From 82761386b8a18a0631ed8b86f73b23805c4b8d3d Mon Sep 17 00:00:00 2001 From: Lukasz Siudut Date: Wed, 25 Sep 2019 08:19:41 +0100 Subject: [PATCH] Fix DNS supprot in NetworkManager It got broken in ebac728f Although from resolver perspective v4 and v6 entries in /etc/resolv.conf doesn't differ in format, it does make difference for NetworkManager. Passing v6 address in v4 related variables broke updating resolv conf what effects in lack of DNS propagation when there's at least one v6 DNS address returned from the VPN endpoint. This change introduced clear distinguish between those two. This is also supported in default vpnc-script which is shipped in Arch distribution, I assume it's similar for other distros: ``` #* INTERNAL_IP6_DNS -- IPv6 list of dns servers ``` --- cstp.c | 13 ++++++++++--- openconnect.h | 1 + script.c | 8 ++++++++ 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/cstp.c b/cstp.c index 577805e0..667c80c3 100644 --- a/cstp.c +++ b/cstp.c @@ -534,8 +534,7 @@ static int start_cstp_connection(struct openconnect_info *vpninfo) vpninfo->ip_info.netmask6 = new_option->value; } else vpninfo->ip_info.netmask = new_option->value; - } else if (!strcmp(buf + 7, "DNS") || - !strcmp(buf + 7, "DNS-IP6")) { + } else if (!strcmp(buf + 7, "DNS")) { int j; for (j = 0; j < 3; j++) { if (!vpninfo->ip_info.dns[j]) { @@ -543,7 +542,15 @@ static int start_cstp_connection(struct openconnect_info *vpninfo) break; } } - } else if (!strcmp(buf + 7, "NBNS")) { + } else if (!strcmp(buf + 7, "DNS-IP6")) { + int j; + for (j = 0; j < 3; j++) { + if (!vpninfo->ip_info.dns6[j]) { + vpninfo->ip_info.dns6[j] = new_option->value; + break; + } + } + } else if (!strcmp(buf + 7, "NBNS")) { int j; for (j = 0; j < 3; j++) { if (!vpninfo->ip_info.nbns[j]) { diff --git a/openconnect.h b/openconnect.h index 0f83e37c..c66ced41 100644 --- a/openconnect.h +++ b/openconnect.h @@ -276,6 +276,7 @@ struct oc_ip_info { const char *addr6; const char *netmask6; const char *dns[3]; + const char *dns6[3]; const char *nbns[3]; const char *domain; const char *proxy_pac; diff --git a/script.c b/script.c index 28746d9c..92b672fa 100644 --- a/script.c +++ b/script.c @@ -248,6 +248,14 @@ void prepare_script_env(struct openconnect_info *vpninfo) if (vpninfo->ip_info.addr6) { script_setenv(vpninfo, "INTERNAL_IP6_ADDRESS", vpninfo->ip_info.addr6, 0, 0); script_setenv(vpninfo, "INTERNAL_IP6_NETMASK", vpninfo->ip_info.netmask6, 0, 0); + if (vpninfo->ip_info.dns6[0]) + script_setenv(vpninfo, "INTERNAL_IP6_DNS", vpninfo->ip_info.dns[0], 0, 0); + else + script_setenv(vpninfo, "INTERNAL_IP6_DNS", NULL, 0, 0); + if (vpninfo->ip_info.dns6[1]) + script_setenv(vpninfo, "INTERNAL_IP6_DNS", vpninfo->ip_info.dns[1], 0, 1); + if (vpninfo->ip_info.dns6[2]) + script_setenv(vpninfo, "INTERNAL_IP6_DNS", vpninfo->ip_info.dns[2], 0, 1); } else if (vpninfo->ip_info.netmask6) { char *slash = strchr(vpninfo->ip_info.netmask6, '/'); script_setenv(vpninfo, "INTERNAL_IP6_NETMASK", vpninfo->ip_info.netmask6, 0, 0); -- GitLab