bakabtw/packages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

openconnect: Updated openconnect to 5.03

Browse Source 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>


git-svn-id: svn://svn.openwrt.org/openwrt/packages@40339 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
hauke 2014-03-30 18:41:16 +00:00
parent cb8cc94c2f
commit 3e3e7b7693
4 changed files with 33 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
net/openconnect/Config.in Normal file
View File

@ -0,0 +1,18 @@
# openconnect avanced configuration
menu "Configuration"
depends on PACKAGE_openconnect
choice
prompt "SSL library"
default OPENCONNECT_GNUTLS
config OPENCONNECT_GNUTLS
bool "GnuTLS support"
config OPENCONNECT_OPENSSL
bool "OpenSSL"
endchoice
endmenu

17
net/openconnect/Makefile
View File

@ -8,26 +8,30 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=openconnect
PKG_VERSION:=4.08
PKG_VERSION:=5.03
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/
PKG_MD5SUM:=3dd065194d87c08084675d255c8e29ef
PKG_MD5SUM:=ff43ed1dbaccd2537fd7c5bfb04295a6
include $(INCLUDE_DIR)/package.mk
define Package/openconnect/config
source "$(SOURCE)/Config.in"
endef
define Package/openconnect
SECTION:=net
CATEGORY:=Network
DEPENDS:=+libxml2 +libopenssl +kmod-tun +resolveip
DEPENDS:=+libxml2 +kmod-tun +resolveip +OPENCONNECT_OPENSSL:libopenssl +OPENCONNECT_GNUTLS:libgnutls
TITLE:=VPN client for Cisco's AnyConnect SSL VPN
URL:=http://www.infradead.org/openconnect/
SUBMENU:=VPN
endef
define Package/openconnect/description
A VPN client compatible with Cisco's AnyConnect SSL VPN.
A VPN client compatible with Cisco's AnyConnect SSL VPN and ocserv.
OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is
supported by IOS 12.4(9)T or later on Cisco SR500, 870, 880, 1800, 2800,
@ -38,6 +42,11 @@ CONFIGURE_ARGS += \
--disable-shared \
--with-vpnc-script=/lib/netifd/vpnc-script
ifeq ($(CONFIG_OPENCONNECT_OPENSSL),y)
CONFIGURE_ARGS += \
--without-gnutls
endif
define Package/openconnect/install
$(INSTALL_DIR) $(1)/lib/netifd/proto
$(INSTALL_BIN) ./files/openconnect.sh $(1)/lib/netifd/proto/

4
net/openconnect/files/openconnect.sh
View File

@ -42,11 +42,11 @@ proto_openconnect_setup() {
umask 077
pwfile="/var/run/openconnect-$config.passwd"
echo "$password" > "$pwfile"
append cmdline "--passwd-file=$pwfile"
append cmdline "--passwd-on-stdin"
}
proto_export INTERFACE="$config"
proto_run_command "$config" /usr/sbin/openconnect $cmdline
proto_run_command "$config" /usr/sbin/openconnect $cmdline <$pwfile
}
proto_openconnect_teardown() {

100
net/openconnect/patches/100-passwd_file.patch
View File

@ -1,100 +0,0 @@
--- a/main.c
+++ b/main.c
@@ -77,6 +77,7 @@ enum {
OPT_CAFILE,
OPT_COOKIEONLY,
OPT_COOKIE_ON_STDIN,
+ OPT_COOKIE_FILE,
OPT_CSD_USER,
OPT_CSD_WRAPPER,
OPT_DISABLE_IPV6,
@@ -91,6 +92,7 @@ enum {
OPT_NO_PROXY,
OPT_PIDFILE,
OPT_PASSWORD_ON_STDIN,
+ OPT_PASSWORD_FILE,
OPT_PRINTCOOKIE,
OPT_RECONNECT_TIMEOUT,
OPT_SERVERCERT,
@@ -139,7 +141,9 @@ static struct option long_options[] = {
OPTION("queue-len", 1, 'Q'),
OPTION("xmlconfig", 1, 'x'),
OPTION("cookie-on-stdin", 0, OPT_COOKIE_ON_STDIN),
+ OPTION("cookie-file", 1, OPT_COOKIE_FILE),
OPTION("passwd-on-stdin", 0, OPT_PASSWORD_ON_STDIN),
+ OPTION("passwd-file", 1, OPT_PASSWORD_FILE),
OPTION("no-passwd", 0, OPT_NO_PASSWD),
OPTION("reconnect-timeout", 1, OPT_RECONNECT_TIMEOUT),
OPTION("dtls-ciphers", 1, OPT_DTLS_CIPHERS),
@@ -177,6 +181,7 @@ static void usage(void)
printf(" -K, --key-type=TYPE %s\n", _("Private key type (PKCS#12 / TPM / PEM)"));
printf(" -C, --cookie=COOKIE %s\n", _("Use WebVPN cookie COOKIE"));
printf(" --cookie-on-stdin %s\n", _("Read cookie from standard input"));
+ printf(" --cookie-file=FILE %s\n", _("Read cookie from a file"));
printf(" -d, --deflate %s\n", _("Enable compression (default)"));
printf(" -D, --no-deflate %s\n", _("Disable compression"));
printf(" --force-dpd=INTERVAL %s\n", _("Set minimum Dead Peer Detection interval"));
@@ -217,6 +222,7 @@ static void usage(void)
printf(" --no-cert-check %s\n", _("Do not require server SSL cert to be valid"));
printf(" --non-inter %s\n", _("Do not expect user input; exit if it is required"));
printf(" --passwd-on-stdin %s\n", _("Read password from standard input"));
+ printf(" --passwd-file=FILE %s\n", _("Read password from a file"));
printf(" --reconnect-timeout %s\n", _("Connection retry timeout in seconds"));
printf(" --servercert=FINGERPRINT %s\n", _("Server's certificate SHA1 fingerprint"));
printf(" --useragent=STRING %s\n", _("HTTP header User-Agent: field"));
@@ -226,15 +232,28 @@ static void usage(void)
exit(1);
}
-static void read_stdin(char **string)
+static void read_file(const char *file, char **string)
{
char *c = malloc(100);
+ FILE *f;
+
+ if (file) {
+ f = fopen(file, "r");
+ if (!f) {
+ fprintf(stderr, _("Failed to open password file\n"));
+ exit(1);
+ }
+ } else {
+ file = "stdin";
+ f = stdin;
+ }
+
if (!c) {
- fprintf(stderr, _("Allocation failure for string from stdin\n"));
+ fprintf(stderr, _("Allocation failure for string from %s\n"), file);
exit(1);
}
- if (!fgets(c, 100, stdin)) {
- perror(_("fgets (stdin)"));
+ if (!fgets(c, 100, f)) {
+ perror(_("fgets"));
exit(1);
}
@@ -332,14 +351,20 @@ int main(int argc, char **argv)
cookieonly = 2;
break;
case OPT_COOKIE_ON_STDIN:
- read_stdin(&vpninfo->cookie);
+ optarg = NULL;
+ /* fall through */
+ case OPT_COOKIE_FILE:
+ read_file(optarg, &vpninfo->cookie);
/* If the cookie is empty, ignore it */
if (! *vpninfo->cookie) {
vpninfo->cookie = NULL;
}
break;
case OPT_PASSWORD_ON_STDIN:
- read_stdin(&vpninfo->password);
+ optarg = NULL;
+ /* fall through */
+ case OPT_PASSWORD_FILE:
+ read_file(optarg, &vpninfo->password);
break;
case OPT_NO_PASSWD:
vpninfo->nopasswd = 1;