Added luci protocol module for openconnect.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

3 files changed, 196 insertions, 0 deletions

diff --git a/net/luci-proto-openconnect/Makefile b/net/luci-proto-openconnect/Makefile
new file mode 100644
index 000000000..c69037541
--- /dev/null
+++ b/net/luci-proto-openconnect/Makefile
@@ -0,0 +1,57 @@
+#    Copyright (C) 2014 Nikos Mavrogiannopoulos
+#
+#    This program is free software; you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation; either version 2 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License along
+#    with this program; if not, write to the Free Software Foundation, Inc.,
+#    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+#    The full GNU General Public License is included in this distribution in
+#    the file called "COPYING".
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=luci-proto-openconnect
+PKG_RELEASE:=1
+
+PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/luci-proto-openconnect
+  SECTION:=luci
+  CATEGORY:=LuCI
+  SUBMENU:=6. Protocols
+  TITLE:= OpenConnect VPN protocol configuration
+  DEPENDS:=+luci-mod-admin-core +openconnect
+  MAINTAINER:= Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
+endef
+
+define Package/luci-proto-openconnect/description
+	openconnect web module for LuCi web interface
+endef
+
+define Build/Prepare
+endef
+
+define Build/Configure
+endef
+
+define Build/Compile
+endef
+
+# Fixme: How can we add <%+openconnect_status%> in view/admin_status/index.htm?
+define Package/luci-proto-openconnect/install
+	$(CP) ./files/* $(1)/
+endef
+
+$(eval $(call BuildPackage,luci-proto-openconnect))
+
diff --git a/net/luci-proto-openconnect/files/usr/lib/lua/luci/model/cbi/admin_network/proto_openconnect.lua b/net/luci-proto-openconnect/files/usr/lib/lua/luci/model/cbi/admin_network/proto_openconnect.lua
new file mode 100644
index 000000000..2e2eacee0
--- /dev/null
+++ b/net/luci-proto-openconnect/files/usr/lib/lua/luci/model/cbi/admin_network/proto_openconnect.lua
@@ -0,0 +1,78 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2014 Nikos Mavrogiannopoulos <nmav@gnutls.org>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+]]--
+
+local map, section, net = ...
+
+local server, username, password, cert, ca
+local oc_cert_file, oc_key_file, oc_ca_file
+
+local ifc = net:get_interface():name()
+
+oc_cert_file = "/etc/openconnect/user-cert-" .. ifc .. ".pem"
+oc_key_file = "/etc/openconnect/user-key-" .. ifc .. ".pem"
+oc_ca_file = "/etc/openconnect/ca-" .. ifc .. ".pem"
+
+server = section:taboption("general", Value, "server", translate("VPN Server"))
+server.datatype = "host"
+
+port = section:taboption("general", Value, "port", translate("VPN Server port"))
+port.placeholder = "443"
+port.datatype    = "port"
+
+section:taboption("general", Value, "serverhash", translate("VPN Server's certificate SHA1 hash"))
+
+section:taboption("general", Value, "authgroup", translate("AuthGroup"))
+
+username = section:taboption("general", Value, "username", translate("Username"))
+password = section:taboption("general", Value, "password", translate("Password"))
+password.password = true
+
+
+cert = section:taboption("advanced", Value, "usercert", translate("User certificate (PEM encoded)"))
+cert.template = "cbi/tvalue"
+cert.rows = 10
+
+function cert.cfgvalue(self, section)
+	return nixio.fs.readfile(oc_cert_file)
+end
+
+function cert.write(self, section, value)
+	value = value:gsub("\r\n?", "\n")
+	nixio.fs.writefile(oc_cert_file, value)
+end
+
+cert = section:taboption("advanced", Value, "userkey", translate("User key (PEM encoded)"))
+cert.template = "cbi/tvalue"
+cert.rows = 10
+
+function cert.cfgvalue(self, section)
+	return nixio.fs.readfile(oc_key_file)
+end
+
+function cert.write(self, section, value)
+	value = value:gsub("\r\n?", "\n")
+	nixio.fs.writefile(oc_key_file, value)
+end
+
+
+ca = section:taboption("advanced", Value, "ca", translate("CA certificate; if empty it will be saved after the first connection."))
+ca.template = "cbi/tvalue"
+ca.rows = 10
+
+function ca.cfgvalue(self, section)
+	return nixio.fs.readfile(oc_ca_file)
+end
+
+function ca.write(self, section, value)
+	value = value:gsub("\r\n?", "\n")
+	nixio.fs.writefile(oc_ca_file, value)
+end
diff --git a/net/luci-proto-openconnect/files/usr/lib/lua/luci/model/network/proto_openconnect.lua b/net/luci-proto-openconnect/files/usr/lib/lua/luci/model/network/proto_openconnect.lua
new file mode 100644
index 000000000..f5c16c7f0
--- /dev/null
+++ b/net/luci-proto-openconnect/files/usr/lib/lua/luci/model/network/proto_openconnect.lua
@@ -0,0 +1,61 @@
+--[[
+LuCI - Network model - dhcpv6 protocol extension
+
+Copyright 2012 David Woodhouse
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+	http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+]]--
+
+local netmod = luci.model.network
+local interface = luci.model.network.interface
+local proto = netmod:register_protocol("openconnect")
+
+function proto.get_i18n(self)
+	return luci.i18n.translate("OpenConnect (CISCO AnyConnect)")
+end
+
+function proto.ifname(self)
+	return "vpn-" .. self.sid
+end
+
+function proto.get_interface(self)
+	return interface(self:ifname(), self)
+end
+
+function proto.opkg_package(self)
+	return "openconnect"
+end
+
+function proto.is_installed(self)
+	return nixio.fs.access("/lib/netifd/proto/openconnect.sh")
+end
+
+function proto.is_floating(self)
+	return true
+end
+
+function proto.is_virtual(self)
+	return true
+end
+
+function proto.get_interfaces(self)
+	return nil
+end
+
+function proto.contains_interface(self, ifc)
+	 return (netmod:ifnameof(ifc) == self:ifname())
+
+end
+
+netmod:register_pattern_virtual("^vpn-%w")