static int run_connect(struct vpn_provider *provider, struct connman_task *task, const char *if_name, vpn_provider_connect_cb_t cb, void *user_data) { const char *vpnhost, *vpncookie, *servercert, *mtu; int fd, err = 0, len; vpnhost = vpn_provider_get_string(provider, "OpenConnect.VPNHost"); if (vpnhost == NULL) vpnhost = vpn_provider_get_string(provider, "Host"); vpncookie = vpn_provider_get_string(provider, "OpenConnect.Cookie"); servercert = vpn_provider_get_string(provider, "OpenConnect.ServerCert"); if (vpncookie == NULL || servercert == NULL) { err = -EINVAL; goto done; } task_append_config_data(provider, task); connman_task_add_argument(task, "--servercert", servercert); mtu = vpn_provider_get_string(provider, "VPN.MTU"); if (mtu != NULL) connman_task_add_argument(task, "--mtu", (char *)mtu); connman_task_add_argument(task, "--syslog", NULL); connman_task_add_argument(task, "--cookie-on-stdin", NULL); connman_task_add_argument(task, "--script", SCRIPTDIR "/openconnect-script"); connman_task_add_argument(task, "--interface", if_name); connman_task_add_argument(task, (char *)vpnhost, NULL); err = connman_task_run(task, vpn_died, provider, &fd, NULL, NULL); if (err < 0) { connman_error("openconnect failed to start"); err = -EIO; goto done; } len = strlen(vpncookie); if (write(fd, vpncookie, len) != (ssize_t)len || write(fd, "\n", 1) != 1) { connman_error("openconnect failed to take cookie on stdin"); err = -EIO; goto done; } done: if (cb != NULL) cb(provider, user_data, err); return err; }
static int ov_connect(struct connman_provider *provider, struct connman_task *task, const char *if_name) { const char *option; int err, fd; option = connman_provider_get_string(provider, "Host"); if (option == NULL) { connman_error("Host not set; cannot enable VPN"); return -EINVAL; } task_append_config_data(provider, task); connman_task_add_argument(task, "--syslog", NULL); connman_task_add_argument(task, "--script-security", "2"); connman_task_add_argument(task, "--up", SCRIPTDIR "/openvpn-script"); connman_task_add_argument(task, "--up-restart", NULL); connman_task_add_argument(task, "--setenv", NULL); connman_task_add_argument(task, "CONNMAN_BUSNAME", dbus_bus_get_unique_name(connection)); connman_task_add_argument(task, "--setenv", NULL); connman_task_add_argument(task, "CONNMAN_INTERFACE", CONNMAN_TASK_INTERFACE); connman_task_add_argument(task, "--setenv", NULL); connman_task_add_argument(task, "CONNMAN_PATH", connman_task_get_path(task)); connman_task_add_argument(task, "--dev", if_name); connman_task_add_argument(task, "--dev-type", "tun"); connman_task_add_argument(task, "--tls-client", NULL); connman_task_add_argument(task, "--nobind", NULL); connman_task_add_argument(task, "--persist-key", NULL); connman_task_add_argument(task, "--persist-tun", NULL); connman_task_add_argument(task, "--route-noexec", NULL); connman_task_add_argument(task, "--ifconfig-noexec", NULL); /* * Disable client restarts because we can't handle this at the * moment. The problem is that when OpenVPN decides to switch * from CONNECTED state to RECONNECTING and then to RESOLVE, * it is not possible to do a DNS lookup. The DNS server is * not accessable through the tunnel anymore and so we end up * trying to resolve the OpenVPN servers address. */ connman_task_add_argument(task, "--ping-restart", "0"); connman_task_add_argument(task, "--client", NULL); fd = fileno(stderr); err = connman_task_run(task, vpn_died, provider, NULL, &fd, &fd); if (err < 0) { connman_error("openvpn failed to start"); return -EIO; } return 0; }