# https://github.com/russdill/juniper-vpn-py/blame/master/README.host_checker):
#
# TNCC_DEVICE_ID: May need to be overriden to match a known value from a computer
-# running the official Windows client software (obtained from the registry key
+# running the official client software (on Windows, obtained from the registry key
# \HKEY_CURRENT_USER\Software\Juniper Networks\Device Id)
#
+# TNCC_USER_AGENT: May need to be overriden to match a known value from a computer
+# running the official Windows client software. For historical reasons, the default
+# value is 'Neoteris NC Http'; the value 'DSClient; PulseLinux' is known to be sent
+# by the official Pulse Linux client.
+#
# TNCC_FUNK: Set TNCC_FUNK=1 to force the use of client machine identification
# (known as "funk" to Juniper). This identification will include host platform,
# a list of network hardware/MAC addresses, and client certificates requested
self.subject = self.decode_names(tbs['subject'])
class tncc(object):
- def __init__(self, vpn_host, device_id=None, funk=None, platform=None, hostname=None, mac_addrs=[], certs=[], interval=None):
+ def __init__(self, vpn_host, device_id=None, funk=None, platform=None, hostname=None, mac_addrs=[], certs=[], interval=None, user_agent=None):
self.vpn_host = vpn_host
self.path = '/dana-na/'
self.br.set_debug_redirects(True)
self.br.set_debug_responses(True)
- self.user_agent = 'Neoteris HC Http'
+ self.user_agent = user_agent
self.br.addheaders = [('User-agent', self.user_agent)]
def find_cookie(self, name):
platform = os.environ.get('TNCC_PLATFORM', platform.system() + ' ' + platform.release())
+ user_agent = os.environ.get('TNCC_USER_AGENT', 'Neoteris HC Http')
+
if 'TNCC_HWADDR' in os.environ:
mac_addrs = [n.strip() for n in os.environ['TNCC_HWADDR'].split(',')]
else:
# \HKEY_CURRENT_USER\Software\Juniper Networks\Device Id
device_id = os.environ.get('TNCC_DEVICE_ID')
- t = tncc(vpn_host, device_id, funk, platform, hostname, mac_addrs, certs, interval)
+ t = tncc(vpn_host, device_id, funk, platform, hostname, mac_addrs, certs, interval, user_agent)
sock = socket.fromfd(0, socket.AF_UNIX, socket.SOCK_SEQPACKET)
server = tncc_server(sock, t)
while True:
<li><p><tt>tncc-emulate.py</tt>: This Python 3.x script does <b>not</b> actually run the <tt>tncc.jar</tt> binary.
Instead, it <i>emulates</i> the behaviour of the <tt>tncc.jar</tt> binary, rather than actually
executing it. Because this script does not actually execute a server-provided binary, security concerns are greatly
- alleviated. However, it may require customization to work with VPNs that have modified
- the behaviour of their Host Checker binaries in some way; consult its source code for details.</p>
+ alleviated.</p>
+
+ <p>It may require configuration or customization to work with VPNs that have modified
+ the behaviour of their Host Checker binaries in some way; consult its source code for details, starting with the
+ list of environment variables that may be set to overriden some of the data that it sends to the server.</p>
<p>This script is based entirely on <a href="https://github.com/russdill/juniper-vpn-py"><tt>tncc.py</tt>
from russdill/juniper-vpn-py on GitHub</a>.)</p></li>
projects / users / dwmw2 / openconnect.git / commitdiff