From 0ccef3de8613685702684d1143814ee7896f025b Mon Sep 17 00:00:00 2001
From: Daniel Lenski <dlenski@gmail.com>
Date: Tue, 2 Feb 2021 23:29:14 -0800
Subject: [PATCH] Fortinet: ignore 401/403 response to remote/index request

Openfortivpn ignores the HTTP status code entirely in this request, and
others.  Testing shows that a 403 response here is routine and can be
ignored.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
---
 fortinet.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/fortinet.c b/fortinet.c
index c014fe96..126324e7 100644
--- a/fortinet.c
+++ b/fortinet.c
@@ -268,9 +268,13 @@ int fortinet_connect(struct openconnect_info *vpninfo)
 	free(vpninfo->urlpath);
 	vpninfo->urlpath = strdup("remote/index");
 	ret = do_https_request(vpninfo, "GET", NULL, NULL, &res_buf, 0);
-	if (ret < 0)
+	/* XXX: 401/403 is apparently normal and can be ignored (further
+	 * evidence that this is vestigial, or at least not necessary for
+	 * reconnect.
+	 */
+	if (ret < 0 && ret != -EPERM)
 		goto out;
-	/* We don't care what it returned as long as it was successful */
+	/* We don't care what it returned */
 	free(res_buf);
 	res_buf = NULL;
 
-- 
2.50.1