Browse Source
openfortivpn: add package
An open implementation of Fortinet's proprietary PPP+SSL VPN solution Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>lilik-openwrt-22.03
Lucian Cristian
6 years ago
3 changed files with 153 additions and 0 deletions
Unified View
Diff Options
-
+66 -0net/openfortivpn/Makefile
-
+12 -0net/openfortivpn/files/openfortivpn.config
-
+75 -0net/openfortivpn/files/openfortivpn.init
+ 66
- 0
net/openfortivpn/Makefile
View File
| @ -0,0 +1,66 @@ | |||||
| # | |||||
| # Copyright (C) 2019 - Lucian Cristian <lucian.cristian@gmail.com> | |||||
| # | |||||
| # This is free software, licensed under the GNU General Public License v3. | |||||
| # See /LICENSE for more information. | |||||
| # | |||||
| include $(TOPDIR)/rules.mk | |||||
| PKG_NAME:=openfortivpn | |||||
| PKG_VERSION:=1.10.0 | |||||
| PKG_RELEASE:=1 | |||||
| PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz | |||||
| PKG_SOURCE_URL:=https://codeload.github.com/adrienverge/openfortivpn/tar.gz/v$(PKG_VERSION)? | |||||
| PKG_HASH:=d6ea0c84c0cf811530073fa19865334bb42ab10a780157fe95c4efb3476ad58d | |||||
| PKG_MAINTAINER:=Lucian Cristian <lucian.cristian@gmail.com> | |||||
| PKG_LICENSE:=GPL-3.0-or-later OpenSSL | |||||
| PKG_LICENSE_FILES:=LICENSE LICENSE.OpenSSL | |||||
| PKG_BUILD_PARALLEL:=1 | |||||
| PKG_INSTALL:=1 | |||||
| PKG_FIXUP:=autoreconf | |||||
| include $(INCLUDE_DIR)/package.mk | |||||
| define Package/openfortivpn | |||||
| SUBMENU:=VPN | |||||
| SECTION:=net | |||||
| CATEGORY:=Network | |||||
| TITLE:=Fortinet SSL VPN client | |||||
| URL:=https://github.com/adrienverge/openfortivpn | |||||
| DEPENDS:=+ppp +libopenssl | |||||
| endef | |||||
| define Package/openfortivpn/description | |||||
| An open implementation of Fortinet's proprietary PPP+SSL VPN solution | |||||
| It spawns a pppd process and operates the communication between the gateway and this process. | |||||
| It is compatible with Fortinet VPNs. | |||||
| endef | |||||
| CONFIGURE_ARGS += \ | |||||
| --enable-proc \ | |||||
| --with-rt_dst="yes" \ | |||||
| --with-pppd="/usr/sbin/pppd" | |||||
| TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed | |||||
| define Package/openfortivpn/conffiles | |||||
| /etc/config/openfortivpn | |||||
| endef | |||||
| define Package/openfortivpn/install | |||||
| $(INSTALL_DIR) \ | |||||
| $(1)/usr/sbin \ | |||||
| $(1)/etc/config \ | |||||
| $(1)/etc/init.d | |||||
| $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/openfortivpn $(1)/usr/sbin/ | |||||
| $(INSTALL_DATA) ./files/openfortivpn.config $(1)/etc/config/openfortivpn | |||||
| $(INSTALL_BIN) ./files/openfortivpn.init $(1)/etc/init.d/openfortivpn | |||||
| endef | |||||
| $(eval $(call BuildPackage,openfortivpn)) | |||||
+ 12
- 0
net/openfortivpn/files/openfortivpn.config
View File
| @ -0,0 +1,12 @@ | |||||
| config service 'openfortivpn' | |||||
| option 'enabled' '0' | |||||
| option 'host' 'vpn-gateway' | |||||
| option 'port' '10443' | |||||
| option 'set_routes' '0' | |||||
| option 'set_dns' '0' | |||||
| option 'pppd_use_peerdns' '0' | |||||
| option 'username' 'foo' | |||||
| option 'password' 'bar' | |||||
| config 'certs' | |||||
| # example X509 certificate sha256 sum, trust only defined one(s)! | |||||
| option 'trusted_cert' 'e46d4aff08ba6914e64daa85bc6112a422fa7ce16631bff0b592a28556f993db' | |||||
+ 75
- 0
net/openfortivpn/files/openfortivpn.init
View File
| @ -0,0 +1,75 @@ | |||||
| #!/bin/sh /etc/rc.common | |||||
| START=99 | |||||
| USE_PROCD=1 | |||||
| BIN=/usr/sbin/openfortivpn | |||||
| CONFIG=/var/etc/openfortivpn.config | |||||
| validate_certs_section() { | |||||
| uci_load_validate openfortivpn certs "$1" "$2" \ | |||||
| 'trusted_cert:string' | |||||
| } | |||||
| validate_openfortivpn_section() { | |||||
| uci_load_validate openfortivpn service "$1" "$2" \ | |||||
| 'enabled:uinteger' \ | |||||
| 'host:string' \ | |||||
| 'port:uinteger' \ | |||||
| 'username:string' \ | |||||
| 'password:string' \ | |||||
| 'set_routes:uinteger' \ | |||||
| 'set_dns:uinteger' \ | |||||
| 'pppd_use_peerdns:uinteger' | |||||
| } | |||||
| setup_certs() { | |||||
| [ "$2" = 0 ] || { | |||||
| echo "validation failed" | |||||
| return 1 | |||||
| } | |||||
| [ -n "$trusted_cert" ] || return 0 | |||||
| echo "trusted-cert = $trusted_cert" >> $CONFIG | |||||
| } | |||||
| setup_config() { | |||||
| [ "$2" = 0 ] || { | |||||
| echo "validation failed" | |||||
| return 1 | |||||
| } | |||||
| [ "$enabled" -eq 0 ] && return 1 | |||||
| mkdir -p /var/etc | |||||
| echo '# auto-generated config file from /etc/config/openfortivpn' > $CONFIG | |||||
| [ -n "$host" ] && echo "host = $host" >> $CONFIG | |||||
| [ -n "$port" ] && echo "port = $port" >> $CONFIG | |||||
| [ -n "$username" ] && echo "username = $username" >> $CONFIG | |||||
| [ -n "$password" ] && echo "password = $password" >> $CONFIG | |||||
| [ -n "$set_routes" ] && echo "set-routes = $set_routes" >> $CONFIG | |||||
| [ -n "$set_dns" ] && echo "set-dns = $set_dns" >> $CONFIG | |||||
| [ -n "$pppd_use_peerdns" ] && echo "pppd-use-peerdns = $pppd_use_peerdns" >> $CONFIG | |||||
| return 0 | |||||
| } | |||||
| start_service() { | |||||
| config_load openfortivpn | |||||
| validate_openfortivpn_section openfortivpn setup_config || return | |||||
| config_foreach validate_certs_section certs setup_certs | |||||
| procd_open_instance | |||||
| procd_set_param stderr 1 | |||||
| procd_set_param command $BIN -c $CONFIG --use-syslog | |||||
| procd_close_instance | |||||
| } | |||||
| service_triggers () { | |||||
| procd_add_reload_trigger "openfortivpn" | |||||
| procd_open_validate | |||||
| validate_openfortivpn_section | |||||
| validate_certs_section | |||||
| procd_close_validate | |||||
| } | |||||