Browse Source

openconnect: allow disable dtls with bool option no_dtls

openconnect may emit following error logs every minute when negotiating
with deployments forbidding usage of dtls

  Thu Aug 27 04:11:59 2020 daemon.notice openconnect[12024]: DTLS handshake failed: Error in the push function.
  Thu Aug 27 04:11:59 2020 daemon.notice openconnect[12024]: (Is a firewall preventing you from sending UDP packets?)

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
lilik-openwrt-22.03
Yousong Zhou 4 years ago
parent
commit
3445e1b470
2 changed files with 4 additions and 1 deletions
  1. +1
    -1
      net/openconnect/Makefile
  2. +3
    -0
      net/openconnect/files/openconnect.sh

+ 1
- 1
net/openconnect/Makefile View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openconnect PKG_NAME:=openconnect
PKG_VERSION:=8.10 PKG_VERSION:=8.10
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/ PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/


+ 3
- 0
net/openconnect/files/openconnect.sh View File

@ -15,6 +15,7 @@ proto_openconnect_init_config() {
proto_config_add_int "port" proto_config_add_int "port"
proto_config_add_int "mtu" proto_config_add_int "mtu"
proto_config_add_int "juniper" proto_config_add_int "juniper"
proto_config_add_boolean "no_dtls"
proto_config_add_string "interface" proto_config_add_string "interface"
proto_config_add_string "username" proto_config_add_string "username"
proto_config_add_string "serverhash" proto_config_add_string "serverhash"
@ -46,6 +47,7 @@ proto_openconnect_setup() {
interface \ interface \
juniper \ juniper \
mtu \ mtu \
no_dtls \
os \ os \
password \ password \
password2 \ password2 \
@ -72,6 +74,7 @@ proto_openconnect_setup() {
[ -n "$port" ] && port=":$port" [ -n "$port" ] && port=":$port"
append_args "$server$port" -i "$ifname" --non-inter --syslog --script /lib/netifd/vpnc-script append_args "$server$port" -i "$ifname" --non-inter --syslog --script /lib/netifd/vpnc-script
[ "$no_dtls" = 1 ] && append_args --no-dtls
[ -n "$mtu" ] && append_args --mtu "$mtu" [ -n "$mtu" ] && append_args --mtu "$mtu"
# migrate to standard config files # migrate to standard config files


Loading…
Cancel
Save