{"id":16512972,"url":"https://github.com/daskol/networkmanager-openconnect","last_synced_at":"2026-03-16T18:32:04.800Z","repository":{"id":210867383,"uuid":"727605683","full_name":"daskol/networkmanager-openconnect","owner":"daskol","description":"Simple and flexible NetworkManager support for OpenConnect in Python.","archived":false,"fork":false,"pushed_at":"2025-01-05T16:28:14.000Z","size":18,"stargazers_count":3,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-08T23:12:53.501Z","etag":null,"topics":["anyconnect","networkmanager","networkmanager-openconnect","openconnect"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/daskol.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-12-05T07:50:19.000Z","updated_at":"2025-04-02T06:28:05.000Z","dependencies_parsed_at":"2023-12-05T10:28:39.845Z","dependency_job_id":"d2549463-e96b-4bb5-8e96-c4aff6b20e4f","html_url":"https://github.com/daskol/networkmanager-openconnect","commit_stats":null,"previous_names":["daskol/networkmanager-openconnect"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daskol%2Fnetworkmanager-openconnect","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daskol%2Fnetworkmanager-openconnect/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daskol%2Fnetworkmanager-openconnect/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daskol%2Fnetworkmanager-openconnect/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/daskol","download_url":"https://codeload.github.com/daskol/networkmanager-openconnect/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252489147,"owners_count":21756269,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anyconnect","networkmanager","networkmanager-openconnect","openconnect"],"created_at":"2024-10-11T16:06:47.592Z","updated_at":"2026-03-16T18:32:04.766Z","avatar_url":"https://github.com/daskol.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# NetworkManager: OpenConnect Plugin\n\n*Simple and flexible NetworkManager support for OpenConnect in Python.*\n\n- [Overview](#overview)\n- [Installation](#installation)\n- [Configuration](#configuration)\n- [Development Issues](#development-Issues)\n  - [Traffic Dump](#traffic-dump)\n  - [Secrets Agent Availablity](#secrets-agent-availablity)\n\n## Overview\n\nThis is a concurrent project aimed in support of [OpenConnect][2] (an\nopen-source implementation of Cisco's [AnyConnect][1]) within Gnome's\n[NetworkManager][4] (or just NM). There are several drawbacks of original\nOpenConnect support in NetworkManager.\n\n1. Inability to activate a VPN connection without typing as password. In other\n   words, you should type something like the following.\n\n   ```shell\n   nmcli connection up YourVPNConn -a\n   ```\n\n   The issue is that you should type not only password but a username (sic!) as\n   well. Moreover, some corporate networks suggest a choice of role or network\n   to connect to. Underlying `openconnect` client allows to specify desired\n   form options manually or via comman line options. This implementation\n   assumes that all auxiliary options are already enumerated in `nmconnection`\n   file, So there is no need in manual typing too.\n2. C/C++ gives an excelemnt performance in a cost of laborious development\n   efforts. We believe there is no need to write a code in C/C++ here. Python\n   is enough in order to execute `openconnect` binary and sleep until a\n   connection is deactivated.\n3. Original implementation is distributed under toxic GPL.\n4. Enormous complexity of DBus and NetworkManager in general. In my perspective\n   there are some bizzare things in implementation and internals of DBus.\n   Interaction protocol within NetworkManager is [unclear][6] and [vague][7].\n\n## Installation\n\n**NOTE** This implementation conflicts with [original implementation][5].\n\nSince this plugin relies on OpenConnect binary and an architecture and\nconfiguration of original plugin implementation, the first part of installation\nprocess is pretty straightforward: you should just install the packages as\nfollows.\n\n```shell\napt update \u0026\u0026 apt install openconnect network-manager-openconnect  # Ubuntu\n```\n\nAnd then install this package.\n\n```shell\npip install git+https://github.com/daskol/networkmanager-openconnect.git\n```\n\nThe second part is more tedious since we need to update a NetworkManager\nconfiguration a litte bit. We need to edit a service file for a DBus service\nwhich exposes plugin services to NetworkManager. As we finished with the\n[configuration file](nm-openconnect-service.name) it should look like the\nfollowing.\n\n```ini\n# Config file: /usr/lib/NetworkManager/VPN/nm-openconnect-service.name\n[VPN Connection]\nname=openconnect\nservice=org.freedesktop.NetworkManager.openconnect\nprogram=/usr/local/bin/nm-openconnect  # Path to executable.\nsupports-multiple-connections=true\n```\n\nFinally, we should reload NetworkManager and activate our VPN connection.\n\n```shell\nnmcli connection reload\nnmcli connection up YourVPNConn\n```\n\n## Configuration\n\nAs it was mentioned above, the plugin relies on original implementation. This\nis true for configuration as well. Below a snippet of `nmconnection` file shows\nthe difference with original configuration file. The rest of fields are pretty\nthe same as in the original configuration (if they are used at all).\n\n```\n[vpn]\nservice-type=org.freedesktop.NetworkManager.openconnect\npassword-flags=0  # Do not ask agent for secrets.\nusername=your-username-here  # Username.\nform=main:group_list=AccessVPN,main:field=value  # Comma-separated form data.\n\n[vpn-secrets]\npassword=your-password-here  # Password in plaintext.\n```\n\n**NOTE** Some configuration options are not used at all but it is simple enough\nto support them.\n\n## Development Issues\n\n### Logging and Configuration\n\nWe need to fix logging and read full configuration (support every option of\noriginal `openconnect` binary). Also, logging requires some efforts to make it\nbehave exactly as the original implementation.\n\n### Traffic Dump\n\nThere are plenty amazing tools for monitoring, discovery, introspection, and\ncommunication from scratch.\n\n```shell\nbusctl --system capture \u003e dbus-traffic.pcap\n```\n\nThen one should use `wireshark` to open and analyze the dump.\n\n### Secrets Agent Availablity\n\nThere are some issues with access to secrets agent from proccess run with root\npriviledges. It requires some research to figure out solution if it is actually\nan issue. Also, we need to drop priviledges properly in plugin.\n\n[1]: https://www.cisco.com/c/ru_ru/index.html\n[2]: https://github.com/openconnect\n[3]: https://www.gnome.org/\n[4]: https://networkmanager.dev/\n[5]: https://gitlab.gnome.org/GNOME/NetworkManager-openconnect\n[6]: https://people.redhat.com/dcbw/NetworkManager/NetworkManager%20DBUS%20API.txt\n[7]: https://bugzilla.redhat.com/show_bug.cgi?id=710552\n[8]: https://people.freedesktop.org/~lkundrak/nm-docs/gdbus-org.freedesktop.NetworkManager.VPN.Plugin.html\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdaskol%2Fnetworkmanager-openconnect","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdaskol%2Fnetworkmanager-openconnect","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdaskol%2Fnetworkmanager-openconnect/lists"}