Fortinet: ignore 401/403 response to remote/index request

Openfortivpn ignores the HTTP status code entirely in this request, and
others.  Testing shows that a 403 response here is routine and can be
ignored.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>

diff --git a/fortinet.c b/fortinet.c
index c014fe96fda88e7f9d87a64f4b06f20cf8b57e88..126324e765420d09e98013c94ee85c2db45fd054 100644 (file)
--- a/fortinet.c
+++ b/fortinet.c
@@ -268,9 +268,13 @@ int fortinet_connect(struct openconnect_info *vpninfo)
        free(vpninfo->urlpath);
        vpninfo->urlpath = strdup("remote/index");
        ret = do_https_request(vpninfo, "GET", NULL, NULL, &res_buf, 0);
-       if (ret < 0)
+       /* XXX: 401/403 is apparently normal and can be ignored (further
+        * evidence that this is vestigial, or at least not necessary for
+        * reconnect.
+        */
+       if (ret < 0 && ret != -EPERM)
                goto out;
-       /* We don't care what it returned as long as it was successful */
+       /* We don't care what it returned */
        free(res_buf);
        res_buf = NULL;