From 7dd69fe085440a6a21566c41eab6b6b086eb6959 Mon Sep 17 00:00:00 2001
From: Daniel Lenski <dlenski@gmail.com>
Date: Thu, 18 Feb 2021 20:14:00 -0800
Subject: [PATCH] Fortinet: parse <split-dns> domains and DNS servers from
 config

Chimped config containing these settings from
https://github.com/adrienverge/openfortivpn/issues/824#issuecomment-764641406.

This doesn't actually *do* anything with the settings yet.

See https://github.com/dlenski/openconnect/issues/151 and
https://gitlab.com/openconnect/openconnect/-/merge_requests/132 for
discussion about split-DNS.

Signed-off-by: Daniel Lenski <dlenski@gmail.com>
---
 fortinet.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/fortinet.c b/fortinet.c
index 90f2d577..237d2449 100644
--- a/fortinet.c
+++ b/fortinet.c
@@ -261,6 +261,7 @@ static const char *add_option(struct openconnect_info *vpninfo, const char *opt,
   <ipv4>
     <dns ip="1.1.1.1"/>
     <dns ip="8.8.8.8" domain="foo.com"/>
+    <split-dns domains='mydomain1.local,mydomain2.local' dnsserver1='10.10.10.10' dnsserver2='10.10.10.11' />
     <assigned-addr ipv4="172.16.1.1"/>
     <split-tunnel-info>
       <addr ip="10.11.10.10" mask="255.255.255.255"/>
@@ -345,6 +346,18 @@ static int parse_fortinet_xml_config(struct openconnect_info *vpninfo, char *buf
 						vpn_progress(vpninfo, PRG_INFO, _("Got IPv%d DNS server %s\n"), 4, s);
 						if (n_dns < 3) vpninfo->ip_info.dns[n_dns++] = add_option(vpninfo, "DNS", &s);
 					}
+				} else if (xmlnode_is_named(x, "split-dns")) {
+					int ii;
+					if (!xmlnode_get_prop(x, "domains", &s) && s && *s)
+						vpn_progress(vpninfo, PRG_ERR, _("WARNING: Got split-DNS domains %s (not yet implemented)\n"), s);
+					for (ii=1; ii<10; ii++) {
+						char propname[] = "dnsserver0";
+						propname[9] = '0' + ii;
+						if (!xmlnode_get_prop(x, propname, &s) && s && *s)
+							vpn_progress(vpninfo, PRG_ERR, _("WARNING: Got split-DNS server %s (not yet implemented)\n"), s);
+						else
+							break;
+					}
 				} else if (xmlnode_is_named(x, "split-tunnel-info")) {
 					for (x2 = x->children; x2; x2=x2->next) {
 						if (xmlnode_is_named(x2, "addr")) {
-- 
2.49.0