[PATCH] Re: OpenConnect, Juniper and NetworkManager

Fri Jun 3 09:19:39 PDT 2016

On Sun, 2016-05-08 at 18:36 -0400, Ian Turner wrote:
> --- a/src/nm-openconnect-service-openconnect-helper.c
> +++ b/src/nm-openconnect-service-openconnect-helper.c
> @@ -216,14 +216,14 @@ addr6_list_to_gvariant (const char *str)
>  }
>  
>  static GVariant *
> -split_dns_list_to_gvariant (const char *str)
> +split_dns_list_to_gvariant (const char *str, const char *sep)
>  {
>  	gchar **split;
>  
>  	if (!str || strlen (str) < 1)
>  		return NULL;
>  
> -	split = g_strsplit (str, ",", -1);
> +	split = g_strsplit (str, sep, -1);
>  	if (g_strv_length (split) == 0)
>  		return NULL;
>  
> @@ -382,6 +382,7 @@ get_ip6_routes (void)
>   * INTERNAL_IP4_DNS       -- list of dns serverss
>   * INTERNAL_IP4_NBNS      -- list of wins servers
>   * CISCO_DEF_DOMAIN       -- default domain name
> + * CISCO_SPLIT_DNS        -- default domain name
>   * CISCO_BANNER           -- banner from server
>   *
>   */
> @@ -450,11 +451,6 @@ main (int argc, char *argv[])
>  	if (val)
>  		g_variant_builder_add (&builder, "{sv}", NM_VPN_PLUGIN_CONFIG_BANNER, val);
>  
> -	/* Default domain */
> -	val = str_to_gvariant (getenv ("CISCO_DEF_DOMAIN"), TRUE);
> -	if (val)
> -		g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_DOMAIN, val);
> -
>  	/* MTU  */
>  	tmp = getenv ("INTERNAL_IP4_MTU");
>  	if (tmp && strlen (tmp)) {
> @@ -501,10 +497,27 @@ main (int argc, char *argv[])
>  	if (val)
>  		g_variant_builder_add (&ip4builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_NBNS, val);
>  
> -	/* Split DNS domains */
> -	val = split_dns_list_to_gvariant (getenv ("CISCO_SPLIT_DNS"));
> -	if (val)
> -		g_variant_builder_add (&builder, "{sv}", NM_VPN_PLUGIN_IP4_CONFIG_DOMAINS, val);
> +	/* We have two environment variables with domains --
> +	   CISCO_SPLIT_DNS and CISCO_DEF_DOMAIN. On Cisco,
> +	   CISCO_DEF_DOMAIN can only be a single domain, while
> +	   CISCO_SPLIT_DNS can have multiple domains separated by
> +	   comma. On Juniper, CISCO_SPLIT_DNS is not supported but
> +	   CISCO_DEF_DOMAIN can have multiple domains separated by ", ".
> +	   
> +	   The upshot of all this is we use CISCO_SPLIT_DNS if available,
> +	   CISCO_DEF_DOMAIN if not. */
> +
> +	val = split_dns_list_to_gvariant (getenv ("CISCO_SPLIT_DNS"), ",");
> +	if (val) {
> +		g_variant_builder_add (&ip4builder, "{sv}",
> +				       NM_VPN_PLUGIN_IP4_CONFIG_DOMAINS, val);
> +	} else {
> +		val = split_dns_list_to_gvariant (getenv ("CISCO_DEF_DOMAIN"), ", ");
> +		if (val) {
> +			g_variant_builder_add (&ip4builder, "{sv}",
> +					       NM_VPN_PLUGIN_IP4_CONFIG_DOMAINS, val);
> +		}
> +	}
>  
>  	/* Routes */
>  	val = get_ip4_routes ();

I've merged a form of Juniper support which does things somewhat
differently. I haven't addressed the above though. Can we have a
version which is just a bit more versatile about whitespace instead of
assuming that CISCO_SPLIT_DNS will *always* lack spaces, and
CISCO_DEF_DOMAIN will always have them?

Thanks!

-- 
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5760 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20160603/3af0bede/attachment-0001.bin>