Google Git
Sign in
chromium / apps / nacl-openconnect / 7e35e6b7b60e02a10e71a667ec0e0c651263c0a0
commit7e35e6b7b60e02a10e71a667ec0e0c651263c0a0[log] [tgz]
authorKevin Cernekee <cernekee@chromium.org>Mon Apr 25 05:37:25 2016
committerKevin Cernekee <cernekee@chromium.org>Mon Apr 25 05:44:12 2016
tree980d599eec5d1b62b1bdd3b7089628698aa3b298
parent22dc518480bdf366f04f00c2ea5850cd680ad986 [diff]
Add client cert selection logic to settings

Save the SHA-256 of the selected client cert in the connection settings.
In response to GnuTLS requests, search the list for a matching cert and
use it if it is available.

Change-Id: I0b72cac1718564d7643ae64041ec640274f76aa6
Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
3 files changed
tree: 980d599eec5d1b62b1bdd3b7089628698aa3b298
  1. ca/
  2. patch/
  3. .gitignore
  4. background.js
  5. crxmake.sh
  6. crypto.cc
  7. crypto.h
  8. crypto_callback.h
  9. HACK.md
  10. icon-512.png
  11. icon.png
  12. jquery-2.2.0.min.js
  13. LICENSE
  14. Makefile
  15. manifest.json
  16. native.nmf
  17. OWNERS
  18. portable.nmf
  19. README.md
  20. settings.html
  21. settings.js
  22. vpn_instance.cc
  23. vpn_instance.h
  24. vpn_module.cc
  25. vpn_module.h
README.md

Overview

This repository contains an experimental port of the OpenConnect VPN client to Chrome OS.

The official copy of this repository is hosted at https://chromium.googlesource.com/apps/nacl-openconnect.

All changes must go through the Gerrit code review server on https://chromium-review.googlesource.com. Please see the HACK.md document in this directory for details on submitting patches.

Building from source

This procedure has been tested on Ubuntu Trusty (14.04) running in a crouton chroot.

nacl-openconnect is built using the Chrome Native Client SDK and webports, so the first step is to install the host dependencies listed on the home pages for those projects (python, git, etc.). Also, install the openssl command line tool. You do not need to manually install nacl_sdk, webports, or depot_tools by hand.

Next, chdir into the nacl-openconnect source tree and type make. This will download and compile several dependencies, and eventually generate an openconnect.crx output file.

To modify the libopenconnect library and rebuild the app, use: make libopenconnect && make clean && make

To rebuild the app after changing the vpn_instance wrapper or the JavaScript code, just use: make

If you are building under crouton on a Chromebook, it may be helpful to leave all of your sources under the shared ~/Downloads directory.

Installation

To “sideload” an app or extension under Chrome OS, open up chrome://extensions in the browser, then open the file manager with Alt-Shift-M, then drag the .crx file onto the extensions page. On the initial attempt, Chrome will prompt for permission to install the app. On subsequent attempts the installation will succeed “silently” without opening any dialogs.

Testing and debugging

This app has been tested using ocserv configured for user/pass authentication. It should also work with standard Cisco ASA appliances.

You can view the debug output by opening chrome://extensions and inspecting the background page (select the Console tab).