Package Details: openfortivpn 1.9.0-1

Git Clone URL: https://aur.archlinux.org/openfortivpn.git (read-only)
Package Base: openfortivpn
Description: An open implementation of Fortinet's proprietary PPP+SSL VPN solution
Upstream URL: https://github.com/adrienverge/openfortivpn
Licenses: GPL3
Submitter: patrickh
Maintainer: patrickh (macfly)
Last Packager: patrickh
Votes: 29
Popularity: 3.398195
First Submitted: 2016-01-22 21:46
Last Updated: 2019-03-27 09:30

Latest Comments

1 2 Next › Last »

mjiricka commented on 2019-02-11 22:04

Hello patrickh,

thank you for reminding me about the prerequisites! I somewhat missed them. I have installed the group already.

And thank you for maintaining the package! It helped me a lot.

patrickh commented on 2019-02-04 19:19

Hi mjiricka!

I completely agree it can be quite annoying when dependencies are missing!

But in this case, as far as I can see, the tools you refer to are all part of the "base-devel" group. According to https://wiki.archlinux.org/index.php/Arch_User_Repository#Prerequisites AUR packages assume the base-devel group is already installed. Therefor I do not include the build dependencies that you mentioned in the PKGBUILD file. I hope you understand, sorry for your trouble!

mjiricka commented on 2019-02-04 00:02

It would be great to add also build dependencies, I had to install them one by one, which was tedious. I missed these: patch aclocal automake autoconf pkg-config make.

bayone commented on 2019-01-08 10:33

Please upgrade the package to 1.8.1 release which should resolve the issue with the networkmanager-fortisslvpn plug-in.

djres commented on 2018-12-14 06:40

Does anyone have systemd unit for this?

navarroaxel commented on 2018-11-13 16:56

If openfortivpn stops working after upgrade from kernel v4.18.16 to v4.19.1 with this message:

INFO:   Connected to gateway.
INFO:   Authenticated.
INFO:   Remote gateway has allocated a VPN.
INFO:   Cancelling threads...
ERROR:  pppd: terminated by signal: Hangup
INFO:   Terminated pppd.
INFO:   Closed connection to gateway.
INFO:   Logged out.

The solution is just reinstall the package (including re-compiling) and it works again!

patrickh commented on 2018-03-30 17:01

Perfect, thank you!

macfly commented on 2018-03-30 16:30

No problems, it's done, can you check if it's ok for you ?

patrickh commented on 2018-03-30 16:11

Hi macfly!

Tried to implement your patch, but unfortunately it fails:

patching file src/http.c
Hunk #1 FAILED at 155.
Hunk #2 FAILED at 481.
Hunk #3 FAILED at 511.
Hunk #4 FAILED at 534.
4 out of 4 hunks FAILED -- saving rejects to file src/http.c.rej

And http.c.rej includes the patch file content. I guess I'm a bit too unexperienced ;-)

My suggestion: try to apply it yourself. I have added you as co-maintainer. Maybe you are more successful. I hope, you don't mind!

macfly commented on 2018-03-30 13:26

Hello,

I'm using openfortivpn and networkmanager-fortisslvpn with 2FA for the moment openfortivp,n doesn't support to provide 2FA in config so it's not possible to make it work with network-manger. There is a merge in progress and discussion about it upstream (https://github.com/adrienverge/openfortivpn/pull/255) but until they fix it do you think you can add that patch into the package ?

I'm giving you the change to do:

patch file use-otp-for-2fa.patch:

--- src/http.c  2018-03-30 20:06:27.834717998 +0700
+++ src/http.c.new  2018-03-30 20:07:07.524800224 +0700
@@ -155,8 +155,8 @@
            }

            if (header_size) {
-               /* We saw the whole header, let's check if the
-                * body is done as well */
+               /* We saw the whole header, */
+               /* let's check if the body is done as well */
                if (chunked) {
                    /* Last chunk terminator. Done naively. */
                    if (bytes_read >= 7 &&
@@ -481,7 +481,7 @@
    char reqid[32] = { '\0' };
    char polid[32] = { '\0' };
    char group[128] = { '\0' };
-   char data[256], token[128], tokenresponse[256];
+   char data[256], token[128];
    char *res = NULL;

    url_encode(username, tunnel->config->username);
@@ -511,6 +511,8 @@
    }
    ret = get_auth_cookie(tunnel, res);
    if (ret == ERR_HTTP_NO_COOKIE) {
+       struct vpn_config *cfg = tunnel->config;
+
        /* If the response body includes a tokeninfo= parameter,
         * it means the VPN gateway expects two-factor authentication.
         * It sends a one-time authentication credential for example
@@ -534,11 +536,18 @@
        get_value_from_response(res, "reqid=", reqid, 32);
        get_value_from_response(res, "polid=", polid, 32);

-       read_password("Two-factor authentication token: ", tokenresponse, 255);
+       if (cfg->otp[0] == '\0') {
+           read_password("Two-factor authentication token: ",
+                         cfg->otp, FIELD_SIZE);
+           if (cfg->otp[0] == '\0') {
+               log_error("No token specified\n");
+               return 0;
+           }
+       }

        snprintf(data, 256, "username=%s&realm=%s&reqid=%s&polid=%s&grp=%s"
                 "&code=%s&code2=&redir=%%2Fremote%%2Findex&just_logged_in=1",
-                username, realm, reqid, polid, group, tokenresponse);
+                username, realm, reqid, polid, group, cfg->otp);

        ret = http_request(tunnel, "POST", "/remote/logincheck", data, &res);
        if (ret != 1)

PKGBUILD diff:

diff --git a/PKGBUILD b/PKGBUILD
index b01533c..2c169be 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Patrick Hanft <mail@patrick-hanft.de>
 pkgname=openfortivpn
 pkgver=1.6.0
-pkgrel=1
+pkgrel=2
 pkgdesc="An open implementation of Fortinet's proprietary PPP+SSL VPN solution"
 arch=('i686' 'x86_64')
 url="https://github.com/adrienverge/openfortivpn"
@@ -15,14 +15,16 @@ replaces=()
 backup=('etc/openfortivpn/config')
 options=()
 install=
-source=("git+https://github.com/adrienverge/$pkgname.git#tag=v$pkgver" "allow-no-unused-functions.patch")
+source=("git+https://github.com/adrienverge/$pkgname.git#tag=v$pkgver" "allow-no-unused-functions.patch" "use-otp-for-2fa.patch")
 noextract=()
 md5sums=('SKIP'
-         'cb2d5a8b3f799ec3d0267722f0a0206b')
+         'cb2d5a8b3f799ec3d0267722f0a0206b'
+        '039b464ef44a7c9e13130f938e5fc255')

 prepare() {
  cd "$srcdir/$pkgname"
  patch -Np0 -i "${srcdir}/allow-no-unused-functions.patch"
+ patch -Np0 -i "${srcdir}/use-otp-for-2fa.patch"
 }

 build() {

Thanks, Macfly