bakabtw/packages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

openconnect: Updated openconnect to 5.03

Browse Source 
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>


git-svn-id: svn://svn.openwrt.org/openwrt/packages@40339 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
hauke 2014-03-30 18:41:16 +00:00
parent cb8cc94c2f
commit 3e3e7b7693
4 changed files with 33 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
net/openconnect/Config.in Normal file
View File

@ -0,0 +1,18 @@
# openconnect avanced configuration
menu "Configuration"
depends on PACKAGE_openconnect
choice
prompt "SSL library"
default OPENCONNECT_GNUTLS
config OPENCONNECT_GNUTLS
bool "GnuTLS support"
config OPENCONNECT_OPENSSL
bool "OpenSSL"
endchoice
endmenu

17
net/openconnect/Makefile
View File

@ -8,26 +8,30 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=openconnect PKG_NAME:=openconnect
PKG_VERSION:=4.08 PKG_VERSION:=5.03
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/ PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/
PKG_MD5SUM:=3dd065194d87c08084675d255c8e29ef PKG_MD5SUM:=ff43ed1dbaccd2537fd7c5bfb04295a6
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
define Package/openconnect/config
source "$(SOURCE)/Config.in"
endef
define Package/openconnect define Package/openconnect
SECTION:=net SECTION:=net
CATEGORY:=Network CATEGORY:=Network
DEPENDS:=+libxml2 +libopenssl +kmod-tun +resolveip DEPENDS:=+libxml2 +kmod-tun +resolveip +OPENCONNECT_OPENSSL:libopenssl +OPENCONNECT_GNUTLS:libgnutls
TITLE:=VPN client for Cisco's AnyConnect SSL VPN TITLE:=VPN client for Cisco's AnyConnect SSL VPN
URL:=http://www.infradead.org/openconnect/ URL:=http://www.infradead.org/openconnect/
SUBMENU:=VPN SUBMENU:=VPN
endef endef
define Package/openconnect/description define Package/openconnect/description
A VPN client compatible with Cisco's AnyConnect SSL VPN. A VPN client compatible with Cisco's AnyConnect SSL VPN and ocserv.
OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is OpenConnect is a client for Cisco's AnyConnect SSL VPN, which is
supported by IOS 12.4(9)T or later on Cisco SR500, 870, 880, 1800, 2800, supported by IOS 12.4(9)T or later on Cisco SR500, 870, 880, 1800, 2800,
@ -38,6 +42,11 @@ CONFIGURE_ARGS += \
--disable-shared \ --disable-shared \
--with-vpnc-script=/lib/netifd/vpnc-script --with-vpnc-script=/lib/netifd/vpnc-script
ifeq ($(CONFIG_OPENCONNECT_OPENSSL),y)
CONFIGURE_ARGS += \
--without-gnutls
endif
define Package/openconnect/install define Package/openconnect/install
$(INSTALL_DIR) $(1)/lib/netifd/proto $(INSTALL_DIR) $(1)/lib/netifd/proto
$(INSTALL_BIN) ./files/openconnect.sh $(1)/lib/netifd/proto/ $(INSTALL_BIN) ./files/openconnect.sh $(1)/lib/netifd/proto/

4
net/openconnect/files/openconnect.sh
View File

@ -42,11 +42,11 @@ proto_openconnect_setup() {
umask 077 umask 077
pwfile="/var/run/openconnect-$config.passwd" pwfile="/var/run/openconnect-$config.passwd"
echo "$password" > "$pwfile" echo "$password" > "$pwfile"
append cmdline "--passwd-file=$pwfile" append cmdline "--passwd-on-stdin"
} }
proto_export INTERFACE="$config" proto_export INTERFACE="$config"
proto_run_command "$config" /usr/sbin/openconnect $cmdline proto_run_command "$config" /usr/sbin/openconnect $cmdline <$pwfile
} }
proto_openconnect_teardown() { proto_openconnect_teardown() {

100
net/openconnect/patches/100-passwd_file.patch
View File

@ -1,100 +0,0 @@
--- a/main.c
+++ b/main.c
@@ -77,6 +77,7 @@ enum {
OPT_CAFILE,
OPT_COOKIEONLY,
OPT_COOKIE_ON_STDIN,
+ OPT_COOKIE_FILE,
OPT_CSD_USER,
OPT_CSD_WRAPPER,
OPT_DISABLE_IPV6,
@@ -91,6 +92,7 @@ enum {
OPT_NO_PROXY,
OPT_PIDFILE,
OPT_PASSWORD_ON_STDIN,
+ OPT_PASSWORD_FILE,
OPT_PRINTCOOKIE,
OPT_RECONNECT_TIMEOUT,
OPT_SERVERCERT,
@@ -139,7 +141,9 @@ static struct option long_options[] = {
OPTION("queue-len", 1, 'Q'),
OPTION("xmlconfig", 1, 'x'),
OPTION("cookie-on-stdin", 0, OPT_COOKIE_ON_STDIN),
+ OPTION("cookie-file", 1, OPT_COOKIE_FILE),
OPTION("passwd-on-stdin", 0, OPT_PASSWORD_ON_STDIN),
+ OPTION("passwd-file", 1, OPT_PASSWORD_FILE),
OPTION("no-passwd", 0, OPT_NO_PASSWD),
OPTION("reconnect-timeout", 1, OPT_RECONNECT_TIMEOUT),
OPTION("dtls-ciphers", 1, OPT_DTLS_CIPHERS),
@@ -177,6 +181,7 @@ static void usage(void)
printf(" -K, --key-type=TYPE %s\n", _("Private key type (PKCS#12 / TPM / PEM)"));
printf(" -C, --cookie=COOKIE %s\n", _("Use WebVPN cookie COOKIE"));
printf(" --cookie-on-stdin %s\n", _("Read cookie from standard input"));
+ printf(" --cookie-file=FILE %s\n", _("Read cookie from a file"));
printf(" -d, --deflate %s\n", _("Enable compression (default)"));
printf(" -D, --no-deflate %s\n", _("Disable compression"));
printf(" --force-dpd=INTERVAL %s\n", _("Set minimum Dead Peer Detection interval"));
@@ -217,6 +222,7 @@ static void usage(void)
printf(" --no-cert-check %s\n", _("Do not require server SSL cert to be valid"));
printf(" --non-inter %s\n", _("Do not expect user input; exit if it is required"));
printf(" --passwd-on-stdin %s\n", _("Read password from standard input"));
+ printf(" --passwd-file=FILE %s\n", _("Read password from a file"));
printf(" --reconnect-timeout %s\n", _("Connection retry timeout in seconds"));
printf(" --servercert=FINGERPRINT %s\n", _("Server's certificate SHA1 fingerprint"));
printf(" --useragent=STRING %s\n", _("HTTP header User-Agent: field"));
@@ -226,15 +232,28 @@ static void usage(void)
exit(1);
}
-static void read_stdin(char **string)
+static void read_file(const char *file, char **string)
{
char *c = malloc(100);
+ FILE *f;
+
+ if (file) {
+ f = fopen(file, "r");
+ if (!f) {
+ fprintf(stderr, _("Failed to open password file\n"));
+ exit(1);
+ }
+ } else {
+ file = "stdin";
+ f = stdin;
+ }
+
if (!c) {
- fprintf(stderr, _("Allocation failure for string from stdin\n"));
+ fprintf(stderr, _("Allocation failure for string from %s\n"), file);
exit(1);
}
- if (!fgets(c, 100, stdin)) {
- perror(_("fgets (stdin)"));
+ if (!fgets(c, 100, f)) {
+ perror(_("fgets"));
exit(1);
}
@@ -332,14 +351,20 @@ int main(int argc, char **argv)
cookieonly = 2;
break;
case OPT_COOKIE_ON_STDIN:
- read_stdin(&vpninfo->cookie);
+ optarg = NULL;
+ /* fall through */
+ case OPT_COOKIE_FILE:
+ read_file(optarg, &vpninfo->cookie);
/* If the cookie is empty, ignore it */
if (! *vpninfo->cookie) {
vpninfo->cookie = NULL;
}
break;
case OPT_PASSWORD_ON_STDIN:
- read_stdin(&vpninfo->password);
+ optarg = NULL;
+ /* fall through */
+ case OPT_PASSWORD_FILE:
+ read_file(optarg, &vpninfo->password);
break;
case OPT_NO_PASSWD:
vpninfo->nopasswd = 1;