Browse Source

openfortivpn: add package

An open implementation of Fortinet's proprietary PPP+SSL VPN solution

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
lilik-openwrt-22.03
Lucian Cristian 6 years ago
parent
commit
559afd02c6
3 changed files with 153 additions and 0 deletions
  1. +66
    -0
      net/openfortivpn/Makefile
  2. +12
    -0
      net/openfortivpn/files/openfortivpn.config
  3. +75
    -0
      net/openfortivpn/files/openfortivpn.init

+ 66
- 0
net/openfortivpn/Makefile View File

@ -0,0 +1,66 @@
#
# Copyright (C) 2019 - Lucian Cristian <lucian.cristian@gmail.com>
#
# This is free software, licensed under the GNU General Public License v3.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=openfortivpn
PKG_VERSION:=1.10.0
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://codeload.github.com/adrienverge/openfortivpn/tar.gz/v$(PKG_VERSION)?
PKG_HASH:=d6ea0c84c0cf811530073fa19865334bb42ab10a780157fe95c4efb3476ad58d
PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com>
PKG_LICENSE:=GPL-3.0-or-later OpenSSL
PKG_LICENSE_FILES:=LICENSE LICENSE.OpenSSL
PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1
PKG_FIXUP:=autoreconf
include $(INCLUDE_DIR)/package.mk
define Package/openfortivpn
SUBMENU:=VPN
SECTION:=net
CATEGORY:=Network
TITLE:=Fortinet SSL VPN client
URL:=https://github.com/adrienverge/openfortivpn
DEPENDS:=+ppp +libopenssl
endef
define Package/openfortivpn/description
An open implementation of Fortinet's proprietary PPP+SSL VPN solution
It spawns a pppd process and operates the communication between the gateway and this process.
It is compatible with Fortinet VPNs.
endef
CONFIGURE_ARGS += \
--enable-proc \
--with-rt_dst="yes" \
--with-pppd="/usr/sbin/pppd"
TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
define Package/openfortivpn/conffiles
/etc/config/openfortivpn
endef
define Package/openfortivpn/install
$(INSTALL_DIR) \
$(1)/usr/sbin \
$(1)/etc/config \
$(1)/etc/init.d
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/openfortivpn $(1)/usr/sbin/
$(INSTALL_DATA) ./files/openfortivpn.config $(1)/etc/config/openfortivpn
$(INSTALL_BIN) ./files/openfortivpn.init $(1)/etc/init.d/openfortivpn
endef
$(eval $(call BuildPackage,openfortivpn))

+ 12
- 0
net/openfortivpn/files/openfortivpn.config View File

@ -0,0 +1,12 @@
config service 'openfortivpn'
option 'enabled' '0'
option 'host' 'vpn-gateway'
option 'port' '10443'
option 'set_routes' '0'
option 'set_dns' '0'
option 'pppd_use_peerdns' '0'
option 'username' 'foo'
option 'password' 'bar'
config 'certs'
# example X509 certificate sha256 sum, trust only defined one(s)!
option 'trusted_cert' 'e46d4aff08ba6914e64daa85bc6112a422fa7ce16631bff0b592a28556f993db'

+ 75
- 0
net/openfortivpn/files/openfortivpn.init View File

@ -0,0 +1,75 @@
#!/bin/sh /etc/rc.common
START=99
USE_PROCD=1
BIN=/usr/sbin/openfortivpn
CONFIG=/var/etc/openfortivpn.config
validate_certs_section() {
uci_load_validate openfortivpn certs "$1" "$2" \
'trusted_cert:string'
}
validate_openfortivpn_section() {
uci_load_validate openfortivpn service "$1" "$2" \
'enabled:uinteger' \
'host:string' \
'port:uinteger' \
'username:string' \
'password:string' \
'set_routes:uinteger' \
'set_dns:uinteger' \
'pppd_use_peerdns:uinteger'
}
setup_certs() {
[ "$2" = 0 ] || {
echo "validation failed"
return 1
}
[ -n "$trusted_cert" ] || return 0
echo "trusted-cert = $trusted_cert" >> $CONFIG
}
setup_config() {
[ "$2" = 0 ] || {
echo "validation failed"
return 1
}
[ "$enabled" -eq 0 ] && return 1
mkdir -p /var/etc
echo '# auto-generated config file from /etc/config/openfortivpn' > $CONFIG
[ -n "$host" ] && echo "host = $host" >> $CONFIG
[ -n "$port" ] && echo "port = $port" >> $CONFIG
[ -n "$username" ] && echo "username = $username" >> $CONFIG
[ -n "$password" ] && echo "password = $password" >> $CONFIG
[ -n "$set_routes" ] && echo "set-routes = $set_routes" >> $CONFIG
[ -n "$set_dns" ] && echo "set-dns = $set_dns" >> $CONFIG
[ -n "$pppd_use_peerdns" ] && echo "pppd-use-peerdns = $pppd_use_peerdns" >> $CONFIG
return 0
}
start_service() {
config_load openfortivpn
validate_openfortivpn_section openfortivpn setup_config || return
config_foreach validate_certs_section certs setup_certs
procd_open_instance
procd_set_param stderr 1
procd_set_param command $BIN -c $CONFIG --use-syslog
procd_close_instance
}
service_triggers () {
procd_add_reload_trigger "openfortivpn"
procd_open_validate
validate_openfortivpn_section
validate_certs_section
procd_close_validate
}

Loading…
Cancel
Save