[PATCH v2 08/16] openconnect: Add support for --no-cert-check client option

Jukka Rissanen jukka.rissanen at linux.intel.com
Tue Nov 27 02:51:40 PST 2012


---
 vpn/plugins/openconnect.c | 52 ++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 51 insertions(+), 1 deletion(-)

diff --git a/vpn/plugins/openconnect.c b/vpn/plugins/openconnect.c
index 812908c..80213c1 100644
--- a/vpn/plugins/openconnect.c
+++ b/vpn/plugins/openconnect.c
@@ -45,6 +45,16 @@
 
 #include "vpn.h"
 
+#define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0]))
+
+struct {
+	const char *cm_opt;
+	const char *oc_opt;
+	char       has_value;
+} oc_options[] = {
+	{ "OpenConnect.NoCertCheck", "--no-cert-check", 0 },
+};
+
 struct oc_private_data {
 	struct connman_task *task;
 	char *if_name;
@@ -52,6 +62,30 @@ struct oc_private_data {
 	void *user_data;
 };
 
+static int task_append_config_data(struct vpn_provider *provider,
+					struct connman_task *task)
+{
+	const char *option;
+	int i;
+
+	for (i = 0; i < (int)ARRAY_SIZE(oc_options); i++) {
+		if (oc_options[i].oc_opt == NULL)
+			continue;
+
+		option = vpn_provider_get_string(provider,
+					oc_options[i].cm_opt);
+		if (option == NULL)
+			continue;
+
+		if (connman_task_add_argument(task,
+				oc_options[i].oc_opt,
+				oc_options[i].has_value ? option : NULL) < 0)
+			return -EIO;
+	}
+
+	return 0;
+}
+
 static int oc_notify(DBusMessage *msg, struct vpn_provider *provider)
 {
 	DBusMessageIter iter, dict;
@@ -377,6 +411,8 @@ static int run_connect(struct vpn_provider *provider,
 		goto done;
 	}
 
+	task_append_config_data(provider, task);
+
 	vpn_provider_set_string(provider, "OpenConnect.Cookie", vpncookie);
 
 	certsha1 = vpn_provider_get_string(provider,
@@ -490,7 +526,8 @@ done:
 
 static int oc_save(struct vpn_provider *provider, GKeyFile *keyfile)
 {
-	const char *setting;
+	const char *setting, *option;
+	int i;
 
 	setting = vpn_provider_get_string(provider,
 					"OpenConnect.ServerCert");
@@ -513,6 +550,19 @@ static int oc_save(struct vpn_provider *provider, GKeyFile *keyfile)
 				vpn_provider_get_save_group(provider),
 				"VPN.MTU", setting);
 
+	for (i = 0; i < (int)ARRAY_SIZE(oc_options); i++) {
+		if (strncmp(oc_options[i].cm_opt, "OpenConnect.", 12) == 0) {
+			option = vpn_provider_get_string(provider,
+							oc_options[i].cm_opt);
+			if (option == NULL)
+				continue;
+
+			g_key_file_set_string(keyfile,
+					vpn_provider_get_save_group(provider),
+					oc_options[i].cm_opt, option);
+		}
+	}
+
 	return 0;
 }
 
-- 
1.7.11.4




More information about the connman mailing list