From 5a2a4fa20a29d39aae91448c632be447444aa11f Mon Sep 17 00:00:00 2001
From: Dirk Brenken <dev@brenken.org>
Date: Tue, 6 Aug 2019 15:29:00 +0200
Subject: [PATCH] travelmate: update 1.4.10

* add missing dnsmasq dependency
* add a captive portal auto-login hook (configurable via uci/LuCI),
  you could reference an external auto-login script - see readme
* provide an auto-login script for german ICE hotspots
  (/etc/travelmate/wifionice.login), requires 'curl'
* small fixes

Signed-off-by: Dirk Brenken <dev@brenken.org>
---
 net/travelmate/Makefile              |  9 ++-
 net/travelmate/files/README.md       | 32 ++++++++---
 net/travelmate/files/travelmate.sh   | 84 ++++++++++++++++++++--------
 net/travelmate/files/wifionice.login | 37 ++++++++++++
 4 files changed, 129 insertions(+), 33 deletions(-)
 create mode 100755 net/travelmate/files/wifionice.login

diff --git a/net/travelmate/Makefile b/net/travelmate/Makefile
index 1cf919996..6fa4df99e 100644
--- a/net/travelmate/Makefile
+++ b/net/travelmate/Makefile
@@ -6,7 +6,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=travelmate
-PKG_VERSION:=1.4.9
+PKG_VERSION:=1.4.10
 PKG_RELEASE:=1
 PKG_LICENSE:=GPL-3.0+
 PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>
@@ -17,7 +17,7 @@ define Package/travelmate
 	SECTION:=net
 	CATEGORY:=Network
 	TITLE:=A wlan connection manager for travel router
-	DEPENDS:=+iwinfo +jshn +jsonfilter +uclient-fetch
+	DEPENDS:=+iwinfo +jshn +jsonfilter +uclient-fetch +dnsmasq
 	PKGARCH:=all
 endef
 
@@ -42,13 +42,16 @@ endef
 
 define Package/travelmate/install
 	$(INSTALL_DIR) $(1)/usr/bin
-	$(INSTALL_BIN) ./files/travelmate.sh $(1)/usr/bin/
+	$(INSTALL_BIN) ./files/travelmate.sh $(1)/usr/bin
 
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_BIN) ./files/travelmate.init $(1)/etc/init.d/travelmate
 
 	$(INSTALL_DIR) $(1)/etc/config
 	$(INSTALL_CONF) ./files/travelmate.conf $(1)/etc/config/travelmate
+
+	$(INSTALL_DIR) $(1)/etc/travelmate
+	$(INSTALL_BIN) ./files/*.login $(1)/etc/travelmate
 endef
 
 $(eval $(call BuildPackage,travelmate))
diff --git a/net/travelmate/files/README.md b/net/travelmate/files/README.md
index e261e7661..f84fffa73 100644
--- a/net/travelmate/files/README.md
+++ b/net/travelmate/files/README.md
@@ -13,6 +13,7 @@ To avoid these kind of deadlocks, travelmate will set all station interfaces to
 * support all kinds of uplinks, incl. hidden and enterprise uplinks
 * continuously checks the existing uplink connection (quality), e.g. for conditional uplink (dis-) connections
 * captive portal detection with internet online check and a 'heartbeat' function to keep the uplink connection up & running
+* captive portal auto-login hook (configured via uci/LuCI), you could reference an external script for captive portal auto-logins (see example below)
 * proactively scan and switch to a higher prioritized uplink, despite of an already existing connection
 * support devices with multiple radios in any order
 * procd init and hotplug support
@@ -21,10 +22,11 @@ To avoid these kind of deadlocks, travelmate will set all station interfaces to
 * optional: the LuCI frontend shows the WiFi QR codes from all configured Access Points. It allows you to connect your Android or iOS devices to your router’s WiFi using the QR code
 
 ## Prerequisites
-* [OpenWrt](https://openwrt.org), tested with the stable release series (18.06.x) and with the latest OpenWrt snapshot
-* iwinfo for wlan scanning, uclient-fetch for captive portal detection
+* [OpenWrt](https://openwrt.org), tested with the stable release series (19.07.x) and with the latest OpenWrt snapshot
+* iwinfo for wlan scanning, uclient-fetch for captive portal detection, dnsmasq as dns backend
 * optional: qrencode 4.x for QR code support
 * optional: wpad (the full version, not wpad-mini) to use Enterprise WiFi
+* optional: curl to use external scripts for captive portal auto-logins
 
 ## Installation & Usage
 * download the package [here](https://downloads.openwrt.org/snapshots/packages/x86_64/packages)
@@ -50,24 +52,38 @@ To avoid these kind of deadlocks, travelmate will set all station interfaces to
     * trm\_maxretry => how many times should travelmate try to connect to an uplink (int/default: '3', valid range: 1-10)
     * trm\_timeout => overall retry timeout in seconds (int/default: '60', valid range: 30-300)
     * trm\_radio => limit travelmate to a single radio (e.g. 'radio1') or change the overall scanning priority (e.g. 'radio1 radio2 radio0') (default: not set, use all radios 0-n)
-    * trm\_iface => main uplink / procd trigger network interface (default: trm_wwan)
+    * trm\_iface => uplink / procd trigger network interface (default: trm_wwan)
     * trm\_triggerdelay => additional trigger delay in seconds before travelmate processing begins (int/default: '2')
 
+## Captive Portal auto-logins
+For automated captive portal logins you could reference external shell scripts. All login scripts should be executable and located in '/etc/travelmate' with the extension '.login'. The provided 'wifionice.login' script example requires curl and automates the login to german ICE hotspots, it also explains the principle approach to extract runtime data like security tokens for a succesful login. Hopefully more scripts for different captive portals will be provided by the community ...
+
+A typical/succesful captive portal login looks like this:
+<pre><code>
+[...]
+Mon Aug  5 10:15:48 2019 user.info travelmate-1.4.10[1481]: travelmate instance started ::: action: start, pid: 1481
+Mon Aug  5 10:16:17 2019 user.info travelmate-1.4.10[1481]: captive portal login '/etc/travelmate/wifionice.login' for 'www.wifionice.de' has been executed with rc '0'
+Mon Aug  5 10:16:23 2019 user.info travelmate-1.4.10[1481]: connected to uplink 'radio1/WIFIonICE/-' (1/5, GL.iNet GL-AR750S, OpenWrt SNAPSHOT r10644-cb49e46a8a)
+[...]
+</code></pre>
+
 ## Runtime information
 
 **receive travelmate runtime information:**
 <pre><code>
 ~# /etc/init.d/travelmate status
 ::: travelmate runtime information
-  + travelmate_status  : connected (net ok/78)
-  + travelmate_version : 1.2.3
-  + station_id         : radio1/blackhole/01:02:03:04:05:06
+  + travelmate_status  : connected (net ok/100)
+  + travelmate_version : 1.4.10
+  + station_id         : radio1/blackhole/-
   + station_interface  : trm_wwan
   + faulty_stations    : 
-  + last_rundate       : 07.09.2018 17:22:37
-  + system             : TP-LINK RE450, OpenWrt SNAPSHOT r8018-42f158314e
+  + last_rundate       : 2019.08.03-20:37:19
+  + system             : GL.iNet GL-AR750S, OpenWrt SNAPSHOT r10644-cb49e46a8a
 </code></pre>
 
+To debug travelmate runtime problems, please always enable the 'trm\_debug' flag, restart travelmate and scan the system log (_logread -e "travelmate"_)
+
 ## Manual Setup
 **1. configure the travelmate wwan interface in /etc/config/network:**
 <pre><code>
diff --git a/net/travelmate/files/travelmate.sh b/net/travelmate/files/travelmate.sh
index acb83a0ad..28d00e036 100755
--- a/net/travelmate/files/travelmate.sh
+++ b/net/travelmate/files/travelmate.sh
@@ -10,7 +10,7 @@
 #
 LC_ALL=C
 PATH="/usr/sbin:/usr/bin:/sbin:/bin"
-trm_ver="1.4.9"
+trm_ver="1.4.10"
 trm_sysver="unknown"
 trm_enabled=0
 trm_debug=0
@@ -65,10 +65,9 @@ f_envload()
 		trm_sysver="${sys_model}, ${sys_desc}"
 	fi
 
-	# get eap capabilities and rebind protection setting
+	# get eap capabilities
 	#
 	trm_eap="$("${trm_wpa}" -veap >/dev/null 2>&1; printf "%u" ${?})"
-	trm_rebind="$(uci_get dhcp "@dnsmasq[0]" rebind_protection)"
 
 	# load config and check 'enabled' option
 	#
@@ -169,24 +168,24 @@ f_prep()
 			fi
 		fi
 	fi
-	f_log "debug" "f_prep ::: config: ${config}, mode: ${mode}, network: ${network}, radio: ${radio}, trm_radio: ${trm_radio:-"-"}, trm_active_sta: ${trm_active_sta:-"-"}, proactive: ${proactive}, trm_eap: ${trm_eap:-"-"}, trm_rebind: ${trm_rebind:-"-"}, disabled: ${disabled}"
+	f_log "debug" "f_prep ::: config: ${config}, mode: ${mode}, network: ${network}, radio: ${radio}, trm_radio: ${trm_radio:-"-"}, trm_active_sta: ${trm_active_sta:-"-"}, proactive: ${proactive}, trm_eap: ${trm_eap:-"-"}, disabled: ${disabled}"
 }
 
 # check interface status
 #
 f_check()
 {
-	local IFS ifname radio dev_status last_status config sta_essid sta_bssid result cp_domain wait mode="${1}" status="${2:-"false"}"
+	local IFS ifname radio dev_status config sta_essid sta_bssid result uci_essid uci_bssid login_command bg_pid wait_time mode="${1}" status="${2:-"false"}" cp_domain="${3:-"false"}"
 
 	if [ "${mode}" != "initial" ] && [ "${status}" = "false" ]
 	then
 		ubus call network reload
-		wait=$((trm_maxwait/6))
-		sleep ${wait}
+		wait_time=$((trm_maxwait/6))
+		sleep ${wait_time}
 	fi
 
-	wait=1
-	while [ "${wait}" -le "${trm_maxwait}" ]
+	wait_time=1
+	while [ "${wait_time}" -le "${trm_maxwait}" ]
 	do
 		dev_status="$(ubus -S call network.wireless status 2>/dev/null)"
 		if [ -n "${dev_status}" ]
@@ -206,7 +205,7 @@ f_check()
 						trm_devlist="$(f_trim "${trm_devlist} ${radio}")"
 					fi
 				done
-				if [ "${trm_devlist}" = "${trm_radiolist}" ] || [ "${wait}" -eq "${trm_maxwait}" ]
+				if [ "${trm_devlist}" = "${trm_radiolist}" ] || [ "${wait_time}" -eq "${trm_maxwait}" ]
 				then
 					ifname="${trm_devlist}"
 					break
@@ -224,21 +223,33 @@ f_check()
 					if [ "${mode}" = "initial" ] && [ "${trm_captive}" -eq 1 ]
 					then
 						result="$(${trm_fetch} --timeout=$((trm_maxwait/6)) "${trm_captiveurl}" -O /dev/null 2>&1 | \
-							awk '/^Failed to redirect|^Redirected/{printf "%s" "net cp \047"$NF"\047";exit}/^Download completed/{printf "%s" "net ok";exit}/^Failed|^Connection error/{printf "%s" "net nok";exit}')"
+							awk '/^Failed to redirect|^Redirected/{printf "%s" "net cp \047"$NF"\047";exit}/^Download completed/{printf "%s" "net ok";exit}/^Failed|Connection error/{printf "%s" "net nok";exit}')"
+						if [ "${cp_domain}" = "true" ]
+						then
+							cp_domain="$(printf "%s" "${result}" | awk -F "[\\'| ]" '/^net cp/{printf "%s" $4}')"
+							uci_essid="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].config.ssid')"
+							uci_essid="$(printf "%s" "${uci_essid//[^[:alnum:]_]/_}" | awk '{print tolower($1)}')"
+							uci_bssid="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].config.bssid')"
+							uci_bssid="${uci_bssid//[^[:alnum:]_]/_}"
+						fi
 					fi
-					if [ "${trm_ifquality}" -ge "${trm_minquality}" ] && [ "${result%/*}" != "net nok" ]
+					if [ "${trm_ifquality}" -ge "${trm_minquality}" ] && [ "${result}" != "net nok" ]
 					then
 						trm_ifstatus="$(ubus -S call network.interface dump 2>/dev/null | jsonfilter -l1 -e "@.interface[@.device=\"${ifname}\"].up")"
 						if [ "${trm_ifstatus}" = "true" ]
 						then
-							if [ "${mode}" = "sta" ] && [ "${trm_captive}" -eq 1 ] && [ "${trm_rebind:-0}" -eq 1 ] && [ -x "/etc/init.d/dnsmasq" ]
+							if [ "${mode}" = "sta" ] && [ "${trm_captive}" -eq 1 ]
 							then
 								while true
 								do
 									result="$(${trm_fetch} --timeout=$((trm_maxwait/6)) "${trm_captiveurl}" -O /dev/null 2>&1 | \
-										awk '/^Failed to redirect|^Redirected/{printf "%s" "net cp \047"$NF"\047";exit}/^Download completed/{printf "%s" "net ok";exit}/^Failed|^Connection error/{printf "%s" "net nok";exit}')"
+										awk '/^Failed to redirect|^Redirected/{printf "%s" "net cp \047"$NF"\047";exit}/^Download completed/{printf "%s" "net ok";exit}/^Failed|Connection error/{printf "%s" "net nok";exit}')"
 									cp_domain="$(printf "%s" "${result}" | awk -F "[\\'| ]" '/^net cp/{printf "%s" $4}')"
-									if [ "${trm_netcheck}" -eq 1 ] && [ "${result%/*}" = "net nok" ]
+									uci_essid="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].config.ssid')"
+									uci_essid="$(printf "%s" "${uci_essid//[^[:alnum:]_]/_}" | awk '{print tolower($1)}')"
+									uci_bssid="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].config.bssid')"
+									uci_bssid="${uci_bssid//[^[:alnum:]_]/_}"
+									if [ "${trm_netcheck}" -eq 1 ] && [ "${result}" = "net nok" ]
 									then
 										trm_ifstatus="${status}"
 										f_jsnup
@@ -249,13 +260,40 @@ f_check()
 										break
 									fi
 									uci -q add_list dhcp.@dnsmasq[0].rebind_domain="${cp_domain}"
-									f_log "info" "captive portal domain '${cp_domain}' added to rebind whitelist"
+									f_log "info" "captive portal domain '${cp_domain}' added to to dhcp rebind whitelist"
+									if [ -z "$(uci_get travelmate "${uci_essid}${uci_bssid}")" ]
+									then
+										uci_add travelmate "login" "${uci_essid}${uci_bssid}"
+										uci_set travelmate "${uci_essid}${uci_bssid}" "command" "none"
+										f_log "info" "captive portal login section '${uci_essid}${uci_bssid}' added to travelmate config section"
+									fi
 								done
 								if [ -n "$(uci -q changes dhcp)" ]
 								then
 									uci_commit dhcp
 									/etc/init.d/dnsmasq reload
 								fi
+								if [ -n "$(uci -q changes travelmate)" ]
+								then
+									uci_commit travelmate
+								fi
+							fi
+							if [ "${cp_domain}" != "false" ] && [ -n "${uci_essid}" ] && [ "${trm_captive}" -eq 1 ]
+							then
+								trm_connection="${result:-"-"}/${trm_ifquality}"
+								f_jsnup
+								login_command="$(uci_get travelmate "${uci_essid}${uci_bssid}" command)"
+								if [ -x "${login_command}" ]
+								then
+									"${login_command}" >/dev/null 2>&1
+									rc=${?}
+									f_log "info" "captive portal login '${login_command:0:40}' for '${cp_domain}' has been executed with rc '${rc}'"
+									if [ "${rc}" -eq 0 ]
+									then
+										result="$(${trm_fetch} --timeout=$((trm_maxwait/6)) "${trm_captiveurl}" -O /dev/null 2>&1 | \
+											awk '/^Failed to redirect|^Redirected/{printf "%s" "net cp \047"$NF"\047";exit}/^Download completed/{printf "%s" "net ok";exit}/^Failed|Connection error/{printf "%s" "net nok";exit}')"
+									fi
+								fi
 							fi
 							trm_connection="${result:-"-"}/${trm_ifquality}"
 							f_jsnup
@@ -267,13 +305,15 @@ f_check()
 						sta_bssid="$(printf "%s" "${dev_status}" | jsonfilter -l1 -e '@.*.interfaces[@.config.mode="sta"].*.bssid')"
 						if [ "${trm_ifquality}" -lt "${trm_minquality}" ]
 						then
+							unset trm_connection
+							trm_ifstatus="${status}"
 							f_log "info" "uplink '${sta_essid:-"-"}/${sta_bssid:-"-"}' is out of range (${trm_ifquality}/${trm_minquality})"
-						elif [ "${trm_netcheck}" -eq 1 ] && [ "${result%/*}" = "net nok" ]
+						elif [ "${trm_netcheck}" -eq 1 ] && [ "${result}" = "net nok" ]
 						then
+							unset trm_connection
+							trm_ifstatus="${status}"
 							f_log "info" "uplink '${sta_essid:-"-"}/${sta_bssid:-"-"}' has no internet (${result})"
 						fi
-						unset trm_connection
-						trm_ifstatus="${status}"
 						f_jsnup
 						break
 					elif [ "${mode}" = "initial" ]
@@ -294,10 +334,10 @@ f_check()
 				fi
 			fi
 		fi
-		wait=$((wait+1))
+		wait_time=$((wait_time+1))
 		sleep 1
 	done
-	f_log "debug" "f_check::: mode: ${mode}, name: ${ifname:-"-"}, status: ${trm_ifstatus}, connection: ${trm_connection:-"-"}, wait: ${wait}, max_wait: ${trm_maxwait}, min_quality: ${trm_minquality}, captive: ${trm_captive}, netcheck: ${trm_netcheck}"
+	f_log "debug" "f_check::: mode: ${mode}, name: ${ifname:-"-"}, status: ${trm_ifstatus}, connection: ${trm_connection:-"-"}, wait: ${wait_time}, max_wait: ${trm_maxwait}, min_quality: ${trm_minquality}, captive: ${trm_captive}, netcheck: ${trm_netcheck}"
 }
 
 # update runtime information
@@ -399,7 +439,7 @@ f_main()
 	local IFS cnt dev config spec scan_list scan_essid scan_bssid scan_quality faulty_list
 	local station_id sta sta_essid sta_bssid sta_radio sta_iface active_essid active_bssid active_radio
 
-	f_check "initial"
+	f_check "initial" "false" "true"
 	f_log "debug" "f_main ::: status: ${trm_ifstatus}, proactive: ${trm_proactive}"
 	if [ "${trm_ifstatus}" != "true" ] || [ "${trm_proactive}" -eq 1 ]
 	then
diff --git a/net/travelmate/files/wifionice.login b/net/travelmate/files/wifionice.login
new file mode 100755
index 000000000..5687921d9
--- /dev/null
+++ b/net/travelmate/files/wifionice.login
@@ -0,0 +1,37 @@
+#!/bin/sh
+# captive portal auto-login script for german ICE hotspots
+# written by Dirk Brenken (dev@brenken.org)
+
+# This is free software, licensed under the GNU General Public License v3.
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+domain="www.wifionice.de"
+cmd="$(command -v curl)"
+
+# curl check
+#
+if [ ! -x "${cmd}" ]
+then
+	exit 1
+fi
+
+# initial get request to receive & extract a valid security token
+#
+"${cmd}" "http://${domain}/en/" -s -o /dev/null -c "/tmp/${domain}.cookie"
+if [ -f "/tmp/${domain}.cookie" ]
+then
+	sec_token="$(awk '/csrf/{print $7}' "/tmp/${domain}.cookie")"
+	rm -f "/tmp/${domain}.cookie"
+else
+	exit 2
+fi
+
+# final post request/login with valid session cookie/security token
+#
+if [ -n "${sec_token}" ]
+then
+	"${cmd}" "http://${domain}/en/" -H "Cookie: csrf=${sec_token}" --data "login=true&CSRFToken=${sec_token}&connect="
+else
+	exit 3
+fi