openconnect-unknown/tncc-wrapper.py

1 #!/usr/bin/python
2 
3 # Lifted from Russ Dill's juniper-vpn-wrap.py, thus:
4 #
5 #    This program is free software; you can redistribute it and/or modify
6 #    it under the terms of the GNU General Public License as published by
7 #    the Free Software Foundation; either version 2 of the License, or
8 #    (at your option) any later version.
9 #
10 #    This program is distributed in the hope that it will be useful,
11 #    but WITHOUT ANY WARRANTY; without even the implied warranty of
12 #    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13 #    GNU General Public License for more details.
14 #
15 #    You should have received a copy of the GNU General Public License
16 #    along with this program; if not, write to the Free Software
17 #    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
18 
19 import subprocess
20 import mechanize
21 import cookielib
22 import getpass
23 import sys
24 import os
25 import zipfile
26 import urllib
27 import socket
28 import ssl
29 import errno
30 import argparse
31 import atexit
32 import signal
33 import ConfigParser
34 import time
35 import binascii
36 import hmac
37 import hashlib
38 
39 def mkdir_p(path):
40     try:
41         os.mkdir(path)
42     except OSError, exc:
43         if exc.errno == errno.EEXIST and os.path.isdir(path):
44             pass
45         else:
46             raise
47 
48 class Tncc:
49     def __init__(self, vpn_host):
50         self.vpn_host = vpn_host;
51         self.plugin_jar = '/usr/share/icedtea-web/plugin.jar'
52 
53         if not os.path.isfile(self.plugin_jar):
54             raise Exception(self.plugin_jar + ' not found')
55         self.user_agent = 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1'
56 
57     def tncc_init(self):
58         class_names = ('net.juniper.tnc.NARPlatform.linux.LinuxHttpNAR',
59                        'net.juniper.tnc.HttpNAR.HttpNAR')
60         self.class_name = None
61 
62         self.tncc_jar = os.path.expanduser('~/.juniper_networks/tncc.jar')
63         try:
64             if zipfile.ZipFile(self.tncc_jar, 'r').testzip() is not None:
65                 raise Exception()
66         except:
67             print 'Downloading tncc.jar...'
68             mkdir_p(os.path.expanduser('~/.juniper_networks'))
69             urllib.urlretrieve('https://' + self.vpn_host
70                                + '/dana-cached/hc/tncc.jar', self.tncc_jar)
71 
72         with zipfile.ZipFile(self.tncc_jar, 'r') as jar:
73             for name in class_names:
74                 try:
75                     jar.getinfo(name.replace('.', '/') + '.class')
76                     self.class_name = name
77                     break
78                 except:
79                     pass
80 
81         if self.class_name is None:
82             raise Exception('Could not find class name for', self.tncc_jar)
83 
84         self.tncc_preload = \
85             os.path.expanduser('~/.juniper_networks/tncc_preload.so')
86         if not os.path.isfile(self.tncc_preload):
87             raise Exception('Missing', self.tncc_preload)
88 
89     def tncc_start(self):
90         # tncc is the host checker app. It can check different
91         # security policies of the host and report back. We have
92         # to send it a preauth key (from the DSPREAUTH cookie)
93         # and it sends back a new cookie value we submit.
94         # After logging in, we send back another cookie to tncc.
95         # Subsequently, it contacts https://<vpn_host:443 every
96         # 10 minutes.
97 
98         if not self.tncc_jar:
99             self.tncc_init()
100 
101         null = open(os.devnull, 'w')
102 
103         self.tncc_process = subprocess.Popen(['java',
104             '-classpath', self.tncc_jar + ':' + self.plugin_jar,
105             self.class_name,
106             'log_level', '100',
107             'postRetries', '6',
108             'ivehost', self.vpn_host,
109             'home_dir', os.path.expanduser('~'),
110             'Parameter0', '',
111             'user_agent', self.user_agent,
112             ], env={'LD_PRELOAD': self.tncc_preload})
113 
114 
115 
116 if __name__ == "__main__":
117     if len(sys.argv) <= 1:
118         raise Exception("Usage: ...")
119 
120     tncc = Tncc(sys.argv[1])
121     tncc.tncc_init()
122     tncc.tncc_start()