]> www.infradead.org Git - users/dwmw2/openconnect.git/commit
projects / users / dwmw2 / openconnect.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: bbcc2c5) | patch
add oncp_bye() to logout the Juniper session
authorDaniel Lenski <dlenski@gmail.com>
Sun, 8 Jan 2017 20:27:54 +0000 (12:27 -0800)
committerDavid Woodhouse <dwmw2@infradead.org>
Sun, 14 May 2017 23:33:19 +0000 (16:33 -0700)
commitdf273812d14b2b7c8d80f5a2b73a37a2d295307f
tree8c6c0a90d6d77fbd54e1d347792c86b98e2d1ef4tree
parentbbcc2c5aa325b5e9b01482ca735fbd61dc6ea541commit | diff
add oncp_bye() to logout the Juniper session

The nc protocol lacked a .vpn_close_session function; without logout, the
VPN cookie remains active and can be used to restart the session, which is a
security hazard—especially when passing around OpenConnect logs on the
mailing list for development and troubleshooting.

Juniper logout is straightforward: GET /dana-na/auth/logout.cgi (with the
appropriate DSID cookie set).

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
library.c diff | blob | history
oncp.c diff | blob | history
openconnect-internal.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.