cassidy/GlobalProtect-openconnect
1
0
Fork 0
mirror of https://github.com/yuezk/GlobalProtect-openconnect.git synced 2025-05-20 07:26:58 -04:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: cassidy:v2.2.1
Branches Tags
cassidy:main cassidy:dev cassidy:fix_multi_tray_icon cassidy:gpauth_windows cassidy:2.3.x cassidy:feature/handle_suspend cassidy:1.x
cassidy:v2.4.4 cassidy:v2.3.11 cassidy:v2.4.3 cassidy:v2.3.10 cassidy:v2.4.2 cassidy:v2.4.1 cassidy:v2.4.0 cassidy:v2.3.9 cassidy:v2.3.8 cassidy:v2.3.7 cassidy:v2.3.6 cassidy:v2.3.5 cassidy:v2.3.4 cassidy:v2.3.3 cassidy:v2.3.2 cassidy:v2.3.1 cassidy:v2.3.0 cassidy:v2.2.1 cassidy:v2.2.0 cassidy:v2.1.4 cassidy:snapshot cassidy:v2.1.3 cassidy:v2.1.2 cassidy:v2.1.1 cassidy:v2.1.0 cassidy:latest cassidy:v2.0.0 cassidy:v2.0.0-beta8 cassidy:v2.0.0-beta7 cassidy:v2.0.0-beta6 cassidy:v2.0.0-beta5 cassidy:v2.0.0-beta4 cassidy:v2.0.0-beta3 cassidy:v2.0.0-beta2 cassidy:v2.0.0-beta1 cassidy:v1.4.9 cassidy:v1.4.8 cassidy:v1.4.7 cassidy:v1.4.6 cassidy:v1.4.5 cassidy:v1.4.4 cassidy:v1.4.3 cassidy:v1.4.2 cassidy:v1.4.1 cassidy:v1.4.0 cassidy:v1.3.4 cassidy:v1.3.3 cassidy:v1.3.2 cassidy:v1.3.1 cassidy:v1.3.0 cassidy:v1.2.9 cassidy:v1.2.8 cassidy:v1.2.7 cassidy:v1.2.6 cassidy:v1.2.5 cassidy:v1.2.4 cassidy:v1.2.3 cassidy:v1.2.2 cassidy:v1.2.1 cassidy:v1.2.0 cassidy:v1.1.0 cassidy:v1.0.0 cassidy:v0.0.3 cassidy:v0.0.2 cassidy:v0.0.1
..
compare: cassidy:f9c0eb43a62c06fcc41a81656da8d19d46b1cd06
Branches Tags
cassidy:main cassidy:dev cassidy:fix_multi_tray_icon cassidy:gpauth_windows cassidy:2.3.x cassidy:feature/handle_suspend cassidy:1.x
cassidy:v2.4.4 cassidy:v2.3.11 cassidy:v2.4.3 cassidy:v2.3.10 cassidy:v2.4.2 cassidy:v2.4.1 cassidy:v2.4.0 cassidy:v2.3.9 cassidy:v2.3.8 cassidy:v2.3.7 cassidy:v2.3.6 cassidy:v2.3.5 cassidy:v2.3.4 cassidy:v2.3.3 cassidy:v2.3.2 cassidy:v2.3.1 cassidy:v2.3.0 cassidy:v2.2.1 cassidy:v2.2.0 cassidy:v2.1.4 cassidy:snapshot cassidy:v2.1.3 cassidy:v2.1.2 cassidy:v2.1.1 cassidy:v2.1.0 cassidy:latest cassidy:v2.0.0 cassidy:v2.0.0-beta8 cassidy:v2.0.0-beta7 cassidy:v2.0.0-beta6 cassidy:v2.0.0-beta5 cassidy:v2.0.0-beta4 cassidy:v2.0.0-beta3 cassidy:v2.0.0-beta2 cassidy:v2.0.0-beta1 cassidy:v1.4.9 cassidy:v1.4.8 cassidy:v1.4.7 cassidy:v1.4.6 cassidy:v1.4.5 cassidy:v1.4.4 cassidy:v1.4.3 cassidy:v1.4.2 cassidy:v1.4.1 cassidy:v1.4.0 cassidy:v1.3.4 cassidy:v1.3.3 cassidy:v1.3.2 cassidy:v1.3.1 cassidy:v1.3.0 cassidy:v1.2.9 cassidy:v1.2.8 cassidy:v1.2.7 cassidy:v1.2.6 cassidy:v1.2.5 cassidy:v1.2.4 cassidy:v1.2.3 cassidy:v1.2.2 cassidy:v1.2.1 cassidy:v1.2.0 cassidy:v1.1.0 cassidy:v1.0.0 cassidy:v0.0.3 cassidy:v0.0.2 cassidy:v0.0.1

1 Commits
v2.2.1 ... f9c0eb43a6

Author SHA1 Message Date
Kevin Yue
f9c0eb43a6 Add gpgui-helper 2024-02-18 05:30:32 -05:00
80 changed files with 823 additions and 2862 deletions
Expand all files Collapse all files

3
.editorconfig
View File

@@ -7,6 +7,3 @@ indent_size = 2
end_of_line = lf end_of_line = lf
insert_final_newline = true insert_final_newline = true
trim_trailing_whitespace = true trim_trailing_whitespace = true
[{Makefile,Makefile.in}]
indent_style = tab

30
.github/ISSUE_TEMPLATE/bug_report.md vendored
View File

@@ -1,30 +0,0 @@
---
name: Bug report
about: Create a report to help us improve
title: ''
labels: ''
assignees: ''
---
**Describe the bug**
A clear and concise description of what the bug is.
**Expected behavior**
A clear and concise description of what you expected to happen.
**Screenshots**
If applicable, add screenshots to help explain your problem.
**Logs**
- For the GUI version, you can find the logs at `~/.local/share/gpclient/gpclient.log`
- For the CLI version, copy the output of the `gpclient` command.
**Environment:**
- OS: [e.g. Ubuntu 22.04]
- Desktop Environment: [e.g. GNOME or KDE]
- Output of `ps aux | grep 'gnome-keyring\|kwalletd5' | grep -v grep`: [Required for secure store error]
- Is remote SSH? [Yes/No]
**Additional context**
Add any other context about the problem here.

414
.github/workflows/build.yaml vendored
View File

@@ -1,4 +1,4 @@
name: Build name: Build GPGUI
on: on:
push: push:
paths-ignore: paths-ignore:
@@ -8,11 +8,8 @@ on:
- .devcontainer - .devcontainer
branches: branches:
- main - main
- dev
- hotfix/*
- feature/*
- release/*
tags: tags:
- latest
- v*.*.* - v*.*.*
jobs: jobs:
# Include arm64 if ref is a tag # Include arm64 if ref is a tag
@@ -25,164 +22,287 @@ jobs:
id: set-matrix id: set-matrix
run: | run: |
if [[ "${{ github.ref }}" == "refs/tags/"* ]]; then if [[ "${{ github.ref }}" == "refs/tags/"* ]]; then
echo 'matrix=[{"runner": "ubuntu-latest", "arch": "amd64"}, {"runner": "arm64", "arch": "arm64"}]' >> $GITHUB_OUTPUT echo "matrix=[\"amd64\", \"arm64\"]" >> $GITHUB_OUTPUT
else else
echo 'matrix=[{"runner": "ubuntu-latest", "arch": "amd64"}]' >> $GITHUB_OUTPUT echo "matrix=[\"amd64\"]" >> $GITHUB_OUTPUT
fi fi
tarball: build-fe:
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: [setup-matrix]
steps: steps:
- uses: pnpm/action-setup@v2 - name: Checkout gpgui repo
with:
version: 8
- name: Prepare workspace
run: rm -rf source && mkdir source
- name: Checkout GlobalProtect-openconnect
uses: actions/checkout@v3
with:
token: ${{ secrets.GH_PAT }}
repository: yuezk/GlobalProtect-openconnect
ref: ${{ github.ref }}
path: source/gp
- name: Create tarball
run: |
cd source/gp
# Generate the SNAPSHOT file for non-tagged commits
if [[ "${{ github.ref }}" != "refs/tags/"* ]]; then
touch SNAPSHOT
fi
make tarball
- name: Upload tarball
uses: actions/upload-artifact@v3
with:
name: artifact-source
if-no-files-found: error
path: |
source/gp/.build/tarball/*.tar.gz
build-gp:
needs:
- setup-matrix
- tarball
strategy:
matrix:
os: ${{fromJson(needs.setup-matrix.outputs.matrix)}}
package: [deb, rpm, pkg, binary]
runs-on: ${{ matrix.os.runner }}
name: build-gp (${{ matrix.package }}, ${{ matrix.os.arch }})
steps:
- name: Prepare workspace
run: |
rm -rf build-gp-${{ matrix.package }}
mkdir -p build-gp-${{ matrix.package }}
- name: Download tarball
uses: actions/download-artifact@v3
with:
name: artifact-source
path: build-gp-${{ matrix.package }}
- name: Docker Login
run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin
- name: Build ${{ matrix.package }} package in Docker
run: |
docker run --rm \
-v $(pwd)/build-gp-${{ matrix.package }}:/${{ matrix.package }} \
yuezk/gpdev:${{ matrix.package }}-builder
- name: Install ${{ matrix.package }} package in Docker
run: |
docker run --rm \
-e GPGUI_INSTALLED=0 \
-v $(pwd)/build-gp-${{ matrix.package }}:/${{ matrix.package }} \
yuezk/gpdev:${{ matrix.package }}-builder \
bash install.sh
- name: Upload ${{ matrix.package }} package
uses: actions/upload-artifact@v3
with:
name: artifact-gp-${{ matrix.package }}-${{ matrix.os.arch }}
if-no-files-found: error
path: |
build-gp-${{ matrix.package }}/artifacts/*
build-gpgui:
needs:
- setup-matrix
strategy:
matrix:
os: ${{fromJson(needs.setup-matrix.outputs.matrix)}}
runs-on: ${{ matrix.os.runner }}
name: build-gpgui (${{ matrix.os.arch }})
steps:
- uses: pnpm/action-setup@v2
with:
version: 8
- name: Prepare workspace
run: rm -rf gpgui-source && mkdir gpgui-source
- name: Checkout GlobalProtect-openconnect
uses: actions/checkout@v3
with:
token: ${{ secrets.GH_PAT }}
repository: yuezk/GlobalProtect-openconnect
ref: ${{ github.ref }}
path: gpgui-source/gp
- name: Checkout gpgui@${{ github.ref_name }}
uses: actions/checkout@v3 uses: actions/checkout@v3
with: with:
token: ${{ secrets.GH_PAT }} token: ${{ secrets.GH_PAT }}
repository: yuezk/gpgui repository: yuezk/gpgui
ref: ${{ github.ref_name }}
path: gpgui-source/gpgui - name: Install Node.js
- name: Tarball uses: actions/setup-node@v4
with:
node-version: 18
- uses: pnpm/action-setup@v2
with:
version: 8
- name: Install dependencies
run: | run: |
cd gpgui-source cd app
tar -czf gpgui.tar.gz gpgui gp pnpm install
- name: Docker Login - name: Build
run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin
- name: Build gpgui in Docker
run: | run: |
docker run --rm -v $(pwd)/gpgui-source:/gpgui yuezk/gpdev:gpgui-builder cd app
- name: Install gpgui in Docker pnpm run build
run: |
cd gpgui-source - name: Upload artifacts
tar -xJf *.bin.tar.xz
docker run --rm -v $(pwd):/gpgui yuezk/gpdev:gpgui-builder \
bash -c "cd /gpgui/gpgui_*/ && ./gpgui --version"
- name: Upload gpgui
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v3
with: with:
name: artifact-gpgui-${{ matrix.os.arch }} name: gpgui-fe
if-no-files-found: error path: app/dist
path: |
gpgui-source/*.bin.tar.xz
gpgui-source/*.bin.tar.xz.sha256
gh-release: build-tauri-amd64:
if: ${{ github.ref == 'refs/heads/dev' || startsWith(github.ref, 'refs/tags/') }} needs: [build-fe]
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs:
- tarball
- build-gp
- build-gpgui
steps: steps:
- name: Prepare workspace - name: Checkout gpgui repo
run: rm -rf gh-release && mkdir gh-release uses: actions/checkout@v3
- name: Download all artifacts with:
token: ${{ secrets.GH_PAT }}
repository: yuezk/gpgui
path: gpgui
- name: Checkout gp repo
uses: actions/checkout@v3
with:
token: ${{ secrets.GH_PAT }}
repository: yuezk/GlobalProtect-openconnect
path: gp
- name: Download gpgui-fe artifact
uses: actions/download-artifact@v3 uses: actions/download-artifact@v3
with: with:
path: gh-release name: gpgui-fe
- name: Create GH release path: gpgui/app/dist
env:
GH_TOKEN: ${{ secrets.GH_PAT }} - name: Login to Docker Hub
RELEASE_TAG: ${{ github.ref == 'refs/heads/dev' && 'snapshot' || github.ref_name }} uses: docker/login-action@v3
REPO: ${{ github.repository }} with:
NOTES: ${{ github.ref == 'refs/heads/dev' && '**!!! DO NOT USE THIS RELEASE IN PRODUCTION !!!**' || format('Release {0}', github.ref_name) }} username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Build Tauri in Docker
run: | run: |
gh -R "$REPO" release delete $RELEASE_TAG --yes --cleanup-tag || true docker run \
gh -R "$REPO" release create $RELEASE_TAG \ --rm \
--title "$RELEASE_TAG" \ -v $(pwd):/${{ github.workspace }} \
--notes "$NOTES" \ -w ${{ github.workspace }} \
${{ github.ref == 'refs/heads/dev' && '--target dev' || '' }} \ -e CI=true \
${{ github.ref == 'refs/heads/dev' && '--prerelease' || '' }} \ yuezk/gpdev:main \
gh-release/artifact-source/* \ "./gpgui/scripts/build.sh"
gh-release/artifact-gpgui-*/*
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: artifact-amd64-tauri
path: |
gpgui/.tmp/artifact
build-tauri-arm64:
if: startsWith(github.ref, 'refs/tags/')
needs: [build-fe]
runs-on: self-hosted
steps:
- name: Checkout gpgui repo
uses: actions/checkout@v3
with:
token: ${{ secrets.GH_PAT }}
repository: yuezk/gpgui
path: gpgui
- name: Checkout gp repo
uses: actions/checkout@v3
with:
token: ${{ secrets.GH_PAT }}
repository: yuezk/GlobalProtect-openconnect
path: gp
- name: Download gpgui-fe artifact
uses: actions/download-artifact@v3
with:
name: gpgui-fe
path: gpgui/app/dist
- name: Build Tauri
run: |
./gpgui/scripts/build.sh
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: artifact-arm64-tauri
path: |
gpgui/.tmp/artifact
package-tarball:
needs: [build-tauri-amd64, build-tauri-arm64]
runs-on: ubuntu-latest
steps:
- name: Checkout gpgui repo
uses: actions/checkout@v3
with:
token: ${{ secrets.GH_PAT }}
repository: yuezk/gpgui
path: gpgui
- name: Download artifact-amd64-tauri
uses: actions/download-artifact@v3
with:
name: artifact-amd64-tauri
path: gpgui/.tmp/artifact
- name: Download artifact-arm64-tauri
uses: actions/download-artifact@v3
with:
name: artifact-arm64-tauri
path: gpgui/.tmp/artifact
- name: Create tarball
run: |
./gpgui/scripts/build-tarball.sh
- name: Upload tarball
uses: actions/upload-artifact@v3
with:
name: artifact-tarball
path: |
gpgui/.tmp/tarball/*.tar.gz
package-rpm:
needs: [setup-matrix, package-tarball]
runs-on: ubuntu-latest
strategy:
matrix:
arch: ${{ fromJson(needs.setup-matrix.outputs.matrix) }}
steps:
- name: Checkout gpgui repo
uses: actions/checkout@v3
with:
token: ${{ secrets.GH_PAT }}
repository: yuezk/gpgui
path: gpgui
- name: Download package tarball
uses: actions/download-artifact@v3
with:
name: artifact-tarball
path: gpgui/.tmp/artifact
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: ${{ matrix.arch }}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Create RPM package
run: |
docker run \
--rm \
-v $(pwd):/${{ github.workspace }} \
-w ${{ github.workspace }} \
--platform linux/${{ matrix.arch }} \
yuezk/gpdev:rpm-builder \
"./gpgui/scripts/build-rpm.sh"
- name: Upload rpm artifacts
uses: actions/upload-artifact@v3
with:
name: artifact-${{ matrix.arch }}-rpm
path: |
gpgui/.tmp/artifact/*.rpm
package-pkgbuild:
needs: [setup-matrix, build-tauri-amd64, build-tauri-arm64]
runs-on: ubuntu-latest
strategy:
matrix:
arch: ${{ fromJson(needs.setup-matrix.outputs.matrix) }}
steps:
- name: Checkout gpgui repo
uses: actions/checkout@v3
with:
token: ${{ secrets.GH_PAT }}
repository: yuezk/gpgui
path: gpgui
- name: Download artifact-${{ matrix.arch }}
uses: actions/download-artifact@v3
with:
name: artifact-${{ matrix.arch }}-tauri
path: gpgui/.tmp/artifact
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: ${{ matrix.arch }}
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Generate PKGBUILD
run: |
export CI_ARCH=${{ matrix.arch }}
./gpgui/scripts/generate-pkgbuild.sh
- name: Build PKGBUILD package
run: |
# Build package
docker run \
--rm \
-v $(pwd)/gpgui/.tmp/pkgbuild:/pkgbuild \
--platform linux/${{ matrix.arch }} \
yuezk/gpdev:pkgbuild
- name: Upload pkgbuild artifacts
uses: actions/upload-artifact@v3
with:
name: artifact-${{ matrix.arch }}-pkgbuild
path: |
gpgui/.tmp/pkgbuild/*.pkg.tar.zst
gh-release:
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
needs:
- package-rpm
- package-pkgbuild
steps:
- name: Download artifact
uses: actions/download-artifact@v3
with:
path: artifact
# pattern: artifact-*
# merge-multiple: true
# - name: Generate checksum
# uses: jmgilman/actions-generate-checksum@v1
# with:
# output: checksums.txt
# patterns: |
# artifact/*
- name: Create GH release
uses: softprops/action-gh-release@v1
with:
token: ${{ secrets.GH_PAT }}
prerelease: ${{ contains(github.ref, 'latest') }}
fail_on_unmatched_files: true
files: |
artifact/artifact-*/*

89
.github/workflows/publish.yaml vendored
View File

@@ -1,89 +0,0 @@
name: Publish Packages
on:
workflow_dispatch:
inputs:
tag:
description: 'Tag to publish'
required: true
revision:
description: 'Package revision'
required: true
default: "1"
ppa:
description: 'Publish to PPA'
type: boolean
required: true
default: true
obs:
description: 'Publish to OBS'
type: boolean
required: true
default: true
aur:
description: 'Publish to AUR'
type: boolean
required: true
default: true
jobs:
check:
runs-on: ubuntu-latest
steps:
- name: Check tag exists
uses: mukunku/tag-exists-action@v1.6.0
id: check-tag
with:
tag: ${{ inputs.tag }}
- name: Exit if tag does not exist
run: |
if [[ "${{ steps.check-tag.outputs.exists }}" == "false" ]]; then
echo "Tag ${{ inputs.tag }} does not exist"
exit 1
fi
publish-ppa:
needs: check
if: ${{ inputs.ppa }}
runs-on: ubuntu-latest
steps:
- uses: pnpm/action-setup@v2
with:
version: 8
- name: Prepare workspace
run: rm -rf publish-ppa && mkdir publish-ppa
- name: Download ${{ inputs.tag }} source code
uses: robinraju/release-downloader@v1.9
with:
token: ${{ secrets.GH_PAT }}
tag: ${{ inputs.tag }}
fileName: globalprotect-openconnect-*.tar.gz
tarBall: false
zipBall: false
out-file-path: publish-ppa
- name: Make the offline tarball
run: |
cd publish-ppa
tar -xf globalprotect-openconnect-*.tar.gz
cd globalprotect-openconnect-*/
make tarball OFFLINE=1
# Prepare the debian directory with custom files
mkdir -p .build/debian
sed 's/@RUST@/rust-all(>=1.70)/g' packaging/deb/control.in > .build/debian/control
sed 's/@OFFLINE@/1/g' packaging/deb/rules.in > .build/debian/rules
cp packaging/deb/postrm .build/debian/postrm
- name: Publish to PPA
uses: yuezk/publish-ppa-package@dev
with:
repository: "yuezk/globalprotect-openconnect"
gpg_private_key: ${{ secrets.PPA_GPG_PRIVATE_KEY }}
gpg_passphrase: ${{ secrets.PPA_GPG_PASSPHRASE }}
tarball: publish-ppa/globalprotect-openconnect-*/.build/tarball/*.tar.gz
debian_dir: publish-ppa/globalprotect-openconnect-*/.build/debian
deb_email: "k3vinyue@gmail.com"
deb_fullname: "Kevin Yue"
extra_ppa: "liushuyu-011/rust-bpo-1.75"
revision: ${{ inputs.revision }}

153
.github/workflows/release.yaml vendored
View File

@@ -1,153 +0,0 @@
name: Release Packages
on:
workflow_dispatch:
inputs:
tag:
description: 'Tag to release'
required: true
arch:
type: choice
description: 'Architecture to build'
required: true
default: all
options:
- all
- x86_64
- arm64
release-deb:
type: boolean
description: 'Build DEB package'
required: true
default: true
release-rpm:
type: boolean
description: 'Build RPM package'
required: true
default: true
release-pkg:
type: boolean
description: 'Build PKG package'
required: true
default: true
release-binary:
type: boolean
description: 'Build binary package'
required: true
default: true
gh-release:
type: boolean
description: 'Update GitHub release'
required: true
default: true
jobs:
check:
runs-on: ubuntu-latest
steps:
- name: Check tag exists
uses: mukunku/tag-exists-action@v1.6.0
id: check-tag
with:
tag: ${{ inputs.tag }}
- name: Exit if tag does not exist
run: |
if [[ "${{ steps.check-tag.outputs.exists }}" == "false" ]]; then
echo "Tag ${{ inputs.tag }} does not exist"
exit 1
fi
setup-matrix:
needs:
- check
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.result }}
steps:
- name: Set up matrix
id: set-matrix
uses: actions/github-script@v7
with:
result-encoding: string
script: |
const inputs = ${{ toJson(inputs) }}
const { arch } = inputs
const osMap = {
"all": ["ubuntu-latest", "arm64"],
"x86_64": ["ubuntu-latest"],
"arm64": ["arm64"]
}
const package = Object.entries(inputs)
.filter(([key, value]) => key.startsWith('release-') && value)
.map(([key, value]) => key.replace('release-', ''))
return JSON.stringify({
os: osMap[arch],
package,
})
build:
needs:
- setup-matrix
strategy:
matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }}
runs-on: ${{ matrix.os }}
steps:
- name: Prepare workspace
run: rm -rf build-${{ matrix.package }} && mkdir -p build-${{ matrix.package }}
- name: Download ${{ inputs.tag }} source code
uses: robinraju/release-downloader@v1.9
with:
token: ${{ secrets.GH_PAT }}
tag: ${{ inputs.tag }}
fileName: globalprotect-openconnect-*.tar.gz
tarBall: false
zipBall: false
out-file-path: build-${{ matrix.package }}
- name: Docker Login
run: echo ${{ secrets.DOCKER_HUB_TOKEN }} | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin
- name: Build ${{ matrix.package }} package in Docker
run: |
docker run --rm \
-v $(pwd)/build-${{ matrix.package }}:/${{ matrix.package }} \
-e INCLUDE_GUI=1 \
yuezk/gpdev:${{ matrix.package }}-builder
- name: Install ${{ matrix.package }} package in Docker
run: |
docker run --rm \
-v $(pwd)/build-${{ matrix.package }}:/${{ matrix.package }} \
yuezk/gpdev:${{ matrix.package }}-builder \
bash install.sh
- name: Upload ${{ matrix.package }} package
uses: actions/upload-artifact@v3
with:
name: artifact-${{ matrix.os }}-${{ matrix.package }}
if-no-files-found: error
path: |
build-${{ matrix.package }}/artifacts/*
gh-release:
needs:
- build
runs-on: ubuntu-latest
if: ${{ inputs.gh-release }}
steps:
- name: Prepare workspace
run: rm -rf gh-release && mkdir gh-release
- name: Download artifact
uses: actions/download-artifact@v3
with:
path: gh-release
- name: Update release
uses: softprops/action-gh-release@v1
with:
token: ${{ secrets.GH_PAT }}
prerelease: ${{ contains(github.ref, 'snapshot') }}
fail_on_unmatched_files: true
tag_name: ${{ inputs.tag }}
files: |
gh-release/artifact-*/*

6
.gitignore vendored
View File

@@ -2,9 +2,3 @@
/target /target
.pnpm-store .pnpm-store
.env .env
.vendor
*.tar.xz
.cargo
.build
SNAPSHOT

150
Cargo.lock generated
View File

@@ -126,6 +126,28 @@ version = "1.0.79"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "080e9890a082662b09c1ad45f567faeeb47f22b5fb23895fbe1e651e718e25ca" checksum = "080e9890a082662b09c1ad45f567faeeb47f22b5fb23895fbe1e651e718e25ca"
[[package]]
name = "async-stream"
version = "0.3.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cd56dd203fef61ac097dd65721a419ddccb106b2d2b70ba60a6b529f03961a51"
dependencies = [
"async-stream-impl",
"futures-core",
"pin-project-lite",
]
[[package]]
name = "async-stream-impl"
version = "0.3.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "16e62a023e7c117e27523144c5d2459f4397fcc3cab0085af8e2224f643a0193"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.48",
]
[[package]] [[package]]
name = "async-trait" name = "async-trait"
version = "0.1.77" version = "0.1.77"
@@ -562,13 +584,6 @@ dependencies = [
"memchr", "memchr",
] ]
[[package]]
name = "common"
version = "2.2.1"
dependencies = [
"is_executable",
]
[[package]] [[package]]
name = "compile-time" name = "compile-time"
version = "0.2.0" version = "0.2.0"
@@ -910,6 +925,19 @@ dependencies = [
"syn 1.0.109", "syn 1.0.109",
] ]
[[package]]
name = "downloader"
version = "0.2.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d05213e96f184578b5f70105d4d0a644a168e99e12d7bea0b200c15d67b5c182"
dependencies = [
"futures",
"rand 0.8.5",
"reqwest",
"thiserror",
"tokio",
]
[[package]] [[package]]
name = "dtoa" name = "dtoa"
version = "1.0.9" version = "1.0.9"
@@ -1430,7 +1458,7 @@ dependencies = [
[[package]] [[package]]
name = "gpapi" name = "gpapi"
version = "2.2.1" version = "2.0.0"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"base64 0.21.5", "base64 0.21.5",
@@ -1447,7 +1475,6 @@ dependencies = [
"serde", "serde",
"serde_json", "serde_json",
"serde_urlencoded", "serde_urlencoded",
"sha256",
"specta", "specta",
"specta-macros", "specta-macros",
"tauri", "tauri",
@@ -1462,14 +1489,13 @@ dependencies = [
[[package]] [[package]]
name = "gpauth" name = "gpauth"
version = "2.2.1" version = "2.0.0"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"clap", "clap",
"compile-time", "compile-time",
"env_logger", "env_logger",
"gpapi", "gpapi",
"html-escape",
"log", "log",
"regex", "regex",
"serde_json", "serde_json",
@@ -1483,11 +1509,10 @@ dependencies = [
[[package]] [[package]]
name = "gpclient" name = "gpclient"
version = "2.2.1" version = "2.0.0"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"clap", "clap",
"common",
"compile-time", "compile-time",
"directories", "directories",
"env_logger", "env_logger",
@@ -1505,16 +1530,17 @@ dependencies = [
[[package]] [[package]]
name = "gpgui-helper" name = "gpgui-helper"
version = "2.2.1" version = "2.0.0"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"async-stream",
"base64 0.21.5",
"clap", "clap",
"compile-time", "compile-time",
"downloader",
"env_logger", "env_logger",
"futures-util", "futures-util",
"gpapi",
"log", "log",
"reqwest",
"tauri", "tauri",
"tauri-build", "tauri-build",
"tempfile", "tempfile",
@@ -1523,7 +1549,7 @@ dependencies = [
[[package]] [[package]]
name = "gpservice" name = "gpservice"
version = "2.2.1" version = "2.0.0"
dependencies = [ dependencies = [
"anyhow", "anyhow",
"axum", "axum",
@@ -1534,12 +1560,9 @@ dependencies = [
"gpapi", "gpapi",
"log", "log",
"openconnect", "openconnect",
"serde",
"serde_json", "serde_json",
"tar",
"tokio", "tokio",
"tokio-util", "tokio-util",
"xz2",
] ]
[[package]] [[package]]
@@ -1599,9 +1622,9 @@ dependencies = [
[[package]] [[package]]
name = "h2" name = "h2"
version = "0.3.26" version = "0.3.24"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "81fe527a889e1532da5c525686d96d4c2e74cdd345badf8dfef9f6b39dd5f5e8" checksum = "bb2c4422095b67ee78da96fbb51a4cc413b3b25883c7717ff7ca1ab31022c9c9"
dependencies = [ dependencies = [
"bytes", "bytes",
"fnv", "fnv",
@@ -1618,9 +1641,9 @@ dependencies = [
[[package]] [[package]]
name = "h2" name = "h2"
version = "0.4.4" version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "816ec7294445779408f36fe57bc5b7fc1cf59664059096c65f905c1c61f58069" checksum = "31d030e59af851932b72ceebadf4a2b5986dba4c3b99dd2493f8273a0f151943"
dependencies = [ dependencies = [
"bytes", "bytes",
"fnv", "fnv",
@@ -1674,15 +1697,6 @@ version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
[[package]]
name = "html-escape"
version = "0.2.13"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6d1ad449764d627e22bfd7cd5e8868264fc9236e07c752972b4080cd351cb476"
dependencies = [
"utf8-width",
]
[[package]] [[package]]
name = "html5ever" name = "html5ever"
version = "0.26.0" version = "0.26.0"
@@ -1787,7 +1801,7 @@ dependencies = [
"futures-channel", "futures-channel",
"futures-core", "futures-core",
"futures-util", "futures-util",
"h2 0.3.26", "h2 0.3.24",
"http 0.2.11", "http 0.2.11",
"http-body 0.4.6", "http-body 0.4.6",
"httparse", "httparse",
@@ -1810,7 +1824,7 @@ dependencies = [
"bytes", "bytes",
"futures-channel", "futures-channel",
"futures-util", "futures-util",
"h2 0.4.4", "h2 0.4.2",
"http 1.0.0", "http 1.0.0",
"http-body 1.0.0", "http-body 1.0.0",
"httparse", "httparse",
@@ -2218,17 +2232,6 @@ dependencies = [
"tracing-subscriber", "tracing-subscriber",
] ]
[[package]]
name = "lzma-sys"
version = "0.1.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5fda04ab3764e6cde78b9974eec4f779acaba7c4e84b36eca3cf77c581b85d27"
dependencies = [
"cc",
"libc",
"pkg-config",
]
[[package]] [[package]]
name = "mac" name = "mac"
version = "0.1.1" version = "0.1.1"
@@ -2318,9 +2321,9 @@ dependencies = [
[[package]] [[package]]
name = "mio" name = "mio"
version = "0.8.11" version = "0.8.10"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a4a650543ca06a924e8b371db273b2756685faae30f8487da1b56505a8f78b0c" checksum = "8f3d0b296e374a4e6f3c7b0a1f5a51d748a0d34c85e7dc48fc3fa9a87657fe09"
dependencies = [ dependencies = [
"libc", "libc",
"log", "log",
@@ -2537,10 +2540,10 @@ dependencies = [
[[package]] [[package]]
name = "openconnect" name = "openconnect"
version = "2.2.1" version = "2.0.0"
dependencies = [ dependencies = [
"cc", "cc",
"common", "is_executable",
"log", "log",
] ]
@@ -3167,7 +3170,7 @@ dependencies = [
"encoding_rs", "encoding_rs",
"futures-core", "futures-core",
"futures-util", "futures-util",
"h2 0.3.26", "h2 0.3.24",
"http 0.2.11", "http 0.2.11",
"http-body 0.4.6", "http-body 0.4.6",
"hyper 0.14.28", "hyper 0.14.28",
@@ -3499,19 +3502,6 @@ dependencies = [
"digest", "digest",
] ]
[[package]]
name = "sha256"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "18278f6a914fa3070aa316493f7d2ddfb9ac86ebc06fa3b83bffda487e9065b0"
dependencies = [
"async-trait",
"bytes",
"hex",
"sha2",
"tokio",
]
[[package]] [[package]]
name = "sharded-slab" name = "sharded-slab"
version = "0.1.7" version = "0.1.7"
@@ -4165,9 +4155,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
[[package]] [[package]]
name = "tokio" name = "tokio"
version = "1.36.0" version = "1.35.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "61285f6515fa018fb2d1e46eb21223fff441ee8db5d0f1435e8ab4f5cdb80931" checksum = "c89b4efa943be685f629b149f53829423f8f5531ea21249408e8e2f8671ec104"
dependencies = [ dependencies = [
"backtrace", "backtrace",
"bytes", "bytes",
@@ -4494,12 +4484,6 @@ version = "0.7.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9" checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9"
[[package]]
name = "utf8-width"
version = "0.1.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "86bd8d4e895da8537e5315b8254664e6b769c4ff3db18321b297a1e7004392e3"
[[package]] [[package]]
name = "utf8parse" name = "utf8parse"
version = "0.2.1" version = "0.2.1"
@@ -4606,12 +4590,6 @@ version = "0.11.0+wasi-snapshot-preview1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
[[package]]
name = "wasite"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b8dad83b4f25e74f184f64c43b150b91efe7647395b42289f38e50566d82855b"
[[package]] [[package]]
name = "wasm-bindgen" name = "wasm-bindgen"
version = "0.2.89" version = "0.2.89"
@@ -4788,12 +4766,11 @@ dependencies = [
[[package]] [[package]]
name = "whoami" name = "whoami"
version = "1.5.1" version = "1.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a44ab49fad634e88f55bf8f9bb3abd2f27d7204172a112c7c9987e01c1c94ea9" checksum = "22fc3756b8a9133049b26c7f61ab35416c130e8c09b660f5b3958b446f52cc50"
dependencies = [ dependencies = [
"redox_syscall", "wasm-bindgen",
"wasite",
"web-sys", "web-sys",
] ]
@@ -5168,15 +5145,6 @@ version = "0.13.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "66fee0b777b0f5ac1c69bb06d361268faafa61cd4682ae064a171c16c433e9e4" checksum = "66fee0b777b0f5ac1c69bb06d361268faafa61cd4682ae064a171c16c433e9e4"
[[package]]
name = "xz2"
version = "0.1.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "388c44dc09d76f1536602ead6d325eb532f5c122f17782bd57fb47baeeb767e2"
dependencies = [
"lzma-sys",
]
[[package]] [[package]]
name = "zeroize" name = "zeroize"
version = "1.7.0" version = "1.7.0"

4
Cargo.toml
View File

@@ -4,8 +4,7 @@ resolver = "2"
members = ["crates/*", "apps/gpclient", "apps/gpservice", "apps/gpauth", "apps/gpgui-helper/src-tauri"] members = ["crates/*", "apps/gpclient", "apps/gpservice", "apps/gpauth", "apps/gpgui-helper/src-tauri"]
[workspace.package] [workspace.package]
rust-version = "1.70" version = "2.0.0"
version = "2.2.1"
authors = ["Kevin Yue <k3vinyue@gmail.com>"] authors = ["Kevin Yue <k3vinyue@gmail.com>"]
homepage = "https://github.com/yuezk/GlobalProtect-openconnect" homepage = "https://github.com/yuezk/GlobalProtect-openconnect"
edition = "2021" edition = "2021"
@@ -43,7 +42,6 @@ dotenvy_macro = "0.15"
compile-time = "0.2" compile-time = "0.2"
serde_urlencoded = "0.7" serde_urlencoded = "0.7"
md5="0.7" md5="0.7"
sha256="1"
# Tauri dependencies # Tauri dependencies
tauri = { version = "1.5" } tauri = { version = "1.5" }

263
Makefile
View File

@@ -1,263 +0,0 @@
.SHELLFLAGS += -e
OFFLINE ?= 0
BUILD_FE ?= 1
INCLUDE_GUI ?= 0
CARGO ?= cargo
VERSION = $(shell $(CARGO) metadata --no-deps --format-version 1 | jq -r '.packages[0].version')
REVISION ?= 1
PPA_REVISION ?= 1
PKG_NAME = globalprotect-openconnect
PKG = $(PKG_NAME)-$(VERSION)
SERIES ?= $(shell lsb_release -cs)
PUBLISH ?= 0
export DEBEMAIL = k3vinyue@gmail.com
export DEBFULLNAME = Kevin Yue
export SNAPSHOT = $(shell test -f SNAPSHOT && echo "true" || echo "false")
ifeq ($(SNAPSHOT), true)
RELEASE_TAG = snapshot
else
RELEASE_TAG = v$(VERSION)
endif
CARGO_BUILD_ARGS = --release
ifeq ($(OFFLINE), 1)
CARGO_BUILD_ARGS += --frozen
endif
default: build
version:
@echo $(VERSION)
clean-tarball:
rm -rf .build/tarball
rm -rf .vendor
rm -rf vendor.tar.xz
rm -rf .cargo
# Create a tarball, include the cargo dependencies if OFFLINE is set to 1
tarball: clean-tarball
if [ $(BUILD_FE) -eq 1 ]; then \
echo "Building frontend..."; \
cd apps/gpgui-helper && pnpm install && pnpm build; \
fi
# Remove node_modules to reduce the tarball size
rm -rf apps/gpgui-helper/node_modules
mkdir -p .cargo
mkdir -p .build/tarball
# If OFFLINE is set to 1, vendor all cargo dependencies
if [ $(OFFLINE) -eq 1 ]; then \
$(CARGO) vendor .vendor > .cargo/config.toml; \
tar -cJf vendor.tar.xz .vendor; \
fi
@echo "Creating tarball..."
tar --exclude .vendor --exclude target --transform 's,^,${PKG}/,' -czf .build/tarball/${PKG}.tar.gz * .cargo
download-gui:
rm -rf .build/gpgui
if [ $(INCLUDE_GUI) -eq 1 ]; then \
echo "Downloading GlobalProtect GUI..."; \
mkdir -p .build/gpgui; \
curl -sSL https://github.com/yuezk/GlobalProtect-openconnect/releases/download/$(RELEASE_TAG)/gpgui_$(shell uname -m).bin.tar.xz \
-o .build/gpgui/gpgui_$(shell uname -m).bin.tar.xz; \
tar -xJf .build/gpgui/*.tar.xz -C .build/gpgui; \
else \
echo "Skipping GlobalProtect GUI download (INCLUDE_GUI=0)"; \
fi
build: download-gui build-fe build-rs
# Install and build the frontend
# If OFFLINE is set to 1, skip it
build-fe:
if [ $(OFFLINE) -eq 1 ] || [ $(BUILD_FE) -eq 0 ]; then \
echo "Skipping frontend build (OFFLINE=1 or BUILD_FE=0)"; \
else \
cd apps/gpgui-helper && pnpm install && pnpm build; \
fi
if [ ! -d apps/gpgui-helper/dist ]; then \
echo "Error: frontend build failed"; \
exit 1; \
fi
build-rs:
if [ $(OFFLINE) -eq 1 ]; then \
tar -xJf vendor.tar.xz; \
fi
$(CARGO) build $(CARGO_BUILD_ARGS) -p gpclient -p gpservice -p gpauth
$(CARGO) build $(CARGO_BUILD_ARGS) -p gpgui-helper --features "tauri/custom-protocol"
clean:
$(CARGO) clean
rm -rf .build
rm -rf .vendor
rm -rf apps/gpgui-helper/node_modules
install:
@echo "Installing $(PKG_NAME)..."
install -Dm755 target/release/gpclient $(DESTDIR)/usr/bin/gpclient
install -Dm755 target/release/gpauth $(DESTDIR)/usr/bin/gpauth
install -Dm755 target/release/gpservice $(DESTDIR)/usr/bin/gpservice
install -Dm755 target/release/gpgui-helper $(DESTDIR)/usr/bin/gpgui-helper
if [ -f .build/gpgui/gpgui_*/gpgui ]; then \
install -Dm755 .build/gpgui/gpgui_*/gpgui $(DESTDIR)/usr/bin/gpgui; \
fi
install -Dm644 packaging/files/usr/share/applications/gpgui.desktop $(DESTDIR)/usr/share/applications/gpgui.desktop
install -Dm644 packaging/files/usr/share/icons/hicolor/scalable/apps/gpgui.svg $(DESTDIR)/usr/share/icons/hicolor/scalable/apps/gpgui.svg
install -Dm644 packaging/files/usr/share/icons/hicolor/32x32/apps/gpgui.png $(DESTDIR)/usr/share/icons/hicolor/32x32/apps/gpgui.png
install -Dm644 packaging/files/usr/share/icons/hicolor/128x128/apps/gpgui.png $(DESTDIR)/usr/share/icons/hicolor/128x128/apps/gpgui.png
install -Dm644 packaging/files/usr/share/icons/hicolor/256x256@2/apps/gpgui.png $(DESTDIR)/usr/share/icons/hicolor/256x256@2/apps/gpgui.png
install -Dm644 packaging/files/usr/share/polkit-1/actions/com.yuezk.gpgui.policy $(DESTDIR)/usr/share/polkit-1/actions/com.yuezk.gpgui.policy
uninstall:
@echo "Uninstalling $(PKG_NAME)..."
rm -f $(DESTDIR)/usr/bin/gpclient
rm -f $(DESTDIR)/usr/bin/gpauth
rm -f $(DESTDIR)/usr/bin/gpservice
rm -f $(DESTDIR)/usr/bin/gpgui-helper
rm -f $(DESTDIR)/usr/bin/gpgui
rm -f $(DESTDIR)/usr/share/applications/gpgui.desktop
rm -f $(DESTDIR)/usr/share/icons/hicolor/scalable/apps/gpgui.svg
rm -f $(DESTDIR)/usr/share/icons/hicolor/32x32/apps/gpgui.png
rm -f $(DESTDIR)/usr/share/icons/hicolor/128x128/apps/gpgui.png
rm -f $(DESTDIR)/usr/share/icons/hicolor/256x256@2/apps/gpgui.png
rm -f $(DESTDIR)/usr/share/polkit-1/actions/com.yuezk.gpgui.policy
clean-debian:
rm -rf .build/deb
# Generate the debian package structure, without the changelog
init-debian: clean-debian tarball
mkdir -p .build/deb
cp .build/tarball/${PKG}.tar.gz .build/deb
tar -xzf .build/deb/${PKG}.tar.gz -C .build/deb
cd .build/deb/${PKG} && debmake
cp -f packaging/deb/control.in .build/deb/$(PKG)/debian/control
cp -f packaging/deb/rules.in .build/deb/$(PKG)/debian/rules
cp -f packaging/deb/postrm .build/deb/$(PKG)/debian/postrm
sed -i "s/@OFFLINE@/$(OFFLINE)/g" .build/deb/$(PKG)/debian/rules
rm -f .build/deb/$(PKG)/debian/changelog
deb: init-debian
# Remove the rust build depdency from the control file
sed -i "s/@RUST@//g" .build/deb/$(PKG)/debian/control
cd .build/deb/$(PKG) && dch --create --distribution unstable --package $(PKG_NAME) --newversion $(VERSION)-$(REVISION) "Bugfix and improvements."
cd .build/deb/$(PKG) && debuild --preserve-env -e PATH -us -uc -b
check-ppa:
if [ $(OFFLINE) -eq 0 ]; then \
echo "Error: ppa build requires offline mode (OFFLINE=1)"; \
fi
# Usage: make ppa SERIES=focal OFFLINE=1 PUBLISH=1
ppa: check-ppa init-debian
sed -i "s/@RUST@/rust-all(>=1.70)/g" .build/deb/$(PKG)/debian/control
$(eval SERIES_VER = $(shell distro-info --series $(SERIES) -r | cut -d' ' -f1))
@echo "Building for $(SERIES) $(SERIES_VER)"
rm -rf .build/deb/$(PKG)/debian/changelog
cd .build/deb/$(PKG) && dch --create --distribution $(SERIES) --package $(PKG_NAME) --newversion $(VERSION)-$(REVISION)ppa$(PPA_REVISION)~ubuntu$(SERIES_VER) "Bugfix and improvements."
cd .build/deb/$(PKG) && echo "y" | debuild -e PATH -S -sa -k"$(GPG_KEY_ID)" -p"gpg --batch --passphrase $(GPG_KEY_PASS) --pinentry-mode loopback"
if [ $(PUBLISH) -eq 1 ]; then \
cd .build/deb/$(PKG) && dput ppa:yuezk/globalprotect-openconnect ../*.changes; \
else \
echo "Skipping ppa publish (PUBLISH=0)"; \
fi
clean-rpm:
rm -rf .build/rpm
# Generate RPM sepc file
init-rpm: clean-rpm
mkdir -p .build/rpm
cp packaging/rpm/globalprotect-openconnect.spec.in .build/rpm/globalprotect-openconnect.spec
cp packaging/rpm/globalprotect-openconnect.changes.in .build/rpm/globalprotect-openconnect.changes
sed -i "s/@VERSION@/$(VERSION)/g" .build/rpm/globalprotect-openconnect.spec
sed -i "s/@REVISION@/$(REVISION)/g" .build/rpm/globalprotect-openconnect.spec
sed -i "s/@OFFLINE@/$(OFFLINE)/g" .build/rpm/globalprotect-openconnect.spec
sed -i "s/@DATE@/$(shell LC_ALL=en.US date "+%a %b %d %Y")/g" .build/rpm/globalprotect-openconnect.spec
sed -i "s/@VERSION@/$(VERSION)/g" .build/rpm/globalprotect-openconnect.changes
sed -i "s/@DATE@/$(shell LC_ALL=en.US date -u "+%a %b %e %T %Z %Y")/g" .build/rpm/globalprotect-openconnect.changes
rpm: init-rpm tarball
rm -rf $(HOME)/rpmbuild
rpmdev-setuptree
cp .build/tarball/${PKG}.tar.gz $(HOME)/rpmbuild/SOURCES/${PKG_NAME}.tar.gz
rpmbuild -ba .build/rpm/globalprotect-openconnect.spec
# Copy RPM package from build directory
cp $(HOME)/rpmbuild/RPMS/$(shell uname -m)/$(PKG_NAME)*.rpm .build/rpm
# Copy the SRPM only for x86_64.
if [ "$(shell uname -m)" = "x86_64" ]; then \
cp $(HOME)/rpmbuild/SRPMS/$(PKG_NAME)*.rpm .build/rpm; \
fi
clean-pkgbuild:
rm -rf .build/pkgbuild
init-pkgbuild: clean-pkgbuild tarball
mkdir -p .build/pkgbuild
cp .build/tarball/${PKG}.tar.gz .build/pkgbuild
cp packaging/pkgbuild/PKGBUILD.in .build/pkgbuild/PKGBUILD
sed -i "s/@PKG_NAME@/$(PKG_NAME)/g" .build/pkgbuild/PKGBUILD
sed -i "s/@VERSION@/$(VERSION)/g" .build/pkgbuild/PKGBUILD
sed -i "s/@REVISION@/$(REVISION)/g" .build/pkgbuild/PKGBUILD
sed -i "s/@OFFLINE@/$(OFFLINE)/g" .build/pkgbuild/PKGBUILD
pkgbuild: init-pkgbuild
cd .build/pkgbuild && makepkg -s --noconfirm
clean-binary:
rm -rf .build/binary
binary: clean-binary tarball
mkdir -p .build/binary
cp .build/tarball/${PKG}.tar.gz .build/binary
tar -xzf .build/binary/${PKG}.tar.gz -C .build/binary
mkdir -p .build/binary/$(PKG_NAME)_$(VERSION)/artifacts
make -C .build/binary/${PKG} build OFFLINE=$(OFFLINE) BUILD_FE=0 INCLUDE_GUI=$(INCLUDE_GUI)
make -C .build/binary/${PKG} install DESTDIR=$(PWD)/.build/binary/$(PKG_NAME)_$(VERSION)/artifacts
cp packaging/binary/Makefile.in .build/binary/$(PKG_NAME)_$(VERSION)/Makefile
# Create a tarball for the binary package
tar -cJf .build/binary/$(PKG_NAME)_$(VERSION)_$(shell uname -m).bin.tar.xz -C .build/binary $(PKG_NAME)_$(VERSION)
# Generate sha256sum
cd .build/binary && sha256sum $(PKG_NAME)_$(VERSION)_$(shell uname -m).bin.tar.xz | cut -d' ' -f1 > $(PKG_NAME)_$(VERSION)_$(shell uname -m).bin.tar.xz.sha256

111
README.md
View File

@@ -43,12 +43,6 @@ Options:
See 'gpclient help <command>' for more information on a specific command. See 'gpclient help <command>' for more information on a specific command.
``` ```
To use the default browser for authentication with the CLI version, you need to use the following command:
```bash
sudo -E gpclient connect --default-browser <portal>
```
### GUI ### GUI
The GUI version is also available after you installed it. You can launch it from the application menu or run `gpclient launch-gui` in the terminal. The GUI version is also available after you installed it. You can launch it from the application menu or run `gpclient launch-gui` in the terminal.
@@ -59,12 +53,20 @@ The GUI version is also available after you installed it. You can launch it from
## Installation ## Installation
> [!Note]
>
> This instruction is for the 2.x version. The 1.x version is still available on the [1.x](https://github.com/yuezk/GlobalProtect-openconnect/tree/1.x) branch, you can build it from the source code by following the instructions in the `README.md` file.
> [!Warning]
>
> The client requires `openconnect >= 8.20`, please make sure you have it installed, you can check it with `openconnect --version`.
> Installing the client from PPA will automatically install the required version of `openconnect`.
### Debian/Ubuntu based distributions ### Debian/Ubuntu based distributions
#### Install from PPA (Ubuntu 18.04 and later, except 24.04) #### Install from PPA
``` ```
sudo apt-get install gir1.2-gtk-3.0 gir1.2-webkit2-4.0
sudo add-apt-repository ppa:yuezk/globalprotect-openconnect sudo add-apt-repository ppa:yuezk/globalprotect-openconnect
sudo apt-get update sudo apt-get update
sudo apt-get install globalprotect-openconnect sudo apt-get install globalprotect-openconnect
@@ -74,29 +76,12 @@ sudo apt-get install globalprotect-openconnect
> >
> For Linux Mint, you might need to import the GPG key with: `sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7937C393082992E5D6E4A60453FC26B43838D761` if you encountered an error `gpg: keyserver receive failed: General error`. > For Linux Mint, you might need to import the GPG key with: `sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7937C393082992E5D6E4A60453FC26B43838D761` if you encountered an error `gpg: keyserver receive failed: General error`.
#### **Ubuntu 24.04**
The `libwebkit2gtk-4.0-37` package was [removed](https://bugs.launchpad.net/ubuntu/+source/webkit2gtk/+bug/2061914) from its repo, before [the issue](https://github.com/yuezk/GlobalProtect-openconnect/issues/351) gets resolved, you need to install them manually:
```bash
wget http://launchpadlibrarian.net/704701349/libwebkit2gtk-4.0-37_2.43.3-1_amd64.deb
wget http://launchpadlibrarian.net/704701345/libjavascriptcoregtk-4.0-18_2.43.3-1_amd64.deb
sudo dpkg --install *.deb
```
And the latest package is not available in the PPA, you can follow the [Install from deb package](#install-from-deb-package) section to install the latest package.
#### **Ubuntu 18.04**
The latest package is not available in the PPA either, but you still needs to add the `ppa:yuezk/globalprotect-openconnect` repo beforehand to use the required `openconnect` package. Then you can follow the [Install from deb package](#install-from-deb-package) section to install the latest package.
#### Install from deb package #### Install from deb package
Download the latest deb package from [releases](https://github.com/yuezk/GlobalProtect-openconnect/releases) page. Then install it with `apt`: Download the latest deb package from [releases](https://github.com/yuezk/GlobalProtect-openconnect/releases) page. Then install it with `dpkg`:
```bash ```bash
sudo apt install --fix-broken globalprotect-openconnect_*.deb sudo dpkg -i globalprotect-openconnect_*.deb
``` ```
### Arch Linux / Manjaro ### Arch Linux / Manjaro
@@ -117,7 +102,7 @@ Download the latest package from [releases](https://github.com/yuezk/GlobalProte
sudo pacman -U globalprotect-openconnect-*.pkg.tar.zst sudo pacman -U globalprotect-openconnect-*.pkg.tar.zst
``` ```
### Fedora 38 and later / Fedora Rawhide ### Fedora/OpenSUSE/CentOS/RHEL
#### Install from COPR #### Install from COPR
@@ -128,83 +113,17 @@ sudo dnf copr enable yuezk/globalprotect-openconnect
sudo dnf install globalprotect-openconnect sudo dnf install globalprotect-openconnect
``` ```
### openSUSE Leap 15.6 / openSUSE Tumbleweed #### Install from OBS
#### Install from OBS (openSUSE Build Service)
The package is also available on [OBS](https://build.opensuse.org/package/show/home:yuezk/globalprotect-openconnect) for various RPM-based distributions. You can follow the instructions [on this page](https://software.opensuse.org//download.html?project=home%3Ayuezk&package=globalprotect-openconnect) to install it. The package is also available on [OBS](https://build.opensuse.org/package/show/home:yuezk/globalprotect-openconnect) for various RPM-based distributions. You can follow the instructions [on this page](https://software.opensuse.org//download.html?project=home%3Ayuezk&package=globalprotect-openconnect) to install it.
### Other RPM-based distributions
#### Install from RPM package #### Install from RPM package
Download the latest RPM package from [releases](https://github.com/yuezk/GlobalProtect-openconnect/releases) page. Download the latest RPM package from [releases](https://github.com/yuezk/GlobalProtect-openconnect/releases) page.
```bash
sudo rpm -i globalprotect-openconnect-*.rpm
```
### Gentoo
Install from the ```rios``` or ```slonko``` overlays. Example using rios:
#### 1. Enable the overlay
```
sudo eselect repository enable rios
```
#### 2. Sync with the repository
- If you have eix installed, use it:
```
sudo eix-sync
```
- Otherwise, use:
```
sudo emerge --sync
```
#### 3. Install
```sudo emerge globalprotect-openconnect```
### Other distributions ### Other distributions
- Install `openconnect >= 8.20`, `webkit2gtk`, `libsecret`, `libayatana-appindicator` or `libappindicator-gtk3`. The project depends on `openconnect >= 8.20`, `webkit2gtk`, `libsecret`, `libayatana-appindicator` or `libappindicator-gtk3`. You can install them first and then download the latest binary release (i.e., `*.bin.tar.gz`) from [releases](https://github.com/yuezk/GlobalProtect-openconnect/releases) page.
- Download `globalprotect-openconnect_${version}_${arch}.bin.tar.xz` from [releases](https://github.com/yuezk/GlobalProtect-openconnect/releases) page.
- Extract the tarball with `tar -xJf globalprotect-openconnect_${version}_${arch}.bin.tar.xz`.
- Run `sudo make install` to install the client.
## Build from source
You can also build the client from source, steps are as follows:
### Prerequisites
- [Install Rust](https://www.rust-lang.org/tools/install)
- Install Tauri dependencies: https://tauri.app/v1/guides/getting-started/prerequisites/#setting-up-linux
- Install `perl`
- Install `openconnect >= 8.20` and `libopenconnect-dev` (or `openconnect-devel` on RPM-based distributions)
- Install `pkexec`, `gnome-keyring` (or `pam_kwallet` on KDE)
### Build
1. Download the source code tarball from [releases](https://github.com/yuezk/GlobalProtect-openconnect/releases) page. Choose `globalprotect-openconnect-${version}.tar.gz`.
2. Extract the tarball with `tar -xzf globalprotect-openconnect-${version}.tar.gz`.
3. Enter the source directory and run `make build BUILD_FE=0` to build the client.
3. Run `sudo make install` to install the client. (Note, `DESTDIR` is not supported)
## FAQ
1. How to deal with error `Secure Storage not ready`
Try upgrade the client to `2.2.0` or later, which will use a file-based storage as a fallback.
You need to install the `gnome-keyring` package, and restart the system (See [#321](https://github.com/yuezk/GlobalProtect-openconnect/issues/321), [#316](https://github.com/yuezk/GlobalProtect-openconnect/issues/316)).
2. How to deal with error `(gpauth:18869): Gtk-WARNING **: 10:33:37.566: cannot open display:`
If you encounter this error when using the CLI version, try to run the command with `sudo -E` (See [#316](https://github.com/yuezk/GlobalProtect-openconnect/issues/316)).
## About Trial ## About Trial

7
apps/gpauth/Cargo.toml
View File

@@ -8,11 +8,7 @@ license.workspace = true
tauri-build = { version = "1.5", features = [] } tauri-build = { version = "1.5", features = [] }
[dependencies] [dependencies]
gpapi = { path = "../../crates/gpapi", features = [ gpapi = { path = "../../crates/gpapi", features = ["tauri", "clap"] }
"tauri",
"clap",
"browser-auth",
] }
anyhow.workspace = true anyhow.workspace = true
clap.workspace = true clap.workspace = true
env_logger.workspace = true env_logger.workspace = true
@@ -22,7 +18,6 @@ serde_json.workspace = true
tokio.workspace = true tokio.workspace = true
tokio-util.workspace = true tokio-util.workspace = true
tempfile.workspace = true tempfile.workspace = true
html-escape = "0.2.13"
webkit2gtk = "0.18.2" webkit2gtk = "0.18.2"
tauri = { workspace = true, features = ["http-all"] } tauri = { workspace = true, features = ["http-all"] }
compile-time.workspace = true compile-time.workspace = true

122
apps/gpauth/src/auth_window.rs
View File

@@ -7,7 +7,6 @@ use std::{
use anyhow::bail; use anyhow::bail;
use gpapi::{ use gpapi::{
auth::SamlAuthData, auth::SamlAuthData,
error::AuthDataParseError,
gp_params::GpParams, gp_params::GpParams,
portal::{prelogin, Prelogin}, portal::{prelogin, Prelogin},
utils::{redact::redact_uri, window::WindowExt}, utils::{redact::redact_uri, window::WindowExt},
@@ -185,10 +184,6 @@ impl<'a> AuthWindow<'a> {
} }
info!("Loaded uri: {}", redact_uri(&uri)); info!("Loaded uri: {}", redact_uri(&uri));
if uri.starts_with("globalprotectcallback:") {
return;
}
read_auth_data(&main_resource, auth_result_tx_clone.clone()); read_auth_data(&main_resource, auth_result_tx_clone.clone());
} }
}); });
@@ -207,9 +202,7 @@ impl<'a> AuthWindow<'a> {
wv.connect_load_failed(move |_wv, _event, uri, err| { wv.connect_load_failed(move |_wv, _event, uri, err| {
let redacted_uri = redact_uri(uri); let redacted_uri = redact_uri(uri);
if !uri.starts_with("globalprotectcallback:") {
warn!("Failed to load uri: {} with error: {}", redacted_uri, err); warn!("Failed to load uri: {} with error: {}", redacted_uri, err);
}
// NOTE: Don't send error here, since load_changed event will be triggered after this // NOTE: Don't send error here, since load_changed event will be triggered after this
// send_auth_result(&auth_result_tx, Err(AuthDataError::Invalid)); // send_auth_result(&auth_result_tx, Err(AuthDataError::Invalid));
// true to stop other handlers from being invoked for the event. false to propagate the event further. // true to stop other handlers from being invoked for the event. false to propagate the event further.
@@ -346,7 +339,7 @@ fn read_auth_data_from_headers(response: &URIResponse) -> AuthResult {
fn read_auth_data_from_body<F>(main_resource: &WebResource, callback: F) fn read_auth_data_from_body<F>(main_resource: &WebResource, callback: F)
where where
F: FnOnce(Result<SamlAuthData, AuthDataParseError>) + Send + 'static, F: FnOnce(AuthResult) + Send + 'static,
{ {
main_resource.data(Cancellable::NONE, |data| match data { main_resource.data(Cancellable::NONE, |data| match data {
Ok(data) => { Ok(data) => {
@@ -355,41 +348,53 @@ where
} }
Err(err) => { Err(err) => {
info!("Failed to read response body: {}", err); info!("Failed to read response body: {}", err);
callback(Err(AuthDataParseError::Invalid)) callback(Err(AuthDataError::Invalid))
} }
}); });
} }
fn read_auth_data_from_html(html: &str) -> Result<SamlAuthData, AuthDataParseError> { fn read_auth_data_from_html(html: &str) -> AuthResult {
if html.contains("Temporarily Unavailable") { if html.contains("Temporarily Unavailable") {
info!("Found 'Temporarily Unavailable' in HTML, auth failed"); info!("Found 'Temporarily Unavailable' in HTML, auth failed");
return Err(AuthDataParseError::Invalid); return Err(AuthDataError::Invalid);
} }
SamlAuthData::from_html(html).or_else(|err| { match parse_xml_tag(html, "saml-auth-status") {
if let Some(gpcallback) = extract_gpcallback(html) { Some(saml_status) if saml_status == "1" => {
info!("Found gpcallback from html..."); let username = parse_xml_tag(html, "saml-username");
SamlAuthData::from_gpcallback(&gpcallback) let prelogin_cookie = parse_xml_tag(html, "prelogin-cookie");
} else { let portal_userauthcookie = parse_xml_tag(html, "portal-userauthcookie");
Err(err)
} if SamlAuthData::check(&username, &prelogin_cookie, &portal_userauthcookie) {
}) return Ok(SamlAuthData::new(
username.unwrap(),
prelogin_cookie,
portal_userauthcookie,
));
} }
fn extract_gpcallback(html: &str) -> Option<String> { info!("Found invalid auth data in HTML");
let re = Regex::new(r#"globalprotectcallback:[^"]+"#).unwrap(); Err(AuthDataError::Invalid)
re.captures(html) }
.and_then(|captures| captures.get(0)) Some(status) => {
.map(|m| html_escape::decode_html_entities(m.as_str()).to_string()) info!("Found invalid SAML status {} in HTML", status);
Err(AuthDataError::Invalid)
}
None => {
info!("No auth data found in HTML");
Err(AuthDataError::NotFound)
}
}
} }
fn read_auth_data(main_resource: &WebResource, auth_result_tx: mpsc::UnboundedSender<AuthResult>) { fn read_auth_data(main_resource: &WebResource, auth_result_tx: mpsc::UnboundedSender<AuthResult>) {
let Some(response) = main_resource.response() else { if main_resource.response().is_none() {
info!("No response found in main resource"); info!("No response found in main resource");
send_auth_result(&auth_result_tx, Err(AuthDataError::Invalid)); send_auth_result(&auth_result_tx, Err(AuthDataError::Invalid));
return; return;
}; }
let response = main_resource.response().unwrap();
info!("Trying to read auth data from response headers..."); info!("Trying to read auth data from response headers...");
match read_auth_data_from_headers(&response) { match read_auth_data_from_headers(&response) {
@@ -402,30 +407,13 @@ fn read_auth_data(main_resource: &WebResource, auth_result_tx: mpsc::UnboundedSe
read_auth_data_from_body(main_resource, move |auth_result| { read_auth_data_from_body(main_resource, move |auth_result| {
// Since we have already found invalid auth data in headers, which means this could be the `/SAML20/SP/ACS` endpoint // Since we have already found invalid auth data in headers, which means this could be the `/SAML20/SP/ACS` endpoint
// any error result from body should be considered as invalid, and trigger a retry // any error result from body should be considered as invalid, and trigger a retry
let auth_result = auth_result.map_err(|err| { let auth_result = auth_result.map_err(|_| AuthDataError::Invalid);
info!("Failed to read auth data from body: {}", err);
AuthDataError::Invalid
});
send_auth_result(&auth_result_tx, auth_result); send_auth_result(&auth_result_tx, auth_result);
}); });
} }
Err(AuthDataError::NotFound) => { Err(AuthDataError::NotFound) => {
info!("No auth data found in headers, trying to read from body..."); info!("No auth data found in headers, trying to read from body...");
let is_acs_endpoint = main_resource.uri().map_or(false, |uri| uri.contains("/SAML20/SP/ACS"));
read_auth_data_from_body(main_resource, move |auth_result| { read_auth_data_from_body(main_resource, move |auth_result| {
// If the endpoint is `/SAML20/SP/ACS` and no auth data found in body, it should be considered as invalid
let auth_result = auth_result.map_err(|err| {
info!("Failed to read auth data from body: {}", err);
if !is_acs_endpoint && matches!(err, AuthDataParseError::NotFound) {
AuthDataError::NotFound
} else {
AuthDataError::Invalid
}
});
send_auth_result(&auth_result_tx, auth_result) send_auth_result(&auth_result_tx, auth_result)
}); });
} }
@@ -437,6 +425,13 @@ fn read_auth_data(main_resource: &WebResource, auth_result_tx: mpsc::UnboundedSe
} }
} }
fn parse_xml_tag(html: &str, tag: &str) -> Option<String> {
let re = Regex::new(&format!("<{}>(.*)</{}>", tag, tag)).unwrap();
re.captures(html)
.and_then(|captures| captures.get(1))
.map(|m| m.as_str().to_string())
}
pub(crate) async fn clear_webview_cookies(window: &Window) -> anyhow::Result<()> { pub(crate) async fn clear_webview_cookies(window: &Window) -> anyhow::Result<()> {
let (tx, rx) = oneshot::channel::<Result<(), String>>(); let (tx, rx) = oneshot::channel::<Result<(), String>>();
@@ -482,42 +477,3 @@ pub(crate) async fn clear_webview_cookies(window: &Window) -> anyhow::Result<()>
rx.await?.map_err(|err| anyhow::anyhow!(err)) rx.await?.map_err(|err| anyhow::anyhow!(err))
} }
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn extract_gpcallback_some() {
let html = r#"
<meta http-equiv="refresh" content="0; URL=globalprotectcallback:PGh0bWw+PCEtLSA8c">
<meta http-equiv="refresh" content="0; URL=globalprotectcallback:PGh0bWw+PCEtLSA8c">
"#;
assert_eq!(
extract_gpcallback(html).as_deref(),
Some("globalprotectcallback:PGh0bWw+PCEtLSA8c")
);
}
#[test]
fn extract_gpcallback_cas() {
let html = r#"
<meta http-equiv="refresh" content="0; URL=globalprotectcallback:cas-as=1&amp;un=xyz@email.com&amp;token=very_long_string">
"#;
assert_eq!(
extract_gpcallback(html).as_deref(),
Some("globalprotectcallback:cas-as=1&un=xyz@email.com&token=very_long_string")
);
}
#[test]
fn extract_gpcallback_none() {
let html = r#"
<meta http-equiv="refresh" content="0; URL=PGh0bWw+PCEtLSA8c">
"#;
assert_eq!(extract_gpcallback(html), None);
}
}

12
apps/gpauth/src/cli.rs
View File

@@ -3,7 +3,6 @@ use gpapi::{
auth::{SamlAuthData, SamlAuthResult}, auth::{SamlAuthData, SamlAuthResult},
clap::args::Os, clap::args::Os,
gp_params::{ClientOs, GpParams}, gp_params::{ClientOs, GpParams},
process::browser_authenticator::BrowserAuthenticator,
utils::{normalize_server, openssl}, utils::{normalize_server, openssl},
GP_USER_AGENT, GP_USER_AGENT,
}; };
@@ -38,8 +37,6 @@ struct Cli {
ignore_tls_errors: bool, ignore_tls_errors: bool,
#[arg(long)] #[arg(long)]
clean: bool, clean: bool,
#[arg(long)]
default_browser: bool,
} }
impl Cli { impl Cli {
@@ -59,15 +56,6 @@ impl Cli {
None => portal_prelogin(&self.server, &gp_params).await?, None => portal_prelogin(&self.server, &gp_params).await?,
}; };
if self.default_browser {
let browser_auth = BrowserAuthenticator::new(&saml_request);
browser_auth.authenticate()?;
info!("Please continue the authentication process in the default browser");
return Ok(());
}
self.saml_request.replace(saml_request); self.saml_request.replace(saml_request);
let app = create_app(self.clone())?; let app = create_app(self.clone())?;

4
apps/gpauth/tauri.conf.json
View File

@@ -22,8 +22,8 @@
"all": true, "all": true,
"request": true, "request": true,
"scope": [ "scope": [
"http://*", "http://**",
"https://*" "https://**"
] ]
} }
}, },

1
apps/gpclient/Cargo.toml
View File

@@ -6,7 +6,6 @@ edition.workspace = true
license.workspace = true license.workspace = true
[dependencies] [dependencies]
common = { path = "../../crates/common" }
gpapi = { path = "../../crates/gpapi", features = ["clap"] } gpapi = { path = "../../crates/gpapi", features = ["clap"] }
openconnect = { path = "../../crates/openconnect" } openconnect = { path = "../../crates/openconnect" }
anyhow.workspace = true anyhow.workspace = true

126
apps/gpclient/src/connect.rs
View File

@@ -1,14 +1,12 @@
use std::{fs, sync::Arc}; use std::{fs, sync::Arc};
use clap::Args; use clap::Args;
use common::vpn_utils::find_csd_wrapper;
use gpapi::{ use gpapi::{
clap::args::Os, clap::args::Os,
credential::{Credential, PasswordCredential}, credential::{Credential, PasswordCredential},
error::PortalError, gateway::gateway_login,
gateway::{gateway_login, GatewayLogin},
gp_params::{ClientOs, GpParams}, gp_params::{ClientOs, GpParams},
portal::{prelogin, retrieve_config, Prelogin}, portal::{prelogin, retrieve_config, PortalError, Prelogin},
process::{ process::{
auth_launcher::SamlAuthLauncher, auth_launcher::SamlAuthLauncher,
users::{get_non_root_user, get_user_by_name}, users::{get_non_root_user, get_user_by_name},
@@ -19,9 +17,8 @@ use gpapi::{
use inquire::{Password, PasswordDisplayMode, Select, Text}; use inquire::{Password, PasswordDisplayMode, Select, Text};
use log::info; use log::info;
use openconnect::Vpn; use openconnect::Vpn;
use tokio::{io::AsyncReadExt, net::TcpListener};
use crate::{cli::SharedArgs, GP_CLIENT_LOCK_FILE, GP_CLIENT_PORT_FILE}; use crate::{cli::SharedArgs, GP_CLIENT_LOCK_FILE};
#[derive(Args)] #[derive(Args)]
pub(crate) struct ConnectArgs { pub(crate) struct ConnectArgs {
@@ -33,14 +30,6 @@ pub(crate) struct ConnectArgs {
user: Option<String>, user: Option<String>,
#[arg(long, short, help = "The VPNC script to use")] #[arg(long, short, help = "The VPNC script to use")]
script: Option<String>, script: Option<String>,
#[arg(long, help = "Connect the server as a gateway, instead of a portal")]
as_gateway: bool,
#[arg(
long,
help = "Use the default CSD wrapper to generate the HIP report and send it to the server"
)]
hip: bool,
#[arg(long, help = "Same as the '--csd-user' option in the openconnect command")] #[arg(long, help = "Same as the '--csd-user' option in the openconnect command")]
csd_user: Option<String>, csd_user: Option<String>,
@@ -48,9 +37,6 @@ pub(crate) struct ConnectArgs {
#[arg(long, help = "Same as the '--csd-wrapper' option in the openconnect command")] #[arg(long, help = "Same as the '--csd-wrapper' option in the openconnect command")]
csd_wrapper: Option<String>, csd_wrapper: Option<String>,
#[arg(short, long, help = "Request MTU from server (legacy servers only)")]
mtu: Option<u32>,
#[arg(long, default_value = GP_USER_AGENT, help = "The user agent to use")] #[arg(long, default_value = GP_USER_AGENT, help = "The user agent to use")]
user_agent: String, user_agent: String,
#[arg(long, default_value = "Linux")] #[arg(long, default_value = "Linux")]
@@ -61,8 +47,6 @@ pub(crate) struct ConnectArgs {
hidpi: bool, hidpi: bool,
#[arg(long, help = "Do not reuse the remembered authentication cookie")] #[arg(long, help = "Do not reuse the remembered authentication cookie")]
clean: bool, clean: bool,
#[arg(long, help = "Use the default browser to authenticate")]
default_browser: bool,
} }
impl ConnectArgs { impl ConnectArgs {
@@ -100,12 +84,6 @@ impl<'a> ConnectHandler<'a> {
pub(crate) async fn handle(&self) -> anyhow::Result<()> { pub(crate) async fn handle(&self) -> anyhow::Result<()> {
let server = self.args.server.as_str(); let server = self.args.server.as_str();
let as_gateway = self.args.as_gateway;
if as_gateway {
info!("Treating the server as a gateway");
return self.connect_gateway_with_prelogin(server).await;
}
let Err(err) = self.connect_portal_with_prelogin(server).await else { let Err(err) = self.connect_portal_with_prelogin(server).await else {
return Ok(()); return Ok(());
@@ -114,15 +92,10 @@ impl<'a> ConnectHandler<'a> {
info!("Failed to connect portal with prelogin: {}", err); info!("Failed to connect portal with prelogin: {}", err);
if err.root_cause().downcast_ref::<PortalError>().is_some() { if err.root_cause().downcast_ref::<PortalError>().is_some() {
info!("Trying the gateway authentication workflow..."); info!("Trying the gateway authentication workflow...");
self.connect_gateway_with_prelogin(server).await?; return self.connect_gateway_with_prelogin(server).await;
eprintln!("\nNOTE: the server may be a gateway, not a portal.");
eprintln!("NOTE: try to use the `--as-gateway` option if you were authenticated twice.");
Ok(())
} else {
Err(err)
} }
Err(err)
} }
async fn connect_portal_with_prelogin(&self, portal: &str) -> anyhow::Result<()> { async fn connect_portal_with_prelogin(&self, portal: &str) -> anyhow::Result<()> {
@@ -136,19 +109,16 @@ impl<'a> ConnectHandler<'a> {
let selected_gateway = match &self.args.gateway { let selected_gateway = match &self.args.gateway {
Some(gateway) => portal_config Some(gateway) => portal_config
.find_gateway(gateway) .find_gateway(gateway)
.ok_or_else(|| anyhow::anyhow!("Cannot find gateway specified: {}", gateway))?, .ok_or_else(|| anyhow::anyhow!("Cannot find gateway {}", gateway))?,
None => { None => {
portal_config.sort_gateways(prelogin.region()); portal_config.sort_gateways(prelogin.region());
let gateways = portal_config.gateways(); let gateways = portal_config.gateways();
if gateways.len() > 1 { if gateways.len() > 1 {
let gateway = Select::new("Which gateway do you want to connect to?", gateways) Select::new("Which gateway do you want to connect to?", gateways)
.with_vim_mode(true) .with_vim_mode(true)
.prompt()?; .prompt()?
info!("Connecting to the selected gateway: {}", gateway);
gateway
} else { } else {
info!("Connecting to the only available gateway: {}", gateways[0]);
gateways[0] gateways[0]
} }
} }
@@ -157,7 +127,7 @@ impl<'a> ConnectHandler<'a> {
let gateway = selected_gateway.server(); let gateway = selected_gateway.server();
let cred = portal_config.auth_cookie().into(); let cred = portal_config.auth_cookie().into();
let cookie = match self.login_gateway(gateway, &cred, &gp_params).await { let cookie = match gateway_login(gateway, &cred, &gp_params).await {
Ok(cookie) => cookie, Ok(cookie) => cookie,
Err(err) => { Err(err) => {
info!("Gateway login failed: {}", err); info!("Gateway login failed: {}", err);
@@ -169,54 +139,26 @@ impl<'a> ConnectHandler<'a> {
} }
async fn connect_gateway_with_prelogin(&self, gateway: &str) -> anyhow::Result<()> { async fn connect_gateway_with_prelogin(&self, gateway: &str) -> anyhow::Result<()> {
info!("Performing the gateway authentication...");
let mut gp_params = self.build_gp_params(); let mut gp_params = self.build_gp_params();
gp_params.set_is_gateway(true); gp_params.set_is_gateway(true);
let prelogin = prelogin(gateway, &gp_params).await?; let prelogin = prelogin(gateway, &gp_params).await?;
let cred = self.obtain_credential(&prelogin, gateway).await?; let cred = self.obtain_credential(&prelogin, gateway).await?;
let cookie = self.login_gateway(gateway, &cred, &gp_params).await?; let cookie = gateway_login(gateway, &cred, &gp_params).await?;
self.connect_gateway(gateway, &cookie).await self.connect_gateway(gateway, &cookie).await
} }
async fn login_gateway(&self, gateway: &str, cred: &Credential, gp_params: &GpParams) -> anyhow::Result<String> {
let mut gp_params = gp_params.clone();
loop {
match gateway_login(gateway, cred, &gp_params).await? {
GatewayLogin::Cookie(cookie) => return Ok(cookie),
GatewayLogin::Mfa(message, input_str) => {
let otp = Text::new(&message).prompt()?;
gp_params.set_input_str(&input_str);
gp_params.set_otp(&otp);
info!("Retrying gateway login with MFA...");
}
}
}
}
async fn connect_gateway(&self, gateway: &str, cookie: &str) -> anyhow::Result<()> { async fn connect_gateway(&self, gateway: &str, cookie: &str) -> anyhow::Result<()> {
let mtu = self.args.mtu.unwrap_or(0);
let csd_uid = get_csd_uid(&self.args.csd_user)?; let csd_uid = get_csd_uid(&self.args.csd_user)?;
let csd_wrapper = if self.args.csd_wrapper.is_some() {
self.args.csd_wrapper.clone()
} else if self.args.hip {
find_csd_wrapper()
} else {
None
};
let vpn = Vpn::builder(gateway, cookie) let vpn = Vpn::builder(gateway, cookie)
.script(self.args.script.clone())
.user_agent(self.args.user_agent.clone()) .user_agent(self.args.user_agent.clone())
.script(self.args.script.clone())
.csd_uid(csd_uid) .csd_uid(csd_uid)
.csd_wrapper(csd_wrapper) .csd_wrapper(self.args.csd_wrapper.clone())
.mtu(mtu) .build();
.build()?;
let vpn = Arc::new(vpn); let vpn = Arc::new(vpn);
let vpn_clone = vpn.clone(); let vpn_clone = vpn.clone();
@@ -243,9 +185,7 @@ impl<'a> ConnectHandler<'a> {
match prelogin { match prelogin {
Prelogin::Saml(prelogin) => { Prelogin::Saml(prelogin) => {
let use_default_browser = prelogin.support_default_browser() && self.args.default_browser; SamlAuthLauncher::new(&self.args.server)
let cred = SamlAuthLauncher::new(&self.args.server)
.gateway(is_gateway) .gateway(is_gateway)
.saml_request(prelogin.saml_request()) .saml_request(prelogin.saml_request())
.user_agent(&self.args.user_agent) .user_agent(&self.args.user_agent)
@@ -255,21 +195,8 @@ impl<'a> ConnectHandler<'a> {
.fix_openssl(self.shared_args.fix_openssl) .fix_openssl(self.shared_args.fix_openssl)
.ignore_tls_errors(self.shared_args.ignore_tls_errors) .ignore_tls_errors(self.shared_args.ignore_tls_errors)
.clean(self.args.clean) .clean(self.args.clean)
.default_browser(use_default_browser)
.launch() .launch()
.await?; .await
if let Some(cred) = cred {
return Ok(cred);
}
if !use_default_browser {
// This should never happen
unreachable!("SAML authentication failed without using the default browser");
}
info!("Waiting for the browser authentication to complete...");
wait_credentials().await
} }
Prelogin::Standard(prelogin) => { Prelogin::Standard(prelogin) => {
let prefix = if is_gateway { "Gateway" } else { "Portal" }; let prefix = if is_gateway { "Gateway" } else { "Portal" };
@@ -292,27 +219,6 @@ impl<'a> ConnectHandler<'a> {
} }
} }
async fn wait_credentials() -> anyhow::Result<Credential> {
// Start a local server to receive the browser authentication data
let listener = TcpListener::bind("127.0.0.1:0").await?;
let port = listener.local_addr()?.port();
// Write the port to a file
fs::write(GP_CLIENT_PORT_FILE, port.to_string())?;
info!("Listening authentication data on port {}", port);
let (mut socket, _) = listener.accept().await?;
info!("Received the browser authentication data from the socket");
let mut data = String::new();
socket.read_to_string(&mut data).await?;
// Remove the port file
fs::remove_file(GP_CLIENT_PORT_FILE)?;
Credential::from_gpcallback(&data)
}
fn write_pid_file() { fn write_pid_file() {
let pid = std::process::id(); let pid = std::process::id();

19
apps/gpclient/src/launch_gui.rs
View File

@@ -7,9 +7,6 @@ use gpapi::{
utils::{endpoint::http_endpoint, env_file, shutdown_signal}, utils::{endpoint::http_endpoint, env_file, shutdown_signal},
}; };
use log::info; use log::info;
use tokio::io::AsyncWriteExt;
use crate::GP_CLIENT_PORT_FILE;
#[derive(Args)] #[derive(Args)]
pub(crate) struct LaunchGuiArgs { pub(crate) struct LaunchGuiArgs {
@@ -81,16 +78,11 @@ impl<'a> LaunchGuiHandler<'a> {
} }
async fn feed_auth_data(auth_data: &str) -> anyhow::Result<()> { async fn feed_auth_data(auth_data: &str) -> anyhow::Result<()> {
let _ = tokio::join!(feed_auth_data_gui(auth_data), feed_auth_data_cli(auth_data));
Ok(())
}
async fn feed_auth_data_gui(auth_data: &str) -> anyhow::Result<()> {
let service_endpoint = http_endpoint().await?; let service_endpoint = http_endpoint().await?;
reqwest::Client::default() reqwest::Client::default()
.post(format!("{}/auth-data", service_endpoint)) .post(format!("{}/auth-data", service_endpoint))
.body(auth_data.to_string()) .json(&auth_data)
.send() .send()
.await? .await?
.error_for_status()?; .error_for_status()?;
@@ -98,15 +90,6 @@ async fn feed_auth_data_gui(auth_data: &str) -> anyhow::Result<()> {
Ok(()) Ok(())
} }
async fn feed_auth_data_cli(auth_data: &str) -> anyhow::Result<()> {
let port = tokio::fs::read_to_string(GP_CLIENT_PORT_FILE).await?;
let mut stream = tokio::net::TcpStream::connect(format!("127.0.0.1:{}", port.trim())).await?;
stream.write_all(auth_data.as_bytes()).await?;
Ok(())
}
async fn try_active_gui() -> anyhow::Result<()> { async fn try_active_gui() -> anyhow::Result<()> {
let service_endpoint = http_endpoint().await?; let service_endpoint = http_endpoint().await?;

1
apps/gpclient/src/main.rs
View File

@@ -4,7 +4,6 @@ mod disconnect;
mod launch_gui; mod launch_gui;
pub(crate) const GP_CLIENT_LOCK_FILE: &str = "/var/run/gpclient.lock"; pub(crate) const GP_CLIENT_LOCK_FILE: &str = "/var/run/gpclient.lock";
pub(crate) const GP_CLIENT_PORT_FILE: &str = "/var/run/gpclient.port";
#[tokio::main] #[tokio::main]
async fn main() { async fn main() {

1
apps/gpgui-helper/.gitignore vendored
View File

@@ -22,4 +22,3 @@ dist-ssr
*.njsproj *.njsproj
*.sln *.sln
*.sw? *.sw?
.vite

6
apps/gpgui-helper/package.json
View File

@@ -9,8 +9,6 @@
"tauri": "tauri" "tauri": "tauri"
}, },
"dependencies": { "dependencies": {
"@emotion/react": "^11.11.1",
"@emotion/styled": "^11.11.0",
"@mui/icons-material": "^5.14.18", "@mui/icons-material": "^5.14.18",
"@mui/material": "^5.14.18", "@mui/material": "^5.14.18",
"@tauri-apps/api": "^1.5.0", "@tauri-apps/api": "^1.5.0",
@@ -18,7 +16,7 @@
"react-dom": "^18.2.0" "react-dom": "^18.2.0"
}, },
"devDependencies": { "devDependencies": {
"@tauri-apps/cli": "^1.5.6", "@tauri-apps/cli": "^1.5.0",
"@types/node": "^20.8.10", "@types/node": "^20.8.10",
"@types/react": "^18.2.15", "@types/react": "^18.2.15",
"@types/react-dom": "^18.2.7", "@types/react-dom": "^18.2.7",
@@ -31,6 +29,6 @@
"eslint-plugin-react-hooks": "^4.6.0", "eslint-plugin-react-hooks": "^4.6.0",
"prettier": "3.1.0", "prettier": "3.1.0",
"typescript": "^5.0.2", "typescript": "^5.0.2",
"vite": "^4.5.3" "vite": "^4.4.4"
} }
} }

308
apps/gpgui-helper/pnpm-lock.yaml generated
View File

@@ -5,18 +5,12 @@ settings:
excludeLinksFromLockfile: false excludeLinksFromLockfile: false
dependencies: dependencies:
'@emotion/react':
specifier: ^11.11.1
version: 11.11.1(@types/react@18.2.15)(react@18.2.0)
'@emotion/styled':
specifier: ^11.11.0
version: 11.11.0(@emotion/react@11.11.1)(@types/react@18.2.15)(react@18.2.0)
'@mui/icons-material': '@mui/icons-material':
specifier: ^5.14.18 specifier: ^5.14.18
version: 5.14.18(@mui/material@5.14.18)(@types/react@18.2.15)(react@18.2.0) version: 5.14.18(@mui/material@5.14.18)(@types/react@18.2.15)(react@18.2.0)
'@mui/material': '@mui/material':
specifier: ^5.14.18 specifier: ^5.14.18
version: 5.14.18(@emotion/react@11.11.1)(@emotion/styled@11.11.0)(@types/react@18.2.15)(react-dom@18.2.0)(react@18.2.0) version: 5.14.18(@types/react@18.2.15)(react-dom@18.2.0)(react@18.2.0)
'@tauri-apps/api': '@tauri-apps/api':
specifier: ^1.5.0 specifier: ^1.5.0
version: 1.5.0 version: 1.5.0
@@ -29,8 +23,8 @@ dependencies:
devDependencies: devDependencies:
'@tauri-apps/cli': '@tauri-apps/cli':
specifier: ^1.5.6 specifier: ^1.5.0
version: 1.5.6 version: 1.5.0
'@types/node': '@types/node':
specifier: ^20.8.10 specifier: ^20.8.10
version: 20.8.10 version: 20.8.10
@@ -48,7 +42,7 @@ devDependencies:
version: 6.12.0(eslint@8.54.0)(typescript@5.0.2) version: 6.12.0(eslint@8.54.0)(typescript@5.0.2)
'@vitejs/plugin-react': '@vitejs/plugin-react':
specifier: ^4.0.3 specifier: ^4.0.3
version: 4.0.3(vite@4.5.3) version: 4.0.3(vite@4.4.4)
eslint: eslint:
specifier: ^8.54.0 specifier: ^8.54.0
version: 8.54.0 version: 8.54.0
@@ -68,8 +62,8 @@ devDependencies:
specifier: ^5.0.2 specifier: ^5.0.2
version: 5.0.2 version: 5.0.2
vite: vite:
specifier: ^4.5.3 specifier: ^4.4.4
version: 4.5.3(@types/node@20.8.10) version: 4.4.4(@types/node@20.8.10)
packages: packages:
@@ -92,6 +86,7 @@ packages:
dependencies: dependencies:
'@babel/highlight': 7.22.20 '@babel/highlight': 7.22.20
chalk: 2.4.2 chalk: 2.4.2
dev: true
/@babel/compat-data@7.23.2: /@babel/compat-data@7.23.2:
resolution: {integrity: sha512-0S9TQMmDHlqAZ2ITT95irXKfxN9bncq8ZCoJhun3nHL/lLUxd2NKBJYoNGWH7S0hz6fRQwWlAWn/ILM0C70KZQ==} resolution: {integrity: sha512-0S9TQMmDHlqAZ2ITT95irXKfxN9bncq8ZCoJhun3nHL/lLUxd2NKBJYoNGWH7S0hz6fRQwWlAWn/ILM0C70KZQ==}
@@ -167,6 +162,7 @@ packages:
engines: {node: '>=6.9.0'} engines: {node: '>=6.9.0'}
dependencies: dependencies:
'@babel/types': 7.23.0 '@babel/types': 7.23.0
dev: true
/@babel/helper-module-transforms@7.23.0(@babel/core@7.23.2): /@babel/helper-module-transforms@7.23.0(@babel/core@7.23.2):
resolution: {integrity: sha512-WhDWw1tdrlT0gMgUJSlX0IQvoO1eN279zrAUbVB+KpV2c3Tylz8+GnKOLllCS6Z/iZQEyVYxhZVUdPTqs2YYPw==} resolution: {integrity: sha512-WhDWw1tdrlT0gMgUJSlX0IQvoO1eN279zrAUbVB+KpV2c3Tylz8+GnKOLllCS6Z/iZQEyVYxhZVUdPTqs2YYPw==}
@@ -204,10 +200,12 @@ packages:
/@babel/helper-string-parser@7.22.5: /@babel/helper-string-parser@7.22.5:
resolution: {integrity: sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==} resolution: {integrity: sha512-mM4COjgZox8U+JcXQwPijIZLElkgEpO5rsERVDJTc2qfCDfERyob6k5WegS14SX18IIjv+XD+GrqNumY5JRCDw==}
engines: {node: '>=6.9.0'} engines: {node: '>=6.9.0'}
dev: true
/@babel/helper-validator-identifier@7.22.20: /@babel/helper-validator-identifier@7.22.20:
resolution: {integrity: sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==} resolution: {integrity: sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==}
engines: {node: '>=6.9.0'} engines: {node: '>=6.9.0'}
dev: true
/@babel/helper-validator-option@7.22.15: /@babel/helper-validator-option@7.22.15:
resolution: {integrity: sha512-bMn7RmyFjY/mdECUbgn9eoSY4vqvacUnS9i9vGAGttgFWesO6B4CYWA7XlpbWgBt71iv/hfbPlynohStqnu5hA==} resolution: {integrity: sha512-bMn7RmyFjY/mdECUbgn9eoSY4vqvacUnS9i9vGAGttgFWesO6B4CYWA7XlpbWgBt71iv/hfbPlynohStqnu5hA==}
@@ -232,6 +230,7 @@ packages:
'@babel/helper-validator-identifier': 7.22.20 '@babel/helper-validator-identifier': 7.22.20
chalk: 2.4.2 chalk: 2.4.2
js-tokens: 4.0.0 js-tokens: 4.0.0
dev: true
/@babel/parser@7.23.0: /@babel/parser@7.23.0:
resolution: {integrity: sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==} resolution: {integrity: sha512-vvPKKdMemU85V9WE/l5wZEmImpCtLqbnTvqDS2U1fJ96KrxoW7KrXhNsNCblQlg8Ck4b85yxdTyelsMUgFUXiw==}
@@ -302,22 +301,7 @@ packages:
'@babel/helper-string-parser': 7.22.5 '@babel/helper-string-parser': 7.22.5
'@babel/helper-validator-identifier': 7.22.20 '@babel/helper-validator-identifier': 7.22.20
to-fast-properties: 2.0.0 to-fast-properties: 2.0.0
dev: true
/@emotion/babel-plugin@11.11.0:
resolution: {integrity: sha512-m4HEDZleaaCH+XgDDsPF15Ht6wTLsgDTeR3WYj9Q/k76JtWhrJjcP4+/XlG8LGT/Rol9qUfOIztXeA84ATpqPQ==}
dependencies:
'@babel/helper-module-imports': 7.22.15
'@babel/runtime': 7.23.2
'@emotion/hash': 0.9.1
'@emotion/memoize': 0.8.1
'@emotion/serialize': 1.1.3
babel-plugin-macros: 3.1.0
convert-source-map: 1.9.0
escape-string-regexp: 4.0.0
find-root: 1.1.0
source-map: 0.5.7
stylis: 4.2.0
dev: false
/@emotion/cache@11.11.0: /@emotion/cache@11.11.0:
resolution: {integrity: sha512-P34z9ssTCBi3e9EI1ZsWpNHcfY1r09ZO0rZbRO2ob3ZQMnFI35jB536qoXbkdesr5EUhYi22anuEJuyxifaqAQ==} resolution: {integrity: sha512-P34z9ssTCBi3e9EI1ZsWpNHcfY1r09ZO0rZbRO2ob3ZQMnFI35jB536qoXbkdesr5EUhYi22anuEJuyxifaqAQ==}
@@ -329,88 +313,14 @@ packages:
stylis: 4.2.0 stylis: 4.2.0
dev: false dev: false
/@emotion/hash@0.9.1:
resolution: {integrity: sha512-gJB6HLm5rYwSLI6PQa+X1t5CFGrv1J1TWG+sOyMCeKz2ojaj6Fnl/rZEspogG+cvqbt4AE/2eIyD2QfLKTBNlQ==}
dev: false
/@emotion/is-prop-valid@1.2.1:
resolution: {integrity: sha512-61Mf7Ufx4aDxx1xlDeOm8aFFigGHE4z+0sKCa+IHCeZKiyP9RLD0Mmx7m8b9/Cf37f7NAvQOOJAbQQGVr5uERw==}
dependencies:
'@emotion/memoize': 0.8.1
dev: false
/@emotion/memoize@0.8.1: /@emotion/memoize@0.8.1:
resolution: {integrity: sha512-W2P2c/VRW1/1tLox0mVUalvnWXxavmv/Oum2aPsRcoDJuob75FC3Y8FbpfLwUegRcxINtGUMPq0tFCvYNTBXNA==} resolution: {integrity: sha512-W2P2c/VRW1/1tLox0mVUalvnWXxavmv/Oum2aPsRcoDJuob75FC3Y8FbpfLwUegRcxINtGUMPq0tFCvYNTBXNA==}
dev: false dev: false
/@emotion/react@11.11.1(@types/react@18.2.15)(react@18.2.0):
resolution: {integrity: sha512-5mlW1DquU5HaxjLkfkGN1GA/fvVGdyHURRiX/0FHl2cfIfRxSOfmxEH5YS43edp0OldZrZ+dkBKbngxcNCdZvA==}
peerDependencies:
'@types/react': '*'
react: '>=16.8.0'
peerDependenciesMeta:
'@types/react':
optional: true
dependencies:
'@babel/runtime': 7.23.2
'@emotion/babel-plugin': 11.11.0
'@emotion/cache': 11.11.0
'@emotion/serialize': 1.1.3
'@emotion/use-insertion-effect-with-fallbacks': 1.0.1(react@18.2.0)
'@emotion/utils': 1.2.1
'@emotion/weak-memoize': 0.3.1
'@types/react': 18.2.15
hoist-non-react-statics: 3.3.2
react: 18.2.0
dev: false
/@emotion/serialize@1.1.3:
resolution: {integrity: sha512-iD4D6QVZFDhcbH0RAG1uVu1CwVLMWUkCvAqqlewO/rxf8+87yIBAlt4+AxMiiKPLs5hFc0owNk/sLLAOROw3cA==}
dependencies:
'@emotion/hash': 0.9.1
'@emotion/memoize': 0.8.1
'@emotion/unitless': 0.8.1
'@emotion/utils': 1.2.1
csstype: 3.1.2
dev: false
/@emotion/sheet@1.2.2: /@emotion/sheet@1.2.2:
resolution: {integrity: sha512-0QBtGvaqtWi+nx6doRwDdBIzhNdZrXUppvTM4dtZZWEGTXL/XE/yJxLMGlDT1Gt+UHH5IX1n+jkXyytE/av7OA==} resolution: {integrity: sha512-0QBtGvaqtWi+nx6doRwDdBIzhNdZrXUppvTM4dtZZWEGTXL/XE/yJxLMGlDT1Gt+UHH5IX1n+jkXyytE/av7OA==}
dev: false dev: false
/@emotion/styled@11.11.0(@emotion/react@11.11.1)(@types/react@18.2.15)(react@18.2.0):
resolution: {integrity: sha512-hM5Nnvu9P3midq5aaXj4I+lnSfNi7Pmd4EWk1fOZ3pxookaQTNew6bp4JaCBYM4HVFZF9g7UjJmsUmC2JlxOng==}
peerDependencies:
'@emotion/react': ^11.0.0-rc.0
'@types/react': '*'
react: '>=16.8.0'
peerDependenciesMeta:
'@types/react':
optional: true
dependencies:
'@babel/runtime': 7.23.2
'@emotion/babel-plugin': 11.11.0
'@emotion/is-prop-valid': 1.2.1
'@emotion/react': 11.11.1(@types/react@18.2.15)(react@18.2.0)
'@emotion/serialize': 1.1.3
'@emotion/use-insertion-effect-with-fallbacks': 1.0.1(react@18.2.0)
'@emotion/utils': 1.2.1
'@types/react': 18.2.15
react: 18.2.0
dev: false
/@emotion/unitless@0.8.1:
resolution: {integrity: sha512-KOEGMu6dmJZtpadb476IsZBclKvILjopjUii3V+7MnXIQCYh8W3NgNcgwo21n9LXZX6EDIKvqfjYxXebDwxKmQ==}
dev: false
/@emotion/use-insertion-effect-with-fallbacks@1.0.1(react@18.2.0):
resolution: {integrity: sha512-jT/qyKZ9rzLErtrjGgdkMBn2OP8wl0G3sQlBb3YPryvKHsjvINUhVaPFfP+fpBcOkmrVOVEEHQFJ7nbj2TH2gw==}
peerDependencies:
react: '>=16.8.0'
dependencies:
react: 18.2.0
dev: false
/@emotion/utils@1.2.1: /@emotion/utils@1.2.1:
resolution: {integrity: sha512-Y2tGf3I+XVnajdItskUCn6LX+VUDmP6lTL4fcqsXAv43dnlbZiuW4MWQW38rW/BVWSE7Q/7+XQocmpnRYILUmg==} resolution: {integrity: sha512-Y2tGf3I+XVnajdItskUCn6LX+VUDmP6lTL4fcqsXAv43dnlbZiuW4MWQW38rW/BVWSE7Q/7+XQocmpnRYILUmg==}
dev: false dev: false
@@ -771,12 +681,12 @@ packages:
optional: true optional: true
dependencies: dependencies:
'@babel/runtime': 7.23.2 '@babel/runtime': 7.23.2
'@mui/material': 5.14.18(@emotion/react@11.11.1)(@emotion/styled@11.11.0)(@types/react@18.2.15)(react-dom@18.2.0)(react@18.2.0) '@mui/material': 5.14.18(@types/react@18.2.15)(react-dom@18.2.0)(react@18.2.0)
'@types/react': 18.2.15 '@types/react': 18.2.15
react: 18.2.0 react: 18.2.0
dev: false dev: false
/@mui/material@5.14.18(@emotion/react@11.11.1)(@emotion/styled@11.11.0)(@types/react@18.2.15)(react-dom@18.2.0)(react@18.2.0): /@mui/material@5.14.18(@types/react@18.2.15)(react-dom@18.2.0)(react@18.2.0):
resolution: {integrity: sha512-y3UiR/JqrkF5xZR0sIKj6y7xwuEiweh9peiN3Zfjy1gXWXhz5wjlaLdoxFfKIEBUFfeQALxr/Y8avlHH+B9lpQ==} resolution: {integrity: sha512-y3UiR/JqrkF5xZR0sIKj6y7xwuEiweh9peiN3Zfjy1gXWXhz5wjlaLdoxFfKIEBUFfeQALxr/Y8avlHH+B9lpQ==}
engines: {node: '>=12.0.0'} engines: {node: '>=12.0.0'}
peerDependencies: peerDependencies:
@@ -794,11 +704,9 @@ packages:
optional: true optional: true
dependencies: dependencies:
'@babel/runtime': 7.23.2 '@babel/runtime': 7.23.2
'@emotion/react': 11.11.1(@types/react@18.2.15)(react@18.2.0)
'@emotion/styled': 11.11.0(@emotion/react@11.11.1)(@types/react@18.2.15)(react@18.2.0)
'@mui/base': 5.0.0-beta.24(@types/react@18.2.15)(react-dom@18.2.0)(react@18.2.0) '@mui/base': 5.0.0-beta.24(@types/react@18.2.15)(react-dom@18.2.0)(react@18.2.0)
'@mui/core-downloads-tracker': 5.14.18 '@mui/core-downloads-tracker': 5.14.18
'@mui/system': 5.14.18(@emotion/react@11.11.1)(@emotion/styled@11.11.0)(@types/react@18.2.15)(react@18.2.0) '@mui/system': 5.14.18(@types/react@18.2.15)(react@18.2.0)
'@mui/types': 7.2.9(@types/react@18.2.15) '@mui/types': 7.2.9(@types/react@18.2.15)
'@mui/utils': 5.14.18(@types/react@18.2.15)(react@18.2.0) '@mui/utils': 5.14.18(@types/react@18.2.15)(react@18.2.0)
'@types/react': 18.2.15 '@types/react': 18.2.15
@@ -829,7 +737,7 @@ packages:
react: 18.2.0 react: 18.2.0
dev: false dev: false
/@mui/styled-engine@5.14.18(@emotion/react@11.11.1)(@emotion/styled@11.11.0)(react@18.2.0): /@mui/styled-engine@5.14.18(react@18.2.0):
resolution: {integrity: sha512-pW8bpmF9uCB5FV2IPk6mfbQCjPI5vGI09NOLhtGXPeph/4xIfC3JdIX0TILU0WcTs3aFQqo6s2+1SFgIB9rCXA==} resolution: {integrity: sha512-pW8bpmF9uCB5FV2IPk6mfbQCjPI5vGI09NOLhtGXPeph/4xIfC3JdIX0TILU0WcTs3aFQqo6s2+1SFgIB9rCXA==}
engines: {node: '>=12.0.0'} engines: {node: '>=12.0.0'}
peerDependencies: peerDependencies:
@@ -844,14 +752,12 @@ packages:
dependencies: dependencies:
'@babel/runtime': 7.23.2 '@babel/runtime': 7.23.2
'@emotion/cache': 11.11.0 '@emotion/cache': 11.11.0
'@emotion/react': 11.11.1(@types/react@18.2.15)(react@18.2.0)
'@emotion/styled': 11.11.0(@emotion/react@11.11.1)(@types/react@18.2.15)(react@18.2.0)
csstype: 3.1.2 csstype: 3.1.2
prop-types: 15.8.1 prop-types: 15.8.1
react: 18.2.0 react: 18.2.0
dev: false dev: false
/@mui/system@5.14.18(@emotion/react@11.11.1)(@emotion/styled@11.11.0)(@types/react@18.2.15)(react@18.2.0): /@mui/system@5.14.18(@types/react@18.2.15)(react@18.2.0):
resolution: {integrity: sha512-hSQQdb3KF72X4EN2hMEiv8EYJZSflfdd1TRaGPoR7CIAG347OxCslpBUwWngYobaxgKvq6xTrlIl+diaactVww==} resolution: {integrity: sha512-hSQQdb3KF72X4EN2hMEiv8EYJZSflfdd1TRaGPoR7CIAG347OxCslpBUwWngYobaxgKvq6xTrlIl+diaactVww==}
engines: {node: '>=12.0.0'} engines: {node: '>=12.0.0'}
peerDependencies: peerDependencies:
@@ -868,10 +774,8 @@ packages:
optional: true optional: true
dependencies: dependencies:
'@babel/runtime': 7.23.2 '@babel/runtime': 7.23.2
'@emotion/react': 11.11.1(@types/react@18.2.15)(react@18.2.0)
'@emotion/styled': 11.11.0(@emotion/react@11.11.1)(@types/react@18.2.15)(react@18.2.0)
'@mui/private-theming': 5.14.18(@types/react@18.2.15)(react@18.2.0) '@mui/private-theming': 5.14.18(@types/react@18.2.15)(react@18.2.0)
'@mui/styled-engine': 5.14.18(@emotion/react@11.11.1)(@emotion/styled@11.11.0)(react@18.2.0) '@mui/styled-engine': 5.14.18(react@18.2.0)
'@mui/types': 7.2.9(@types/react@18.2.15) '@mui/types': 7.2.9(@types/react@18.2.15)
'@mui/utils': 5.14.18(@types/react@18.2.15)(react@18.2.0) '@mui/utils': 5.14.18(@types/react@18.2.15)(react@18.2.0)
'@types/react': 18.2.15 '@types/react': 18.2.15
@@ -940,8 +844,8 @@ packages:
engines: {node: '>= 14.6.0', npm: '>= 6.6.0', yarn: '>= 1.19.1'} engines: {node: '>= 14.6.0', npm: '>= 6.6.0', yarn: '>= 1.19.1'}
dev: false dev: false
/@tauri-apps/cli-darwin-arm64@1.5.6: /@tauri-apps/cli-darwin-arm64@1.5.0:
resolution: {integrity: sha512-NNvG3XLtciCMsBahbDNUEvq184VZmOveTGOuy0So2R33b/6FDkuWaSgWZsR1mISpOuP034htQYW0VITCLelfqg==} resolution: {integrity: sha512-wvEfcSBjlh1G8uBiylMNFgBtAyk4mXfvDFcGyigf/2ui7Wve6fcAFDJdTVwiHOZ4Wxnw6BD3lIkVMQdDpE+nFg==}
engines: {node: '>= 10'} engines: {node: '>= 10'}
cpu: [arm64] cpu: [arm64]
os: [darwin] os: [darwin]
@@ -949,8 +853,8 @@ packages:
dev: true dev: true
optional: true optional: true
/@tauri-apps/cli-darwin-x64@1.5.6: /@tauri-apps/cli-darwin-x64@1.5.0:
resolution: {integrity: sha512-nkiqmtUQw3N1j4WoVjv81q6zWuZFhBLya/RNGUL94oafORloOZoSY0uTZJAoeieb3Y1YK0rCHSDl02MyV2Fi4A==} resolution: {integrity: sha512-pWzLMAMslx3dkLyq1f4PpuEhgUs8mPISM5nQoHfgYYchJk6Ip1YtWupo56h5QjqyRNPUsSYT8DVGIw0Oi8auXQ==}
engines: {node: '>= 10'} engines: {node: '>= 10'}
cpu: [x64] cpu: [x64]
os: [darwin] os: [darwin]
@@ -958,8 +862,8 @@ packages:
dev: true dev: true
optional: true optional: true
/@tauri-apps/cli-linux-arm-gnueabihf@1.5.6: /@tauri-apps/cli-linux-arm-gnueabihf@1.5.0:
resolution: {integrity: sha512-z6SPx+axZexmWXTIVPNs4Tg7FtvdJl9EKxYN6JPjOmDZcqA13iyqWBQal2DA/GMZ1Xqo3vyJf6EoEaKaliymPQ==} resolution: {integrity: sha512-hP3nAd0TjxblIAgriXhdX33sKXwbkY3CKsWBVB3O+5DOGy7XzKosIt0KaqiV8BHI2pbHMVOwTZuvjdK8pPLULQ==}
engines: {node: '>= 10'} engines: {node: '>= 10'}
cpu: [arm] cpu: [arm]
os: [linux] os: [linux]
@@ -967,8 +871,8 @@ packages:
dev: true dev: true
optional: true optional: true
/@tauri-apps/cli-linux-arm64-gnu@1.5.6: /@tauri-apps/cli-linux-arm64-gnu@1.5.0:
resolution: {integrity: sha512-QuQjMQmpsCbzBrmtQiG4uhnfAbdFx3nzm+9LtqjuZlurc12+Mj5MTgqQ3AOwQedH3f7C+KlvbqD2AdXpwTg7VA==} resolution: {integrity: sha512-/AwGSjUplzeiGWbKP8rAW4gQx5umWiaQJ0ifx6NakA/sIrhRXPYTobwzg4ixw31ALQNXaEosJCkmvXyHUvoUYw==}
engines: {node: '>= 10'} engines: {node: '>= 10'}
cpu: [arm64] cpu: [arm64]
os: [linux] os: [linux]
@@ -976,8 +880,8 @@ packages:
dev: true dev: true
optional: true optional: true
/@tauri-apps/cli-linux-arm64-musl@1.5.6: /@tauri-apps/cli-linux-arm64-musl@1.5.0:
resolution: {integrity: sha512-8j5dH3odweFeom7bRGlfzDApWVOT4jIq8/214Wl+JeiNVehouIBo9lZGeghZBH3XKFRwEvU23i7sRVjuh2s8mg==} resolution: {integrity: sha512-OFzKMkg3bmBjr/BYQ1kx4QOHL+JSkzX+Cw8RcG7CKnq8QoJyg8N0K0UTskgsVwlCN4l7bxeuSLvEveg4SBA2AQ==}
engines: {node: '>= 10'} engines: {node: '>= 10'}
cpu: [arm64] cpu: [arm64]
os: [linux] os: [linux]
@@ -985,8 +889,8 @@ packages:
dev: true dev: true
optional: true optional: true
/@tauri-apps/cli-linux-x64-gnu@1.5.6: /@tauri-apps/cli-linux-x64-gnu@1.5.0:
resolution: {integrity: sha512-gbFHYHfdEGW0ffk8SigDsoXks6USpilF6wR0nqB/JbWzbzFR/sBuLVNQlJl1RKNakyJHu+lsFxGy0fcTdoX8xA==} resolution: {integrity: sha512-V2stfUH3Qrc3cIXAd+cKbJruS1oJqqGd40GTVcKOKlRk9Ef9H3WNUQ5PyWKj1t1rk8AxjcBO/vK+Unkuy1WSCw==}
engines: {node: '>= 10'} engines: {node: '>= 10'}
cpu: [x64] cpu: [x64]
os: [linux] os: [linux]
@@ -994,8 +898,8 @@ packages:
dev: true dev: true
optional: true optional: true
/@tauri-apps/cli-linux-x64-musl@1.5.6: /@tauri-apps/cli-linux-x64-musl@1.5.0:
resolution: {integrity: sha512-9v688ogoLkeFYQNgqiSErfhTreLUd8B3prIBSYUt+x4+5Kcw91zWvIh+VSxL1n3KCGGsM7cuXhkGPaxwlEh1ug==} resolution: {integrity: sha512-qpcGeesuksxzE7lC3RCnikTY9DCRMnAYwhWa9i8MA7pKDX1IXaEvAaXrse44XCZUohxLLgn2k2o6Pb+65dDijQ==}
engines: {node: '>= 10'} engines: {node: '>= 10'}
cpu: [x64] cpu: [x64]
os: [linux] os: [linux]
@@ -1003,8 +907,8 @@ packages:
dev: true dev: true
optional: true optional: true
/@tauri-apps/cli-win32-arm64-msvc@1.5.6: /@tauri-apps/cli-win32-arm64-msvc@1.5.0:
resolution: {integrity: sha512-DRNDXFNZb6y5IZrw+lhTTA9l4wbzO4TNRBAlHAiXUrH+pRFZ/ZJtv5WEuAj9ocVSahVw2NaK5Yaold4NPAxHog==} resolution: {integrity: sha512-Glt/AEWwbFmFnQuoPRbB6vMzCIT9jYSpD59zRP8ljhRSzwDHE59q5nXOrheLKICwMmaXqtAuCIq9ndDBKghwoQ==}
engines: {node: '>= 10'} engines: {node: '>= 10'}
cpu: [arm64] cpu: [arm64]
os: [win32] os: [win32]
@@ -1012,8 +916,8 @@ packages:
dev: true dev: true
optional: true optional: true
/@tauri-apps/cli-win32-ia32-msvc@1.5.6: /@tauri-apps/cli-win32-ia32-msvc@1.5.0:
resolution: {integrity: sha512-oUYKNR/IZjF4fsOzRpw0xesl2lOjhsQEyWlgbpT25T83EU113Xgck9UjtI7xemNI/OPCv1tPiaM1e7/ABdg5iA==} resolution: {integrity: sha512-k+R2VI8eZJfRjaRS8LwbkjMBKFaKcWtA/byaFnGDDUnb3VM/WFW++3KjC5Ne2wXpxFW9RVaFiBNIpmRcExI0Qw==}
engines: {node: '>= 10'} engines: {node: '>= 10'}
cpu: [ia32] cpu: [ia32]
os: [win32] os: [win32]
@@ -1021,8 +925,8 @@ packages:
dev: true dev: true
optional: true optional: true
/@tauri-apps/cli-win32-x64-msvc@1.5.6: /@tauri-apps/cli-win32-x64-msvc@1.5.0:
resolution: {integrity: sha512-RmEf1os9C8//uq2hbjXi7Vgz9ne7798ZxqemAZdUwo1pv3oLVZSz1/IvZmUHPdy2e6zSeySqWu1D0Y3QRNN+dg==} resolution: {integrity: sha512-jEwq9UuUldVyDJ/dsYoHFuZfNZIkxbeDYSMELfZXsRvWWEA8xRYeTkH38S++KU1eBl5dTK0LbxhztEB2HjRT1g==}
engines: {node: '>= 10'} engines: {node: '>= 10'}
cpu: [x64] cpu: [x64]
os: [win32] os: [win32]
@@ -1030,21 +934,21 @@ packages:
dev: true dev: true
optional: true optional: true
/@tauri-apps/cli@1.5.6: /@tauri-apps/cli@1.5.0:
resolution: {integrity: sha512-k4Y19oVCnt7WZb2TnDzLqfs7o98Jq0tUoVMv+JQSzuRDJqaVu2xMBZ8dYplEn+EccdR5SOMyzaLBJWu38TVK1A==} resolution: {integrity: sha512-usY7Ncfkxl2f/ufjWDtp+eJsodlj8ipMKExIt160KR+tx0GtQgLtxRnrKxe1o7wu18Pkqd5JIuWMaOmT3YZeYA==}
engines: {node: '>= 10'} engines: {node: '>= 10'}
hasBin: true hasBin: true
optionalDependencies: optionalDependencies:
'@tauri-apps/cli-darwin-arm64': 1.5.6 '@tauri-apps/cli-darwin-arm64': 1.5.0
'@tauri-apps/cli-darwin-x64': 1.5.6 '@tauri-apps/cli-darwin-x64': 1.5.0
'@tauri-apps/cli-linux-arm-gnueabihf': 1.5.6 '@tauri-apps/cli-linux-arm-gnueabihf': 1.5.0
'@tauri-apps/cli-linux-arm64-gnu': 1.5.6 '@tauri-apps/cli-linux-arm64-gnu': 1.5.0
'@tauri-apps/cli-linux-arm64-musl': 1.5.6 '@tauri-apps/cli-linux-arm64-musl': 1.5.0
'@tauri-apps/cli-linux-x64-gnu': 1.5.6 '@tauri-apps/cli-linux-x64-gnu': 1.5.0
'@tauri-apps/cli-linux-x64-musl': 1.5.6 '@tauri-apps/cli-linux-x64-musl': 1.5.0
'@tauri-apps/cli-win32-arm64-msvc': 1.5.6 '@tauri-apps/cli-win32-arm64-msvc': 1.5.0
'@tauri-apps/cli-win32-ia32-msvc': 1.5.6 '@tauri-apps/cli-win32-ia32-msvc': 1.5.0
'@tauri-apps/cli-win32-x64-msvc': 1.5.6 '@tauri-apps/cli-win32-x64-msvc': 1.5.0
dev: true dev: true
/@types/json-schema@7.0.14: /@types/json-schema@7.0.14:
@@ -1057,10 +961,6 @@ packages:
undici-types: 5.26.5 undici-types: 5.26.5
dev: true dev: true
/@types/parse-json@4.0.2:
resolution: {integrity: sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw==}
dev: false
/@types/prop-types@15.7.11: /@types/prop-types@15.7.11:
resolution: {integrity: sha512-ga8y9v9uyeiLdpKddhxYQkxNDrfvuPrlFb0N1qnZZByvcElJaXthF1UhvCh9TLWJBEHeNtdnbysW7Y6Uq8CVng==} resolution: {integrity: sha512-ga8y9v9uyeiLdpKddhxYQkxNDrfvuPrlFb0N1qnZZByvcElJaXthF1UhvCh9TLWJBEHeNtdnbysW7Y6Uq8CVng==}
dev: false dev: false
@@ -1229,7 +1129,7 @@ packages:
resolution: {integrity: sha512-zuVdFrMJiuCDQUMCzQaD6KL28MjnqqN8XnAqiEq9PNm/hCPTSGfrXCOfwj1ow4LFb/tNymJPwsNbVePc1xFqrQ==} resolution: {integrity: sha512-zuVdFrMJiuCDQUMCzQaD6KL28MjnqqN8XnAqiEq9PNm/hCPTSGfrXCOfwj1ow4LFb/tNymJPwsNbVePc1xFqrQ==}
dev: true dev: true
/@vitejs/plugin-react@4.0.3(vite@4.5.3): /@vitejs/plugin-react@4.0.3(vite@4.4.4):
resolution: {integrity: sha512-pwXDog5nwwvSIzwrvYYmA2Ljcd/ZNlcsSG2Q9CNDBwnsd55UGAyr2doXtB5j+2uymRCnCfExlznzzSFbBRcoCg==} resolution: {integrity: sha512-pwXDog5nwwvSIzwrvYYmA2Ljcd/ZNlcsSG2Q9CNDBwnsd55UGAyr2doXtB5j+2uymRCnCfExlznzzSFbBRcoCg==}
engines: {node: ^14.18.0 || >=16.0.0} engines: {node: ^14.18.0 || >=16.0.0}
peerDependencies: peerDependencies:
@@ -1239,7 +1139,7 @@ packages:
'@babel/plugin-transform-react-jsx-self': 7.22.5(@babel/core@7.23.2) '@babel/plugin-transform-react-jsx-self': 7.22.5(@babel/core@7.23.2)
'@babel/plugin-transform-react-jsx-source': 7.22.5(@babel/core@7.23.2) '@babel/plugin-transform-react-jsx-source': 7.22.5(@babel/core@7.23.2)
react-refresh: 0.14.0 react-refresh: 0.14.0
vite: 4.5.3(@types/node@20.8.10) vite: 4.4.4(@types/node@20.8.10)
transitivePeerDependencies: transitivePeerDependencies:
- supports-color - supports-color
dev: true dev: true
@@ -1277,6 +1177,7 @@ packages:
engines: {node: '>=4'} engines: {node: '>=4'}
dependencies: dependencies:
color-convert: 1.9.3 color-convert: 1.9.3
dev: true
/ansi-styles@4.3.0: /ansi-styles@4.3.0:
resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==} resolution: {integrity: sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==}
@@ -1366,15 +1267,6 @@ packages:
engines: {node: '>= 0.4'} engines: {node: '>= 0.4'}
dev: true dev: true
/babel-plugin-macros@3.1.0:
resolution: {integrity: sha512-Cg7TFGpIr01vOQNODXOOaGz2NpCU5gl8x1qJFbb6hbZxR7XrcE2vtbAsTAbJ7/xwJtUuJEw8K8Zr/AE0LHlesg==}
engines: {node: '>=10', npm: '>=6'}
dependencies:
'@babel/runtime': 7.23.2
cosmiconfig: 7.1.0
resolve: 1.22.8
dev: false
/balanced-match@1.0.2: /balanced-match@1.0.2:
resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==} resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==}
dev: true dev: true
@@ -1415,6 +1307,7 @@ packages:
/callsites@3.1.0: /callsites@3.1.0:
resolution: {integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==} resolution: {integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==}
engines: {node: '>=6'} engines: {node: '>=6'}
dev: true
/caniuse-lite@1.0.30001561: /caniuse-lite@1.0.30001561:
resolution: {integrity: sha512-NTt0DNoKe958Q0BE0j0c1V9jbUzhBxHIEJy7asmGrpE0yG63KTV7PLHPnK2E1O9RsQrQ081I3NLuXGS6zht3cw==} resolution: {integrity: sha512-NTt0DNoKe958Q0BE0j0c1V9jbUzhBxHIEJy7asmGrpE0yG63KTV7PLHPnK2E1O9RsQrQ081I3NLuXGS6zht3cw==}
@@ -1427,6 +1320,7 @@ packages:
ansi-styles: 3.2.1 ansi-styles: 3.2.1
escape-string-regexp: 1.0.5 escape-string-regexp: 1.0.5
supports-color: 5.5.0 supports-color: 5.5.0
dev: true
/chalk@4.1.2: /chalk@4.1.2:
resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==} resolution: {integrity: sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==}
@@ -1445,6 +1339,7 @@ packages:
resolution: {integrity: sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==} resolution: {integrity: sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==}
dependencies: dependencies:
color-name: 1.1.3 color-name: 1.1.3
dev: true
/color-convert@2.0.1: /color-convert@2.0.1:
resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==} resolution: {integrity: sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==}
@@ -1455,6 +1350,7 @@ packages:
/color-name@1.1.3: /color-name@1.1.3:
resolution: {integrity: sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==} resolution: {integrity: sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==}
dev: true
/color-name@1.1.4: /color-name@1.1.4:
resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==} resolution: {integrity: sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==}
@@ -1464,25 +1360,10 @@ packages:
resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==} resolution: {integrity: sha512-/Srv4dswyQNBfohGpz9o6Yb3Gz3SrUDqBH5rTuhGR7ahtlbYKnVxw2bCFMRljaA7EXHaXZ8wsHdodFvbkhKmqg==}
dev: true dev: true
/convert-source-map@1.9.0:
resolution: {integrity: sha512-ASFBup0Mz1uyiIjANan1jzLQami9z1PoYSZCiiYW2FczPbenXc45FZdBZLzOT+r6+iciuEModtmCti+hjaAk0A==}
dev: false
/convert-source-map@2.0.0: /convert-source-map@2.0.0:
resolution: {integrity: sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==} resolution: {integrity: sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==}
dev: true dev: true
/cosmiconfig@7.1.0:
resolution: {integrity: sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==}
engines: {node: '>=10'}
dependencies:
'@types/parse-json': 4.0.2
import-fresh: 3.3.0
parse-json: 5.2.0
path-type: 4.0.0
yaml: 1.10.2
dev: false
/cross-spawn@7.0.3: /cross-spawn@7.0.3:
resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==} resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==}
engines: {node: '>= 8'} engines: {node: '>= 8'}
@@ -1561,12 +1442,6 @@ packages:
resolution: {integrity: sha512-yXsZyXJfAqzWk1WKryr0Wl0MN2D47xodPvEEwlVePBnhU5E7raevLQR+E6b9JAD3GfL/7MbAL9ZtWQQPcLx7wA==} resolution: {integrity: sha512-yXsZyXJfAqzWk1WKryr0Wl0MN2D47xodPvEEwlVePBnhU5E7raevLQR+E6b9JAD3GfL/7MbAL9ZtWQQPcLx7wA==}
dev: true dev: true
/error-ex@1.3.2:
resolution: {integrity: sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==}
dependencies:
is-arrayish: 0.2.1
dev: false
/es-abstract@1.22.3: /es-abstract@1.22.3:
resolution: {integrity: sha512-eiiY8HQeYfYH2Con2berK+To6GrK2RxbPawDkGq4UiCQQfZHb6wX9qQqkbpPqaxQFcl8d9QzZqo0tGE0VcrdwA==} resolution: {integrity: sha512-eiiY8HQeYfYH2Con2berK+To6GrK2RxbPawDkGq4UiCQQfZHb6wX9qQqkbpPqaxQFcl8d9QzZqo0tGE0VcrdwA==}
engines: {node: '>= 0.4'} engines: {node: '>= 0.4'}
@@ -1693,10 +1568,12 @@ packages:
/escape-string-regexp@1.0.5: /escape-string-regexp@1.0.5:
resolution: {integrity: sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==} resolution: {integrity: sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==}
engines: {node: '>=0.8.0'} engines: {node: '>=0.8.0'}
dev: true
/escape-string-regexp@4.0.0: /escape-string-regexp@4.0.0:
resolution: {integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==} resolution: {integrity: sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==}
engines: {node: '>=10'} engines: {node: '>=10'}
dev: true
/eslint-config-prettier@9.0.0(eslint@8.54.0): /eslint-config-prettier@9.0.0(eslint@8.54.0):
resolution: {integrity: sha512-IcJsTkJae2S35pRsRAwoCE+925rJJStOdkKnLVgtE+tEpqU0EVVM7OqrwxqgptKdX29NUwC82I5pXsGFIgSevw==} resolution: {integrity: sha512-IcJsTkJae2S35pRsRAwoCE+925rJJStOdkKnLVgtE+tEpqU0EVVM7OqrwxqgptKdX29NUwC82I5pXsGFIgSevw==}
@@ -1877,10 +1754,6 @@ packages:
to-regex-range: 5.0.1 to-regex-range: 5.0.1
dev: true dev: true
/find-root@1.1.0:
resolution: {integrity: sha512-NKfW6bec6GfKc0SGx1e07QZY9PE99u0Bft/0rzSD5k3sO/vwkVUpDUKVm5Gpp5Ue3YfShPFTX2070tDs5kB9Ng==}
dev: false
/find-up@5.0.0: /find-up@5.0.0:
resolution: {integrity: sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==} resolution: {integrity: sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==}
engines: {node: '>=10'} engines: {node: '>=10'}
@@ -1922,6 +1795,7 @@ packages:
/function-bind@1.1.2: /function-bind@1.1.2:
resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==} resolution: {integrity: sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==}
dev: true
/function.prototype.name@1.1.6: /function.prototype.name@1.1.6:
resolution: {integrity: sha512-Z5kx79swU5P27WEayXM1tBi5Ze/lbIyiNgU3qyXUOf9b2rgXYyF9Dy9Cx+IQv/Lc8WCG6L82zwUPpSS9hGehIg==} resolution: {integrity: sha512-Z5kx79swU5P27WEayXM1tBi5Ze/lbIyiNgU3qyXUOf9b2rgXYyF9Dy9Cx+IQv/Lc8WCG6L82zwUPpSS9hGehIg==}
@@ -2032,6 +1906,7 @@ packages:
/has-flag@3.0.0: /has-flag@3.0.0:
resolution: {integrity: sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==} resolution: {integrity: sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==}
engines: {node: '>=4'} engines: {node: '>=4'}
dev: true
/has-flag@4.0.0: /has-flag@4.0.0:
resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==} resolution: {integrity: sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==}
@@ -2066,12 +1941,7 @@ packages:
engines: {node: '>= 0.4'} engines: {node: '>= 0.4'}
dependencies: dependencies:
function-bind: 1.1.2 function-bind: 1.1.2
dev: true
/hoist-non-react-statics@3.3.2:
resolution: {integrity: sha512-/gGivxi8JPKWNm/W0jSmzcMPpfpPLc3dY/6GxhX2hQ9iGj3aDfklV4ET7NjKpSinLpJ5vafa9iiGIEZg10SfBw==}
dependencies:
react-is: 16.13.1
dev: false
/ignore@5.2.4: /ignore@5.2.4:
resolution: {integrity: sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ==} resolution: {integrity: sha512-MAb38BcSbH0eHNBxn7ql2NH/kX33OkB3lZ1BNdh7ENeRChHTYsTvWrMubiIAMNS2llXEEgZ1MUOBtXChP3kaFQ==}
@@ -2084,6 +1954,7 @@ packages:
dependencies: dependencies:
parent-module: 1.0.1 parent-module: 1.0.1
resolve-from: 4.0.0 resolve-from: 4.0.0
dev: true
/imurmurhash@0.1.4: /imurmurhash@0.1.4:
resolution: {integrity: sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==} resolution: {integrity: sha512-JmXMZ6wuvDmLiHEml9ykzqO6lwFbof0GG4IkcGaENdCRDDmMVnny7s5HsIgHCbaq0w2MyPhDqkhTUgS2LU2PHA==}
@@ -2118,10 +1989,6 @@ packages:
is-typed-array: 1.1.12 is-typed-array: 1.1.12
dev: true dev: true
/is-arrayish@0.2.1:
resolution: {integrity: sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==}
dev: false
/is-async-function@2.0.0: /is-async-function@2.0.0:
resolution: {integrity: sha512-Y1JXKrfykRJGdlDwdKlLpLyMIiWqWvuSd17TvZk68PLAOGOoF4Xyav1z0Xhoi+gCYjZVeC5SI+hYFOfvXmGRCA==} resolution: {integrity: sha512-Y1JXKrfykRJGdlDwdKlLpLyMIiWqWvuSd17TvZk68PLAOGOoF4Xyav1z0Xhoi+gCYjZVeC5SI+hYFOfvXmGRCA==}
engines: {node: '>= 0.4'} engines: {node: '>= 0.4'}
@@ -2152,6 +2019,7 @@ packages:
resolution: {integrity: sha512-hHrIjvZsftOsvKSn2TRYl63zvxsgE0K+0mYMoH6gD4omR5IWB2KynivBQczo3+wF1cCkjzvptnI9Q0sPU66ilw==} resolution: {integrity: sha512-hHrIjvZsftOsvKSn2TRYl63zvxsgE0K+0mYMoH6gD4omR5IWB2KynivBQczo3+wF1cCkjzvptnI9Q0sPU66ilw==}
dependencies: dependencies:
hasown: 2.0.0 hasown: 2.0.0
dev: true
/is-date-object@1.0.5: /is-date-object@1.0.5:
resolution: {integrity: sha512-9YQaSxsAiSwcvS33MBk3wTCVnWK+HhF8VZR2jRxehM16QcVOdHqPn4VPHmRK4lSr38n9JriurInLcP90xsYNfQ==} resolution: {integrity: sha512-9YQaSxsAiSwcvS33MBk3wTCVnWK+HhF8VZR2jRxehM16QcVOdHqPn4VPHmRK4lSr38n9JriurInLcP90xsYNfQ==}
@@ -2305,10 +2173,6 @@ packages:
resolution: {integrity: sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==} resolution: {integrity: sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==}
dev: true dev: true
/json-parse-even-better-errors@2.3.1:
resolution: {integrity: sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==}
dev: false
/json-schema-traverse@0.4.1: /json-schema-traverse@0.4.1:
resolution: {integrity: sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==} resolution: {integrity: sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==}
dev: true dev: true
@@ -2347,10 +2211,6 @@ packages:
type-check: 0.4.0 type-check: 0.4.0
dev: true dev: true
/lines-and-columns@1.2.4:
resolution: {integrity: sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==}
dev: false
/locate-path@6.0.0: /locate-path@6.0.0:
resolution: {integrity: sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==} resolution: {integrity: sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==}
engines: {node: '>=10'} engines: {node: '>=10'}
@@ -2512,16 +2372,7 @@ packages:
engines: {node: '>=6'} engines: {node: '>=6'}
dependencies: dependencies:
callsites: 3.1.0 callsites: 3.1.0
dev: true
/parse-json@5.2.0:
resolution: {integrity: sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==}
engines: {node: '>=8'}
dependencies:
'@babel/code-frame': 7.22.13
error-ex: 1.3.2
json-parse-even-better-errors: 2.3.1
lines-and-columns: 1.2.4
dev: false
/path-exists@4.0.0: /path-exists@4.0.0:
resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==} resolution: {integrity: sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==}
@@ -2540,10 +2391,12 @@ packages:
/path-parse@1.0.7: /path-parse@1.0.7:
resolution: {integrity: sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==} resolution: {integrity: sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==}
dev: true
/path-type@4.0.0: /path-type@4.0.0:
resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==} resolution: {integrity: sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==}
engines: {node: '>=8'} engines: {node: '>=8'}
dev: true
/picocolors@1.0.0: /picocolors@1.0.0:
resolution: {integrity: sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==} resolution: {integrity: sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==}
@@ -2661,15 +2514,7 @@ packages:
/resolve-from@4.0.0: /resolve-from@4.0.0:
resolution: {integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==} resolution: {integrity: sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==}
engines: {node: '>=4'} engines: {node: '>=4'}
dev: true
/resolve@1.22.8:
resolution: {integrity: sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==}
hasBin: true
dependencies:
is-core-module: 2.13.1
path-parse: 1.0.7
supports-preserve-symlinks-flag: 1.0.0
dev: false
/resolve@2.0.0-next.5: /resolve@2.0.0-next.5:
resolution: {integrity: sha512-U7WjGVG9sH8tvjW5SmGbQuui75FiyjAX72HX15DwBBwF9dNiQZRQAg9nnPhYy+TUnE0+VcrttuvNI8oSxZcocA==} resolution: {integrity: sha512-U7WjGVG9sH8tvjW5SmGbQuui75FiyjAX72HX15DwBBwF9dNiQZRQAg9nnPhYy+TUnE0+VcrttuvNI8oSxZcocA==}
@@ -2792,11 +2637,6 @@ packages:
engines: {node: '>=0.10.0'} engines: {node: '>=0.10.0'}
dev: true dev: true
/source-map@0.5.7:
resolution: {integrity: sha512-LbrmJOMUSdEVxIKvdcJzQC+nQhe8FUZQTXQy6+I75skNgn3OoQ0DZA8YnFa7gp8tqtL3KPf1kmo0R5DoApeSGQ==}
engines: {node: '>=0.10.0'}
dev: false
/string.prototype.matchall@4.0.10: /string.prototype.matchall@4.0.10:
resolution: {integrity: sha512-rGXbGmOEosIQi6Qva94HUjgPs9vKW+dkG7Y8Q5O2OYkWL6wFaTRZO8zM4mhP94uX55wgyrXzfS2aGtGzUL7EJQ==} resolution: {integrity: sha512-rGXbGmOEosIQi6Qva94HUjgPs9vKW+dkG7Y8Q5O2OYkWL6wFaTRZO8zM4mhP94uX55wgyrXzfS2aGtGzUL7EJQ==}
dependencies: dependencies:
@@ -2857,6 +2697,7 @@ packages:
engines: {node: '>=4'} engines: {node: '>=4'}
dependencies: dependencies:
has-flag: 3.0.0 has-flag: 3.0.0
dev: true
/supports-color@7.2.0: /supports-color@7.2.0:
resolution: {integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==} resolution: {integrity: sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==}
@@ -2868,6 +2709,7 @@ packages:
/supports-preserve-symlinks-flag@1.0.0: /supports-preserve-symlinks-flag@1.0.0:
resolution: {integrity: sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==} resolution: {integrity: sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==}
engines: {node: '>= 0.4'} engines: {node: '>= 0.4'}
dev: true
/text-table@0.2.0: /text-table@0.2.0:
resolution: {integrity: sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==} resolution: {integrity: sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw==}
@@ -2876,6 +2718,7 @@ packages:
/to-fast-properties@2.0.0: /to-fast-properties@2.0.0:
resolution: {integrity: sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==} resolution: {integrity: sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==}
engines: {node: '>=4'} engines: {node: '>=4'}
dev: true
/to-regex-range@5.0.1: /to-regex-range@5.0.1:
resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==}
@@ -2979,8 +2822,8 @@ packages:
punycode: 2.3.1 punycode: 2.3.1
dev: true dev: true
/vite@4.5.3(@types/node@20.8.10): /vite@4.4.4(@types/node@20.8.10):
resolution: {integrity: sha512-kQL23kMeX92v3ph7IauVkXkikdDRsYMGTVl5KY2E9OY4ONLvkHf04MDTbnfo6NKxZiDLWzVpP5oTa8hQD8U3dg==} resolution: {integrity: sha512-4mvsTxjkveWrKDJI70QmelfVqTm+ihFAb6+xf4sjEU2TmUCTlVX87tmg/QooPEMQb/lM9qGHT99ebqPziEd3wg==}
engines: {node: ^14.18.0 || >=16.0.0} engines: {node: ^14.18.0 || >=16.0.0}
hasBin: true hasBin: true
peerDependencies: peerDependencies:
@@ -3083,11 +2926,6 @@ packages:
resolution: {integrity: sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==} resolution: {integrity: sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==}
dev: true dev: true
/yaml@1.10.2:
resolution: {integrity: sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg==}
engines: {node: '>= 6'}
dev: false
/yocto-queue@0.1.0: /yocto-queue@0.1.0:
resolution: {integrity: sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==} resolution: {integrity: sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==}
engines: {node: '>=10'} engines: {node: '>=10'}

12
apps/gpgui-helper/src-tauri/Cargo.toml
View File

@@ -9,17 +9,17 @@ license.workspace = true
tauri-build = { version = "1.5", features = [] } tauri-build = { version = "1.5", features = [] }
[dependencies] [dependencies]
gpapi = { path = "../../../crates/gpapi", features = ["tauri"] } tauri = { workspace = true, features = [
tauri = { workspace = true, features = ["window-start-dragging"] } "window-start-dragging",
] }
tokio.workspace = true tokio.workspace = true
anyhow.workspace = true anyhow.workspace = true
log.workspace = true log.workspace = true
clap.workspace = true clap.workspace = true
compile-time.workspace = true compile-time.workspace = true
env_logger.workspace = true env_logger.workspace = true
base64.workspace = true
async-stream = "0.3"
futures-util.workspace = true futures-util.workspace = true
downloader = "0.2"
tempfile.workspace = true tempfile.workspace = true
reqwest = { workspace = true, features = ["stream"] }
[features]
custom-protocol = ["tauri/custom-protocol"]

106
apps/gpgui-helper/src-tauri/src/app.rs
View File

@@ -1,52 +1,28 @@
use std::sync::Arc; use std::{sync::Arc, time::Duration};
use gpapi::utils::window::WindowExt; use downloader::{progress::Reporter, Download, Downloader};
use log::info; use tauri::{window::MenuHandle, Manager};
use tauri::Manager; use tempfile::TempDir;
use crate::updater::{GuiUpdater, Installer, ProgressNotifier};
pub struct App { pub struct App {
api_key: Vec<u8>, api_key: Vec<u8>,
gui_version: String,
} }
impl App { impl App {
pub fn new(api_key: Vec<u8>, gui_version: &str) -> Self { pub fn new(api_key: Vec<u8>) -> Self {
Self { Self { api_key }
api_key,
gui_version: gui_version.to_string(),
}
} }
pub fn run(&self) -> anyhow::Result<()> { pub fn run(&self) -> anyhow::Result<()> {
let gui_version = self.gui_version.clone();
let api_key = self.api_key.clone();
tauri::Builder::default() tauri::Builder::default()
.setup(move |app| { .setup(|app| {
let win = app.get_window("main").expect("no main window"); let win = app.get_window("main").unwrap();
win.hide_menu();
let notifier = ProgressNotifier::new(win.clone()); tauri::async_runtime::spawn(async move {
let installer = Installer::new(api_key); hide_menu(win.menu_handle());
let updater = Arc::new(GuiUpdater::new(gui_version, notifier, installer)); let _ = download_gui();
let win_clone = win.clone();
app.listen_global("app://update-done", move |_event| {
info!("Update done");
let _ = win_clone.close();
}); });
// Listen for the update event
win.listen("app://update", move |_event| {
let updater = Arc::clone(&updater);
tokio::spawn(async move { updater.update().await });
});
// Update the GUI on startup
win.trigger("app://update", None);
Ok(()) Ok(())
}) })
.run(tauri::generate_context!())?; .run(tauri::generate_context!())?;
@@ -54,3 +30,63 @@ impl App {
Ok(()) Ok(())
} }
} }
// Fix the bug that the menu bar is visible on Ubuntu 18.04
fn hide_menu(menu_handle: MenuHandle) {
tokio::spawn(async move {
loop {
let menu_visible = menu_handle.is_visible().unwrap_or(false);
if !menu_visible {
break;
}
if menu_visible {
let _ = menu_handle.hide();
tokio::time::sleep(Duration::from_millis(10)).await;
}
}
});
}
struct DownloadProgress {}
impl Reporter for DownloadProgress {
fn setup(&self, max_progress: Option<u64>, message: &str) {
println!("{}: {}", message, max_progress.unwrap_or(0));
}
fn progress(&self, current: u64) {
println!("progress: {}", current);
}
fn set_message(&self, message: &str) {
println!("message: {}", message);
}
fn done(&self) {
println!("done")
}
}
fn download_gui() -> anyhow::Result<()> {
let tmp_dir = TempDir::new()?;
let tmp_dir = tmp_dir.into_path();
let mut downloader = Downloader::builder().download_folder(&tmp_dir).build()?;
let dl = Download::new("https://github.com/yuezk/GlobalProtect-openconnect/releases/download/v2.0.0/globalprotect-openconnect_2.0.0_x86_64.bin.tar.gz");
let progress = Arc::new(DownloadProgress {});
let dl = dl.progress(progress);
let result = downloader.download(&[dl])?;
for r in result {
match r {
Ok(s) => println!("Downloaded: {}", s),
Err(e) => println!("Error: {}", e),
}
}
Ok(())
}

22
apps/gpgui-helper/src-tauri/src/cli.rs
View File

@@ -1,5 +1,5 @@
use base64::prelude::*;
use clap::Parser; use clap::Parser;
use gpapi::utils::base64;
use log::{info, LevelFilter}; use log::{info, LevelFilter};
use crate::app::App; use crate::app::App;
@@ -9,33 +9,27 @@ const GP_API_KEY: &[u8; 32] = &[0; 32];
#[derive(Parser)] #[derive(Parser)]
#[command(version = VERSION)] #[command(version = VERSION)]
struct Cli { struct Cli {}
#[arg(long, help = "Read the API key from stdin")]
api_key_on_stdin: bool,
#[arg(long, default_value = env!("CARGO_PKG_VERSION"), help = "The version of the GUI")]
gui_version: String,
}
impl Cli { impl Cli {
fn run(&self) -> anyhow::Result<()> { fn run(&self) -> anyhow::Result<()> {
#[cfg(debug_assertions)]
let api_key = GP_API_KEY.to_vec();
#[cfg(not(debug_assertions))]
let api_key = self.read_api_key()?; let api_key = self.read_api_key()?;
let app = App::new(api_key, &self.gui_version);
let app = App::new(api_key);
app.run() app.run()
} }
fn read_api_key(&self) -> anyhow::Result<Vec<u8>> { fn read_api_key(&self) -> anyhow::Result<Vec<u8>> {
if self.api_key_on_stdin {
let mut api_key = String::new(); let mut api_key = String::new();
std::io::stdin().read_line(&mut api_key)?; std::io::stdin().read_line(&mut api_key)?;
let api_key = base64::decode_to_vec(api_key.trim())?; let api_key = BASE64_STANDARD.decode(api_key.trim())?;
Ok(api_key) Ok(api_key)
} else {
Ok(GP_API_KEY.to_vec())
}
} }
} }

87
apps/gpgui-helper/src-tauri/src/downloader.rs
View File

@@ -1,87 +0,0 @@
use std::io::Write;
use anyhow::bail;
use futures_util::StreamExt;
use log::info;
use tempfile::NamedTempFile;
use tokio::sync::RwLock;
type OnProgress = Box<dyn Fn(Option<f64>) + Send + Sync + 'static>;
pub struct FileDownloader<'a> {
url: &'a str,
on_progress: RwLock<Option<OnProgress>>,
}
impl<'a> FileDownloader<'a> {
pub fn new(url: &'a str) -> Self {
Self {
url,
on_progress: Default::default(),
}
}
pub fn on_progress<T>(&self, on_progress: T)
where
T: Fn(Option<f64>) + Send + Sync + 'static,
{
if let Ok(mut guard) = self.on_progress.try_write() {
*guard = Some(Box::new(on_progress));
} else {
info!("Failed to acquire on_progress lock");
}
}
pub async fn download(&self) -> anyhow::Result<NamedTempFile> {
let res = reqwest::get(self.url).await?.error_for_status()?;
let content_length = res.content_length().unwrap_or(0);
info!("Content length: {}", content_length);
let mut current_length = 0;
let mut stream = res.bytes_stream();
let mut file = NamedTempFile::new()?;
while let Some(item) = stream.next().await {
let chunk = item?;
let chunk_size = chunk.len() as u64;
file.write_all(&chunk)?;
current_length += chunk_size;
let progress = current_length as f64 / content_length as f64 * 100.0;
if let Some(on_progress) = &*self.on_progress.read().await {
let progress = if content_length > 0 { Some(progress) } else { None };
on_progress(progress);
}
}
if content_length > 0 && current_length != content_length {
bail!("Download incomplete");
}
info!("Downloaded to: {:?}", file.path());
Ok(file)
}
}
pub struct ChecksumFetcher<'a> {
url: &'a str,
}
impl<'a> ChecksumFetcher<'a> {
pub fn new(url: &'a str) -> Self {
Self { url }
}
pub async fn fetch(&self) -> anyhow::Result<String> {
let res = reqwest::get(self.url).await?.error_for_status()?;
let checksum = res.text().await?.trim().to_string();
Ok(checksum)
}
}

2
apps/gpgui-helper/src-tauri/src/lib.rs
View File

@@ -1,5 +1,3 @@
pub(crate) mod app; pub(crate) mod app;
pub(crate) mod downloader;
pub(crate) mod updater;
pub mod cli; pub mod cli;

3
apps/gpgui-helper/src-tauri/src/main.rs
View File

@@ -3,7 +3,6 @@
use gpgui_helper::cli; use gpgui_helper::cli;
#[tokio::main] fn main() {
async fn main() {
cli::run() cli::run()
} }

147
apps/gpgui-helper/src-tauri/src/updater.rs
View File

@@ -1,147 +0,0 @@
use std::sync::Arc;
use gpapi::{
service::request::UpdateGuiRequest,
utils::{checksum::verify_checksum, crypto::Crypto, endpoint::http_endpoint},
};
use log::{info, warn};
use tauri::{Manager, Window};
use crate::downloader::{ChecksumFetcher, FileDownloader};
#[cfg(not(debug_assertions))]
const SNAPSHOT: &str = match option_env!("SNAPSHOT") {
Some(val) => val,
None => "false"
};
pub struct ProgressNotifier {
win: Window,
}
impl ProgressNotifier {
pub fn new(win: Window) -> Self {
Self { win }
}
fn notify(&self, progress: Option<f64>) {
let _ = self.win.emit_all("app://update-progress", progress);
}
fn notify_error(&self) {
let _ = self.win.emit_all("app://update-error", ());
}
fn notify_done(&self) {
let _ = self.win.emit_and_trigger("app://update-done", ());
}
}
pub struct Installer {
crypto: Crypto,
}
impl Installer {
pub fn new(api_key: Vec<u8>) -> Self {
Self {
crypto: Crypto::new(api_key),
}
}
async fn install(&self, path: &str, checksum: &str) -> anyhow::Result<()> {
let service_endpoint = http_endpoint().await?;
let request = UpdateGuiRequest {
path: path.to_string(),
checksum: checksum.to_string(),
};
let payload = self.crypto.encrypt(&request)?;
reqwest::Client::default()
.post(format!("{}/update-gui", service_endpoint))
.body(payload)
.send()
.await?
.error_for_status()?;
Ok(())
}
}
pub struct GuiUpdater {
version: String,
notifier: Arc<ProgressNotifier>,
installer: Installer,
}
impl GuiUpdater {
pub fn new(version: String, notifier: ProgressNotifier, installer: Installer) -> Self {
Self {
version,
notifier: Arc::new(notifier),
installer,
}
}
pub async fn update(&self) {
info!("Update GUI, version: {}", self.version);
#[cfg(debug_assertions)]
let release_tag = "snapshot";
#[cfg(not(debug_assertions))]
let release_tag = if SNAPSHOT == "true" {
String::from("snapshot")
} else {
format!("v{}", self.version)
};
#[cfg(target_arch = "x86_64")]
let arch = "x86_64";
#[cfg(target_arch = "aarch64")]
let arch = "aarch64";
let file_url = format!(
"https://github.com/yuezk/GlobalProtect-openconnect/releases/download/{}/gpgui_{}.bin.tar.xz",
release_tag, arch
);
let checksum_url = format!("{}.sha256", file_url);
info!("Downloading file: {}", file_url);
let dl = FileDownloader::new(&file_url);
let cf = ChecksumFetcher::new(&checksum_url);
let notifier = Arc::clone(&self.notifier);
dl.on_progress(move |progress| notifier.notify(progress));
let res = tokio::try_join!(dl.download(), cf.fetch());
let (file, checksum) = match res {
Ok((file, checksum)) => (file, checksum),
Err(err) => {
warn!("Download error: {}", err);
self.notifier.notify_error();
return;
}
};
let path = file.into_temp_path();
let file_path = path.to_string_lossy();
if let Err(err) = verify_checksum(&file_path, &checksum) {
warn!("Checksum error: {}", err);
self.notifier.notify_error();
return;
}
info!("Checksum success");
if let Err(err) = self.installer.install(&file_path, &checksum).await {
warn!("Install error: {}", err);
self.notifier.notify_error();
} else {
info!("Install success");
self.notifier.notify_done();
}
}
}

15
apps/gpgui-helper/src-tauri/tauri.conf.json
View File

@@ -2,8 +2,8 @@
"$schema": "../node_modules/@tauri-apps/cli/schema.json", "$schema": "../node_modules/@tauri-apps/cli/schema.json",
"build": { "build": {
"beforeDevCommand": "pnpm dev", "beforeDevCommand": "pnpm dev",
"beforeBuildCommand": "pnpm build", "beforeBuildCommand": "echo 'Skipping Vite build command...'",
"devPath": "http://localhost:1421", "devPath": "http://localhost:1420",
"distDir": "../dist", "distDir": "../dist",
"withGlobalTauri": false "withGlobalTauri": false
}, },
@@ -19,7 +19,7 @@
} }
}, },
"bundle": { "bundle": {
"active": false, "active": true,
"targets": "deb", "targets": "deb",
"identifier": "com.yuezk.gpgui-helper", "identifier": "com.yuezk.gpgui-helper",
"icon": [ "icon": [
@@ -38,14 +38,9 @@
"title": "GlobalProtect GUI Helper", "title": "GlobalProtect GUI Helper",
"center": true, "center": true,
"resizable": true, "resizable": true,
"width": 500, "width": 480,
"height": 100, "height": 100,
"minWidth": 500, "label": "main"
"minHeight": 100,
"maxWidth": 500,
"maxHeight": 100,
"label": "main",
"decorations": false
} }
] ]
} }

82
apps/gpgui-helper/src/components/App/App.tsx
View File

@@ -1,44 +1,17 @@
import { Box, Button, CssBaseline, LinearProgress, Typography } from "@mui/material"; import {
import { appWindow } from "@tauri-apps/api/window"; Box,
import logo from "../../assets/icon.svg"; Button,
import { useEffect, useState } from "react"; CssBaseline,
LinearProgress,
LinearProgressProps,
Typography,
} from "@mui/material";
import "./styles.css"; import "./styles.css";
function useUpdateProgress() { import logo from "../../assets/icon.svg";
const [progress, setProgress] = useState<number | null>(null);
useEffect(() => {
const unlisten = appWindow.listen("app://update-progress", (event) => {
setProgress(event.payload as number);
});
return () => {
unlisten.then((unlisten) => unlisten());
};
}, []);
return progress;
}
export default function App() { export default function App() {
const [error, setError] = useState(false);
useEffect(() => {
const unlisten = appWindow.listen("app://update-error", () => {
setError(true);
});
return () => {
unlisten.then((unlisten) => unlisten());
};
}, []);
const handleRetry = () => {
setError(false);
appWindow.emit("app://update");
};
return ( return (
<> <>
<CssBaseline /> <CssBaseline />
@@ -54,11 +27,12 @@ export default function App() {
component="img" component="img"
src={logo} src={logo}
alt="logo" alt="logo"
sx={{ width: "4rem", height: "4rem" }} sx={{ width: 64, height: 64 }}
data-tauri-drag-region data-tauri-drag-region
/> />
<Box flex={1} ml={2}> <Box flex={1} ml={2}>
{error ? <DownloadFailed onRetry={handleRetry} /> : <DownloadIndicator />} <DownloadIndicator />
{/* <DownloadFailed /> */}
</Box> </Box>
</Box> </Box>
</Box> </Box>
@@ -67,21 +41,19 @@ export default function App() {
} }
function DownloadIndicator() { function DownloadIndicator() {
const progress = useUpdateProgress();
return ( return (
<> <>
<Typography variant="h1" fontSize="1rem" data-tauri-drag-region> <Typography variant="h1" fontSize="1rem" data-tauri-drag-region>
Updating the GUI components... Updating the GUI components...
</Typography> </Typography>
<Box mt={1}> <Box mt={1}>
<LinearProgressWithLabel value={progress} /> <LinearProgressWithLabel value={50} />
</Box> </Box>
</> </>
); );
} }
function DownloadFailed({ onRetry }: { onRetry: () => void }) { function DownloadFailed() {
return ( return (
<> <>
<Typography variant="h1" fontSize="1rem" data-tauri-drag-region> <Typography variant="h1" fontSize="1rem" data-tauri-drag-region>
@@ -92,7 +64,6 @@ function DownloadFailed({ onRetry }: { onRetry: () => void }) {
variant="contained" variant="contained"
color="primary" color="primary"
size="small" size="small"
onClick={onRetry}
sx={{ sx={{
textTransform: "none", textTransform: "none",
}} }}
@@ -104,28 +75,17 @@ function DownloadFailed({ onRetry }: { onRetry: () => void }) {
); );
} }
function LinearProgressWithLabel(props: { value: number | null }) { function LinearProgressWithLabel(props: LinearProgressProps & { value: number }) {
const { value } = props;
return ( return (
<Box sx={{ display: "flex", alignItems: "center" }}> <Box sx={{ display: "flex", alignItems: "center" }}>
<Box flex="1"> <Box sx={{ width: "100%", mr: 1 }}>
<LinearProgress <LinearProgress variant="determinate" {...props} />
variant={value === null ? "indeterminate" : "determinate"}
value={value ?? 0}
sx={{
py: 1.2,
".MuiLinearProgress-bar": {
transition: "none",
},
}}
/>
</Box> </Box>
{value !== null && ( <Box sx={{ minWidth: 35 }}>
<Box sx={{ minWidth: 35, textAlign: "right", ml: 1 }}> <Typography variant="body2" color="text.secondary">{`${Math.round(
<Typography variant="body2" color="text.secondary">{`${Math.round(value)}%`}</Typography> props.value,
)}%`}</Typography>
</Box> </Box>
)}
</Box> </Box>
); );
} }

2
apps/gpgui-helper/vite.config.ts
View File

@@ -13,7 +13,7 @@ export default defineConfig(async () => {
clearScreen: false, clearScreen: false,
// 2. tauri expects a fixed port, fail if that port is not available // 2. tauri expects a fixed port, fail if that port is not available
server: { server: {
port: 1421, port: 1420,
strictPort: true, strictPort: true,
}, },
// 3. to make use of `TAURI_DEBUG` and other env variables // 3. to make use of `TAURI_DEBUG` and other env variables

3
apps/gpservice/Cargo.toml
View File

@@ -13,10 +13,7 @@ tokio.workspace = true
tokio-util.workspace = true tokio-util.workspace = true
axum = { workspace = true, features = ["ws"] } axum = { workspace = true, features = ["ws"] }
futures.workspace = true futures.workspace = true
serde.workspace = true
serde_json.workspace = true serde_json.workspace = true
env_logger.workspace = true env_logger.workspace = true
log.workspace = true log.workspace = true
compile-time.workspace = true compile-time.workspace = true
xz2 = "0.1"
tar = "0.4"

4
apps/gpservice/src/cli.rs
View File

@@ -127,8 +127,10 @@ fn init_logger() -> Arc<Redaction> {
async fn launch_gui(envs: Option<HashMap<String, String>>, api_key: Vec<u8>, mut minimized: bool) { async fn launch_gui(envs: Option<HashMap<String, String>>, api_key: Vec<u8>, mut minimized: bool) {
loop { loop {
let gui_launcher = GuiLauncher::new(env!("CARGO_PKG_VERSION"), &api_key) let api_key_clone = api_key.clone();
let gui_launcher = GuiLauncher::new()
.envs(envs.clone()) .envs(envs.clone())
.api_key(api_key_clone)
.minimized(minimized); .minimized(minimized);
match gui_launcher.launch().await { match gui_launcher.launch().await {

84
apps/gpservice/src/handlers.rs
View File

@@ -1,33 +1,15 @@
use std::{ use std::{borrow::Cow, ops::ControlFlow, sync::Arc};
borrow::Cow,
fs::{File, Permissions},
io::BufReader,
ops::ControlFlow,
os::unix::fs::PermissionsExt,
path::PathBuf,
sync::Arc,
};
use anyhow::bail;
use axum::{ use axum::{
body::Bytes,
extract::{ extract::{
ws::{self, CloseFrame, Message, WebSocket}, ws::{self, CloseFrame, Message, WebSocket},
State, WebSocketUpgrade, State, WebSocketUpgrade,
}, },
http::StatusCode,
response::IntoResponse, response::IntoResponse,
}; };
use futures::{SinkExt, StreamExt}; use futures::{SinkExt, StreamExt};
use gpapi::{ use gpapi::service::event::WsEvent;
service::{event::WsEvent, request::UpdateGuiRequest},
utils::checksum::verify_checksum,
GP_GUI_BINARY,
};
use log::{info, warn}; use log::{info, warn};
use tar::Archive;
use tokio::fs;
use xz2::read::XzDecoder;
use crate::ws_server::WsServerContext; use crate::ws_server::WsServerContext;
@@ -43,68 +25,6 @@ pub(crate) async fn auth_data(State(ctx): State<Arc<WsServerContext>>, body: Str
ctx.send_event(WsEvent::AuthData(body)).await; ctx.send_event(WsEvent::AuthData(body)).await;
} }
pub async fn update_gui(State(ctx): State<Arc<WsServerContext>>, body: Bytes) -> Result<(), StatusCode> {
let payload = match ctx.decrypt::<UpdateGuiRequest>(body.to_vec()) {
Ok(payload) => payload,
Err(err) => {
warn!("Failed to decrypt update payload: {}", err);
return Err(StatusCode::BAD_REQUEST);
}
};
info!("Update GUI: {:?}", payload);
let UpdateGuiRequest { path, checksum } = payload;
info!("Verifying checksum");
verify_checksum(&path, &checksum).map_err(|err| {
warn!("Failed to verify checksum: {}", err);
StatusCode::BAD_REQUEST
})?;
info!("Installing GUI");
install_gui(&path).await.map_err(|err| {
warn!("Failed to install GUI: {}", err);
StatusCode::INTERNAL_SERVER_ERROR
})?;
Ok(())
}
// Unpack GPGUI archive, gpgui_2.0.0_{arch}.bin.tar.xz and install it
async fn install_gui(src: &str) -> anyhow::Result<()> {
let path = PathBuf::from(GP_GUI_BINARY);
let Some(dir) = path.parent() else {
bail!("Failed to get parent directory of GUI binary");
};
fs::create_dir_all(dir).await?;
// Unpack the archive
info!("Unpacking GUI archive");
let tar = XzDecoder::new(BufReader::new(File::open(src)?));
let mut ar = Archive::new(tar);
for entry in ar.entries()? {
let mut entry = entry?;
let path = entry.path()?;
if let Some(name) = path.file_name() {
let name = name.to_string_lossy();
if name == "gpgui" {
let mut file = File::create(GP_GUI_BINARY)?;
std::io::copy(&mut entry, &mut file)?;
break;
}
}
}
// Make the binary executable
fs::set_permissions(GP_GUI_BINARY, Permissions::from_mode(0o755)).await?;
Ok(())
}
pub(crate) async fn ws_handler(ws: WebSocketUpgrade, State(ctx): State<Arc<WsServerContext>>) -> impl IntoResponse { pub(crate) async fn ws_handler(ws: WebSocketUpgrade, State(ctx): State<Arc<WsServerContext>>) -> impl IntoResponse {
ws.on_upgrade(move |socket| handle_socket(socket, ctx)) ws.on_upgrade(move |socket| handle_socket(socket, ctx))
} }

1
apps/gpservice/src/routes.rs
View File

@@ -12,7 +12,6 @@ pub(crate) fn routes(ctx: Arc<WsServerContext>) -> Router {
.route("/health", get(handlers::health)) .route("/health", get(handlers::health))
.route("/active-gui", post(handlers::active_gui)) .route("/active-gui", post(handlers::active_gui))
.route("/auth-data", post(handlers::auth_data)) .route("/auth-data", post(handlers::auth_data))
.route("/update-gui", post(handlers::update_gui))
.route("/ws", get(handlers::ws_handler)) .route("/ws", get(handlers::ws_handler))
.with_state(ctx) .with_state(ctx)
} }

20
apps/gpservice/src/vpn_task.rs
View File

@@ -4,7 +4,7 @@ use gpapi::service::{
request::{ConnectRequest, WsRequest}, request::{ConnectRequest, WsRequest},
vpn_state::VpnState, vpn_state::VpnState,
}; };
use log::{info, warn}; use log::info;
use openconnect::Vpn; use openconnect::Vpn;
use tokio::sync::{mpsc, oneshot, watch, RwLock}; use tokio::sync::{mpsc, oneshot, watch, RwLock};
use tokio_util::sync::CancellationToken; use tokio_util::sync::CancellationToken;
@@ -31,29 +31,21 @@ impl VpnTaskContext {
return; return;
} }
let vpn_state_tx = self.vpn_state_tx.clone();
let info = req.info().clone(); let info = req.info().clone();
let vpn_handle = Arc::clone(&self.vpn_handle); let vpn_handle = Arc::clone(&self.vpn_handle);
let args = req.args(); let args = req.args();
let vpn = match Vpn::builder(req.gateway().server(), args.cookie()) let vpn = Vpn::builder(req.gateway().server(), args.cookie())
.script(args.vpnc_script())
.user_agent(args.user_agent()) .user_agent(args.user_agent())
.script(args.vpnc_script())
.csd_uid(args.csd_uid()) .csd_uid(args.csd_uid())
.csd_wrapper(args.csd_wrapper()) .csd_wrapper(args.csd_wrapper())
.mtu(args.mtu())
.os(args.openconnect_os()) .os(args.openconnect_os())
.build() .build();
{
Ok(vpn) => vpn,
Err(err) => {
warn!("Failed to create VPN: {}", err);
vpn_state_tx.send(VpnState::Disconnected).ok();
return;
}
};
// Save the VPN handle // Save the VPN handle
vpn_handle.write().await.replace(vpn); vpn_handle.write().await.replace(vpn);
let vpn_state_tx = self.vpn_state_tx.clone();
let connect_info = Box::new(info.clone()); let connect_info = Box::new(info.clone());
vpn_state_tx.send(VpnState::Connecting(connect_info)).ok(); vpn_state_tx.send(VpnState::Connecting(connect_info)).ok();

5
apps/gpservice/src/ws_server.rs
View File

@@ -6,7 +6,6 @@ use gpapi::{
utils::{crypto::Crypto, lock_file::LockFile, redact::Redaction}, utils::{crypto::Crypto, lock_file::LockFile, redact::Redaction},
}; };
use log::{info, warn}; use log::{info, warn};
use serde::de::DeserializeOwned;
use tokio::{ use tokio::{
net::TcpListener, net::TcpListener,
sync::{mpsc, watch, RwLock}, sync::{mpsc, watch, RwLock},
@@ -39,10 +38,6 @@ impl WsServerContext {
} }
} }
pub fn decrypt<T: DeserializeOwned>(&self, encrypted: Vec<u8>) -> anyhow::Result<T> {
self.crypto.decrypt(encrypted)
}
pub async fn send_event(&self, event: WsEvent) { pub async fn send_event(&self, event: WsEvent) {
let connections = self.connections.read().await; let connections = self.connections.read().await;

47
changelog.md
View File

@@ -1,47 +0,0 @@
# Changelog
## 2.2.1 - 2024-05-07
- GUI: Restore the default browser auth implementation (fix [#360](https://github.com/yuezk/GlobalProtect-openconnect/issues/360))
## 2.2.0 - 2024-04-30
- CLI: support authentication with external browser (fix [#298](https://github.com/yuezk/GlobalProtect-openconnect/issues/298))
- GUI: support using file-based storage when the system keyring is not available.
## 2.1.4 - 2024-04-10
- Support MFA authentication (fix [#343](https://github.com/yuezk/GlobalProtect-openconnect/issues/343))
- Improve the Gateway switcher UI
## 2.1.3 - 2024-04-07
- Support CAS authentication (fix [#339](https://github.com/yuezk/GlobalProtect-openconnect/issues/339))
- CLI: Add `--as-gateway` option to connect as gateway directly (fix [#318](https://github.com/yuezk/GlobalProtect-openconnect/issues/318))
- GUI: Support connect the gateway directly (fix [#318](https://github.com/yuezk/GlobalProtect-openconnect/issues/318))
- GUI: Add an option to use symbolic tray icon (fix [#341](https://github.com/yuezk/GlobalProtect-openconnect/issues/341))
## 2.1.2 - 2024-03-29
- Treat portal as gateway when the gateway login is failed (fix #338)
## 2.1.1 - 2024-03-25
- Add the `--hip` option to enable HIP report
- Fix not working in OpenSuse 15.5 (fix #336, #322)
- Treat portal as gateway when the gateway login is failed (fix #338)
- Improve the error message (fix #327)
## 2.1.0 - 2024-02-27
- Update distribution channel for `gpgui` to complaint with the GPL-3 license.
- Add `mtu` option.
- Retry auth if failed to obtain the auth cookie
## 2.0.0 - 2024-02-05
- Refactor using Tauri
- Support HIP report
- Support pass vpn-slice command
- Do not error when the region field is empty
- Update the auth window icon

11
crates/common/Cargo.toml
View File

@@ -1,11 +0,0 @@
[package]
name = "common"
rust-version.workspace = true
version.workspace = true
authors.workspace = true
homepage.workspace = true
edition.workspace = true
license.workspace = true
[dependencies]
is_executable.workspace = true

1
crates/common/src/lib.rs
View File

@@ -1 +0,0 @@
pub mod vpn_utils;

41
crates/common/src/vpn_utils.rs
View File

@@ -1,41 +0,0 @@
use is_executable::IsExecutable;
use std::path::Path;
pub use is_executable::is_executable;
const VPNC_SCRIPT_LOCATIONS: [&str; 6] = [
"/usr/local/share/vpnc-scripts/vpnc-script",
"/usr/local/sbin/vpnc-script",
"/usr/share/vpnc-scripts/vpnc-script",
"/usr/sbin/vpnc-script",
"/etc/vpnc/vpnc-script",
"/etc/openconnect/vpnc-script",
];
const CSD_WRAPPER_LOCATIONS: [&str; 3] = [
#[cfg(target_arch = "x86_64")]
"/usr/lib/x86_64-linux-gnu/openconnect/hipreport.sh",
#[cfg(target_arch = "aarch64")]
"/usr/lib/aarch64-linux-gnu/openconnect/hipreport.sh",
"/usr/lib/openconnect/hipreport.sh",
"/usr/libexec/openconnect/hipreport.sh",
];
fn find_executable(locations: &[&str]) -> Option<String> {
for location in locations.iter() {
let path = Path::new(location);
if path.is_executable() {
return Some(location.to_string());
}
}
None
}
pub fn find_vpnc_script() -> Option<String> {
find_executable(&VPNC_SCRIPT_LOCATIONS)
}
pub fn find_csd_wrapper() -> Option<String> {
find_executable(&CSD_WRAPPER_LOCATIONS)
}

1
crates/gpapi/Cargo.toml
View File

@@ -27,7 +27,6 @@ dotenvy_macro.workspace = true
uzers.workspace = true uzers.workspace = true
serde_urlencoded.workspace = true serde_urlencoded.workspace = true
md5.workspace = true md5.workspace = true
sha256.workspace = true
tauri = { workspace = true, optional = true } tauri = { workspace = true, optional = true }
clap = { workspace = true, optional = true } clap = { workspace = true, optional = true }

90
crates/gpapi/src/auth.rs
View File

@@ -1,17 +1,13 @@
use log::{info, warn}; use anyhow::bail;
use regex::Regex; use regex::Regex;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use crate::{error::AuthDataParseError, utils::base64::decode_to_string};
#[derive(Debug, Serialize, Deserialize)] #[derive(Debug, Serialize, Deserialize)]
#[serde(rename_all = "camelCase")] #[serde(rename_all = "camelCase")]
pub struct SamlAuthData { pub struct SamlAuthData {
#[serde(alias = "un")]
username: String, username: String,
prelogin_cookie: Option<String>, prelogin_cookie: Option<String>,
portal_userauthcookie: Option<String>, portal_userauthcookie: Option<String>,
token: Option<String>,
} }
#[derive(Debug, Serialize, Deserialize)] #[derive(Debug, Serialize, Deserialize)]
@@ -36,11 +32,10 @@ impl SamlAuthData {
username, username,
prelogin_cookie, prelogin_cookie,
portal_userauthcookie, portal_userauthcookie,
token: None,
} }
} }
pub fn from_html(html: &str) -> anyhow::Result<SamlAuthData, AuthDataParseError> { pub fn parse_html(html: &str) -> anyhow::Result<SamlAuthData> {
match parse_xml_tag(html, "saml-auth-status") { match parse_xml_tag(html, "saml-auth-status") {
Some(saml_status) if saml_status == "1" => { Some(saml_status) if saml_status == "1" => {
let username = parse_xml_tag(html, "saml-username"); let username = parse_xml_tag(html, "saml-username");
@@ -48,42 +43,21 @@ impl SamlAuthData {
let portal_userauthcookie = parse_xml_tag(html, "portal-userauthcookie"); let portal_userauthcookie = parse_xml_tag(html, "portal-userauthcookie");
if SamlAuthData::check(&username, &prelogin_cookie, &portal_userauthcookie) { if SamlAuthData::check(&username, &prelogin_cookie, &portal_userauthcookie) {
Ok(SamlAuthData::new( return Ok(SamlAuthData::new(
username.unwrap(), username.unwrap(),
prelogin_cookie, prelogin_cookie,
portal_userauthcookie, portal_userauthcookie,
)) ));
} else {
Err(AuthDataParseError::Invalid)
}
}
Some(_) => Err(AuthDataParseError::Invalid),
None => Err(AuthDataParseError::NotFound),
}
} }
pub fn from_gpcallback(data: &str) -> anyhow::Result<SamlAuthData, AuthDataParseError> { bail!("Found invalid auth data in HTML");
let auth_data = data.trim_start_matches("globalprotectcallback:"); }
Some(status) => {
if auth_data.starts_with("cas-as") { bail!("Found invalid SAML status {} in HTML", status);
info!("Got CAS auth data from globalprotectcallback"); }
None => {
let auth_data: SamlAuthData = serde_urlencoded::from_str(auth_data).map_err(|e| { bail!("No auth data found in HTML");
warn!("Failed to parse token auth data: {}", e); }
AuthDataParseError::Invalid
})?;
Ok(auth_data)
} else {
info!("Parsing SAML auth data...");
let auth_data = decode_to_string(auth_data).map_err(|e| {
warn!("Failed to decode SAML auth data: {}", e);
AuthDataParseError::Invalid
})?;
let auth_data = Self::from_html(&auth_data)?;
Ok(auth_data)
} }
} }
@@ -95,10 +69,6 @@ impl SamlAuthData {
self.prelogin_cookie.as_deref() self.prelogin_cookie.as_deref()
} }
pub fn token(&self) -> Option<&str> {
self.token.as_deref()
}
pub fn check( pub fn check(
username: &Option<String>, username: &Option<String>,
prelogin_cookie: &Option<String>, prelogin_cookie: &Option<String>,
@@ -108,16 +78,7 @@ impl SamlAuthData {
let prelogin_cookie_valid = prelogin_cookie.as_ref().is_some_and(|val| val.len() > 5); let prelogin_cookie_valid = prelogin_cookie.as_ref().is_some_and(|val| val.len() > 5);
let portal_userauthcookie_valid = portal_userauthcookie.as_ref().is_some_and(|val| val.len() > 5); let portal_userauthcookie_valid = portal_userauthcookie.as_ref().is_some_and(|val| val.len() > 5);
let is_valid = username_valid && (prelogin_cookie_valid || portal_userauthcookie_valid); username_valid && (prelogin_cookie_valid || portal_userauthcookie_valid)
if !is_valid {
warn!(
"Invalid SAML auth data: username: {:?}, prelogin-cookie: {:?}, portal-userauthcookie: {:?}",
username, prelogin_cookie, portal_userauthcookie
);
}
is_valid
} }
} }
@@ -127,28 +88,3 @@ pub fn parse_xml_tag(html: &str, tag: &str) -> Option<String> {
.and_then(|captures| captures.get(1)) .and_then(|captures| captures.get(1))
.map(|m| m.as_str().to_string()) .map(|m| m.as_str().to_string())
} }
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn auth_data_from_gpcallback_cas() {
let auth_data = "globalprotectcallback:cas-as=1&un=xyz@email.com&token=very_long_string";
let auth_data = SamlAuthData::from_gpcallback(auth_data).unwrap();
assert_eq!(auth_data.username(), "xyz@email.com");
assert_eq!(auth_data.token(), Some("very_long_string"));
}
#[test]
fn auth_data_from_gpcallback_non_cas() {
let auth_data = "PGh0bWw+PCEtLSA8c2FtbC1hdXRoLXN0YXR1cz4xPC9zYW1sLWF1dGgtc3RhdHVzPjxwcmVsb2dpbi1jb29raWU+cHJlbG9naW4tY29va2llPC9wcmVsb2dpbi1jb29raWU+PHNhbWwtdXNlcm5hbWU+eHl6QGVtYWlsLmNvbTwvc2FtbC11c2VybmFtZT48c2FtbC1zbG8+bm88L3NhbWwtc2xvPjxzYW1sLVNlc3Npb25Ob3RPbk9yQWZ0ZXI+PC9zYW1sLVNlc3Npb25Ob3RPbk9yQWZ0ZXI+IC0tPjwvaHRtbD4=";
let auth_data = SamlAuthData::from_gpcallback(auth_data).unwrap();
assert_eq!(auth_data.username(), "xyz@email.com");
assert_eq!(auth_data.prelogin_cookie(), Some("prelogin-cookie"));
}
}

84
crates/gpapi/src/credential.rs
View File

@@ -3,7 +3,7 @@ use std::collections::HashMap;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use specta::Type; use specta::Type;
use crate::auth::SamlAuthData; use crate::{auth::SamlAuthData, utils::base64::decode_to_string};
#[derive(Debug, Serialize, Deserialize, Type, Clone)] #[derive(Debug, Serialize, Deserialize, Type, Clone)]
#[serde(rename_all = "camelCase")] #[serde(rename_all = "camelCase")]
@@ -37,18 +37,16 @@ impl From<&CachedCredential> for PasswordCredential {
#[derive(Debug, Serialize, Deserialize, Type, Clone)] #[derive(Debug, Serialize, Deserialize, Type, Clone)]
#[serde(rename_all = "camelCase")] #[serde(rename_all = "camelCase")]
pub struct PreloginCredential { pub struct PreloginCookieCredential {
username: String, username: String,
prelogin_cookie: Option<String>, prelogin_cookie: String,
token: Option<String>,
} }
impl PreloginCredential { impl PreloginCookieCredential {
pub fn new(username: &str, prelogin_cookie: Option<&str>, token: Option<&str>) -> Self { pub fn new(username: &str, prelogin_cookie: &str) -> Self {
Self { Self {
username: username.to_string(), username: username.to_string(),
prelogin_cookie: prelogin_cookie.map(|s| s.to_string()), prelogin_cookie: prelogin_cookie.to_string(),
token: token.map(|s| s.to_string()),
} }
} }
@@ -56,22 +54,22 @@ impl PreloginCredential {
&self.username &self.username
} }
pub fn prelogin_cookie(&self) -> Option<&str> { pub fn prelogin_cookie(&self) -> &str {
self.prelogin_cookie.as_deref() &self.prelogin_cookie
}
pub fn token(&self) -> Option<&str> {
self.token.as_deref()
} }
} }
impl From<SamlAuthData> for PreloginCredential { impl TryFrom<SamlAuthData> for PreloginCookieCredential {
fn from(value: SamlAuthData) -> Self { type Error = anyhow::Error;
fn try_from(value: SamlAuthData) -> Result<Self, Self::Error> {
let username = value.username().to_string(); let username = value.username().to_string();
let prelogin_cookie = value.prelogin_cookie(); let prelogin_cookie = value
let token = value.token(); .prelogin_cookie()
.ok_or_else(|| anyhow::anyhow!("Missing prelogin cookie"))?
.to_string();
Self::new(&username, prelogin_cookie, token) Ok(Self::new(&username, &prelogin_cookie))
} }
} }
@@ -156,30 +154,34 @@ impl From<PasswordCredential> for CachedCredential {
) )
} }
} }
#[derive(Debug, Serialize, Deserialize, Type, Clone)] #[derive(Debug, Serialize, Deserialize, Type, Clone)]
#[serde(tag = "type", rename_all = "camelCase")] #[serde(tag = "type", rename_all = "camelCase")]
pub enum Credential { pub enum Credential {
Password(PasswordCredential), Password(PasswordCredential),
Prelogin(PreloginCredential), PreloginCookie(PreloginCookieCredential),
AuthCookie(AuthCookieCredential), AuthCookie(AuthCookieCredential),
Cached(CachedCredential), CachedCredential(CachedCredential),
} }
impl Credential { impl Credential {
/// Create a credential from a globalprotectcallback:<base64 encoded string>, /// Create a credential from a globalprotectcallback:<base64 encoded string>
/// or globalprotectcallback:cas-as=1&un=user@xyz.com&token=very_long_string pub fn parse_gpcallback(auth_data: &str) -> anyhow::Result<Self> {
pub fn from_gpcallback(auth_data: &str) -> anyhow::Result<Self> { // Remove the surrounding quotes
let auth_data = SamlAuthData::from_gpcallback(auth_data)?; let auth_data = auth_data.trim_matches('"');
let auth_data = auth_data.trim_start_matches("globalprotectcallback:");
let auth_data = decode_to_string(auth_data)?;
let auth_data = SamlAuthData::parse_html(&auth_data)?;
Ok(Self::from(auth_data)) Self::try_from(auth_data)
} }
pub fn username(&self) -> &str { pub fn username(&self) -> &str {
match self { match self {
Credential::Password(cred) => cred.username(), Credential::Password(cred) => cred.username(),
Credential::Prelogin(cred) => cred.username(), Credential::PreloginCookie(cred) => cred.username(),
Credential::AuthCookie(cred) => cred.username(), Credential::AuthCookie(cred) => cred.username(),
Credential::Cached(cred) => cred.username(), Credential::CachedCredential(cred) => cred.username(),
} }
} }
@@ -187,22 +189,20 @@ impl Credential {
let mut params = HashMap::new(); let mut params = HashMap::new();
params.insert("user", self.username()); params.insert("user", self.username());
let (passwd, prelogin_cookie, portal_userauthcookie, portal_prelogonuserauthcookie, token) = match self { let (passwd, prelogin_cookie, portal_userauthcookie, portal_prelogonuserauthcookie) = match self {
Credential::Password(cred) => (Some(cred.password()), None, None, None, None), Credential::Password(cred) => (Some(cred.password()), None, None, None),
Credential::Prelogin(cred) => (None, cred.prelogin_cookie(), None, None, cred.token()), Credential::PreloginCookie(cred) => (None, Some(cred.prelogin_cookie()), None, None),
Credential::AuthCookie(cred) => ( Credential::AuthCookie(cred) => (
None, None,
None, None,
Some(cred.user_auth_cookie()), Some(cred.user_auth_cookie()),
Some(cred.prelogon_user_auth_cookie()), Some(cred.prelogon_user_auth_cookie()),
None,
), ),
Credential::Cached(cred) => ( Credential::CachedCredential(cred) => (
cred.password(), cred.password(),
None, None,
Some(cred.auth_cookie.user_auth_cookie()), Some(cred.auth_cookie.user_auth_cookie()),
Some(cred.auth_cookie.prelogon_user_auth_cookie()), Some(cred.auth_cookie.prelogon_user_auth_cookie()),
None,
), ),
}; };
@@ -214,19 +214,17 @@ impl Credential {
portal_prelogonuserauthcookie.unwrap_or_default(), portal_prelogonuserauthcookie.unwrap_or_default(),
); );
if let Some(token) = token {
params.insert("token", token);
}
params params
} }
} }
impl From<SamlAuthData> for Credential { impl TryFrom<SamlAuthData> for Credential {
fn from(value: SamlAuthData) -> Self { type Error = anyhow::Error;
let cred = PreloginCredential::from(value);
Self::Prelogin(cred) fn try_from(value: SamlAuthData) -> Result<Self, Self::Error> {
let prelogin_cookie = PreloginCookieCredential::try_from(value)?;
Ok(Self::PreloginCookie(prelogin_cookie))
} }
} }
@@ -244,6 +242,6 @@ impl From<&AuthCookieCredential> for Credential {
impl From<&CachedCredential> for Credential { impl From<&CachedCredential> for Credential {
fn from(value: &CachedCredential) -> Self { fn from(value: &CachedCredential) -> Self {
Self::Cached(value.clone()) Self::CachedCredential(value.clone())
} }
} }

19
crates/gpapi/src/error.rs
View File

@@ -1,19 +0,0 @@
use thiserror::Error;
#[derive(Error, Debug)]
pub enum PortalError {
#[error("Prelogin error: {0}")]
PreloginError(String),
#[error("Portal config error: {0}")]
ConfigError(String),
#[error("Network error: {0}")]
NetworkError(String),
}
#[derive(Error, Debug)]
pub enum AuthDataParseError {
#[error("No auth data found")]
NotFound,
#[error("Invalid auth data")]
Invalid,
}

71
crates/gpapi/src/gateway/login.rs
View File

@@ -1,22 +1,16 @@
use anyhow::bail; use anyhow::bail;
use log::{info, warn}; use log::info;
use reqwest::Client; use reqwest::Client;
use roxmltree::Document; use roxmltree::Document;
use urlencoding::encode; use urlencoding::encode;
use crate::{ use crate::{
credential::Credential, credential::Credential,
error::PortalError,
gp_params::GpParams, gp_params::GpParams,
utils::{normalize_server, parse_gp_response, remove_url_scheme}, utils::{normalize_server, remove_url_scheme},
}; };
pub enum GatewayLogin { pub async fn gateway_login(gateway: &str, cred: &Credential, gp_params: &GpParams) -> anyhow::Result<String> {
Cookie(String),
Mfa(String, String),
}
pub async fn gateway_login(gateway: &str, cred: &Credential, gp_params: &GpParams) -> anyhow::Result<GatewayLogin> {
let url = normalize_server(gateway)?; let url = normalize_server(gateway)?;
let gateway = remove_url_scheme(&url); let gateway = remove_url_scheme(&url);
@@ -34,32 +28,17 @@ pub async fn gateway_login(gateway: &str, cred: &Credential, gp_params: &GpParam
info!("Gateway login, user_agent: {}", gp_params.user_agent()); info!("Gateway login, user_agent: {}", gp_params.user_agent());
let res = client let res = client.post(&login_url).form(&params).send().await?;
.post(&login_url) let status = res.status();
.form(&params)
.send()
.await
.map_err(|e| anyhow::anyhow!(PortalError::NetworkError(e.to_string())))?;
let res = parse_gp_response(res).await.map_err(|err| { if status.is_client_error() || status.is_server_error() {
warn!("{err}"); bail!("Gateway login error: {}", status)
anyhow::anyhow!("Gateway login error: {}", err.reason)
})?;
// MFA detected
if res.contains("Challenge") {
let Some((message, input_str)) = parse_mfa(&res) else {
bail!("Failed to parse MFA challenge: {res}");
};
return Ok(GatewayLogin::Mfa(message, input_str));
} }
let doc = Document::parse(&res)?; let res_xml = res.text().await?;
let doc = Document::parse(&res_xml)?;
let cookie = build_gateway_token(&doc, gp_params.computer())?; build_gateway_token(&doc, gp_params.computer())
Ok(GatewayLogin::Cookie(cookie))
} }
fn build_gateway_token(doc: &Document, computer: &str) -> anyhow::Result<String> { fn build_gateway_token(doc: &Document, computer: &str) -> anyhow::Result<String> {
@@ -93,33 +72,3 @@ fn read_args<'a>(args: &'a [String], index: usize, key: &'a str) -> anyhow::Resu
.ok_or_else(|| anyhow::anyhow!("Failed to read {key} from args")) .ok_or_else(|| anyhow::anyhow!("Failed to read {key} from args"))
.map(|s| (key, s.as_ref())) .map(|s| (key, s.as_ref()))
} }
fn parse_mfa(res: &str) -> Option<(String, String)> {
let message = res
.lines()
.find(|l| l.contains("respMsg"))
.and_then(|l| l.split('"').nth(1).map(|s| s.to_string()))?;
let input_str = res
.lines()
.find(|l| l.contains("inputStr"))
.and_then(|l| l.split('"').nth(1).map(|s| s.to_string()))?;
Some((message, input_str))
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn mfa() {
let res = r#"var respStatus = "Challenge";
var respMsg = "MFA message";
thisForm.inputStr.value = "5ef64e83000119ed";"#;
let (message, input_str) = parse_mfa(res).unwrap();
assert_eq!(message, "MFA message");
assert_eq!(input_str, "5ef64e83000119ed");
}
}

39
crates/gpapi/src/gp_params.rs
View File

@@ -42,7 +42,7 @@ impl ClientOs {
} }
} }
#[derive(Debug, Serialize, Deserialize, Type, Default, Clone)] #[derive(Debug, Serialize, Deserialize, Type, Default)]
pub struct GpParams { pub struct GpParams {
is_gateway: bool, is_gateway: bool,
user_agent: String, user_agent: String,
@@ -51,9 +51,7 @@ pub struct GpParams {
client_version: Option<String>, client_version: Option<String>,
computer: String, computer: String,
ignore_tls_errors: bool, ignore_tls_errors: bool,
// Used for MFA prefer_default_browser: bool,
input_str: Option<String>,
otp: Option<String>,
} }
impl GpParams { impl GpParams {
@@ -81,6 +79,10 @@ impl GpParams {
self.ignore_tls_errors self.ignore_tls_errors
} }
pub fn prefer_default_browser(&self) -> bool {
self.prefer_default_browser
}
pub fn client_os(&self) -> &str { pub fn client_os(&self) -> &str {
self.client_os.as_str() self.client_os.as_str()
} }
@@ -93,14 +95,6 @@ impl GpParams {
self.client_version.as_deref() self.client_version.as_deref()
} }
pub fn set_input_str(&mut self, input_str: &str) {
self.input_str = Some(input_str.to_string());
}
pub fn set_otp(&mut self, otp: &str) {
self.otp = Some(otp.to_string());
}
pub(crate) fn to_params(&self) -> HashMap<&str, &str> { pub(crate) fn to_params(&self) -> HashMap<&str, &str> {
let mut params: HashMap<&str, &str> = HashMap::new(); let mut params: HashMap<&str, &str> = HashMap::new();
let client_os = self.client_os.as_str(); let client_os = self.client_os.as_str();
@@ -111,16 +105,11 @@ impl GpParams {
params.insert("ok", "Login"); params.insert("ok", "Login");
params.insert("direct", "yes"); params.insert("direct", "yes");
params.insert("ipv6-support", "yes"); params.insert("ipv6-support", "yes");
params.insert("inputStr", "");
params.insert("clientVer", "4100"); params.insert("clientVer", "4100");
params.insert("clientos", client_os); params.insert("clientos", client_os);
params.insert("computer", &self.computer); params.insert("computer", &self.computer);
// MFA
params.insert("inputStr", self.input_str.as_deref().unwrap_or_default());
if let Some(otp) = &self.otp {
params.insert("passwd", otp);
}
if let Some(os_version) = &self.os_version { if let Some(os_version) = &self.os_version {
params.insert("os-version", os_version); params.insert("os-version", os_version);
} }
@@ -142,20 +131,20 @@ pub struct GpParamsBuilder {
client_version: Option<String>, client_version: Option<String>,
computer: String, computer: String,
ignore_tls_errors: bool, ignore_tls_errors: bool,
prefer_default_browser: bool,
} }
impl GpParamsBuilder { impl GpParamsBuilder {
pub fn new() -> Self { pub fn new() -> Self {
let computer = whoami::fallible::hostname().unwrap_or_else(|_| String::from("localhost"));
Self { Self {
is_gateway: false, is_gateway: false,
user_agent: GP_USER_AGENT.to_string(), user_agent: GP_USER_AGENT.to_string(),
client_os: ClientOs::Linux, client_os: ClientOs::Linux,
os_version: Default::default(), os_version: Default::default(),
client_version: Default::default(), client_version: Default::default(),
computer, computer: whoami::hostname(),
ignore_tls_errors: false, ignore_tls_errors: false,
prefer_default_browser: false,
} }
} }
@@ -194,6 +183,11 @@ impl GpParamsBuilder {
self self
} }
pub fn prefer_default_browser(&mut self, prefer_default_browser: bool) -> &mut Self {
self.prefer_default_browser = prefer_default_browser;
self
}
pub fn build(&self) -> GpParams { pub fn build(&self) -> GpParams {
GpParams { GpParams {
is_gateway: self.is_gateway, is_gateway: self.is_gateway,
@@ -203,8 +197,7 @@ impl GpParamsBuilder {
client_version: self.client_version.clone(), client_version: self.client_version.clone(),
computer: self.computer.clone(), computer: self.computer.clone(),
ignore_tls_errors: self.ignore_tls_errors, ignore_tls_errors: self.ignore_tls_errors,
input_str: Default::default(), prefer_default_browser: self.prefer_default_browser,
otp: Default::default(),
} }
} }
} }

5
crates/gpapi/src/lib.rs
View File

@@ -1,6 +1,5 @@
pub mod auth; pub mod auth;
pub mod credential; pub mod credential;
pub mod error;
pub mod gateway; pub mod gateway;
pub mod gp_params; pub mod gp_params;
pub mod portal; pub mod portal;
@@ -24,8 +23,6 @@ pub const GP_SERVICE_BINARY: &str = "/usr/bin/gpservice";
#[cfg(not(debug_assertions))] #[cfg(not(debug_assertions))]
pub const GP_GUI_BINARY: &str = "/usr/bin/gpgui"; pub const GP_GUI_BINARY: &str = "/usr/bin/gpgui";
#[cfg(not(debug_assertions))] #[cfg(not(debug_assertions))]
pub const GP_GUI_HELPER_BINARY: &str = "/usr/bin/gpgui-helper";
#[cfg(not(debug_assertions))]
pub(crate) const GP_AUTH_BINARY: &str = "/usr/bin/gpauth"; pub(crate) const GP_AUTH_BINARY: &str = "/usr/bin/gpauth";
#[cfg(debug_assertions)] #[cfg(debug_assertions)]
@@ -35,6 +32,4 @@ pub const GP_SERVICE_BINARY: &str = dotenvy_macro::dotenv!("GP_SERVICE_BINARY");
#[cfg(debug_assertions)] #[cfg(debug_assertions)]
pub const GP_GUI_BINARY: &str = dotenvy_macro::dotenv!("GP_GUI_BINARY"); pub const GP_GUI_BINARY: &str = dotenvy_macro::dotenv!("GP_GUI_BINARY");
#[cfg(debug_assertions)] #[cfg(debug_assertions)]
pub const GP_GUI_HELPER_BINARY: &str = dotenvy_macro::dotenv!("GP_GUI_HELPER_BINARY");
#[cfg(debug_assertions)]
pub(crate) const GP_AUTH_BINARY: &str = dotenvy_macro::dotenv!("GP_AUTH_BINARY"); pub(crate) const GP_AUTH_BINARY: &str = dotenvy_macro::dotenv!("GP_AUTH_BINARY");

27
crates/gpapi/src/portal/config.rs
View File

@@ -1,5 +1,5 @@
use anyhow::bail; use anyhow::bail;
use log::{info, warn}; use log::info;
use reqwest::{Client, StatusCode}; use reqwest::{Client, StatusCode};
use roxmltree::Document; use roxmltree::Document;
use serde::Serialize; use serde::Serialize;
@@ -7,10 +7,10 @@ use specta::Type;
use crate::{ use crate::{
credential::{AuthCookieCredential, Credential}, credential::{AuthCookieCredential, Credential},
error::PortalError,
gateway::{parse_gateways, Gateway}, gateway::{parse_gateways, Gateway},
gp_params::GpParams, gp_params::GpParams,
utils::{normalize_server, parse_gp_response, remove_url_scheme, xml}, portal::PortalError,
utils::{normalize_server, remove_url_scheme, xml},
}; };
#[derive(Debug, Serialize, Type)] #[derive(Debug, Serialize, Type)]
@@ -102,25 +102,18 @@ pub async fn retrieve_config(portal: &str, cred: &Credential, gp_params: &GpPara
info!("Portal config, user_agent: {}", gp_params.user_agent()); info!("Portal config, user_agent: {}", gp_params.user_agent());
let res = client let res = client.post(&url).form(&params).send().await?;
.post(&url) let status = res.status();
.form(&params)
.send()
.await
.map_err(|e| anyhow::anyhow!(PortalError::NetworkError(e.to_string())))?;
let res_xml = parse_gp_response(res).await.or_else(|err| { if status == StatusCode::NOT_FOUND {
if err.status == StatusCode::NOT_FOUND { bail!(PortalError::ConfigError("Config endpoint not found".to_string()))
bail!(PortalError::ConfigError("Config endpoint not found".to_string()));
} }
if err.is_status_error() { if status.is_client_error() || status.is_server_error() {
warn!("{err}"); bail!("Portal config error: {}", status)
bail!("Portal config error: {}", err.reason);
} }
Err(anyhow::anyhow!(PortalError::ConfigError(err.reason))) let res_xml = res.text().await.map_err(|e| PortalError::ConfigError(e.to_string()))?;
})?;
if res_xml.is_empty() { if res_xml.is_empty() {
bail!(PortalError::ConfigError("Empty portal config response".to_string())) bail!(PortalError::ConfigError("Empty portal config response".to_string()))

10
crates/gpapi/src/portal/mod.rs
View File

@@ -3,3 +3,13 @@ mod prelogin;
pub use config::*; pub use config::*;
pub use prelogin::*; pub use prelogin::*;
use thiserror::Error;
#[derive(Error, Debug)]
pub enum PortalError {
#[error("Portal prelogin error: {0}")]
PreloginError(String),
#[error("Portal config error: {0}")]
ConfigError(String),
}

56
crates/gpapi/src/portal/prelogin.rs
View File

@@ -1,14 +1,14 @@
use anyhow::{anyhow, bail}; use anyhow::bail;
use log::{info, warn}; use log::info;
use reqwest::{Client, StatusCode}; use reqwest::{Client, StatusCode};
use roxmltree::Document; use roxmltree::Document;
use serde::Serialize; use serde::Serialize;
use specta::Type; use specta::Type;
use crate::{ use crate::{
error::PortalError,
gp_params::GpParams, gp_params::GpParams,
utils::{base64, normalize_server, parse_gp_response, xml}, portal::PortalError,
utils::{base64, normalize_server, xml},
}; };
const REQUIRED_PARAMS: [&str; 8] = [ const REQUIRED_PARAMS: [&str; 8] = [
@@ -98,19 +98,18 @@ impl Prelogin {
pub async fn prelogin(portal: &str, gp_params: &GpParams) -> anyhow::Result<Prelogin> { pub async fn prelogin(portal: &str, gp_params: &GpParams) -> anyhow::Result<Prelogin> {
let user_agent = gp_params.user_agent(); let user_agent = gp_params.user_agent();
let is_gateway = gp_params.is_gateway(); info!("Prelogin with user_agent: {}", user_agent);
let prelogin_type = if is_gateway { "Gateway" } else { "Portal" };
info!("{} prelogin with user_agent: {}", prelogin_type, user_agent);
let portal = normalize_server(portal)?; let portal = normalize_server(portal)?;
let is_gateway = gp_params.is_gateway();
let path = if is_gateway { "ssl-vpn" } else { "global-protect" }; let path = if is_gateway { "ssl-vpn" } else { "global-protect" };
let prelogin_url = format!("{portal}/{}/prelogin.esp", path); let prelogin_url = format!("{portal}/{}/prelogin.esp", path);
let mut params = gp_params.to_params(); let mut params = gp_params.to_params();
params.insert("tmp", "tmp"); params.insert("tmp", "tmp");
if gp_params.prefer_default_browser() {
params.insert("default-browser", "1"); params.insert("default-browser", "1");
params.insert("cas-support", "yes"); }
params.retain(|k, _| REQUIRED_PARAMS.iter().any(|required_param| required_param == k)); params.retain(|k, _| REQUIRED_PARAMS.iter().any(|required_param| required_param == k));
@@ -119,43 +118,36 @@ pub async fn prelogin(portal: &str, gp_params: &GpParams) -> anyhow::Result<Prel
.user_agent(user_agent) .user_agent(user_agent)
.build()?; .build()?;
let res = client let res = client.post(&prelogin_url).form(&params).send().await?;
.post(&prelogin_url) let status = res.status();
.form(&params)
.send()
.await
.map_err(|e| anyhow::anyhow!(PortalError::NetworkError(e.to_string())))?;
let res_xml = parse_gp_response(res).await.or_else(|err| { if status == StatusCode::NOT_FOUND {
if err.status == StatusCode::NOT_FOUND {
bail!(PortalError::PreloginError("Prelogin endpoint not found".to_string())) bail!(PortalError::PreloginError("Prelogin endpoint not found".to_string()))
} }
if err.is_status_error() { if status.is_client_error() || status.is_server_error() {
warn!("{err}"); bail!("Prelogin error: {}", status)
bail!("Prelogin error: {}", err.reason)
} }
Err(anyhow!(PortalError::PreloginError(err.reason))) let res_xml = res
})?; .text()
.await
.map_err(|e| PortalError::PreloginError(e.to_string()))?;
let prelogin = parse_res_xml(&res_xml, is_gateway).map_err(|err| { let prelogin = parse_res_xml(res_xml, is_gateway).map_err(|e| PortalError::PreloginError(e.to_string()))?;
warn!("Parse response error, response: {}", res_xml);
PortalError::PreloginError(err.to_string())
})?;
Ok(prelogin) Ok(prelogin)
} }
fn parse_res_xml(res_xml: &str, is_gateway: bool) -> anyhow::Result<Prelogin> { fn parse_res_xml(res_xml: String, is_gateway: bool) -> anyhow::Result<Prelogin> {
let doc = Document::parse(res_xml)?; let doc = Document::parse(&res_xml)?;
let status = xml::get_child_text(&doc, "status") let status = xml::get_child_text(&doc, "status")
.ok_or_else(|| anyhow::anyhow!("Prelogin response does not contain status element"))?; .ok_or_else(|| anyhow::anyhow!("Prelogin response does not contain status element"))?;
// Check the status of the prelogin response // Check the status of the prelogin response
if status.to_uppercase() != "SUCCESS" { if status.to_uppercase() != "SUCCESS" {
let msg = xml::get_child_text(&doc, "msg").unwrap_or(String::from("Unknown error")); let msg = xml::get_child_text(&doc, "msg").unwrap_or(String::from("Unknown error"));
bail!("{}", msg) bail!("Prelogin failed: {}", msg)
} }
let region = xml::get_child_text(&doc, "region").unwrap_or_else(|| { let region = xml::get_child_text(&doc, "region").unwrap_or_else(|| {
@@ -195,8 +187,8 @@ fn parse_res_xml(res_xml: &str, is_gateway: bool) -> anyhow::Result<Prelogin> {
label_password: label_password.unwrap(), label_password: label_password.unwrap(),
}; };
Ok(Prelogin::Standard(standard_prelogin)) return Ok(Prelogin::Standard(standard_prelogin));
} else {
Err(anyhow!("Invalid prelogin response"))
} }
bail!("Invalid prelogin response");
} }

19
crates/gpapi/src/process/auth_launcher.rs
View File

@@ -18,7 +18,6 @@ pub struct SamlAuthLauncher<'a> {
fix_openssl: bool, fix_openssl: bool,
ignore_tls_errors: bool, ignore_tls_errors: bool,
clean: bool, clean: bool,
default_browser: bool,
} }
impl<'a> SamlAuthLauncher<'a> { impl<'a> SamlAuthLauncher<'a> {
@@ -34,7 +33,6 @@ impl<'a> SamlAuthLauncher<'a> {
fix_openssl: false, fix_openssl: false,
ignore_tls_errors: false, ignore_tls_errors: false,
clean: false, clean: false,
default_browser: false,
} }
} }
@@ -83,13 +81,8 @@ impl<'a> SamlAuthLauncher<'a> {
self self
} }
pub fn default_browser(mut self, default_browser: bool) -> Self {
self.default_browser = default_browser;
self
}
/// Launch the authenticator binary as the current user or SUDO_USER if available. /// Launch the authenticator binary as the current user or SUDO_USER if available.
pub async fn launch(self) -> anyhow::Result<Option<Credential>> { pub async fn launch(self) -> anyhow::Result<Credential> {
let mut auth_cmd = Command::new(GP_AUTH_BINARY); let mut auth_cmd = Command::new(GP_AUTH_BINARY);
auth_cmd.arg(self.server); auth_cmd.arg(self.server);
@@ -129,10 +122,6 @@ impl<'a> SamlAuthLauncher<'a> {
auth_cmd.arg("--clean"); auth_cmd.arg("--clean");
} }
if self.default_browser {
auth_cmd.arg("--default-browser");
}
let mut non_root_cmd = auth_cmd.into_non_root()?; let mut non_root_cmd = auth_cmd.into_non_root()?;
let output = non_root_cmd let output = non_root_cmd
.kill_on_drop(true) .kill_on_drop(true)
@@ -141,16 +130,12 @@ impl<'a> SamlAuthLauncher<'a> {
.wait_with_output() .wait_with_output()
.await?; .await?;
if self.default_browser {
return Ok(None);
}
let Ok(auth_result) = serde_json::from_slice::<SamlAuthResult>(&output.stdout) else { let Ok(auth_result) = serde_json::from_slice::<SamlAuthResult>(&output.stdout) else {
bail!("Failed to parse auth data") bail!("Failed to parse auth data")
}; };
match auth_result { match auth_result {
SamlAuthResult::Success(auth_data) => Ok(Some(Credential::from(auth_data))), SamlAuthResult::Success(auth_data) => Credential::try_from(auth_data),
SamlAuthResult::Failure(msg) => bail!(msg), SamlAuthResult::Failure(msg) => bail!(msg),
} }
} }

6
crates/gpapi/src/process/command_traits.rs
View File

@@ -12,7 +12,11 @@ pub trait CommandExt {
impl CommandExt for Command { impl CommandExt for Command {
fn new_pkexec<S: AsRef<OsStr>>(program: S) -> Command { fn new_pkexec<S: AsRef<OsStr>>(program: S) -> Command {
let mut cmd = Command::new("pkexec"); let mut cmd = Command::new("pkexec");
cmd.arg("--user").arg("root").arg(program); cmd
.arg("--disable-internal-agent")
.arg("--user")
.arg("root")
.arg(program);
cmd cmd
} }

68
crates/gpapi/src/process/gui_helper_launcher.rs
View File

@@ -1,68 +0,0 @@
use std::{collections::HashMap, path::PathBuf, process::Stdio};
use anyhow::bail;
use log::info;
use tokio::{io::AsyncWriteExt, process::Command};
use crate::{process::command_traits::CommandExt, utils, GP_GUI_HELPER_BINARY};
pub struct GuiHelperLauncher<'a> {
program: PathBuf,
envs: Option<&'a HashMap<String, String>>,
api_key: &'a [u8],
gui_version: Option<&'a str>,
}
impl<'a> GuiHelperLauncher<'a> {
pub fn new(api_key: &'a [u8]) -> Self {
Self {
program: GP_GUI_HELPER_BINARY.into(),
envs: None,
api_key,
gui_version: None,
}
}
pub fn envs(mut self, envs: Option<&'a HashMap<String, String>>) -> Self {
self.envs = envs;
self
}
pub fn gui_version(mut self, version: Option<&'a str>) -> Self {
self.gui_version = version;
self
}
pub async fn launch(&self) -> anyhow::Result<()> {
let mut cmd = Command::new(&self.program);
if let Some(envs) = self.envs {
cmd.env_clear();
cmd.envs(envs);
}
cmd.arg("--api-key-on-stdin");
if let Some(gui_version) = self.gui_version {
cmd.arg("--gui-version").arg(gui_version);
}
info!("Launching gpgui-helper");
let mut non_root_cmd = cmd.into_non_root()?;
let mut child = non_root_cmd.kill_on_drop(true).stdin(Stdio::piped()).spawn()?;
let Some(mut stdin) = child.stdin.take() else {
bail!("Failed to open stdin");
};
let api_key = utils::base64::encode(self.api_key);
tokio::spawn(async move {
stdin.write_all(api_key.as_bytes()).await.unwrap();
drop(stdin);
});
let exit_status = child.wait().await?;
info!("gpgui-helper exited with: {}", exit_status);
Ok(())
}
}

89
crates/gpapi/src/process/gui_launcher.rs
View File

@@ -4,28 +4,30 @@ use std::{
process::{ExitStatus, Stdio}, process::{ExitStatus, Stdio},
}; };
use anyhow::bail;
use log::info;
use tokio::{io::AsyncWriteExt, process::Command}; use tokio::{io::AsyncWriteExt, process::Command};
use crate::{process::gui_helper_launcher::GuiHelperLauncher, utils::base64, GP_GUI_BINARY}; use crate::{utils::base64, GP_GUI_BINARY};
use super::command_traits::CommandExt; use super::command_traits::CommandExt;
pub struct GuiLauncher<'a> { pub struct GuiLauncher {
version: &'a str,
program: PathBuf, program: PathBuf,
api_key: &'a [u8], api_key: Option<Vec<u8>>,
minimized: bool, minimized: bool,
envs: Option<HashMap<String, String>>, envs: Option<HashMap<String, String>>,
} }
impl<'a> GuiLauncher<'a> { impl Default for GuiLauncher {
pub fn new(version: &'a str, api_key: &'a [u8]) -> Self { fn default() -> Self {
Self::new()
}
}
impl GuiLauncher {
pub fn new() -> Self {
Self { Self {
version,
program: GP_GUI_BINARY.into(), program: GP_GUI_BINARY.into(),
api_key, api_key: None,
minimized: false, minimized: false,
envs: None, envs: None,
} }
@@ -36,23 +38,17 @@ impl<'a> GuiLauncher<'a> {
self self
} }
pub fn api_key(mut self, api_key: Vec<u8>) -> Self {
self.api_key = Some(api_key);
self
}
pub fn minimized(mut self, minimized: bool) -> Self { pub fn minimized(mut self, minimized: bool) -> Self {
self.minimized = minimized; self.minimized = minimized;
self self
} }
pub async fn launch(&self) -> anyhow::Result<ExitStatus> { pub async fn launch(&self) -> anyhow::Result<ExitStatus> {
// Check if the program's version
if let Err(err) = self.check_version().await {
info!("Check version failed: {}", err);
// Download the program and replace the current one
self.download_program().await?;
}
self.launch_program().await
}
async fn launch_program(&self) -> anyhow::Result<ExitStatus> {
let mut cmd = Command::new(&self.program); let mut cmd = Command::new(&self.program);
if let Some(envs) = &self.envs { if let Some(envs) = &self.envs {
@@ -60,60 +56,33 @@ impl<'a> GuiLauncher<'a> {
cmd.envs(envs); cmd.envs(envs);
} }
if self.api_key.is_some() {
cmd.arg("--api-key-on-stdin"); cmd.arg("--api-key-on-stdin");
}
if self.minimized { if self.minimized {
cmd.arg("--minimized"); cmd.arg("--minimized");
} }
info!("Launching gpgui");
let mut non_root_cmd = cmd.into_non_root()?; let mut non_root_cmd = cmd.into_non_root()?;
let mut child = non_root_cmd.kill_on_drop(true).stdin(Stdio::piped()).spawn()?;
let Some(mut stdin) = child.stdin.take() else {
bail!("Failed to open stdin");
};
let api_key = base64::encode(self.api_key); let mut child = non_root_cmd.kill_on_drop(true).stdin(Stdio::piped()).spawn()?;
let mut stdin = child
.stdin
.take()
.ok_or_else(|| anyhow::anyhow!("Failed to open stdin"))?;
if let Some(api_key) = &self.api_key {
let api_key = base64::encode(api_key);
tokio::spawn(async move { tokio::spawn(async move {
stdin.write_all(api_key.as_bytes()).await.unwrap(); stdin.write_all(api_key.as_bytes()).await.unwrap();
drop(stdin); drop(stdin);
}); });
}
let exit_status = child.wait().await?; let exit_status = child.wait().await?;
Ok(exit_status) Ok(exit_status)
} }
async fn check_version(&self) -> anyhow::Result<()> {
let cmd = Command::new(&self.program).arg("--version").output().await?;
let output = String::from_utf8_lossy(&cmd.stdout);
// Version string: "gpgui 2.0.0 (2024-02-05)"
let Some(version) = output.split_whitespace().nth(1) else {
bail!("Failed to parse version: {}", output);
};
if version != self.version {
bail!("Version mismatch: expected {}, got {}", self.version, version);
}
info!("Version check passed: {}", version);
Ok(())
}
async fn download_program(&self) -> anyhow::Result<()> {
let gui_helper = GuiHelperLauncher::new(self.api_key);
gui_helper
.envs(self.envs.as_ref())
.gui_version(Some(self.version))
.launch()
.await?;
// Check the version again
self.check_version().await?;
Ok(())
}
} }

1
crates/gpapi/src/process/mod.rs
View File

@@ -1,5 +1,4 @@
pub(crate) mod command_traits; pub(crate) mod command_traits;
pub(crate) mod gui_helper_launcher;
pub mod auth_launcher; pub mod auth_launcher;
#[cfg(feature = "browser-auth")] #[cfg(feature = "browser-auth")]

17
crates/gpapi/src/service/request.rs
View File

@@ -34,7 +34,6 @@ pub struct ConnectArgs {
user_agent: Option<String>, user_agent: Option<String>,
csd_uid: u32, csd_uid: u32,
csd_wrapper: Option<String>, csd_wrapper: Option<String>,
mtu: u32,
os: Option<ClientOs>, os: Option<ClientOs>,
} }
@@ -47,7 +46,6 @@ impl ConnectArgs {
os: None, os: None,
csd_uid: 0, csd_uid: 0,
csd_wrapper: None, csd_wrapper: None,
mtu: 0,
} }
} }
@@ -74,10 +72,6 @@ impl ConnectArgs {
pub fn csd_wrapper(&self) -> Option<String> { pub fn csd_wrapper(&self) -> Option<String> {
self.csd_wrapper.clone() self.csd_wrapper.clone()
} }
pub fn mtu(&self) -> u32 {
self.mtu
}
} }
#[derive(Debug, Deserialize, Serialize, Type)] #[derive(Debug, Deserialize, Serialize, Type)]
@@ -109,11 +103,6 @@ impl ConnectRequest {
self self
} }
pub fn with_mtu(mut self, mtu: u32) -> Self {
self.args.mtu = mtu;
self
}
pub fn with_user_agent<T: Into<Option<String>>>(mut self, user_agent: T) -> Self { pub fn with_user_agent<T: Into<Option<String>>>(mut self, user_agent: T) -> Self {
self.args.user_agent = user_agent.into(); self.args.user_agent = user_agent.into();
self self
@@ -146,9 +135,3 @@ pub enum WsRequest {
Connect(Box<ConnectRequest>), Connect(Box<ConnectRequest>),
Disconnect(DisconnectRequest), Disconnect(DisconnectRequest),
} }
#[derive(Debug, Deserialize, Serialize)]
pub struct UpdateGuiRequest {
pub path: String,
pub checksum: String,
}

14
crates/gpapi/src/utils/checksum.rs
View File

@@ -1,14 +0,0 @@
use std::path::Path;
use anyhow::bail;
pub fn verify_checksum(path: &str, expected: &str) -> anyhow::Result<()> {
let file = Path::new(&path);
let checksum = sha256::try_digest(&file)?;
if checksum != expected {
bail!("Checksum mismatch, expected: {}, actual: {}", expected, checksum);
}
Ok(())
}

56
crates/gpapi/src/utils/mod.rs
View File

@@ -1,7 +1,8 @@
use reqwest::Url;
pub(crate) mod xml; pub(crate) mod xml;
pub mod base64; pub mod base64;
pub mod checksum;
pub mod crypto; pub mod crypto;
pub mod endpoint; pub mod endpoint;
pub mod env_file; pub mod env_file;
@@ -13,12 +14,8 @@ pub mod window;
mod shutdown_signal; mod shutdown_signal;
use log::warn;
pub use shutdown_signal::shutdown_signal; pub use shutdown_signal::shutdown_signal;
use reqwest::{Response, StatusCode, Url};
use thiserror::Error;
/// Normalize the server URL to the format `https://<host>:<port>` /// Normalize the server URL to the format `https://<host>:<port>`
pub fn normalize_server(server: &str) -> anyhow::Result<String> { pub fn normalize_server(server: &str) -> anyhow::Result<String> {
let server = if server.starts_with("https://") || server.starts_with("http://") { let server = if server.starts_with("https://") || server.starts_with("http://") {
@@ -43,52 +40,3 @@ pub fn normalize_server(server: &str) -> anyhow::Result<String> {
pub fn remove_url_scheme(s: &str) -> String { pub fn remove_url_scheme(s: &str) -> String {
s.replace("http://", "").replace("https://", "") s.replace("http://", "").replace("https://", "")
} }
#[derive(Error, Debug)]
#[error("GP response error: reason={reason}, status={status}, body={body}")]
pub(crate) struct GpError {
pub status: StatusCode,
pub reason: String,
body: String,
}
impl GpError {
pub fn is_status_error(&self) -> bool {
self.status.is_client_error() || self.status.is_server_error()
}
}
pub(crate) async fn parse_gp_response(res: Response) -> anyhow::Result<String, GpError> {
let status = res.status();
if status.is_client_error() || status.is_server_error() {
let (reason, body) = parse_gp_error(res).await;
return Err(GpError { status, reason, body });
}
res.text().await.map_err(|err| {
warn!("Failed to read response: {}", err);
GpError {
status,
reason: "failed to read response".to_string(),
body: "<failed to read response>".to_string(),
}
})
}
async fn parse_gp_error(res: Response) -> (String, String) {
let reason = res
.headers()
.get("x-private-pan-globalprotect")
.map_or_else(|| "<none>", |v| v.to_str().unwrap_or("<invalid header>"))
.to_string();
let res = res.text().await.map_or_else(
|_| "<failed to read response>".to_string(),
|v| if v.is_empty() { "<empty>".to_string() } else { v },
);
(reason, res)
}

14
crates/gpapi/src/utils/window.rs
View File

@@ -2,22 +2,17 @@ use std::{process::ExitStatus, time::Duration};
use anyhow::bail; use anyhow::bail;
use log::{info, warn}; use log::{info, warn};
use tauri::Window; use tauri::{window::MenuHandle, Window};
use tokio::process::Command; use tokio::process::Command;
pub trait WindowExt { pub trait WindowExt {
fn raise(&self) -> anyhow::Result<()>; fn raise(&self) -> anyhow::Result<()>;
fn hide_menu(&self);
} }
impl WindowExt for Window { impl WindowExt for Window {
fn raise(&self) -> anyhow::Result<()> { fn raise(&self) -> anyhow::Result<()> {
raise_window(self) raise_window(self)
} }
fn hide_menu(&self) {
hide_menu(self);
}
} }
pub fn raise_window(win: &Window) -> anyhow::Result<()> { pub fn raise_window(win: &Window) -> anyhow::Result<()> {
@@ -39,8 +34,7 @@ pub fn raise_window(win: &Window) -> anyhow::Result<()> {
} }
// Calling window.show() on Windows will cause the menu to be shown. // Calling window.show() on Windows will cause the menu to be shown.
// We need to hide it again. hide_menu(win.menu_handle());
hide_menu(win);
Ok(()) Ok(())
} }
@@ -77,9 +71,7 @@ async fn wmctrl_try_raise_window(title: &str) -> anyhow::Result<ExitStatus> {
Ok(exit_status) Ok(exit_status)
} }
fn hide_menu(win: &Window) { fn hide_menu(menu_handle: MenuHandle) {
let menu_handle = win.menu_handle();
tokio::spawn(async move { tokio::spawn(async move {
loop { loop {
let menu_visible = menu_handle.is_visible().unwrap_or(false); let menu_visible = menu_handle.is_visible().unwrap_or(false);

2
crates/openconnect/Cargo.toml
View File

@@ -6,8 +6,8 @@ license.workspace = true
links = "openconnect" links = "openconnect"
[dependencies] [dependencies]
common = { path = "../common" }
log.workspace = true log.workspace = true
is_executable.workspace = true
[build-dependencies] [build-dependencies]
cc = "1" cc = "1"

2
crates/openconnect/src/ffi/mod.rs
View File

@@ -18,8 +18,6 @@ pub(crate) struct ConnectOptions {
pub csd_uid: u32, pub csd_uid: u32,
pub csd_wrapper: *const c_char, pub csd_wrapper: *const c_char,
pub mtu: u32,
} }
#[link(name = "vpn")] #[link(name = "vpn")]

6
crates/openconnect/src/ffi/vpn.c
View File

@@ -63,7 +63,6 @@ int vpn_connect(const vpn_options *options, vpn_connected_callback callback)
INFO("OS: %s", options->os); INFO("OS: %s", options->os);
INFO("CSD_USER: %d", options->csd_uid); INFO("CSD_USER: %d", options->csd_uid);
INFO("CSD_WRAPPER: %s", options->csd_wrapper); INFO("CSD_WRAPPER: %s", options->csd_wrapper);
INFO("MTU: %d", options->mtu);
vpninfo = openconnect_vpninfo_new(options->user_agent, validate_peer_cert, NULL, NULL, print_progress, NULL); vpninfo = openconnect_vpninfo_new(options->user_agent, validate_peer_cert, NULL, NULL, print_progress, NULL);
@@ -98,11 +97,6 @@ int vpn_connect(const vpn_options *options, vpn_connected_callback callback)
openconnect_setup_csd(vpninfo, options->csd_uid, 1, options->csd_wrapper); openconnect_setup_csd(vpninfo, options->csd_uid, 1, options->csd_wrapper);
} }
if (options->mtu > 0) {
int mtu = options->mtu < 576 ? 576 : options->mtu;
openconnect_set_reqmtu(vpninfo, mtu);
}
g_cmd_pipe_fd = openconnect_setup_cmd_pipe(vpninfo); g_cmd_pipe_fd = openconnect_setup_cmd_pipe(vpninfo);
if (g_cmd_pipe_fd < 0) if (g_cmd_pipe_fd < 0)
{ {

2
crates/openconnect/src/ffi/vpn.h
View File

@@ -19,8 +19,6 @@ typedef struct vpn_options
const uid_t csd_uid; const uid_t csd_uid;
const char *csd_wrapper; const char *csd_wrapper;
const int mtu;
} vpn_options; } vpn_options;
int vpn_connect(const vpn_options *options, vpn_connected_callback callback); int vpn_connect(const vpn_options *options, vpn_connected_callback callback);

1
crates/openconnect/src/lib.rs
View File

@@ -1,4 +1,5 @@
mod ffi; mod ffi;
mod vpn; mod vpn;
mod vpnc_script;
pub use vpn::*; pub use vpn::*;

78
crates/openconnect/src/vpn.rs
View File

@@ -1,13 +1,11 @@
use std::{ use std::{
ffi::{c_char, CString}, ffi::{c_char, CString},
fmt,
sync::{Arc, RwLock}, sync::{Arc, RwLock},
}; };
use common::vpn_utils::{find_vpnc_script, is_executable};
use log::info; use log::info;
use crate::ffi; use crate::{ffi, vpnc_script::find_default_vpnc_script};
type OnConnectedCallback = Arc<RwLock<Option<Box<dyn FnOnce() + 'static + Send + Sync>>>>; type OnConnectedCallback = Arc<RwLock<Option<Box<dyn FnOnce() + 'static + Send + Sync>>>>;
@@ -23,8 +21,6 @@ pub struct Vpn {
csd_uid: u32, csd_uid: u32,
csd_wrapper: Option<CString>, csd_wrapper: Option<CString>,
mtu: u32,
callback: OnConnectedCallback, callback: OnConnectedCallback,
} }
@@ -66,8 +62,6 @@ impl Vpn {
csd_uid: self.csd_uid, csd_uid: self.csd_uid,
csd_wrapper: Self::option_to_ptr(&self.csd_wrapper), csd_wrapper: Self::option_to_ptr(&self.csd_wrapper),
mtu: self.mtu,
} }
} }
@@ -79,37 +73,15 @@ impl Vpn {
} }
} }
#[derive(Debug)]
pub struct VpnError<'a> {
message: &'a str,
}
impl<'a> VpnError<'a> {
fn new(message: &'a str) -> Self {
Self { message }
}
}
impl fmt::Display for VpnError<'_> {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
write!(f, "{}", self.message)
}
}
impl std::error::Error for VpnError<'_> {}
pub struct VpnBuilder { pub struct VpnBuilder {
server: String, server: String,
cookie: String, cookie: String,
script: Option<String>,
user_agent: Option<String>, user_agent: Option<String>,
script: Option<String>,
os: Option<String>, os: Option<String>,
csd_uid: u32, csd_uid: u32,
csd_wrapper: Option<String>, csd_wrapper: Option<String>,
mtu: u32,
} }
impl VpnBuilder { impl VpnBuilder {
@@ -117,28 +89,24 @@ impl VpnBuilder {
Self { Self {
server: server.to_string(), server: server.to_string(),
cookie: cookie.to_string(), cookie: cookie.to_string(),
script: None,
user_agent: None, user_agent: None,
script: None,
os: None, os: None,
csd_uid: 0, csd_uid: 0,
csd_wrapper: None, csd_wrapper: None,
mtu: 0,
} }
} }
pub fn script<T: Into<Option<String>>>(mut self, script: T) -> Self {
self.script = script.into();
self
}
pub fn user_agent<T: Into<Option<String>>>(mut self, user_agent: T) -> Self { pub fn user_agent<T: Into<Option<String>>>(mut self, user_agent: T) -> Self {
self.user_agent = user_agent.into(); self.user_agent = user_agent.into();
self self
} }
pub fn script<T: Into<Option<String>>>(mut self, script: T) -> Self {
self.script = script.into();
self
}
pub fn os<T: Into<Option<String>>>(mut self, os: T) -> Self { pub fn os<T: Into<Option<String>>>(mut self, os: T) -> Self {
self.os = os.into(); self.os = os.into();
self self
@@ -154,32 +122,12 @@ impl VpnBuilder {
self self
} }
pub fn mtu(mut self, mtu: u32) -> Self { pub fn build(self) -> Vpn {
self.mtu = mtu;
self
}
pub fn build(self) -> Result<Vpn, VpnError<'static>> {
let script = match self.script {
Some(script) => {
if !is_executable(&script) {
return Err(VpnError::new("vpnc script is not executable"));
}
script
}
None => find_vpnc_script().ok_or_else(|| VpnError::new("Failed to find vpnc-script"))?,
};
if let Some(csd_wrapper) = &self.csd_wrapper {
if !is_executable(csd_wrapper) {
return Err(VpnError::new("CSD wrapper is not executable"));
}
}
let user_agent = self.user_agent.unwrap_or_default(); let user_agent = self.user_agent.unwrap_or_default();
let script = self.script.or_else(find_default_vpnc_script).unwrap_or_default();
let os = self.os.unwrap_or("linux".to_string()); let os = self.os.unwrap_or("linux".to_string());
Ok(Vpn { Vpn {
server: Self::to_cstring(&self.server), server: Self::to_cstring(&self.server),
cookie: Self::to_cstring(&self.cookie), cookie: Self::to_cstring(&self.cookie),
user_agent: Self::to_cstring(&user_agent), user_agent: Self::to_cstring(&user_agent),
@@ -191,10 +139,8 @@ impl VpnBuilder {
csd_uid: self.csd_uid, csd_uid: self.csd_uid,
csd_wrapper: self.csd_wrapper.as_deref().map(Self::to_cstring), csd_wrapper: self.csd_wrapper.as_deref().map(Self::to_cstring),
mtu: self.mtu,
callback: Default::default(), callback: Default::default(),
}) }
} }
fn to_cstring(value: &str) -> CString { fn to_cstring(value: &str) -> CString {

23
crates/openconnect/src/vpnc_script.rs Normal file
View File

@@ -0,0 +1,23 @@
use is_executable::IsExecutable;
use std::path::Path;
const VPNC_SCRIPT_LOCATIONS: [&str; 5] = [
"/usr/local/share/vpnc-scripts/vpnc-script",
"/usr/local/sbin/vpnc-script",
"/usr/share/vpnc-scripts/vpnc-script",
"/usr/sbin/vpnc-script",
"/etc/vpnc/vpnc-script",
];
pub(crate) fn find_default_vpnc_script() -> Option<String> {
for location in VPNC_SCRIPT_LOCATIONS.iter() {
let path = Path::new(location);
if path.is_executable() {
return Some(location.to_string());
}
}
log::warn!("vpnc-script not found");
None
}

34
packaging/binary/Makefile.in
View File

@@ -1,34 +0,0 @@
install:
@echo "===> Installing..."
install -Dm755 artifacts/usr/bin/gpclient $(DESTDIR)/usr/bin/gpclient
install -Dm755 artifacts/usr/bin/gpservice $(DESTDIR)/usr/bin/gpservice
install -Dm755 artifacts/usr/bin/gpauth $(DESTDIR)/usr/bin/gpauth
install -Dm755 artifacts/usr/bin/gpgui-helper $(DESTDIR)/usr/bin/gpgui-helper
if [ -f artifacts/usr/bin/gpgui ]; then \
install -Dm755 artifacts/usr/bin/gpgui $(DESTDIR)/usr/bin/gpgui; \
fi
install -Dm644 artifacts/usr/share/applications/gpgui.desktop $(DESTDIR)/usr/share/applications/gpgui.desktop
install -Dm644 artifacts/usr/share/icons/hicolor/scalable/apps/gpgui.svg $(DESTDIR)/usr/share/icons/hicolor/scalable/apps/gpgui.svg
install -Dm644 artifacts/usr/share/icons/hicolor/32x32/apps/gpgui.png $(DESTDIR)/usr/share/icons/hicolor/32x32/apps/gpgui.png
install -Dm644 artifacts/usr/share/icons/hicolor/128x128/apps/gpgui.png $(DESTDIR)/usr/share/icons/hicolor/128x128/apps/gpgui.png
install -Dm644 artifacts/usr/share/icons/hicolor/256x256@2/apps/gpgui.png $(DESTDIR)/usr/share/icons/hicolor/256x256@2/apps/gpgui.png
install -Dm644 artifacts/usr/share/polkit-1/actions/com.yuezk.gpgui.policy $(DESTDIR)/usr/share/polkit-1/actions/com.yuezk.gpgui.policy
uninstall:
@echo "===> Uninstalling from $(DESTDIR)..."
rm -f $(DESTDIR)/usr/bin/gpclient
rm -f $(DESTDIR)/usr/bin/gpservice
rm -f $(DESTDIR)/usr/bin/gpauth
rm -f $(DESTDIR)/usr/bin/gpgui-helper
rm -f $(DESTDIR)/usr/bin/gpgui
rm -f $(DESTDIR)/usr/share/applications/gpgui.desktop
rm -f $(DESTDIR)/usr/share/icons/hicolor/scalable/apps/gpgui.svg
rm -f $(DESTDIR)/usr/share/icons/hicolor/32x32/apps/gpgui.png
rm -f $(DESTDIR)/usr/share/icons/hicolor/128x128/apps/gpgui.png
rm -f $(DESTDIR)/usr/share/icons/hicolor/256x256@2/apps/gpgui.png
rm -f $(DESTDIR)/usr/share/polkit-1/actions/com.yuezk.gpgui.policy

23
packaging/deb/control.in
View File

@@ -1,23 +0,0 @@
Source: globalprotect-openconnect
Section: net
Priority: optional
Maintainer: Kevin Yue <k3vinyue@gmail.com>
Standards-Version: 4.1.4
Build-Depends: debhelper (>= 9),
pkg-config,
jq (>= 1),
make (>= 4),
libxml2,
libsecret-1-0,
libayatana-appindicator3-1,
gnome-keyring,
libwebkit2gtk-4.0-dev,
libopenconnect-dev (>= 8.20),@RUST@
Homepage: https://github.com/yuezk/GlobalProtect-openconnect
Package: globalprotect-openconnect
Architecture: any
Multi-Arch: foreign
Depends: ${misc:Depends}, ${shlibs:Depends}, openconnect (>=8.20), libxml2, libsecret-1-0, libayatana-appindicator3-1, gnome-keyring
Description: A GUI for GlobalProtect VPN
A GUI for GlobalProtect VPN, based on OpenConnect, supports the SSO authentication method.

14
packaging/deb/postrm
View File

@@ -1,14 +0,0 @@
#!/bin/sh
set -e
case "$1" in
purge|remove|upgrade)
# Remove the gpgui binary downloaded at runtime
rm -f /usr/bin/gpgui
;;
*)
;;
esac
exit 0

7
packaging/deb/rules.in
View File

@@ -1,7 +0,0 @@
#!/usr/bin/make -f
export OFFLINE = @OFFLINE@
export BUILD_FE = 0
%:
dh $@ --no-parallel

11
packaging/files/usr/share/applications/gpgui.desktop
View File

@@ -1,11 +0,0 @@
[Desktop Entry]
Type=Application
Name=GlobalProtect Openconnect VPN Client
Comment=A GUI for GlobalProtect VPN
GenericName=GlobalProtect VPN Client
Categories=Network;Dialup;
Exec=/usr/bin/gpclient launch-gui %u
MimeType=x-scheme-handler/globalprotectcallback;
Icon=gpgui
Keywords=GlobalProtect;Openconnect;SAML;connection;VPN;

BIN
packaging/files/usr/share/icons/hicolor/128x128/apps/gpgui.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 13 KiB

BIN
packaging/files/usr/share/icons/hicolor/256x256@2/apps/gpgui.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 28 KiB

BIN
packaging/files/usr/share/icons/hicolor/32x32/apps/gpgui.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 2.5 KiB

99
packaging/files/usr/share/icons/hicolor/scalable/apps/gpgui.svg
View File

@@ -1,99 +0,0 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Generator: Adobe Illustrator 19.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
version="1.1"
id="Layer_1"
x="0px"
y="0px"
viewBox="0 0 96 96"
style="enable-background:new 0 0 96 96;"
xml:space="preserve"
sodipodi:docname="com.yuezk.qt.gpclient.svg"
inkscape:version="0.92.4 5da689c313, 2019-01-14"><metadata
id="metadata14"><rdf:RDF><cc:Work
rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" /><dc:title /></cc:Work></rdf:RDF></metadata><defs
id="defs12" /><sodipodi:namedview
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1"
objecttolerance="10"
gridtolerance="10"
guidetolerance="10"
inkscape:pageopacity="0"
inkscape:pageshadow="2"
inkscape:window-width="1920"
inkscape:window-height="1006"
id="namedview10"
showgrid="false"
inkscape:zoom="6.9532168"
inkscape:cx="7.9545315"
inkscape:cy="59.062386"
inkscape:window-x="0"
inkscape:window-y="0"
inkscape:window-maximized="1"
inkscape:current-layer="g8499" />
<style
type="text/css"
id="style2">
.st0{fill:#2980B9;}
.st1{fill:#3498DB;}
.st2{fill:#2ECC71;}
.st3{fill:#27AE60;}
</style>
<g
id="g8499"
transform="matrix(1.3407388,0,0,1.3407388,-16.409202,-16.355463)"><g
id="XMLID_1_">
<circle
r="32.5"
cy="48"
cx="48"
class="st0"
id="XMLID_3_"
style="fill:#2980b9" />
<path
d="m 48,15.5 v 65 C 65.9,80.5 80.5,65.7 80.5,48 80.5,30 65.9,15.5 48,15.5 Z"
class="st1"
id="XMLID_4_"
inkscape:connector-curvature="0"
style="fill:#3498db" />
<path
d="m 48,15.5 v 0.6 l 1.2,-0.3 c 0.3,-0.3 0.4,-0.3 0.6,-0.3 h -1.1 z m 7.3,0.9 c -0.1,0 0.4,0.9 1.1,1.8 0.8,1.5 1.1,2.1 1.3,2.1 0.3,-0.3 1.9,-1.2 3,-2.1 -1.7,-0.9 -3.5,-1.5 -5.4,-1.8 z m 10.3,6.2 c -0.1,0 -0.4,0 -0.9,0.6 l -0.8,0.9 0.6,0.6 c 0.3,0.6 0.8,0.9 1,1.2 0.5,0.6 0.6,0.6 0.1,1.5 -0.2,0.6 -0.3,0.9 -0.3,0.9 0.1,0.3 0.3,0.3 1.4,0.3 h 1.6 c 0.1,0 0.3,-0.6 0.4,-1.2 l 0.1,-0.9 -1.1,-0.9 c -1,-0.9 -1,-0.9 -1.4,-1.8 -0.3,-0.6 -0.6,-1.2 -0.7,-1.2 z m -3,2.4 c -0.2,0 -1.3,2.1 -1.3,2.4 0,0 0.3,0.6 0.7,0.9 0.4,0.3 0.7,0.6 0.7,0.6 0.1,0 1.2,-1.2 1.4,-1.5 C 64.2,27.1 64,26.8 63.5,26.2 63.1,25.5 62.7,25 62.6,25 Z m 9.5,1.1 0.2,0.3 c 0,0.3 -0.7,0.9 -1.4,1.5 -1.2,0.9 -1.4,1.2 -2,1.2 -0.6,0 -0.9,0.3 -1.8,0.9 -0.6,0.6 -1.2,0.9 -1.2,1.2 0,0 0.2,0.3 0.6,0.9 0.7,0.6 0.7,0.9 0.2,1.8 l -0.4,0.3 h -1.1 c -0.6,0 -1.5,0 -1.8,-0.3 -0.9,0 -0.8,0 -0.1,2.1 1,3 1.1,3.2 1.3,3.2 0.1,0 1.3,-1.2 2.8,-2.4 1.5,-1.2 2.7,-2.4 2.8,-2.4 l 0.6,0.3 c 0.4,0.3 0.5,0 1.3,-0.6 l 0.8,-0.6 0.8,0.6 c 1.9,1.2 2.2,1.5 2.3,2.4 0.2,1.5 0.3,1.8 0.5,1.8 0.1,0 1.3,-1.5 1.6,-1.8 0.1,-0.3 -0.1,-0.6 -1.1,-2.1 -0.7,-0.9 -1.1,-1.8 -1.1,-2.1 0,0 0.1,0 0.3,-0.3 0.2,0 0.4,0.3 1,0.9 -1.6,-2.3 -3.2,-4.7 -5.1,-6.8 z m 2.8,10.7 c -0.2,0 -0.9,0.9 -0.8,1.2 l 0.5,0.3 H 75 c 0.2,0 0.3,0 0.2,-0.3 C 75.1,37.4 75,36.8 74.9,36.8 Z M 72.3,38 h -2.4 l -2.4,0.3 -4.5,3.5 -4.4,3.8 v 3.5 c 0,2.1 0,3.8 0.1,3.8 0.1,0 0.7,0.9 1.5,1.5 0.8,0.9 1.5,1.5 1.8,1.8 0.4,0.3 0.5,0.3 4,0.6 l 3.4,0.3 1.6,0.9 c 0.8,0.6 1.5,1.2 1.6,1.2 0.1,0 -0.3,0.3 -0.6,0.6 l -0.6,0.6 1,1.2 c 0.5,0.6 1.3,1.5 1.7,1.8 l 0.6,0.9 v 1.7 0.9 c 3.7,-5 5.9,-11.5 6.1,-18.3 0.1,-2.7 -0.3,-5.3 -0.8,-8 l -0.6,-0.3 c -0.1,0 -0.5,0.3 -1,0.6 -0.5,0.3 -1,0.9 -1.1,0.9 -0.1,0 -0.8,-0.3 -1.8,-0.6 l -1.8,-0.6 v -0.9 c 0,-0.6 0,-0.9 -0.6,-1.5 z M 48,63.7 V 64 h 0.2 z"
class="st2"
id="XMLID_13_"
inkscape:connector-curvature="0"
style="fill:#2ecc71" />
<path
d="m 48,15.5 c -3.1,0 -6.2,0.5 -9,1.3 0.3,0.4 0.3,0.4 0.6,0.9 1.5,2.5 1.7,2.8 2.1,2.9 0.3,0 0.9,0.1 1.6,0.1 h 1.2 l 0.9,-2 0.8,-1.9 1.8,-0.6 z m -16.9,4.7 c -2.8,1.7 -5.4,3.9 -7.6,6.4 -3.8,4.3 -6.3,9.6 -7.4,15.4 0.5,0 0.9,-0.1 1.8,-0.1 2.8,0.1 2.5,0 3.4,1.4 0.5,0.8 0.6,0.8 1.4,0.8 1,0.1 0.9,0 0.5,-1.6 -0.2,-0.6 -0.3,-1.2 -0.3,-1.4 0,-0.2 0.5,-0.7 1.7,-1.6 1.9,-1.5 1.8,-1.3 1.5,-2.9 -0.1,-0.3 0.1,-0.6 0.6,-1.2 0.7,-0.7 0.7,-0.6 1.4,-0.6 h 0.7 l 0.1,-1.2 c 0.1,-0.7 0.1,-1.3 0.2,-1.3 0,0 1.9,-1.1 4.1,-2.3 2.2,-1.2 4.1,-2.2 4.2,-2.3 0.2,-0.2 -0.3,-0.8 -2.7,-3.8 -1.5,-1.9 -2.8,-3.6 -2.9,-3.7 z m -5.8,23 c -0.1,0 -0.1,0.3 -0.1,0.6 0,0.6 0,0.7 0.6,1 0.8,0.4 0.9,0.5 0.8,0.2 -0.1,-0.4 -1.2,-1.9 -1.3,-1.8 z m -3.4,2.1 -0.5,1.8 c 0.1,0.1 0.9,0.3 1.8,0.5 1,0.2 1.6,0.4 1.8,0.3 l 0.5,-1.3 z m -3.8,1 -1.1,0.6 c -0.6,0.3 -1.2,0.6 -1.4,0.6 h -0.1 c 0,1.4 0.1,2.8 0.3,4.2 l 0.6,0.4 1,-0.1 h 1 l 0.6,1.4 c 0.3,0.7 0.7,1.4 0.8,1.5 0.1,0.1 1,0.1 1.8,0.1 h 1.5 L 23,56.2 c 0,1.2 0,1.3 -0.6,2.2 -0.4,0.5 -0.6,1.2 -0.6,1.4 0,0.2 0.7,2.1 1.6,4.3 l 1.5,4 1.6,0.8 c 1.2,0.6 1.5,0.8 1.5,1 0,0.1 -0.4,2.1 -0.6,3.1 3,2.5 6.4,4.5 10.2,5.8 3.5,-3.6 6.8,-7.1 7.3,-7.6 l 0.7,-0.7 0.2,-1.9 c 0.2,-1.1 0.4,-2.1 0.4,-2.2 0,-0.1 0.5,-0.6 1,-1.2 0.5,-0.5 0.8,-1 0.8,-1.1 v -0.2 c -0.1,-0.1 -1.4,-1.1 -3,-2.2 l -3.1,-2.1 -1.1,-0.1 c -0.8,0 -1.2,0 -1.3,-0.2 C 39.4,59.2 39.2,58.5 39.1,57.7 39,56.9 38.9,56.2 38.8,56.1 38.8,56 38,56 37.1,56 36.2,56 35.4,55.9 35.3,55.8 35.2,55.7 35.2,55.1 35.1,54.3 35,53.6 34.9,53 34.8,52.9 34.7,52.8 33.7,52.7 32.5,52.6 30.5,52.5 30.1,52.5 29.1,52 l -1.2,-0.6 -1.6,0.7 -1.7,0.9 -1.8,-0.1 c -2,0 -1.9,0.2 -2.1,-1.6 C 20.6,50.7 20.6,50.1 20.5,50.1 20.4,50 20,50 19.6,49.9 L 18.9,49.7 19,49.2 c 0,-0.3 0,-1 0.1,-1.4 L 19.2,47 18.7,46.5 Z m 9.1,1.1 C 27.1,47.5 27.1,47.8 27,48 l -0.1,0.5 2.9,1.2 c 2.9,1.1 3.4,1.2 3.9,0.7 0.2,-0.2 0.1,-0.2 -0.3,-0.4 -0.3,-0.1 -1.7,-0.9 -3.2,-1.6 -1.7,-0.7 -2.9,-1.1 -3,-1 z"
class="st3"
id="XMLID_20_"
inkscape:connector-curvature="0"
style="fill:#27ae60" />
</g><g
transform="matrix(1.458069,0,0,1.458069,-22.631538,-19.615144)"
id="g7664"><path
inkscape:connector-curvature="0"
id="XMLID_6_"
class="st3"
d="m 38.8,56.1 c 0,1.2 1,2.2 2.2,2.2 h 15.2 c 1.2,0 2.2,-1 2.2,-2.2 V 45.3 c 0,-1.2 -1,-2.2 -2.2,-2.2 H 40.9 c -1.2,0 -2.2,1 -2.2,2.2 v 10.8 z"
style="fill:#f1aa27;fill-opacity:1" /><path
style="fill:#e6e6e6"
inkscape:connector-curvature="0"
id="XMLID_7_"
class="st4"
d="m 55.5,43.1 h -3.3 v -3.7 c 0,-2.1 -1.7,-3.8 -3.8,-3.8 -2.1,0 -3.8,1.7 -3.8,3.8 v 3.8 h -3.1 v -3.8 c 0,-3.9 3.2,-7 7,-7 3.9,0 7,3.2 7,7 z" /><path
style="fill:#e6e6e6;fill-opacity:1"
inkscape:connector-curvature="0"
id="XMLID_8_"
class="st5"
d="m 50.35,48.2 c 0,-1 -0.8,-1.8 -1.8,-1.8 -1,0 -1.8,0.8 -1.8,1.8 0,0.7 0.4,1.3 1,1.6 l -1,5.2 h 3.6 l -1,-5.2 c 0.6,-0.3 1,-0.9 1,-1.6 z" /></g></g></svg>
Side by Side

Before

Width:  |  Height:  |  Size: 6.7 KiB

18
packaging/files/usr/share/polkit-1/actions/com.yuezk.gpgui.policy
View File

@@ -1,18 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN" "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
<policyconfig>
<vendor>The GlobalProtect-openconnect Project</vendor>
<vendor_url>https://github.com/yuezk/GlobalProtect-openconnect</vendor_url>
<icon_name>gpgui</icon_name>
<action id="com.yuezk.gpgui.service">
<description>Run GPService as root</description>
<message>Authentication is required to run the GPService as root</message>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.exec.path">/usr/bin/gpservice</annotate>
<annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
</action>
</policyconfig>

35
packaging/pkgbuild/PKGBUILD.in
View File

@@ -1,35 +0,0 @@
# Maintainer: Keinv Yue <k3vinyue@gmail.com>
_pkgname=@PKG_NAME@
pkgname=${_pkgname}
pkgver="@VERSION@"
pkgrel=@REVISION@
pkgdesc="A GUI for GlobalProtect VPN, based on OpenConnect, supports the SSO authentication method."
arch=('x86_64' 'aarch64')
url="https://github.com/yuezk/GlobalProtect-openconnect"
license=('GPL3')
makedepends=('make' 'pkg-config' 'rust' 'cargo' 'jq' 'webkit2gtk' 'curl' 'wget' 'file' 'openssl' 'appmenu-gtk-module' 'gtk3' 'libappindicator-gtk3' 'librsvg' 'libvips' 'libayatana-appindicator' 'openconnect' 'libsecret')
depends=('openconnect>=8.20' webkit2gtk libappindicator-gtk3 libayatana-appindicator libsecret libxml2)
optdepends=('wmctrl: for window management')
provides=('globalprotect-openconnect' 'gpclient' 'gpservice' 'gpauth' 'gpgui')
source=("${_pkgname}-${pkgver}.tar.gz")
sha256sums=('SKIP')
options=('!strip')
build() {
cd "$pkgname-$pkgver"
# Must unset the CFLAGS, otherwise the build fails
unset CFLAGS
make build OFFLINE=@OFFLINE@ BUILD_FE=0
}
package() {
cd "$pkgname-$pkgver"
make install DESTDIR="$pkgdir"
}

5
packaging/rpm/globalprotect-openconnect.changes.in
View File

@@ -1,5 +0,0 @@
-------------------------------------------------------------------
@DATE@ - k3vinyue@gmail.com - @VERSION@
- Update to @VERSION@
* Bugfix and improvements.

72
packaging/rpm/globalprotect-openconnect.spec.in
View File

@@ -1,72 +0,0 @@
Name: globalprotect-openconnect
Version: @VERSION@
Release: @REVISION@
Summary: A GlobalProtect VPN client powered by OpenConnect
Group: Productivity/Networking/PPP
License: GPL-3.0
URL: https://github.com/yuezk/GlobalProtect-openconnect
Source: %{name}.tar.gz
BuildRequires: make
BuildRequires: rust
BuildRequires: cargo
BuildRequires: jq
BuildRequires: pkg-config
BuildRequires: openconnect-devel
BuildRequires: openssl-devel
BuildRequires: wget
BuildRequires: file
BuildRequires: perl
BuildRequires: (webkit2gtk4.0-devel or webkit2gtk3-soup2-devel)
BuildRequires: (libappindicator-gtk3-devel or libappindicator3-1)
BuildRequires: (librsvg2-devel or librsvg-devel)
Requires: openconnect >= 8.20, (libayatana-appindicator or libappindicator-gtk3)
Conflicts: globalprotect-openconnect-snapshot
%global debug_package %{nil}
%description
A GUI for GlobalProtect VPN, based on OpenConnect, supports the SSO authentication method.
%prep
%setup
%postun
rm -f %{_bindir}/gpgui
%build
# The injected RUSTFLAGS could fail the build
unset RUSTFLAGS
make build OFFLINE=@OFFLINE@ BUILD_FE=0
%install
%make_install
%files
%defattr(-,root,root)
%{_bindir}/*
%{_datadir}/applications/gpgui.desktop
%{_datadir}/icons/hicolor/32x32/apps/gpgui.png
%{_datadir}/icons/hicolor/128x128/apps/gpgui.png
%{_datadir}/icons/hicolor/256x256@2/apps/gpgui.png
%{_datadir}/icons/hicolor/scalable/apps/gpgui.svg
%{_datadir}/polkit-1/actions/com.yuezk.gpgui.policy
%dir %{_datadir}/icons/hicolor
%dir %{_datadir}/icons/hicolor/32x32
%dir %{_datadir}/icons/hicolor/32x32/apps
%dir %{_datadir}/icons/hicolor/128x128
%dir %{_datadir}/icons/hicolor/128x128/apps
%dir %{_datadir}/icons/hicolor/256x256@2
%dir %{_datadir}/icons/hicolor/256x256@2/apps
%dir %{_datadir}/icons/hicolor/scalable
%dir %{_datadir}/icons/hicolor/scalable/apps
%dir %{_datadir}/polkit-1
%dir %{_datadir}/polkit-1/actions
%changelog
* @DATE@ Kevin Yue <k3vinyue@gmail.com> - @VERSION@
- Bugfix and improvements