Commit 2213c44e authored by Alexey's avatar Alexey Committed by Jussi Laakkonen

[openfortivpn] Implement VPN plugin for openfortivpn. JB#48797

Co-authored-by: Jussi Laakkonen's avatarJussi Laakkonen <jussi.laakkonen@jolla.com>

This adds a new VPN plugin that uses openfortivpn binary to access
FortiNet VPNs with the help of ppp. Code is based on existing L2TP and
OpenConnect plugins. Plugin structure follows same approach as in L2TP
plugin. Property management is similar to OpenConnect plugin.

Additionally, via patch in openfortivpn, --trust-all-certs, is supported
as a property to disable certificate signature checks. Following
properties are supported so far, which are saved to the settings:

 Name                              Value                Option
 openfortivpn.AllowSelfSignedCert  string: true|false   --trust-all-certs
 openfortivpn.TrustedCert          string: fingerprint  --trusted-cert
 openfortivpn.Port                 string: digits

By default, if Port is omitted, openfortivpn uses port 10433.
Signed-off-by: Alexey's avatarAlexey Andreev <a.andreev@omprussia.ru>
Signed-off-by: Jussi Laakkonen's avatarJussi Laakkonen <jussi.laakkonen@jolla.com>
parent d4924a38
......@@ -184,6 +184,24 @@ vpn_plugins_pptp_la_LDFLAGS = $(plugin_ldflags)
endif
endif
if OPENFORTIVPN
builtin_vpn_source = vpn/plugins/vpn.c vpn/plugins/vpn.h
if OPENFORTIVPN_BUILTIN
builtin_vpn_modules += openfortivpn
builtin_vpn_sources += vpn/plugins/openfortivpn.c
builtin_vpn_cflags += -DPPPD=\"@PPPD@\" -DOPENFORTIVPN=\"@OPENFORTIVPN@\"
else
vpn_plugin_LTLIBRARIES += vpn/plugins/openfortivpn.la
vpn_plugin_objects += $(plugins_openfortivpn_la_OBJECTS)
vpn_plugins_openfortivpn_la_SOURCES = vpn/plugins/openfortivpn.c
vpn_plugins_openfortivpn_la_CFLAGS = $(plugin_cflags) -DPPPD=\"@PPPD@\" \
-DOPENFORTIVPN=\"@OPENFORTIVPN@\" \
-DSCRIPTDIR=\""$(build_scriptdir)"\"
vpn_plugins_openfortivpn_la_LDFLAGS = $(plugin_ldflags)
endif
endif
if SAILFISH_VPN_ACCESS
builtin_vpn_source = vpn/plugins/vpn.c vpn/plugins/vpn.h
if SAILFISH_VPN_ACCESS_BUILTIN
......
......@@ -236,6 +236,31 @@ fi
AM_CONDITIONAL(PPTP, test "${enable_pptp}" != "no")
AM_CONDITIONAL(PPTP_BUILTIN, test "${enable_pptp}" = "builtin")
AC_ARG_WITH(openfortivpn, AC_HELP_STRING([--with-openfortivpn=PROGRAM],
[specify location of openfortivpn binary]), [path_openfortivpn=${withval}])
AC_ARG_ENABLE(openfortivpn,
AC_HELP_STRING([--enable-openfortivpn], [enable openfortivpn support]),
[enable_openfortivpn=${enableval}], [enable_openfortivpn="no"])
if (test "${enable_openfortivpn}" != "no"); then
if (test -z "${path_pppd}"); then
AC_PATH_PROG(PPPD, [pppd], [/usr/sbin/pppd], $PATH:/sbin:/usr/sbin)
else
PPPD="${path_pppd}"
AC_SUBST(PPPD)
fi
AC_CHECK_HEADERS(pppd/pppd.h, dummy=yes,
AC_MSG_ERROR(ppp header files are required))
if (test -z "${path_openfortivpn}"); then
AC_PATH_PROG(OPENFORTIVPN, [openfortivpn], [/usr/bin/openfortivpn], $PATH:/sbin:/usr/sbin)
else
PPTP="${path_openfortivpn}"
AC_SUBST(OPENFORTIVPN)
fi
fi
AM_CONDITIONAL(OPENFORTIVPN, test "${enable_openfortivpn}" != "no")
AM_CONDITIONAL(OPENFORTIVPN_BUILTIN, test "${enable_openfortivpn}" = "builtin")
AC_ARG_ENABLE(sailfish-vpn-access,
AC_HELP_STRING([--enable-sailfish-vpn-access], [enable Sailfish vpn access control plugin]),
[enable_sailfish_vpn_access=${enableval}], [enable_sailfish_vpn_access="no"])
......
This diff is collapsed.
......@@ -160,6 +160,16 @@ Requires: vpnc
%description plugin-vpn-vpnc
This package provides Cisco3000 (VPNC) VPN plugin for connman.
%package plugin-vpn-openfortivpn
Summary: Connection Manager PPTP VPN plugin
Requires: %{name} = %{version}-%{release}
Requires: %{name}-vpn-scripts
Requires: openfortivpn
Requires: ppp
%description plugin-vpn-openfortivpn
This package provides OpenFortiNet VPN plugin for connman.
%prep
%setup -q -n %{name}-%{version}/connman
......@@ -174,6 +184,7 @@ This package provides Cisco3000 (VPNC) VPN plugin for connman.
--enable-vpnc \
--enable-l2tp \
--enable-pptp \
--enable-openfortivpn \
--enable-loopback=builtin \
--enable-pacrunner=builtin \
--enable-sailfish-vpn-access=builtin \
......@@ -334,3 +345,8 @@ systemctl daemon-reload || :
%license COPYING
%{_libdir}/%{name}/plugins-vpn/vpnc.so
%files plugin-vpn-openfortivpn
%defattr(-,root,root,-)
%license COPYING
%{_libdir}/%{name}/plugins-vpn/openfortivpn.so
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment