proto_config_add_string "serverhash"
proto_config_add_string "authgroup"
proto_config_add_string "password"
+ proto_config_add_string "password2"
+ proto_config_add_string "token_mode"
+ proto_config_add_string "token_secret"
+ proto_config_add_string "interface"
+ proto_config_add_string "os"
+ proto_config_add_string "csd_wrapper"
no_device=1
available=1
}
proto_openconnect_setup() {
local config="$1"
- json_get_vars server port username serverhash authgroup password vgroup token_mode token_secret
+ json_get_vars server port username serverhash authgroup password password2 interface token_mode token_secret os csd_wrapper
grep -q tun /proc/modules || insmod tun
logger -t openconnect "initializing..."
serv_addr=
for ip in $(resolveip -t 10 "$server"); do
- ( proto_add_host_dependency "$config" "$ip" )
+ ( proto_add_host_dependency "$config" "$ip" $interface )
serv_addr=1
done
[ -n "$serv_addr" ] || {
cmdline="$server$port -i vpn-$config --non-inter --syslog --script /lib/netifd/vpnc-script"
+ # migrate to standard config files
+ [ -f "/etc/config/openconnect-user-cert-vpn-$config.pem" ] && mv "/etc/config/openconnect-user-cert-vpn-$config.pem" "/etc/openconnect/user-cert-vpn-$config.pem"
+ [ -f "/etc/config/openconnect-user-key-vpn-$config.pem" ] && mv "/etc/config/openconnect-user-key-vpn-$config.pem" "/etc/openconnect/user-key-vpn-$config.pem"
+ [ -f "/etc/config/openconnect-ca-vpn-$config.pem" ] && mv "/etc/config/openconnect-ca-vpn-$config.pem" "/etc/openconnect/ca-vpn-$config.pem"
+
[ -f /etc/openconnect/user-cert-vpn-$config.pem ] && append cmdline "-c /etc/openconnect/user-cert-vpn-$config.pem"
[ -f /etc/openconnect/user-key-vpn-$config.pem ] && append cmdline "--sslkey /etc/openconnect/user-key-vpn-$config.pem"
[ -f /etc/openconnect/ca-vpn-$config.pem ] && {
[ -n "$username" ] && append cmdline "-u $username"
[ -n "$password" ] && {
umask 077
- pwfile="/var/run/openconnect-$config.passwd"
+ mkdir -p /var/etc
+ pwfile="/var/etc/openconnect-$config.passwd"
echo "$password" > "$pwfile"
+ [ -n "$password2" ] && echo "$password2" >> "$pwfile"
append cmdline "--passwd-on-stdin"
}
[ -n "$token_mode" ] && append cmdline "--token-mode=$token_mode"
[ -n "$token_secret" ] && append cmdline "--token-secret=$token_secret"
+ [ -n "$os" ] && append cmdline "--os=$os"
+ [ -n "$csd_wrapper" ] && [ -x "$csd_wrapper" ] && append cmdline "--csd-wrapper=$csd_wrapper"
proto_export INTERFACE="$config"
logger -t openconnect "executing 'openconnect $cmdline'"
proto_openconnect_teardown() {
local config="$1"
- pwfile="/var/run/openconnect-$config.passwd"
+ pwfile="/var/etc/openconnect-$config.passwd"
rm -f $pwfile
logger -t openconnect "bringing down openconnect"