[new package] openconnect 9.12 #20607
Conversation
Signed-off-by: Marios Paouris <mspaourh@gmail.com>
|
Puh, we normally don't do pre-built. I personally would prefer a download script which explains it to the user and downloads it it the user agrees (+ link to source, + checksum check), but I've asked what others think in chat. Regarding the license, it states that it's not allowed to separately redistribute the DLL, so I'm not quite sure if putting it in a separate package is a license violation, but could be that both being in the same repo and having a dependency relation could count as "alongside". |
|
The consensus seems to be that we are not going to package prebuilt DLLs. This means the way forward could be a package which would hint at a command for downloading during install, and in the script educates the user that it's going to download it from a third party website, point to the website, and the license for the binrary https://git.zx2c4.com/wintun/tree/prebuilt-binaries-license.txt, requires the users to agree to download, and checks the checksums. Feedback welcome. |
|
Thanks for your input. Your proposition is to convert the openconnect-wintun package, or the plain openconnect package for simplicity, to inform the user of the required external dependency, and install a downloader script? And the user should run the downloader script to perform the download, checksum checks and installation to the system? Or is it something else? Are you aware of a package that does something similar, so it can be studied as a reference? |
|
just one small (maybe unrelated) question, I know this vpn software but in case for example I just want to send packages specifically to one vpn without assuming there is an interface installed on the system because windows has no drivers, could it be done a la poor man's socks proxy? Can I create tcp connections through the VPN without it being 'installed?' |
Well, there is an option that can be used in such scenarios, |
is it because it needs the drivers, I suppose? I thought the drivers were only to create a network interface to redirect all traffic.. |
We don't have anything like that. But if you remove that part from this PR I can look into creating such a package separately. |
Add the mingw-w64-openconnect package.
OpenConnect needs a TUN/TAP driver to operate and supports both the TAP-Windows driver shipped with OpenVPN and the Wintun layer 3 driver.
The TAP-Windows driver must be pre-installed on the system and a network adapter must have been created prior to running OpenConnect.
The Wintun driver, on the other hand, can be loaded dynamically as a DLL, which installs the driver and creates a network adapter that exists during OpenConnect execution, making it more convenient for users of OpenConnect.
The driver needs to be digitally signed in order to be installed on the system, and Wintun is officially distributed as a signed DLL.
OpenConnect downloads the zip distribution, verifies it using it's checksum and extracts the DLL as part of its build process.
Since this DLL may be provided by another package (none exists presently), it is packaged independently as mingw-w64-openconnect-wintun and this package is listed an a optional dependency of mingw-w64-openconnect.