6 proto_openconnect_init_config
() {
7 proto_config_add_string
"server"
8 proto_config_add_int
"port"
9 proto_config_add_string
"username"
10 proto_config_add_string
"serverhash"
11 proto_config_add_string
"authgroup"
12 proto_config_add_string
"password"
13 proto_config_add_string
"token_mode"
14 proto_config_add_string
"token_secret"
15 proto_config_add_string
"interface"
20 proto_openconnect_setup
() {
23 json_get_vars server port username serverhash authgroup password interface token_mode token_secret
25 grep -q tun
/proc
/modules || insmod tun
27 logger
-t openconnect
"initializing..."
29 for ip
in $
(resolveip
-t 10 "$server"); do
30 ( proto_add_host_dependency
"$config" "$ip" $interface )
33 [ -n "$serv_addr" ] ||
{
34 logger
-t openconnect
"Could not resolve server address: '$server'"
36 proto_setup_failed
"$config"
40 [ -n "$port" ] && port
=":$port"
42 cmdline
="$server$port -i vpn-$config --non-inter --syslog --script /lib/netifd/vpnc-script"
44 # migrate to standard config files
45 [ -f "/etc/config/openconnect-user-cert-vpn-$config.pem" ] && mv "/etc/config/openconnect-user-cert-vpn-$config.pem" "/etc/openconnect/user-cert-vpn-$config.pem"
46 [ -f "/etc/config/openconnect-user-key-vpn-$config.pem" ] && mv "/etc/config/openconnect-user-key-vpn-$config.pem" "/etc/openconnect/user-key-vpn-$config.pem"
47 [ -f "/etc/config/openconnect-ca-vpn-$config.pem" ] && mv "/etc/config/openconnect-ca-vpn-$config.pem" "/etc/openconnect/ca-vpn-$config.pem"
49 [ -f /etc
/openconnect
/user-cert-vpn-
$config.pem
] && append cmdline
"-c /etc/openconnect/user-cert-vpn-$config.pem"
50 [ -f /etc
/openconnect
/user-key-vpn-
$config.pem
] && append cmdline
"--sslkey /etc/openconnect/user-key-vpn-$config.pem"
51 [ -f /etc
/openconnect
/ca-vpn-
$config.pem
] && {
52 append cmdline
"--cafile /etc/openconnect/ca-vpn-$config.pem"
53 append cmdline
"--no-system-trust"
55 [ -n "$serverhash" ] && {
56 append cmdline
" --servercert=$serverhash"
57 append cmdline
"--no-system-trust"
59 [ -n "$authgroup" ] && append cmdline
"--authgroup $authgroup"
60 [ -n "$username" ] && append cmdline
"-u $username"
61 [ -n "$password" ] && {
64 pwfile
="/var/etc/openconnect-$config.passwd"
65 echo "$password" > "$pwfile"
66 append cmdline
"--passwd-on-stdin"
69 [ -n "$token_mode" ] && append cmdline
"--token-mode=$token_mode"
70 [ -n "$token_secret" ] && append cmdline
"--token-secret=$token_secret"
72 proto_export INTERFACE
="$config"
73 logger
-t openconnect
"executing 'openconnect $cmdline'"
75 if [ -f "$pwfile" ]; then
76 proto_run_command
"$config" /usr
/sbin
/openconnect-wrapper
$pwfile $cmdline
78 proto_run_command
"$config" /usr
/sbin
/openconnect
$cmdline
82 proto_openconnect_teardown
() {
85 pwfile
="/var/etc/openconnect-$config.passwd"
88 logger
-t openconnect
"bringing down openconnect"
89 proto_kill_command
"$config" 2
92 add_protocol openconnect