-
Daniel Lenski authored
This allows protocols to save the moment when a session's authentication (`vpninfo->cookie`) is expected to expire and no longer be useful for reconnection. The motivation is to eventually allow front-ends to know whether reauthentication is needed, or whether they should try using a cached cookie. Current state: - AnyConnect protocol: expiration is determined from the CONNECT response header `X-CSTP-Session-Timeout-Remaining` (with `X-CSTP-Session-Timeout` or `X-CSTP-Lease-Duration` as upper bounds in its absence) - GlobalProtect protocol: expiration is determined from the `<lifetime>` tag of the XML config. - Juniper Network Connect protocol: no currently known way to determine expiration. The `DSID` cookie is a standard HTTP cookie, so perhaps its expiration timestamp is intended for this purpose; however, I can find no real-world case where it has an expiration timestamp set. - None of the currently-supported protocols provide the expiration timestamp until the connection phase, so it can't be obtained for export by the `--authenticate` option. Signed-off-by:Daniel Lenski <dlenski@gmail.com>
f152cf7d
