vpn/plugins/l2tp.c

   1 /*
   2  *
   3  *  ConnMan VPN daemon
   4  *
   5  *  Copyright (C) 2010  BMW Car IT GmbH. All rights reserved.
   6  *  Copyright (C) 2012  Intel Corporation. All rights reserved.
   7  *
   8  *  This program is free software; you can redistribute it and/or modify
   9  *  it under the terms of the GNU General Public License version 2 as
  10  *  published by the Free Software Foundation.
  11  *
  12  *  This program is distributed in the hope that it will be useful,
  13  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  *  GNU General Public License for more details.
  16  *
  17  *  You should have received a copy of the GNU General Public License
  18  *  along with this program; if not, write to the Free Software
  19  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
  20  *
  21  */
  22
  23 #ifdef HAVE_CONFIG_H
  24 #include <config.h>
  25 #endif
  26
  27 #include <string.h>
  28 #include <errno.h>
  29 #include <unistd.h>
  30 #include <sys/types.h>
  31 #include <sys/stat.h>
  32 #include <fcntl.h>
  33
  34 #include <stdio.h>
  35 #include <net/if.h>
  36
  37 #include <dbus/dbus.h>
  38 #include <glib.h>
  39
  40 #define CONNMAN_API_SUBJECT_TO_CHANGE
  41 #include <connman/plugin.h>
  42 #include <connman/provider.h>
  43 #include <connman/log.h>
  44 #include <connman/task.h>
  45 #include <connman/dbus.h>
  46 #include <connman/inet.h>
  47 #include <connman/agent.h>
  48 #include <connman/setting.h>
  49 #include <connman/vpn-dbus.h>
  50
  51 #include "../vpn-provider.h"
  52 #include "../vpn-agent.h"
  53
  54 #include "vpn.h"
  55
  56 #define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0]))
  57
  58 enum {
  59         OPT_STRING = 1,
  60         OPT_BOOL = 2,
  61 };
  62
  63 enum {
  64         OPT_ALL = 1,
  65         OPT_L2G = 2,
  66         OPT_L2  = 3,
  67         OPT_PPPD = 4,
  68 };
  69
  70 struct {
  71         const char *cm_opt;
  72         const char *pppd_opt;
  73         int sub;
  74         const char *vpn_default;
  75         int type;
  76 } pppd_options[] = {
  77         { "L2TP.User", "name", OPT_ALL, NULL, OPT_STRING },
  78         { "L2TP.BPS", "bps", OPT_L2, NULL, OPT_STRING },
  79         { "L2TP.LengthBit", "length bit", OPT_L2, NULL, OPT_STRING },
  80         { "L2TP.Challenge", "challenge", OPT_L2, NULL, OPT_STRING },
  81         { "L2TP.DefaultRoute", "defaultroute", OPT_L2, NULL, OPT_STRING },
  82         { "L2TP.FlowBit", "flow bit", OPT_L2, NULL, OPT_STRING },
  83         { "L2TP.TunnelRWS", "tunnel rws", OPT_L2, NULL, OPT_STRING },
  84         { "L2TP.Exclusive", "exclusive", OPT_L2, NULL, OPT_STRING },
  85         { "L2TP.Autodial", "autodial", OPT_L2, "yes", OPT_STRING },
  86         { "L2TP.Redial", "redial", OPT_L2, "yes", OPT_STRING },
  87         { "L2TP.RedialTimeout", "redial timeout", OPT_L2, "10", OPT_STRING },
  88         { "L2TP.MaxRedials", "max redials", OPT_L2, NULL, OPT_STRING },
  89         { "L2TP.RequirePAP", "require pap", OPT_L2, "no", OPT_STRING },
  90         { "L2TP.RequireCHAP", "require chap", OPT_L2, "yes", OPT_STRING },
  91         { "L2TP.ReqAuth", "require authentication", OPT_L2, "no", OPT_STRING },
  92         { "L2TP.AccessControl", "access control", OPT_L2G, "yes", OPT_STRING },
  93         { "L2TP.AuthFile", "auth file", OPT_L2G, NULL, OPT_STRING },
  94         { "L2TP.ForceUserSpace", "force userspace", OPT_L2G, NULL, OPT_STRING },
  95         { "L2TP.ListenAddr", "listen-addr", OPT_L2G, NULL, OPT_STRING },
  96         { "L2TP.Rand Source", "rand source", OPT_L2G, NULL, OPT_STRING },
  97         { "L2TP.IPsecSaref", "ipsec saref", OPT_L2G, NULL, OPT_STRING },
  98         { "L2TP.Port", "port", OPT_L2G, NULL, OPT_STRING },
  99         { "L2TP.EchoFailure", "lcp-echo-failure", OPT_PPPD, "0", OPT_STRING },
 100         { "L2TP.EchoInterval", "lcp-echo-interval", OPT_PPPD, "0", OPT_STRING },
 101         { "L2TP.Debug", "debug", OPT_PPPD, NULL, OPT_STRING },
 102         { "L2TP.RefuseEAP", "refuse-eap", OPT_PPPD, NULL, OPT_BOOL },
 103         { "L2TP.RefusePAP", "refuse-pap", OPT_PPPD, NULL, OPT_BOOL },
 104         { "L2TP.RefuseCHAP", "refuse-chap", OPT_PPPD, NULL, OPT_BOOL },
 105         { "L2TP.RefuseMSCHAP", "refuse-mschap", OPT_PPPD, NULL, OPT_BOOL },
 106         { "L2TP.RefuseMSCHAP2", "refuse-mschapv2", OPT_PPPD, NULL, OPT_BOOL },
 107         { "L2TP.NoBSDComp", "nobsdcomp", OPT_PPPD, NULL, OPT_BOOL },
 108         { "L2TP.NoPcomp", "nopcomp", OPT_PPPD, NULL, OPT_BOOL },
 109         { "L2TP.UseAccomp", "accomp", OPT_PPPD, NULL, OPT_BOOL },
 110         { "L2TP.NoDeflate", "nodeflatey", OPT_PPPD, NULL, OPT_BOOL },
 111         { "L2TP.ReqMPPE", "require-mppe", OPT_PPPD, NULL, OPT_BOOL },
 112         { "L2TP.ReqMPPE40", "require-mppe-40", OPT_PPPD, NULL, OPT_BOOL },
 113         { "L2TP.ReqMPPE128", "require-mppe-128", OPT_PPPD, NULL, OPT_BOOL },
 114         { "L2TP.ReqMPPEStateful", "mppe-stateful", OPT_PPPD, NULL, OPT_BOOL },
 115         { "L2TP.NoVJ", "no-vj-comp", OPT_PPPD, NULL, OPT_BOOL },
 116 };
 117
 118 static DBusConnection *connection;
 119
 120 struct l2tp_private_data {
 121         struct connman_task *task;
 122         char *if_name;
 123         vpn_provider_connect_cb_t cb;
 124         void *user_data;
 125 };
 126
 127 static DBusMessage *l2tp_get_sec(struct connman_task *task,
 128                         DBusMessage *msg, void *user_data)
 129 {
 130         const char *user, *passwd;
 131         struct vpn_provider *provider = user_data;
 132
 133         if (dbus_message_get_no_reply(msg) == FALSE) {
 134                 DBusMessage *reply;
 135
 136                 user = vpn_provider_get_string(provider, "L2TP.User");
 137                 passwd = vpn_provider_get_string(provider, "L2TP.Password");
 138
 139                 if (user == NULL || strlen(user) == 0 ||
 140                                 passwd == NULL || strlen(passwd) == 0)
 141                         return NULL;
 142
 143                 reply = dbus_message_new_method_return(msg);
 144                 if (reply == NULL)
 145                         return NULL;
 146
 147                 dbus_message_append_args(reply, DBUS_TYPE_STRING, &user,
 148                                                 DBUS_TYPE_STRING, &passwd,
 149                                                 DBUS_TYPE_INVALID);
 150
 151                 return reply;
 152         }
 153
 154         return NULL;
 155 }
 156
 157 static int l2tp_notify(DBusMessage *msg, struct vpn_provider *provider)
 158 {
 159         DBusMessageIter iter, dict;
 160         const char *reason, *key, *value;
 161         char *addressv4 = NULL, *netmask = NULL, *gateway = NULL;
 162         char *ifname = NULL, *nameservers = NULL;
 163         struct connman_ipaddress *ipaddress = NULL;
 164
 165         dbus_message_iter_init(msg, &iter);
 166
 167         dbus_message_iter_get_basic(&iter, &reason);
 168         dbus_message_iter_next(&iter);
 169
 170         if (!provider) {
 171                 connman_error("No provider found");
 172                 return VPN_STATE_FAILURE;
 173         }
 174
 175         if (strcmp(reason, "auth failed") == 0)
 176                 return VPN_STATE_AUTH_FAILURE;
 177
 178         if (strcmp(reason, "connect"))
 179                 return VPN_STATE_DISCONNECT;
 180
 181         dbus_message_iter_recurse(&iter, &dict);
 182
 183         while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
 184                 DBusMessageIter entry;
 185
 186                 dbus_message_iter_recurse(&dict, &entry);
 187                 dbus_message_iter_get_basic(&entry, &key);
 188                 dbus_message_iter_next(&entry);
 189                 dbus_message_iter_get_basic(&entry, &value);
 190
 191                 DBG("%s = %s", key, value);
 192
 193                 if (!strcmp(key, "INTERNAL_IP4_ADDRESS")) {
 194                         vpn_provider_set_string(provider, "Address", value);
 195                         addressv4 = g_strdup(value);
 196                 }
 197
 198                 if (!strcmp(key, "INTERNAL_IP4_NETMASK")) {
 199                         vpn_provider_set_string(provider, "Netmask", value);
 200                         netmask = g_strdup(value);
 201                 }
 202
 203                 if (!strcmp(key, "INTERNAL_IP4_DNS")) {
 204                         vpn_provider_set_string(provider, "DNS", value);
 205                         nameservers = g_strdup(value);
 206                 }
 207
 208                 if (!strcmp(key, "INTERNAL_IFNAME"))
 209                         ifname = g_strdup(value);
 210
 211                 dbus_message_iter_next(&dict);
 212         }
 213
 214         if (vpn_set_ifname(provider, ifname) < 0) {
 215                 g_free(ifname);
 216                 g_free(addressv4);
 217                 g_free(netmask);
 218                 g_free(nameservers);
 219                 return VPN_STATE_FAILURE;
 220         }
 221
 222         if (addressv4 != NULL)
 223                 ipaddress = connman_ipaddress_alloc(AF_INET);
 224
 225         g_free(ifname);
 226
 227         if (ipaddress == NULL) {
 228                 connman_error("No IP address for provider");
 229                 g_free(addressv4);
 230                 g_free(netmask);
 231                 g_free(nameservers);
 232                 return VPN_STATE_FAILURE;
 233         }
 234
 235         value = vpn_provider_get_string(provider, "HostIP");
 236         if (value != NULL) {
 237                 vpn_provider_set_string(provider, "Gateway", value);
 238                 gateway = g_strdup(value);
 239         }
 240
 241         if (addressv4 != NULL)
 242                 connman_ipaddress_set_ipv4(ipaddress, addressv4, netmask,
 243                                         gateway);
 244
 245         vpn_provider_set_ipaddress(provider, ipaddress);
 246         vpn_provider_set_nameservers(provider, nameservers);
 247
 248         g_free(addressv4);
 249         g_free(netmask);
 250         g_free(gateway);
 251         g_free(nameservers);
 252         connman_ipaddress_free(ipaddress);
 253
 254         return VPN_STATE_CONNECT;
 255 }
 256
 257 static int l2tp_save(struct vpn_provider *provider, GKeyFile *keyfile)
 258 {
 259         const char *option;
 260         int i;
 261
 262         for (i = 0; i < (int)ARRAY_SIZE(pppd_options); i++) {
 263                 if (strncmp(pppd_options[i].cm_opt, "L2TP.", 5) == 0) {
 264                         option = vpn_provider_get_string(provider,
 265                                                         pppd_options[i].cm_opt);
 266                         if (option == NULL)
 267                                 continue;
 268
 269                         g_key_file_set_string(keyfile,
 270                                         vpn_provider_get_save_group(provider),
 271                                         pppd_options[i].cm_opt, option);
 272                 }
 273         }
 274
 275         return 0;
 276 }
 277
 278 static ssize_t full_write(int fd, const void *buf, size_t len)
 279 {
 280         ssize_t byte_write;
 281
 282         while (len) {
 283                 byte_write = write(fd, buf, len);
 284                 if (byte_write < 0) {
 285                         connman_error("failed to write config to l2tp: %s\n",
 286                                         strerror(errno));
 287                         return byte_write;
 288                 }
 289                 len -= byte_write;
 290                 buf += byte_write;
 291         }
 292
 293         return 0;
 294 }
 295
 296 static ssize_t l2tp_write_bool_option(int fd,
 297                                         const char *key, const char *value)
 298 {
 299         gchar *buf;
 300         ssize_t ret = 0;
 301
 302         if (key != NULL && value != NULL) {
 303                 if (strcasecmp(value, "yes") == 0 ||
 304                                 strcasecmp(value, "true") == 0 ||
 305                                 strcmp(value, "1") == 0) {
 306                         buf = g_strdup_printf("%s\n", key);
 307                         ret = full_write(fd, buf, strlen(buf));
 308
 309                         g_free(buf);
 310                 }
 311         }
 312
 313         return ret;
 314 }
 315
 316 static int l2tp_write_option(int fd, const char *key, const char *value)
 317 {
 318         gchar *buf;
 319         ssize_t ret = 0;
 320
 321         if (key != NULL) {
 322                 if (value != NULL)
 323                         buf = g_strdup_printf("%s %s\n", key, value);
 324                 else
 325                         buf = g_strdup_printf("%s\n", key);
 326
 327                 ret = full_write(fd, buf, strlen(buf));
 328
 329                 g_free(buf);
 330         }
 331
 332         return ret;
 333 }
 334
 335 static int l2tp_write_section(int fd, const char *key, const char *value)
 336 {
 337         gchar *buf;
 338         ssize_t ret = 0;
 339
 340         if (key != NULL && value != NULL) {
 341                 buf = g_strdup_printf("%s = %s\n", key, value);
 342                 ret = full_write(fd, buf, strlen(buf));
 343
 344                 g_free(buf);
 345         }
 346
 347         return ret;
 348 }
 349
 350 static int write_pppd_option(struct vpn_provider *provider, int fd)
 351 {
 352         int i;
 353         const char *opt_s;
 354
 355         l2tp_write_option(fd, "nodetach", NULL);
 356         l2tp_write_option(fd, "lock", NULL);
 357         l2tp_write_option(fd, "usepeerdns", NULL);
 358         l2tp_write_option(fd, "noipdefault", NULL);
 359         l2tp_write_option(fd, "noauth", NULL);
 360         l2tp_write_option(fd, "nodefaultroute", NULL);
 361         l2tp_write_option(fd, "ipparam", "l2tp_plugin");
 362
 363         for (i = 0; i < (int)ARRAY_SIZE(pppd_options); i++) {
 364                 if (pppd_options[i].sub != OPT_ALL &&
 365                         pppd_options[i].sub != OPT_PPPD)
 366                         continue;
 367
 368                 opt_s = vpn_provider_get_string(provider,
 369                                         pppd_options[i].cm_opt);
 370                 if (!opt_s)
 371                         opt_s = pppd_options[i].vpn_default;
 372
 373                 if (!opt_s)
 374                         continue;
 375
 376                 if (pppd_options[i].type == OPT_STRING)
 377                         l2tp_write_option(fd,
 378                                 pppd_options[i].pppd_opt, opt_s);
 379                 else if (pppd_options[i].type == OPT_BOOL)
 380                         l2tp_write_bool_option(fd,
 381                                 pppd_options[i].pppd_opt, opt_s);
 382         }
 383
 384         l2tp_write_option(fd, "plugin",
 385                                 SCRIPTDIR "/libppp-plugin.so");
 386
 387         return 0;
 388 }
 389
 390
 391 static int l2tp_write_fields(struct vpn_provider *provider,
 392                                                 int fd, int sub)
 393 {
 394         int i;
 395         const char *opt_s;
 396
 397         for (i = 0; i < (int)ARRAY_SIZE(pppd_options); i++) {
 398                 if (pppd_options[i].sub != sub)
 399                         continue;
 400
 401                 opt_s = vpn_provider_get_string(provider,
 402                                         pppd_options[i].cm_opt);
 403                 if (!opt_s)
 404                         opt_s = pppd_options[i].vpn_default;
 405
 406                 if (!opt_s)
 407                         continue;
 408
 409                 if (pppd_options[i].type == OPT_STRING)
 410                         l2tp_write_section(fd,
 411                                 pppd_options[i].pppd_opt, opt_s);
 412                 else if (pppd_options[i].type == OPT_BOOL)
 413                         l2tp_write_bool_option(fd,
 414                                 pppd_options[i].pppd_opt, opt_s);
 415         }
 416
 417         return 0;
 418 }
 419
 420 static int l2tp_write_config(struct vpn_provider *provider,
 421                                         const char *pppd_name, int fd)
 422 {
 423         const char *option;
 424
 425         l2tp_write_option(fd, "[global]", NULL);
 426         l2tp_write_fields(provider, fd, OPT_L2G);
 427
 428         l2tp_write_option(fd, "[lac l2tp]", NULL);
 429
 430         option = vpn_provider_get_string(provider, "Host");
 431         l2tp_write_option(fd, "lns =", option);
 432
 433         l2tp_write_fields(provider, fd, OPT_ALL);
 434         l2tp_write_fields(provider, fd, OPT_L2);
 435
 436         l2tp_write_option(fd, "pppoptfile =", pppd_name);
 437
 438         return 0;
 439 }
 440
 441 static void l2tp_died(struct connman_task *task, int exit_code, void *user_data)
 442 {
 443         char *conf_file;
 444
 445         vpn_died(task, exit_code, user_data);
 446
 447         conf_file = g_strdup_printf("/var/run/connman/connman-xl2tpd.conf");
 448         unlink(conf_file);
 449         g_free(conf_file);
 450
 451         conf_file = g_strdup_printf("/var/run/connman/connman-ppp-option.conf");
 452         unlink(conf_file);
 453         g_free(conf_file);
 454 }
 455
 456 struct request_input_reply {
 457         struct vpn_provider *provider;
 458         vpn_provider_password_cb_t callback;
 459         void *user_data;
 460 };
 461
 462 static void request_input_reply(DBusMessage *reply, void *user_data)
 463 {
 464         struct request_input_reply *l2tp_reply = user_data;
 465         const char *error = NULL;
 466         char *username = NULL, *password = NULL;
 467         char *key;
 468         DBusMessageIter iter, dict;
 469
 470         DBG("provider %p", l2tp_reply->provider);
 471
 472         if (dbus_message_get_type(reply) == DBUS_MESSAGE_TYPE_ERROR) {
 473                 error = dbus_message_get_error_name(reply);
 474                 goto done;
 475         }
 476
 477         if (vpn_agent_check_reply_has_dict(reply) == FALSE)
 478                 goto done;
 479
 480         dbus_message_iter_init(reply, &iter);
 481         dbus_message_iter_recurse(&iter, &dict);
 482         while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
 483                 DBusMessageIter entry, value;
 484                 const char *str;
 485
 486                 dbus_message_iter_recurse(&dict, &entry);
 487                 if (dbus_message_iter_get_arg_type(&entry) != DBUS_TYPE_STRING)
 488                         break;
 489
 490                 dbus_message_iter_get_basic(&entry, &key);
 491
 492                 if (g_str_equal(key, "Username")) {
 493                         dbus_message_iter_next(&entry);
 494                         if (dbus_message_iter_get_arg_type(&entry)
 495                                                         != DBUS_TYPE_VARIANT)
 496                                 break;
 497                         dbus_message_iter_recurse(&entry, &value);
 498                         if (dbus_message_iter_get_arg_type(&value)
 499                                                         != DBUS_TYPE_STRING)
 500                                 break;
 501                         dbus_message_iter_get_basic(&value, &str);
 502                         username = g_strdup(str);
 503                 }
 504
 505                 if (g_str_equal(key, "Password")) {
 506                         dbus_message_iter_next(&entry);
 507                         if (dbus_message_iter_get_arg_type(&entry)
 508                                                         != DBUS_TYPE_VARIANT)
 509                                 break;
 510                         dbus_message_iter_recurse(&entry, &value);
 511                         if (dbus_message_iter_get_arg_type(&value)
 512                                                         != DBUS_TYPE_STRING)
 513                                 break;
 514                         dbus_message_iter_get_basic(&value, &str);
 515                         password = g_strdup(str);
 516                 }
 517
 518                 dbus_message_iter_next(&dict);
 519         }
 520
 521 done:
 522         l2tp_reply->callback(l2tp_reply->provider, username, password, error,
 523                                 l2tp_reply->user_data);
 524
 525         g_free(username);
 526         g_free(password);
 527
 528         g_free(l2tp_reply);
 529 }
 530
 531 typedef void (* request_cb_t)(struct vpn_provider *provider,
 532                                 const char *username, const char *password,
 533                                 const char *error, void *user_data);
 534
 535 static int request_input(struct vpn_provider *provider,
 536                                 request_cb_t callback, void *user_data)
 537 {
 538         DBusMessage *message;
 539         const char *path, *agent_sender, *agent_path;
 540         DBusMessageIter iter;
 541         DBusMessageIter dict;
 542         struct request_input_reply *l2tp_reply;
 543         int err;
 544
 545         connman_agent_get_info(&agent_sender, &agent_path);
 546
 547         if (provider == NULL || agent_path == NULL || callback == NULL)
 548                 return -ESRCH;
 549
 550         message = dbus_message_new_method_call(agent_sender, agent_path,
 551                                         VPN_AGENT_INTERFACE,
 552                                         "RequestInput");
 553         if (message == NULL)
 554                 return -ENOMEM;
 555
 556         dbus_message_iter_init_append(message, &iter);
 557
 558         path = vpn_provider_get_path(provider);
 559         dbus_message_iter_append_basic(&iter,
 560                                 DBUS_TYPE_OBJECT_PATH, &path);
 561
 562         connman_dbus_dict_open(&iter, &dict);
 563
 564         vpn_agent_append_user_info(&dict, provider, "L2TP.User");
 565
 566         vpn_agent_append_host_and_name(&dict, provider);
 567
 568         connman_dbus_dict_close(&iter, &dict);
 569
 570         l2tp_reply = g_try_new0(struct request_input_reply, 1);
 571         if (l2tp_reply == NULL) {
 572                 dbus_message_unref(message);
 573                 return -ENOMEM;
 574         }
 575
 576         l2tp_reply->provider = provider;
 577         l2tp_reply->callback = callback;
 578         l2tp_reply->user_data = user_data;
 579
 580         err = connman_agent_queue_message(provider, message,
 581                         connman_timeout_input_request(),
 582                         request_input_reply, l2tp_reply);
 583         if (err < 0 && err != -EBUSY) {
 584                 DBG("error %d sending agent request", err);
 585                 dbus_message_unref(message);
 586                 g_free(l2tp_reply);
 587                 return err;
 588         }
 589
 590         dbus_message_unref(message);
 591
 592         return -EINPROGRESS;
 593 }
 594
 595 static int run_connect(struct vpn_provider *provider,
 596                         struct connman_task *task, const char *if_name,
 597                         vpn_provider_connect_cb_t cb, void *user_data,
 598                         const char *username, const char *password)
 599 {
 600         char *l2tp_name, *pppd_name;
 601         int l2tp_fd, pppd_fd;
 602         int err;
 603
 604         if (username == NULL || password == NULL) {
 605                 DBG("Cannot connect username %s password %p",
 606                                                 username, password);
 607                 err = -EINVAL;
 608                 goto done;
 609         }
 610
 611         vpn_provider_set_string(provider, "L2TP.User", username);
 612         vpn_provider_set_string(provider, "L2TP.Password", password);
 613
 614         DBG("username %s password %p", username, password);
 615
 616         l2tp_name = g_strdup_printf("/var/run/connman/connman-xl2tpd.conf");
 617
 618         l2tp_fd = open(l2tp_name, O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
 619         if (l2tp_fd < 0) {
 620                 g_free(l2tp_name);
 621                 connman_error("Error writing l2tp config");
 622                 err = -EIO;
 623                 goto done;
 624         }
 625
 626         pppd_name = g_strdup_printf("/var/run/connman/connman-ppp-option.conf");
 627
 628         pppd_fd = open(pppd_name, O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR);
 629         if (pppd_fd < 0) {
 630                 connman_error("Error writing pppd config");
 631                 g_free(l2tp_name);
 632                 g_free(pppd_name);
 633                 close(l2tp_fd);
 634                 err = -EIO;
 635                 goto done;
 636         }
 637
 638         l2tp_write_config(provider, pppd_name, l2tp_fd);
 639
 640         write_pppd_option(provider, pppd_fd);
 641
 642         connman_task_add_argument(task, "-D", NULL);
 643         connman_task_add_argument(task, "-c", l2tp_name);
 644
 645         g_free(l2tp_name);
 646         g_free(pppd_name);
 647
 648         err = connman_task_run(task, l2tp_died, provider,
 649                                 NULL, NULL, NULL);
 650         if (err < 0) {
 651                 connman_error("l2tp failed to start");
 652                 err = -EIO;
 653                 goto done;
 654         }
 655
 656 done:
 657         if (cb != NULL)
 658                 cb(provider, user_data, err);
 659
 660         return err;
 661 }
 662
 663 static void free_private_data(struct l2tp_private_data *data)
 664 {
 665         g_free(data->if_name);
 666         g_free(data);
 667 }
 668
 669 static void request_input_cb(struct vpn_provider *provider,
 670                         const char *username,
 671                         const char *password,
 672                         const char *error, void *user_data)
 673 {
 674         struct l2tp_private_data *data = user_data;
 675
 676         if (username == NULL || password == NULL)
 677                 DBG("Requesting username %s or password failed, error %s",
 678                         username, error);
 679         else if (error != NULL)
 680                 DBG("error %s", error);
 681
 682         run_connect(provider, data->task, data->if_name, data->cb,
 683                 data->user_data, username, password);
 684
 685         free_private_data(data);
 686 }
 687
 688 static int l2tp_connect(struct vpn_provider *provider,
 689                         struct connman_task *task, const char *if_name,
 690                         vpn_provider_connect_cb_t cb, void *user_data)
 691 {
 692         const char *username, *password;
 693         int err;
 694
 695         if (connman_task_set_notify(task, "getsec",
 696                                         l2tp_get_sec, provider) != 0) {
 697                 err = -ENOMEM;
 698                 goto error;
 699         }
 700
 701         username = vpn_provider_get_string(provider, "L2TP.User");
 702         password = vpn_provider_get_string(provider, "L2TP.Password");
 703
 704         DBG("user %s password %p", username, password);
 705
 706         if (username == NULL || password == NULL) {
 707                 struct l2tp_private_data *data;
 708
 709                 data = g_try_new0(struct l2tp_private_data, 1);
 710                 if (data == NULL)
 711                         return -ENOMEM;
 712
 713                 data->task = task;
 714                 data->if_name = g_strdup(if_name);
 715                 data->cb = cb;
 716                 data->user_data = user_data;
 717
 718                 err = request_input(provider, request_input_cb, data);
 719                 if (err != -EINPROGRESS) {
 720                         free_private_data(data);
 721                         goto done;
 722                 }
 723                 return err;
 724         }
 725
 726 done:
 727         return run_connect(provider, task, if_name, cb, user_data,
 728                                                         username, password);
 729
 730 error:
 731         if (cb != NULL)
 732                 cb(provider, user_data, err);
 733
 734         return err;
 735 }
 736
 737 static int l2tp_error_code(int exit_code)
 738 {
 739         switch (exit_code) {
 740         case 1:
 741                 return CONNMAN_PROVIDER_ERROR_CONNECT_FAILED;
 742         default:
 743                 return CONNMAN_PROVIDER_ERROR_UNKNOWN;
 744         }
 745 }
 746
 747 static void l2tp_disconnect(struct vpn_provider *provider)
 748 {
 749         vpn_provider_set_string(provider, "L2TP.Password", NULL);
 750 }
 751
 752 static struct vpn_driver vpn_driver = {
 753         .flags          = VPN_FLAG_NO_TUN,
 754         .notify         = l2tp_notify,
 755         .connect        = l2tp_connect,
 756         .error_code     = l2tp_error_code,
 757         .save           = l2tp_save,
 758         .disconnect     = l2tp_disconnect,
 759 };
 760
 761 static int l2tp_init(void)
 762 {
 763         connection = connman_dbus_get_connection();
 764
 765         return vpn_register("l2tp", &vpn_driver, L2TP);
 766 }
 767
 768 static void l2tp_exit(void)
 769 {
 770         vpn_unregister("l2tp");
 771
 772         dbus_connection_unref(connection);
 773 }
 774
 775 CONNMAN_PLUGIN_DEFINE(l2tp, "l2tp plugin", VERSION,
 776         CONNMAN_PLUGIN_PRIORITY_DEFAULT, l2tp_init, l2tp_exit)