From 4dd812541fe52a9318f3dd664d8947ffe17d3704 Mon Sep 17 00:00:00 2001
From: Hackintosh Five <git@hack5.dev>
Date: Mon, 7 Aug 2023 13:41:07 +0100
Subject: [PATCH] wait for cookie over side-channel

---
 Dockerfile           |  3 ++-
 docker-entrypoint.sh | 18 +++++++++++++++++-
 2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index c8037f7..0838645 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,11 +7,12 @@ COPY src /app/src/src/
 RUN mkdir -p /app/build && cd /app/build && cmake /app/src && make && mv tcpproxy ..
 
 FROM debian:bookworm-slim
-RUN apt-get update && apt-get install -y --no-install-recommends openconnect libevent-core-2.1-7 && rm -rf /var/cache/apt/archives /var/lib/apt/lists/*
+RUN apt-get update && apt-get install -y --no-install-recommends openconnect libevent-core-2.1-7 netcat-traditional && rm -rf /var/cache/apt/archives /var/lib/apt/lists/*
 COPY --from=builder /app/tcpproxy /app/
 COPY --from=builder /app/src/NOTICE /app/
 COPY --from=builder /app/src/lwip/COPYING /app/
 COPY docker-entrypoint.sh /app/
 EXPOSE 1234
+EXPOSE 1235
 USER nobody
 ENTRYPOINT ["/app/docker-entrypoint.sh"]
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index d581d63..9e82745 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -1,2 +1,18 @@
 #!/bin/bash
-exec openconnect --script-tun --script "/app/tcpproxy -g -L 1234:$HOST" "$@"
+action="$1"
+shift
+case "$action" in
+"connect")
+    echo "Waiting for cookie on tcp:1235..."
+    cookie="$(netcat -l -p 1235)"
+    echo "Got cookie! Connecting..."
+    exec openconnect --script-tun --script "/app/tcpproxy -g -L 1234:$HOST" --non-inter --cookie="$cookie" --disable-ipv6 "$@"
+    ;;
+"authenticate")
+    exec openconnect --cookieonly "$@"
+    ;;
+*)
+    echo "Unknown action $action"
+    exit 1
+    ;;
+esac