Deprecated, yes, but do you care if we still use it?

[digitalformula]

I've been building from this repo for years as it's always been and still is the most reliable way of getting GP connectivity to my work.

I know you say don't build this, but if we aren't ever going to ask for support for you, do you care if we do? I've got a working commit ID that I'll continue to use, if you don't mind.

Honestly, this repo contains the only client that I know will work without any faffing about with stupid command line parameters etc.

[dlenski]

It's open source. I can't stop you. If it's useful, I'm glad to hear it, though the upstream version should be more useful. ¯\(ツ)\/¯

Honestly, this repo contains the only client that I know will work without any faffing about with stupid command line parameters etc.

I don't understand.

Everything in this repository has been merged into the upstream project (https://gitlab.com/openconnect/openconnect), which takes the exact same command-line options (openconnect --prot=gp to connect with GP), has the exact same dependencies, and contains a host of improvements in subsequent OpenConnect versions.

What am I missing?

[digitalformula]

It's open source. I can't stop you. If it's useful, I'm glad to hear it, though the upstream version should be more useful. ¯_(ツ)_/¯

Honestly, this repo contains the only client that I know will work without any faffing about with stupid command line parameters etc.

I don't understand.

The command-line parameters required with the "openvpn" package available for Ubuntu. E.g. the need to supply a TUN device etc. Your package doesn't need any of that.

Everything in this repository has been merged into the upstream project (https://gitlab.com/openconnect/openconnect), which takes the exact same command-line options (openconnect --prot=gp to connect with GP), has the exact same dependencies, and contains a host of improvements in subsequent OpenConnect versions.

What am I missing?

You're not missing anything - I just didn't explain very well. The GitHub repo and its URL is integrated into a bunch of Ansible playbooks and, while I can (and will) update them to work with the GitLab version, I just wanted to make sure I'm not going to break anything by continuing to use the old GitHub-hosted version for a while.

[dlenski]

The command-line parameters required with the "openvpn" package available for Ubuntu. E.g. the need to supply a TUN device etc. Your package doesn't need any of that.

Wait… huh? OpenVPN and OpenConnect are not the same thing. They are both open-source VPN-related projects, but completely unrelated otherwise.

You are looking for the openconnect package for Ubuntu. Any OpenConnect release >=8.0 includes GlobalProtect support as developed in this repository, and then integrated upstream.

Assuming you're running Ubuntu 18.04+, add this PPA and you will get a substantially more modern version of OpenConnect that supports everything in this repo.

The GitHub repo and its URL is integrated into a bunch of Ansible playbooks and…

Who set these up?

… I just wanted to make sure I'm not going to break anything by continuing to use the old GitHub-hosted version for a while.

It will exist until I get totally tired of people filing issue reports on it, and asking about how to make it run, despite the fact that there is no good reason to run it and that there is a fully-compatible, actively-maintained, and superior version now upstream… which I have tried to explain this in about 7 different forms in the repo. :grimacing: :stuck_out_tongue_closed_eyes:

[digitalformula]

Wait… huh? OpenVPN and OpenConnect are not the same thing. They are both open-source VPN-related projects, but completely unrelated otherwise.

Dude it's OK. I know they're not the same thing but OpenVPN is what I get told to use. I just don't want to use it.

The GitHub repo and its URL is integrated into a bunch of Ansible playbooks and…

Who set these up?

I did, and they work brilliantly with your repo.

… I just wanted to make sure I'm not going to break anything by continuing to use the old GitHub-hosted version for a while.

It will exist until I get totally tired of people filing issue reports on it, and asking about how to make it run, despite the fact that there is no good reason to run it and that there is a fully-compatible, actively-maintained, and superior version now upstream… which I have tried to explain this in about 7 different forms in the repo.

That's fine. We're getting off topic anyway. I wasn't asking for support or help, just making sure I wasn't going to annoy you by still using it. At the time I figured it was being polite but ... oh well. It seems a little annoyance has been caused, though. Sorry about that.

[dlenski]

Dude it's OK. I know they're not the same thing but OpenVPN is what I get told to use. I just don't want to use it.

It's a fine piece of software, but I'm not recommending it either. I'm recommending you use the upstream OpenConnect, which we've worked very hard to integrate GlobalProtect support into in a way that's 100% compatible with everything in this repo. :grimacing:

That's fine. We're getting off topic anyway. I wasn't asking for support or help, just making sure I wasn't going to annoy you by still using it. At the time I figured it was being polite but ... oh well. It seems a little annoyance has been caused, though. Sorry about that.

Fair enough. Sorry if I sounded harsh. You're much better-informed than many of the people posting similar questions here…

Which is ultimately why I suggest that you use the upstream version instead. If you have a really weird GP setup, you might find one or two minor differences in behavior with the upstream project, and then you can report them to us upstream, and we'll fix or adjust as needed, and I think everyone will all ultimately be better off.

The bottom line, to answer your initial question: I'm not going to delete or overwrite this repository out of spite or to mess up people who rely on it it. I just really, really, really don't want to spend time redirecting people to the upstream repo with their issue reports.

(For examples of issues that contained useful information that would've been better reported upstream, see #165, #116, #113, #155, #144… some of them didn't even have to do with GlobalProtect support :man_shrugging: )

[digitalformula]

Dude it's OK. I know they're not the same thing but OpenVPN is what I get told to use. I just don't want to use it.

It's a fine piece of software, but I'm not recommending it either. I'm recommending you use the upstream OpenConnect, which we've worked very hard to integrate GlobalProtect support into in a way that's 100% compatible with everything in this repo.

For what it's worth, I've just finished removing all references to this repo and changing everything to use the upstream OpenConnect from GitLab. It is all working fine via Ansible now. I had to run ./configure --without-gnutls-version-check but that hasn't caused any issues.

Fair enough. Sorry if I sounded harsh. You're much better-informed than many of the people posting similar questions here…

Meh, it's all good. You've built a great product and I'll continue to use it as long as it's available (to clarify - I'm not using this repo anymore as I've moved to the upstream project).

The bottom line, to answer your initial question: I'm not going to delete or overwrite this repository out of spite or to mess up people who rely on it it. I just really, really, really don't want to spend time redirecting people to the upstream repo with their issue reports.

Yeah and no person with a mind of their own would blame you for that.

Thanks for responding - I appreciate it & apologise for wasting your time.

[dlenski]

Not at all. Thanks for the thoughtful discussion, and I'm looking forward to getting a bug report or 3 from you upstream. 😅

Lastly I have to give a shout-out to @dwmw2, who is the real brains behind OpenConnect, and in partiular structured the code in a way that made it relatively easy for a noob like me to learn how to add support for a new protocol