Added luci configuration for openconnect protocol

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
2014-10-11 23:17:56 +02:00 · 2014-10-11 23:17:56 +02:00 · 8df4e5d219
commit 8df4e5d219
parent a531a7d16e
3 changed files with 140 additions and 0 deletions
--- a/contrib/package/luci/Makefile
+++ b/contrib/package/luci/Makefile
@ -193,6 +193,7 @@ $(eval $(call protocol,ppp,Support for PPP/PPPoE/PPPoA/PPtP))
 $(eval $(call protocol,ipv6,Support for DHCPv6/6in4/6to4/6rd/DS-Lite))
 $(eval $(call protocol,3g,Support for 3G,+PACKAGE_luci-proto-3g:comgt))
 $(eval $(call protocol,relay,Support for relayd pseudo bridges,+PACKAGE_luci-proto-relay:relayd))
+$(eval $(call protocol,openconnect,Support for OpenConnect VPN,+openconnect))

 ### Modules ###
 define module
--- a/protocols/openconnect/luasrc/model/cbi/admin_network/proto_openconnect.lua
+++ b/protocols/openconnect/luasrc/model/cbi/admin_network/proto_openconnect.lua
@ -0,0 +1,78 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2014 Nikos Mavrogiannopoulos <nmav@gnutls.org>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+]]--
+
+local map, section, net = ...
+
+local server, username, password, cert, ca
+local oc_cert_file, oc_key_file, oc_ca_file
+
+local ifc = net:get_interface():name()
+
+oc_cert_file = "/etc/openconnect/user-cert-" .. ifc .. ".pem"
+oc_key_file = "/etc/openconnect/user-key-" .. ifc .. ".pem"
+oc_ca_file = "/etc/openconnect/ca-" .. ifc .. ".pem"
+
+server = section:taboption("general", Value, "server", translate("VPN Server"))
+server.datatype = "host"
+
+port = section:taboption("general", Value, "port", translate("VPN Server port"))
+port.placeholder = "443"
+port.datatype    = "port"
+
+section:taboption("general", Value, "serverhash", translate("VPN Server's certificate SHA1 hash"))
+
+section:taboption("general", Value, "authgroup", translate("AuthGroup"))
+
+username = section:taboption("general", Value, "username", translate("Username"))
+password = section:taboption("general", Value, "password", translate("Password"))
+password.password = true
+
+
+cert = section:taboption("advanced", Value, "usercert", translate("User certificate (PEM encoded)"))
+cert.template = "cbi/tvalue"
+cert.rows = 10
+
+function cert.cfgvalue(self, section)
+	return nixio.fs.readfile(oc_cert_file)
+end
+
+function cert.write(self, section, value)
+	value = value:gsub("\r\n?", "\n")
+	nixio.fs.writefile(oc_cert_file, value)
+end
+
+cert = section:taboption("advanced", Value, "userkey", translate("User key (PEM encoded)"))
+cert.template = "cbi/tvalue"
+cert.rows = 10
+
+function cert.cfgvalue(self, section)
+	return nixio.fs.readfile(oc_key_file)
+end
+
+function cert.write(self, section, value)
+	value = value:gsub("\r\n?", "\n")
+	nixio.fs.writefile(oc_key_file, value)
+end
+
+
+ca = section:taboption("advanced", Value, "ca", translate("CA certificate; if empty it will be saved after the first connection."))
+ca.template = "cbi/tvalue"
+ca.rows = 10
+
+function ca.cfgvalue(self, section)
+	return nixio.fs.readfile(oc_ca_file)
+end
+
+function ca.write(self, section, value)
+	value = value:gsub("\r\n?", "\n")
+	nixio.fs.writefile(oc_ca_file, value)
+end
--- a/protocols/openconnect/luasrc/model/network/proto_openconnect.lua
+++ b/protocols/openconnect/luasrc/model/network/proto_openconnect.lua
@ -0,0 +1,61 @@
+--[[
+LuCI - Network model - openconnect protocol extension
+
+Copyright 2012 David Woodhouse
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+]]--
+
+local netmod = luci.model.network
+local interface = luci.model.network.interface
+local proto = netmod:register_protocol("openconnect")
+
+function proto.get_i18n(self)
+	return luci.i18n.translate("OpenConnect (CISCO AnyConnect)")
+end
+
+function proto.ifname(self)
+	return "vpn-" .. self.sid
+end
+
+function proto.get_interface(self)
+	return interface(self:ifname(), self)
+end
+
+function proto.opkg_package(self)
+	return "openconnect"
+end
+
+function proto.is_installed(self)
+	return nixio.fs.access("/lib/netifd/proto/openconnect.sh")
+end
+
+function proto.is_floating(self)
+	return true
+end
+
+function proto.is_virtual(self)
+	return true
+end
+
+function proto.get_interfaces(self)
+	return nil
+end
+
+function proto.contains_interface(self, ifc)
+	 return (netmod:ifnameof(ifc) == self:ifname())
+
+end
+
+netmod:register_pattern_virtual("^vpn-%w")