Initial commit

GPService/.qmake.stash

@@ -0,0 +1,21 @@
+QMAKE_CXX.QT_COMPILER_STDCXX = 201402L
+QMAKE_CXX.QMAKE_GCC_MAJOR_VERSION = 9
+QMAKE_CXX.QMAKE_GCC_MINOR_VERSION = 2
+QMAKE_CXX.QMAKE_GCC_PATCH_VERSION = 0
+QMAKE_CXX.COMPILER_MACROS = \
+    QT_COMPILER_STDCXX \
+    QMAKE_GCC_MAJOR_VERSION \
+    QMAKE_GCC_MINOR_VERSION \
+    QMAKE_GCC_PATCH_VERSION
+QMAKE_CXX.INCDIRS = \
+    /usr/include/c++/9.2.0 \
+    /usr/include/c++/9.2.0/x86_64-pc-linux-gnu \
+    /usr/include/c++/9.2.0/backward \
+    /usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0/include \
+    /usr/local/include \
+    /usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0/include-fixed \
+    /usr/include
+QMAKE_CXX.LIBDIRS = \
+    /usr/lib/gcc/x86_64-pc-linux-gnu/9.2.0 \
+    /usr/lib \
+    /lib

GPService/GPService.pro

@@ -0,0 +1,30 @@
+QT += dbus
+QT -= gui
+
+CONFIG += c++11 console
+CONFIG -= app_bundle
+
+# The following define makes your compiler emit warnings if you use
+# any Qt feature that has been marked deprecated (the exact warnings
+# depend on your compiler). Please consult the documentation of the
+# deprecated API in order to know how to port your code away from it.
+DEFINES += QT_DEPRECATED_WARNINGS
+
+# You can also make your code fail to compile if it uses deprecated APIs.
+# In order to do so, uncomment the following line.
+# You can also select to disable deprecated APIs only up to a certain version of Qt.
+#DEFINES += QT_DISABLE_DEPRECATED_BEFORE=0x060000    # disables all the APIs deprecated before Qt 6.0.0
+
+HEADERS += \
+    gpservice.h
+
+SOURCES += \
+        gpservice.cpp \
+        main.cpp
+
+DBUS_ADAPTORS += gpservice.xml
+
+# Default rules for deployment.
+qnx: target.path = /tmp/$${TARGET}/bin
+else: unix:!android: target.path = /opt/$${TARGET}/bin
+!isEmpty(target.path): INSTALLS += target

GPService/gpservice.cpp

@@ -0,0 +1,235 @@
+#include "gpservice.h"
+#include "gpservice_adaptor.h"
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <signal.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+#include <sys/ioctl.h>
+#include <linux/if_tun.h>
+#include <net/if.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include <QFileInfo>
+#include <QDebug>
+#include <QtDBus>
+#include <QIODevice>
+#include <QProcess>
+#include <QDateTime>
+#include <QVariant>
+
+struct {
+    uid_t tun_owner;
+    gid_t tun_group;
+} tun_user;
+
+class SandboxProcess : public QProcess
+{
+protected:
+    void setupChildProcess() override;
+};
+
+void SandboxProcess::setupChildProcess()
+{
+    /*if (initgroups (NM_OPENCONNECT_USER, tun_user.tun_group) ||
+            setgid (tun_user.tun_group) ||
+            setuid (tun_user.tun_owner)) {
+        qDebug() << "Failed to drop privileges when spawning openconnect";
+    }*/
+}
+
+GPService::GPService(QObject *parent)
+    : QObject(parent)
+    , openconnect(new SandboxProcess)
+{
+    new GPServiceAdaptor(this);
+    QDBusConnection dbus = QDBusConnection::systemBus();
+    dbus.registerObject("/", this);
+    dbus.registerService("com.yuezk.qt.GPService");
+}
+
+void GPService::connect(QString server, QString username, QString passwd)
+{
+    qDebug() << server << username << passwd;
+
+    if (status() != QProcess::NotRunning) {
+        log("Openconnect has already started on PID " + QString::number(openconnect->processId()) + ", nothing changed.");
+        return;
+    }
+
+    QString bin = findBinary();
+
+    if (bin == nullptr) {
+        log("Could not found openconnect binary, make sure openconnect is installed, exiting.");
+        return;
+    }
+
+    char *tunName = "tun0"; // createPersistentTundev();
+    // Failed to create device
+    if (tunName == nullptr) {
+        log("Could not create tun, exiting.");
+        return;
+    }
+
+    qDebug() << tunName;
+
+    // openconnect --protocol=gp -i vpn0 -s 'sudo -E /etc/vpnc/vpnc-script' -u "zyue@microstrategy.com" --passwd-on-stdin "https://vpn.microstrategy.com/gateway:prelogin-cookie"
+    QStringList args;
+    args << "--protocol=gp"
+        // << "-i" << tunName
+        // << "-s" << "sudo -E /etc/vpnc/vpnc-script"
+        // << "-U" << NM_OPENCONNECT_USER
+     << "-u" << username
+     << "--passwd-on-stdin"
+     << server;
+
+    openconnect->start(bin, args);
+    openconnect->write(passwd.toUtf8());
+    openconnect->closeWriteChannel();
+
+    QObject::connect(openconnect, &QProcess::started, [this]() {
+        log("Openconnect started successfully, PID=" + QString::number(openconnect->processId()));
+    });
+
+    QObject::connect(openconnect, &QProcess::errorOccurred, [tunName, this](QProcess::ProcessError error) {
+        log("Error occurred: Openconnect started failed");
+        destroyPersistentTundev(tunName);
+        emit disconnected();
+    });
+
+    QObject::connect(openconnect, &QProcess::readyReadStandardOutput, [this] () {
+        QString output = openconnect->readAllStandardOutput();
+
+        log(output);
+        if (output.startsWith("Connected as")) {
+            emit connected();
+        }
+    });
+
+    QObject::connect(openconnect, &QProcess::readyReadStandardError, [this] () {
+        log(openconnect->readAllStandardError());
+    });
+
+    QObject::connect(openconnect, QOverload<int, QProcess::ExitStatus>::of(&QProcess::finished), [tunName, this](int exitCode, QProcess::ExitStatus exitStatus) {
+        log("Openconnect process exited with code " + QString::number(exitCode) + " and exit status " + QVariant::fromValue(exitStatus).toString());
+        destroyPersistentTundev(tunName);
+        emit disconnected();
+    });
+}
+
+void GPService::disconnect()
+{
+    if (openconnect->state() != QProcess::NotRunning) {
+        openconnect->terminate();
+    }
+}
+
+int GPService::status()
+{
+    return openconnect->state();
+}
+
+void GPService::log(QString msg)
+{
+    // 2020-02-12 15:33:45.120: log messsage
+    QString record = QDateTime::currentDateTime().toString("yyyy-MM-dd hh:mm:ss.zzz") + ": " + msg;
+    qDebug() << record;
+    emit logAvailable(record);
+}
+
+QString GPService::findBinary()
+{
+    for (int i = 0; i < binaryPaths->length(); i++) {
+        if (QFileInfo::exists(binaryPaths[i])) {
+            return binaryPaths[i];
+        }
+    }
+
+    return nullptr;
+}
+
+char *GPService::createPersistentTundev()
+{
+    struct passwd *pw;
+    struct ifreq ifr;
+    int fd;
+    int i;
+
+    pw = getpwnam(NM_OPENCONNECT_USER);
+    if (!pw)
+        return nullptr;
+
+    tun_user.tun_owner = pw->pw_uid;
+    tun_user.tun_group = pw->pw_gid;
+
+    fd = open("/dev/net/tun", O_RDWR);
+    if (fd < 0) {
+        qDebug("Failed to open /dev/net/tun");
+        return nullptr;
+    }
+
+    memset(&ifr, 0, sizeof(ifr));
+    ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
+
+    for (i = 0; i < 256; i++) {
+        sprintf(ifr.ifr_name, "gpvpn%d", i);
+
+        int retcode = ioctl(fd, TUNSETIFF, (void *)&ifr);
+
+        if (!retcode) {
+            break;
+        }
+    }
+
+    if (i == 256) {
+        qDebug("Failed to create tun");
+        return nullptr;
+    }
+
+    if (ioctl(fd, TUNSETOWNER, tun_user.tun_owner) < 0) {
+        qDebug("TUNSETOWNER");
+        return nullptr;
+    }
+
+    if (ioctl(fd, TUNSETPERSIST, 1)) {
+        qDebug("TUNSETPERSIST");
+        return nullptr;
+    }
+    close(fd);
+    qDebug("Created tundev %s\n", ifr.ifr_name);
+    return strdup(ifr.ifr_name);
+}
+
+void GPService::destroyPersistentTundev(char *tun_name)
+{
+    struct ifreq ifr;
+    int fd;
+
+    fd = open("/dev/net/tun", O_RDWR);
+    if (fd < 0) {
+        qDebug() << "Failed to open /dev/net/tun";
+        return;
+    }
+
+    memset(&ifr, 0, sizeof(ifr));
+    ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
+    strcpy(ifr.ifr_name, tun_name);
+
+    if (ioctl(fd, TUNSETIFF, (void *)&ifr) < 0) {
+        qDebug() << "TUNSETIFF";
+        return;
+    }
+
+    if (ioctl(fd, TUNSETPERSIST, 0)) {
+        qDebug() << "TUNSETPERSIST";
+        return;
+    }
+
+    qDebug() << "Destroyed  tundev %s\n" << tun_name;
+    close(fd);
+}

GPService/gpservice.h

@@ -0,0 +1,44 @@
+#ifndef GLOBALPROTECTSERVICE_H
+#define GLOBALPROTECTSERVICE_H
+
+#include <QObject>
+#include <QProcess>
+
+#define NM_OPENCONNECT_USER "nm-openconnect"
+
+static const QString binaryPaths[] {
+    "/usr/bin/openconnect",
+    "/usr/sbin/openconnect",
+    "/usr/local/bin/openconnect",
+    "/usr/local/sbin/openconnect",
+    "/opt/bin/openconnect",
+    "/opt/sbin/openconnect"
+};
+
+class GPService : public QObject
+{
+    Q_OBJECT
+    Q_CLASSINFO("D-Bus Interface", "com.yuezk.qt.GPService")
+public:
+    explicit GPService(QObject *parent = nullptr);
+
+signals:
+    void connected();
+    void disconnected();
+    void logAvailable(QString log);
+
+public slots:
+    void connect(QString server, QString username, QString passwd);
+    void disconnect();
+    int status();
+
+private:
+    QProcess *openconnect;
+
+    void log(QString msg);
+    static QString findBinary();
+    static char *createPersistentTundev();
+    static void destroyPersistentTundev(char *tun_name);
+};
+
+#endif // GLOBALPROTECTSERVICE_H

GPService/gpservice.xml

@@ -0,0 +1,22 @@
+<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
+<node>
+  <interface name="com.yuezk.qt.GPService">
+    <signal name="connected">
+    </signal>
+    <signal name="disconnected">
+    </signal>
+    <signal name="logAvailable">
+      <arg name="log" type="s" />
+    </signal>
+    <method name="connect">
+      <arg name="server" type="s" direction="in"/>
+      <arg name="username" type="s" direction="in"/>
+      <arg name="passwd" type="s" direction="in"/>
+    </method>
+    <method name="disconnect">
+    </method>
+    <method name="status">
+      <arg type="i" direction="out"/>
+    </method>
+  </interface>
+</node>

GPService/gpservice_adaptor.cpp

@@ -0,0 +1,55 @@
+/*
+ * This file was generated by qdbusxml2cpp version 0.8
+ * Command line was: qdbusxml2cpp -i gpservice_adaptor.h -a :gpservice_adaptor.cpp gpservice.xml
+ *
+ * qdbusxml2cpp is Copyright (C) 2020 The Qt Company Ltd.
+ *
+ * This is an auto-generated file.
+ * Do not edit! All changes made to it will be lost.
+ */
+
+#include "gpservice_adaptor.h"
+#include <QtCore/QMetaObject>
+#include <QtCore/QByteArray>
+#include <QtCore/QList>
+#include <QtCore/QMap>
+#include <QtCore/QString>
+#include <QtCore/QStringList>
+#include <QtCore/QVariant>
+
+/*
+ * Implementation of adaptor class GPServiceAdaptor
+ */
+
+GPServiceAdaptor::GPServiceAdaptor(QObject *parent)
+    : QDBusAbstractAdaptor(parent)
+{
+    // constructor
+    setAutoRelaySignals(true);
+}
+
+GPServiceAdaptor::~GPServiceAdaptor()
+{
+    // destructor
+}
+
+void GPServiceAdaptor::connect(const QString &server, const QString &username, const QString &passwd)
+{
+    // handle method call com.yuezk.qt.GPService.connect
+    QMetaObject::invokeMethod(parent(), "connect", Q_ARG(QString, server), Q_ARG(QString, username), Q_ARG(QString, passwd));
+}
+
+void GPServiceAdaptor::disconnect()
+{
+    // handle method call com.yuezk.qt.GPService.disconnect
+    QMetaObject::invokeMethod(parent(), "disconnect");
+}
+
+int GPServiceAdaptor::status()
+{
+    // handle method call com.yuezk.qt.GPService.status
+    int out0;
+    QMetaObject::invokeMethod(parent(), "status", Q_RETURN_ARG(int, out0));
+    return out0;
+}
+

GPService/gpservice_adaptor.h

@@ -0,0 +1,66 @@
+/*
+ * This file was generated by qdbusxml2cpp version 0.8
+ * Command line was: qdbusxml2cpp -a gpservice_adaptor.h: gpservice.xml
+ *
+ * qdbusxml2cpp is Copyright (C) 2020 The Qt Company Ltd.
+ *
+ * This is an auto-generated file.
+ * This file may have been hand-edited. Look for HAND-EDIT comments
+ * before re-generating it.
+ */
+
+#ifndef GPSERVICE_ADAPTOR_H
+#define GPSERVICE_ADAPTOR_H
+
+#include <QtCore/QObject>
+#include <QtDBus/QtDBus>
+QT_BEGIN_NAMESPACE
+class QByteArray;
+template<class T> class QList;
+template<class Key, class Value> class QMap;
+class QString;
+class QStringList;
+class QVariant;
+QT_END_NAMESPACE
+
+/*
+ * Adaptor class for interface com.yuezk.qt.GPService
+ */
+class GPServiceAdaptor: public QDBusAbstractAdaptor
+{
+    Q_OBJECT
+    Q_CLASSINFO("D-Bus Interface", "com.yuezk.qt.GPService")
+    Q_CLASSINFO("D-Bus Introspection", ""
+"  <interface name=\"com.yuezk.qt.GPService\">\n"
+"    <signal name=\"connected\"/>\n"
+"    <signal name=\"disconnected\"/>\n"
+"    <signal name=\"logAvailable\">\n"
+"      <arg type=\"s\" name=\"log\"/>\n"
+"    </signal>\n"
+"    <method name=\"connect\">\n"
+"      <arg direction=\"in\" type=\"s\" name=\"server\"/>\n"
+"      <arg direction=\"in\" type=\"s\" name=\"username\"/>\n"
+"      <arg direction=\"in\" type=\"s\" name=\"passwd\"/>\n"
+"    </method>\n"
+"    <method name=\"disconnect\"/>\n"
+"    <method name=\"status\">\n"
+"      <arg direction=\"out\" type=\"i\"/>\n"
+"    </method>\n"
+"  </interface>\n"
+        "")
+public:
+    GPServiceAdaptor(QObject *parent);
+    virtual ~GPServiceAdaptor();
+
+public: // PROPERTIES
+public Q_SLOTS: // METHODS
+    void connect(const QString &server, const QString &username, const QString &passwd);
+    void disconnect();
+    int status();
+Q_SIGNALS: // SIGNALS
+    void connected();
+    void disconnected();
+    void logAvailable(const QString &log);
+};
+
+#endif

GPService/main.cpp

@@ -0,0 +1,19 @@
+#include <QCoreApplication>
+#include <QtDBus>
+
+#include "gpservice.h"
+
+int main(int argc, char *argv[])
+{
+    QCoreApplication a(argc, argv);
+
+    if (!QDBusConnection::systemBus().isConnected()) {
+        qWarning("Cannot connect to the D-Bus session bus.\n"
+                 "Please check your system settings and try again.\n");
+        return 1;
+    }
+
+    new GPService;
+
+    return a.exec();
+}