5 * Copyright (C) 2007-2010 Intel Corporation. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
33 #include <sys/ioctl.h>
34 #include <linux/if_tun.h>
38 #include <glib/garray.h>
39 #include <glib/gerror.h>
40 #include <glib/gmain.h>
41 #include <glib/gspawn.h>
43 #define CONNMAN_API_SUBJECT_TO_CHANGE
44 #include <connman/plugin.h>
45 #include <connman/device.h>
46 #include <connman/element.h>
47 #include <connman/provider.h>
48 #include <connman/log.h>
49 #include <connman/element.h>
50 #include <connman/rtnl.h>
51 #include <connman/task.h>
60 OC_STATE_DISCONNECT = 4,
65 struct connman_provider *provider;
70 struct connman_task *task;
73 static int kill_tun(char *tun_name)
78 memset(&ifr, 0, sizeof(ifr));
79 ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
80 sprintf(ifr.ifr_name, "%s", tun_name);
82 fd = open("/dev/net/tun", O_RDWR);
85 connman_error("Failed to open /dev/net/tun to device %s: %s",
86 tun_name, strerror(errno));
90 if (ioctl(fd, TUNSETIFF, (void *)&ifr)) {
92 connman_error("Failed to TUNSETIFF for device %s to it: %s",
93 tun_name, strerror(errno));
98 if (ioctl(fd, TUNSETPERSIST, 0)) {
100 connman_error("Failed to set tun device %s nonpersistent: %s",
101 tun_name, strerror(errno));
106 DBG("Killed tun device %s", tun_name);
110 static void openconnect_died(struct connman_task *task, void *user_data)
112 struct connman_provider *provider = user_data;
113 struct oc_data *data = connman_provider_get_data(provider);
114 int state = data->state;
116 DBG("provider %p data %p", provider, data);
121 kill_tun(data->if_name);
122 connman_provider_set_data(provider, NULL);
123 connman_rtnl_remove_watch(data->watch);
126 if (state != OC_STATE_READY && state != OC_STATE_DISCONNECT)
127 connman_provider_set_state(provider,
128 CONNMAN_PROVIDER_STATE_FAILURE);
130 connman_provider_set_state(provider,
131 CONNMAN_PROVIDER_STATE_IDLE);
133 connman_provider_set_index(provider, -1);
134 connman_provider_unref(data->provider);
137 connman_task_destroy(task);
140 static void vpn_newlink(unsigned flags, unsigned change, void *user_data)
142 struct connman_provider *provider = user_data;
143 struct oc_data *data = connman_provider_get_data(provider);
145 if ((data->flags & IFF_UP) != (flags & IFF_UP)) {
146 if (flags & IFF_UP) {
147 data->state = OC_STATE_READY;
148 connman_provider_set_state(provider,
149 CONNMAN_PROVIDER_STATE_READY);
155 static void openconnect_task_notify(struct connman_task *task,
156 DBusMessage *msg, void *user_data)
158 DBusMessageIter iter, dict;
159 struct connman_provider *provider = user_data;
160 struct oc_data *data;
161 const char *reason, *key, *value;
162 const char *domain = NULL;
165 dbus_message_iter_init(msg, &iter);
167 dbus_message_iter_get_basic(&iter, &reason);
168 dbus_message_iter_next(&iter);
171 connman_error("No provider found");
175 data = connman_provider_get_data(provider);
177 DBG("provider %p no data", provider);
181 if (strcmp(reason, "connect")) {
182 connman_provider_set_state(provider,
183 CONNMAN_PROVIDER_STATE_DISCONNECT);
187 domain = connman_provider_get_string(provider, "VPN.Domain");
189 dbus_message_iter_recurse(&iter, &dict);
191 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
192 DBusMessageIter entry;
194 dbus_message_iter_recurse(&dict, &entry);
195 dbus_message_iter_get_basic(&entry, &key);
196 dbus_message_iter_next(&entry);
197 dbus_message_iter_get_basic(&entry, &value);
199 if (strcmp(key, "CISCO_CSTP_OPTIONS"))
200 DBG("%s = %s", key, value);
202 if (!strcmp(key, "VPNGATEWAY"))
203 connman_provider_set_string(provider, "Gateway", value);
205 if (!strcmp(key, "INTERNAL_IP4_ADDRESS"))
206 connman_provider_set_string(provider, "Address", value);
208 if (!strcmp(key, "INTERNAL_IP4_NETMASK"))
209 connman_provider_set_string(provider, "Netmask", value);
211 if (!strcmp(key, "INTERNAL_IP4_DNS"))
212 connman_provider_set_string(provider, "DNS", value);
214 if (!strcmp(key, "CISCO_PROXY_PAC"))
215 connman_provider_set_string(provider, "PAC", value);
217 if (domain == NULL && !strcmp(key, "CISCO_DEF_DOMAIN"))
220 dbus_message_iter_next(&dict);
223 index = connman_provider_get_index(provider);
224 connman_provider_set_string(provider, "Domain", domain);
225 data->watch = connman_rtnl_add_newlink_watch(index,
226 vpn_newlink, provider);
228 connman_inet_ifup(index);
231 static int oc_connect(struct connman_provider *provider)
233 struct oc_data *data = connman_provider_get_data(provider);
235 int oc_fd, fd, i, index;
236 const char *vpnhost, *vpncookie, *cafile, *mtu;
242 data = g_try_new0(struct oc_data, 1);
246 data->provider = connman_provider_ref(provider);
250 data->state = OC_STATE_IDLE;
252 connman_provider_set_data(provider, data);
254 vpnhost = connman_provider_get_string(provider, "Host");
256 connman_error("Host not set; cannot enable VPN");
261 vpncookie = connman_provider_get_string(provider, "OpenConnect.Cookie");
263 connman_error("OpenConnect.Cookie not set; cannot enable VPN");
268 cafile = connman_provider_get_string(provider, "OpenConnect.CACert");
269 mtu = connman_provider_get_string(provider, "VPN.MTU");
271 fd = open("/dev/net/tun", O_RDWR);
274 connman_error("Failed to open /dev/net/tun: %s",
280 memset(&ifr, 0, sizeof(ifr));
281 ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
283 for (i = 0; i < 256; i++) {
284 sprintf(ifr.ifr_name, "vpn%d", i);
286 if (!ioctl(fd, TUNSETIFF, (void *)&ifr))
291 connman_error("Failed to find available tun device");
297 data->if_name = (char *)g_strdup(ifr.ifr_name);
298 if (!data->if_name) {
303 if (ioctl(fd, TUNSETPERSIST, 1)) {
305 connman_error("Failed to set tun persistent: %s",
314 index = connman_inet_ifindex(data->if_name);
316 connman_error("Failed to get tun ifindex");
317 kill_tun(data->if_name);
321 connman_provider_set_index(provider, index);
323 data->task = connman_task_create(OPENCONNECT);
325 if (data->task == NULL) {
327 kill_tun(data->if_name);
331 if (connman_task_set_notify(data->task, "notify",
332 openconnect_task_notify, provider)) {
334 kill_tun(data->if_name);
335 connman_task_destroy(data->task);
341 connman_task_add_argument(data->task, "--cafile",
344 connman_task_add_argument(data->task, "--mtu", (char *)mtu);
346 connman_task_add_argument(data->task, "--syslog", NULL);
347 connman_task_add_argument(data->task, "--cookie-on-stdin", NULL);
349 connman_task_add_argument(data->task, "--script",
350 SCRIPTDIR "/openconnect-script");
352 connman_task_add_argument(data->task, "--interface", data->if_name);
354 connman_task_add_argument(data->task, (char *)vpnhost, NULL);
356 ret = connman_task_run(data->task, openconnect_died, provider,
359 connman_error("Openconnect failed to start");
360 kill_tun(data->if_name);
362 connman_task_destroy(data->task);
367 DBG("openconnect started with dev %s", data->if_name);
369 if (write(oc_fd, vpncookie, strlen(vpncookie)) !=
370 (ssize_t)strlen(vpncookie) ||
371 write(oc_fd, "\n", 1) != 1) {
372 connman_error("openconnect failed to take cookie on stdin");
373 connman_provider_set_data(provider, NULL);
374 connman_task_stop(data->task);
379 data->state = OC_STATE_CONNECT;
384 connman_provider_set_index(provider, -1);
385 connman_provider_set_data(provider, NULL);
386 connman_provider_unref(data->provider);
392 static int oc_probe(struct connman_provider *provider)
397 static int oc_disconnect(struct connman_provider *provider)
399 struct oc_data *data = connman_provider_get_data(provider);
401 DBG("disconnect provider %p:", provider);
406 if (data->watch != 0)
407 connman_rtnl_remove_watch(data->watch);
410 data->state = OC_STATE_DISCONNECT;
411 connman_task_stop(data->task);
416 static int oc_remove(struct connman_provider *provider)
418 struct oc_data *data;
420 data = connman_provider_get_data(provider);
421 connman_provider_set_data(provider, NULL);
425 if (data->watch != 0)
426 connman_rtnl_remove_watch(data->watch);
428 connman_task_stop(data->task);
430 g_usleep(G_USEC_PER_SEC);
431 kill_tun(data->if_name);
435 static struct connman_provider_driver provider_driver = {
436 .name = "openconnect",
437 .disconnect = oc_disconnect,
438 .connect = oc_connect,
443 static int openconnect_init(void)
445 connman_provider_driver_register(&provider_driver);
450 static void openconnect_exit(void)
452 connman_provider_driver_unregister(&provider_driver);
455 CONNMAN_PLUGIN_DEFINE(openconnect, "OpenConnect VPN plugin", VERSION,
456 CONNMAN_PLUGIN_PRIORITY_DEFAULT, openconnect_init, openconnect_exit)