 29 Mar 2020 16:54:13 +0000 (09:54 -0700)]
need to base64-decode URLs from SAML REDIRECT too

4 years agoI swear I know how to write Python 🤦🏻‍♂
Daniel Lenski [Mon, 23 Mar 2020 22:18:36 +0000 (15:18 -0700)]
I swear I know how to write Python 🤦🏻‍♂

4 years agominimal .travis.yml (just verifies that script can be byte-compiled)
Daniel Lenski [Mon, 23 Mar 2020 06:36:59 +0000 (23:36 -0700)]
minimal .travis.yml (just verifies that script can be byte-compiled)

4 years agowe have reports of prelogin-cookie used for portal login; don't do interface switcher...
Daniel Lenski [Mon, 23 Mar 2020 06:31:37 +0000 (23:31 -0700)]
we have reports of prelogin-cookie used for portal login; don't do interface switcheroo by default, just mention it

4 years agomake verbose=1 the default, add -q/--quiet to suppress it
Daniel Lenski [Mon, 23 Mar 2020 06:27:09 +0000 (23:27 -0700)]
make verbose=1 the default, add -q/--quiet to suppress it

4 years agoinclude clientos in output command-lines and environment variables
Daniel Lenski [Mon, 23 Mar 2020 06:19:21 +0000 (23:19 -0700)]
include clientos in output command-lines and environment variables

4 years agofix too-hurried ambiguity warnings, fix b64 encoding for SAML REDIRECT too
Daniel Lenski [Mon, 23 Mar 2020 05:46:53 +0000 (22:46 -0700)]
fix too-hurried ambiguity warnings, fix b64 encoding for SAML REDIRECT too

4 years agoinclude clientos in prelogin.esp parameters (ping #6)
Daniel Lenski [Tue, 17 Mar 2020 22:54:48 +0000 (15:54 -0700)]
include clientos in prelogin.esp parameters (ping #6)

Apparently, it affects whether the prelogin.esp response contains SAML tags
in some cases.
(see https://github.com/dlenski/gp-saml-gui/issues/6#issuecomment-599743060)

This fits in with a long line of mystifying issues caused by GlobalProtect servers
silently handling different `clientos` values in stupidly different ways.
(see https://gitlab.com/openconnect/openconnect/-/merge_requests/17)

4 years agoclarify ambiguities in destination, slightly better error messages
Daniel Lenski [Fri, 13 Mar 2020 17:54:42 +0000 (10:54 -0700)]
clarify ambiguities in destination, slightly better error messages

4 years agoassume server from which we received SAML results is the right one for final GP authe...
Daniel Lenski [Sun, 26 Jan 2020 01:05:39 +0000 (17:05 -0800)]
assume server from which we received SAML results is the right one for final GP authentication

Should fix https://gitlab.com/openconnect/openconnect/issues/97

In particular: https://gitlab.com/openconnect/openconnect/issues/97#note_276932462

4 years agoextensive cleanup, more logging
Daniel Lenski [Sun, 26 Jan 2020 00:45:35 +0000 (16:45 -0800)]
extensive cleanup, more logging

4 years agothis script should live here
Daniel Lenski [Sun, 26 Jan 2020 00:46:05 +0000 (16:46 -0800)]
this script should live here

4 years agobetter SSL error handling (especially, distinguish cert from non-cert errors)
Daniel Lenski [Fri, 24 Jan 2020 08:19:05 +0000 (00:19 -0800)]
better SSL error handling (especially, distinguish cert from non-cert errors)

4 years agoshould use shlex.quote() instead of repr()
Daniel Lenski [Fri, 24 Jan 2020 08:17:02 +0000 (00:17 -0800)]
should use shlex.quote() instead of repr()

5 years agopass along --no-verify flag to WebKit2 GUI (ping #5)
Daniel Lenski [Mon, 25 Nov 2019 20:02:23 +0000 (12:02 -0800)]
pass along --no-verify flag to WebKit2 GUI (ping #5)

5 years agoMerge pull request #4 from jasonaowen/install
Dan Lenski [Mon, 21 Oct 2019 16:43:35 +0000 (09:43 -0700)]
Merge pull request #4 from jasonaowen/install

Add installation notes

5 years agoadd requirements.txt
Daniel Lenski [Sat, 19 Oct 2019 04:20:02 +0000 (21:20 -0700)]
add requirements.txt

5 years agoAdd installation notes
Jason Owen [Sat, 19 Oct 2019 00:06:53 +0000 (17:06 -0700)]
Add installation notes

Add some instructions on how to install the dependencies needed to use
this tool.

5 years agoSAML auth isn't done until we've gotten the username and cookie headers specifically...
Daniel Lenski [Thu, 19 Sep 2019 21:01:51 +0000 (14:01 -0700)]
SAML auth isn't done until we've gotten the username and cookie headers specifically (ping #2)

5 years agoadd --external and --uri for convenient debugging/futzing purposes
Daniel Lenski [Tue, 17 Sep 2019 17:34:57 +0000 (10:34 -0700)]
add --external and --uri for convenient debugging/futzing purposes

5 years agolog other resources loaded when verbosity > 1 (e.g. `-vv` flag)
Daniel Lenski [Tue, 17 Sep 2019 04:18:11 +0000 (21:18 -0700)]
log other resources loaded when verbosity > 1 (e.g. `-vv` flag)

5 years agopersist cookies
Daniel Lenski [Tue, 17 Sep 2019 02:56:16 +0000 (19:56 -0700)]
persist cookies

5 years agoinitial commit
Daniel Lenski [Tue, 17 Sep 2019 02:27:02 +0000 (19:27 -0700)]
initial commit

Community Data Science Collective || Want to submit a patch?