From: Thomas Winkler Date: Tue, 10 Mar 2026 12:56:11 +0000 (+0100) Subject: openconnect: implement --no-external-auth X-Git-Url: http://git.99rst.org/?a=commitdiff_plain;h=638335582aa78d363e4fe4e04b8fd1ab8bd98de8;p=openwrt-packages.git openconnect: implement --no-external-auth The option prevents OpenConnect from advertising to the server that it supports any kind of authentication mode that requires an external browser. Some servers will force the client to use such an authentication mode if the client advertises it, but fallback to a more "scriptable" authentication mode if the client doesn’t appear to support it. Signed-off-by: Thomas Winkler --- diff --git a/net/openconnect/Makefile b/net/openconnect/Makefile index 6ce0c20c7..4fe4627c9 100644 --- a/net/openconnect/Makefile +++ b/net/openconnect/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openconnect PKG_VERSION:=9.12 -PKG_RELEASE:=6 +PKG_RELEASE:=7 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://www.infradead.org/openconnect/download diff --git a/net/openconnect/files/openconnect.sh b/net/openconnect/files/openconnect.sh index ae8408b19..6ec8b6629 100755 --- a/net/openconnect/files/openconnect.sh +++ b/net/openconnect/files/openconnect.sh @@ -23,6 +23,7 @@ proto_openconnect_init_config() { proto_config_add_string "vpn_protocol" proto_config_add_boolean "pfs" proto_config_add_boolean "no_dtls" + proto_config_add_boolean "no_external_auth" proto_config_add_string "interface" proto_config_add_string "username" proto_config_add_string "serverhash" @@ -58,6 +59,7 @@ proto_openconnect_setup() { juniper \ vpn_protocol \ mtu \ + no_external_auth \ no_dtls \ os \ password \ @@ -107,6 +109,7 @@ proto_openconnect_setup() { [ -n "$script" ] && append_args --script "$script" [ "$pfs" = 1 ] && append_args --pfs [ "$no_dtls" = 1 ] && append_args --no-dtls + [ "$no_external_auth" = 1 ] && append_args "--no-external-auth" [ -n "$mtu" ] && append_args --mtu "$mtu" # migrate to standard config files