Merge pull request #23787 from stangri/master-curl

[feed/packages.git] / net / yggdrasil / files / yggdrasil.sh

#!/bin/sh


[ -n "$INCLUDE_ONLY" ] || {
        . /lib/functions.sh
        . ../netifd-proto.sh
        init_proto "$@"
}

proto_yggdrasil_init_config() {
        available=1

        # Yggdrasil
        proto_config_add_string "private_key"
        proto_config_add_boolean "allocate_listen_addresses"

        # Jumper
        proto_config_add_boolean "jumper_enable"
        proto_config_add_string "jumper_loglevel"
        proto_config_add_boolean "jumper_autofill_listen_addresses"
        proto_config_add_string "jumper_config"
}

proto_yggdrasil_setup_peer_if_non_interface() {
        local peer_config="$1"
        local peer_address
        local peer_interface
        config_get peer_address "${peer_config}" "address"
        config_get peer_interface "${peer_config}" "interface"
        if [ -z ${peer_interface} ]; then
                json_add_string "" ${peer_address}
        fi;
}

proto_yggdrasil_dump_peer_interface() {
        local peer_config="$1"
        local peer_interface

        config_get peer_interface "${peer_config}" "interface"

        if [ ! -z ${peer_interface} ]; then
                peer_interfaces="${peer_interfaces}\n${peer_interface}"
        fi;
}

proto_yggdrasil_setup_peer_if_interface() {
        local peer_config="$1"
        local peer_address
        local peer_interface
        config_get peer_interface "${peer_config}" "interface"
        if [ "${peer_interface}" = "${peer_interface_filter}" ]; then
                config_get peer_address "${peer_config}" "address"
                json_add_string "" ${peer_address}
        fi;
}

proto_yggdrasil_append_to_interface_regex() {
        if [ -z "${regex}" ]; then
                regex="$1"
        else
                regex="${regex}|$1";
        fi;
}

proto_yggdrasil_setup_multicast_interface() {
        local interface_config="$1"
        local beacon
        local listen
        local port=0
        local password
        local regex=""

        config_get beacon "${interface_config}" "beacon"
        config_get listen "${interface_config}" "listen"
        config_get port "${interface_config}" "port"
        config_get password "${interface_config}" "password"

        json_add_object ""
        json_add_boolean "Beacon" $beacon
        json_add_boolean "Listen" $listen
        if [ ! -z ${port} ]; then
                json_add_int "Port" $port
        else
                json_add_int "Port" 0
        fi;
        if [ ! -z ${password} ]; then
                json_add_string "Password" $password
        fi;

        config_list_foreach "${interface_config}" interface proto_yggdrasil_append_to_interface_regex

        json_add_string "Regex" "^(${regex})\$"

        json_close_object
}

proto_yggdrasil_add_string() {
        json_add_string "" $1
}

proto_yggdrasil_generate_keypair() {
        json_load "$(yggdrasil -genconf -json)"
        json_get_vars PrivateKey
        json_cleanup
        private_key=$PrivateKey
        public_key=${PrivateKey:64}
}

proto_yggdrasil_allocate_listen_addresses() {
        local config="$1"

        # Collect already defined protocols
        protocols=""
        _add_address_protocol() {
                protocols="${protocols}$(echo $1 | cut -d "://" -f1) "
        }
        config_list_foreach "$config" listen_address _add_address_protocol

        # Add new address for each previously unspecified protocol
        for protocol in "tls" "quic"; do
                if ! echo "$protocols" | grep "$protocol" &>/dev/null; then
                        # By default linux dynamically alocates ports in the range 32768..60999
                        # `sysctl net.ipv4.ip_local_port_range`
                        random_port=$(( ($RANDOM + $RANDOM) % 22767 + 10000 ))
                        proto_yggdrasil_add_string "${protocol}://127.0.0.1:${random_port}"
                fi
        done
}

proto_yggdrasil_generate_jumper_config() {
        local config="$1"
        local ygg_sock="$2"
        local ygg_cfg="$3"

        # Autofill Yggdrasil listeners
        config_get is_autofill_listeners "$config" "jumper_autofill_listen_addresses"
        if [ "$is_autofill_listeners" == "1" ]; then
                echo "yggdrasil_listen = ["
                _print_address() {
                        echo "\"${1}\","
                }
                json_load_file "${ygg_cfg}"
                json_for_each_item _print_address "Listen"
                echo "]"
        fi

        # Print admin api socket
        echo "yggdrasil_admin_listen = [ \"${ygg_sock}\" ]"

        # Print extra config
        config_get jumper_config "$config" "jumper_config"
        echo "${jumper_config}"
}

proto_yggdrasil_setup() {
        local config="$1"
        local device="$2"
        local ygg_dir="/tmp/yggdrasil"
        local ygg_cfg="${ygg_dir}/${config}.conf"
        local ygg_sock="unix://${ygg_dir}/${config}.sock"


        local private_key
        local public_key
        local mtu
        local listen_addresses
        local whitelisted_keys
        local node_info
        local node_info_privacy

        config_load network
        config_get private_key "${config}" "private_key"
        config_get public_key "${config}" "public_key"
        config_get mtu "${config}" "mtu"
        config_get node_info "${config}" "node_info"
        config_get node_info_privacy "${config}" "node_info_privacy"

        if [ -z $private_key ]; then
                proto_yggdrasil_generate_keypair
        fi;

        umask 077
        mkdir -p "${ygg_dir}"

        if [ $private_key = "auto" ]; then
                proto_yggdrasil_generate_keypair
                uci -t ${ygg_dir}/.uci.${config} batch <<EOF
                        set network.${config}.private_key='${private_key}'
                        set network.${config}.public_key='${public_key}'
EOF
                uci -t ${ygg_dir}/.uci.${config} commit;
        fi;

        # Generate config file
        json_init
        json_add_string "IfName" ${config}
        json_add_string "AdminListen" ${ygg_sock}

        json_add_string "PrivateKey" ${private_key}
        json_add_string "PublicKey" ${public_key}

        if [ ! -z $mtu ]; then
                json_add_int "IfMTU" ${mtu}
        fi;

        if [ ! -z $node_info ]; then
                json_add_string "NodeInfo" "%%_YGGDRASIL_NODEINFO_TEMPLATE_%%"
        fi;

        json_add_boolean "NodeInfoPrivacy" ${node_info_privacy}

        # Peers
        json_add_array "Peers"
        config_foreach proto_yggdrasil_setup_peer_if_non_interface "yggdrasil_${config}_peer"
        json_close_array

        local peer_interfaces
        peer_interfaces=""
        config_foreach proto_yggdrasil_dump_peer_interface "yggdrasil_${config}_peer"
        peer_interfaces=$(echo -e ${peer_interfaces} | sort | uniq)

        json_add_object "InterfacePeers"
        for peer_interface_filter in ${peer_interfaces}; do
                json_add_array "${peer_interface_filter}"
                config_foreach proto_yggdrasil_setup_peer_if_interface "yggdrasil_${config}_peer"
                json_close_array
        done
        json_close_object

        json_add_array "AllowedPublicKeys"
        config_list_foreach "$config" allowed_public_key proto_yggdrasil_add_string
        json_close_array

        json_add_array "Listen"
        config_list_foreach "$config" listen_address proto_yggdrasil_add_string

        # If needed, add new address for each previously unspecified protocol
        config_get is_jumper_enabled "$config" "jumper_enable"
        config_get allocate_listen_addresses "$config" "allocate_listen_addresses"
        if [ "$is_jumper_enabled" == "1" ] && [ "$allocate_listen_addresses" == "1" ]; then
                proto_yggdrasil_allocate_listen_addresses "$config"
        fi

        json_close_array

        json_add_array "MulticastInterfaces"
        config_foreach proto_yggdrasil_setup_multicast_interface "yggdrasil_${config}_interface"
        json_close_array

        json_dump > "${ygg_cfg}.1"
        awk -v s='"%%_YGGDRASIL_NODEINFO_TEMPLATE_%%"' -v r="${node_info}" '{gsub(s, r)} 1' "${ygg_cfg}.1" > ${ygg_cfg}
        rm "${ygg_cfg}.1"

        proto_run_command "$config" /usr/sbin/yggdrasil -useconffile "${ygg_cfg}"
        proto_init_update "$config" 1
        proto_add_ipv6_address "$(yggdrasil -useconffile "${ygg_cfg}" -address)" "7"
        proto_add_ipv6_prefix "$(yggdrasil -useconffile "${ygg_cfg}" -subnet)"
        proto_send_update "$config"

        # Start jumper if needed
        config_get is_jumper_enabled "$config" "jumper_enable"
        if [ "$is_jumper_enabled" == "1" ] && [ -f /usr/sbin/yggdrasil-jumper ]; then
                jumper_cfg="${ygg_dir}/${config}-jumper.conf"
                proto_yggdrasil_generate_jumper_config "$config" "$ygg_sock" "$ygg_cfg" > "$jumper_cfg"

                config_get jumper_loglevel "$config" "jumper_loglevel"
                sh -c "sleep 2 && exec /usr/sbin/yggdrasil-jumper --loglevel \"${jumper_loglevel:-info}\" --config \"$jumper_cfg\" 2&>1 | logger -t \"${config}-jumper\"" &
        fi
}

proto_yggdrasil_teardown() {
        local interface="$1"
        proto_kill_command "$interface"
}

[ -n "$INCLUDE_ONLY" ] || {
        add_protocol yggdrasil
}