diff --git a/README.md b/README.md index f5fff6ba74030e5a1db31e612650c2424d252dfa..cc1bce825647b883451c90ad7a9382cc3f4bc7aa 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,8 @@ Examples port = 8443 username = foo password = bar + set-dns = 0 + set-routes = 0 # X509 certificate sha256 sum, trust only this one! trusted-cert = e46d4aff08ba6914e64daa85bc6112a422fa7ce16631bff0b592a28556f993db ``` diff --git a/doc/openfortivpn.1 b/doc/openfortivpn.1 index 26305a24486b9e7bb5facda5a72bb473b99440f3..4b78df8cf735461643ab068275dfc899fd9dd62c 100644 --- a/doc/openfortivpn.1 +++ b/doc/openfortivpn.1 @@ -104,3 +104,7 @@ password = bar trusted-cert = certificatedigest4daa8c5fe6c... .br trusted-cert = othercertificatedigest6631bf... +.br +set-dns = 1 +.br +set-routes = 1 diff --git a/src/config.c b/src/config.c index 11eb5f77d17173a3b9438c5d73b56b6d91ccac45..ff7977ff4fb08599d9f7fc122f7078738d805efa 100644 --- a/src/config.c +++ b/src/config.c @@ -18,6 +18,8 @@ #include <stdio.h> #include <stdlib.h> #include <sys/stat.h> +#include <string.h> +#include <ctype.h> #include "config.h" #include "log.h" @@ -47,6 +49,31 @@ int add_trusted_cert(struct vpn_config *cfg, const char *digest) return 0; } +/* + * Converts string to bool int + * + * @params[in] str the string to read from + * @return 0 or 1 if successful, < 0 if unrecognized value + */ +static int strtob(const char* str) +{ + if (str[0] == '\0') { + return 0; + } else if (strcasecmp(str, "true") == 0) { + return 1; + } else if (strcasecmp(str, "false") == 0) { + return 0; + } else if (isdigit(str[0]) == 0) { + return -1; + } + + long int i = strtol(str, NULL, 0); + if (i < 0 || i > 1) { + return -1; + } + return i; +} + /* * Reads filename contents and fill cfg with its values. * @@ -143,6 +170,22 @@ int load_config(struct vpn_config *cfg, const char *filename) } else if (strcmp(key, "password") == 0) { strncpy(cfg->password, val, FIELD_SIZE - 1); cfg->password[FIELD_SIZE] = '\0'; + } else if (strcmp(key, "set-dns") == 0) { + int set_dns = strtob(val); + if (set_dns < 0) { + log_warn("Bad set-dns in config file: \"%s\".\n", + val); + continue; + } + cfg->set_dns = set_dns; + } else if (strcmp(key, "set-routes") == 0) { + int set_routes = strtob(val); + if (set_routes < 0) { + log_warn("Bad set-routes in config file: \"%s\".\n", + val); + continue; + } + cfg->set_routes = set_routes; } else if (strcmp(key, "trusted-cert") == 0) { if (strlen(val) != SHA256STRLEN - 1) { log_warn("Bad certificate sha256 digest in "