Error in version >= 2.2.1 when working with eToken Certs

ancwrd1 / snx-rs

Open source Linux client for Checkpoint VPN tunnels

GNU Affero General Public License v3.0

57 stars 5 forks source link

Error in version >= 2.2.1 when working with eToken Certs #23

Closed SnowLe0 closed 3 weeks ago

SnowLe0 commented 3 weeks ago

Hello!

I came across a problem that when I switched to version snx-rs >= 2.2.1 (both in gui and cli), the connection to the vpn server stopped being established. Everything is fine with version 2.2.0. Perhaps PKCS11 initialization happens later now? (judging by the logs, the differences start from line 111)

I am attaching log files for versions 2.2.0 and 2.2.2 (I had to anonymize some IPs, etc.)

222.log 220.log

ancwrd1 commented 3 weeks ago

thanks for reporting, a regression was unfortunately introduced and should be fixed now, please test from the main branch. I can't test it myself because I don't have access to the server with certificate authentication.

SnowLe0 commented 3 weeks ago

Thank you very much! With the new version everything works as it should. Tested both on VPN servers with authorization based on certificates using eToken, and using login and password + MFA.