Browse Source

openconnect: when serverhash or cafile are present, set --no-system-trust

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
lilik-openwrt-22.03
Nikos Mavrogiannopoulos 10 years ago
parent
commit
05999937ed
1 changed files with 2 additions and 2 deletions
  1. +2
    -2
      net/openconnect/files/openconnect.sh

+ 2
- 2
net/openconnect/files/openconnect.sh View File

@ -38,10 +38,10 @@ proto_openconnect_setup() {
cmdline="$server$port -i vpn-$config --non-inter --syslog --script /lib/netifd/vpnc-script"
[ -f /etc/openconnect/ca-vpn-$config.pem ] && append cmdline "--cafile /etc/openconnect/ca-vpn-$config.pem"
[ -f /etc/openconnect/ca-vpn-$config.pem ] && append cmdline "--no-system-trust --cafile /etc/openconnect/ca-vpn-$config.pem"
[ -f /etc/openconnect/user-cert-vpn-$config.pem ] && append cmdline "-c /etc/openconnect/user-cert-vpn-$config.pem"
[ -f /etc/openconnect/user-key-vpn-$config.pem ] && append cmdline "--sslkey /etc/openconnect/user-key-vpn-$config.pem"
[ -n "$serverhash" ] && append cmdline "--servercert=$serverhash"
[ -n "$serverhash" ] && append cmdline "--no-system-trust --servercert=$serverhash"
[ -n "$authgroup" ] && append cmdline "--authgroup $authgroup"
[ -n "$username" ] && append cmdline "-u $username"
[ -n "$password" ] && {


Loading…
Cancel
Save