I am able to connect after downgrading libgnutls to 3.6.15-5.
It could be an issue with the server certs, but since I'm able to
connect to the same server using an older version of the library, as
well as from clients on windows and android, it seems more likely to me
that the problem is in libgnutls. I'll open a new report for that package.
You can consider the report for openconnect resolved. Thanks!
On 1/18/21 1:04 AM, Luca Boccassi wrote:
On Thu, 07 Jan 2021 11:22:16 -0900 Matt <tardarsa...@gmail.com> wrote:
Package: openconnect
Version: 8.10-2+b1
Severity: important
X-Debbugs-Cc: tardarsa...@gmail.com
Dear Maintainer,
After upgrading openconnect from 8.10-1 to 8.10-2+b1, I can no longer connect
to a GlobalProtect VPN.
This is the output from a connection attempt (with identifying information
removed):
$ sudo openconnect --protocol gp -u <username> <url>
POST
https://<url>/global-protect/prelogin.esp?tmp=tmp&clientVer=4100&clientos=Linux
Connected to <ip>:443
SSL negotiation with <url>
openconnect: ../../../lib/x509/common.c:1794: _gnutls_sort_clist: Assertion `k
== clist_size' failed.
Aborted
Nothing changed but a new version of libgnutls, so that likely means
there's some problem with the certificates your server is issueing?
