openconnect: introduced URI parameter

This allows specifying a camouflage string in ocserv. Fixes: #23364 Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
2025-12-21 19:14:30 +04:00 · 2024-05-09 21:18:44 +02:00
parent 233405f68d
commit a14bb12dff
3 changed files with 8 additions and 4 deletions
--- a/net/openconnect/Makefile
+++ b/net/openconnect/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=openconnect
 PKG_VERSION:=9.12
-PKG_RELEASE:=3
+PKG_RELEASE:=4

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://www.infradead.org/openconnect/download
--- a/net/openconnect/README
+++ b/net/openconnect/README
@@ -5,8 +5,7 @@ To setup a VPN connection, add the following to /etc/config/network:
 config interface 'MYVPN'
 	option proto 'openconnect'
 	option interface 'wan'
-	option server 'vpn.example.com'
-	option port '4443'
+	option uri 'https://vpn.example.com:4443'
 	option username 'test'
 	option password 'secret'
 	option serverhash 'AE7FF6A0426F0A0CD0A02EB9EC3C5066FAEB0B25'
--- a/net/openconnect/files/openconnect.sh
+++ b/net/openconnect/files/openconnect.sh
@@ -16,6 +16,7 @@ append_args() {
 proto_openconnect_init_config() {
 	proto_config_add_string "server"
 	proto_config_add_int "port"
+	proto_config_add_string "uri"
 	proto_config_add_int "mtu"
 	proto_config_add_int "juniper"
 	proto_config_add_int "reconnect_timeout"
@@ -65,6 +66,7 @@ proto_openconnect_setup() {
 		proxy \
 		reconnect_timeout \
 		server \
+		uri \
 		serverhash \
 		token_mode \
 		token_script \
@@ -79,6 +81,8 @@ proto_openconnect_setup() {
 	[ -n "$interface" ] && {
 		local trials=5

+		[ -n $uri ] && server=$(echo $uri | awk -F[/:] '{print $4}')
+
 		logger -t "openconnect" "adding host dependency for $server at $config"
 		while resolveip -t 10 "$server" > "$tmpfile" && [ "$trials" -gt 0 ]; do
 			sleep 5
@@ -95,8 +99,9 @@ proto_openconnect_setup() {
 	}

 	[ -n "$port" ] && port=":$port"
+	[ -z "$uri" ] && uri="$server$port"

-	append_args "$server$port" -i "$ifname" --non-inter --syslog --script /lib/netifd/vpnc-script
+	append_args "$uri" -i "$ifname" --non-inter --syslog --script /lib/netifd/vpnc-script
 	[ "$pfs" = 1 ] && append_args --pfs
 	[ "$no_dtls" = 1 ] && append_args --no-dtls
 	[ -n "$mtu" ] && append_args --mtu "$mtu"