Add documentation for array protocol, remove HIDDEN flag

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

library.c

@@ -247,7 +247,7 @@ static const struct vpn_proto openconnect_protos[] = {
 		.pretty_name = N_("Array SSL VPN"),
 		.description = N_("Compatible with Array Networks SSL VPN"),
 		.proto = PROTO_ARRAY,
-		.flags = OC_PROTO_PROXY | OC_PROTO_HIDDEN,
+		.flags = OC_PROTO_PROXY,
 		.vpn_close_session = array_bye,
 		.tcp_connect = array_connect,
 		.tcp_mainloop = array_mainloop,

openconnect.8.in

@@ -89,8 +89,10 @@ PAN GlobalProtect VPN servers,
 .RB ( \-\-protocol=gp )
 F5 Big-IP VPN servers,
 .RB ( \-\-protocol=f5 )
-and Fortinet Fortigate VPN servers,
+Fortinet Fortigate VPN servers,
 .RB ( \-\-protocol=fortinet )
+and Array Networks SSL VPN servers,
+.RB ( \-\-protocol=array )
 .
 
 The connection happens in two phases. First there is a simple HTTPS
@@ -500,9 +502,11 @@ for experimental support for Junos Pulse,
 .I gp
 for experimental support for PAN GlobalProtect,
 .I f5
-for experimental support for F5 Big-IP, and
+for experimental support for F5 Big-IP,
 .I fortinet
-for experimental support for Fortinet Fortigate.
+for experimental support for Fortinet Fortigate, and
+.I array
+for experimental support for Array Networks SSL VPN.
 
 See
 .I http://www.infradead.org/openconnect/protocols.html

www/Makefile.am

@@ -6,7 +6,7 @@ CONV 	= "$(srcdir)/html.py"
 FTR_PAGES = csd.html charset.html token.html pkcs11.html tpm.html features.html gui.html nonroot.html hip.html tncc.html
 START_PAGES = building.html connecting.html manual.html vpnc-script.html
 INDEX_PAGES = changelog.html download.html index.html packages.html platforms.html licence.html
-PROTO_PAGES = protocols.html anyconnect.html fortinet.html f5.html globalprotect.html juniper.html pulse.html
+PROTO_PAGES = protocols.html anyconnect.html array.html fortinet.html f5.html globalprotect.html juniper.html pulse.html
 TOPLEVEL_PAGES = contribute.html mail.html
 
 ALL_PAGES = $(FTR_PAGES) $(START_PAGES) $(INDEX_PAGES) $(TOPLEVEL_PAGES) $(PROTO_PAGES)

www/array.xml

@@ -0,0 +1,38 @@
+<PAGE>
+	<INCLUDE file="inc/header.tmpl" />
+
+	<VAR match="VAR_SEL_PROTOCOLS" replace="selected" />
+	<VAR match="VAR_SEL_ARRAY" replace="selected" />
+	<PARSE file="menu1.xml" />
+	<PARSE file="menu2-protocols.xml" />
+
+	<INCLUDE file="inc/content.tmpl" />
+
+<h1>Array Networks AG SSL VPN</h1>
+
+<p>Experimental support for <a
+href="https://arraynetworks.com/products-secure-access-gateways-ag-series.html">Array
+AG SSL VPN</a> was added to OpenConnect in May 2021 for the 9.00 release. It is used for access to
+<a href="https://cloud.ibm.com/docs/iaas-vpn?topic=iaas-vpn-vpn-ssl-faq">IBM Cloud</a>
+private networks.</p>
+
+<p>Array mode is requested by adding <tt>--protocol=array</tt>
+to the command line:
+<pre>
+  openconnect --protocol=array vpn.lon.softlayer.com
+</pre></p>
+
+<h2>Quirks and Issues</h2>
+
+<p>Currently, OpenConnect only supports basic username/password
+authentication. If you have access to an Array VPN which uses other
+types of authentication (e.g.  RSA or OATH tokens), please send
+information to <a href="mail.html">the mailing list</a> so that we add
+support to OpenConnect.</p>
+
+<p>Connectivity over DTLS is supported, but currently limited to DTLSv1.0
+because no known version of the server supports DTLSv1.2. Some operating
+systems might ban DTLSv1.0 in their default security settings.</p>
+
+	<INCLUDE file="inc/footer.tmpl" />
+</PAGE>

www/changelog.xml

@@ -39,6 +39,7 @@
        <li>Fix output redirection under Windows (<a href="https://gitlab.com/openconnect/openconnect/-/issues/229">#229</a>)</li>
        <li>More gracefully handle Pulse/NC idle timeouts and other Pulse fatal errors (<a href="https://gitlab.com/openconnect/openconnect/-/issues/187">!187</a>)</li>
        <li>Ignore failures to fetch the NC landing page if the authentication was successful.</li>
+       <li>Add support for <a href="https://arraynetworks.com/products-secure-access-gateways-ag-series.html">Array Networks SSL VPN</a> (<a href="https://gitlab.com/openconnect/openconnect/-/issues/102">#102</a>)</li>
      </ul><br/>
   </li>
   <li><b><a href="ftp://ftp.infradead.org/pub/openconnect/openconnect-8.10.tar.gz">OpenConnect v8.10</a></b>

www/index.xml

@@ -13,6 +13,7 @@
 
 <ul>
   <li><a href="anyconnect.html">Cisco AnyConnect</a> (<tt>--protocol=anyconnect</tt>)</li>
+  <li><a href="array.html">Array Networks AG SSL VPN</a> (<tt>--protocol=array</tt>)</li>
   <li><a href="juniper.html">Juniper SSL VPN</a> (<tt>--protocol=nc</tt>)</li>
   <li><a href="pulse.html">Pulse Connect Secure</a> (<tt>--protocol=pulse</tt></li>
   <li><a href="globalprotect.html">Palo Alto Networks GlobalProtect SSL VPN</a> (<tt>--protocol=gp</tt>)</li>

www/menu2-protocols.xml

@@ -1,6 +1,7 @@
 <PAGE>
 	<STARTMENU level="2"/>
         <MENU topic="AnyConnect" link="anyconnect.html" mode="VAR_SEL_ANYCONNECT" />
+        <MENU topic="Array" link="array.html" mode="VAR_SEL_ARRAY" />
         <MENU topic="Fortinet" link="fortinet.html" mode="VAR_SEL_FORTINET" />
         <MENU topic="F5" link="f5.html" mode="VAR_SEL_F5" />
         <MENU topic="GlobalProtect" link="globalprotect.html" mode="VAR_SEL_GLOBALPROTECT" />

www/protocols.xml

@@ -30,6 +30,7 @@ See <a href="manual.xml">the <tt>--protocol</tt> option</a> for how to use a dif
   <a href="https://www.f5.com/products/big-ip-services">F5 Big-IP SSL VPN</a> (<tt>--protocol=f5</tt>; PPP-based)</li>
   <li><a href="fortinet.html">Details</a> on support for
   <a href="https://www.fortinet.com/products/vpn">Fortinet Fortigate SSL VPN</a> (<tt>--protocol=fortinet</tt>; PPP-based)</li>
+  <li><a href="array.html">Details</a> on support for <a href="https://arraynetworks.com/products-secure-access-gateways-ag-series.html">Array Networks AG SSL VPN</a> (<tt>--protocol=array</tt>)</li>
 </ul>
 
 	<INCLUDE file="inc/footer.tmpl" />