]> www.infradead.org Git - users/dwmw2/openconnect.git/commit
projects / users / dwmw2 / openconnect.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: e39b2cc) | patch
Modify `fake-gp-server.py` to add regionalized priority-rules to the gateway list
authorDaniel Lenski <dlenski@gmail.com>
Fri, 29 Sep 2023 20:51:07 +0000 (13:51 -0700)
committerJan-Michael Brummer <jan-michael.brummer1@volkswagen.de>
Tue, 20 Feb 2024 07:23:04 +0000 (08:23 +0100)
commit1c5572a671a168f4c812db524be7b74c7ddb0bc2
tree6cc65d6866b286166858a58cc3969e62f2572824tree
parente39b2cc485c2cf6af399796ab5599ee5cb4b213fcommit | diff
Modify `fake-gp-server.py` to add regionalized priority-rules to the gateway list

The fake GP server will now assign the connecting user to a random planet in
its portal prelogin response, then randomly and haphazardly prioritize the
gateways by planet.

For example, start fake-gp-server.py, then configure it with 3 gateways:

    $ curl -k https://localhost:8080/CONFIGURE -d gateways=Red,Orange,Yellow
    $ curl -k https://localhost:8080/CONFIGURE
    Current configuration of fake GP server configuration:
    TestConfiguration(gateways=['Red', 'Orange', 'Yellow'], ...)

Then attempt to connect to it:

    $ openconnect --protocol=gp --dump-http-traffic localhost:8080
    ...
    Greetings, user from MERCURY. Please login to this fake GP VPN portal
    Username: bar
    Password:
    POST https://localhost:8080/global-protect/getconfig.esp
    ...
    < <?xml version="1.0" encoding="UTF-8" ?>
    < <policy><version> 6.7.8-9 </version><gateways><external><list>
    < <entry name="localhost:8080">
    <   <description>Red</description>
    <   <priority-rule>
    <     <entry name="VENUS"><priority>1</priority></entry>
    <     <entry name="Any"><priority>99</priority></entry>
    <   </priority-rule>
    < </entry>
    < <entry name="localhost:8080">
    <   <description>Orange</description>
    <   <priority-rule>
    <     <entry name="JUPITER"><priority>2</priority></entry>
    <     <entry name="MARS"><priority>1</priority></entry>
    <   </priority-rule>
    < </entry>
    < <entry name="localhost:8080">
    <   <description>Yellow</description>
    <   <priority-rule>
    <     <entry name="MERCURY"><priority>1</priority></entry>
    <     <entry name="EARTH"><priority>2</priority></entry>
    <   </priority-rule>
    < </entry></list>
    < </external></gateways>
    < <hip-collection><hip-report-interval>600</hip-report-interval></hip-collection>
    < </policy>
    Portal reports GlobalProtect version 6.7.8-9; we will report the same client version.
    Portal set HIP report interval to 10 minutes).
    5 gateway servers available:
      Red (localhost:8080) [priority 99]
      Orange (localhost:8080) [unprioritized]
      Yellow (localhost:8080) [priority 1]
    Please select GlobalProtect gateway.
    GATEWAY: [Yellow|Red|Orange]:

Note that the gateways are now presented to the user in the priority order
for the user's "region" of MERCURY.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
tests/fake-gp-server.py diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.