From: Xing-Kai Wang <redacted>
Date: Sun, 10 May 2026 15:52:03 +0000 (+0800)
Subject: openfortivpn: add realm parameter support
X-Git-Url: http://git.99rst.org/?a=commitdiff_plain;h=e488e6c6a556811a1242720703fe3dcc3217d23c;p=openwrt-packages.git

openfortivpn: add realm parameter support

Some FortiGate VPN gateways require a specific authentication realm
when multiple domains or user groups are configured on the same server.

This commit updates the netifd protocol script to parse the 'realm'
option from the UCI configuration and correctly append it to the
openfortivpn command line arguments.

Signed-off-by: Xing-Kai Wang <redacted>
---

diff --git a/net/openfortivpn/files/openfortivpn.sh b/net/openfortivpn/files/openfortivpn.sh
index b4bc9f5d0..55168e51d 100755
--- a/net/openfortivpn/files/openfortivpn.sh
+++ b/net/openfortivpn/files/openfortivpn.sh
@@ -24,6 +24,7 @@ proto_openfortivpn_init_config() {
 	proto_config_add_string "remote_status_check"
 	proto_config_add_boolean "saml_login"
 	proto_config_add_int "saml_login_port"
+	proto_config_add_string  "realm"
 	no_device=1
 	available=1
 }
@@ -34,9 +35,9 @@ proto_openfortivpn_setup() {
 	local msg ifname ip server_ips pwfile callfile
 
 	local peeraddr port tunlink local_ip username password persist_int \
-	      trusted_cert remote_status_check saml_login saml_login_port
+	      trusted_cert remote_status_check saml_login saml_login_port realm
 	json_get_vars host peeraddr port tunlink local_ip username password persist_int \
-		      trusted_cert remote_status_check saml_login saml_login_port
+		      trusted_cert remote_status_check saml_login saml_login_port realm
 
 	ifname="vpn-$config"
 
@@ -148,6 +149,8 @@ proto_openfortivpn_setup() {
 		fi
 	}
 
+	[ -n "$realm" ] && append_args "--realm=$realm"
+
 	callfile="/var/etc/openfortivpn/peers/$config"
 	echo "115200
 :$local_ip