Linux IPSec initial

client/protocols/ikev2_vpn_protocol_linux.cpp

@@ -0,0 +1,101 @@
+#include <QCoreApplication>
+#include <QFileInfo>
+#include <QProcess>
+
+#include <QThread>
+
+#include <chrono>
+
+#include "logger.h"
+#include "ikev2_vpn_protocol_linux.h"
+#include "utilities.h"
+#include "core/ipcclient.h"
+#include <openssl/pkcs12.h>
+#include <openssl/bio.h>
+#include <openssl/pem.h>
+
+
+static Ikev2Protocol* self = nullptr;
+
+
+Ikev2Protocol::Ikev2Protocol(const QJsonObject &configuration, QObject* parent) :
+    VpnProtocol(configuration, parent)
+{
+    self = this;
+    readIkev2Configuration(configuration);
+}
+
+Ikev2Protocol::~Ikev2Protocol()
+{
+    qDebug() << "IpsecProtocol::~IpsecProtocol()";
+    disconnect_vpn();
+    Ikev2Protocol::stop();
+}
+
+void Ikev2Protocol::stop()
+{
+    setConnectionState(Vpn::ConnectionState::Disconnected);
+    qDebug() << "IpsecProtocol::stop()";
+}
+
+
+void Ikev2Protocol::readIkev2Configuration(const QJsonObject &configuration)
+{
+    QJsonObject ikev2_data = configuration.value(ProtocolProps::key_proto_config_data(Proto::Ikev2)).toObject();
+    m_config = QJsonDocument::fromJson(ikev2_data.value(config_key::config).toString().toUtf8()).object();
+
+}
+
+ErrorCode Ikev2Protocol::start()
+{
+    STACK_OF(X509) *certstack = sk_X509_new_null();
+    BIO *p12 = BIO_new(BIO_s_mem());
+
+    EVP_PKEY *pkey;
+    X509 *cert;
+
+    BIO_write(p12, QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8()),
+              QByteArray::fromBase64(m_config[config_key::cert].toString().toUtf8()).size());
+
+    PKCS12 *pkcs12 = d2i_PKCS12_bio(p12, NULL);
+    PKCS12_parse(pkcs12, m_config[config_key::password].toString().toStdString().c_str(), &pkey, &cert, &certstack);
+    BIO *bio = BIO_new(BIO_s_mem());
+    PEM_write_bio_X509(bio, cert);
+
+    BUF_MEM *mem = NULL;
+    BIO_get_mem_ptr(bio, &mem);
+
+    std::string pem(mem->data, mem->length);
+    qDebug() << pem;
+
+    QString alias(pem.c_str());
+
+    IpcClient::Interface()->writeIPsecUserCert(alias, m_config[config_key::userName].toString());
+    IpcClient::Interface()->writeIPsecConfig(m_config[config_key::config].toString());
+    IpcClient::Interface()->writeIPsecCaCert(m_config[config_key::cacert].toString(), m_config[config_key::userName].toString());
+    IpcClient::Interface()->writeIPsecPrivate(m_config[config_key::cert].toString(), m_config[config_key::userName].toString());
+    IpcClient::Interface()->writeIPsecPrivatePass(m_config[config_key::password].toString(), m_config[config_key::userName].toString());
+
+
+    setConnectionState(Vpn::ConnectionState::Connected);
+    return ErrorCode::NoError;
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+bool Ikev2Protocol::create_new_vpn(const QString & vpn_name,
+                                   const QString & serv_addr){
+   qDebug() << "Ikev2Protocol::create_new_vpn()";
+   return true;
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+bool Ikev2Protocol::delete_vpn_connection(const QString &vpn_name){
+
+    return false;
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+bool Ikev2Protocol::connect_to_vpn(const QString & vpn_name){
+    return false;
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+bool Ikev2Protocol::disconnect_vpn(){
+    return true;
+}

client/protocols/ikev2_vpn_protocol_linux.h

@@ -0,0 +1,49 @@
+#ifndef IKEV2_VPN_PROTOCOL_LINUX_H
+#define IKEV2_VPN_PROTOCOL_LINUX_H
+
+#include <QObject>
+#include <QProcess>
+#include <QString>
+#include <QTemporaryFile>
+#include <QTimer>
+
+#include "vpnprotocol.h"
+
+#include <string>
+#include <memory>
+#include <atomic>
+#include <thread>
+#include <condition_variable>
+#include <mutex>
+
+class Ikev2Protocol : public VpnProtocol
+{
+    Q_OBJECT
+
+public:
+    explicit Ikev2Protocol(const QJsonObject& configuration, QObject* parent = nullptr);
+    virtual ~Ikev2Protocol() override;
+
+    ErrorCode start() override;
+    void stop() override;
+
+    static QString tunnelName() { return "AmneziaVPN IKEv2"; }
+
+
+private:
+    void readIkev2Configuration(const QJsonObject &configuration);
+
+private:
+    QJsonObject m_config;
+
+
+    bool create_new_vpn(const QString & vpn_name,
+                        const QString & serv_addr);
+    bool delete_vpn_connection(const QString &vpn_name);
+
+    bool connect_to_vpn(const QString & vpn_name);
+    bool disconnect_vpn();
+};
+
+
+#endif // IKEV2_VPN_PROTOCOL_LINUX_H

client/protocols/protocols_defs.h

@@ -24,6 +24,7 @@ namespace amnezia
         constexpr char description[] = "description";
         constexpr char name[] = "name";
         constexpr char cert[] = "cert";
+        constexpr char cacert[] = "cacert";
         constexpr char config[] = "config";
 
         constexpr char containers[] = "containers";

client/protocols/vpnprotocol.cpp

@@ -16,6 +16,10 @@
     #include "ikev2_vpn_protocol_windows.h"
 #endif
 
+#ifdef Q_OS_LINUX
+#include "ikev2_vpn_protocol_linux.h"
+#endif
+
 VpnProtocol::VpnProtocol(const QJsonObject &configuration, QObject *parent)
     : QObject(parent),
       m_connectionState(Vpn::ConnectionState::Unknown),
@@ -106,7 +110,7 @@ QString VpnProtocol::vpnGateway() const
 VpnProtocol *VpnProtocol::factory(DockerContainer container, const QJsonObject &configuration)
 {
     switch (container) {
-#if defined(Q_OS_WINDOWS)
+#if defined(Q_OS_WINDOWS) || defined(Q_OS_LINUX)
     case DockerContainer::Ipsec: return new Ikev2Protocol(configuration);
 #endif
 #if defined(Q_OS_WINDOWS) || defined(Q_OS_MACX) || (defined(Q_OS_LINUX) && !defined(Q_OS_ANDROID))