openconnect: allow specify --protocol from config

openconnect v8.10 supports 4 VPN protocols

  --protocol=anyconnect  Compatible with Cisco AnyConnect SSL VPN, as well as ocserv (default)
  --protocol=nc          Compatible with Juniper Network Connect
  --protocol=gp          Compatible with Palo Alto Networks (PAN) GlobalProtect SSL VPN
  --protocol=pulse       Compatible with Pulse Connect Secure SSL VPN

This patch allows user to specify protocol use the new "vpn_protocol"
option and deprecate the old option "juniper" which seems to be missing in
the current openconnect client.

Signed-off-by: Mengyang Li <mayli.he@gmail.com>

diff --git a/net/openconnect/Makefile b/net/openconnect/Makefile
index 277653a1b8377e7682bf9eca7e986c8994d200ca..59e81f77a310ec53f78e38a81bc6ed9e9fbe4cdd 100644 (file)
--- a/net/openconnect/Makefile
+++ b/net/openconnect/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openconnect
 PKG_VERSION:=8.10
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/

diff --git a/net/openconnect/README b/net/openconnect/README
index 7ab2a69cd9cff8c77919121b0438fd03bd752da6..e7c60d76546e5952af4cc4800ac6fa36a43b3e40 100644 (file)
--- a/net/openconnect/README
+++ b/net/openconnect/README
@@ -32,8 +32,15 @@ config interface 'MYVPN'
        #option token_mode 'script'
        #option token_script '/lib/custom/getocpass.sh'
 
-       # Juniper vpn support
-       #option juniper '1'
+       # For non-anyconnect vpn protocols
+       # Cisco AnyConnect (default)
+       #option vpn_protocol 'anyconnect'
+       # Juniper Network Connect
+       #option vpn_protocol 'nc'
+       # Palo Alto Networks GlobalProtect
+       #option vpn_protocol 'gp'
+       # Pulse Connect Secure
+       #option vpn_protocol 'pulse'
 
        # Authentication form responses
        #list form_entry FORM:OPT=VAL

diff --git a/net/openconnect/files/openconnect.sh b/net/openconnect/files/openconnect.sh
index aef13a3c33cbb6ddec759217c7070ed7776a711d..d310cf5c13d54964b7e7141992fcc739692ccb61 100755 (executable)
--- a/net/openconnect/files/openconnect.sh
+++ b/net/openconnect/files/openconnect.sh
@@ -15,6 +15,7 @@ proto_openconnect_init_config() {
        proto_config_add_int "port"
        proto_config_add_int "mtu"
        proto_config_add_int "juniper"
+       proto_config_add_string "vpn_protocol"
        proto_config_add_boolean "no_dtls"
        proto_config_add_string "interface"
        proto_config_add_string "username"
@@ -46,6 +47,7 @@ proto_openconnect_setup() {
                form_entry \
                interface \
                juniper \
+               vpn_protocol \
                mtu \
                no_dtls \
                os \
@@ -93,6 +95,10 @@ proto_openconnect_setup() {
                append_args --juniper
        fi
 
+       [ -n "$vpn_protocol" ] && {
+               append_args --protocol "$vpn_protocol"
+       }
+
        [ -n "$serverhash" ] && {
                append_args "--servercert=$serverhash"
                append_args --no-system-trust