Re: Add resolvd support to net/vpnc-scripts

Sat, 30 Oct 2021 10:58:26 -0700 

sthen@ suggested that checking whether resolvd is running is better
than whether it was enabled, so I adjusted the patch for that.  I also
now check for the existence of /usr/sbin/rcctl instead of $OS = OpenBSD,
since that is more consistent with the things in this section do.  

(also fixed an accidentally removed blank line)

On Sat, Oct 30, 2021 at 10:26:42AM -0700, Andrew Hewus Fresh wrote:
> Due to changes to the work laptop I'm a new openconnect user and it
> turns out it's not too tough to support resolvd in openconnect with a
> couple new functions in vpnc-script.  I don't have any idea if this is
> the best way to detect if resolvd is in use, but it seems to work in my
> one test case.
> 
> No idea if this patch would be welcomed upstream, but seems like an
> improvement to me.
> 
> Comments, OK?
> 

Index: Makefile
===================================================================
RCS file: /cvs/ports/net/vpnc-scripts/Makefile,v
retrieving revision 1.5
diff -u -p -r1.5 Makefile
--- Makefile    16 Aug 2020 11:36:07 -0000      1.5
+++ Makefile    30 Oct 2021 17:52:20 -0000
@@ -5,6 +5,7 @@ COMMENT=        connect scripts for use with vp
 C=             e6a8fac7f7e8bf3c391787a3e0672f741603a9c9
 DISTNAME=      vpnc-scripts-${C}
 PKGNAME=       vpnc-scripts-20200317
+REVISION=      0
 
 CATEGORIES=    net
 
Index: patches/patch-vpnc-script
===================================================================
RCS file: patches/patch-vpnc-script
diff -N patches/patch-vpnc-script
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-vpnc-script   30 Oct 2021 17:52:20 -0000
@@ -0,0 +1,32 @@
+$OpenBSD$
+
+Index: vpnc-script
+--- vpnc-script.orig
++++ vpnc-script
+@@ -150,6 +150,9 @@ elif [ -x /sbin/modify_resolvconf ]; then
+ elif [ -x /usr/sbin/unbound-control ] && /usr/sbin/unbound-control status > 
/dev/null 2>&1; then
+       MODIFYRESOLVCONF=modify_resolvconf_unbound
+       RESTORERESOLVCONF=restore_resolvconf_unbound
++elif [ -x /usr/sbin/rcctl ] && /usr/sbin/rcctl check resolvd >/dev/null; then
++      MODIFYRESOLVCONF=modify_resolvconf_resolvd
++      RESTORERESOLVCONF=restore_resolvconf_resolvd
+ else # Generic for any OS
+       MODIFYRESOLVCONF=modify_resolvconf_generic
+       RESTORERESOLVCONF=restore_resolvconf_generic
+@@ -768,6 +771,16 @@ restore_resolvconf_unbound() {
+               /usr/sbin/unbound-control flush_zone ${CISCO_DEF_DOMAIN}
+               /usr/sbin/unbound-control flush_requestlist
+       fi
++}
++
++# === resolv.conf handling via resolvd =========
++
++modify_resolvconf_resolvd() {
++      /sbin/route nameserver $TUNDEV $INTERNAL_IP4_DNS $INTERNAL_IP6_DNS
++}
++
++restore_resolvconf_resolvd() {
++      /sbin/route nameserver $TUNDEV
+ }
+ 
+ # ========= Toplevel state handling  =======================================

Reply via email to