From 5de0f9dec69dba2466f44d9fd031e36b488dd15a Mon Sep 17 00:00:00 2001
From: Jukka Rissanen <jukka.rissanen@linux.intel.com>
Date: Fri, 30 Nov 2012 11:30:42 +0200
Subject: [PATCH] openconnect: Add support for --no-cert-check client option

---
 vpn/plugins/openconnect.c | 52 ++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 51 insertions(+), 1 deletion(-)

diff --git a/vpn/plugins/openconnect.c b/vpn/plugins/openconnect.c
index d36662c..83584da 100644
--- a/vpn/plugins/openconnect.c
+++ b/vpn/plugins/openconnect.c
@@ -46,6 +46,16 @@
 
 #include "vpn.h"
 
+#define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0]))
+
+struct {
+	const char *cm_opt;
+	const char *oc_opt;
+	char       has_value;
+} oc_options[] = {
+	{ "OpenConnect.NoCertCheck", "--no-cert-check", 0 },
+};
+
 struct oc_private_data {
 	struct connman_task *task;
 	char *if_name;
@@ -53,6 +63,30 @@ struct oc_private_data {
 	void *user_data;
 };
 
+static int task_append_config_data(struct vpn_provider *provider,
+					struct connman_task *task)
+{
+	const char *option;
+	int i;
+
+	for (i = 0; i < (int)ARRAY_SIZE(oc_options); i++) {
+		if (oc_options[i].oc_opt == NULL)
+			continue;
+
+		option = vpn_provider_get_string(provider,
+					oc_options[i].cm_opt);
+		if (option == NULL)
+			continue;
+
+		if (connman_task_add_argument(task,
+				oc_options[i].oc_opt,
+				oc_options[i].has_value ? option : NULL) < 0)
+			return -EIO;
+	}
+
+	return 0;
+}
+
 static int oc_notify(DBusMessage *msg, struct vpn_provider *provider)
 {
 	DBusMessageIter iter, dict;
@@ -325,6 +359,8 @@ static int run_connect(struct vpn_provider *provider,
 		goto done;
 	}
 
+	task_append_config_data(provider, task);
+
 	vpn_provider_set_string(provider, "OpenConnect.Cookie", vpncookie);
 
 	certsha1 = vpn_provider_get_string(provider,
@@ -438,7 +474,8 @@ done:
 
 static int oc_save(struct vpn_provider *provider, GKeyFile *keyfile)
 {
-	const char *setting;
+	const char *setting, *option;
+	int i;
 
 	setting = vpn_provider_get_string(provider,
 					"OpenConnect.ServerCert");
@@ -461,6 +498,19 @@ static int oc_save(struct vpn_provider *provider, GKeyFile *keyfile)
 				vpn_provider_get_save_group(provider),
 				"VPN.MTU", setting);
 
+	for (i = 0; i < (int)ARRAY_SIZE(oc_options); i++) {
+		if (strncmp(oc_options[i].cm_opt, "OpenConnect.", 12) == 0) {
+			option = vpn_provider_get_string(provider,
+							oc_options[i].cm_opt);
+			if (option == NULL)
+				continue;
+
+			g_key_file_set_string(keyfile,
+					vpn_provider_get_save_group(provider),
+					oc_options[i].cm_opt, option);
+		}
+	}
+
 	return 0;
 }
 
-- 
2.7.4