1 #!/bin/sh /etc/rc.common
2 # Copyright (C) 2008-2013 OpenWrt.org
3 # Copyright (C) 2008 Jo-Philipp Wich
4 # This is free software, licensed under the GNU General Public License v2.
5 # See /LICENSE for more information.
11 PROG
=/usr
/sbin
/openvpn
23 *_
*_
*_
*) v
=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_} ;;
24 *_
*_
*) v
=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_} ;;
25 *_
*) v
=${v%%_*}-${v#*_} ;;
27 echo -n "$v" >> "/var/etc/openvpn-$s.conf"
32 local p
; local v
; local s
="$1"; shift
34 config_get_bool v
"$s" "$p"
35 [ "$v" = 1 ] && append_param
"$s" "$p" && echo >> "/var/etc/openvpn-$s.conf"
40 local p
; local v
; local s
="$1"; shift
42 config_get v
"$s" "$p"
45 [ -n "$v" ] && [ "$p" != "push" ] && append_param
"$s" "$p" && echo " $v" >> "/var/etc/openvpn-$s.conf"
46 [ -n "$v" ] && [ "$p" = "push" ] && append_param
"$s" "$p" && echo " \"$v\"" >> "/var/etc/openvpn-$s.conf"
53 local p
; local v
; local s
="$1"; shift
61 config_list_foreach
"$s" "$p" list_cb_append
62 [ -n "$v" ] && append_param
"$s" "$p" && echo " ${v:1}" >> "/var/etc/openvpn-$s.conf"
67 config_get_bool
enable "$1" 'enable' 0
68 config_get_bool enabled
"$1" 'enabled' 0
69 [ $enable -gt 0 ] ||
[ $enabled -gt 0 ]
73 mkdir
-p "$(dirname "$1")"
85 # Do override only for configurations with config_file
86 config_get config_file
"$name" config
87 [ -n "$config_file" ] ||
return
89 # Check there is someething to override
90 config_get dev
"$name" dev
91 config_get dev_type
"$name" dev_type
92 [ -n "$dev" ] ||
return
94 # If there is a no dev_type, try to guess it
95 if [ -z "$dev_type" ]; then
96 .
/lib
/functions
/openvpn.sh
99 get_openvpn_option
"$conf" odev dev
100 get_openvpn_option
"$conf" odev_type dev-type
101 [ -n "$odev_type" ] || odev_type
="$odev"
104 tun
*) dev_type
="tun" ;;
105 tap
*) dev_type
="tap" ;;
111 echo "--dev-type $dev_type --dev $dev"
114 openvpn_get_credentials
() {
118 config_get cert_password
"$name" cert_password
119 config_get password
"$name" password
120 config_get username
"$name" username
122 if [ -n "$cert_password" ]; then
123 create_temp_file
/var
/run
/openvpn.
$name.pass
124 echo "$cert_password" > /var
/run
/openvpn.
$name.pass
125 ret
=" --askpass /var/run/openvpn.$name.pass "
128 if [ -n "$username" ]; then
129 create_temp_file
/var
/run
/openvpn.
$name.userpass
130 echo "$username" > /var
/run
/openvpn.
$name.userpass
131 echo "$password" >> /var
/run
/openvpn.
$name.userpass
132 ret
=" --auth-user-pass /var/run/openvpn.$name.userpass "
139 openvpn_add_instance
() {
147 procd_open_instance
"$name"
148 procd_set_param
command "$PROG" \
149 --syslog "openvpn($name)" \
150 --status "/var/run/openvpn.$name.status" \
153 --up "/usr/libexec/openvpn-hotplug up $name" \
154 --down "/usr/libexec/openvpn-hotplug down $name" \
155 ${up:+--setenv user_up "$up"} \
156 ${down:+--setenv user_down "$down"} \
157 --script-security "${security:-2}" \
158 $
(openvpn_get_dev
"$name" "$conf") \
159 $
(openvpn_get_credentials
"$name" "$conf")
160 procd_set_param
file "$dir/$conf"
161 procd_set_param term_timeout
15
162 procd_set_param respawn
163 procd_append_param respawn
3600
164 procd_append_param respawn
5
165 procd_append_param respawn
-1
172 config_get config
"$s" config
173 config
="${config:+$(readlink -f "$config")}"
175 section_enabled
"$s" ||
{
176 append UCI_DISABLED
"$config" "$LIST_SEP"
180 local up down script_security
181 config_get up
"$s" up
182 config_get down
"$s" down
183 config_get script_security
"$s" script_security
185 [ ! -d "/var/run" ] && mkdir
-p "/var/run"
187 if [ ! -z "$config" ]; then
188 append UCI_STARTED
"$config" "$LIST_SEP"
189 [ -n "$up" ] || get_openvpn_option
"$config" up up
190 [ -n "$down" ] || get_openvpn_option
"$config" down down
191 openvpn_add_instance
"$s" "${config%/*}" "$config" "$script_security" "$up" "$down"
195 create_temp_file
"/var/etc/openvpn-$s.conf"
197 append_bools
"$s" $OPENVPN_BOOLS
198 append_params
"$s" $OPENVPN_PARAMS
199 append_list
"$s" $OPENVPN_LIST
201 openvpn_add_instance
"$s" "/var/etc" "openvpn-$s.conf" "$script_security" "$up" "$down"
206 local instance_found
=0
211 if [ "$type" = "openvpn" ]; then
212 if [ -n "$instance" -a "$instance" = "$name" ]; then
218 .
/lib
/functions
/openvpn.sh
219 .
/usr
/share
/openvpn
/openvpn.options
220 config_load
'openvpn'
222 if [ -n "$instance" ]; then
223 [ "$instance_found" -gt 0 ] ||
return
224 start_instance
"$instance"
226 config_foreach start_instance
'openvpn'
228 local path name up down
229 for path
in /etc
/openvpn
/*.conf
; do
230 if [ -f "$path" ]; then
231 name
="${path##*/}"; name
="${name%.conf}"
233 # don't start configs again that are already started by uci
234 if echo "$UCI_STARTED" |
grep -qxF "$path"; then
237 # don't start configs which are set to disabled in uci
238 elif echo "$UCI_DISABLED" |
grep -qxF "$path"; then
239 logger
-t openvpn
"$name.conf is disabled in /etc/config/openvpn"
243 get_openvpn_option
"$path" up up || up
=""
244 get_openvpn_option
"$path" down down || down
=""
245 openvpn_add_instance
"$name" "${path%/*}" "$path" "" "$up" "$down"
252 procd_add_reload_trigger openvpn