projects / feed / packages.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge pull request #1277 from fededim/master
[feed/packages.git] / net / openconnect / files / openconnect.sh
1 #!/bin/sh
2 . /lib/functions.sh
3 . ../netifd-proto.sh
4 init_proto "$@"
5
6 proto_openconnect_init_config() {
7 proto_config_add_string "server"
8 proto_config_add_int "port"
9 proto_config_add_string "username"
10 proto_config_add_string "serverhash"
11 proto_config_add_string "authgroup"
12 proto_config_add_string "password"
13 proto_config_add_string "token_mode"
14 proto_config_add_string "token_secret"
15 proto_config_add_string "interface"
16 proto_config_add_string "os"
17 proto_config_add_string "csd_wrapper"
18 no_device=1
19 available=1
20 }
21
22 proto_openconnect_setup() {
23 local config="$1"
24
25 json_get_vars server port username serverhash authgroup password interface token_mode token_secret os csd_wrapper
26
27 grep -q tun /proc/modules || insmod tun
28
29 logger -t openconnect "initializing..."
30 serv_addr=
31 for ip in $(resolveip -t 10 "$server"); do
32 ( proto_add_host_dependency "$config" "$ip" $interface )
33 serv_addr=1
34 done
35 [ -n "$serv_addr" ] || {
36 logger -t openconnect "Could not resolve server address: '$server'"
37 sleep 60
38 proto_setup_failed "$config"
39 exit 1
40 }
41
42 [ -n "$port" ] && port=":$port"
43
44 cmdline="$server$port -i vpn-$config --non-inter --syslog --script /lib/netifd/vpnc-script"
45
46 # migrate to standard config files
47 [ -f "/etc/config/openconnect-user-cert-vpn-$config.pem" ] && mv "/etc/config/openconnect-user-cert-vpn-$config.pem" "/etc/openconnect/user-cert-vpn-$config.pem"
48 [ -f "/etc/config/openconnect-user-key-vpn-$config.pem" ] && mv "/etc/config/openconnect-user-key-vpn-$config.pem" "/etc/openconnect/user-key-vpn-$config.pem"
49 [ -f "/etc/config/openconnect-ca-vpn-$config.pem" ] && mv "/etc/config/openconnect-ca-vpn-$config.pem" "/etc/openconnect/ca-vpn-$config.pem"
50
51 [ -f /etc/openconnect/user-cert-vpn-$config.pem ] && append cmdline "-c /etc/openconnect/user-cert-vpn-$config.pem"
52 [ -f /etc/openconnect/user-key-vpn-$config.pem ] && append cmdline "--sslkey /etc/openconnect/user-key-vpn-$config.pem"
53 [ -f /etc/openconnect/ca-vpn-$config.pem ] && {
54 append cmdline "--cafile /etc/openconnect/ca-vpn-$config.pem"
55 append cmdline "--no-system-trust"
56 }
57 [ -n "$serverhash" ] && {
58 append cmdline " --servercert=$serverhash"
59 append cmdline "--no-system-trust"
60 }
61 [ -n "$authgroup" ] && append cmdline "--authgroup $authgroup"
62 [ -n "$username" ] && append cmdline "-u $username"
63 [ -n "$password" ] && {
64 umask 077
65 mkdir -p /var/etc
66 pwfile="/var/etc/openconnect-$config.passwd"
67 echo "$password" > "$pwfile"
68 append cmdline "--passwd-on-stdin"
69 }
70
71 [ -n "$token_mode" ] && append cmdline "--token-mode=$token_mode"
72 [ -n "$token_secret" ] && append cmdline "--token-secret=$token_secret"
73 [ -n "$os" ] && append cmdline "--os=$os"
74 [ -n "$csd_wrapper" ] && [ -x "$csd_wrapper" ] && append cmdline "--csd-wrapper=$csd_wrapper"
75
76 proto_export INTERFACE="$config"
77 logger -t openconnect "executing 'openconnect $cmdline'"
78
79 if [ -f "$pwfile" ]; then
80 proto_run_command "$config" /usr/sbin/openconnect-wrapper $pwfile $cmdline
81 else
82 proto_run_command "$config" /usr/sbin/openconnect $cmdline
83 fi
84 }
85
86 proto_openconnect_teardown() {
87 local config="$1"
88
89 pwfile="/var/etc/openconnect-$config.passwd"
90
91 rm -f $pwfile
92 logger -t openconnect "bringing down openconnect"
93 proto_kill_command "$config" 2
94 }
95
96 add_protocol openconnect
Mirror of packages feed