Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
add PAN GlobalProtect protocol support (HTTPS tunnel only)
This includes support for generating an xmlconfig so that NetworkManager can
list all the gateway servers, when connecting to a GlobalProtect portal (not
gateway):

GlobalProtect distinguishes "portal" and "gateway" servers.  Often the same
server supports both (/global-protect URLs are for the portal, /ssl-vpn URLs
are for the gateway).  The official clients always connect through the
portal.  Mostly, the portal configuration is not useful for OpenConnect; it
restricts the behavior of the official clients.

However, the portal configuration does contain a list of allowed gateways
(just as AnyConnect VPNs can list other servers).  We therefore generate an
xmlconfig in the same format as AnyConnect VPNs, so that the NetworkManager
plugins can list all the supported gateways.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
  • Loading branch information
dlenski authored and dwmw2 committed May 31, 2018
1 parent 52b08d1 commit 8e7efd5
Show file tree
Hide file tree
Showing 11 changed files with 1,410 additions and 8 deletions.
5 changes: 3 additions & 2 deletions Makefile.am
Expand Up @@ -30,6 +30,7 @@ endif
library_srcs = ssl.c http.c http-auth.c auth-common.c library.c compat.c lzs.c mainloop.c script.c ntlm.c digest.c
lib_srcs_cisco = auth.c cstp.c
lib_srcs_juniper = oncp.c lzo.c auth-juniper.c
lib_srcs_globalprotect = gpst.c auth-globalprotect.c
lib_srcs_gnutls = gnutls.c gnutls_tpm.c
lib_srcs_openssl = openssl.c openssl-pkcs11.c
lib_srcs_win32 = tun-win32.c sspi.c
Expand All @@ -42,14 +43,14 @@ lib_srcs_stoken = stoken.c
lib_srcs_esp = esp.c esp-seqno.c
lib_srcs_dtls = dtls.c

POTFILES = $(openconnect_SOURCES) $(lib_srcs_cisco) $(lib_srcs_juniper) \
POTFILES = $(openconnect_SOURCES) $(lib_srcs_cisco) $(lib_srcs_juniper) $(lib_srcs_globalprotect) \
gnutls-esp.c gnutls-dtls.c openssl-esp.c openssl-dtls.c \
$(lib_srcs_esp) $(lib_srcs_dtls) \
$(lib_srcs_openssl) $(lib_srcs_gnutls) $(library_srcs) \
$(lib_srcs_win32) $(lib_srcs_posix) $(lib_srcs_gssapi) $(lib_srcs_iconv) \
$(lib_srcs_oath) $(lib_srcs_yubikey) $(lib_srcs_stoken) openconnect-internal.h

library_srcs += $(lib_srcs_juniper) $(lib_srcs_cisco) $(lib_srcs_oath)
library_srcs += $(lib_srcs_juniper) $(lib_srcs_cisco) $(lib_srcs_oath) $(lib_srcs_globalprotect)
if OPENCONNECT_LIBPCSCLITE
library_srcs += $(lib_srcs_yubikey)
endif
Expand Down

0 comments on commit 8e7efd5

Please sign in to comment.