From 131ec7b3bd6895aa3f86f57169dd23c15f174fe2 Mon Sep 17 00:00:00 2001
From: Rui Salvaterra <rsalvaterra@gmail.com>
Date: Tue, 17 May 2022 16:29:14 +0100
Subject: [PATCH 1/3] openconnect: drop the dependency on resolveip

We have nslookup and awk, let's use them.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
---
 net/openconnect/Makefile             | 2 +-
 net/openconnect/files/openconnect.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/openconnect/Makefile b/net/openconnect/Makefile
index 6bf724eeb..7b15490b4 100644
--- a/net/openconnect/Makefile
+++ b/net/openconnect/Makefile
@@ -35,7 +35,7 @@ endef
 define Package/openconnect
   SECTION:=net
   CATEGORY:=Network
-  DEPENDS:=+libxml2 +kmod-tun +resolveip +vpnc-scripts +OPENCONNECT_OPENSSL:libopenssl +OPENCONNECT_OPENSSL:p11-kit +OPENCONNECT_OPENSSL:libp11 +OPENCONNECT_GNUTLS:libgnutls +OPENCONNECT_GNUTLS:libtasn1 +OPENCONNECT_STOKEN:libstoken $(ICONV_DEPENDS) $(INTL_DEPENDS)
+  DEPENDS:=+libxml2 +kmod-tun +vpnc-scripts +OPENCONNECT_OPENSSL:libopenssl +OPENCONNECT_OPENSSL:p11-kit +OPENCONNECT_OPENSSL:libp11 +OPENCONNECT_GNUTLS:libgnutls +OPENCONNECT_GNUTLS:libtasn1 +OPENCONNECT_STOKEN:libstoken $(ICONV_DEPENDS) $(INTL_DEPENDS)
   TITLE:=OpenConnect VPN client (Cisco AnyConnect and Juniper/Pulse compatible)
   MAINTAINER:=Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
   URL:=https://www.infradead.org/openconnect/
diff --git a/net/openconnect/files/openconnect.sh b/net/openconnect/files/openconnect.sh
index 37f1945f4..0cf4408fb 100755
--- a/net/openconnect/files/openconnect.sh
+++ b/net/openconnect/files/openconnect.sh
@@ -68,7 +68,7 @@ proto_openconnect_setup() {
 	logger -t openconnect "initializing..."
 
 	logger -t "openconnect" "adding host dependency for $server at $config"
-	for ip in $(resolveip -t 10 "$server"); do
+	for ip in $(nslookup "$server" | awk '/^Name:/ {getline; print $2;}'); do
 		logger -t "openconnect" "adding host dependency for $ip at $config"
 		proto_add_host_dependency "$config" "$ip" "$interface"
 	done

From 9bbecd2438f51a335b1c97d04c9480f7be4158ac Mon Sep 17 00:00:00 2001
From: Rui Salvaterra <rsalvaterra@gmail.com>
Date: Thu, 19 May 2022 14:01:00 +0100
Subject: [PATCH 2/3] openconnect: don't bother loading the tun module

If it exists (if it isn't built-in), it will be loaded automatically at boot.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
---
 net/openconnect/files/openconnect.sh | 1 -
 1 file changed, 1 deletion(-)

diff --git a/net/openconnect/files/openconnect.sh b/net/openconnect/files/openconnect.sh
index 0cf4408fb..b794296c0 100755
--- a/net/openconnect/files/openconnect.sh
+++ b/net/openconnect/files/openconnect.sh
@@ -62,7 +62,6 @@ proto_openconnect_setup() {
 		usergroup \
 		username \
 
-	grep -q tun /proc/modules || insmod tun
 	ifname="vpn-$config"
 
 	logger -t openconnect "initializing..."

From ae11bdf5d8ab2eaa97a05a8d9a43ca8517e4041d Mon Sep 17 00:00:00 2001
From: Rui Salvaterra <rsalvaterra@gmail.com>
Date: Tue, 24 May 2022 12:03:06 +0100
Subject: [PATCH 3/3] openconnect: make sure OpenSSL is built with DTLS support

Otherwise, OpenConnect will fail to connect with DTLS.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
---
 net/openconnect/Config.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/openconnect/Config.in b/net/openconnect/Config.in
index d73bd3a88..8c84bf2b9 100644
--- a/net/openconnect/Config.in
+++ b/net/openconnect/Config.in
@@ -12,6 +12,7 @@ config OPENCONNECT_GNUTLS
 
 config OPENCONNECT_OPENSSL
 	bool "OpenSSL"
+	select OPENSSL_WITH_DTLS
 
 endchoice