From f261606a7544b0810e95930a789368b7c3abcdea Mon Sep 17 00:00:00 2001
From: System Administrator <root@nickbook.local>
Date: Wed, 12 Dec 2018 18:19:06 +0100
Subject: [PATCH] MacOS socket support for TNCC and generic Period Host
 Checking fix

- added MacOS support to tncc_preauth() by using SOCK_STREAM instead of SOCK_SEQPACKE-T
- fixed periodic host checking in check_cookie_success() by passing dspreauth to TNCC instead of dsid

Signed-off-by: 's avatarNick Parrin <spam@coreworks.be>
---
 auth-juniper.c | 22 +++++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/auth-juniper.c b/auth-juniper.c
index 30ceb3ae..dceb2ee7 100644
--- a/auth-juniper.c
+++ b/auth-juniper.c
@@ -285,7 +285,7 @@ static xmlNodePtr find_form_node(xmlDocPtr doc)
 
 static int check_cookie_success(struct openconnect_info *vpninfo)
 {
-	const char *dslast = NULL, *dsfirst = NULL, *dsurl = NULL, *dsid = NULL;
+	const char *dslast = NULL, *dsfirst = NULL, *dsurl = NULL, *dsid = NULL, *dspreauth = NULL;
 	struct oc_vpn_option *cookie;
 	struct oc_text_buf *buf;
 
@@ -298,6 +298,8 @@ static int check_cookie_success(struct openconnect_info *vpninfo)
 			dsid = cookie->value;
 		else if (!strcmp(cookie->option, "DSSignInUrl"))
 			dsurl = cookie->value;
+		else if (!strcmp(cookie->option, "DSPREAUTH"))
+			dspreauth = cookie->value;
 	}
 	if (!dsid)
 		return -ENOENT;
@@ -305,7 +307,7 @@ static int check_cookie_success(struct openconnect_info *vpninfo)
 	buf = buf_alloc();
 	if (vpninfo->tncc_fd != -1) {
 		buf_append(buf, "setcookie\n");
-		buf_append(buf, "Cookie=%s\n", dsid);
+		buf_append(buf, "Cookie=%s\n", dspreauth);
 		if (buf_error(buf))
 			return buf_free(buf);
 		send(vpninfo->tncc_fd, buf->data, buf->pos, 0);
@@ -344,7 +346,7 @@ static int tncc_preauth(struct openconnect_info *vpninfo)
 	struct oc_vpn_option *cookie;
 	const char *dspreauth = NULL, *dssignin = "null";
 	char recvbuf[1024], *p;
-	int len;
+	int len, flags;
 
 	for (cookie = vpninfo->cookies; cookie; cookie = cookie->next) {
 		if (!strcmp(cookie->option, "DSPREAUTH"))
@@ -368,11 +370,21 @@ static int tncc_preauth(struct openconnect_info *vpninfo)
 			     _("Failed to allocate memory for communication with TNCC\n"));
 		return buf_free(buf);
 	}
+	
+#ifdef __APPLE__
+  // Equally, you cannot use SOCK_SEQPACKET with AF_UNIX on Mac OS
+  // https://stackoverflow.com/questions/13287333/sock-seqpacket-availability
+
+  flags = SOCK_STREAM;
+#else
+  flags = SOCK_SEQPACKET;
+#endif
+
 #ifdef SOCK_CLOEXEC
-	if (socketpair(AF_UNIX, SOCK_SEQPACKET | SOCK_CLOEXEC, 0, sockfd))
+	if (socketpair(AF_UNIX, flags | SOCK_CLOEXEC, 0, sockfd))
 #endif
 	{
-		if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, sockfd)) {
+		if (socketpair(AF_UNIX, flags, 0, sockfd)) {
 			buf_free(buf);
 			return -errno;
 		}
-- 
GitLab