5 * Copyright (C) 2007-2013 Intel Corporation. All rights reserved.
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
34 #define CONNMAN_API_SUBJECT_TO_CHANGE
35 #include <connman/plugin.h>
36 #include <connman/log.h>
37 #include <connman/task.h>
38 #include <connman/ipconfig.h>
39 #include <connman/dbus.h>
40 #include <connman/agent.h>
41 #include <connman/setting.h>
42 #include <connman/vpn-dbus.h>
44 #include "../vpn-provider.h"
45 #include "../vpn-agent.h"
49 #define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0]))
56 { "OpenConnect.NoCertCheck", "--no-cert-check", 0 },
59 struct oc_private_data {
60 struct vpn_provider *provider;
61 struct connman_task *task;
63 vpn_provider_connect_cb_t cb;
67 static void free_private_data(struct oc_private_data *data)
69 g_free(data->if_name);
73 static int task_append_config_data(struct vpn_provider *provider,
74 struct connman_task *task)
79 for (i = 0; i < (int)ARRAY_SIZE(oc_options); i++) {
80 if (!oc_options[i].oc_opt)
83 option = vpn_provider_get_string(provider,
84 oc_options[i].cm_opt);
88 if (connman_task_add_argument(task,
90 oc_options[i].has_value ? option : NULL) < 0)
97 static int oc_notify(DBusMessage *msg, struct vpn_provider *provider)
99 DBusMessageIter iter, dict;
100 const char *reason, *key, *value;
102 char *addressv4 = NULL, *addressv6 = NULL;
103 char *netmask = NULL, *gateway = NULL;
104 unsigned char prefix_len = 0;
105 struct connman_ipaddress *ipaddress;
107 dbus_message_iter_init(msg, &iter);
109 dbus_message_iter_get_basic(&iter, &reason);
110 dbus_message_iter_next(&iter);
113 connman_error("No provider found");
114 return VPN_STATE_FAILURE;
117 if (strcmp(reason, "connect"))
118 return VPN_STATE_DISCONNECT;
120 domain = g_strdup(vpn_provider_get_string(provider, "VPN.Domain"));
122 dbus_message_iter_recurse(&iter, &dict);
124 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
125 DBusMessageIter entry;
127 dbus_message_iter_recurse(&dict, &entry);
128 dbus_message_iter_get_basic(&entry, &key);
129 dbus_message_iter_next(&entry);
130 dbus_message_iter_get_basic(&entry, &value);
132 if (strcmp(key, "CISCO_CSTP_OPTIONS"))
133 DBG("%s = %s", key, value);
135 if (!strcmp(key, "VPNGATEWAY"))
136 gateway = g_strdup(value);
138 if (!strcmp(key, "INTERNAL_IP4_ADDRESS"))
139 addressv4 = g_strdup(value);
141 if (!strcmp(key, "INTERNAL_IP6_ADDRESS")) {
142 addressv6 = g_strdup(value);
146 if (!strcmp(key, "INTERNAL_IP4_NETMASK"))
147 netmask = g_strdup(value);
149 if (!strcmp(key, "INTERNAL_IP6_NETMASK")) {
152 /* The netmask contains the address and the prefix */
153 sep = strchr(value, '/');
155 unsigned char ip_len = sep - value;
157 addressv6 = g_strndup(value, ip_len);
158 prefix_len = (unsigned char)
159 strtol(sep + 1, NULL, 10);
163 if (!strcmp(key, "INTERNAL_IP4_DNS") ||
164 !strcmp(key, "INTERNAL_IP6_DNS"))
165 vpn_provider_set_nameservers(provider, value);
167 if (!strcmp(key, "CISCO_PROXY_PAC"))
168 vpn_provider_set_pac(provider, value);
170 if (!domain && !strcmp(key, "CISCO_DEF_DOMAIN")) {
172 domain = g_strdup(value);
175 if (g_str_has_prefix(key, "CISCO_SPLIT_INC") ||
176 g_str_has_prefix(key, "CISCO_IPV6_SPLIT_INC"))
177 vpn_provider_append_route(provider, key, value);
179 dbus_message_iter_next(&dict);
182 DBG("%p %p", addressv4, addressv6);
185 ipaddress = connman_ipaddress_alloc(AF_INET);
187 ipaddress = connman_ipaddress_alloc(AF_INET6);
198 return VPN_STATE_FAILURE;
202 connman_ipaddress_set_ipv4(ipaddress, addressv4,
205 connman_ipaddress_set_ipv6(ipaddress, addressv6,
206 prefix_len, gateway);
207 vpn_provider_set_ipaddress(provider, ipaddress);
208 vpn_provider_set_domain(provider, domain);
215 connman_ipaddress_free(ipaddress);
217 return VPN_STATE_CONNECT;
220 static int run_connect(struct vpn_provider *provider,
221 struct connman_task *task, const char *if_name,
222 vpn_provider_connect_cb_t cb, void *user_data)
224 const char *vpnhost, *vpncookie, *servercert, *mtu;
225 int fd, err = 0, len;
227 vpnhost = vpn_provider_get_string(provider, "OpenConnect.VPNHost");
229 vpnhost = vpn_provider_get_string(provider, "Host");
230 vpncookie = vpn_provider_get_string(provider, "OpenConnect.Cookie");
231 servercert = vpn_provider_get_string(provider,
232 "OpenConnect.ServerCert");
234 if (!vpncookie || !servercert) {
239 task_append_config_data(provider, task);
241 connman_task_add_argument(task, "--servercert", servercert);
243 mtu = vpn_provider_get_string(provider, "VPN.MTU");
246 connman_task_add_argument(task, "--mtu", (char *)mtu);
248 connman_task_add_argument(task, "--syslog", NULL);
249 connman_task_add_argument(task, "--cookie-on-stdin", NULL);
251 connman_task_add_argument(task, "--script",
252 SCRIPTDIR "/openconnect-script");
254 connman_task_add_argument(task, "--interface", if_name);
256 connman_task_add_argument(task, (char *)vpnhost, NULL);
258 err = connman_task_run(task, vpn_died, provider,
261 connman_error("openconnect failed to start");
266 len = strlen(vpncookie);
267 if (write(fd, vpncookie, len) != (ssize_t)len ||
268 write(fd, "\n", 1) != 1) {
269 connman_error("openconnect failed to take cookie on stdin");
276 cb(provider, user_data, err);
281 static void request_input_append_informational(DBusMessageIter *iter,
287 connman_dbus_dict_append_basic(iter, "Type", DBUS_TYPE_STRING, &str);
289 str = "informational";
290 connman_dbus_dict_append_basic(iter, "Requirement", DBUS_TYPE_STRING,
294 connman_dbus_dict_append_basic(iter, "Value", DBUS_TYPE_STRING, &str);
297 static void request_input_append_mandatory(DBusMessageIter *iter,
300 char *str = "string";
302 connman_dbus_dict_append_basic(iter, "Type",
303 DBUS_TYPE_STRING, &str);
305 connman_dbus_dict_append_basic(iter, "Requirement",
306 DBUS_TYPE_STRING, &str);
309 static void request_input_cookie_reply(DBusMessage *reply, void *user_data)
311 struct oc_private_data *data = user_data;
312 char *cookie = NULL, *servercert = NULL, *vpnhost = NULL;
314 DBusMessageIter iter, dict;
316 DBG("provider %p", data->provider);
318 if (dbus_message_get_type(reply) == DBUS_MESSAGE_TYPE_ERROR)
321 if (!vpn_agent_check_reply_has_dict(reply))
324 dbus_message_iter_init(reply, &iter);
325 dbus_message_iter_recurse(&iter, &dict);
326 while (dbus_message_iter_get_arg_type(&dict) == DBUS_TYPE_DICT_ENTRY) {
327 DBusMessageIter entry, value;
329 dbus_message_iter_recurse(&dict, &entry);
330 if (dbus_message_iter_get_arg_type(&entry) != DBUS_TYPE_STRING)
333 dbus_message_iter_get_basic(&entry, &key);
335 if (g_str_equal(key, "OpenConnect.Cookie")) {
336 dbus_message_iter_next(&entry);
337 if (dbus_message_iter_get_arg_type(&entry)
338 != DBUS_TYPE_VARIANT)
340 dbus_message_iter_recurse(&entry, &value);
341 if (dbus_message_iter_get_arg_type(&value)
344 dbus_message_iter_get_basic(&value, &cookie);
345 vpn_provider_set_string_hide_value(data->provider,
348 } else if (g_str_equal(key, "OpenConnect.ServerCert")) {
349 dbus_message_iter_next(&entry);
350 if (dbus_message_iter_get_arg_type(&entry)
351 != DBUS_TYPE_VARIANT)
353 dbus_message_iter_recurse(&entry, &value);
354 if (dbus_message_iter_get_arg_type(&value)
357 dbus_message_iter_get_basic(&value, &servercert);
358 vpn_provider_set_string(data->provider, key,
361 } else if (g_str_equal(key, "OpenConnect.VPNHost")) {
362 dbus_message_iter_next(&entry);
363 if (dbus_message_iter_get_arg_type(&entry)
364 != DBUS_TYPE_VARIANT)
366 dbus_message_iter_recurse(&entry, &value);
367 if (dbus_message_iter_get_arg_type(&value)
370 dbus_message_iter_get_basic(&value, &vpnhost);
371 vpn_provider_set_string(data->provider, key, vpnhost);
374 dbus_message_iter_next(&dict);
377 if (!cookie || !servercert || !vpnhost)
380 run_connect(data->provider, data->task, data->if_name, data->cb,
383 free_private_data(data);
388 vpn_provider_indicate_error(data->provider,
389 VPN_PROVIDER_ERROR_AUTH_FAILED);
391 free_private_data(data);
394 static int request_cookie_input(struct vpn_provider *provider,
395 struct oc_private_data *data,
396 const char *dbus_sender)
398 DBusMessage *message;
399 const char *path, *agent_sender, *agent_path;
400 DBusMessageIter iter;
401 DBusMessageIter dict;
406 agent = connman_agent_get_info(dbus_sender, &agent_sender,
408 if (!provider || !agent || !agent_path)
411 message = dbus_message_new_method_call(agent_sender, agent_path,
417 dbus_message_iter_init_append(message, &iter);
419 path = vpn_provider_get_path(provider);
420 dbus_message_iter_append_basic(&iter,
421 DBUS_TYPE_OBJECT_PATH, &path);
423 connman_dbus_dict_open(&iter, &dict);
425 str = vpn_provider_get_string(provider, "OpenConnect.CACert");
427 connman_dbus_dict_append_dict(&dict, "OpenConnect.CACert",
428 request_input_append_informational,
431 str = vpn_provider_get_string(provider, "OpenConnect.ClientCert");
433 connman_dbus_dict_append_dict(&dict, "OpenConnect.ClientCert",
434 request_input_append_informational,
437 connman_dbus_dict_append_dict(&dict, "OpenConnect.ServerCert",
438 request_input_append_mandatory, NULL);
440 connman_dbus_dict_append_dict(&dict, "OpenConnect.VPNHost",
441 request_input_append_mandatory, NULL);
443 connman_dbus_dict_append_dict(&dict, "OpenConnect.Cookie",
444 request_input_append_mandatory, NULL);
446 vpn_agent_append_host_and_name(&dict, provider);
448 connman_dbus_dict_close(&iter, &dict);
450 err = connman_agent_queue_message(provider, message,
451 connman_timeout_input_request(),
452 request_input_cookie_reply, data, agent);
454 if (err < 0 && err != -EBUSY) {
455 DBG("error %d sending agent request", err);
456 dbus_message_unref(message);
461 dbus_message_unref(message);
466 static int oc_connect(struct vpn_provider *provider,
467 struct connman_task *task, const char *if_name,
468 vpn_provider_connect_cb_t cb,
469 const char *dbus_sender, void *user_data)
471 const char *vpnhost, *vpncookie, *servercert;
474 vpnhost = vpn_provider_get_string(provider, "Host");
476 connman_error("Host not set; cannot enable VPN");
480 vpncookie = vpn_provider_get_string(provider, "OpenConnect.Cookie");
481 servercert = vpn_provider_get_string(provider,
482 "OpenConnect.ServerCert");
483 if (!vpncookie || !servercert) {
484 struct oc_private_data *data;
486 data = g_try_new0(struct oc_private_data, 1);
490 data->provider = provider;
492 data->if_name = g_strdup(if_name);
494 data->user_data = user_data;
496 err = request_cookie_input(provider, data, dbus_sender);
497 if (err != -EINPROGRESS) {
498 vpn_provider_indicate_error(data->provider,
499 VPN_PROVIDER_ERROR_LOGIN_FAILED);
500 free_private_data(data);
505 return run_connect(provider, task, if_name, cb, user_data);
508 static int oc_save(struct vpn_provider *provider, GKeyFile *keyfile)
510 const char *setting, *option;
513 setting = vpn_provider_get_string(provider,
514 "OpenConnect.ServerCert");
516 g_key_file_set_string(keyfile,
517 vpn_provider_get_save_group(provider),
518 "OpenConnect.ServerCert", setting);
520 setting = vpn_provider_get_string(provider,
521 "OpenConnect.CACert");
523 g_key_file_set_string(keyfile,
524 vpn_provider_get_save_group(provider),
525 "OpenConnect.CACert", setting);
527 setting = vpn_provider_get_string(provider,
530 g_key_file_set_string(keyfile,
531 vpn_provider_get_save_group(provider),
534 for (i = 0; i < (int)ARRAY_SIZE(oc_options); i++) {
535 if (strncmp(oc_options[i].cm_opt, "OpenConnect.", 12) == 0) {
536 option = vpn_provider_get_string(provider,
537 oc_options[i].cm_opt);
541 g_key_file_set_string(keyfile,
542 vpn_provider_get_save_group(provider),
543 oc_options[i].cm_opt, option);
550 static int oc_error_code(struct vpn_provider *provider, int exit_code)
556 vpn_provider_set_string_hide_value(provider,
557 "OpenConnect.Cookie", NULL);
558 return VPN_PROVIDER_ERROR_LOGIN_FAILED;
560 return VPN_PROVIDER_ERROR_UNKNOWN;
564 static struct vpn_driver vpn_driver = {
566 .connect = oc_connect,
567 .error_code = oc_error_code,
571 static int openconnect_init(void)
573 return vpn_register("openconnect", &vpn_driver, OPENCONNECT);
576 static void openconnect_exit(void)
578 vpn_unregister("openconnect");
581 CONNMAN_PLUGIN_DEFINE(openconnect, "OpenConnect VPN plugin", VERSION,
582 CONNMAN_PLUGIN_PRIORITY_DEFAULT, openconnect_init, openconnect_exit)
projects / platform / upstream / connman.git / blob