cassidy/GlobalProtect-openconnect
1
0
Fork 0
mirror of https://github.com/yuezk/GlobalProtect-openconnect.git synced 2025-04-02 18:31:50 -04:00
Code Issues Projects Releases Wiki Activity

Align with the old behavior of the portal config request (#293)

Browse Source
This commit is contained in:
Kevin Yue 2024-01-21 18:31:39 +08:00 committed by GitHub
parent 1e211e8912
commit 7e372cd113
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
6 changed files with 46 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.vscode/settings.json vendored
View File

@ -48,6 +48,7 @@
"vpnc", "vpnc",
"vpninfo", "vpninfo",
"wmctrl", "wmctrl",
"XAUTHORITY" "XAUTHORITY",
"yuezk"
] ]
} }

7
README.md
View File

@ -54,6 +54,11 @@ The GUI version is also available after you installed it. You can launch it from
> >
> This instruction is for the 2.x version. The 1.x version is still available on the [1.x](https://github.com/yuezk/GlobalProtect-openconnect/tree/1.x) branch, you can build it from the source code by following the instructions in the `README.md` file. > This instruction is for the 2.x version. The 1.x version is still available on the [1.x](https://github.com/yuezk/GlobalProtect-openconnect/tree/1.x) branch, you can build it from the source code by following the instructions in the `README.md` file.
> [!Warning]
>
> The client requires `openconnect >= 8.20`, please make sure you have it installed, you can check it with `openconnect --version`.
> Installing the client from PPA will automatically install the required version of `openconnect`.
### Debian/Ubuntu based distributions ### Debian/Ubuntu based distributions
#### Install from PPA #### Install from PPA
@ -111,7 +116,7 @@ Download the latest RPM package from [releases](https://github.com/yuezk/GlobalP
### Other distributions ### Other distributions
The project depends on `openconnect`, `webkit2gtk`, `libsecret`, `libayatana-appindicator` or `libappindicator-gtk3`. You can install them first and then download the latest binary release (i.e., `*.bin.tar.gz`) from [releases](https://github.com/yuezk/GlobalProtect-openconnect/releases) page. The project depends on `openconnect >= 8.20`, `webkit2gtk`, `libsecret`, `libayatana-appindicator` or `libappindicator-gtk3`. You can install them first and then download the latest binary release (i.e., `*.bin.tar.gz`) from [releases](https://github.com/yuezk/GlobalProtect-openconnect/releases) page.
## [License](./LICENSE) ## [License](./LICENSE)

47
crates/gpapi/src/credential.rs
View File

@ -164,31 +164,34 @@ impl Credential {
let mut params = HashMap::new(); let mut params = HashMap::new();
params.insert("user", self.username()); params.insert("user", self.username());
match self { let (passwd, prelogin_cookie, portal_userauthcookie, portal_prelogonuserauthcookie) = match self
Credential::Password(cred) => { {
params.insert("passwd", cred.password()); Credential::Password(cred) => (Some(cred.password()), None, None, None),
} Credential::PreloginCookie(cred) => (None, Some(cred.prelogin_cookie()), None, None),
Credential::PreloginCookie(cred) => { Credential::AuthCookie(cred) => (
params.insert("prelogin-cookie", cred.prelogin_cookie()); None,
} None,
Credential::AuthCookie(cred) => { Some(cred.user_auth_cookie()),
params.insert("portal-userauthcookie", cred.user_auth_cookie()); Some(cred.prelogon_user_auth_cookie()),
),
Credential::CachedCredential(cred) => (
cred.password(),
None,
Some(cred.auth_cookie.user_auth_cookie()),
Some(cred.auth_cookie.prelogon_user_auth_cookie()),
),
};
params.insert("passwd", passwd.unwrap_or_default());
params.insert("prelogin-cookie", prelogin_cookie.unwrap_or_default());
params.insert(
"portal-userauthcookie",
portal_userauthcookie.unwrap_or_default(),
);
params.insert( params.insert(
"portal-prelogonuserauthcookie", "portal-prelogonuserauthcookie",
cred.prelogon_user_auth_cookie(), portal_prelogonuserauthcookie.unwrap_or_default(),
); );
}
Credential::CachedCredential(cred) => {
if let Some(password) = cred.password() {
params.insert("passwd", password);
}
params.insert("portal-userauthcookie", cred.auth_cookie.user_auth_cookie());
params.insert(
"portal-prelogonuserauthcookie",
cred.auth_cookie.prelogon_user_auth_cookie(),
);
}
}
params params
} }

10
crates/gpapi/src/gateway/login.rs
View File

@ -23,14 +23,8 @@ pub async fn gateway_login(
info!("Gateway login, user_agent: {}", gp_params.user_agent()); info!("Gateway login, user_agent: {}", gp_params.user_agent());
let res_xml = client let res = client.post(&login_url).form(&params).send().await?;
.post(&login_url) let res_xml = res.error_for_status()?.text().await?;
.form(&params)
.send()
.await?
.error_for_status()?
.text()
.await?;
let doc = Document::parse(&res_xml)?; let doc = Document::parse(&res_xml)?;

21
crates/gpapi/src/gp_params.rs
View File

@ -48,7 +48,7 @@ pub struct GpParams {
client_os: ClientOs, client_os: ClientOs,
os_version: Option<String>, os_version: Option<String>,
client_version: Option<String>, client_version: Option<String>,
computer: Option<String>, computer: String,
ignore_tls_errors: bool, ignore_tls_errors: bool,
} }
@ -62,10 +62,7 @@ impl GpParams {
} }
pub(crate) fn computer(&self) -> &str { pub(crate) fn computer(&self) -> &str {
match self.computer { &self.computer
Some(ref computer) => computer,
None => self.client_os.as_str(),
}
} }
pub fn ignore_tls_errors(&self) -> bool { pub fn ignore_tls_errors(&self) -> bool {
@ -84,14 +81,8 @@ impl GpParams {
params.insert("ipv6-support", "yes"); params.insert("ipv6-support", "yes");
params.insert("inputStr", ""); params.insert("inputStr", "");
params.insert("clientVer", "4100"); params.insert("clientVer", "4100");
params.insert("clientos", client_os); params.insert("clientos", client_os);
params.insert("computer", &self.computer);
if let Some(computer) = &self.computer {
params.insert("computer", computer);
} else {
params.insert("computer", client_os);
}
if let Some(os_version) = &self.os_version { if let Some(os_version) = &self.os_version {
params.insert("os-version", os_version); params.insert("os-version", os_version);
@ -110,7 +101,7 @@ pub struct GpParamsBuilder {
client_os: ClientOs, client_os: ClientOs,
os_version: Option<String>, os_version: Option<String>,
client_version: Option<String>, client_version: Option<String>,
computer: Option<String>, computer: String,
ignore_tls_errors: bool, ignore_tls_errors: bool,
} }
@ -121,7 +112,7 @@ impl GpParamsBuilder {
client_os: ClientOs::Linux, client_os: ClientOs::Linux,
os_version: Default::default(), os_version: Default::default(),
client_version: Default::default(), client_version: Default::default(),
computer: Default::default(), computer: whoami::hostname(),
ignore_tls_errors: false, ignore_tls_errors: false,
} }
} }
@ -147,7 +138,7 @@ impl GpParamsBuilder {
} }
pub fn computer(&mut self, computer: &str) -> &mut Self { pub fn computer(&mut self, computer: &str) -> &mut Self {
self.computer = Some(computer.to_string()); self.computer = computer.to_string();
self self
} }

10
crates/gpapi/src/portal/config.rs
View File

@ -132,14 +132,8 @@ pub async fn retrieve_config(
info!("Portal config, user_agent: {}", gp_params.user_agent()); info!("Portal config, user_agent: {}", gp_params.user_agent());
let res_xml = client let res = client.post(&url).form(&params).send().await?;
.post(&url) let res_xml = res.error_for_status()?.text().await?;
.form(&params)
.send()
.await?
.error_for_status()?
.text()
.await?;
ensure!(!res_xml.is_empty(), PortalConfigError::EmptyResponse); ensure!(!res_xml.is_empty(), PortalConfigError::EmptyResponse);