diff --git a/doc/sample.config b/doc/sample.config index 4ad7cc2e..062e556f 100644 --- a/doc/sample.config +++ b/doc/sample.config @@ -198,7 +198,7 @@ dpd = 90 # be higher to prevent such clients being awaken too # often by the DPD messages, and save battery. # The mobile clients are distinguished from the header -# 'X-AnyConnect-Identifier-DeviceType'. +# 'X-AnyConnect-Identifier-Platform'. mobile-dpd = 1800 # MTU discovery (DPD must be enabled) diff --git a/src/http-heads.gperf b/src/http-heads.gperf index f7196a59..10773937 100644 --- a/src/http-heads.gperf +++ b/src/http-heads.gperf @@ -18,5 +18,6 @@ X-CSTP-Address-Type, HEADER_CSTP_ATYPE X-CSTP-Hostname, HEADER_HOSTNAME X-CSTP-Full-IPv6-Capability, HEADER_FULL_IPV6 X-AnyConnect-Identifier-DeviceType, HEADER_DEVICE_TYPE +X-AnyConnect-Identifier-Platform, HEADER_PLATFORM X-Support-HTTP-Auth, HEADER_SUPPORT_SPNEGO Authorization, HEADER_AUTHORIZATION diff --git a/src/ipc.proto b/src/ipc.proto index 77e26dcf..423360a6 100644 --- a/src/ipc.proto +++ b/src/ipc.proto @@ -160,6 +160,7 @@ message session_info_msg optional bytes remote_addr = 7; optional string hostname = 8; + optional string device_type = 9; } /* WORKER_BAN_IP: sent from worker to main */ diff --git a/src/main-worker-cmd.c b/src/main-worker-cmd.c index 4e06d049..f6b99105 100644 --- a/src/main-worker-cmd.c +++ b/src/main-worker-cmd.c @@ -360,9 +360,14 @@ int handle_worker_commands(main_server_st * s, struct proc_st *proc) if (tmsg->dtls_compr) strlcpy(proc->dtls_compr, tmsg->dtls_compr, sizeof(proc->dtls_compr)); - if (tmsg->user_agent) + + if (tmsg->user_agent && tmsg->device_type == NULL) strlcpy(proc->user_agent, tmsg->user_agent, sizeof(proc->user_agent)); + else if (tmsg->user_agent && tmsg->device_type) + snprintf(proc->user_agent, sizeof(proc->user_agent), "%s / %s", + tmsg->user_agent, tmsg->device_type); + if (tmsg->hostname) { strlcpy(proc->hostname, tmsg->hostname, sizeof(proc->hostname)); diff --git a/src/ocserv-args.def b/src/ocserv-args.def index f6447326..285cd2b1 100644 --- a/src/ocserv-args.def +++ b/src/ocserv-args.def @@ -294,7 +294,7 @@ dpd = 90 # be higher to prevent such clients being awaken too # often by the DPD messages, and save battery. # The mobile clients are distinguished from the header -# 'X-AnyConnect-Identifier-DeviceType'. +# 'X-AnyConnect-Identifier-Platform'. mobile-dpd = 1800 # MTU discovery (DPD must be enabled) diff --git a/src/vpn.h b/src/vpn.h index 9ec1de70..e14391c9 100644 --- a/src/vpn.h +++ b/src/vpn.h @@ -400,7 +400,7 @@ struct main_server_st; #define MAX_BANNER_SIZE 256 #define MAX_USERNAME_SIZE 64 -#define MAX_AGENT_NAME 48 +#define MAX_AGENT_NAME 64 #define MAX_PASSWORD_SIZE 64 #define TLS_MASTER_SIZE 48 #define MAX_HOSTNAME_SIZE MAX_USERNAME_SIZE diff --git a/src/worker-http.c b/src/worker-http.c index d5f6b4c5..6fbb8c65 100644 --- a/src/worker-http.c +++ b/src/worker-http.c @@ -231,7 +231,27 @@ void header_value_check(struct worker_st *ws, struct http_req_st *req) break; case HEADER_DEVICE_TYPE: - req->is_mobile = 1; + if (value_length + 1 > sizeof(req->devtype)) { + req->devtype[0] = 0; + goto cleanup; + } + memcpy(req->devtype, value, value_length); + req->devtype[value_length] = 0; + + oclog(ws, LOG_DEBUG, + "Device-type: '%s'", value); + break; + case HEADER_PLATFORM: + if (strncasecmp(value, "apple-ios", 9) == 0 || + strncasecmp(value, "android", 7) == 0) { + + oclog(ws, LOG_DEBUG, + "Platform: '%s' (mobile)", value); + req->is_mobile = 1; + } else { + oclog(ws, LOG_DEBUG, + "Platform: '%s'", value); + } break; case HEADER_SUPPORT_SPNEGO: ws_switch_auth_to(ws, AUTH_TYPE_GSSAPI); diff --git a/src/worker-vpn.c b/src/worker-vpn.c index 1327d2bb..5bb1e6f4 100644 --- a/src/worker-vpn.c +++ b/src/worker-vpn.c @@ -754,6 +754,10 @@ void session_info_send(worker_st * ws) msg.user_agent = ws->req.user_agent; } + if (ws->req.devtype[0] != 0) { + msg.device_type = ws->req.devtype; + } + if (ws->req.hostname[0] != 0) { msg.hostname = ws->req.hostname; } diff --git a/src/worker.h b/src/worker.h index 143d6570..b45f7430 100644 --- a/src/worker.h +++ b/src/worker.h @@ -54,6 +54,7 @@ enum { HEADER_CSTP_BASE_MTU, HEADER_CSTP_ATYPE, HEADER_DEVICE_TYPE, + HEADER_PLATFORM, HEADER_DTLS_CIPHERSUITE, HEADER_CONNECTION, HEADER_FULL_IPV6, @@ -119,6 +120,7 @@ struct http_req_st { str_st value; unsigned int header_state; + char devtype[MAX_AGENT_NAME]; /* Device-Type */ char hostname[MAX_HOSTNAME_SIZE]; char user_agent[MAX_AGENT_NAME]; unsigned user_agent_type;