add secure_cookie protocol field to suppress other protocols' cookies from --dump...

Signed-off-by: Daniel Lenski <dlenski@gmail.com>

diff --git a/http.c b/http.c
index 55d6d9382e728c60a2e524449b163d9b09b1e224..a09d5d793fa5ed5a97e61475d5f64c769f1d050a 100644 (file)
--- a/http.c
+++ b/http.c
@@ -545,7 +545,7 @@ int process_http_response(struct openconnect_info *vpninfo, int connect,
                        print_equals = equals;
                        /* Don't print the webvpn cookie unless it's empty; we don't
                           want people posting it in public with debugging output */
-                       if (!strcmp(colon, "webvpn") && *equals)
+                       if (vpninfo->proto->secure_cookie && !strcmp(colon, vpninfo->proto->secure_cookie) && *equals)
                                print_equals = _("<elided>");
                        vpn_progress(vpninfo, PRG_DEBUG, "%s: %s=%s%s%s\n",
                                hdrline, colon, print_equals, semicolon ? ";" : "",

diff --git a/library.c b/library.c
index e771cd52ad8b4defd3101d06240027e901080811..b988ad4ca5c1c399a0edb25fb3822ea359453e9c 100644 (file)
--- a/library.c
+++ b/library.c
@@ -121,6 +121,7 @@ static const struct vpn_proto openconnect_protos[] = {
                .tcp_mainloop = cstp_mainloop,
                .add_http_headers = cstp_common_headers,
                .obtain_cookie = cstp_obtain_cookie,
+               .secure_cookie = "webvpn",
                .udp_protocol = "DTLS",
 #ifdef HAVE_DTLS
                .udp_setup = dtls_setup,
@@ -138,6 +139,7 @@ static const struct vpn_proto openconnect_protos[] = {
                .tcp_mainloop = oncp_mainloop,
                .add_http_headers = oncp_common_headers,
                .obtain_cookie = oncp_obtain_cookie,
+               .secure_cookie = "DSID",
                .udp_protocol = "ESP",
 #ifdef HAVE_ESP
                .udp_setup = esp_setup,
@@ -205,6 +207,7 @@ static const struct vpn_proto openconnect_protos[] = {
                .tcp_mainloop = ppp_mainloop,
                .add_http_headers = http_common_headers,
                .obtain_cookie = f5_obtain_cookie,
+               .secure_cookie = "MRHSession",
                .udp_protocol = "DTLS",
 #ifdef HAVE_DTLSx /* Not yet... */
                .udp_setup = esp_setup,
@@ -224,6 +227,7 @@ static const struct vpn_proto openconnect_protos[] = {
                .tcp_mainloop = ppp_mainloop,
                .add_http_headers = http_common_headers,
                .obtain_cookie = fortinet_obtain_cookie,
+               .secure_cookie = "SVPNCOOKIE",
                .udp_protocol = "DTLS",
 #ifdef HAVE_DTLSx /* Not yet... */
                .udp_setup = esp_setup,

diff --git a/openconnect-internal.h b/openconnect-internal.h
index 35bf7c1b6032d316bd6174001d7a56fb3744655a..dbf57b59af8fe9e5ed522fc8da780255e7178dab 100644 (file)
--- a/openconnect-internal.h
+++ b/openconnect-internal.h
@@ -278,6 +278,7 @@ struct vpn_proto {
        const char *name;
        const char *pretty_name;
        const char *description;
+       const char *secure_cookie;
        const char *udp_protocol;
        unsigned int flags;
        int (*vpn_close_session)(struct openconnect_info *vpninfo, const char *reason);