From 97385a2fad451d684f0956f548344f952db93c1f Mon Sep 17 00:00:00 2001 From: Colin Petrie Date: Thu, 27 Jun 2019 18:24:51 +0200 Subject: [PATCH] Update CSTP for IPv6 DNS servers When the Cisco side is configured with IPv4 and IPv6 DNS resolver IPs, it will send option X-CSTP-DNS-IP6 This patch captures the IPv6 addresses provided, and puts them in INTERNAL_IP6_DNS variable for vpnc-scripts (which is already handled there) Signed-off-by: Colin Petrie --- cstp.c | 8 ++++++++ openconnect.h | 1 + script.c | 9 +++++++++ 3 files changed, 18 insertions(+) diff --git a/cstp.c b/cstp.c index f59facc6..8db5f79c 100644 --- a/cstp.c +++ b/cstp.c @@ -542,6 +542,14 @@ static int start_cstp_connection(struct openconnect_info *vpninfo) break; } } + } else if (!strcmp(buf + 7, "DNS-IP6")) { + int j; + for (j = 0; j < 3; j++) { + if (!vpninfo->ip_info.dns6[j]) { + vpninfo->ip_info.dns6[j] = new_option->value; + break; + } + } } else if (!strcmp(buf + 7, "NBNS")) { int j; for (j = 0; j < 3; j++) { diff --git a/openconnect.h b/openconnect.h index 0f83e37c..c66ced41 100644 --- a/openconnect.h +++ b/openconnect.h @@ -276,6 +276,7 @@ struct oc_ip_info { const char *addr6; const char *netmask6; const char *dns[3]; + const char *dns6[3]; const char *nbns[3]; const char *domain; const char *proxy_pac; diff --git a/script.c b/script.c index 28746d9c..460ef8be 100644 --- a/script.c +++ b/script.c @@ -265,6 +265,15 @@ void prepare_script_env(struct openconnect_info *vpninfo) if (vpninfo->ip_info.dns[2]) script_setenv(vpninfo, "INTERNAL_IP4_DNS", vpninfo->ip_info.dns[2], 0, 1); + if (vpninfo->ip_info.dns6[0]) + script_setenv(vpninfo, "INTERNAL_IP6_DNS", vpninfo->ip_info.dns6[0], 0, 0); + else + script_setenv(vpninfo, "INTERNAL_IP6_DNS", NULL, 0, 0); + if (vpninfo->ip_info.dns6[1]) + script_setenv(vpninfo, "INTERNAL_IP6_DNS", vpninfo->ip_info.dns6[1], 0, 1); + if (vpninfo->ip_info.dns6[2]) + script_setenv(vpninfo, "INTERNAL_IP6_DNS", vpninfo->ip_info.dns6[2], 0, 1); + if (vpninfo->ip_info.nbns[0]) script_setenv(vpninfo, "INTERNAL_IP4_NBNS", vpninfo->ip_info.nbns[0], 0, 0); else -- GitLab