projects / project / luci.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
protocols: add client side protocol handler implementations
[project/luci.git] / protocols / luci-proto-openconnect / htdocs / luci-static / resources / protocol / openconnect.js
1 'use strict';
2 'require rpc';
3 'require form';
4 'require network';
5
6 var callGetCertificateFiles = rpc.declare({
7 object: 'luci.openconnect',
8 method: 'getCertificates',
9 params: [ 'interface' ],
10 expect: { '': {} }
11 });
12
13 var callSetCertificateFiles = rpc.declare({
14 object: 'luci.openconnect',
15 method: 'setCertificates',
16 params: [ 'interface', 'user_certificate', 'user_privatekey', 'ca_certificate' ],
17 expect: { '': {} }
18 });
19
20 network.registerPatternVirtual(/^vpn-.+$/);
21
22 function sanitizeCert(s) {
23 if (typeof(s) != 'string')
24 return null;
25
26 s = s.trim();
27
28 if (s == '')
29 return null;
30
31 s = s.replace(/\r\n?/g, '\n');
32
33 if (!s.match(/\n$/))
34 s += '\n';
35
36 return s;
37 }
38
39 function validateCert(priv, section_id, value) {
40 var beg = priv ? /^-----BEGIN RSA PRIVATE KEY-----$/ : /^-----BEGIN CERTIFICATE-----$/,
41 end = priv ? /^-----END RSA PRIVATE KEY-----$/ : /^-----END CERTIFICATE-----$/,
42 lines = value.trim().split(/[\r\n]/),
43 start = false,
44 i;
45
46 for (i = 0; i < lines.length; i++) {
47 if (lines[i].match(beg))
48 start = true;
49 else if (start && !lines[i].match(/^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/))
50 break;
51 }
52
53 if (!start || i < lines.length - 1 || !lines[i].match(end))
54 return _('This does not look like a valid PEM file');
55
56 return true;
57 }
58
59 return network.registerProtocol('openconnect', {
60 getI18n: function() {
61 return _('OpenConnect (CISCO AnyConnect)');
62 },
63
64 getIfname: function() {
65 return this._ubus('l3_device') || 'vpn-%s'.format(this.sid);
66 },
67
68 getOpkgPackage: function() {
69 return 'openconnect';
70 },
71
72 isFloating: function() {
73 return true;
74 },
75
76 isVirtual: function() {
77 return true;
78 },
79
80 getDevices: function() {
81 return null;
82 },
83
84 containsDevice: function(ifname) {
85 return (network.getIfnameOf(ifname) == this.getIfname());
86 },
87
88 renderFormOptions: function(s) {
89 var dev = this.getDevice().getName(),
90 certLoadPromise = null,
91 o;
92
93 o = s.taboption('general', form.Value, 'server', _('VPN Server'));
94 o.datatype = 'host(0)';
95
96 o = s.taboption('general', form.Value, 'port', _('VPN Server port'));
97 o.placeholder = '443';
98 o.datatype = 'port';
99
100 s.taboption('general', form.Value, 'serverhash', _("VPN Server's certificate SHA1 hash"));
101 s.taboption('general', form.Value, 'authgroup', _('Auth Group'));
102 s.taboption("general", form.Value, "username", _("Username"));
103
104 o = s.taboption('general', form.Value, 'password', _('Password'));
105 o.password = true;
106
107 o = s.taboption('general', form.Value, 'password2', _('Password2'));
108 o.password = true;
109
110 o = s.taboption('general', form.TextValue, 'usercert', _('User certificate (PEM encoded)'));
111 o.rows = 10;
112 o.monospace = true;
113 o.validate = L.bind(validateCert, o, false);
114 o.load = function(section_id) {
115 certLoadPromise = certLoadPromise || callGetCertificateFiles(section_id);
116 return certLoadPromise.then(function(certs) { return certs.user_certificate });
117 };
118 o.write = function(section_id, value) {
119 return callSetCertificateFiles(section_id, sanitizeCert(value), null, null);
120 };
121
122 o = s.taboption('general', form.TextValue, 'userkey', _('User key (PEM encoded)'));
123 o.rows = 10;
124 o.monospace = true;
125 o.validate = L.bind(validateCert, o, true);
126 o.load = function(section_id) {
127 certLoadPromise = certLoadPromise || callGetCertificateFiles(section_id);
128 return certLoadPromise.then(function(certs) { return certs.user_privatekey });
129 };
130 o.write = function(section_id, value) {
131 return callSetCertificateFiles(section_id, null, sanitizeCert(value), null);
132 };
133
134 o = s.taboption('general', form.TextValue, 'ca', _('CA certificate; if empty it will be saved after the first connection.'));
135 o.rows = 10;
136 o.monospace = true;
137 o.validate = L.bind(validateCert, o, false);
138 o.load = function(section_id) {
139 certLoadPromise = certLoadPromise || callGetCertificateFiles(section_id);
140 return certLoadPromise.then(function(certs) { return certs.ca_certificate });
141 };
142 o.write = function(section_id, value) {
143 return callSetCertificateFiles(section_id, null, null, sanitizeCert(value));
144 };
145
146 o = s.taboption('advanced', form.Flag, 'defaultroute', _('Default gateway'), _('If unchecked, no default route is configured'));
147 o.default = o.enabled;
148
149 o = s.taboption('advanced', form.Value, 'metric', _('Use gateway metric'));
150 o.placeholder = '0';
151 o.datatype = 'uinteger';
152 o.depends('defaultroute', '1');
153
154 o = s.taboption('advanced', form.Value, 'mtu', _('Override MTU'));
155 o.optional = true;
156 o.placeholder = 1406;
157 o.datatype = 'range(68, 9200)';
158 }
159 });
Lua Configuration Interface (mirror)