From e5c557be008cf8c644dc3afde7a8139bb6b4cba5 Mon Sep 17 00:00:00 2001 From: Dirk Brenken Date: Sat, 24 Feb 2024 06:58:40 +0100 Subject: [PATCH] travelmate: update 2.1.2-3 * various vpn optimizations * remove obsololete trm_maxscan option * small fixes for net status and captive portal handling * add an additional login variant to the h-hotels login script * fix the wifibahn login script work again with wifionice hotspots again * update readme Signed-off-by: Dirk Brenken (cherry picked from commit 6e4ea63b7e701298807babecfc8d319327d6a4ad) --- net/travelmate/Makefile | 2 +- net/travelmate/files/README.md | 12 +++-- net/travelmate/files/h-hotels.login | 40 +++++++++------ net/travelmate/files/travelmate.sh | 78 +++++++++++++++-------------- net/travelmate/files/travelmate.vpn | 6 +-- net/travelmate/files/wifibahn.login | 21 ++++---- 6 files changed, 88 insertions(+), 71 deletions(-) diff --git a/net/travelmate/Makefile b/net/travelmate/Makefile index 7ade58aab6..c39b6ffb2f 100644 --- a/net/travelmate/Makefile +++ b/net/travelmate/Makefile @@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=travelmate PKG_VERSION:=2.1.2 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_LICENSE:=GPL-3.0-or-later PKG_MAINTAINER:=Dirk Brenken diff --git a/net/travelmate/files/README.md b/net/travelmate/files/README.md index 5b794cd55d..1b1f065a5d 100644 --- a/net/travelmate/files/README.md +++ b/net/travelmate/files/README.md @@ -73,7 +73,6 @@ To avoid these kind of deadlocks, travelmate will set all station interfaces to | trm_maxwait | 30 | how long should travelmate wait for a successful wlan uplink connection | | trm_timeout | 60 | overall retry timeout in seconds | | trm_maxautoadd | 5 | limit the max. number of automatically added open uplinks. To disable this limitation set it to '0' | -| trm_maxscan | 10 | limit nearby scan results to process only the strongest uplinks | | trm_captiveurl | http://detectportal.firefox.com | pre-configured provider URLs that will be used for connectivity- and captive portal checks | | trm_useragent | Mozilla/5.0 ... | pre-configured user agents that will be used for connectivity- and captive portal checks | | trm_nice | 0, normal priority | change the priority of the travelmate background processing | @@ -107,13 +106,18 @@ To avoid these kind of deadlocks, travelmate will set all station interfaces to ## VPN client setup -Please follow one of the following guides to get a working vpn client setup on your travel router: +Please read one of the following guides to get a working vpn client setup on your travel router: * [Wireguard client setup guide](https://openwrt.org/docs/guide-user/services/vpn/wireguard/client) -* [OpenVPN client setup guide](https://openwrt.org/docs/guide-user/services/vpn/openvpn/client) +* [OpenVPN client setup guide](https://openwrt.org/docs/guide-user/services/vpn/openvpn/client-luci) **Please note:** Make sure to uncheck the "Bring up on boot" option during vpn interface setup, so that netifd doesn't interfere with travelmate. -Once your vpn client connection is running, you can reference to that setup in travelmate to handle VPN (re-) connections automatically. +Also please prevent potential vpn protocol autostarts, e.g. add in newer openvpn uci configs an additional 'globals' section: +

+config globals 'globals'
+        option autostart '0'
+
+Once your vpn client connection setup is correct, you can reference to that config in travelmate to handle VPN (re-) connections automatically. ## E-Mail setup To use E-Mail notifications you have to setup the package 'msmtp'. diff --git a/net/travelmate/files/h-hotels.login b/net/travelmate/files/h-hotels.login index ddbaeddb96..6cbc1734ec 100755 --- a/net/travelmate/files/h-hotels.login +++ b/net/travelmate/files/h-hotels.login @@ -1,31 +1,39 @@ #!/bin/sh -# captive portal auto-login script for Telekom hotspots in h+hotels (DE) -# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org) +# captive portal auto-login script for hotspots in h+hotels (DE) +# Copyright (c) 2020-2024 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,2181,3040 +# shellcheck disable=all . "/lib/functions.sh" export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" -trm_domain="hotspot.t-mobile.net" +trm_domain="hotspot.netcontrol365.com" +if ! nslookup "${trm_domain}" >/dev/null 2>&1; then + trm_domain="hotspot.t-mobile.net" + if ! nslookup "${trm_domain}" >/dev/null 2>&1; then + exit 1 + fi +fi + trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" trm_fetch="$(command -v curl)" -# get security tokens -# -"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait / 6)) --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin" -ses_id="$(awk '/JSESSIONID/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" -sec_id="$(awk '/DT_H/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" -dev_id="$(sha256sum /etc/config/wireless 2>/dev/null | awk '{printf "%s",substr($1,1,13)}' 2>/dev/null)" -rm -f "/tmp/${trm_domain}.cookie" -{ [ -z "${ses_id}" ] || [ -z "${sec_id}" ] || [ -z "${dev_id}" ]; } && exit 1 +if [ "${trm_domain}" = "hotspot.netcontrol365.com" ]; then + raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --connect-timeout $((trm_maxwait / 6)) --silent --show-error --header "Content-Type:application/x-www-form-urlencoded" --data "dst=&popup=false&username=hhotel&accept=on&login=" --output /dev/null "http://${trm_domain}/login")" + [ -z "${raw_html}" ] && exit 0 || exit 255 +else + "${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait / 6)) --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin" + ses_id="$(awk '/JSESSIONID/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" + sec_id="$(awk '/DT_H/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" + dev_id="$(sha256sum /etc/config/wireless 2>/dev/null | awk '{printf "%s",substr($1,1,13)}' 2>/dev/null)" + rm -f "/tmp/${trm_domain}.cookie" + { [ -z "${ses_id}" ] || [ -z "${sec_id}" ] || [ -z "${dev_id}" ]; } && exit 2 -# final post request -# -"${trm_fetch}" --user-agent "${trm_useragent}" --referer "https://${trm_domain}/TD/hotspot/H_Hotels/en_GB/index.html" --silent --connect-timeout $((trm_maxwait / 6)) --header "Cookie: JSESSIONID=${ses_id}; DT_DEV_ID=${dev_id}; DT_H=${sec_id}" --data "rememberMe=true" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin" -[ "${?}" = "0" ] && exit 0 || exit 255 + "${trm_fetch}" --user-agent "${trm_useragent}" --referer "https://${trm_domain}/TD/hotspot/H_Hotels/en_GB/index.html" --silent --connect-timeout $((trm_maxwait / 6)) --header "Cookie: JSESSIONID=${ses_id}; DT_DEV_ID=${dev_id}; DT_H=${sec_id}" --data "rememberMe=true" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin" + [ "${?}" = "0" ] && exit 0 || exit 255 +fi diff --git a/net/travelmate/files/travelmate.sh b/net/travelmate/files/travelmate.sh index 0af2e4ac6b..dfa4b86584 100755 --- a/net/travelmate/files/travelmate.sh +++ b/net/travelmate/files/travelmate.sh @@ -25,7 +25,6 @@ trm_minquality="35" trm_maxretry="3" trm_maxwait="30" trm_maxautoadd="5" -trm_maxscan="10" trm_timeout="60" trm_radio="" trm_connection="" @@ -206,44 +205,57 @@ f_vpn() { if [ ! -f "${trm_vpnfile}" ] || { [ -f "${trm_vpnfile}" ] && [ "${vpn_action}" = "enable" ]; }; then for info in ${trm_vpninfolist}; do iface="${info%%&&*}" - [ "${iface}" = "${info}" ] && vpn_instance="" || vpn_instance="${info##*&&}" + if [ "${iface}" = "${info}" ]; then + vpn_instance="" + else + vpn_instance="${info##*&&}" + fi vpn_status="$(ifstatus "${iface}" | "${trm_jsoncmd}" -ql1 -e '@.up')" if [ "${vpn_status}" = "true" ]; then /sbin/ifdown "${iface}" "${trm_ubuscmd}" -S call network.interface."${iface}" remove >/dev/null 2>&1 - if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then - /etc/init.d/openvpn stop "${vpn_instance}" - fi f_log "info" "take down vpn interface '${iface}/${vpn_instance:-"-"}' (initial)" fi + if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then + /etc/init.d/openvpn stop "${vpn_instance}" + f_log "info" "take down openvpn instance '${vpn_instance:-"-"}' (initial)" + fi done rm -f "${trm_vpnfile}" elif [ "${vpn}" = "1" ] && [ -n "${vpn_iface}" ] && [ "${vpn_action}" = "enable_keep" ]; then for info in ${trm_vpninfolist}; do iface="${info%%&&*}" - [ "${iface}" = "${info}" ] && vpn_instance="" || vpn_instance="${info##*&&}" + if [ "${iface}" = "${info}" ]; then + vpn_instance="" + else + vpn_instance="${info##*&&}" + fi vpn_status="$(ifstatus "${iface}" | "${trm_jsoncmd}" -ql1 -e '@.up')" if [ "${vpn_status}" = "true" ] && [ "${iface}" != "${vpn_iface}" ]; then - ifdown "${iface}" - if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then - /etc/init.d/openvpn stop "${vpn_instance}" - fi + /sbin/ifdown "${iface}" f_log "info" "take down vpn interface '${iface}/${vpn_instance:-"-"}' (switch)" - rm -f "${trm_vpnfile}" - break fi + if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then + /etc/init.d/openvpn stop "${vpn_instance}" + f_log "info" "take down openvpn instance '${vpn_instance:-"-"}' (switch)" + fi + rm -f "${trm_vpnfile}" + break done fi if [ -x "${trm_vpnpgm}" ] && [ -n "${vpn_service}" ] && [ -n "${vpn_iface}" ]; then if { [ "${vpn_action}" = "disable" ] && [ -f "${trm_vpnfile}" ]; } || - { [ -s "${trm_ntpfile}" ] && { [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ ! -f "${trm_vpnfile}" ]; } || - { [ "${vpn}" != "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ -f "${trm_vpnfile}" ]; }; }; then - result="$(f_net)" - if [ "${result}" = "net ok" ] || [ "${vpn_action}" = "disable" ]; then + { [ -s "${trm_ntpfile}" ] && { [ "${vpn}" = "1" ] && [ "${vpn_action%%_*}" = "enable" ] && [ ! -f "${trm_vpnfile}" ]; } || + { [ "${vpn}" != "1" ] && [ "${vpn_action%%_*}" = "enable" ] && [ -f "${trm_vpnfile}" ]; }; }; then + if [ "${trm_connection%%/*}" = "net ok" ] || [ "${vpn_action}" = "disable" ]; then for info in ${trm_vpninfolist}; do iface="${info%%&&*}" if [ "${iface}" = "${vpn_iface}" ]; then - [ "${iface}" = "${info}" ] && vpn_instance="" || vpn_instance="${info##*&&}" + if [ "${iface}" = "${info}" ]; then + vpn_instance="" + else + vpn_instance="${info##*&&}" + fi break fi done @@ -425,7 +437,7 @@ f_getgw() { network_get_gateway wan4_gw "${wan4_if}" network_get_gateway6 wan6_gw "${wan6_if}" if [ -n "${wan4_gw}" ] || [ -n "${wan6_gw}" ]; then - result="${wan4_gw} ${wan6_gw}" + result="true" fi printf "%s" "${result}" f_log "debug" "f_getgw ::: wan4_gw: ${wan4_gw:-"-"}, wan6_gw: ${wan6_gw:-"-"}, result: ${result:-"-"}" @@ -636,15 +648,11 @@ f_net() { if [ -n "${json_ed}" ] && [ "${json_ed}" != "${trm_captiveurl#http*://*}" ]; then result="net cp '${json_ed}'" fi - elif [ "${json_ec}" = "28" ]; then - if [ -n "$(f_getgw)" ]; then - result="net ok" - fi fi fi fi printf "%s" "${result}" - f_log "debug" "f_net ::: fetch: ${trm_fetch}, timeout: $((trm_maxwait / 6)), cp (json/html/js): ${json_cp:-"-"}/${html_cp:-"-"}/${js_cp:-"-"}, result: ${result}, error (rc/msg): ${json_ec}/${err_msg:-"-"}, url: ${trm_captiveurl}, user_agent: ${trm_useragent}" + f_log "debug" "f_net ::: fetch: ${trm_fetch}, timeout: $((trm_maxwait / 6)), cp (json/html/js): ${json_cp:-"-"}/${html_cp:-"-"}/${js_cp:-"-"}, result: ${result}, error (rc/msg): ${json_ec}/${err_msg:-"-"}, url: ${trm_captiveurl}" } # check interface status @@ -729,17 +737,9 @@ f_check() { login_script_args="$(f_getval "script_args")" "${login_script}" ${login_script_args} >/dev/null 2>&1 rc="${?}" - if [ "${rc}" = "255" ]; then - f_log "info" "captive portal login script for '${cp_domain}' failed with rc '${rc}'" - unset trm_connection - trm_ifstatus="${status}" - f_jsnup - break - else - f_log "info" "captive portal login script for '${cp_domain}' has been finished with rc '${rc}'" - if [ "${rc}" = "0" ]; then - result="$(f_net)" - fi + f_log "info" "captive portal login script for '${cp_domain}' has been finished with rc '${rc}'" + if [ "${rc}" = "0" ]; then + result="$(f_net)" fi fi fi @@ -938,8 +938,8 @@ f_main() { scan_list="$("${trm_iwinfo}" "${scan_dev:-${radio}}" scan 2>/dev/null | awk 'BEGIN{FS="[[:space:]]"}/Address:/{var1=$NF}/ESSID:/{var2="";for(i=12;i<=NF;i++)if(var2==""){var2=$i}else{var2=var2" "$i}} /Quality:/{split($NF,var0,"/")}/Encryption:/{if($NF=="none"){var3="+"}else{var3="-"}; - printf "%i %s %s %s\n",(var0[1]*100/var0[2]),var3,var1,var2}' | sort -rn | head -qn "${trm_maxscan}")" - f_log "debug" "f_main-6 ::: radio: ${radio}, scan_device: ${scan_dev}, scan_max: ${trm_maxscan}" + printf "%i %s %s %s\n",(var0[1]*100/var0[2]),var3,var1,var2}' | sort -rn)" + f_log "debug" "f_main-6 ::: radio: ${radio}, scan_device: ${scan_dev}, scan_cnt: $(printf "%s" "${scan_list}" | grep -c "^")" if [ -z "${scan_list}" ]; then f_log "info" "no scan results on '${radio}'" continue 2 @@ -951,7 +951,9 @@ f_main() { while read -r scan_quality scan_open scan_bssid scan_essid; do if [ -n "${scan_quality}" ] && [ -n "${scan_open}" ] && [ -n "${scan_bssid}" ] && [ -n "${scan_essid}" ]; then f_log "debug" "f_main-7 ::: radio(sta/scan): ${sta_radio}/${radio}, essid(sta/scan): \"${sta_essid}\"/${scan_essid}, bssid(sta/scan): ${sta_bssid}/${scan_bssid}, quality(min/scan): ${trm_minquality}/${scan_quality}, open: ${scan_open}" - if [ "${scan_quality}" -ge "${trm_minquality}" ]; then + if [ "${scan_quality}" -lt "${trm_minquality}" ]; then + continue 3 + elif [ "${scan_quality}" -ge "${trm_minquality}" ]; then if [ "${trm_autoadd}" = "1" ] && [ "${scan_open}" = "+" ] && [ "${scan_essid}" != "unknown" ]; then open_essid="${scan_essid%?}" open_essid="${open_essid:1}" @@ -997,7 +999,7 @@ f_main() { if [ "${retrycnt}" = "${trm_maxretry}" ]; then f_ctrack "disabled" f_log "info" "uplink has been disabled '${sta_radio}/${sta_essid}/${sta_bssid:-"-"}' (${retrycnt}/${trm_maxretry})" - break 2 + continue 2 else f_jsnup f_log "info" "can't connect to uplink '${sta_radio}/${sta_essid}/${sta_bssid:-"-"}' (${retrycnt}/${trm_maxretry})" diff --git a/net/travelmate/files/travelmate.vpn b/net/travelmate/files/travelmate.vpn index ece79c4dd9..77c94634cd 100755 --- a/net/travelmate/files/travelmate.vpn +++ b/net/travelmate/files/travelmate.vpn @@ -45,9 +45,9 @@ if [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ]; then if [ "${vpn_status}" != "true" ]; then /sbin/ifdown "${vpn_iface}" "${trm_ubuscmd}" -S call network.interface."${vpn_iface}" remove >/dev/null 2>&1 - if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn running "${vpn_instance}"; then - /etc/init.d/openvpn stop "${vpn_instance}" - fi + fi + if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn running "${vpn_instance}"; then + /etc/init.d/openvpn stop "${vpn_instance}" sleep 1 fi if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && ! /etc/init.d/openvpn running "${vpn_instance}"; then diff --git a/net/travelmate/files/wifibahn.login b/net/travelmate/files/wifibahn.login index a2ce8f30ce..422c769227 100755 --- a/net/travelmate/files/wifibahn.login +++ b/net/travelmate/files/wifibahn.login @@ -1,10 +1,10 @@ #!/bin/sh -# captive portal auto-login script for bahn hotspots (DE) -# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org) +# captive portal auto-login script for bahn/ICE hotspots (DE) +# Copyright (c) 2020-2024 Dirk Brenken (dev@brenken.org) # This is free software, licensed under the GNU General Public License v3. # set (s)hellcheck exceptions -# shellcheck disable=1091,3040 +# shellcheck disable=all . "/lib/functions.sh" @@ -12,6 +12,13 @@ export LC_ALL=C export PATH="/usr/sbin:/usr/bin:/sbin:/bin" trm_domain="wifi.bahn.de" +if ! nslookup "${trm_domain}" >/dev/null 2>&1; then + trm_domain="login.wifionice.de" + if ! nslookup "${trm_domain}" >/dev/null 2>&1; then + exit 1 + fi +fi + trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")" trm_maxwait="$(uci_get travelmate global trm_maxwait "30")" trm_fetch="$(command -v curl)" @@ -21,13 +28,9 @@ trm_fetch="$(command -v curl)" "${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --connect-timeout $((trm_maxwait / 6)) --cookie-jar "/tmp/${trm_domain}.cookie" --silent --show-error --output /dev/null "https://${trm_domain}/en/" sec_token="$(awk '/csrf/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)" rm -f "/tmp/${trm_domain}.cookie" -[ -z "${sec_token}" ] && exit 1 +[ -z "${sec_token}" ] && exit 2 # final post request # -if [ -z "$redirect_url" ]; then - raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --connect-timeout $((trm_maxwait / 6)) --header "Cookie: csrf=${sec_token}" --data "login=true&CSRFToken=${sec_token}" --silent --show-error "https://${trm_domain}/en/")" -else - raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --connect-timeout $((trm_maxwait / 6)) --header "Cookie: PHPSESSID=${sec_token}" --data "login=true&PHPSESSID=${sec_token}" --silent --show-error "${redirect_url}")" -fi +raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --connect-timeout $((trm_maxwait / 6)) --header "Cookie: csrf=${sec_token}" --data "login=true&CSRFToken=${sec_token}" --silent --show-error "https://${trm_domain}/en/")" [ -z "${raw_html}" ] && exit 0 || exit 255 -- 2.30.2