6 var callGetCertificateFiles
= rpc
.declare({
7 object
: 'luci.openconnect',
8 method
: 'getCertificates',
9 params
: [ 'interface' ],
13 var callSetCertificateFiles
= rpc
.declare({
14 object
: 'luci.openconnect',
15 method
: 'setCertificates',
16 params
: [ 'interface', 'user_certificate', 'user_privatekey', 'ca_certificate' ],
20 network
.registerPatternVirtual(/^vpn-.+$/);
22 function sanitizeCert(s
) {
23 if (typeof(s
) != 'string')
31 s
= s
.replace(/\r\n?/g, '\n');
39 function validateCert(priv
, section_id
, value
) {
40 var beg
= priv
? /^-----BEGIN RSA PRIVATE KEY-----$/ : /^-----BEGIN CERTIFICATE-----$/,
41 end
= priv
? /^-----END RSA PRIVATE KEY-----$/ : /^-----END CERTIFICATE-----$/,
42 lines
= value
.trim().split(/[\r\n]/),
46 for (i
= 0; i
< lines
.length
; i
++) {
47 if (lines
[i
].match(beg
))
49 else if (start
&& !lines
[i
].match(/^(?:[A-Za-z0-9+/]{4})*(?:[A
-Za
-z0
-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/))
53 if (!start
|| i
< lines
.length
- 1 || !lines
[i
].match(end
))
54 return _('This does not look like a valid PEM file');
59 return network
.registerProtocol('openconnect', {
61 return _('OpenConnect (CISCO AnyConnect)');
64 getIfname: function() {
65 return this._ubus('l3_device') || 'vpn-%s'.format(this.sid
);
68 getOpkgPackage: function() {
72 isFloating: function() {
76 isVirtual: function() {
80 getDevices: function() {
84 containsDevice: function(ifname
) {
85 return (network
.getIfnameOf(ifname
) == this.getIfname());
88 renderFormOptions: function(s
) {
89 var dev
= this.getDevice().getName(),
90 certLoadPromise
= null,
93 o
= s
.taboption('general', form
.Value
, 'server', _('VPN Server'));
94 o
.datatype
= 'host(0)';
96 o
= s
.taboption('general', form
.Value
, 'port', _('VPN Server port'));
97 o
.placeholder
= '443';
100 s
.taboption('general', form
.Value
, 'serverhash', _("VPN Server's certificate SHA1 hash"));
101 s
.taboption('general', form
.Value
, 'authgroup', _('Auth Group'));
102 s
.taboption("general", form
.Value
, "username", _("Username"));
104 o
= s
.taboption('general', form
.Value
, 'password', _('Password'));
107 o
= s
.taboption('general', form
.Value
, 'password2', _('Password2'));
110 o
= s
.taboption('general', form
.TextValue
, 'usercert', _('User certificate (PEM encoded)'));
113 o
.validate
= L
.bind(validateCert
, o
, false);
114 o
.load = function(section_id
) {
115 certLoadPromise
= certLoadPromise
|| callGetCertificateFiles(section_id
);
116 return certLoadPromise
.then(function(certs
) { return certs
.user_certificate
});
118 o
.write = function(section_id
, value
) {
119 return callSetCertificateFiles(section_id
, sanitizeCert(value
), null, null);
122 o
= s
.taboption('general', form
.TextValue
, 'userkey', _('User key (PEM encoded)'));
125 o
.validate
= L
.bind(validateCert
, o
, true);
126 o
.load = function(section_id
) {
127 certLoadPromise
= certLoadPromise
|| callGetCertificateFiles(section_id
);
128 return certLoadPromise
.then(function(certs
) { return certs
.user_privatekey
});
130 o
.write = function(section_id
, value
) {
131 return callSetCertificateFiles(section_id
, null, sanitizeCert(value
), null);
134 o
= s
.taboption('general', form
.TextValue
, 'ca', _('CA certificate; if empty it will be saved after the first connection.'));
137 o
.validate
= L
.bind(validateCert
, o
, false);
138 o
.load = function(section_id
) {
139 certLoadPromise
= certLoadPromise
|| callGetCertificateFiles(section_id
);
140 return certLoadPromise
.then(function(certs
) { return certs
.ca_certificate
});
142 o
.write = function(section_id
, value
) {
143 return callSetCertificateFiles(section_id
, null, null, sanitizeCert(value
));
146 o
= s
.taboption('advanced', form
.Flag
, 'defaultroute', _('Default gateway'), _('If unchecked, no default route is configured'));
147 o
.default = o
.enabled
;
149 o
= s
.taboption('advanced', form
.Value
, 'metric', _('Use gateway metric'));
151 o
.datatype
= 'uinteger';
152 o
.depends('defaultroute', '1');
154 o
= s
.taboption('advanced', form
.Value
, 'mtu', _('Override MTU'));
156 o
.placeholder
= 1406;
157 o
.datatype
= 'range(68, 9200)';