On Thu, Sep 27, 2018 at 8:54 AM Daniel Sampliner <samplinerD at gmail.com> wrote: > > Using globalprotect protocol, if we receive XML with: > <dns-suffix> > <member>apple.foo.bar</member> > <member>orange.foo.bar</member> > <member>banana.foo.bar</member> > </dns-suffix> > > CISCO_DEF_DOMAIN environment variable sent to vpnc-script will only > contain the first domain "apple.foo.bar." > This patch combines them all into one single space-separated string > (this behavior matches that of pulse protocol, but I don't have cisco > VPN to test behavior there). Does having multiple search domains actually have a useful effect on some OSes? At least on Linux, I believe the default hostname resolution behavior only looks at a single default domain. Though a custom vpnc-script might be able to finesse this: https://unix.stackexchange.com/questions/128091/no-domain-defined-in-etc-resolv-conf > --- > gpst.c | 11 ++++++++--- > 1 file changed, 8 insertions(+), 3 deletions(-) > > diff --git a/gpst.c b/gpst.c > index 2f029d21..6a48294a 100644 > --- a/gpst.c > +++ b/gpst.c > @@ -517,11 +517,16 @@ static int gpst_parse_config_xml(struct > openconnect_info *vpninfo, xmlNode *xml_ > if (!xmlnode_get_text(member, "member", &s)) > vpninfo->ip_info.nbns[ii++] = add_option(vpninfo, > "WINS", s); > } else if (xmlnode_is_named(xml_node, "dns-suffix")) { > - for (ii=0, member = xml_node->children; member && ii<1; > member=member->next) > + FILE *stream; > + char *buf; > + size_t len; > + stream = open_memstream(&buf, &len); > + for (member = xml_node->children; member; member=member->next) > if (!xmlnode_get_text(member, "member", &s)) { > - vpninfo->ip_info.domain = add_option(vpninfo, "search", s); > - ii++; > + fprintf(stream, "%s ", s); > } > + fclose(stream); > + vpninfo->ip_info.domain = add_option(vpninfo, "search", buf); > } else if (xmlnode_is_named(xml_node, "access-routes")) { > for (member = xml_node->children; member; member=member->next) { > if (!xmlnode_get_text(member, "member", &s)) { I don't believe openconnect uses the memstream API anywhere else, and it doesn't exist on Windows. This patch should use the oc_text_buf API instead. Here's a version that does just that: diff --git a/gpst.c b/gpst.c index 2f029d2..85aea22 100644 --- a/gpst.c +++ b/gpst.c @@ -517,11 +517,16 @@ static int gpst_parse_config_xml(struct openconnect_info *vpninfo, xmlNode *xml_ if (!xmlnode_get_text(member, "member", &s)) vpninfo->ip_info.nbns[ii++] = add_option(vpninfo, "WINS", s); } else if (xmlnode_is_named(xml_node, "dns-suffix")) { - for (ii=0, member = xml_node->children; member && ii<1; member=member->next) - if (!xmlnode_get_text(member, "member", &s)) { - vpninfo->ip_info.domain = add_option(vpninfo, "search", s); - ii++; - } + struct oc_text_buf *domains = buf_alloc(); + for (member = xml_node->children; member; member=member->next) + if (!xmlnode_get_text(member, "member", &s)) + buf_append(domains, "%s ", s); + if (buf_error(domains) == 0) { + domains->data[domains->pos-1] = '\0'; + vpninfo->ip_info.domain = add_option(vpninfo, "search", domains->data); + domains->data = NULL; + } + buf_free(domains); } else if (xmlnode_is_named(xml_node, "access-routes")) { for (member = xml_node->children; member; member=member->next) { if (!xmlnode_get_text(member, "member", &s)) { Thanks, Dan
