5 * Copyright (C) 2007-2012 Intel Corporation. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
34 #define CONNMAN_API_SUBJECT_TO_CHANGE
35 #include <connman/plugin.h>
36 #include <connman/log.h>
37 #include <connman/task.h>
38 #include <connman/ipconfig.h>
40 #include "../vpn-provider.h"
44 static int oc_notify(DBusMessage *msg, struct vpn_provider *provider)
46 DBusMessageIter iter, dict;
47 const char *reason, *key, *value;
48 const char *domain = NULL;
49 char *addressv4 = NULL, *addressv6 = NULL;
50 char *netmask = NULL, *gateway = NULL;
51 unsigned char prefix_len = 0;
52 struct connman_ipaddress *ipaddress;
54 dbus_message_iter_init(msg, &iter);
56 dbus_message_iter_get_basic(&iter, &reason);
57 dbus_message_iter_next(&iter);
60 connman_error("No provider found");
61 return VPN_STATE_FAILURE;
64 if (strcmp(reason, "connect"))
65 return VPN_STATE_DISCONNECT;
67 domain = vpn_provider_get_string(provider, "VPN.Domain");
69 dbus_message_iter_recurse(&iter, &dict);
71 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
72 DBusMessageIter entry;
74 dbus_message_iter_recurse(&dict, &entry);
75 dbus_message_iter_get_basic(&entry, &key);
76 dbus_message_iter_next(&entry);
77 dbus_message_iter_get_basic(&entry, &value);
79 if (strcmp(key, "CISCO_CSTP_OPTIONS"))
80 DBG("%s = %s", key, value);
82 if (!strcmp(key, "VPNGATEWAY"))
83 gateway = g_strdup(value);
85 if (!strcmp(key, "INTERNAL_IP4_ADDRESS"))
86 addressv4 = g_strdup(value);
88 if (!strcmp(key, "INTERNAL_IP6_ADDRESS")) {
89 addressv6 = g_strdup(value);
93 if (!strcmp(key, "INTERNAL_IP4_NETMASK"))
94 netmask = g_strdup(value);
96 if (!strcmp(key, "INTERNAL_IP6_NETMASK")) {
99 /* The netmask contains the address and the prefix */
100 sep = strchr(value, '/');
102 unsigned char ip_len = sep - value;
104 addressv6 = g_strndup(value, ip_len);
105 prefix_len = (unsigned char)
106 strtol(sep + 1, NULL, 10);
110 if (!strcmp(key, "INTERNAL_IP4_DNS") ||
111 !strcmp(key, "INTERNAL_IP6_DNS"))
112 vpn_provider_set_nameservers(provider, value);
114 if (!strcmp(key, "CISCO_PROXY_PAC"))
115 vpn_provider_set_pac(provider, value);
117 if (domain == NULL && !strcmp(key, "CISCO_DEF_DOMAIN"))
120 if (g_str_has_prefix(key, "CISCO_SPLIT_INC") == TRUE ||
121 g_str_has_prefix(key, "CISCO_IPV6_SPLIT_INC") == TRUE)
122 vpn_provider_append_route(provider, key, value);
124 dbus_message_iter_next(&dict);
127 DBG("%p %p", addressv4, addressv6);
129 if (addressv4 != NULL)
130 ipaddress = connman_ipaddress_alloc(AF_INET);
131 else if (addressv6 != NULL)
132 ipaddress = connman_ipaddress_alloc(AF_INET6);
136 if (ipaddress == NULL) {
142 return VPN_STATE_FAILURE;
145 if (addressv4 != NULL)
146 connman_ipaddress_set_ipv4(ipaddress, addressv4,
149 connman_ipaddress_set_ipv6(ipaddress, addressv6,
150 prefix_len, gateway);
151 vpn_provider_set_ipaddress(provider, ipaddress);
152 vpn_provider_set_domain(provider, domain);
158 connman_ipaddress_free(ipaddress);
160 return VPN_STATE_CONNECT;
163 static int oc_connect(struct vpn_provider *provider,
164 struct connman_task *task, const char *if_name)
166 const char *vpnhost, *vpncookie, *cafile, *certsha1, *mtu;
169 vpnhost = vpn_provider_get_string(provider, "Host");
171 connman_error("Host not set; cannot enable VPN");
175 vpncookie = vpn_provider_get_string(provider, "OpenConnect.Cookie");
177 connman_error("OpenConnect.Cookie not set; cannot enable VPN");
181 certsha1 = vpn_provider_get_string(provider,
182 "OpenConnect.ServerCert");
184 connman_task_add_argument(task, "--servercert",
187 cafile = vpn_provider_get_string(provider, "OpenConnect.CACert");
188 mtu = vpn_provider_get_string(provider, "VPN.MTU");
191 connman_task_add_argument(task, "--cafile",
194 connman_task_add_argument(task, "--mtu", (char *)mtu);
196 connman_task_add_argument(task, "--syslog", NULL);
197 connman_task_add_argument(task, "--cookie-on-stdin", NULL);
199 connman_task_add_argument(task, "--script",
200 SCRIPTDIR "/openconnect-script");
202 connman_task_add_argument(task, "--interface", if_name);
204 connman_task_add_argument(task, (char *)vpnhost, NULL);
206 err = connman_task_run(task, vpn_died, provider,
209 connman_error("openconnect failed to start");
213 if (write(fd, vpncookie, strlen(vpncookie)) !=
214 (ssize_t)strlen(vpncookie) ||
215 write(fd, "\n", 1) != 1) {
216 connman_error("openconnect failed to take cookie on stdin");
223 static int oc_save(struct vpn_provider *provider, GKeyFile *keyfile)
227 setting = vpn_provider_get_string(provider,
228 "OpenConnect.ServerCert");
230 g_key_file_set_string(keyfile,
231 vpn_provider_get_save_group(provider),
232 "OpenConnect.ServerCert", setting);
234 setting = vpn_provider_get_string(provider,
235 "OpenConnect.CACert");
237 g_key_file_set_string(keyfile,
238 vpn_provider_get_save_group(provider),
239 "OpenConnect.CACert", setting);
241 setting = vpn_provider_get_string(provider,
244 g_key_file_set_string(keyfile,
245 vpn_provider_get_save_group(provider),
251 static int oc_error_code(int exit_code)
256 return VPN_PROVIDER_ERROR_CONNECT_FAILED;
258 return VPN_PROVIDER_ERROR_LOGIN_FAILED;
260 return VPN_PROVIDER_ERROR_UNKNOWN;
264 static struct vpn_driver vpn_driver = {
266 .connect = oc_connect,
267 .error_code = oc_error_code,
271 static int openconnect_init(void)
273 return vpn_register("openconnect", &vpn_driver, OPENCONNECT);
276 static void openconnect_exit(void)
278 vpn_unregister("openconnect");
281 CONNMAN_PLUGIN_DEFINE(openconnect, "OpenConnect VPN plugin", VERSION,
282 CONNMAN_PLUGIN_PRIORITY_DEFAULT, openconnect_init, openconnect_exit)