Re: NetworManager and openconnect: using cookies

From: muriloo br ibm com
To: David Woodhouse <dwmw2 infradead org>
Cc: "ebarkie us ibm com" <ebarkie us ibm com>, "networkmanager-list gnome org" <networkmanager-list gnome org>, openconnect-devel lists infradead org
Subject: Re: NetworManager and openconnect: using cookies
Date: Fri, 8 Oct 2010 11:03:56 -0300

David Woodhouse <dwmw2 infradead org> wrote on 10/01/2010 11:42:31 PM: > David Woodhouse <dwmw2 infradead org>
> 10/01/2010 11:42 PM
> > To
> > "muriloo br ibm com" <muriloo br ibm com>
> > cc
> > "networkmanager-list gnome org" <networkmanager-list gnome org>, > "ebarkie us ibm com" <ebarkie us ibm com>, openconnect- > devel lists infradead org
> > Subject
> > Re: NetworManager and openconnect: using cookies
> > Tbanks; this looks good. > > But we should really be using gnome-keyring for storing the cookie, not > gconf. That way it's much less likely that it'll 'leak'. I think we can > get away with enabling this behaviour by default then. > > We should probably make some attempt to remember the lifetime of the > cookie too, so we don't try to use it when we *know* it's already timed > out. > > > I'm stuck on this step: if it fails on cookie, jump to ask > > username/password inputs from user. It always tries to use cookie. > > Yeah, I suspect it's best to try to validate the cookie directly, rather > than passing it to openconnect and praying. We can implement a > 'test-cookie' option in (lib)openconnect, which can either try a CONNECT > request, or hopefully there's a way to use the cookie with an HTTP GET > request that'll tell us if it's working too. > > Not sure about sending SIGKILL immediately -- that may upset the people > who had the issues which made me implement the BYE packet in the first > place. Perhaps we need an option to avoid the BYE on disconnect (which > would be nice in other situations too). > > -- > dwmw2 >
Hi guys,

Thanks for your reply David.

I think we could implement keyring support for password first and after
implement a function to test if cookie is still valid and save cookie in
gnome-keyring either.

For now, I've drafted a patch to add gnome-keyring support for user's
password. Please refer to the attachment openconnect-add-gnome-keyring-support.patch

Feel free to make any comments about it. I'd be glad to improve it.

Murilo

Attachment: openconnect-add-gnome-keyring-support.patch
Description: Binary data

Follow-Ups:
- Re: NetworManager and openconnect: using cookies
  - From: Dan Williams
- Re: NetworManager and openconnect: using cookies
  - From: David Woodhouse

References:
- NetworManager and openconnect: using cookies
  - From: muriloo
- Re: NetworManager and openconnect: using cookies
  - From: David Woodhouse

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]