-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathprofile.go
123 lines (106 loc) · 2.98 KB
/
profile.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
package xmlprofile
import (
"encoding/xml"
"fmt"
"os"
"reflect"
"strings"
log "github.com/sirupsen/logrus"
)
var (
// SystemProfile is the file path of the system XML profile
SystemProfile = "/var/lib/oc-daemon/profile.xml"
)
// Profile is an XML Profile
type Profile AnyConnectProfile
// GetAllowedHosts returns the allowed hosts in the XML profile
func (p *Profile) GetAllowedHosts() (hosts []string) {
hs := p.AutomaticVPNPolicy.AlwaysOn.AllowedHosts
for _, h := range strings.Split(hs, ",") {
if h == "" {
continue
}
log.WithField("host", h).Debug("Getting allowed host from Profile")
hosts = append(hosts, h)
}
return
}
// GetVPNServers returns the VPN servers in the XML profile
func (p *Profile) GetVPNServers() (servers []string) {
for _, h := range p.ServerList.HostEntry {
// skip ipsec servers
if strings.HasPrefix(h.PrimaryProtocol.Flag, "IPsec") {
continue
}
// add servers to allowed hosts
for _, s := range append(h.LoadBalancingServerList,
h.HostAddress) {
if s != "" {
log.WithField("server", s).Debug("Getting VPN server from Profile")
servers = append(servers, s)
}
}
}
return
}
// GetVPNServerHostNames returns the VPN server hostnames in the xml profile
func (p *Profile) GetVPNServerHostNames() (servers []string) {
for _, s := range p.ServerList.HostEntry {
if strings.HasPrefix(s.PrimaryProtocol.Flag, "IPsec") {
continue
}
servers = append(servers, s.HostName)
}
return
}
// GetTNDServers returns the TND servers in the XML profile
func (p *Profile) GetTNDServers() (servers []string) {
for _, s := range p.AutomaticVPNPolicy.TrustedHTTPSServerList {
log.WithField("server", s).Debug("Getting TND server from Profile")
servers = append(servers, s.Address)
}
return
}
// GetTNDHTTPSServers gets the TND HTTPS server URLs and their hashes in the XML profile
func (p *Profile) GetTNDHTTPSServers() (servers map[string]string) {
servers = make(map[string]string)
for _, s := range p.AutomaticVPNPolicy.TrustedHTTPSServerList {
url := fmt.Sprintf("https://%s:%s", s.Address, s.Port)
servers[url] = s.CertificateHash
}
return
}
// GetAlwaysOn returns the always on flag in the XML profile
func (p *Profile) GetAlwaysOn() bool {
return p.AutomaticVPNPolicy.AlwaysOn.Flag
}
// Equal returns whether the profile and other are equal
func (p *Profile) Equal(other *Profile) bool {
return reflect.DeepEqual(p, other)
}
// NewProfile returns a new Profile
func NewProfile() *Profile {
return &Profile{}
}
// LoadProfile loads the XML profile from file
func LoadProfile(file string) (*Profile, error) {
// try to read file
b, err := os.ReadFile(file)
if err != nil {
return nil, err
}
// try to parse file contents
p := NewProfile()
if err := xml.Unmarshal(b, p); err != nil {
return nil, err
}
return p, nil
}
// LoadSystemProfile loads the XML profile from the default system location
func LoadSystemProfile() *Profile {
profile, err := LoadProfile(SystemProfile)
if err != nil {
return nil
}
return profile
}