openconnect: introduced URI parameter
authorNikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Thu, 9 May 2024 19:18:44 +0000 (21:18 +0200)
committerNikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
Thu, 9 May 2024 20:25:50 +0000 (22:25 +0200)
This allows specifying a camouflage string in ocserv.

Fixes: #23364
Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
net/openconnect/Makefile
net/openconnect/README
net/openconnect/files/openconnect.sh

index 403ac2a8a278ba6e1d9956990a4755625cd73e2c..b169f011d2a893a245cc9efedd5471b0f3b6a352 100644 (file)
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openconnect
 PKG_VERSION:=9.12
-PKG_RELEASE:=3
+PKG_RELEASE:=4
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://www.infradead.org/openconnect/download
index 0647916fd890275d89bd3ed55f4995cd2c8f74d2..edd4a03a9acec65230c63bbe8fd7126246d34ad9 100644 (file)
@@ -5,8 +5,7 @@ To setup a VPN connection, add the following to /etc/config/network:
 config interface 'MYVPN'
        option proto 'openconnect'
        option interface 'wan'
-       option server 'vpn.example.com'
-       option port '4443'
+       option uri 'https://vpn.example.com:4443'
        option username 'test'
        option password 'secret'
        option serverhash 'AE7FF6A0426F0A0CD0A02EB9EC3C5066FAEB0B25'
index 707c770e7449000f022fe6eb65712dc492166c8f..769660091c46f7669a984d4cb06e111fe3da88df 100755 (executable)
@@ -16,6 +16,7 @@ append_args() {
 proto_openconnect_init_config() {
        proto_config_add_string "server"
        proto_config_add_int "port"
+       proto_config_add_string "uri"
        proto_config_add_int "mtu"
        proto_config_add_int "juniper"
        proto_config_add_int "reconnect_timeout"
@@ -65,6 +66,7 @@ proto_openconnect_setup() {
                proxy \
                reconnect_timeout \
                server \
+               uri \
                serverhash \
                token_mode \
                token_script \
@@ -79,6 +81,8 @@ proto_openconnect_setup() {
        [ -n "$interface" ] && {
                local trials=5
 
+               [ -n $uri ] && server=$(echo $uri | awk -F[/:] '{print $4}')
+
                logger -t "openconnect" "adding host dependency for $server at $config"
                while resolveip -t 10 "$server" > "$tmpfile" && [ "$trials" -gt 0 ]; do
                        sleep 5
@@ -95,8 +99,9 @@ proto_openconnect_setup() {
        }
 
        [ -n "$port" ] && port=":$port"
+       [ -z "$uri" ] && uri="$server$port"
 
-       append_args "$server$port" -i "$ifname" --non-inter --syslog --script /lib/netifd/vpnc-script
+       append_args "$uri" -i "$ifname" --non-inter --syslog --script /lib/netifd/vpnc-script
        [ "$pfs" = 1 ] && append_args --pfs
        [ "$no_dtls" = 1 ] && append_args --no-dtls
        [ -n "$mtu" ] && append_args --mtu "$mtu"