[GIT PULL V5] Library/Android/JNI improvements
Kevin Cernekee
cernekee at gmail.com
Sat Dec 7 22:15:38 EST 2013
V4->V5 changes:
Added support for refreshing the auth form when a new group is chosen
Added support for second-auth fields and noaaa
Changed "cancel_pipe" to "cmd_pipe" so it can be used for other
asynchronous requests
Added a "force reconnect" command, issued via cmd_pipe, for use when a
mobile device's IP or connectivity changes
Clean up some of the JNI local reference usage
The code changes needed to make the Android UI work with
OC_FORM_RESULT_NEWGROUP were not too bad:
https://github.com/cernekee/ics-openconnect/commit/c8d30bb24ef17aabba6efc66ffed1ff6be1ea3d2
https://github.com/cernekee/ics-openconnect/commit/ffb882f28d1f90c8c9fc40a8288eec11653e5e72
I tested both the Android client and the CLI, with XML POST enabled and
disabled. AFAICT the results mirrored what Cisco AnyConnect is doing.
However, I am not aware of any live servers that actually enable
second-auth on certain authgroups; vpn.cmu.edu looks like the best test
case we have at the moment.
I did not test NEWGROUP with CSD, which may be a risk since it changes
the openconnect_obtain_cookie() flow.
--
The following changes since commit b06b862f572c0b6cbdf3a8e81b93554f98fbef80:
Include supporting certificates from PKCS#11 tokens (2013-11-15 22:49:25 +0000)
are available in the git repository at:
git://github.com/cernekee/openconnect jni-v5
for you to fetch changes up to 6dfcb9f57a100cb1fc44a3cbc988c463ae1d1c58:
auth: Hide unused form fields based on the selected authgroup (2013-12-07 18:54:13 -0800)
----------------------------------------------------------------
Kevin Cernekee (50):
Clear peer_addr if aborting XML POST changes the hostname
library: Remove declaration for nonexistent openconnect_get_vpn_name()
auth: Hack around const warnings
Introduce new helper functions for cancel_fd checking
library: Rename cancel_fd to cmd_fd
library: Add new openconnect_setup_cmd_pipe() call
Add new helper functions to support cmd_fd feature
Move signal handling out of mainloop
mainloop: Convert vpn_mainloop() into a library function
mainloop: Add OC_CMD_RECONNECT operation
main: Introduce xstrdup() function
tun: Export setup_tun() functionality
Move vpninfo default settings into library
library: Check for failed allocations in openconnect_vpninfo_new()
dtls: Export setup_dtls() function
cstp: Export make_cstp_connection()
library: Move the mainloop guts into libopenconnect
library: Update openconnect.pc.in
tun, cstp: Don't exit() on failure
library: Free zlib state
cstp: Clean up split include/exclude/DNS lists when freeing vpninfo
library: Add get/set functions for servercert, ifname, reqmtu
library: Export VPN IP information to callers
library: Add protect_socket callback
library: Add support for mobile headers
library: Add openconnect_set_xmlpost() to support different CSD modes
library: Update changelog and bump minor version
main: Add openconnect_vpninfo_free() on a couple of exit paths
buildsys: Allow overriding -W flags
acinclude: Add AX_JNI_INCLUDE_DIR macro
JNI: Initial commit of C wrapper functions
JNI: Initial commit of Java library + example program
android: Bump gmp up to version 5.1.2
android: Enable JNI in build
android: Add libstoken to build
android: Add liboath to build
android: Honor $TMPDIR when writing CSD script
auth: Fix comment in parse_form()
android: Add "sources" target
android: Fix broken ARCH=mips build
android: Add .gitignore file
android: Update Makefile to use NDK r9b
library: Use named constants for process_auth_form() return value
main: Move username/password/authgroup vars into main.c
auth: Add <group-access> node to XML POST initial request
auth: Add oc_choice->selected flag
process_auth_form: Add code to support NEWGROUP return status from UI
auth: Remove outdated comment for parse_auth_choice()
auth: Parse second-auth-related properties from the auth form
auth: Hide unused form fields based on the selected authgroup
.gitignore | 1 +
Makefile.am | 25 +-
acinclude.m4 | 125 +++
android/.gitignore | 8 +
android/0001-Remove-call-to-mlockall.patch | 33 +
...-fflush-freadahead-fseeko-Fix-for-Android.patch | 43 +
android/Makefile | 119 ++-
auth.c | 159 +++-
configure.ac | 48 +-
cstp.c | 137 +--
dtls.c | 18 +-
gnutls.c | 36 +-
http.c | 49 +-
java/.gitignore | 2 +
java/README | 22 +
java/build.xml | 33 +
java/src/com/example/LibTest.java | 207 ++++
.../infradead/libopenconnect/LibOpenConnect.java | 256 +++++
jni.c | 1004 ++++++++++++++++++++
libopenconnect.map.in | 19 +
library.c | 109 ++-
main.c | 193 ++--
mainloop.c | 38 +-
openconnect-internal.h | 56 +-
openconnect.h | 99 +-
openconnect.pc.in | 2 +-
openssl.c | 36 +-
ssl.c | 62 +-
tun.c | 187 ++--
29 files changed, 2716 insertions(+), 410 deletions(-)
create mode 100644 android/.gitignore
create mode 100644 android/0001-Remove-call-to-mlockall.patch
create mode 100644 android/0001-fflush-freadahead-fseeko-Fix-for-Android.patch
create mode 100644 java/.gitignore
create mode 100644 java/README
create mode 100644 java/build.xml
create mode 100644 java/src/com/example/LibTest.java
create mode 100644 java/src/org/infradead/libopenconnect/LibOpenConnect.java
create mode 100644 jni.c
More information about the openconnect-devel
mailing list