openconnect: allow specify --protocol from config
openconnect v8.10 supports 4 VPN protocols --protocol=anyconnect Compatible with Cisco AnyConnect SSL VPN, as well as ocserv (default) --protocol=nc Compatible with Juniper Network Connect --protocol=gp Compatible with Palo Alto Networks (PAN) GlobalProtect SSL VPN --protocol=pulse Compatible with Pulse Connect Secure SSL VPN This patch allows user to specify protocol use the new "vpn_protocol" option and deprecate the old option "juniper" which seems to be missing in the current openconnect client. Signed-off-by: Mengyang Li <mayli.he@gmail.com>
This commit is contained in:
Mengyang Li
Nikos Mavrogiannopoulos
parent
80ac8dac11
commit
b6119433a5
3 changed files with 16 additions and 3 deletions
|
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
||||||
|
|
||||||
PKG_NAME:=openconnect
|
PKG_NAME:=openconnect
|
||||||
PKG_VERSION:=8.10
|
PKG_VERSION:=8.10
|
||||||
PKG_RELEASE:=2
|
PKG_RELEASE:=3
|
||||||
|
|
||||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||||
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/
|
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/
|
||||||
|
|
|
||||||
|
|
@ -32,8 +32,15 @@ config interface 'MYVPN'
|
||||||
#option token_mode 'script'
|
#option token_mode 'script'
|
||||||
#option token_script '/lib/custom/getocpass.sh'
|
#option token_script '/lib/custom/getocpass.sh'
|
||||||
|
|
||||||
# Juniper vpn support
|
# For non-anyconnect vpn protocols
|
||||||
#option juniper '1'
|
# Cisco AnyConnect (default)
|
||||||
|
#option vpn_protocol 'anyconnect'
|
||||||
|
# Juniper Network Connect
|
||||||
|
#option vpn_protocol 'nc'
|
||||||
|
# Palo Alto Networks GlobalProtect
|
||||||
|
#option vpn_protocol 'gp'
|
||||||
|
# Pulse Connect Secure
|
||||||
|
#option vpn_protocol 'pulse'
|
||||||
|
|
||||||
# Authentication form responses
|
# Authentication form responses
|
||||||
#list form_entry FORM:OPT=VAL
|
#list form_entry FORM:OPT=VAL
|
||||||
|
|
|
||||||
|
|
@ -15,6 +15,7 @@ proto_openconnect_init_config() {
|
||||||
proto_config_add_int "port"
|
proto_config_add_int "port"
|
||||||
proto_config_add_int "mtu"
|
proto_config_add_int "mtu"
|
||||||
proto_config_add_int "juniper"
|
proto_config_add_int "juniper"
|
||||||
|
proto_config_add_string "vpn_protocol"
|
||||||
proto_config_add_boolean "no_dtls"
|
proto_config_add_boolean "no_dtls"
|
||||||
proto_config_add_string "interface"
|
proto_config_add_string "interface"
|
||||||
proto_config_add_string "username"
|
proto_config_add_string "username"
|
||||||
|
|
@ -46,6 +47,7 @@ proto_openconnect_setup() {
|
||||||
form_entry \
|
form_entry \
|
||||||
interface \
|
interface \
|
||||||
juniper \
|
juniper \
|
||||||
|
vpn_protocol \
|
||||||
mtu \
|
mtu \
|
||||||
no_dtls \
|
no_dtls \
|
||||||
os \
|
os \
|
||||||
|
|
@ -93,6 +95,10 @@ proto_openconnect_setup() {
|
||||||
append_args --juniper
|
append_args --juniper
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
[ -n "$vpn_protocol" ] && {
|
||||||
|
append_args --protocol "$vpn_protocol"
|
||||||
|
}
|
||||||
|
|
||||||
[ -n "$serverhash" ] && {
|
[ -n "$serverhash" ] && {
|
||||||
append_args "--servercert=$serverhash"
|
append_args "--servercert=$serverhash"
|
||||||
append_args --no-system-trust
|
append_args --no-system-trust
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue