Error in version >= 2.2.1 when working with eToken Certs

ancwrd1 / snx-rs

Open Source Linux Client For Check Point VPN Tunnels

GNU Affero General Public License v3.0

120 stars 9 forks source link

Error in version >= 2.2.1 when working with eToken Certs #23

Closed SnowLe0 closed 6 months ago

SnowLe0 commented 6 months ago

Hello!

I came across a problem that when I switched to version snx-rs >= 2.2.1 (both in gui and cli), the connection to the vpn server stopped being established. Everything is fine with version 2.2.0. Perhaps PKCS11 initialization happens later now? (judging by the logs, the differences start from line 111)

I am attaching log files for versions 2.2.0 and 2.2.2 (I had to anonymize some IPs, etc.)

222.log 220.log

ancwrd1 commented 6 months ago

thanks for reporting, a regression was unfortunately introduced and should be fixed now, please test from the main branch. I can't test it myself because I don't have access to the server with certificate authentication.

SnowLe0 commented 6 months ago

Thank you very much! With the new version everything works as it should. Tested both on VPN servers with authorization based on certificates using eToken, and using login and password + MFA.