travelmate: update 2.1.2-3

* various vpn optimizations * remove obsololete trm_maxscan option * small fixes for net status and captive portal handling * add an additional login variant to the h-hotels login script * fix the wifibahn login script work again with wifionice hotspots again * update readme Signed-off-by: Dirk Brenken <dev@brenken.org>
2024-02-24 06:58:40 +01:00 · 2024-02-24 06:58:40 +01:00 · 6e4ea63b7e
parent 4d8bb07b73
commit 6e4ea63b7e
6 changed files with 88 additions and 71 deletions
--- a/net/travelmate/Makefile
+++ b/net/travelmate/Makefile
@ -7,7 +7,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=travelmate
 PKG_VERSION:=2.1.2
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 PKG_LICENSE:=GPL-3.0-or-later
 PKG_MAINTAINER:=Dirk Brenken <dev@brenken.org>

--- a/net/travelmate/files/README.md
+++ b/net/travelmate/files/README.md
@ -73,7 +73,6 @@ To avoid these kind of deadlocks, travelmate will set all station interfaces to
 | trm_maxwait        | 30                                 | how long should travelmate wait for a successful wlan uplink connection                               |
 | trm_timeout        | 60                                 | overall retry timeout in seconds                                                                      |
 | trm_maxautoadd     | 5                                  | limit the max. number of automatically added open uplinks. To disable this limitation set it to '0'   |
-| trm_maxscan        | 10                                 | limit nearby scan results to process only the strongest uplinks                                       |
 | trm_captiveurl     | http://detectportal.firefox.com    | pre-configured provider URLs that will be used for connectivity- and captive portal checks            |
 | trm_useragent      | Mozilla/5.0 ...                    | pre-configured user agents that will be used for connectivity- and captive portal checks              |
 | trm_nice           | 0, normal priority                 | change the priority of the travelmate background processing                                           |
@ -107,13 +106,18 @@ To avoid these kind of deadlocks, travelmate will set all station interfaces to


 ## VPN client setup
-Please follow one of the following guides to get a working vpn client setup on your travel router:
+Please read one of the following guides to get a working vpn client setup on your travel router:

 * [Wireguard client setup guide](https://openwrt.org/docs/guide-user/services/vpn/wireguard/client)
-* [OpenVPN client setup guide](https://openwrt.org/docs/guide-user/services/vpn/openvpn/client)
+* [OpenVPN client setup guide](https://openwrt.org/docs/guide-user/services/vpn/openvpn/client-luci)

 **Please note:** Make sure to uncheck the "Bring up on boot" option during vpn interface setup, so that netifd doesn't interfere with travelmate.  
-Once your vpn client connection is running, you can reference to that setup in travelmate to handle VPN (re-) connections automatically.
+Also please prevent potential vpn protocol autostarts, e.g. add in newer openvpn uci configs an additional 'globals' section:  
+<pre><code>
+config globals 'globals'
+        option autostart '0'
+</code></pre>
+Once your vpn client connection setup is correct, you can reference to that config in travelmate to handle VPN (re-) connections automatically.

 ## E-Mail setup
 To use E-Mail notifications you have to setup the package 'msmtp'.  
--- a/net/travelmate/files/h-hotels.login
+++ b/net/travelmate/files/h-hotels.login
@ -1,31 +1,39 @@
 #!/bin/sh
-# captive portal auto-login script for Telekom hotspots in h+hotels (DE)
-# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org)
+# captive portal auto-login script for hotspots in h+hotels (DE)
+# Copyright (c) 2020-2024 Dirk Brenken (dev@brenken.org)
 # This is free software, licensed under the GNU General Public License v3.

 # set (s)hellcheck exceptions
-# shellcheck disable=1091,2181,3040
+# shellcheck disable=all

 . "/lib/functions.sh"

 export LC_ALL=C
 export PATH="/usr/sbin:/usr/bin:/sbin:/bin"

-trm_domain="hotspot.t-mobile.net"
+trm_domain="hotspot.netcontrol365.com"
+if ! nslookup "${trm_domain}" >/dev/null 2>&1; then
+	trm_domain="hotspot.t-mobile.net"
+	if ! nslookup "${trm_domain}" >/dev/null 2>&1; then
+		exit 1
+	fi
+fi
+
 trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")"
 trm_maxwait="$(uci_get travelmate global trm_maxwait "30")"
 trm_fetch="$(command -v curl)"

-# get security tokens
-#
-"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait / 6)) --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin"
-ses_id="$(awk '/JSESSIONID/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)"
-sec_id="$(awk '/DT_H/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)"
-dev_id="$(sha256sum /etc/config/wireless 2>/dev/null | awk '{printf "%s",substr($1,1,13)}' 2>/dev/null)"
-rm -f "/tmp/${trm_domain}.cookie"
-{ [ -z "${ses_id}" ] || [ -z "${sec_id}" ] || [ -z "${dev_id}" ]; } && exit 1
+if [ "${trm_domain}" = "hotspot.netcontrol365.com" ]; then
+	raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --connect-timeout $((trm_maxwait / 6)) --silent --show-error --header "Content-Type:application/x-www-form-urlencoded" --data "dst=&popup=false&username=hhotel&accept=on&login=" --output /dev/null "http://${trm_domain}/login")"
+	[ -z "${raw_html}" ] && exit 0 || exit 255
+else
+	"${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --silent --connect-timeout $((trm_maxwait / 6)) --cookie-jar "/tmp/${trm_domain}.cookie" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin"
+	ses_id="$(awk '/JSESSIONID/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)"
+	sec_id="$(awk '/DT_H/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)"
+	dev_id="$(sha256sum /etc/config/wireless 2>/dev/null | awk '{printf "%s",substr($1,1,13)}' 2>/dev/null)"
+	rm -f "/tmp/${trm_domain}.cookie"
+	{ [ -z "${ses_id}" ] || [ -z "${sec_id}" ] || [ -z "${dev_id}" ]; } && exit 2

-# final post request
-#
-"${trm_fetch}" --user-agent "${trm_useragent}" --referer "https://${trm_domain}/TD/hotspot/H_Hotels/en_GB/index.html" --silent --connect-timeout $((trm_maxwait / 6)) --header "Cookie: JSESSIONID=${ses_id}; DT_DEV_ID=${dev_id}; DT_H=${sec_id}" --data "rememberMe=true" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin"
-[ "${?}" = "0" ] && exit 0 || exit 255
+	"${trm_fetch}" --user-agent "${trm_useragent}" --referer "https://${trm_domain}/TD/hotspot/H_Hotels/en_GB/index.html" --silent --connect-timeout $((trm_maxwait / 6)) --header "Cookie: JSESSIONID=${ses_id}; DT_DEV_ID=${dev_id}; DT_H=${sec_id}" --data "rememberMe=true" --output /dev/null "https://${trm_domain}/wlan/rest/freeLogin"
+	[ "${?}" = "0" ] && exit 0 || exit 255
+fi
--- a/net/travelmate/files/travelmate.sh
+++ b/net/travelmate/files/travelmate.sh
@ -25,7 +25,6 @@ trm_minquality="35"
 trm_maxretry="3"
 trm_maxwait="30"
 trm_maxautoadd="5"
-trm_maxscan="10"
 trm_timeout="60"
 trm_radio=""
 trm_connection=""
@ -206,44 +205,57 @@ f_vpn() {
 		if [ ! -f "${trm_vpnfile}" ] || { [ -f "${trm_vpnfile}" ] && [ "${vpn_action}" = "enable" ]; }; then
 			for info in ${trm_vpninfolist}; do
 				iface="${info%%&&*}"
-				[ "${iface}" = "${info}" ] && vpn_instance="" || vpn_instance="${info##*&&}"
+				if [ "${iface}" = "${info}" ]; then
+					vpn_instance=""
+				else
+					vpn_instance="${info##*&&}"
+				fi
 				vpn_status="$(ifstatus "${iface}" | "${trm_jsoncmd}" -ql1 -e '@.up')"
 				if [ "${vpn_status}" = "true" ]; then
 					/sbin/ifdown "${iface}"
 					"${trm_ubuscmd}" -S call network.interface."${iface}" remove >/dev/null 2>&1
-					if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then
-						/etc/init.d/openvpn stop "${vpn_instance}"
-					fi
 					f_log "info" "take down vpn interface '${iface}/${vpn_instance:-"-"}' (initial)"
 				fi
+				if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then
+					/etc/init.d/openvpn stop "${vpn_instance}"
+					f_log "info" "take down openvpn instance '${vpn_instance:-"-"}' (initial)"
+				fi
 			done
 			rm -f "${trm_vpnfile}"
 		elif [ "${vpn}" = "1" ] && [ -n "${vpn_iface}" ] && [ "${vpn_action}" = "enable_keep" ]; then
 			for info in ${trm_vpninfolist}; do
 				iface="${info%%&&*}"
-				[ "${iface}" = "${info}" ] && vpn_instance="" || vpn_instance="${info##*&&}" 
+				if [ "${iface}" = "${info}" ]; then
+					vpn_instance=""
+				else
+					vpn_instance="${info##*&&}"
+				fi
 				vpn_status="$(ifstatus "${iface}" | "${trm_jsoncmd}" -ql1 -e '@.up')"
 				if [ "${vpn_status}" = "true" ] && [ "${iface}" != "${vpn_iface}" ]; then
-					ifdown "${iface}"
-					if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then
-						/etc/init.d/openvpn stop "${vpn_instance}"
-					fi
+					/sbin/ifdown "${iface}"
 					f_log "info" "take down vpn interface '${iface}/${vpn_instance:-"-"}' (switch)"
-					rm -f "${trm_vpnfile}"
-					break
 				fi
+				if [ -x "/etc/init.d/openvpn" ] && [ -n "${vpn_instance}" ] && /etc/init.d/openvpn running "${vpn_instance}"; then
+					/etc/init.d/openvpn stop "${vpn_instance}"
+					f_log "info" "take down openvpn instance '${vpn_instance:-"-"}' (switch)"
+				fi
+				rm -f "${trm_vpnfile}"
+				break
 			done
 		fi
 		if [ -x "${trm_vpnpgm}" ] && [ -n "${vpn_service}" ] && [ -n "${vpn_iface}" ]; then
 			if { [ "${vpn_action}" = "disable" ] && [ -f "${trm_vpnfile}" ]; } ||
-				{ [ -s "${trm_ntpfile}" ] && { [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ ! -f "${trm_vpnfile}" ]; } ||
-				{ [ "${vpn}" != "1" ] && [ "${vpn_action%_*}" = "enable" ] && [ -f "${trm_vpnfile}" ]; }; }; then
-					result="$(f_net)"
-					if [ "${result}" = "net ok" ] || [ "${vpn_action}" = "disable" ]; then
+				{ [ -s "${trm_ntpfile}" ] && { [ "${vpn}" = "1" ] && [ "${vpn_action%%_*}" = "enable" ] && [ ! -f "${trm_vpnfile}" ]; } ||
+				{ [ "${vpn}" != "1" ] && [ "${vpn_action%%_*}" = "enable" ] && [ -f "${trm_vpnfile}" ]; }; }; then
+					if [ "${trm_connection%%/*}" = "net ok" ] || [ "${vpn_action}" = "disable" ]; then
 						for info in ${trm_vpninfolist}; do
 							iface="${info%%&&*}"
 							if [ "${iface}" = "${vpn_iface}" ]; then 
-								[ "${iface}" = "${info}" ] && vpn_instance="" || vpn_instance="${info##*&&}" 
+								if [ "${iface}" = "${info}" ]; then
+									vpn_instance=""
+								else
+									vpn_instance="${info##*&&}"
+								fi
 								break
 							fi
 						done
@ -425,7 +437,7 @@ f_getgw() {
 	network_get_gateway wan4_gw "${wan4_if}"
 	network_get_gateway6 wan6_gw "${wan6_if}"
 	if [ -n "${wan4_gw}" ] || [ -n "${wan6_gw}" ]; then
-		result="${wan4_gw} ${wan6_gw}"
+		result="true"
 	fi
 	printf "%s" "${result}"
 	f_log "debug" "f_getgw   ::: wan4_gw: ${wan4_gw:-"-"}, wan6_gw: ${wan6_gw:-"-"}, result: ${result:-"-"}"
@ -636,15 +648,11 @@ f_net() {
 				if [ -n "${json_ed}" ] && [ "${json_ed}" != "${trm_captiveurl#http*://*}" ]; then
 					result="net cp '${json_ed}'"
 				fi
-			elif [ "${json_ec}" = "28" ]; then
-				if [ -n "$(f_getgw)" ]; then
-					result="net ok"
-				fi
 			fi
 		fi
 	fi
 	printf "%s" "${result}"
-	f_log "debug" "f_net     ::: fetch: ${trm_fetch}, timeout: $((trm_maxwait / 6)), cp (json/html/js): ${json_cp:-"-"}/${html_cp:-"-"}/${js_cp:-"-"}, result: ${result}, error (rc/msg): ${json_ec}/${err_msg:-"-"}, url: ${trm_captiveurl}, user_agent: ${trm_useragent}"
+	f_log "debug" "f_net     ::: fetch: ${trm_fetch}, timeout: $((trm_maxwait / 6)), cp (json/html/js): ${json_cp:-"-"}/${html_cp:-"-"}/${js_cp:-"-"}, result: ${result}, error (rc/msg): ${json_ec}/${err_msg:-"-"}, url: ${trm_captiveurl}"
 }

 # check interface status
@ -729,17 +737,9 @@ f_check() {
 										login_script_args="$(f_getval "script_args")"
 										"${login_script}" ${login_script_args} >/dev/null 2>&1
 										rc="${?}"
-										if [ "${rc}" = "255" ]; then
-											f_log "info" "captive portal login script for '${cp_domain}' failed with rc '${rc}'"
-											unset trm_connection
-											trm_ifstatus="${status}"
-											f_jsnup
-											break
-										else
-											f_log "info" "captive portal login script for '${cp_domain}' has been finished  with rc '${rc}'"
-											if [ "${rc}" = "0" ]; then
-												result="$(f_net)"
-											fi
+										f_log "info" "captive portal login script for '${cp_domain}' has been finished  with rc '${rc}'"
+										if [ "${rc}" = "0" ]; then
+											result="$(f_net)"
 										fi
 									fi
 								fi
@ -938,8 +938,8 @@ f_main() {
 					scan_list="$("${trm_iwinfo}" "${scan_dev:-${radio}}" scan 2>/dev/null |
 						awk 'BEGIN{FS="[[:space:]]"}/Address:/{var1=$NF}/ESSID:/{var2="";for(i=12;i<=NF;i++)if(var2==""){var2=$i}else{var2=var2" "$i}}
 						/Quality:/{split($NF,var0,"/")}/Encryption:/{if($NF=="none"){var3="+"}else{var3="-"};
-						printf "%i %s %s %s\n",(var0[1]*100/var0[2]),var3,var1,var2}' | sort -rn | head -qn "${trm_maxscan}")"
-					f_log "debug" "f_main-6  ::: radio: ${radio}, scan_device: ${scan_dev}, scan_max: ${trm_maxscan}"
+						printf "%i %s %s %s\n",(var0[1]*100/var0[2]),var3,var1,var2}' | sort -rn)"
+					f_log "debug" "f_main-6  ::: radio: ${radio}, scan_device: ${scan_dev}, scan_cnt: $(printf "%s" "${scan_list}" | grep -c "^")"
 					if [ -z "${scan_list}" ]; then
 						f_log "info" "no scan results on '${radio}'"
 						continue 2
@ -951,7 +951,9 @@ f_main() {
 				while read -r scan_quality scan_open scan_bssid scan_essid; do
 					if [ -n "${scan_quality}" ] && [ -n "${scan_open}" ] && [ -n "${scan_bssid}" ] && [ -n "${scan_essid}" ]; then
 						f_log "debug" "f_main-7  ::: radio(sta/scan): ${sta_radio}/${radio}, essid(sta/scan): \"${sta_essid}\"/${scan_essid}, bssid(sta/scan): ${sta_bssid}/${scan_bssid}, quality(min/scan): ${trm_minquality}/${scan_quality}, open: ${scan_open}"
-						if [ "${scan_quality}" -ge "${trm_minquality}" ]; then
+						if [ "${scan_quality}" -lt "${trm_minquality}" ]; then
+							continue 3
+						elif [ "${scan_quality}" -ge "${trm_minquality}" ]; then
 							if [ "${trm_autoadd}" = "1" ] && [ "${scan_open}" = "+" ] && [ "${scan_essid}" != "unknown" ]; then
 								open_essid="${scan_essid%?}"
 								open_essid="${open_essid:1}"
@ -997,7 +999,7 @@ f_main() {
 										if [ "${retrycnt}" = "${trm_maxretry}" ]; then
 											f_ctrack "disabled"
 											f_log "info" "uplink has been disabled '${sta_radio}/${sta_essid}/${sta_bssid:-"-"}' (${retrycnt}/${trm_maxretry})"
-											break 2
+											continue 2
 										else
 											f_jsnup
 											f_log "info" "can't connect to uplink '${sta_radio}/${sta_essid}/${sta_bssid:-"-"}' (${retrycnt}/${trm_maxretry})"
--- a/net/travelmate/files/travelmate.vpn
+++ b/net/travelmate/files/travelmate.vpn
@ -45,9 +45,9 @@ if [ "${vpn}" = "1" ] && [ "${vpn_action%_*}" = "enable" ]; then
 		if [ "${vpn_status}" != "true" ]; then
 			/sbin/ifdown "${vpn_iface}"
 			"${trm_ubuscmd}" -S call network.interface."${vpn_iface}" remove >/dev/null 2>&1
-			if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn running "${vpn_instance}"; then
-				/etc/init.d/openvpn stop "${vpn_instance}"
-			fi
+		fi
+		if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && /etc/init.d/openvpn running "${vpn_instance}"; then
+			/etc/init.d/openvpn stop "${vpn_instance}"
 			sleep 1
 		fi
 		if [ "${vpn_service}" = "openvpn" ] && [ -n "${vpn_instance}" ] && [ -x "/etc/init.d/openvpn" ] && ! /etc/init.d/openvpn running "${vpn_instance}"; then
--- a/net/travelmate/files/wifibahn.login
+++ b/net/travelmate/files/wifibahn.login
@ -1,10 +1,10 @@
 #!/bin/sh
-# captive portal auto-login script for bahn hotspots (DE)
-# Copyright (c) 2020-2022 Dirk Brenken (dev@brenken.org)
+# captive portal auto-login script for bahn/ICE hotspots (DE)
+# Copyright (c) 2020-2024 Dirk Brenken (dev@brenken.org)
 # This is free software, licensed under the GNU General Public License v3.

 # set (s)hellcheck exceptions
-# shellcheck disable=1091,3040
+# shellcheck disable=all

 . "/lib/functions.sh"

@ -12,6 +12,13 @@ export LC_ALL=C
 export PATH="/usr/sbin:/usr/bin:/sbin:/bin"

 trm_domain="wifi.bahn.de"
+if ! nslookup "${trm_domain}" >/dev/null 2>&1; then
+	trm_domain="login.wifionice.de"
+	if ! nslookup "${trm_domain}" >/dev/null 2>&1; then
+		exit 1
+	fi
+fi
+
 trm_useragent="$(uci_get travelmate global trm_useragent "Mozilla/5.0 (Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0")"
 trm_maxwait="$(uci_get travelmate global trm_maxwait "30")"
 trm_fetch="$(command -v curl)"
@ -21,13 +28,9 @@ trm_fetch="$(command -v curl)"
 "${trm_fetch}" --user-agent "${trm_useragent}" --referer "http://www.example.com" --connect-timeout $((trm_maxwait / 6)) --cookie-jar "/tmp/${trm_domain}.cookie" --silent --show-error --output /dev/null "https://${trm_domain}/en/"
 sec_token="$(awk '/csrf/{print $7}' "/tmp/${trm_domain}.cookie" 2>/dev/null)"
 rm -f "/tmp/${trm_domain}.cookie"
-[ -z "${sec_token}" ] && exit 1
+[ -z "${sec_token}" ] && exit 2

 # final post request
 #
-if [ -z "$redirect_url" ]; then
-	raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --connect-timeout $((trm_maxwait / 6)) --header "Cookie: csrf=${sec_token}" --data "login=true&CSRFToken=${sec_token}" --silent --show-error "https://${trm_domain}/en/")"
-else
-	raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --connect-timeout $((trm_maxwait / 6)) --header "Cookie: PHPSESSID=${sec_token}" --data "login=true&PHPSESSID=${sec_token}" --silent --show-error "${redirect_url}")"
-fi
+raw_html="$("${trm_fetch}" --user-agent "${trm_useragent}" --connect-timeout $((trm_maxwait / 6)) --header "Cookie: csrf=${sec_token}" --data "login=true&CSRFToken=${sec_token}" --silent --show-error "https://${trm_domain}/en/")"
 [ -z "${raw_html}" ] && exit 0 || exit 255