Compare commits

..

15 Commits

Author SHA1 Message Date
Kevin Yue
366b95ce1f Release 2.3.9 2024-11-02 14:13:53 +00:00
Kevin Yue
136c870d1f chore: update CI 2024-11-02 09:46:27 +00:00
Kevin Yue
0c411a542f fix: enhance OpenSSL compatibility mode
Related: #437
2024-11-02 09:36:11 +00:00
Kevin Yue
1e70dd088f Release 2.3.8 2024-10-31 14:50:24 +00:00
Kevin Yue
2dc7f97ff0 Merge branch 'dev' into main 2024-10-31 14:36:50 +00:00
Kevin Yue
6542d677a9 update default browser 2024-10-31 14:31:13 +00:00
Kevin Yue
222fe26cea fix: default browser not working on some os 2024-10-31 06:31:54 +00:00
Kevin Yue
ed413ee029 fix: saved credentials not working 2024-10-31 05:27:04 +00:00
Kevin Yue
516d685c9e fix: saved credentials not working 2024-10-30 16:13:20 +00:00
Kevin Yue
54e2371022 Fix the save credentials not working (#435) 2024-10-30 19:46:53 +08:00
Eric Dallo
511cc5ebd7 Fix flake.nix vpnc-script hardcoded path (#413) 2024-08-18 21:13:26 +08:00
Kevin Yue
30bec40338 Release 2.3.7 2024-08-16 01:34:19 +00:00
Kevin Yue
0bb9353a11 fix: build error with rust 1.80 2024-08-16 01:23:26 +00:00
Kevin Yue
80134f5a2b Release 2.3.6 2024-08-15 13:35:19 +00:00
Kevin Yue
57e20fe478 fix: enhance gpauth to support browser authentication 2024-08-15 13:14:08 +00:00
22 changed files with 431 additions and 116 deletions

View File

@@ -76,7 +76,7 @@ jobs:
cp packaging/deb/postrm .build/debian/postrm cp packaging/deb/postrm .build/debian/postrm
- name: Publish to PPA - name: Publish to PPA
uses: yuezk/publish-ppa-package@dev uses: yuezk/publish-ppa-package@v2
with: with:
repository: "yuezk/globalprotect-openconnect" repository: "yuezk/globalprotect-openconnect"
gpg_private_key: ${{ secrets.PPA_GPG_PRIVATE_KEY }} gpg_private_key: ${{ secrets.PPA_GPG_PRIVATE_KEY }}
@@ -85,5 +85,5 @@ jobs:
debian_dir: publish-ppa/globalprotect-openconnect-*/.build/debian debian_dir: publish-ppa/globalprotect-openconnect-*/.build/debian
deb_email: "k3vinyue@gmail.com" deb_email: "k3vinyue@gmail.com"
deb_fullname: "Kevin Yue" deb_fullname: "Kevin Yue"
extra_ppa: "liushuyu-011/rust-bpo-1.75" extra_ppa: "yuezk/globalprotect-openconnect liushuyu-011/rust-bpo-1.75"
revision: ${{ inputs.revision }} revision: ${{ inputs.revision }}

View File

@@ -1,4 +1,4 @@
name: Release Packages name: GH Release Packages
on: on:
workflow_dispatch: workflow_dispatch:

216
Cargo.lock generated
View File

@@ -266,9 +266,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
[[package]] [[package]]
name = "bitflags" name = "bitflags"
version = "2.4.1" version = "2.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "327762f6e5a765692301e5bb513e0d9fef63be86bbc14528052b1cd3e6f03e07" checksum = "b048fb63fd8b5923fc5aa7b340d8e156aec7ec02f0c78fa8a6ddc2613f6f71de"
[[package]] [[package]]
name = "block" name = "block"
@@ -285,6 +285,15 @@ dependencies = [
"generic-array", "generic-array",
] ]
[[package]]
name = "block2"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2c132eebf10f5cad5289222520a4a058514204aed6d791f1cf4fe8088b82d15f"
dependencies = [
"objc2",
]
[[package]] [[package]]
name = "brotli" name = "brotli"
version = "3.4.0" version = "3.4.0"
@@ -525,7 +534,7 @@ dependencies = [
"bitflags 1.3.2", "bitflags 1.3.2",
"block", "block",
"cocoa-foundation", "cocoa-foundation",
"core-foundation", "core-foundation 0.9.4",
"core-graphics", "core-graphics",
"foreign-types", "foreign-types",
"libc", "libc",
@@ -540,7 +549,7 @@ checksum = "8c6234cbb2e4c785b456c0644748b1ac416dd045799740356f8363dfe00c93f7"
dependencies = [ dependencies = [
"bitflags 1.3.2", "bitflags 1.3.2",
"block", "block",
"core-foundation", "core-foundation 0.9.4",
"core-graphics-types", "core-graphics-types",
"libc", "libc",
"objc", "objc",
@@ -570,7 +579,7 @@ dependencies = [
[[package]] [[package]]
name = "common" name = "common"
version = "2.3.5" version = "2.3.9"
dependencies = [ dependencies = [
"is_executable", "is_executable",
] ]
@@ -606,10 +615,20 @@ dependencies = [
] ]
[[package]] [[package]]
name = "core-foundation-sys" name = "core-foundation"
version = "0.8.6" version = "0.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "06ea2b9bc92be3c2baa9334a323ebca2d6f074ff852cd1d7b11064035cd3868f" checksum = "b55271e5c8c478ad3f38ad24ef34923091e0548492a266d19b3c0b4d82574c63"
dependencies = [
"core-foundation-sys",
"libc",
]
[[package]]
name = "core-foundation-sys"
version = "0.8.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b"
[[package]] [[package]]
name = "core-graphics" name = "core-graphics"
@@ -618,7 +637,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2581bbab3b8ffc6fcbd550bf46c355135d16e9ff2a6ea032ad6b9bf1d7efe4fb" checksum = "2581bbab3b8ffc6fcbd550bf46c355135d16e9ff2a6ea032ad6b9bf1d7efe4fb"
dependencies = [ dependencies = [
"bitflags 1.3.2", "bitflags 1.3.2",
"core-foundation", "core-foundation 0.9.4",
"core-graphics-types", "core-graphics-types",
"foreign-types", "foreign-types",
"libc", "libc",
@@ -631,7 +650,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "45390e6114f68f718cc7a830514a96f903cccd70d02a8f6d9f643ac4ba45afaf" checksum = "45390e6114f68f718cc7a830514a96f903cccd70d02a8f6d9f643ac4ba45afaf"
dependencies = [ dependencies = [
"bitflags 1.3.2", "bitflags 1.3.2",
"core-foundation", "core-foundation 0.9.4",
"libc", "libc",
] ]
@@ -1430,7 +1449,7 @@ dependencies = [
[[package]] [[package]]
name = "gpapi" name = "gpapi"
version = "2.3.5" version = "2.3.9"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"base64 0.21.5", "base64 0.21.5",
@@ -1459,13 +1478,14 @@ dependencies = [
"url", "url",
"urlencoding", "urlencoding",
"uzers", "uzers",
"webbrowser",
"which", "which",
"whoami", "whoami",
] ]
[[package]] [[package]]
name = "gpauth" name = "gpauth"
version = "2.3.5" version = "2.3.9"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"clap", "clap",
@@ -1486,7 +1506,7 @@ dependencies = [
[[package]] [[package]]
name = "gpclient" name = "gpclient"
version = "2.3.5" version = "2.3.9"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"clap", "clap",
@@ -1508,7 +1528,7 @@ dependencies = [
[[package]] [[package]]
name = "gpgui-helper" name = "gpgui-helper"
version = "2.3.5" version = "2.3.9"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"clap", "clap",
@@ -1526,7 +1546,7 @@ dependencies = [
[[package]] [[package]]
name = "gpservice" name = "gpservice"
version = "2.3.5" version = "2.3.9"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"axum", "axum",
@@ -2115,6 +2135,22 @@ dependencies = [
"walkdir", "walkdir",
] ]
[[package]]
name = "jni"
version = "0.21.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1a87aa2bb7d2af34197c04845522473242e1aa17c12f4935d5856491a7fb8c97"
dependencies = [
"cesu8",
"cfg-if",
"combine",
"jni-sys",
"log",
"thiserror",
"walkdir",
"windows-sys 0.45.0",
]
[[package]] [[package]]
name = "jni-sys" name = "jni-sys"
version = "0.3.0" version = "0.3.0"
@@ -2173,7 +2209,7 @@ version = "0.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "85c833ca1e66078851dba29046874e38f08b2c883700aa29a03ddd3b23814ee8" checksum = "85c833ca1e66078851dba29046874e38f08b2c883700aa29a03ddd3b23814ee8"
dependencies = [ dependencies = [
"bitflags 2.4.1", "bitflags 2.6.0",
"libc", "libc",
"redox_syscall", "redox_syscall",
] ]
@@ -2426,6 +2462,12 @@ dependencies = [
"winapi", "winapi",
] ]
[[package]]
name = "num-conv"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9"
[[package]] [[package]]
name = "num-integer" name = "num-integer"
version = "0.1.45" version = "0.1.45"
@@ -2497,6 +2539,40 @@ dependencies = [
"objc_exception", "objc_exception",
] ]
[[package]]
name = "objc-sys"
version = "0.3.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cdb91bdd390c7ce1a8607f35f3ca7151b65afc0ff5ff3b34fa350f7d7c7e4310"
[[package]]
name = "objc2"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "46a785d4eeff09c14c487497c162e92766fbb3e4059a71840cecc03d9a50b804"
dependencies = [
"objc-sys",
"objc2-encode",
]
[[package]]
name = "objc2-encode"
version = "4.0.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7891e71393cd1f227313c9379a26a584ff3d7e6e7159e988851f0934c993f0f8"
[[package]]
name = "objc2-foundation"
version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0ee638a5da3799329310ad4cfa62fbf045d5f56e3ef5ba4149e7452dcf89d5a8"
dependencies = [
"bitflags 2.6.0",
"block2",
"libc",
"objc2",
]
[[package]] [[package]]
name = "objc_exception" name = "objc_exception"
version = "0.1.2" version = "0.1.2"
@@ -2549,7 +2625,7 @@ dependencies = [
[[package]] [[package]]
name = "openconnect" name = "openconnect"
version = "2.3.5" version = "2.3.9"
dependencies = [ dependencies = [
"cc", "cc",
"common", "common",
@@ -2562,7 +2638,7 @@ version = "0.10.66"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9529f4786b70a3e8c61e11179af17ab6188ad8d0ded78c5529441ed39d4bd9c1" checksum = "9529f4786b70a3e8c61e11179af17ab6188ad8d0ded78c5529441ed39d4bd9c1"
dependencies = [ dependencies = [
"bitflags 2.4.1", "bitflags 2.6.0",
"cfg-if", "cfg-if",
"foreign-types", "foreign-types",
"libc", "libc",
@@ -3248,7 +3324,7 @@ version = "0.38.34"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f" checksum = "70dc5ec042f7a43c4a73241207cecc9873a06d45debb38b329f8541d85c2730f"
dependencies = [ dependencies = [
"bitflags 2.4.1", "bitflags 2.6.0",
"errno", "errno",
"libc", "libc",
"linux-raw-sys", "linux-raw-sys",
@@ -3310,7 +3386,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "05b64fb303737d99b81884b2c63433e9ae28abebe5eb5045dcdd175dc2ecf4de" checksum = "05b64fb303737d99b81884b2c63433e9ae28abebe5eb5045dcdd175dc2ecf4de"
dependencies = [ dependencies = [
"bitflags 1.3.2", "bitflags 1.3.2",
"core-foundation", "core-foundation 0.9.4",
"core-foundation-sys", "core-foundation-sys",
"libc", "libc",
"security-framework-sys", "security-framework-sys",
@@ -3771,7 +3847,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7" checksum = "ba3a3adc5c275d719af8cb4272ea1c4a6d668a777f37e115f6d11ddbc1c8e0e7"
dependencies = [ dependencies = [
"bitflags 1.3.2", "bitflags 1.3.2",
"core-foundation", "core-foundation 0.9.4",
"system-configuration-sys", "system-configuration-sys",
] ]
@@ -3821,7 +3897,7 @@ dependencies = [
"cairo-rs", "cairo-rs",
"cc", "cc",
"cocoa", "cocoa",
"core-foundation", "core-foundation 0.9.4",
"core-graphics", "core-graphics",
"crossbeam-channel", "crossbeam-channel",
"dispatch", "dispatch",
@@ -3836,7 +3912,7 @@ dependencies = [
"gtk", "gtk",
"image", "image",
"instant", "instant",
"jni", "jni 0.20.0",
"lazy_static", "lazy_static",
"libc", "libc",
"log", "log",
@@ -4143,12 +4219,13 @@ dependencies = [
[[package]] [[package]]
name = "time" name = "time"
version = "0.3.31" version = "0.3.36"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f657ba42c3f86e7680e53c8cd3af8abbe56b5491790b46e22e19c0d57463583e" checksum = "5dfd88e563464686c916c7e46e623e520ddc6d79fa6641390f2e3fa86e83e885"
dependencies = [ dependencies = [
"deranged", "deranged",
"itoa 1.0.10", "itoa 1.0.10",
"num-conv",
"powerfmt", "powerfmt",
"serde", "serde",
"time-core", "time-core",
@@ -4163,10 +4240,11 @@ checksum = "ef927ca75afb808a4d64dd374f00a2adf8d0fcff8e7b184af886c3c87ec4a3f3"
[[package]] [[package]]
name = "time-macros" name = "time-macros"
version = "0.2.16" version = "0.2.18"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "26197e33420244aeb70c3e8c78376ca46571bc4e701e4791c2cd9f57dcb3a43f" checksum = "3f252a68540fde3a3877aeea552b832b40ab9a69e318efd078774a01ddee1ccf"
dependencies = [ dependencies = [
"num-conv",
"time-core", "time-core",
] ]
@@ -4723,6 +4801,24 @@ dependencies = [
"wasm-bindgen", "wasm-bindgen",
] ]
[[package]]
name = "webbrowser"
version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2e5f07fb9bc8de2ddfe6b24a71a75430673fd679e568c48b52716cef1cfae923"
dependencies = [
"block2",
"core-foundation 0.10.0",
"home",
"jni 0.21.1",
"log",
"ndk-context",
"objc2",
"objc2-foundation",
"url",
"web-sys",
]
[[package]] [[package]]
name = "webkit2gtk" name = "webkit2gtk"
version = "0.18.2" version = "0.18.2"
@@ -4920,6 +5016,15 @@ version = "0.39.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9ee5e275231f07c6e240d14f34e1b635bf1faa1c76c57cfd59a5cdb9848e4278" checksum = "9ee5e275231f07c6e240d14f34e1b635bf1faa1c76c57cfd59a5cdb9848e4278"
[[package]]
name = "windows-sys"
version = "0.45.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "75283be5efb2831d37ea142365f009c02ec203cd29a3ebecbc093d52315b66d0"
dependencies = [
"windows-targets 0.42.2",
]
[[package]] [[package]]
name = "windows-sys" name = "windows-sys"
version = "0.48.0" version = "0.48.0"
@@ -4938,6 +5043,21 @@ dependencies = [
"windows-targets 0.52.0", "windows-targets 0.52.0",
] ]
[[package]]
name = "windows-targets"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8e5180c00cd44c9b1c88adb3693291f1cd93605ded80c250a75d472756b4d071"
dependencies = [
"windows_aarch64_gnullvm 0.42.2",
"windows_aarch64_msvc 0.42.2",
"windows_i686_gnu 0.42.2",
"windows_i686_msvc 0.42.2",
"windows_x86_64_gnu 0.42.2",
"windows_x86_64_gnullvm 0.42.2",
"windows_x86_64_msvc 0.42.2",
]
[[package]] [[package]]
name = "windows-targets" name = "windows-targets"
version = "0.48.5" version = "0.48.5"
@@ -4983,6 +5103,12 @@ dependencies = [
"windows-targets 0.52.0", "windows-targets 0.52.0",
] ]
[[package]]
name = "windows_aarch64_gnullvm"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "597a5118570b68bc08d8d59125332c54f1ba9d9adeedeef5b99b02ba2b0698f8"
[[package]] [[package]]
name = "windows_aarch64_gnullvm" name = "windows_aarch64_gnullvm"
version = "0.48.5" version = "0.48.5"
@@ -5001,6 +5127,12 @@ version = "0.39.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ec7711666096bd4096ffa835238905bb33fb87267910e154b18b44eaabb340f2" checksum = "ec7711666096bd4096ffa835238905bb33fb87267910e154b18b44eaabb340f2"
[[package]]
name = "windows_aarch64_msvc"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e08e8864a60f06ef0d0ff4ba04124db8b0fb3be5776a5cd47641e942e58c4d43"
[[package]] [[package]]
name = "windows_aarch64_msvc" name = "windows_aarch64_msvc"
version = "0.48.5" version = "0.48.5"
@@ -5019,6 +5151,12 @@ version = "0.39.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "763fc57100a5f7042e3057e7e8d9bdd7860d330070251a73d003563a3bb49e1b" checksum = "763fc57100a5f7042e3057e7e8d9bdd7860d330070251a73d003563a3bb49e1b"
[[package]]
name = "windows_i686_gnu"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c61d927d8da41da96a81f029489353e68739737d3beca43145c8afec9a31a84f"
[[package]] [[package]]
name = "windows_i686_gnu" name = "windows_i686_gnu"
version = "0.48.5" version = "0.48.5"
@@ -5037,6 +5175,12 @@ version = "0.39.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7bc7cbfe58828921e10a9f446fcaaf649204dcfe6c1ddd712c5eebae6bda1106" checksum = "7bc7cbfe58828921e10a9f446fcaaf649204dcfe6c1ddd712c5eebae6bda1106"
[[package]]
name = "windows_i686_msvc"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "44d840b6ec649f480a41c8d80f9c65108b92d89345dd94027bfe06ac444d1060"
[[package]] [[package]]
name = "windows_i686_msvc" name = "windows_i686_msvc"
version = "0.48.5" version = "0.48.5"
@@ -5055,6 +5199,12 @@ version = "0.39.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6868c165637d653ae1e8dc4d82c25d4f97dd6605eaa8d784b5c6e0ab2a252b65" checksum = "6868c165637d653ae1e8dc4d82c25d4f97dd6605eaa8d784b5c6e0ab2a252b65"
[[package]]
name = "windows_x86_64_gnu"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8de912b8b8feb55c064867cf047dda097f92d51efad5b491dfb98f6bbb70cb36"
[[package]] [[package]]
name = "windows_x86_64_gnu" name = "windows_x86_64_gnu"
version = "0.48.5" version = "0.48.5"
@@ -5067,6 +5217,12 @@ version = "0.52.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd" checksum = "3d6fa32db2bc4a2f5abeacf2b69f7992cd09dca97498da74a151a3132c26befd"
[[package]]
name = "windows_x86_64_gnullvm"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "26d41b46a36d453748aedef1486d5c7a85db22e56aff34643984ea85514e94a3"
[[package]] [[package]]
name = "windows_x86_64_gnullvm" name = "windows_x86_64_gnullvm"
version = "0.48.5" version = "0.48.5"
@@ -5085,6 +5241,12 @@ version = "0.39.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5e4d40883ae9cae962787ca76ba76390ffa29214667a111db9e0a1ad8377e809" checksum = "5e4d40883ae9cae962787ca76ba76390ffa29214667a111db9e0a1ad8377e809"
[[package]]
name = "windows_x86_64_msvc"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9aec5da331524158c6d1a4ac0ab1541149c0b9505fde06423b02f5ef0106b9f0"
[[package]] [[package]]
name = "windows_x86_64_msvc" name = "windows_x86_64_msvc"
version = "0.48.5" version = "0.48.5"

View File

@@ -5,7 +5,7 @@ members = ["crates/*", "apps/gpclient", "apps/gpservice", "apps/gpauth", "apps/g
[workspace.package] [workspace.package]
rust-version = "1.70" rust-version = "1.70"
version = "2.3.5" version = "2.3.9"
authors = ["Kevin Yue <k3vinyue@gmail.com>"] authors = ["Kevin Yue <k3vinyue@gmail.com>"]
homepage = "https://github.com/yuezk/GlobalProtect-openconnect" homepage = "https://github.com/yuezk/GlobalProtect-openconnect"
edition = "2021" edition = "2021"

View File

@@ -44,12 +44,20 @@ Options:
See 'gpclient help <command>' for more information on a specific command. See 'gpclient help <command>' for more information on a specific command.
``` ```
To use the default browser for authentication with the CLI version, you need to use the following command: To use the external browser for authentication with the CLI version, you need to use the following command:
```bash ```bash
sudo -E gpclient connect --default-browser <portal> sudo -E gpclient connect --browser default <portal>
``` ```
Or you can try the following command if the above command does not work:
```bash
gpauth <portal> --browser default 2>/dev/null | sudo gpclient connect <portal> --cookie-on-stdin
```
You can specify the browser with the `--browser <browser>` option, e.g., `--browser firefox`, `--browser chrome`, etc.
### GUI ### GUI
The GUI version is also available after you installed it. You can launch it from the application menu or run `gpclient launch-gui` in the terminal. The GUI version is also available after you installed it. You can launch it from the application menu or run `gpclient launch-gui` in the terminal.

View File

@@ -1,5 +1,6 @@
[package] [package]
name = "gpauth" name = "gpauth"
authors.workspace = true
version.workspace = true version.workspace = true
edition.workspace = true edition.workspace = true
license.workspace = true license.workspace = true

View File

@@ -1,3 +1,5 @@
use std::{env::temp_dir, fs, os::unix::fs::PermissionsExt};
use clap::Parser; use clap::Parser;
use gpapi::{ use gpapi::{
auth::{SamlAuthData, SamlAuthResult}, auth::{SamlAuthData, SamlAuthResult},
@@ -11,36 +13,68 @@ use log::{info, LevelFilter};
use serde_json::json; use serde_json::json;
use tauri::{App, AppHandle, RunEvent}; use tauri::{App, AppHandle, RunEvent};
use tempfile::NamedTempFile; use tempfile::NamedTempFile;
use tokio::{io::AsyncReadExt, net::TcpListener};
use crate::auth_window::{portal_prelogin, AuthWindow}; use crate::auth_window::{portal_prelogin, AuthWindow};
const VERSION: &str = concat!(env!("CARGO_PKG_VERSION"), " (", compile_time::date_str!(), ")"); const VERSION: &str = concat!(env!("CARGO_PKG_VERSION"), " (", compile_time::date_str!(), ")");
#[derive(Parser, Clone)] #[derive(Parser, Clone)]
#[command(version = VERSION)] #[command(
version = VERSION,
author,
about = "The authentication component for the GlobalProtect VPN client, supports the SSO authentication method.",
help_template = "\
{before-help}{name} {version}
{author}
{about}
{usage-heading} {usage}
{all-args}{after-help}
See 'gpauth -h' for more information.
"
)]
struct Cli { struct Cli {
#[arg(help = "The portal server to authenticate")]
server: String, server: String,
#[arg(long)]
#[arg(long, help = "Treating the server as a gateway")]
gateway: bool, gateway: bool,
#[arg(long)]
#[arg(long, help = "The SAML authentication request")]
saml_request: Option<String>, saml_request: Option<String>,
#[arg(long, default_value = GP_USER_AGENT)]
#[arg(long, default_value = GP_USER_AGENT, help = "The user agent to use")]
user_agent: String, user_agent: String,
#[arg(long, default_value = "Linux")] #[arg(long, default_value = "Linux")]
os: Os, os: Os,
#[arg(long)] #[arg(long)]
os_version: Option<String>, os_version: Option<String>,
#[arg(long)]
#[arg(long, help = "The HiDPI mode, useful for high-resolution screens")]
hidpi: bool, hidpi: bool,
#[arg(long)]
#[arg(long, help = "Get around the OpenSSL `unsafe legacy renegotiation` error")]
fix_openssl: bool, fix_openssl: bool,
#[arg(long)]
#[arg(long, help = "Ignore TLS errors")]
ignore_tls_errors: bool, ignore_tls_errors: bool,
#[arg(long)]
#[arg(long, help = "Clean the cache of the embedded browser")]
clean: bool, clean: bool,
#[arg(long)]
#[arg(long, help = "Use the default browser for authentication")]
default_browser: bool, default_browser: bool,
#[arg(long)]
#[arg(
long,
help = "The browser to use for authentication, e.g., `default`, `firefox`, `chrome`, `chromium`, or the path to the browser executable"
)]
browser: Option<String>, browser: Option<String>,
} }
@@ -74,6 +108,15 @@ impl Cli {
info!("Please continue the authentication process in the default browser"); info!("Please continue the authentication process in the default browser");
let auth_result = match wait_auth_data().await {
Ok(auth_data) => SamlAuthResult::Success(auth_data),
Err(err) => SamlAuthResult::Failure(format!("{}", err)),
};
info!("Authentication completed");
println!("{}", json!(auth_result));
return Ok(()); return Ok(());
} }
@@ -181,3 +224,35 @@ pub async fn run() {
std::process::exit(1); std::process::exit(1);
} }
} }
async fn wait_auth_data() -> anyhow::Result<SamlAuthData> {
// Start a local server to receive the browser authentication data
let listener = TcpListener::bind("127.0.0.1:0").await?;
let port = listener.local_addr()?.port();
let port_file = temp_dir().join("gpcallback.port");
// Write the port to a file
fs::write(&port_file, port.to_string())?;
fs::set_permissions(&port_file, fs::Permissions::from_mode(0o600))?;
// Remove the previous log file
let callback_log = temp_dir().join("gpcallback.log");
let _ = fs::remove_file(&callback_log);
info!("Listening authentication data on port {}", port);
info!(
"If it hangs, please check the logs at `{}` for more information",
callback_log.display()
);
let (mut socket, _) = listener.accept().await?;
info!("Received the browser authentication data from the socket");
let mut data = String::new();
socket.read_to_string(&mut data).await?;
// Remove the port file
fs::remove_file(&port_file)?;
let auth_data = SamlAuthData::from_gpcallback(&data)?;
Ok(auth_data)
}

View File

@@ -1,3 +1,5 @@
use std::{env::temp_dir, fs::File};
use clap::{Parser, Subcommand}; use clap::{Parser, Subcommand};
use gpapi::utils::openssl; use gpapi::utils::openssl;
use log::{info, LevelFilter}; use log::{info, LevelFilter};
@@ -48,7 +50,7 @@ struct Cli {
#[command(subcommand)] #[command(subcommand)]
command: CliCommand, command: CliCommand,
#[arg(long, help = "Get around the OpenSSL `unsafe legacy renegotiation` error")] #[arg(long, help = "Uses extended compatibility mode for OpenSSL operations to support a broader range of systems and formats.")]
fix_openssl: bool, fix_openssl: bool,
#[arg(long, help = "Ignore the TLS errors")] #[arg(long, help = "Ignore the TLS errors")]
ignore_tls_errors: bool, ignore_tls_errors: bool,
@@ -85,14 +87,29 @@ impl Cli {
} }
} }
fn init_logger() { fn init_logger(command: &CliCommand) {
env_logger::builder().filter_level(LevelFilter::Info).init(); let mut builder = env_logger::builder();
builder.filter_level(LevelFilter::Info);
// Output the log messages to a file if the command is the auth callback
if let CliCommand::LaunchGui(args) = command {
let auth_data = args.auth_data.as_deref().unwrap_or_default();
if !auth_data.is_empty() {
if let Ok(log_file) = File::create(temp_dir().join("gpcallback.log")) {
let target = Box::new(log_file);
builder.target(env_logger::Target::Pipe(target));
}
}
}
builder.init();
} }
pub(crate) async fn run() { pub(crate) async fn run() {
let cli = Cli::parse(); let cli = Cli::parse();
init_logger(); init_logger(&cli.command);
info!("gpclient started: {}", VERSION); info!("gpclient started: {}", VERSION);
if let Err(err) = cli.run().await { if let Err(err) = cli.run().await {

View File

@@ -1,8 +1,10 @@
use std::{cell::RefCell, fs, sync::Arc}; use std::{cell::RefCell, fs, sync::Arc};
use anyhow::bail;
use clap::Args; use clap::Args;
use common::vpn_utils::find_csd_wrapper; use common::vpn_utils::find_csd_wrapper;
use gpapi::{ use gpapi::{
auth::SamlAuthResult,
clap::args::Os, clap::args::Os,
credential::{Credential, PasswordCredential}, credential::{Credential, PasswordCredential},
error::PortalError, error::PortalError,
@@ -19,9 +21,8 @@ use gpapi::{
use inquire::{Password, PasswordDisplayMode, Select, Text}; use inquire::{Password, PasswordDisplayMode, Select, Text};
use log::info; use log::info;
use openconnect::Vpn; use openconnect::Vpn;
use tokio::{io::AsyncReadExt, net::TcpListener};
use crate::{cli::SharedArgs, GP_CLIENT_LOCK_FILE, GP_CLIENT_PORT_FILE}; use crate::{cli::SharedArgs, GP_CLIENT_LOCK_FILE};
#[derive(Args)] #[derive(Args)]
pub(crate) struct ConnectArgs { pub(crate) struct ConnectArgs {
@@ -37,6 +38,9 @@ pub(crate) struct ConnectArgs {
#[arg(long, help = "Read the password from standard input")] #[arg(long, help = "Read the password from standard input")]
passwd_on_stdin: bool, passwd_on_stdin: bool,
#[arg(long, help = "Read the cookie from standard input")]
cookie_on_stdin: bool,
#[arg(long, short, help = "The VPNC script to use")] #[arg(long, short, help = "The VPNC script to use")]
script: Option<String>, script: Option<String>,
@@ -89,7 +93,7 @@ pub(crate) struct ConnectArgs {
#[arg(long, help = "Disable DTLS and ESP")] #[arg(long, help = "Disable DTLS and ESP")]
no_dtls: bool, no_dtls: bool,
#[arg(long, help = "The HiDPI mode, useful for high resolution screens")] #[arg(long, help = "The HiDPI mode, useful for high-resolution screens")]
hidpi: bool, hidpi: bool,
#[arg(long, help = "Do not reuse the remembered authentication cookie")] #[arg(long, help = "Do not reuse the remembered authentication cookie")]
@@ -100,7 +104,7 @@ pub(crate) struct ConnectArgs {
#[arg( #[arg(
long, long,
help = "Use the specified browser to authenticate, e.g., firefox, chromium, chrome, or the path to the browser" help = "Use the specified browser to authenticate, e.g., `default`, `firefox`, `chrome`, `chromium`, or the path to the browser executable"
)] )]
browser: Option<String>, browser: Option<String>,
} }
@@ -147,6 +151,10 @@ impl<'a> ConnectHandler<'a> {
} }
pub(crate) async fn handle(&self) -> anyhow::Result<()> { pub(crate) async fn handle(&self) -> anyhow::Result<()> {
if self.args.default_browser && self.args.browser.is_some() {
bail!("Cannot use `--default-browser` and `--browser` options at the same time");
}
self.latest_key_password.replace(self.args.key_password.clone()); self.latest_key_password.replace(self.args.key_password.clone());
loop { loop {
@@ -327,6 +335,10 @@ impl<'a> ConnectHandler<'a> {
} }
async fn obtain_credential(&self, prelogin: &Prelogin, server: &str) -> anyhow::Result<Credential> { async fn obtain_credential(&self, prelogin: &Prelogin, server: &str) -> anyhow::Result<Credential> {
if self.args.cookie_on_stdin {
return read_cookie_from_stdin();
}
let is_gateway = prelogin.is_gateway(); let is_gateway = prelogin.is_gateway();
match prelogin { match prelogin {
@@ -353,18 +365,9 @@ impl<'a> ConnectHandler<'a> {
.launch() .launch()
.await?; .await?;
if let Some(cred) = cred { Ok(cred)
return Ok(cred);
} }
if !use_default_browser {
// This should never happen
unreachable!("SAML authentication failed without using the default browser");
}
info!("Waiting for the browser authentication to complete...");
wait_credentials().await
}
Prelogin::Standard(prelogin) => { Prelogin::Standard(prelogin) => {
let prefix = if is_gateway { "Gateway" } else { "Portal" }; let prefix = if is_gateway { "Gateway" } else { "Portal" };
println!("{} ({}: {})", prelogin.auth_message(), prefix, server); println!("{} ({}: {})", prelogin.auth_message(), prefix, server);
@@ -394,25 +397,17 @@ impl<'a> ConnectHandler<'a> {
} }
} }
async fn wait_credentials() -> anyhow::Result<Credential> { fn read_cookie_from_stdin() -> anyhow::Result<Credential> {
// Start a local server to receive the browser authentication data info!("Reading cookie from standard input");
let listener = TcpListener::bind("127.0.0.1:0").await?;
let port = listener.local_addr()?.port();
// Write the port to a file let mut cookie = String::new();
fs::write(GP_CLIENT_PORT_FILE, port.to_string())?; std::io::stdin().read_line(&mut cookie)?;
info!("Listening authentication data on port {}", port); let Ok(auth_result) = serde_json::from_str::<SamlAuthResult>(cookie.trim_end()) else {
let (mut socket, _) = listener.accept().await?; bail!("Failed to parse auth data")
};
info!("Received the browser authentication data from the socket"); Credential::try_from(auth_result)
let mut data = String::new();
socket.read_to_string(&mut data).await?;
// Remove the port file
fs::remove_file(GP_CLIENT_PORT_FILE)?;
Credential::from_gpcallback(&data)
} }
fn write_pid_file() { fn write_pid_file() {

View File

@@ -9,15 +9,13 @@ use gpapi::{
use log::info; use log::info;
use tokio::io::AsyncWriteExt; use tokio::io::AsyncWriteExt;
use crate::GP_CLIENT_PORT_FILE;
#[derive(Args)] #[derive(Args)]
pub(crate) struct LaunchGuiArgs { pub(crate) struct LaunchGuiArgs {
#[arg( #[arg(
required = false, required = false,
help = "The authentication data, used for the default browser authentication" help = "The authentication data, used for the default browser authentication"
)] )]
auth_data: Option<String>, pub auth_data: Option<String>,
#[arg(long, help = "Launch the GUI minimized")] #[arg(long, help = "Launch the GUI minimized")]
minimized: bool, minimized: bool,
} }
@@ -40,6 +38,7 @@ impl<'a> LaunchGuiHandler<'a> {
let auth_data = self.args.auth_data.as_deref().unwrap_or_default(); let auth_data = self.args.auth_data.as_deref().unwrap_or_default();
if !auth_data.is_empty() { if !auth_data.is_empty() {
info!("Received auth callback data");
// Process the authentication data, its format is `globalprotectcallback:<data>` // Process the authentication data, its format is `globalprotectcallback:<data>`
return feed_auth_data(auth_data).await; return feed_auth_data(auth_data).await;
} }
@@ -81,16 +80,26 @@ impl<'a> LaunchGuiHandler<'a> {
} }
async fn feed_auth_data(auth_data: &str) -> anyhow::Result<()> { async fn feed_auth_data(auth_data: &str) -> anyhow::Result<()> {
let _ = tokio::join!(feed_auth_data_gui(auth_data), feed_auth_data_cli(auth_data)); let (res_gui, res_cli) = tokio::join!(feed_auth_data_gui(auth_data), feed_auth_data_cli(auth_data));
if let Err(err) = res_gui {
info!("Failed to feed auth data to the GUI: {}", err);
}
if let Err(err) = res_cli {
info!("Failed to feed auth data to the CLI: {}", err);
}
// Cleanup the temporary file // Cleanup the temporary file
let html_file = temp_dir().join("gpauth.html"); let html_file = temp_dir().join("gpauth.html");
let _ = std::fs::remove_file(html_file); if let Err(err) = std::fs::remove_file(&html_file) {
info!("Failed to remove {}: {}", html_file.display(), err);
}
Ok(()) Ok(())
} }
async fn feed_auth_data_gui(auth_data: &str) -> anyhow::Result<()> { async fn feed_auth_data_gui(auth_data: &str) -> anyhow::Result<()> {
info!("Feeding auth data to the GUI");
let service_endpoint = http_endpoint().await?; let service_endpoint = http_endpoint().await?;
reqwest::Client::default() reqwest::Client::default()
@@ -104,7 +113,10 @@ async fn feed_auth_data_gui(auth_data: &str) -> anyhow::Result<()> {
} }
async fn feed_auth_data_cli(auth_data: &str) -> anyhow::Result<()> { async fn feed_auth_data_cli(auth_data: &str) -> anyhow::Result<()> {
let port = tokio::fs::read_to_string(GP_CLIENT_PORT_FILE).await?; info!("Feeding auth data to the CLI");
let port_file = temp_dir().join("gpcallback.port");
let port = tokio::fs::read_to_string(port_file).await?;
let mut stream = tokio::net::TcpStream::connect(format!("127.0.0.1:{}", port.trim())).await?; let mut stream = tokio::net::TcpStream::connect(format!("127.0.0.1:{}", port.trim())).await?;
stream.write_all(auth_data.as_bytes()).await?; stream.write_all(auth_data.as_bytes()).await?;
@@ -124,7 +136,7 @@ async fn try_active_gui() -> anyhow::Result<()> {
Ok(()) Ok(())
} }
pub fn get_log_file() -> anyhow::Result<PathBuf> { fn get_log_file() -> anyhow::Result<PathBuf> {
let dirs = ProjectDirs::from("com.yuezk", "GlobalProtect-openconnect", "gpclient") let dirs = ProjectDirs::from("com.yuezk", "GlobalProtect-openconnect", "gpclient")
.ok_or_else(|| anyhow::anyhow!("Failed to get project dirs"))?; .ok_or_else(|| anyhow::anyhow!("Failed to get project dirs"))?;

View File

@@ -4,7 +4,6 @@ mod disconnect;
mod launch_gui; mod launch_gui;
pub(crate) const GP_CLIENT_LOCK_FILE: &str = "/var/run/gpclient.lock"; pub(crate) const GP_CLIENT_LOCK_FILE: &str = "/var/run/gpclient.lock";
pub(crate) const GP_CLIENT_PORT_FILE: &str = "/var/run/gpclient.port";
#[tokio::main] #[tokio::main]
async fn main() { async fn main() {

View File

@@ -1,5 +1,27 @@
# Changelog # Changelog
## 2.3.9 - 2024-11-02
- Enhance the OpenSSL compatibility mode (fix [#437](https://github.com/yuezk/GlobalProtect-openconnect/issues/437))
## 2.3.8 - 2024-10-31
- GUI: support configure the external browser to use for authentication (fix [#423](https://github.com/yuezk/GlobalProtect-openconnect/issues/423))
- GUI: add option to remember the credential (fix [#420](https://github.com/yuezk/GlobalProtect-openconnect/issues/420))
- GUI: fix the credential not saved issue (fix [#420](https://github.com/yuezk/GlobalProtect-openconnect/issues/420))
- CLI: fix the default browser detection issue (fix [#416](https://github.com/yuezk/GlobalProtect-openconnect/issues/416))
## 2.3.7 - 2024-08-16
- Fix the Rust type inference regression [issue in 1.80](https://github.com/rust-lang/rust/issues/125319).
## 2.3.6 - 2024-08-15
- CLI: enhance the `gpauth` command to support external browser authentication
- CLI: add the `--cookie-on-stdin` option to support read the cookie from stdin
- CLI: support usage: `gpauth <portal> --browser <browser> 2>/dev/null | sudo gpclient connect <portal> --cookie-on-stdin`
- CLI: fix the `--browser <browser>` option not working
## 2.3.5 - 2024-08-14 ## 2.3.5 - 2024-08-14
- Support configure `no-dtls` option - Support configure `no-dtls` option

View File

@@ -35,8 +35,9 @@ which.workspace = true
tauri = { workspace = true, optional = true } tauri = { workspace = true, optional = true }
clap = { workspace = true, optional = true } clap = { workspace = true, optional = true }
open = { version = "5", optional = true } open = { version = "5", optional = true }
webbrowser = { version = "1", optional = true }
[features] [features]
tauri = ["dep:tauri"] tauri = ["dep:tauri"]
clap = ["dep:clap"] clap = ["dep:clap"]
browser-auth = ["dep:open"] browser-auth = ["dep:open", "dep:webbrowser"]

View File

@@ -85,7 +85,6 @@ impl SamlAuthData {
return Ok(auth_data); return Ok(auth_data);
} }
info!("Parsing SAML auth data...");
let auth_data = decode_to_string(auth_data).map_err(|e| { let auth_data = decode_to_string(auth_data).map_err(|e| {
warn!("Failed to decode SAML auth data: {}", e); warn!("Failed to decode SAML auth data: {}", e);
AuthDataParseError::Invalid AuthDataParseError::Invalid

View File

@@ -1,9 +1,10 @@
use std::collections::HashMap; use std::collections::HashMap;
use anyhow::bail;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use specta::Type; use specta::Type;
use crate::auth::SamlAuthData; use crate::auth::{SamlAuthData, SamlAuthResult};
#[derive(Debug, Serialize, Deserialize, Type, Clone)] #[derive(Debug, Serialize, Deserialize, Type, Clone)]
#[serde(rename_all = "camelCase")] #[serde(rename_all = "camelCase")]
@@ -110,11 +111,11 @@ impl AuthCookieCredential {
pub struct CachedCredential { pub struct CachedCredential {
username: String, username: String,
password: Option<String>, password: Option<String>,
auth_cookie: AuthCookieCredential, auth_cookie: Option<AuthCookieCredential>,
} }
impl CachedCredential { impl CachedCredential {
pub fn new(username: String, password: Option<String>, auth_cookie: AuthCookieCredential) -> Self { pub fn new(username: String, password: Option<String>, auth_cookie: Option<AuthCookieCredential>) -> Self {
Self { Self {
username, username,
password, password,
@@ -130,12 +131,12 @@ impl CachedCredential {
self.password.as_deref() self.password.as_deref()
} }
pub fn auth_cookie(&self) -> &AuthCookieCredential { pub fn auth_cookie(&self) -> Option<&AuthCookieCredential> {
&self.auth_cookie self.auth_cookie.as_ref()
} }
pub fn set_auth_cookie(&mut self, auth_cookie: AuthCookieCredential) { pub fn set_auth_cookie(&mut self, auth_cookie: AuthCookieCredential) {
self.auth_cookie = auth_cookie; self.auth_cookie = Some(auth_cookie);
} }
pub fn set_username(&mut self, username: String) { pub fn set_username(&mut self, username: String) {
@@ -149,11 +150,7 @@ impl CachedCredential {
impl From<PasswordCredential> for CachedCredential { impl From<PasswordCredential> for CachedCredential {
fn from(value: PasswordCredential) -> Self { fn from(value: PasswordCredential) -> Self {
Self::new( Self::new(value.username().to_owned(), Some(value.password().to_owned()), None)
value.username().to_owned(),
Some(value.password().to_owned()),
AuthCookieCredential::new("", "", ""),
)
} }
} }
#[derive(Debug, Serialize, Deserialize, Type, Clone)] #[derive(Debug, Serialize, Deserialize, Type, Clone)]
@@ -200,8 +197,8 @@ impl Credential {
Credential::Cached(cred) => ( Credential::Cached(cred) => (
cred.password(), cred.password(),
None, None,
Some(cred.auth_cookie.user_auth_cookie()), cred.auth_cookie.as_ref().map(|c| c.user_auth_cookie()),
Some(cred.auth_cookie.prelogon_user_auth_cookie()), cred.auth_cookie.as_ref().map(|c| c.prelogon_user_auth_cookie()),
None, None,
), ),
}; };
@@ -230,6 +227,17 @@ impl From<SamlAuthData> for Credential {
} }
} }
impl TryFrom<SamlAuthResult> for Credential {
type Error = anyhow::Error;
fn try_from(value: SamlAuthResult) -> anyhow::Result<Self> {
match value {
SamlAuthResult::Success(auth_data) => Ok(Self::from(auth_data)),
SamlAuthResult::Failure(err) => bail!(err),
}
}
}
impl From<PasswordCredential> for Credential { impl From<PasswordCredential> for Credential {
fn from(value: PasswordCredential) -> Self { fn from(value: PasswordCredential) -> Self {
Self::Password(value) Self::Password(value)

View File

@@ -29,7 +29,7 @@ pub async fn gateway_login(gateway: &str, cred: &Credential, gp_params: &GpParam
params.extend(extra_params); params.extend(extra_params);
params.insert("server", &gateway); params.insert("server", &gateway);
info!("Gateway login, user_agent: {}", gp_params.user_agent()); info!("Perform gateway login, user_agent: {}", gp_params.user_agent());
let res = client let res = client
.post(&login_url) .post(&login_url)

View File

@@ -109,7 +109,7 @@ pub async fn retrieve_config(portal: &str, cred: &Credential, gp_params: &GpPara
params.insert("server", &server); params.insert("server", &server);
params.insert("host", &server); params.insert("host", &server);
info!("Portal config, user_agent: {}", gp_params.user_agent()); info!("Retrieve the portal config, user_agent: {}", gp_params.user_agent());
let res = client let res = client
.post(&url) .post(&url)
@@ -153,7 +153,9 @@ pub async fn retrieve_config(portal: &str, cred: &Credential, gp_params: &GpPara
}); });
let user_auth_cookie = root.descendant_text("portal-userauthcookie").unwrap_or_default(); let user_auth_cookie = root.descendant_text("portal-userauthcookie").unwrap_or_default();
let prelogon_user_auth_cookie = root.descendant_text("portal-prelogonuserauthcookie").unwrap_or_default(); let prelogon_user_auth_cookie = root
.descendant_text("portal-prelogonuserauthcookie")
.unwrap_or_default();
let config_digest = root.descendant_text("config-digest"); let config_digest = root.descendant_text("config-digest");
if gateways.is_empty() { if gateways.is_empty() {

View File

@@ -116,6 +116,8 @@ pub async fn prelogin(portal: &str, gp_params: &GpParams) -> anyhow::Result<Prel
let client = Client::try_from(gp_params)?; let client = Client::try_from(gp_params)?;
info!("Perform prelogin, user_agent: {}", gp_params.user_agent());
let res = client let res = client
.post(&prelogin_url) .post(&prelogin_url)
.form(&params) .form(&params)

View File

@@ -96,7 +96,7 @@ impl<'a> SamlAuthLauncher<'a> {
} }
/// Launch the authenticator binary as the current user or SUDO_USER if available. /// Launch the authenticator binary as the current user or SUDO_USER if available.
pub async fn launch(self) -> anyhow::Result<Option<Credential>> { pub async fn launch(self) -> anyhow::Result<Credential> {
let mut auth_cmd = Command::new(GP_AUTH_BINARY); let mut auth_cmd = Command::new(GP_AUTH_BINARY);
auth_cmd.arg(self.server); auth_cmd.arg(self.server);
@@ -152,17 +152,10 @@ impl<'a> SamlAuthLauncher<'a> {
.wait_with_output() .wait_with_output()
.await?; .await?;
if self.default_browser {
return Ok(None);
}
let Ok(auth_result) = serde_json::from_slice::<SamlAuthResult>(&output.stdout) else { let Ok(auth_result) = serde_json::from_slice::<SamlAuthResult>(&output.stdout) else {
bail!("Failed to parse auth data") bail!("Failed to parse auth data")
}; };
match auth_result { Credential::try_from(auth_result)
SamlAuthResult::Success(auth_data) => Ok(Some(Credential::from(auth_data))),
SamlAuthResult::Failure(msg) => bail!(msg),
}
} }
} }

View File

@@ -17,9 +17,14 @@ impl BrowserAuthenticator<'_> {
} }
pub fn new_with_browser<'a>(auth_request: &'a str, browser: &'a str) -> BrowserAuthenticator<'a> { pub fn new_with_browser<'a>(auth_request: &'a str, browser: &'a str) -> BrowserAuthenticator<'a> {
let browser = browser.trim();
BrowserAuthenticator { BrowserAuthenticator {
auth_request, auth_request,
browser: Some(browser), browser: if browser.is_empty() || browser == "default" {
None
} else {
Some(browser)
},
} }
} }
@@ -52,7 +57,7 @@ impl BrowserAuthenticator<'_> {
open::with_detached(path.as_ref(), app)?; open::with_detached(path.as_ref(), app)?;
} else { } else {
info!("Launching the default browser..."); info!("Launching the default browser...");
open::that_detached(path.as_ref())?; webbrowser::open(path.as_ref())?;
} }
Ok(()) Ok(())

View File

@@ -10,12 +10,24 @@ pub fn openssl_conf() -> String {
[openssl_init] [openssl_init]
ssl_conf = ssl_sect ssl_conf = ssl_sect
providers = provider_sect
[ssl_sect] [ssl_sect]
system_default = system_default_sect system_default = system_default_sect
[system_default_sect] [system_default_sect]
Options = {}", Options = {}
[provider_sect]
default = default_sect
legacy = legacy_sect
[default_sect]
activate = 1
[legacy_sect]
activate = 1
",
option option
) )
} }

View File

@@ -42,6 +42,8 @@
overrideMain = {...}: { overrideMain = {...}: {
postPatch = '' postPatch = ''
substituteInPlace crates/common/src/vpn_utils.rs \
--replace-fail /etc/vpnc/vpnc-script ${pkgs.vpnc-scripts}/bin/vpnc-script
substituteInPlace crates/gpapi/src/lib.rs \ substituteInPlace crates/gpapi/src/lib.rs \
--replace-fail /usr/bin/gpclient $out/bin/gpclient \ --replace-fail /usr/bin/gpclient $out/bin/gpclient \
--replace-fail /usr/bin/gpservice $out/bin/gpservice \ --replace-fail /usr/bin/gpservice $out/bin/gpservice \