feat: support the --no-dtls option

yuezk · Aug 13, 2024 · c2a6a43 · c2a6a43
1 parent c578e35
commit c2a6a43
Show file tree

Hide file tree

Showing 8 changed files with 31 additions and 1 deletion.
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -11,6 +11,7 @@
         "distro",
         "dotenv",
         "dotenvy",
+        "dtls",
         "getconfig",
         "globalprotect",
         "globalprotectcallback",

diff --git a/apps/gpclient/src/connect.rs b/apps/gpclient/src/connect.rs
@@ -86,6 +86,9 @@ pub(crate) struct ConnectArgs {
   #[arg(long)]
   os_version: Option<String>,
 
+  #[arg(long, help="Disable DTLS and ESP")]
+  no_dtls: bool,
+
   #[arg(long, help = "The HiDPI mode, useful for high resolution screens")]
   hidpi: bool,
 
@@ -294,6 +297,7 @@ impl<'a> ConnectHandler<'a> {
       .reconnect_timeout(self.args.reconnect_timeout)
       .mtu(mtu)
       .disable_ipv6(self.args.disable_ipv6)
+      .no_dtls(self.args.no_dtls)
       .build()?;
 
     let vpn = Arc::new(vpn);

diff --git a/apps/gpservice/src/vpn_task.rs b/apps/gpservice/src/vpn_task.rs
@@ -47,6 +47,7 @@ impl VpnTaskContext {
       .reconnect_timeout(args.reconnect_timeout())
       .mtu(args.mtu())
       .disable_ipv6(args.disable_ipv6())
+      .no_dtls(args.no_dtls())
       .build()
     {
       Ok(vpn) => vpn,

diff --git a/crates/gpapi/src/service/request.rs b/crates/gpapi/src/service/request.rs
@@ -41,6 +41,7 @@ pub struct ConnectArgs {
   reconnect_timeout: u32,
   mtu: u32,
   disable_ipv6: bool,
+  no_dtls: bool,
 }
 
 impl ConnectArgs {
@@ -58,6 +59,7 @@ impl ConnectArgs {
       reconnect_timeout: 300,
       mtu: 0,
       disable_ipv6: false,
+      no_dtls: false,
     }
   }
 
@@ -108,6 +110,10 @@ impl ConnectArgs {
   pub fn disable_ipv6(&self) -> bool {
     self.disable_ipv6
   }
+
+  pub fn no_dtls(&self) -> bool {
+    self.no_dtls
+  }
 }
 
 #[derive(Debug, Deserialize, Serialize, Type)]
@@ -179,6 +185,11 @@ impl ConnectRequest {
     self
   }
 
+  pub fn with_no_dtls(mut self, no_dtls: bool) -> Self {
+    self.args.no_dtls = no_dtls;
+    self
+  }
+
   pub fn gateway(&self) -> &Gateway {
     self.info.gateway()
   }

diff --git a/crates/openconnect/src/ffi/mod.rs b/crates/openconnect/src/ffi/mod.rs
@@ -24,6 +24,7 @@ pub(crate) struct ConnectOptions {
   pub reconnect_timeout: u32,
   pub mtu: u32,
   pub disable_ipv6: u32,
+  pub no_dtls: u32,
 }
 
 #[link(name = "vpn")]

diff --git a/crates/openconnect/src/ffi/vpn.c b/crates/openconnect/src/ffi/vpn.c
@@ -63,6 +63,7 @@ int vpn_connect(const vpn_options *options, vpn_connected_callback callback)
     INFO("RECONNECT_TIMEOUT: %d", options->reconnect_timeout);
     INFO("MTU: %d", options->mtu);
     INFO("DISABLE_IPV6: %d", options->disable_ipv6);
+    INFO("NO_DTLS: %d", options->no_dtls);
 
     vpninfo = openconnect_vpninfo_new(options->user_agent, validate_peer_cert, NULL, NULL, print_progress, NULL);
 
@@ -119,7 +120,7 @@ int vpn_connect(const vpn_options *options, vpn_connected_callback callback)
         return 1;
     }
 
-    if (openconnect_setup_dtls(vpninfo, 60) != 0) {
+    if (options->no_dtls || openconnect_setup_dtls(vpninfo, 60) != 0) {
         openconnect_disable_dtls(vpninfo);
     }
 

diff --git a/crates/openconnect/src/ffi/vpn.h b/crates/openconnect/src/ffi/vpn.h
@@ -25,6 +25,7 @@ typedef struct vpn_options
     const int reconnect_timeout;
     const int mtu;
     const int disable_ipv6;
+    const int no_dtls;
 } vpn_options;
 
 int vpn_connect(const vpn_options *options, vpn_connected_callback callback);

diff --git a/crates/openconnect/src/vpn.rs b/crates/openconnect/src/vpn.rs
@@ -28,6 +28,7 @@ pub struct Vpn {
   reconnect_timeout: u32,
   mtu: u32,
   disable_ipv6: bool,
+  no_dtls: bool,
 
   callback: OnConnectedCallback,
 }
@@ -77,6 +78,7 @@ impl Vpn {
       reconnect_timeout: self.reconnect_timeout,
       mtu: self.mtu,
       disable_ipv6: self.disable_ipv6 as u32,
+      no_dtls: self.no_dtls as u32,
     }
   }
 
@@ -125,6 +127,7 @@ pub struct VpnBuilder {
   reconnect_timeout: u32,
   mtu: u32,
   disable_ipv6: bool,
+  no_dtls: bool,
 }
 
 impl VpnBuilder {
@@ -147,6 +150,7 @@ impl VpnBuilder {
       reconnect_timeout: 300,
       mtu: 0,
       disable_ipv6: false,
+      no_dtls: false,
     }
   }
 
@@ -205,6 +209,11 @@ impl VpnBuilder {
     self
   }
 
+  pub fn no_dtls(mut self, no_dtls: bool) -> Self {
+    self.no_dtls = no_dtls;
+    self
+  }
+
   pub fn build(self) -> Result<Vpn, VpnError> {
     let script = match self.script {
       Some(script) => {
@@ -239,6 +248,7 @@ impl VpnBuilder {
       reconnect_timeout: self.reconnect_timeout,
       mtu: self.mtu,
       disable_ipv6: self.disable_ipv6,
+      no_dtls: self.no_dtls,
 
       callback: Default::default(),
     })