From 3cacd99d9e48a98edd792c289fb9990a049d3340 Mon Sep 17 00:00:00 2001
From: Daniel Lenski <dlenski@gmail.com>
Date: Thu, 4 Feb 2021 11:31:20 -0800
Subject: [PATCH] Fortinet: server rejects asyncmap and header compression
 options

This appears to be a "feature" of all Fortinet servers, not just the one I have
access to. Openfortivpn calls pppd with the 'noaccomp nopfcomp default-asyncmap'
options: https://github.com/adrienverge/openfortivpn/blob/ba44ce1/src/tunnel.c#L233-L245

We should avoid offering these options to save an unnecessary round-trip in the
LCP stage of PPP configuration.

Don't blame me. I didn't design this.

For that matter, we don't need to include the asyncmap option with *any*
encapsulation that doesn't use HDLC.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
---
 ppp.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/ppp.c b/ppp.c
index c9f7b4f1..ec7a8805 100644
--- a/ppp.c
+++ b/ppp.c
@@ -249,6 +249,8 @@ int openconnect_ppp_new(struct openconnect_info *vpninfo,
 		break;
 
 	case PPP_ENCAP_FORTINET:
+		/* XX: Fortinet server rejects asyncmap and header compression. Don't blame me. */
+		ppp->out_lcp_opts &= ~(BIT_PFCOMP | BIT_ACCOMP);
 		ppp->encap_len = 6;
 		ppp->check_http_response = 1;
 		break;
-- 
2.49.0