On Thu, 2016-09-15 at 00:55 +0000, Vincent Fortier wrote:
> I've been trying to figure out how to pass the --os option to
> openconnect
> using NM.
>
> I believe it may no be implemented as I didn't saw any reference to
> it in
> the code (I'm not a coder so I may have missed it?).
>
> It seem I'm not the first looking for that:
> http://lists.infradead.org/pipermail/openconnect-devel/2013-September
> /001204.html
I don't think that's implemented in the VPN plugin at the moment, but
it's not too hard to add new options. Best would be a list of known OS
fingerprints that the user could select, since then we don't have to
deal with sanitizing random user input that then gets passed on the
command-line.
Dan
This should be fairly easy as only certain values are expected. Here is the man page section:
--os=STRING
OS type to report to gateway. Recognized values are: linux, linux-64, win, mac-intel, android, apple-ios. Reporting a different OS type may affect the dynamic access policy (DAP) applied to the VPN session. If the gateway requires CSD, it will also cause the corresponding CSD trojan binary to be downloaded, so you may need to use --csd-wrapper if this code is not executable on the local machine.
- vin
