LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

openconnect: add an option to support stoken 

Add a new build configuration option for openconnect and let it link
against libstoken if instructed to. Two new uci configuration variables
are introduced: "token_mode" and "token_secret" to allow openconnect to
use those.

Signed-off-by: Florian Fainelli <florian@openwrt.org>
lilik-openwrt-22.03
Florian Fainelli 10 years ago
parent
ebd0c44052
commit
a54d31ed3f
4 changed files with 18 additions and 4 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +3
    -0
      net/openconnect/Config.in
  2. +9
    -3
      net/openconnect/Makefile
  3. +2
    -0
      net/openconnect/README
  4. +4
    -1
      net/openconnect/files/openconnect.sh

+ 3
- 0
net/openconnect/Config.in View File

@ -15,4 +15,7 @@ config OPENCONNECT_OPENSSL
endchoice
config OPENCONNECT_STOKEN
bool "stoken support"
endmenu

+ 9
- 3
net/openconnect/Makefile View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openconnect
PKG_VERSION:=7.00
PKG_RELEASE:=3
PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/openconnect/
@ -29,7 +29,7 @@ endef
define Package/openconnect
SECTION:=net
CATEGORY:=Network
DEPENDS:=+libxml2 +kmod-tun +resolveip +OPENCONNECT_OPENSSL:libopenssl +OPENCONNECT_GNUTLS:libgnutls
DEPENDS:=+libxml2 +kmod-tun +resolveip +OPENCONNECT_OPENSSL:libopenssl +OPENCONNECT_GNUTLS:libgnutls +OPENCONNECT_STOKEN:libstoken
TITLE:=OpenConnect VPN client (Cisco AnyConnect compatible)
MAINTAINER:=Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
URL:=http://www.infradead.org/openconnect/
@ -48,13 +48,19 @@ endef
CONFIGURE_ARGS += \
--disable-shared \
--with-vpnc-script=/lib/netifd/vpnc-script \
--without-libpcsclite
--without-libpcsclite \
--without-stoken
ifeq ($(CONFIG_OPENCONNECT_OPENSSL),y)
CONFIGURE_ARGS += \
--without-gnutls
endif
ifeq ($(CONFIG_OPENCONNECT_STOKEN),y)
CONFIGURE_ARGS += \
--with-stoken
endif
define Package/openconnect/install
$(INSTALL_DIR) $(1)/etc/openconnect/
$(INSTALL_DIR) $(1)/lib/netifd/proto


+ 2
- 0
net/openconnect/README View File

@ -11,6 +11,8 @@ config interface 'MYVPN'
option username 'test'
option password 'secret'
option serverhash 'AE7FF6A0426F0A0CD0A02EB9EC3C5066FAEB0B25'
option token_mode 'rsa' # when built with stoken support
option token_secret 'secret' # when built with stoken support
The additional files are also used:
/etc/openconnect/user-cert-vpn-MYVPN.pem: The user certificate


+ 4
- 1
net/openconnect/files/openconnect.sh View File

@ -17,7 +17,7 @@ proto_openconnect_init_config() {
proto_openconnect_setup() {
local config="$1"
json_get_vars server port username serverhash authgroup password vgroup
json_get_vars server port username serverhash authgroup password vgroup token_mode token_secret
grep -q tun /proc/modules || insmod tun
@ -57,6 +57,9 @@ proto_openconnect_setup() {
append cmdline "--passwd-on-stdin"
}
[ -n "$token_mode" ] && append cmdline "--token-mode=$token_mode"
[ -n "$token_secret" ] && append cmdline "--token-secret=$token_secret"
proto_export INTERFACE="$config"
logger -t openconnect "executing 'openconnect $cmdline'"


Write Preview
Loading…
Cancel
Save