AnyConnect clients expect a different verb (X-CSTP-DNS-IP6) for passing IPv6 DNS addresses.

Signed-off-by: Leendert van Doorn <leendert@paramecium.org>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

NEWS

@@ -1,3 +1,7 @@
+* Version 0.12.6 (unreleased)
+- Improved IPv6 support for anyconnect clients. Patch by Leendert van Doorn.
+
+
 * Version 0.12.5 (released 2019-10-16)
 - Fixed issue with FreeBSD tun devices closing (#213).
 - Added configuration option udp-listen-host. This option supports different

src/worker-vpn.c

@@ -1990,9 +1990,18 @@ static int connect_handler(worker_st * ws)
 			continue;
 
 		oclog(ws, LOG_INFO, "adding DNS %s", ws->user_config->dns[i]);
-		ret =
-		    cstp_printf(ws, "X-CSTP-DNS: %s\r\n",
-			       ws->user_config->dns[i]);
+		if (req->user_agent_type == AGENT_ANYCONNECT) {
+			ret =
+			    cstp_printf(ws, "X-CSTP-%s: %s\r\n",
+				       ip6 ? "DNS-IP6" : "DNS",
+				       ws->user_config->dns[i]);
+		} else { /* openconnect does not require the split
+			  * of DNS and DNS-IP6 and only recent versions
+			  * understand the IP6 variant. */
+			ret =
+			    cstp_printf(ws, "X-CSTP-DNS: %s\r\n",
+				        ws->user_config->dns[i]);
+		}
 		SEND_ERR(ret);
 	}