Fix CI

.github/workflows/build.yaml

@@ -25,7 +25,7 @@ jobs:
         id: set-matrix
         run: |
           if [[ "${{ github.ref }}" == "refs/tags/"* ]]; then
-            echo 'matrix=[{"runner": "ubuntu-latest", "arch": "amd64"}, {"runner": "arm64", "arch": "arm64"]' >> $GITHUB_OUTPUT
+            echo 'matrix=[{"runner": "ubuntu-latest", "arch": "amd64"}, {"runner": "arm64", "arch": "arm64"}]' >> $GITHUB_OUTPUT
           else
             echo 'matrix=[{"runner": "ubuntu-latest", "arch": "amd64"}]' >> $GITHUB_OUTPUT
           fi
@@ -182,7 +182,7 @@ jobs:
         gh -R "$REPO" release create $RELEASE_TAG \
           --title "$RELEASE_TAG" \
           --notes "$NOTES" \
-          --target ${{ github.ref }} \
+          ${{ github.ref == 'refs/heads/dev' && '--target dev' || '' }} \
           ${{ github.ref == 'refs/heads/dev' && '--prerelease' || '' }} \
           gh-release/artifact-source/* \
           gh-release/artifact-gpgui-*/*

Cargo.lock

@@ -564,7 +564,7 @@ dependencies = [
 
 [[package]]
 name = "common"
-version = "2.1.2"
+version = "2.1.3"
 dependencies = [
  "is_executable",
 ]
@@ -1430,7 +1430,7 @@ dependencies = [
 
 [[package]]
 name = "gpapi"
-version = "2.1.2"
+version = "2.1.3"
 dependencies = [
  "anyhow",
  "base64 0.21.5",
@@ -1462,7 +1462,7 @@ dependencies = [
 
 [[package]]
 name = "gpauth"
-version = "2.1.2"
+version = "2.1.3"
 dependencies = [
  "anyhow",
  "clap",
@@ -1483,7 +1483,7 @@ dependencies = [
 
 [[package]]
 name = "gpclient"
-version = "2.1.2"
+version = "2.1.3"
 dependencies = [
  "anyhow",
  "clap",
@@ -1505,7 +1505,7 @@ dependencies = [
 
 [[package]]
 name = "gpgui-helper"
-version = "2.1.2"
+version = "2.1.3"
 dependencies = [
  "anyhow",
  "clap",
@@ -1523,7 +1523,7 @@ dependencies = [
 
 [[package]]
 name = "gpservice"
-version = "2.1.2"
+version = "2.1.3"
 dependencies = [
  "anyhow",
  "axum",
@@ -1599,9 +1599,9 @@ dependencies = [
 
 [[package]]
 name = "h2"
-version = "0.3.24"
+version = "0.3.26"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bb2c4422095b67ee78da96fbb51a4cc413b3b25883c7717ff7ca1ab31022c9c9"
+checksum = "81fe527a889e1532da5c525686d96d4c2e74cdd345badf8dfef9f6b39dd5f5e8"
 dependencies = [
  "bytes",
  "fnv",
@@ -1618,9 +1618,9 @@ dependencies = [
 
 [[package]]
 name = "h2"
-version = "0.4.2"
+version = "0.4.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "31d030e59af851932b72ceebadf4a2b5986dba4c3b99dd2493f8273a0f151943"
+checksum = "816ec7294445779408f36fe57bc5b7fc1cf59664059096c65f905c1c61f58069"
 dependencies = [
  "bytes",
  "fnv",
@@ -1787,7 +1787,7 @@ dependencies = [
  "futures-channel",
  "futures-core",
  "futures-util",
- "h2 0.3.24",
+ "h2 0.3.26",
  "http 0.2.11",
  "http-body 0.4.6",
  "httparse",
@@ -1810,7 +1810,7 @@ dependencies = [
  "bytes",
  "futures-channel",
  "futures-util",
- "h2 0.4.2",
+ "h2 0.4.4",
  "http 1.0.0",
  "http-body 1.0.0",
  "httparse",
@@ -2537,7 +2537,7 @@ dependencies = [
 
 [[package]]
 name = "openconnect"
-version = "2.1.2"
+version = "2.1.3"
 dependencies = [
  "cc",
  "common",
@@ -3167,7 +3167,7 @@ dependencies = [
  "encoding_rs",
  "futures-core",
  "futures-util",
- "h2 0.3.24",
+ "h2 0.3.26",
  "http 0.2.11",
  "http-body 0.4.6",
  "hyper 0.14.28",
@@ -4606,6 +4606,12 @@ version = "0.11.0+wasi-snapshot-preview1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
 
+[[package]]
+name = "wasite"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "b8dad83b4f25e74f184f64c43b150b91efe7647395b42289f38e50566d82855b"
+
 [[package]]
 name = "wasm-bindgen"
 version = "0.2.89"
@@ -4782,11 +4788,12 @@ dependencies = [
 
 [[package]]
 name = "whoami"
-version = "1.4.1"
+version = "1.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "22fc3756b8a9133049b26c7f61ab35416c130e8c09b660f5b3958b446f52cc50"
+checksum = "a44ab49fad634e88f55bf8f9bb3abd2f27d7204172a112c7c9987e01c1c94ea9"
 dependencies = [
- "wasm-bindgen",
+ "redox_syscall",
+ "wasite",
  "web-sys",
 ]
 

Cargo.toml

@@ -5,7 +5,7 @@ members = ["crates/*", "apps/gpclient", "apps/gpservice", "apps/gpauth", "apps/g
 
 [workspace.package]
 rust-version = "1.70"
-version = "2.1.2"
+version = "2.1.3"
 authors = ["Kevin Yue <k3vinyue@gmail.com>"]
 homepage = "https://github.com/yuezk/GlobalProtect-openconnect"
 edition = "2021"

apps/gpauth/src/auth_window.rs

@@ -366,17 +366,14 @@ fn read_auth_data_from_html(html: &str) -> Result<SamlAuthData, AuthDataParseErr
     return Err(AuthDataParseError::Invalid);
   }
 
-  match SamlAuthData::from_html(html) {
+  SamlAuthData::from_html(html).or_else(|err| {
-    Ok(auth_data) => Ok(auth_data),
+    if let Some(gpcallback) = extract_gpcallback(html) {
-    Err(err) => {
+      info!("Found gpcallback from html...");
-      if let Some(gpcallback) = extract_gpcallback(html) {
+      SamlAuthData::from_gpcallback(&gpcallback)
-        info!("Found gpcallback from html...");
+    } else {
-        SamlAuthData::from_gpcallback(&gpcallback)
+      Err(err)
-      } else {
-        Err(err)
-      }
     }
-  }
+  })
 }
 
 fn extract_gpcallback(html: &str) -> Option<String> {

apps/gpclient/src/connect.rs

@@ -32,6 +32,8 @@ pub(crate) struct ConnectArgs {
   user: Option<String>,
   #[arg(long, short, help = "The VPNC script to use")]
   script: Option<String>,
+  #[arg(long, help = "Connect the server as a gateway, instead of a portal")]
+  as_gateway: bool,
 
   #[arg(
     long,
@@ -95,6 +97,12 @@ impl<'a> ConnectHandler<'a> {
 
   pub(crate) async fn handle(&self) -> anyhow::Result<()> {
     let server = self.args.server.as_str();
+    let as_gateway = self.args.as_gateway;
+
+    if as_gateway {
+      info!("Treating the server as a gateway");
+      return self.connect_gateway_with_prelogin(server).await;
+    }
 
     let Err(err) = self.connect_portal_with_prelogin(server).await else {
       return Ok(());
@@ -103,10 +111,15 @@ impl<'a> ConnectHandler<'a> {
     info!("Failed to connect portal with prelogin: {}", err);
     if err.root_cause().downcast_ref::<PortalError>().is_some() {
       info!("Trying the gateway authentication workflow...");
-      return self.connect_gateway_with_prelogin(server).await;
+      self.connect_gateway_with_prelogin(server).await?;
-    }
 
-    Err(err)
+      eprintln!("\nNOTE: the server may be a gateway, not a portal.");
+      eprintln!("NOTE: try to use the `--as-gateway` option if you were authenticated twice.");
+
+      Ok(())
+    } else {
+      Err(err)
+    }
   }
 
   async fn connect_portal_with_prelogin(&self, portal: &str) -> anyhow::Result<()> {

changelog.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## 2.1.3 - 2024-04-07
+
+- Support CAS authentication (fix [#339](https://github.com/yuezk/GlobalProtect-openconnect/issues/339))
+- CLI: Add `--as-gateway` option to connect as gateway directly (fix [#318](https://github.com/yuezk/GlobalProtect-openconnect/issues/318))
+- GUI: Support connect the gateway directly (fix [#318](https://github.com/yuezk/GlobalProtect-openconnect/issues/318))
+- GUI: Add an option to use symbolic tray icon (fix [#341](https://github.com/yuezk/GlobalProtect-openconnect/issues/341))
+
 ## 2.1.2 - 2024-03-29
 
 - Treat portal as gateway when the gateway login is failed (fix #338)

crates/gpapi/src/credential.rs

@@ -37,13 +37,13 @@ impl From<&CachedCredential> for PasswordCredential {
 
 #[derive(Debug, Serialize, Deserialize, Type, Clone)]
 #[serde(rename_all = "camelCase")]
-pub struct PreloginCookieCredential {
+pub struct PreloginCredential {
   username: String,
   prelogin_cookie: Option<String>,
   token: Option<String>,
 }
 
-impl PreloginCookieCredential {
+impl PreloginCredential {
   pub fn new(username: &str, prelogin_cookie: Option<&str>, token: Option<&str>) -> Self {
     Self {
       username: username.to_string(),
@@ -65,7 +65,7 @@ impl PreloginCookieCredential {
   }
 }
 
-impl From<SamlAuthData> for PreloginCookieCredential {
+impl From<SamlAuthData> for PreloginCredential {
   fn from(value: SamlAuthData) -> Self {
     let username = value.username().to_string();
     let prelogin_cookie = value.prelogin_cookie();
@@ -160,9 +160,9 @@ impl From<PasswordCredential> for CachedCredential {
 #[serde(tag = "type", rename_all = "camelCase")]
 pub enum Credential {
   Password(PasswordCredential),
-  PreloginCookie(PreloginCookieCredential),
+  Prelogin(PreloginCredential),
   AuthCookie(AuthCookieCredential),
-  CachedCredential(CachedCredential),
+  Cached(CachedCredential),
 }
 
 impl Credential {
@@ -177,9 +177,9 @@ impl Credential {
   pub fn username(&self) -> &str {
     match self {
       Credential::Password(cred) => cred.username(),
-      Credential::PreloginCookie(cred) => cred.username(),
+      Credential::Prelogin(cred) => cred.username(),
       Credential::AuthCookie(cred) => cred.username(),
-      Credential::CachedCredential(cred) => cred.username(),
+      Credential::Cached(cred) => cred.username(),
     }
   }
 
@@ -189,7 +189,7 @@ impl Credential {
 
     let (passwd, prelogin_cookie, portal_userauthcookie, portal_prelogonuserauthcookie, token) = match self {
       Credential::Password(cred) => (Some(cred.password()), None, None, None, None),
-      Credential::PreloginCookie(cred) => (None, cred.prelogin_cookie(), None, None, cred.token()),
+      Credential::Prelogin(cred) => (None, cred.prelogin_cookie(), None, None, cred.token()),
       Credential::AuthCookie(cred) => (
         None,
         None,
@@ -197,7 +197,7 @@ impl Credential {
         Some(cred.prelogon_user_auth_cookie()),
         None,
       ),
-      Credential::CachedCredential(cred) => (
+      Credential::Cached(cred) => (
         cred.password(),
         None,
         Some(cred.auth_cookie.user_auth_cookie()),
@@ -224,9 +224,9 @@ impl Credential {
 
 impl From<SamlAuthData> for Credential {
   fn from(value: SamlAuthData) -> Self {
-    let cred = PreloginCookieCredential::from(value);
+    let cred = PreloginCredential::from(value);
 
-    Self::PreloginCookie(cred)
+    Self::Prelogin(cred)
   }
 }
 
@@ -244,6 +244,6 @@ impl From<&AuthCookieCredential> for Credential {
 
 impl From<&CachedCredential> for Credential {
   fn from(value: &CachedCredential) -> Self {
-    Self::CachedCredential(value.clone())
+    Self::Cached(value.clone())
   }
 }

crates/gpapi/src/gp_params.rs

@@ -130,13 +130,15 @@ pub struct GpParamsBuilder {
 
 impl GpParamsBuilder {
   pub fn new() -> Self {
+    let computer = whoami::fallible::hostname().unwrap_or_else(|_| String::from("localhost"));
+
     Self {
       is_gateway: false,
       user_agent: GP_USER_AGENT.to_string(),
       client_os: ClientOs::Linux,
       os_version: Default::default(),
       client_version: Default::default(),
-      computer: whoami::hostname(),
+      computer,
       ignore_tls_errors: false,
     }
   }