From 5803604870614c1e3f425638c7ec958c7b8f384c Mon Sep 17 00:00:00 2001 From: Daniel Lenski Date: Tue, 9 Feb 2021 21:41:18 -0800 Subject: [PATCH] official Forticlient doesn't 'GET /remote/index', so let's not Signed-off-by: Daniel Lenski --- fortinet.c | 24 ++---------------------- 1 file changed, 2 insertions(+), 22 deletions(-) diff --git a/fortinet.c b/fortinet.c index 8b9dd9fe..66a5bfc6 100644 --- a/fortinet.c +++ b/fortinet.c @@ -395,27 +395,7 @@ int fortinet_connect(struct openconnect_info *vpninfo) reqbuf = buf_alloc(); - /* Request VPN allocation - * - * XXX: Should this be done on every reconnect, or should it have - * been part of fortinet_obtain_cookie(). For the moment while - * we're letting the auth happen externally for now, let's do it - * here... - */ - free(vpninfo->urlpath); - vpninfo->urlpath = strdup("remote/index"); - ret = do_https_request(vpninfo, "GET", NULL, NULL, &res_buf, 0); - /* XXX: 401/403 is apparently normal and can be ignored (further - * evidence that this is vestigial, or at least not necessary for - * reconnect. - */ - if (ret < 0 && ret != -EPERM) - goto out; - /* We don't care what it returned */ - free(res_buf); - res_buf = NULL; - - /* XXX: Why was auth_request_vpn_allocation() doing this anyway? + /* XXX: Why do Forticlient and Openfortivpn do this anyway? * It's fetching the legacy non-XML configuration, isn't it? * Do we *actually* have to do this, before fetching the XML config? */ @@ -435,7 +415,7 @@ int fortinet_connect(struct openconnect_info *vpninfo) if (ret < 0) { if (ret == -EPERM) vpn_progress(vpninfo, PRG_ERR, - _("Server doesn't support XML config format, only ancient HTML. Not currently implemented.\n")); + _("Server doesn't support XML config format. Ancient HTML format is not currently implemented.\n")); goto out; } -- 2.50.1