• Daniel Lenski's avatar
    Add `openconnect_get_auth_expiration` function to library and JNI · f152cf7d
    Daniel Lenski authored
    This allows protocols to save the moment when a session's authentication
    (`vpninfo->cookie`) is expected to expire and no longer be useful for
    reconnection.
    
    The motivation is to eventually allow front-ends to know whether
    reauthentication is needed, or whether they should try using a cached
    cookie.
    
    Current state:
    
    - AnyConnect protocol: expiration is determined from the CONNECT
      response header `X-CSTP-Session-Timeout-Remaining` (with
      `X-CSTP-Session-Timeout` or `X-CSTP-Lease-Duration` as upper bounds in its
      absence)
    - GlobalProtect protocol: expiration is determined from the `<lifetime>` tag of
      the XML config.
    - Juniper Network Connect protocol: no currently known way to determine
      expiration. The `DSID` cookie is a standard HTTP cookie, so perhaps its
      expiration timestamp is intended for this purpose; however, I can find
      no real-world case where it has an expiration timestamp set.
    - None of the currently-supported protocols provide the expiration
      timestamp until the connection phase, so it can't be obtained for
      export by the `--authenticate` option.
    Signed-off-by: default avatarDaniel Lenski <dlenski@gmail.com>
    f152cf7d
Name
Last commit
Last update
.copr Loading commit data...
android Loading commit data...
bash Loading commit data...
java Loading commit data...
m4 Loading commit data...
po Loading commit data...
tests Loading commit data...
trojans Loading commit data...
www Loading commit data...
.gitignore Loading commit data...
.gitlab-ci.yml Loading commit data...
.mailmap Loading commit data...
COPYING.LGPL Loading commit data...
Makefile.am Loading commit data...
README.md Loading commit data...
TODO Loading commit data...
acinclude.m4 Loading commit data...
auth-common.c Loading commit data...
auth-globalprotect.c Loading commit data...
auth-juniper.c Loading commit data...
auth.c Loading commit data...
autogen.sh Loading commit data...
compat.c Loading commit data...
config.rpath Loading commit data...
configure.ac Loading commit data...
cstp.c Loading commit data...
digest.c Loading commit data...
dtls.c Loading commit data...
esp-seqno.c Loading commit data...
esp.c Loading commit data...
gnutls-dtls.c Loading commit data...
gnutls-esp.c Loading commit data...
gnutls.c Loading commit data...
gnutls.h Loading commit data...
gnutls_tpm.c Loading commit data...
gnutls_tpm2.c Loading commit data...
gnutls_tpm2_esys.c Loading commit data...
gnutls_tpm2_ibm.c Loading commit data...
gpst.c Loading commit data...
gssapi.c Loading commit data...
http-auth.c Loading commit data...
http.c Loading commit data...
iconv.c Loading commit data...
jni.c Loading commit data...
libopenconnect.map.in Loading commit data...
library.c Loading commit data...
lzo.c Loading commit data...
lzo.h Loading commit data...
lzs.c Loading commit data...
main.c Loading commit data...
mainloop.c Loading commit data...
mingw-openconnect.spec.in Loading commit data...
mkspec.sh Loading commit data...
ntlm.c Loading commit data...
oath.c Loading commit data...
oidc.c Loading commit data...
oncp.c Loading commit data...
openconnect-internal.h Loading commit data...
openconnect.8.in Loading commit data...
openconnect.h Loading commit data...
openconnect.ico Loading commit data...
openconnect.pc.in Loading commit data...
openconnect.rc Loading commit data...
openconnect.spec.in Loading commit data...
openssl-dtls.c Loading commit data...
openssl-esp.c Loading commit data...
openssl-pkcs11.c Loading commit data...
openssl.c Loading commit data...
pulse.c Loading commit data...
script.c Loading commit data...
ssl.c Loading commit data...
sspi.c Loading commit data...
stoken.c Loading commit data...
tun-win32.c Loading commit data...
tun.c Loading commit data...
version.sh Loading commit data...
win32-ipicmp.h Loading commit data...
xml.c Loading commit data...
yubikey.c Loading commit data...