From: Dan Lenski <dlenski at gmail.com> Add a new public function, openconnect_get_supported_protocols(), which returns a list of protocols supported by the client. Each supported protocol has a short name (as accepted by the --protocol command-line option), description, and list of flags; currently, the only flags are: * OPENCONNECT_PROTO_TCP (TCP transport supported) * OPENCONNECT_PROTO_UDP (UDP transport supported) Description of anyconnect protocol adjusted to match IETF draft standard for openconnect VPN (https://tools.ietf.org/html/draft-mavrogiannopoulos-openconnect-00). Signed-off-by: Daniel Lenski <dlenski at gmail.com> --- libopenconnect.map.in | 5 +++++ library.c | 23 +++++++++++++++++++++++ openconnect-internal.h | 1 + openconnect.h | 17 +++++++++++++++++ 4 files changed, 46 insertions(+) diff --git a/libopenconnect.map.in b/libopenconnect.map.in index 44eea34..749466c 100644 --- a/libopenconnect.map.in +++ b/libopenconnect.map.in @@ -92,6 +92,11 @@ OPENCONNECT_5_4 { openconnect_set_pass_tos; } OPENCONNECT_5_3; +OPENCONNECT_5_5 { + global: + openconnect_get_supported_protocols; +} OPENCONNECT_5_4; + OPENCONNECT_PRIVATE { global: @SYMVER_TIME@ @SYMVER_GETLINE@ @SYMVER_JAVA@ @SYMVER_ASPRINTF@ @SYMVER_VASPRINTF@ @SYMVER_WIN32_STRERROR@ openconnect_fopen_utf8; diff --git a/library.c b/library.c index 55a0dca..3883177 100644 --- a/library.c +++ b/library.c @@ -109,6 +109,7 @@ err: const struct vpn_proto openconnect_protos[] = { { .name = "anyconnect", + .description = "Cisco AnyConnect or openconnect", .vpn_close_session = cstp_bye, .tcp_connect = cstp_connect, .tcp_mainloop = cstp_mainloop, @@ -122,6 +123,7 @@ const struct vpn_proto openconnect_protos[] = { #endif }, { .name = "nc", + .description = "Juniper Network Connect (also supported by Junos Pulse servers)", .vpn_close_session = NULL, .tcp_connect = oncp_connect, .tcp_mainloop = oncp_mainloop, @@ -137,6 +139,7 @@ const struct vpn_proto openconnect_protos[] = { #endif }, { .name = "gp", + .description = "Palo Alto Networks GlobalProtect", .vpn_close_session = gpst_bye, .tcp_connect = gpst_setup, .tcp_mainloop = gpst_mainloop, @@ -154,6 +157,26 @@ const struct vpn_proto openconnect_protos[] = { { /* NULL */ } }; +int openconnect_get_supported_protocols(struct oc_vpn_proto **protos) +{ + struct oc_vpn_proto *pr; + const struct vpn_proto *p; + + *protos = pr = calloc(sizeof(openconnect_protos)/sizeof(*openconnect_protos), sizeof(*pr)); + if (!pr) + return -ENOMEM; + + for (p = openconnect_protos; p->name; p++, pr++) { + pr->name = p->name; + pr->description = p->description; + if (p->tcp_mainloop) + pr->flags |= OPENCONNECT_PROTO_TCP; + if (p->udp_mainloop) + pr->flags |= OPENCONNECT_PROTO_UDP; + } + return 0; +} + int openconnect_set_protocol(struct openconnect_info *vpninfo, const char *protocol) { const struct vpn_proto *p; diff --git a/openconnect-internal.h b/openconnect-internal.h index 1ab73c5..466828d 100644 --- a/openconnect-internal.h +++ b/openconnect-internal.h @@ -257,6 +257,7 @@ struct http_auth_state { struct vpn_proto { const char *name; + const char *description; int (*vpn_close_session)(struct openconnect_info *vpninfo, const char *reason); /* This does the full authentication, calling back as appropriate */ diff --git a/openconnect.h b/openconnect.h index c621765..c3db27f 100644 --- a/openconnect.h +++ b/openconnect.h @@ -36,6 +36,9 @@ extern "C" { #define OPENCONNECT_API_VERSION_MINOR 4 /* + * API version 5.5: + * - Add openconnect_get_supported_protocols() + * * API version 5.4: * - Add openconnect_set_pass_tos() * @@ -166,6 +169,19 @@ extern "C" { /****************************************************************************/ +/* Enumeration of supported VPN protocols */ + +#define OPENCONNECT_PROTO_TCP 1 +#define OPENCONNECT_PROTO_UDP 2 + +struct oc_vpn_proto { + const char *name; + const char *description; + unsigned int flags; +}; + +/****************************************************************************/ + /* Authentication form processing */ #define OC_FORM_OPT_TEXT 1 @@ -640,6 +656,7 @@ int openconnect_has_oath_support(void); int openconnect_has_yubioath_support(void); int openconnect_has_system_key_support(void); +int openconnect_get_supported_protocols(struct oc_vpn_proto **protos); int openconnect_set_protocol(struct openconnect_info *vpninfo, const char *protocol); struct addrinfo; -- 2.7.4
