Merge branch 'main' into dev

apps/gpclient/src/connect.rs

@@ -48,6 +48,8 @@ pub(crate) struct ConnectArgs {
   #[arg(long, help = "Same as the '--csd-wrapper' option in the openconnect command")]
   csd_wrapper: Option<String>,
 
+  #[arg(long, default_value = "300", help = "Reconnection retry timeout in seconds")]
+  reconnect_timeout: u32,
   #[arg(short, long, help = "Request MTU from server (legacy servers only)")]
   mtu: Option<u32>,
   #[arg(long, help = "Do not ask for IPv6 connectivity")]
@@ -217,6 +219,7 @@ impl<'a> ConnectHandler<'a> {
       .user_agent(self.args.user_agent.clone())
       .csd_uid(csd_uid)
       .csd_wrapper(csd_wrapper)
+      .reconnect_timeout(self.args.reconnect_timeout)
       .mtu(mtu)
       .disable_ipv6(self.args.disable_ipv6)
       .build()?;

apps/gpservice/src/vpn_task.rs

@@ -38,10 +38,11 @@ impl VpnTaskContext {
     let vpn = match Vpn::builder(req.gateway().server(), args.cookie())
       .script(args.vpnc_script())
       .user_agent(args.user_agent())
+      .os(args.openconnect_os())
       .csd_uid(args.csd_uid())
       .csd_wrapper(args.csd_wrapper())
+      .reconnect_timeout(args.reconnect_timeout())
       .mtu(args.mtu())
-      .os(args.openconnect_os())
       .disable_ipv6(args.disable_ipv6())
       .build()
     {

apps/gpservice/src/ws_server.rs

@@ -118,28 +118,41 @@ impl WsServer {
   }
 
   pub async fn start(&self, shutdown_tx: mpsc::Sender<()>) {
-    if let Ok(listener) = TcpListener::bind("127.0.0.1:0").await {
-      let local_addr = listener.local_addr().unwrap();
+    let listener = match self.start_tcp_server().await {
+      Ok(listener) => listener,
+      Err(err) => {
+        warn!("Failed to start WS server: {}", err);
+        let _ = shutdown_tx.send(()).await;
+        return;
+      },
+    };
 
-      self.lock_file.lock(local_addr.port().to_string()).unwrap();
-
-      info!("WS server listening on port: {}", local_addr.port());
-
-      tokio::select! {
-        _ = watch_vpn_state(self.ctx.vpn_state_rx(), Arc::clone(&self.ctx)) => {
-          info!("VPN state watch task completed");
-        }
-        _ = start_server(listener, self.ctx.clone()) => {
-            info!("WS server stopped");
-        }
-        _ = self.cancel_token.cancelled() => {
-          info!("WS server cancelled");
-        }
+    tokio::select! {
+      _ = watch_vpn_state(self.ctx.vpn_state_rx(), Arc::clone(&self.ctx)) => {
+        info!("VPN state watch task completed");
+      }
+      _ = start_server(listener, self.ctx.clone()) => {
+          info!("WS server stopped");
+      }
+      _ = self.cancel_token.cancelled() => {
+        info!("WS server cancelled");
       }
     }
 
     let _ = shutdown_tx.send(()).await;
   }
+
+  async fn start_tcp_server(&self) -> anyhow::Result<TcpListener> {
+    let listener = TcpListener::bind("127.0.0.1:0").await?;
+    let local_addr = listener.local_addr()?;
+    let port = local_addr.port();
+
+    info!("WS server listening on port: {}", port);
+
+    self.lock_file.lock(port.to_string())?;
+
+    Ok(listener)
+  }
 }
 
 async fn watch_vpn_state(mut vpn_state_rx: watch::Receiver<VpnState>, ctx: Arc<WsServerContext>) {

crates/gpapi/src/service/request.rs

@@ -32,10 +32,11 @@ pub struct ConnectArgs {
   cookie: String,
   vpnc_script: Option<String>,
   user_agent: Option<String>,
+  os: Option<ClientOs>,
   csd_uid: u32,
   csd_wrapper: Option<String>,
+  reconnect_timeout: u32,
   mtu: u32,
-  os: Option<ClientOs>,
   disable_ipv6: bool,
 }
 
@@ -48,6 +49,7 @@ impl ConnectArgs {
       os: None,
       csd_uid: 0,
       csd_wrapper: None,
+      reconnect_timeout: 300,
       mtu: 0,
       disable_ipv6: false,
     }
@@ -77,6 +79,10 @@ impl ConnectArgs {
     self.csd_wrapper.clone()
   }
 
+  pub fn reconnect_timeout(&self) -> u32 {
+    self.reconnect_timeout
+  }
+
   pub fn mtu(&self) -> u32 {
     self.mtu
   }
@@ -125,6 +131,11 @@ impl ConnectRequest {
     self
   }
 
+  pub fn with_reconnect_timeout(mut self, reconnect_timeout: u32) -> Self {
+    self.args.reconnect_timeout = reconnect_timeout;
+    self
+  }
+
   pub fn with_mtu(mut self, mtu: u32) -> Self {
     self.args.mtu = mtu;
     self

crates/openconnect/src/ffi/mod.rs

@@ -19,6 +19,7 @@ pub(crate) struct ConnectOptions {
   pub csd_uid: u32,
   pub csd_wrapper: *const c_char,
 
+  pub reconnect_timeout: u32,
   pub mtu: u32,
   pub disable_ipv6: u32,
 }

crates/openconnect/src/ffi/vpn.c

@@ -63,6 +63,7 @@ int vpn_connect(const vpn_options *options, vpn_connected_callback callback)
     INFO("OS: %s", options->os);
     INFO("CSD_USER: %d", options->csd_uid);
     INFO("CSD_WRAPPER: %s", options->csd_wrapper);
+    INFO("RECONNECT_TIMEOUT: %d", options->reconnect_timeout);
     INFO("MTU: %d", options->mtu);
     INFO("DISABLE_IPV6: %d", options->disable_ipv6);
 
@@ -137,7 +138,7 @@ int vpn_connect(const vpn_options *options, vpn_connected_callback callback)
 
     while (1)
     {
-        int ret = openconnect_mainloop(vpninfo, 300, 10);
+        int ret = openconnect_mainloop(vpninfo, options->reconnect_timeout, 10);
 
         if (ret)
         {

crates/openconnect/src/ffi/vpn.h

@@ -20,8 +20,8 @@ typedef struct vpn_options
     const uid_t csd_uid;
     const char *csd_wrapper;
 
+    const int reconnect_timeout;
     const int mtu;
-
     const int disable_ipv6;
 } vpn_options;
 

crates/openconnect/src/vpn.rs

@@ -23,6 +23,7 @@ pub struct Vpn {
   csd_uid: u32,
   csd_wrapper: Option<CString>,
 
+  reconnect_timeout: u32,
   mtu: u32,
   disable_ipv6: bool,
 
@@ -68,6 +69,7 @@ impl Vpn {
       csd_uid: self.csd_uid,
       csd_wrapper: Self::option_to_ptr(&self.csd_wrapper),
 
+      reconnect_timeout: self.reconnect_timeout,
       mtu: self.mtu,
       disable_ipv6: self.disable_ipv6 as u32,
     }
@@ -111,6 +113,7 @@ pub struct VpnBuilder {
   csd_uid: u32,
   csd_wrapper: Option<String>,
 
+  reconnect_timeout: u32,
   mtu: u32,
   disable_ipv6: bool,
 }
@@ -128,6 +131,7 @@ impl VpnBuilder {
       csd_uid: 0,
       csd_wrapper: None,
 
+      reconnect_timeout: 300,
       mtu: 0,
       disable_ipv6: false,
     }
@@ -158,6 +162,11 @@ impl VpnBuilder {
     self
   }
 
+  pub fn reconnect_timeout(mut self, reconnect_timeout: u32) -> Self {
+    self.reconnect_timeout = reconnect_timeout;
+    self
+  }
+
   pub fn mtu(mut self, mtu: u32) -> Self {
     self.mtu = mtu;
     self
@@ -196,6 +205,7 @@ impl VpnBuilder {
       csd_uid: self.csd_uid,
       csd_wrapper: self.csd_wrapper.as_deref().map(Self::to_cstring),
 
+      reconnect_timeout: self.reconnect_timeout,
       mtu: self.mtu,
       disable_ipv6: self.disable_ipv6,