diff --git a/net/openconnect/Makefile b/net/openconnect/Makefile index 996edaa8a..6c5858e7f 100644 --- a/net/openconnect/Makefile +++ b/net/openconnect/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openconnect -PKG_VERSION:=8.09 +PKG_VERSION:=8.10 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/ -PKG_HASH:=f39802be4c3a099b211ee4cc3318b3a9a195075deab0b4c1c5880c69340ce9a6 +PKG_HASH:=30e64c6eca4be47bbf1d61f53dc003c6621213738d4ea7a35e5cf1ac2de9bab1 PKG_LICENSE:=LGPL-2.1-or-later PKG_LICENSE_FILES:=COPYING.LGPL @@ -42,13 +42,15 @@ define Package/openconnect endef define Package/openconnect/description - A VPN client compatible with Cisco's AnyConnect SSL VPN, ocserv and Juniper (Pulse secure). + A VPN client compatible with several SSL VPN implementations (ocserv, Cisco AnyConnect, Juniper, Palo Alto) - OpenConnect is a client that follows the Cisco's AnyConnect SSL VPN protocol, - which is supported by IOS 12.4(9)T or later on Cisco SR500, 870, 880, 1800, - 2800, 3800, 7200 Series and Cisco 7301 Routers, as well as the OpenConnect - VPN server. It has later been ported to support the Juniper SSL VPN which - is now known as Pulse Connect Secure. + OpenConnect is an SSL VPN client initially created to support Cisco's + AnyConnect SSL VPN. It has since been extended to support the Pulse Connect + Secure VPN (formerly known as Juniper Network Connect or Junos Pulse) and + the Palo Alto Networks GlobalProtect SSL VPN. + + A corresponding OpenConnect VPN server implementation can be found in the + ocserv package. endef CONFIGURE_ARGS += \ diff --git a/net/openconnect/files/openconnect.sh b/net/openconnect/files/openconnect.sh index 0efa44418..aef13a3c3 100755 --- a/net/openconnect/files/openconnect.sh +++ b/net/openconnect/files/openconnect.sh @@ -15,6 +15,7 @@ proto_openconnect_init_config() { proto_config_add_int "port" proto_config_add_int "mtu" proto_config_add_int "juniper" + proto_config_add_boolean "no_dtls" proto_config_add_string "interface" proto_config_add_string "username" proto_config_add_string "serverhash" @@ -39,7 +40,25 @@ proto_openconnect_add_form_entry() { proto_openconnect_setup() { local config="$1" - json_get_vars server port interface username serverhash authgroup usergroup password password2 token_mode token_secret token_script os csd_wrapper mtu juniper form_entry + json_get_vars \ + authgroup \ + csd_wrapper \ + form_entry \ + interface \ + juniper \ + mtu \ + no_dtls \ + os \ + password \ + password2 \ + port \ + server \ + serverhash \ + token_mode \ + token_script \ + token_secret \ + usergroup \ + username \ grep -q tun /proc/modules || insmod tun ifname="vpn-$config" @@ -55,6 +74,7 @@ proto_openconnect_setup() { [ -n "$port" ] && port=":$port" append_args "$server$port" -i "$ifname" --non-inter --syslog --script /lib/netifd/vpnc-script + [ "$no_dtls" = 1 ] && append_args --no-dtls [ -n "$mtu" ] && append_args --mtu "$mtu" # migrate to standard config files