From fce2b069df766646798d1bac4ccd69d0d44b9d0c Mon Sep 17 00:00:00 2001
From: Yousong Zhou <yszhou4tech@gmail.com>
Date: Thu, 27 Aug 2020 12:10:04 +0800
Subject: [PATCH 1/2] openconnect: break each var into its own line in order

For easier review

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
---
 net/openconnect/files/openconnect.sh | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/net/openconnect/files/openconnect.sh b/net/openconnect/files/openconnect.sh
index 0efa44418..97d90cb72 100755
--- a/net/openconnect/files/openconnect.sh
+++ b/net/openconnect/files/openconnect.sh
@@ -39,7 +39,24 @@ proto_openconnect_add_form_entry() {
 proto_openconnect_setup() {
 	local config="$1"
 
-	json_get_vars server port interface username serverhash authgroup usergroup password password2 token_mode token_secret token_script os csd_wrapper mtu juniper form_entry
+	json_get_vars \
+		authgroup \
+		csd_wrapper \
+		form_entry \
+		interface \
+		juniper \
+		mtu \
+		os \
+		password \
+		password2 \
+		port \
+		server \
+		serverhash \
+		token_mode \
+		token_script \
+		token_secret \
+		usergroup \
+		username \
 
 	grep -q tun /proc/modules || insmod tun
 	ifname="vpn-$config"

From 3445e1b4702cce97b89d76cfa7db1b1d06934faa Mon Sep 17 00:00:00 2001
From: Yousong Zhou <yszhou4tech@gmail.com>
Date: Thu, 27 Aug 2020 12:13:56 +0800
Subject: [PATCH 2/2] openconnect: allow disable dtls with bool option no_dtls

openconnect may emit following error logs every minute when negotiating
with deployments forbidding usage of dtls

  Thu Aug 27 04:11:59 2020 daemon.notice openconnect[12024]: DTLS handshake failed: Error in the push function.
  Thu Aug 27 04:11:59 2020 daemon.notice openconnect[12024]: (Is a firewall preventing you from sending UDP packets?)

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
---
 net/openconnect/Makefile             | 2 +-
 net/openconnect/files/openconnect.sh | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/net/openconnect/Makefile b/net/openconnect/Makefile
index 73bb315ed..36ec25f3f 100644
--- a/net/openconnect/Makefile
+++ b/net/openconnect/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openconnect
 PKG_VERSION:=8.10
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/
diff --git a/net/openconnect/files/openconnect.sh b/net/openconnect/files/openconnect.sh
index 97d90cb72..aef13a3c3 100755
--- a/net/openconnect/files/openconnect.sh
+++ b/net/openconnect/files/openconnect.sh
@@ -15,6 +15,7 @@ proto_openconnect_init_config() {
 	proto_config_add_int "port"
 	proto_config_add_int "mtu"
 	proto_config_add_int "juniper"
+	proto_config_add_boolean "no_dtls"
 	proto_config_add_string "interface"
 	proto_config_add_string "username"
 	proto_config_add_string "serverhash"
@@ -46,6 +47,7 @@ proto_openconnect_setup() {
 		interface \
 		juniper \
 		mtu \
+		no_dtls \
 		os \
 		password \
 		password2 \
@@ -72,6 +74,7 @@ proto_openconnect_setup() {
 	[ -n "$port" ] && port=":$port"
 
 	append_args "$server$port" -i "$ifname" --non-inter --syslog --script /lib/netifd/vpnc-script
+	[ "$no_dtls" = 1 ] && append_args --no-dtls
 	[ -n "$mtu" ] && append_args --mtu "$mtu"
 
 	# migrate to standard config files