Darin Petkov | 1c11520 | 2012-03-22 15:35:47 +0100 | [diff] [blame] | 1 | // Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "shill/openvpn_management_server.h" |
| 6 | |
Darin Petkov | 4646302 | 2012-03-29 14:57:32 +0200 | [diff] [blame] | 7 | #include <arpa/inet.h> |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 8 | #include <netinet/in.h> |
| 9 | |
| 10 | #include <base/bind.h> |
Darin Petkov | 4646302 | 2012-03-29 14:57:32 +0200 | [diff] [blame] | 11 | #include <base/string_number_conversions.h> |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 12 | #include <base/string_split.h> |
| 13 | #include <base/string_util.h> |
| 14 | #include <base/stringprintf.h> |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 15 | #include <chromeos/dbus/service_constants.h> |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 16 | |
Darin Petkov | 3273da7 | 2013-02-13 11:50:25 +0100 | [diff] [blame] | 17 | #include "shill/error.h" |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 18 | #include "shill/event_dispatcher.h" |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 19 | #include "shill/glib.h" |
Christopher Wiley | b691efd | 2012-08-09 13:51:51 -0700 | [diff] [blame] | 20 | #include "shill/logging.h" |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 21 | #include "shill/openvpn_driver.h" |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 22 | #include "shill/sockets.h" |
| 23 | |
| 24 | using base::Bind; |
Darin Petkov | 4646302 | 2012-03-29 14:57:32 +0200 | [diff] [blame] | 25 | using base::IntToString; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 26 | using base::SplitString; |
| 27 | using base::StringPrintf; |
Darin Petkov | 3273da7 | 2013-02-13 11:50:25 +0100 | [diff] [blame] | 28 | using base::Unretained; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 29 | using std::string; |
| 30 | using std::vector; |
Darin Petkov | 1c11520 | 2012-03-22 15:35:47 +0100 | [diff] [blame] | 31 | |
| 32 | namespace shill { |
| 33 | |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 34 | OpenVPNManagementServer::OpenVPNManagementServer(OpenVPNDriver *driver, |
| 35 | GLib *glib) |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 36 | : driver_(driver), |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 37 | glib_(glib), |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 38 | sockets_(NULL), |
| 39 | socket_(-1), |
| 40 | dispatcher_(NULL), |
Darin Petkov | a5e07ef | 2012-07-09 14:27:57 +0200 | [diff] [blame] | 41 | connected_socket_(-1), |
| 42 | hold_waiting_(false), |
| 43 | hold_release_(false) {} |
Darin Petkov | 1c11520 | 2012-03-22 15:35:47 +0100 | [diff] [blame] | 44 | |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 45 | OpenVPNManagementServer::~OpenVPNManagementServer() { |
Darin Petkov | 4646302 | 2012-03-29 14:57:32 +0200 | [diff] [blame] | 46 | OpenVPNManagementServer::Stop(); |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 47 | } |
Darin Petkov | 1c11520 | 2012-03-22 15:35:47 +0100 | [diff] [blame] | 48 | |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 49 | bool OpenVPNManagementServer::Start(EventDispatcher *dispatcher, |
Darin Petkov | 4646302 | 2012-03-29 14:57:32 +0200 | [diff] [blame] | 50 | Sockets *sockets, |
| 51 | vector<string> *options) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 52 | SLOG(VPN, 2) << __func__; |
Darin Petkov | e08084d | 2012-06-11 13:19:35 +0200 | [diff] [blame] | 53 | if (IsStarted()) { |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 54 | return true; |
| 55 | } |
| 56 | |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 57 | int socket = sockets->Socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 58 | if (socket < 0) { |
| 59 | PLOG(ERROR) << "Unable to create management server socket."; |
| 60 | return false; |
| 61 | } |
| 62 | |
| 63 | struct sockaddr_in addr; |
| 64 | socklen_t addrlen = sizeof(addr); |
| 65 | memset(&addr, 0, sizeof(addr)); |
| 66 | addr.sin_family = AF_INET; |
| 67 | addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); |
| 68 | if (sockets->Bind( |
| 69 | socket, reinterpret_cast<struct sockaddr *>(&addr), addrlen) < 0 || |
| 70 | sockets->Listen(socket, 1) < 0 || |
| 71 | sockets->GetSockName( |
| 72 | socket, reinterpret_cast<struct sockaddr *>(&addr), &addrlen) < 0) { |
| 73 | PLOG(ERROR) << "Socket setup failed."; |
| 74 | sockets->Close(socket); |
| 75 | return false; |
| 76 | } |
| 77 | |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 78 | SLOG(VPN, 2) << "Listening socket: " << socket; |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 79 | sockets_ = sockets; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 80 | socket_ = socket; |
| 81 | ready_handler_.reset( |
| 82 | dispatcher->CreateReadyHandler( |
Darin Petkov | 3273da7 | 2013-02-13 11:50:25 +0100 | [diff] [blame] | 83 | socket, IOHandler::kModeInput, |
| 84 | Bind(&OpenVPNManagementServer::OnReady, Unretained(this)))); |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 85 | dispatcher_ = dispatcher; |
Darin Petkov | 4646302 | 2012-03-29 14:57:32 +0200 | [diff] [blame] | 86 | |
| 87 | // Append openvpn management API options. |
| 88 | options->push_back("--management"); |
| 89 | options->push_back(inet_ntoa(addr.sin_addr)); |
| 90 | options->push_back(IntToString(ntohs(addr.sin_port))); |
| 91 | options->push_back("--management-client"); |
Darin Petkov | a5e07ef | 2012-07-09 14:27:57 +0200 | [diff] [blame] | 92 | |
| 93 | options->push_back("--management-hold"); |
| 94 | hold_release_ = false; |
| 95 | hold_waiting_ = false; |
| 96 | |
Darin Petkov | 4646302 | 2012-03-29 14:57:32 +0200 | [diff] [blame] | 97 | options->push_back("--management-query-passwords"); |
Darin Petkov | 4646302 | 2012-03-29 14:57:32 +0200 | [diff] [blame] | 98 | if (driver_->AppendValueOption(flimflam::kOpenVPNStaticChallengeProperty, |
| 99 | "--static-challenge", |
| 100 | options)) { |
| 101 | options->push_back("1"); // Force echo. |
| 102 | } |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 103 | return true; |
| 104 | } |
| 105 | |
| 106 | void OpenVPNManagementServer::Stop() { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 107 | SLOG(VPN, 2) << __func__; |
Darin Petkov | e08084d | 2012-06-11 13:19:35 +0200 | [diff] [blame] | 108 | if (!IsStarted()) { |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 109 | return; |
| 110 | } |
| 111 | input_handler_.reset(); |
| 112 | if (connected_socket_ >= 0) { |
| 113 | sockets_->Close(connected_socket_); |
| 114 | connected_socket_ = -1; |
| 115 | } |
| 116 | dispatcher_ = NULL; |
| 117 | ready_handler_.reset(); |
| 118 | if (socket_ >= 0) { |
| 119 | sockets_->Close(socket_); |
| 120 | socket_ = -1; |
| 121 | } |
| 122 | sockets_ = NULL; |
| 123 | } |
| 124 | |
Darin Petkov | a5e07ef | 2012-07-09 14:27:57 +0200 | [diff] [blame] | 125 | void OpenVPNManagementServer::ReleaseHold() { |
| 126 | SLOG(VPN, 2) << __func__; |
| 127 | hold_release_ = true; |
| 128 | if (!hold_waiting_) { |
| 129 | return; |
| 130 | } |
| 131 | LOG(INFO) << "Releasing hold."; |
| 132 | hold_waiting_ = false; |
| 133 | SendHoldRelease(); |
| 134 | } |
| 135 | |
| 136 | void OpenVPNManagementServer::Hold() { |
| 137 | SLOG(VPN, 2) << __func__; |
| 138 | hold_release_ = false; |
| 139 | } |
| 140 | |
Darin Petkov | a42afe3 | 2013-02-05 16:53:52 +0100 | [diff] [blame] | 141 | void OpenVPNManagementServer::Restart() { |
| 142 | LOG(INFO) << "Restart."; |
| 143 | SendSignal("SIGUSR1"); |
| 144 | } |
| 145 | |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 146 | void OpenVPNManagementServer::OnReady(int fd) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 147 | SLOG(VPN, 2) << __func__ << "(" << fd << ")"; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 148 | connected_socket_ = sockets_->Accept(fd, NULL, NULL); |
| 149 | if (connected_socket_ < 0) { |
| 150 | PLOG(ERROR) << "Connected socket accept failed."; |
| 151 | return; |
| 152 | } |
| 153 | ready_handler_.reset(); |
Paul Stewart | 5f06a0e | 2012-12-20 11:11:33 -0800 | [diff] [blame] | 154 | input_handler_.reset(dispatcher_->CreateInputHandler( |
Darin Petkov | 3273da7 | 2013-02-13 11:50:25 +0100 | [diff] [blame] | 155 | connected_socket_, |
| 156 | Bind(&OpenVPNManagementServer::OnInput, Unretained(this)), |
| 157 | Bind(&OpenVPNManagementServer::OnInputError, Unretained(this)))); |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 158 | SendState("on"); |
| 159 | } |
| 160 | |
| 161 | void OpenVPNManagementServer::OnInput(InputData *data) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 162 | SLOG(VPN, 2) << __func__ << "(" << data->len << ")"; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 163 | vector<string> messages; |
| 164 | SplitString( |
| 165 | string(reinterpret_cast<char *>(data->buf), data->len), '\n', &messages); |
| 166 | for (vector<string>::const_iterator it = messages.begin(); |
Darin Petkov | e08084d | 2012-06-11 13:19:35 +0200 | [diff] [blame] | 167 | it != messages.end() && IsStarted(); ++it) { |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 168 | ProcessMessage(*it); |
| 169 | } |
| 170 | } |
| 171 | |
Darin Petkov | 3273da7 | 2013-02-13 11:50:25 +0100 | [diff] [blame] | 172 | void OpenVPNManagementServer::OnInputError(const Error &error) { |
| 173 | LOG(ERROR) << error; |
| 174 | driver_->Cleanup(Service::kStateFailure); |
| 175 | } |
| 176 | |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 177 | void OpenVPNManagementServer::ProcessMessage(const string &message) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 178 | SLOG(VPN, 2) << __func__ << "(" << message << ")"; |
Darin Petkov | 92e6561 | 2012-06-10 12:52:10 +0200 | [diff] [blame] | 179 | if (message.empty()) { |
| 180 | return; |
| 181 | } |
| 182 | if (!ProcessInfoMessage(message) && |
| 183 | !ProcessNeedPasswordMessage(message) && |
| 184 | !ProcessFailedPasswordMessage(message) && |
Darin Petkov | a5e07ef | 2012-07-09 14:27:57 +0200 | [diff] [blame] | 185 | !ProcessStateMessage(message) && |
Darin Petkov | a42afe3 | 2013-02-05 16:53:52 +0100 | [diff] [blame] | 186 | !ProcessHoldMessage(message) && |
| 187 | !ProcessSuccessMessage(message)) { |
Darin Petkov | 92e6561 | 2012-06-10 12:52:10 +0200 | [diff] [blame] | 188 | LOG(WARNING) << "OpenVPN management message ignored: " << message; |
| 189 | } |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 190 | } |
| 191 | |
| 192 | bool OpenVPNManagementServer::ProcessInfoMessage(const string &message) { |
Darin Petkov | 92e6561 | 2012-06-10 12:52:10 +0200 | [diff] [blame] | 193 | if (!StartsWithASCII(message, ">INFO:", true)) { |
| 194 | return false; |
| 195 | } |
Darin Petkov | a42afe3 | 2013-02-05 16:53:52 +0100 | [diff] [blame] | 196 | LOG(INFO) << message; |
Darin Petkov | 92e6561 | 2012-06-10 12:52:10 +0200 | [diff] [blame] | 197 | return true; |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 198 | } |
| 199 | |
| 200 | bool OpenVPNManagementServer::ProcessNeedPasswordMessage( |
| 201 | const string &message) { |
| 202 | if (!StartsWithASCII(message, ">PASSWORD:Need ", true)) { |
| 203 | return false; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 204 | } |
Darin Petkov | 92e6561 | 2012-06-10 12:52:10 +0200 | [diff] [blame] | 205 | LOG(INFO) << "Processing need-password message."; |
Darin Petkov | e0d5dd1 | 2012-04-04 16:10:48 +0200 | [diff] [blame] | 206 | string tag = ParseNeedPasswordTag(message); |
| 207 | if (tag == "Auth") { |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 208 | if (message.find("SC:") != string::npos) { |
Darin Petkov | e0d5dd1 | 2012-04-04 16:10:48 +0200 | [diff] [blame] | 209 | PerformStaticChallenge(tag); |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 210 | } else { |
Darin Petkov | daaa553 | 2012-07-24 15:37:55 +0200 | [diff] [blame] | 211 | PerformAuthentication(tag); |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 212 | } |
Darin Petkov | e0d5dd1 | 2012-04-04 16:10:48 +0200 | [diff] [blame] | 213 | } else if (StartsWithASCII(tag, "User-Specific TPM Token", true)) { |
| 214 | SupplyTPMToken(tag); |
Darin Petkov | 92e6561 | 2012-06-10 12:52:10 +0200 | [diff] [blame] | 215 | } else { |
| 216 | NOTIMPLEMENTED() << ": Unsupported need-password message: " << message; |
| 217 | driver_->Cleanup(Service::kStateFailure); |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 218 | } |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 219 | return true; |
| 220 | } |
| 221 | |
Darin Petkov | e0d5dd1 | 2012-04-04 16:10:48 +0200 | [diff] [blame] | 222 | // static |
| 223 | string OpenVPNManagementServer::ParseNeedPasswordTag(const string &message) { |
Darin Petkov | 92e6561 | 2012-06-10 12:52:10 +0200 | [diff] [blame] | 224 | SLOG(VPN, 2) << __func__ << "(" << message << ")"; |
Darin Petkov | e0d5dd1 | 2012-04-04 16:10:48 +0200 | [diff] [blame] | 225 | size_t start = message.find('\''); |
| 226 | if (start == string::npos) { |
| 227 | return string(); |
| 228 | } |
| 229 | size_t end = message.find('\'', start + 1); |
| 230 | if (end == string::npos) { |
| 231 | return string(); |
| 232 | } |
| 233 | return message.substr(start + 1, end - start - 1); |
| 234 | } |
| 235 | |
| 236 | void OpenVPNManagementServer::PerformStaticChallenge(const string &tag) { |
Darin Petkov | 92e6561 | 2012-06-10 12:52:10 +0200 | [diff] [blame] | 237 | LOG(INFO) << "Perform static challenge: " << tag; |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 238 | string user = |
| 239 | driver_->args()->LookupString(flimflam::kOpenVPNUserProperty, ""); |
| 240 | string password = |
| 241 | driver_->args()->LookupString(flimflam::kOpenVPNPasswordProperty, ""); |
| 242 | string otp = |
| 243 | driver_->args()->LookupString(flimflam::kOpenVPNOTPProperty, ""); |
| 244 | if (user.empty() || password.empty() || otp.empty()) { |
Darin Petkov | e08084d | 2012-06-11 13:19:35 +0200 | [diff] [blame] | 245 | NOTIMPLEMENTED() << ": Missing credentials:" |
| 246 | << (user.empty() ? " no-user" : "") |
| 247 | << (password.empty() ? " no-password" : "") |
| 248 | << (otp.empty() ? " no-otp" : ""); |
Darin Petkov | 0440b9b | 2012-04-17 16:11:56 +0200 | [diff] [blame] | 249 | driver_->Cleanup(Service::kStateFailure); |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 250 | return; |
| 251 | } |
| 252 | gchar *b64_password = |
| 253 | glib_->Base64Encode(reinterpret_cast<const guchar *>(password.data()), |
| 254 | password.size()); |
| 255 | gchar *b64_otp = |
| 256 | glib_->Base64Encode(reinterpret_cast<const guchar *>(otp.data()), |
| 257 | otp.size()); |
| 258 | if (!b64_password || !b64_otp) { |
| 259 | LOG(ERROR) << "Unable to base64-encode credentials."; |
| 260 | return; |
| 261 | } |
Darin Petkov | e0d5dd1 | 2012-04-04 16:10:48 +0200 | [diff] [blame] | 262 | SendUsername(tag, user); |
| 263 | SendPassword(tag, StringPrintf("SCRV1:%s:%s", b64_password, b64_otp)); |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 264 | glib_->Free(b64_otp); |
| 265 | glib_->Free(b64_password); |
| 266 | // Don't reuse OTP. |
| 267 | driver_->args()->RemoveString(flimflam::kOpenVPNOTPProperty); |
| 268 | } |
| 269 | |
Darin Petkov | daaa553 | 2012-07-24 15:37:55 +0200 | [diff] [blame] | 270 | void OpenVPNManagementServer::PerformAuthentication(const string &tag) { |
| 271 | LOG(INFO) << "Perform authentication: " << tag; |
| 272 | string user = |
| 273 | driver_->args()->LookupString(flimflam::kOpenVPNUserProperty, ""); |
| 274 | string password = |
| 275 | driver_->args()->LookupString(flimflam::kOpenVPNPasswordProperty, ""); |
| 276 | if (user.empty() || password.empty()) { |
| 277 | NOTIMPLEMENTED() << ": Missing credentials:" |
| 278 | << (user.empty() ? " no-user" : "") |
| 279 | << (password.empty() ? " no-password" : ""); |
| 280 | driver_->Cleanup(Service::kStateFailure); |
| 281 | return; |
| 282 | } |
| 283 | SendUsername(tag, user); |
| 284 | SendPassword(tag, password); |
| 285 | } |
| 286 | |
Darin Petkov | e0d5dd1 | 2012-04-04 16:10:48 +0200 | [diff] [blame] | 287 | void OpenVPNManagementServer::SupplyTPMToken(const string &tag) { |
Darin Petkov | 92e6561 | 2012-06-10 12:52:10 +0200 | [diff] [blame] | 288 | SLOG(VPN, 2) << __func__ << "(" << tag << ")"; |
Darin Petkov | e0d5dd1 | 2012-04-04 16:10:48 +0200 | [diff] [blame] | 289 | string pin = driver_->args()->LookupString(flimflam::kOpenVPNPinProperty, ""); |
| 290 | if (pin.empty()) { |
Darin Petkov | 0440b9b | 2012-04-17 16:11:56 +0200 | [diff] [blame] | 291 | NOTIMPLEMENTED() << ": Missing PIN."; |
| 292 | driver_->Cleanup(Service::kStateFailure); |
Darin Petkov | e0d5dd1 | 2012-04-04 16:10:48 +0200 | [diff] [blame] | 293 | return; |
| 294 | } |
| 295 | SendPassword(tag, pin); |
| 296 | } |
| 297 | |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 298 | bool OpenVPNManagementServer::ProcessFailedPasswordMessage( |
| 299 | const string &message) { |
| 300 | if (!StartsWithASCII(message, ">PASSWORD:Verification Failed:", true)) { |
| 301 | return false; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 302 | } |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 303 | NOTIMPLEMENTED(); |
Darin Petkov | 0440b9b | 2012-04-17 16:11:56 +0200 | [diff] [blame] | 304 | driver_->Cleanup(Service::kStateFailure); |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 305 | return true; |
| 306 | } |
| 307 | |
| 308 | // >STATE:* message support. State messages are of the form: |
| 309 | // >STATE:<date>,<state>,<detail>,<local-ip>,<remote-ip> |
| 310 | // where: |
| 311 | // <date> is the current time (since epoch) in seconds |
| 312 | // <state> is one of: |
| 313 | // INITIAL, CONNECTING, WAIT, AUTH, GET_CONFIG, ASSIGN_IP, ADD_ROUTES, |
| 314 | // CONNECTED, RECONNECTING, EXITING, RESOLVE, TCP_CONNECT |
| 315 | // <detail> is a free-form string giving details about the state change |
| 316 | // <local-ip> is a dotted-quad for the local IPv4 address (when available) |
| 317 | // <remote-ip> is a dotted-quad for the remote IPv4 address (when available) |
| 318 | bool OpenVPNManagementServer::ProcessStateMessage(const string &message) { |
| 319 | if (!StartsWithASCII(message, ">STATE:", true)) { |
| 320 | return false; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 321 | } |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 322 | vector<string> details; |
| 323 | SplitString(message, ',', &details); |
| 324 | if (details.size() > 1) { |
| 325 | if (details[1] == "RECONNECTING") { |
Darin Petkov | 0cd0d1e | 2013-02-11 12:49:10 +0100 | [diff] [blame] | 326 | OpenVPNDriver::ReconnectReason reason = |
| 327 | OpenVPNDriver::kReconnectReasonUnknown; |
| 328 | if (details.size() > 2 && details[2] == "tls-error") { |
| 329 | reason = OpenVPNDriver::kReconnectReasonTLSError; |
| 330 | } |
| 331 | driver_->OnReconnecting(reason); |
| 332 | } else { |
| 333 | // The rest of the states are currently ignored. |
| 334 | LOG(INFO) << "Ignoring state message: " << details[1]; |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 335 | } |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 336 | } |
Darin Petkov | 271fe52 | 2012-03-27 13:47:29 +0200 | [diff] [blame] | 337 | return true; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 338 | } |
| 339 | |
Darin Petkov | a5e07ef | 2012-07-09 14:27:57 +0200 | [diff] [blame] | 340 | bool OpenVPNManagementServer::ProcessHoldMessage(const string &message) { |
| 341 | if (!StartsWithASCII(message, ">HOLD:Waiting for hold release", true)) { |
| 342 | return false; |
| 343 | } |
Darin Petkov | a42afe3 | 2013-02-05 16:53:52 +0100 | [diff] [blame] | 344 | LOG(INFO) << "Client waiting for hold release."; |
Darin Petkov | a5e07ef | 2012-07-09 14:27:57 +0200 | [diff] [blame] | 345 | hold_waiting_ = true; |
| 346 | if (hold_release_) { |
| 347 | ReleaseHold(); |
| 348 | } |
| 349 | return true; |
| 350 | } |
| 351 | |
Darin Petkov | a42afe3 | 2013-02-05 16:53:52 +0100 | [diff] [blame] | 352 | bool OpenVPNManagementServer::ProcessSuccessMessage(const string &message) { |
| 353 | if (!StartsWithASCII(message, "SUCCESS: ", true)) { |
| 354 | return false; |
| 355 | } |
| 356 | LOG(INFO) << message; |
| 357 | return true; |
| 358 | } |
| 359 | |
Darin Petkov | daaa553 | 2012-07-24 15:37:55 +0200 | [diff] [blame] | 360 | // static |
| 361 | string OpenVPNManagementServer::EscapeToQuote(const string &str) { |
| 362 | string escaped; |
| 363 | for (string::const_iterator it = str.begin(); it != str.end(); ++it) { |
| 364 | if (*it == '\\' || *it == '"') { |
| 365 | escaped += '\\'; |
| 366 | } |
| 367 | escaped += *it; |
| 368 | } |
| 369 | return escaped; |
| 370 | } |
| 371 | |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 372 | void OpenVPNManagementServer::Send(const string &data) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 373 | SLOG(VPN, 2) << __func__; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 374 | ssize_t len = sockets_->Send(connected_socket_, data.data(), data.size(), 0); |
| 375 | PLOG_IF(ERROR, len < 0 || static_cast<size_t>(len) != data.size()) |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 376 | << "Send failed."; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 377 | } |
| 378 | |
| 379 | void OpenVPNManagementServer::SendState(const string &state) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 380 | SLOG(VPN, 2) << __func__ << "(" << state << ")"; |
Darin Petkov | 78f6326 | 2012-03-26 01:30:24 +0200 | [diff] [blame] | 381 | Send(StringPrintf("state %s\n", state.c_str())); |
Darin Petkov | 1c11520 | 2012-03-22 15:35:47 +0100 | [diff] [blame] | 382 | } |
| 383 | |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 384 | void OpenVPNManagementServer::SendUsername(const string &tag, |
| 385 | const string &username) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 386 | SLOG(VPN, 2) << __func__; |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 387 | Send(StringPrintf("username \"%s\" %s\n", tag.c_str(), username.c_str())); |
| 388 | } |
| 389 | |
| 390 | void OpenVPNManagementServer::SendPassword(const string &tag, |
| 391 | const string &password) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 392 | SLOG(VPN, 2) << __func__; |
Darin Petkov | daaa553 | 2012-07-24 15:37:55 +0200 | [diff] [blame] | 393 | Send(StringPrintf("password \"%s\" \"%s\"\n", |
| 394 | tag.c_str(), |
| 395 | EscapeToQuote(password).c_str())); |
Darin Petkov | 683942b | 2012-03-27 18:00:04 +0200 | [diff] [blame] | 396 | } |
| 397 | |
Darin Petkov | a42afe3 | 2013-02-05 16:53:52 +0100 | [diff] [blame] | 398 | void OpenVPNManagementServer::SendSignal(const string &signal) { |
| 399 | SLOG(VPN, 2) << __func__ << "(" << signal << ")"; |
| 400 | Send(StringPrintf("signal %s\n", signal.c_str())); |
| 401 | } |
| 402 | |
Darin Petkov | a5e07ef | 2012-07-09 14:27:57 +0200 | [diff] [blame] | 403 | void OpenVPNManagementServer::SendHoldRelease() { |
| 404 | SLOG(VPN, 2) << __func__; |
| 405 | Send("hold release\n"); |
| 406 | } |
| 407 | |
Darin Petkov | 1c11520 | 2012-03-22 15:35:47 +0100 | [diff] [blame] | 408 | } // namespace shill |