You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

72 lines
2.1 KiB

11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
  1. #!/bin/sh
  2. . /lib/functions.sh
  3. . ../netifd-proto.sh
  4. init_proto "$@"
  5. proto_openconnect_init_config() {
  6. proto_config_add_string "server"
  7. proto_config_add_int "port"
  8. proto_config_add_string "username"
  9. proto_config_add_string "serverhash"
  10. proto_config_add_string "authgroup"
  11. proto_config_add_string "password"
  12. no_device=1
  13. available=1
  14. }
  15. proto_openconnect_setup() {
  16. local config="$1"
  17. json_get_vars server port username serverhash authgroup password vgroup
  18. grep -q tun /proc/modules || insmod tun
  19. logger -t openconnect "initializing..."
  20. serv_addr=
  21. for ip in $(resolveip -t 10 "$server"); do
  22. ( proto_add_host_dependency "$config" "$ip" )
  23. serv_addr=1
  24. done
  25. [ -n "$serv_addr" ] || {
  26. logger -t openconnect "Could not resolve server address: '$server'"
  27. sleep 20
  28. proto_setup_failed "$config"
  29. exit 1
  30. }
  31. [ -n "$port" ] && port=":$port"
  32. cmdline="$server$port -i vpn-$config --non-inter --syslog --script /lib/netifd/vpnc-script"
  33. [ -f /etc/openconnect/ca-vpn-$config.pem ] && append cmdline "--cafile /etc/openconnect/ca-vpn-$config.pem"
  34. [ -f /etc/openconnect/user-cert-vpn-$config.pem ] && append cmdline "-c /etc/openconnect/user-cert-vpn-$config.pem"
  35. [ -f /etc/openconnect/user-key-vpn-$config.pem ] && append cmdline "--sslkey /etc/openconnect/user-key-vpn-$config.pem"
  36. [ -n "$serverhash" ] && append cmdline "--servercert=$serverhash"
  37. [ -n "$authgroup" ] && append cmdline "--authgroup $authgroup"
  38. [ -n "$username" ] && append cmdline "-u $username"
  39. [ -n "$password" ] && {
  40. umask 077
  41. pwfile="/var/run/openconnect-$config.passwd"
  42. echo "$password" > "$pwfile"
  43. append cmdline "--passwd-on-stdin"
  44. }
  45. proto_export INTERFACE="$config"
  46. logger -t openconnect "executing 'openconnect $cmdline'"
  47. if [ -f "$pwfile" ];then
  48. proto_run_command "$config" /usr/sbin/openconnect $cmdline <$pwfile
  49. else
  50. proto_run_command "$config" /usr/sbin/openconnect $cmdline
  51. fi
  52. }
  53. proto_openconnect_teardown() {
  54. pwfile="/var/run/openconnect-$config.passwd"
  55. rm -f $pwfile
  56. logger -t openconnect "bringing down openconnect"
  57. proto_kill_command "$config"
  58. }
  59. add_protocol openconnect