[PATCH 11/24] library: Add call to change reported OS name

[Kevin Cernekee]

Newer gateways require the client to announce its platform name (win,
mac, linux, linux-64) in the HTTP headers and in the <config-auth>
section of each request.  The gateway can be configured to apply different
security policies to different OSes, or even completely block access to
OSes that are not on the "approved" list.

Therefore, it is useful to be able to adjust the OS name that is reported
to the gateway.

Signed-off-by: Kevin Cernekee <cernekee at gmail.com>
---
 libopenconnect.map.in  |    5 +++++
 library.c              |   30 +++++++++++++++++++++++++-----
 main.c                 |    6 +-----
 openconnect-internal.h |    1 +
 openconnect.h          |    4 ++++
 5 files changed, 36 insertions(+), 10 deletions(-)

diff --git a/libopenconnect.map.in b/libopenconnect.map.in
index 2539335..cd4d87c 100644
--- a/libopenconnect.map.in
+++ b/libopenconnect.map.in
@@ -1,3 +1,8 @@
+OPENCONNECT_2.2 {
+ global:
+	openconnect_set_reported_os;
+};
+
 OPENCONNECT_2.1 {
  global:
 	openconnect_has_stoken_support;
diff --git a/library.c b/library.c
index c8db968..c1cf95f 100644
--- a/library.c
+++ b/library.c
@@ -50,11 +50,7 @@ struct openconnect_info *openconnect_vpninfo_new (char *useragent,
 	vpninfo->progress = progress;
 	vpninfo->cbdata = privdata?:vpninfo;
 	vpninfo->cancel_fd = -1;
-#ifdef __APPLE__
-	vpninfo->csd_xmltag = "csdMac";
-#else
-	vpninfo->csd_xmltag = "csdLinux";
-#endif
+	openconnect_set_reported_os(vpninfo, NULL);
 
 #ifdef ENABLE_NLS
 	bindtextdomain("openconnect", LOCALEDIR);
@@ -63,6 +59,30 @@ struct openconnect_info *openconnect_vpninfo_new (char *useragent,
 	return vpninfo;
 }
 
+int openconnect_set_reported_os (struct openconnect_info *vpninfo, const char *os)
+{
+	if (!os) {
+#if defined(__APPLE__)
+		os = "mac";
+#else
+		os = sizeof(long) > 4 ? "linux-64" : "linux";
+#endif
+	}
+
+	/* FIXME: is there a special platname for 64-bit Windows? */
+	if (!strcmp(os, "mac"))
+		vpninfo->csd_xmltag = "csdMac";
+	else if (!strcmp(os, "linux") || !strcmp(os, "linux-64"))
+		vpninfo->csd_xmltag = "csdLinux";
+	else if (!strcmp(os, "win"))
+		vpninfo->csd_xmltag = "csd";
+	else
+		return -EINVAL;
+
+	vpninfo->platname = os;
+	return 0;
+}
+
 static void free_optlist (struct vpn_option *opt)
 {
 	struct vpn_option *next;
diff --git a/main.c b/main.c
index 3ca3bc8..da69648 100644
--- a/main.c
+++ b/main.c
@@ -479,11 +479,7 @@ int main(int argc, char **argv)
 	vpninfo->reconnect_timeout = 300;
 	vpninfo->uid_csd = 0;
 	/* We could let them override this on the command line some day, perhaps */
-#ifdef __APPLE__
-	vpninfo->csd_xmltag = "csdMac";
-#else
-	vpninfo->csd_xmltag = "csdLinux";
-#endif
+	openconnect_set_reported_os(vpninfo, NULL);
 	vpninfo->uid_csd = 0;
 	vpninfo->uid_csd_given = 0;
 	vpninfo->validate_peer_cert = validate_peer_cert;
diff --git a/openconnect-internal.h b/openconnect-internal.h
index cd0e7e7..fd0060d 100644
--- a/openconnect-internal.h
+++ b/openconnect-internal.h
@@ -133,6 +133,7 @@ struct openconnect_info {
 	char *redirect_url;
 
 	const char *csd_xmltag;
+	const char *platname;
 	char *csd_token;
 	char *csd_ticket;
 	char *csd_stuburl;
diff --git a/openconnect.h b/openconnect.h
index e034d33..5a528c2 100644
--- a/openconnect.h
+++ b/openconnect.h
@@ -34,6 +34,9 @@
 #define OPENCONNECT_API_VERSION_MINOR 1
 
 /*
+ * API version 2.2:
+ *  - Add openconnect_set_reported_os()
+ *
  * API version 2.1:
  *  - Add openconnect_set_stoken_mode(), openconnect_has_stoken_support()
  *
@@ -175,6 +178,7 @@ void openconnect_set_xmlsha1 (struct openconnect_info *, const char *, int size)
 
 void openconnect_set_cafile (struct openconnect_info *, char *);
 void openconnect_setup_csd (struct openconnect_info *, uid_t, int silent, char *wrapper);
+int openconnect_set_reported_os (struct openconnect_info *, const char *os);
 void openconnect_set_client_cert (struct openconnect_info *, char *cert, char *sslkey);
 
 /* This is *not* yours and must not be destroyed with X509_free(). It
-- 
1.7.10.4