/
LibOpenConnect.java
271 lines (220 loc) · 8.07 KB
/
LibOpenConnect.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
/*
* OpenConnect (SSL + DTLS) VPN client
*
* Copyright © 2013 Kevin Cernekee <cernekee@gmail.com>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public License
* version 2.1, as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*/
package org.infradead.libopenconnect;
import java.util.ArrayList;
import java.util.HashMap;
public abstract class LibOpenConnect {
/* constants */
public static final int OC_FORM_OPT_TEXT = 1;
public static final int OC_FORM_OPT_PASSWORD = 2;
public static final int OC_FORM_OPT_SELECT = 3;
public static final int OC_FORM_OPT_HIDDEN = 4;
public static final int OC_FORM_OPT_TOKEN = 5;
public static final int OC_FORM_OPT_IGNORE = 0x0001;
public static final int OC_FORM_OPT_NUMERIC = 0x0002;
public static final int OC_TOKEN_MODE_NONE = 0;
public static final int OC_TOKEN_MODE_STOKEN = 1;
public static final int OC_TOKEN_MODE_TOTP = 2;
public static final int OC_FORM_RESULT_ERR = -1;
public static final int OC_FORM_RESULT_OK = 0;
public static final int OC_FORM_RESULT_CANCELLED = 1;
public static final int OC_FORM_RESULT_NEWGROUP = 2;
public static final int PRG_ERR = 0;
public static final int PRG_INFO = 1;
public static final int PRG_DEBUG = 2;
public static final int PRG_TRACE = 3;
public static final int RECONNECT_INTERVAL_MIN = 10;
public static final int RECONNECT_INTERVAL_MAX = 100;
/* required callbacks */
public abstract int onProcessAuthForm(AuthForm authForm);
public abstract void onProgress(int level, String msg);
/* optional callbacks */
public int onValidatePeerCert(String msg) { return 0; }
public int onWriteNewConfig(byte[] buf) { return 0; }
public void onProtectSocket(int fd) { }
public void onStatsUpdate(VPNStats stats) { }
/* create/destroy library instances */
public LibOpenConnect() {
libctx = init("OpenConnect VPN Agent (Java)");
}
public synchronized void destroy() {
if (libctx != 0) {
free();
libctx = 0;
}
}
/* async requests (safe to call from any thread) */
public void cancel() {
synchronized (asyncLock) {
if (!canceled) {
doCancel();
canceled = true;
}
}
}
public boolean isCanceled() {
synchronized (asyncLock) {
return canceled;
}
}
public native void pause();
public native void requestStats();
public native void setLogLevel(int level);
/* control operations */
public synchronized native int parseURL(String url);
public synchronized native int obtainCookie();
public synchronized native void clearCookie();
public synchronized native void resetSSL();
public synchronized native int makeCSTPConnection();
public synchronized native int setupTunDevice(String vpncScript, String IFName);
public synchronized native int setupTunScript(String tunScript);
public synchronized native int setupTunFD(int tunFD);
public synchronized native int setupDTLS(int attemptPeriod);
public synchronized native int mainloop(int reconnectTimeout, int reconnectInterval);
/* connection settings */
public synchronized native int passphraseFromFSID();
public synchronized native void setCertExpiryWarning(int seconds);
public synchronized native void setDPD(int minSeconds);
public synchronized native int setProxyAuth(String methods);
public synchronized native int setHTTPProxy(String proxy);
public synchronized native void setXMLSHA1(String hash);
public synchronized native void setHostname(String hostname);
public synchronized native void setUrlpath(String urlpath);
public synchronized native void setCAFile(String caFile);
public synchronized native void setReportedOS(String os);
public synchronized native void setMobileInfo(String mobilePlatformVersion,
String mobileDeviceType,
String mobileDeviceUniqueID);
public synchronized native int setTokenMode(int tokenMode, String tokenString);
public synchronized native void setCSDWrapper(String wrapper, String TMPDIR, String PATH);
public synchronized native void setXMLPost(boolean isEnabled);
public synchronized native void setClientCert(String cert, String sslKey);
public synchronized native void setServerCertSHA1(String hash);
public synchronized native void setReqMTU(int mtu);
public synchronized native void setPFS(boolean isEnabled);
/* connection info */
public synchronized native String getHostname();
public synchronized native String getUrlpath();
public synchronized native int getPort();
public synchronized native String getCookie();
public synchronized native String getIFName();
public synchronized native IPInfo getIPInfo();
/* certificate info */
public synchronized native String getCertSHA1();
public synchronized native String getCertDetails();
public synchronized native byte[] getCertDER();
/* library info */
public static native String getVersion();
public static native boolean hasPKCS11Support();
public static native boolean hasTSSBlobSupport();
public static native boolean hasStokenSupport();
public static native boolean hasOATHSupport();
/* public data structures */
public static class FormOpt {
public int type;
public String name;
public String label;
public long flags;
public ArrayList<FormChoice> choices = new ArrayList<FormChoice>();
public String value;
public Object userData;
/* FormOpt internals (called from JNI) */
void addChoice(FormChoice fc) {
this.choices.add(fc);
}
};
public static class FormChoice {
public String name;
public String label;
public String authType;
public String overrideName;
public String overrideLabel;
public Object userData;
};
public static class AuthForm {
public String banner;
public String message;
public String error;
public String authID;
public String method;
public String action;
public ArrayList<FormOpt> opts = new ArrayList<FormOpt>();
public FormOpt authgroupOpt;
public int authgroupSelection;
public Object userData;
/* AuthForm internals (called from JNI) */
FormOpt addOpt(boolean isAuthgroup) {
FormOpt fo = new FormOpt();
opts.add(fo);
if (isAuthgroup) {
authgroupOpt = fo;
}
return fo;
}
String getOptValue(String name) {
for (FormOpt fo : opts) {
if (fo.name.equals(name)) {
return fo.value;
}
}
return null;
}
}
public static class IPInfo {
public String addr;
public String netmask;
public String addr6;
public String netmask6;
public ArrayList<String> DNS = new ArrayList<String>();
public ArrayList<String> NBNS = new ArrayList<String>();
public String domain;
public String proxyPac;
public int MTU;
public ArrayList<String> splitDNS = new ArrayList<String>();
public ArrayList<String> splitIncludes = new ArrayList<String>();
public ArrayList<String> splitExcludes = new ArrayList<String>();
public HashMap<String,String> CSTPOptions = new HashMap<String,String>();
public HashMap<String,String> DTLSOptions = new HashMap<String,String>();
public Object userData;
/* IPInfo internals (called from JNI) */
void addDNS(String arg) { DNS.add(arg); }
void addNBNS(String arg) { NBNS.add(arg); }
void addSplitDNS(String arg) { splitDNS.add(arg); }
void addSplitInclude(String arg) { splitIncludes.add(arg); }
void addSplitExclude(String arg) { splitExcludes.add(arg); }
void addCSTPOption(String key, String value) { CSTPOptions.put(key, value); }
void addDTLSOption(String key, String value) { DTLSOptions.put(key, value); }
}
public static class VPNStats {
public long txPkts;
public long txBytes;
public long rxPkts;
public long rxBytes;
public Object userData;
};
/* Optional storage for caller's data */
public Object userData;
/* LibOpenConnect internals */
long libctx;
boolean canceled = false;
Object asyncLock = new Object();
static synchronized native void globalInit();
static {
globalInit();
}
synchronized native long init(String useragent);
synchronized native void free();
native void doCancel();
}