projects / openwrt / svn-archive / archive.git / blob
? search:


55a86a1d70a8d3b91177181c725bc4839563c0ef
[openwrt/svn-archive/archive.git] / net / tinc / files / tinc.init
1 #!/bin/sh /etc/rc.common
2 # Copyright (C) 2011 OpenWrt.org
3 # Copyright (C) 2011 Linus Lüssing
4 # Based on Jo-Philipp Wich's OpenVPN init script
5 # This is free software, licensed under the GNU General Public License v2.
6 # See /LICENSE for more information.
7
8 START=42
9
10 SERVICE_USE_PID=1
11
12 BIN=/usr/sbin/tincd
13 EXTRA_COMMANDS="up down"
14
15 LIST_SEP="
16 "
17 TMP_TINC="/tmp/tinc"
18
19 append_param() {
20 local v="$1"
21 case "$v" in
22 *_*_*_*) v=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_} ;;
23 *_*_*) v=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_} ;;
24 *_*) v=${v%%_*}-${v#*_} ;;
25 esac
26 ARGS="$ARGS --$v"
27 return 0
28 }
29
30 append_conf_bools() {
31 local p; local v; local s="$1"; local f="$2"; shift; shift
32 for p in $*; do
33 config_get_bool v "$s" "$p"
34 [ "$v" == 1 ] && echo "$p = yes" >> "$f"
35 [ "$v" == 0 ] && echo "$p = no" >> "$f"
36 done
37 }
38
39 append_params() {
40 local p; local v; local s="$1"; shift
41 for p in $*; do
42 config_get v "$s" "$p"
43 IFS="$LIST_SEP"
44 for v in $v; do
45 [ -n "$v" ] && append_param "$p" && ARGS="$ARGS $v"
46 done
47 unset IFS
48 done
49 }
50
51 append_conf_params() {
52 local p; local v; local s="$1"; local f="$2"; shift; shift
53 for p in $*; do
54 config_get v "$s" "$p"
55 IFS="$LIST_SEP"
56 for v in $v; do
57 # Look up OpenWRT interface names
58 [ "$p" = "BindToInterface" ] && {
59 local ifname=$(uci -P /var/state get network.$v.ifname 2>&-)
60 [ -n "$ifname" ] && v="$ifname"
61 }
62
63 [ -n "$v" ] && echo "$p = $v" >> "$f"
64 done
65 unset IFS
66 done
67 }
68
69 section_enabled() {
70 config_get_bool enabled "$1" 'enabled' 0
71 [ $enabled -gt 0 ]
72 }
73
74 prepare_host() {
75 local s="$1"
76 local n
77
78 # net disabled?
79 config_get n "$s" net
80 section_enabled "$n" || return 1
81
82 if [ "$#" = "2" ]; then
83 [ "$2" != "$n" ] && return 1
84 fi
85
86 # host disabled?
87 section_enabled "$s" || {
88 [ -f "$TMP_TINC/$n/hosts/$s" ] && rm "$TMP_TINC/$n/hosts/$s"
89 return 1
90 }
91
92 [ ! -f "/etc/tinc/$n/hosts/$s" ] && {
93 echo -n "tinc: Warning, public key for $s for network $n "
94 echo -n "missing in /etc/tinc/$n/hosts/$s, "
95 echo "skipping configuration of $s"
96 return 1
97 }
98
99 # append flags
100 append_conf_bools "$s" "$TMP_TINC/$n/hosts/$s" \
101 ClampMSS IndirectData PMTUDiscovery TCPOnly
102
103 # append params
104 append_conf_params "$s" "$TMP_TINC/$n/hosts/$s" \
105 Address Cipher Compression Digest MACLength PMTU \
106 Port PublicKey PublicKeyFile Subnet
107 }
108
109 check_gen_own_key() {
110 local s="$1"; local n; local k
111
112 config_get n "$s" Name
113 config_get_bool k "$s" generate_keys 0
114 [ "$k" == 0 ] && return 0
115
116 ([ -z "$n" ] || [ -f "$TMP_TINC/$s/hosts/$n" ] || [ -f "$TMP_TINC/$s/rsa_key.priv" ]) && \
117 return 0
118 [ ! -d "$TMP_TINC/$s/hosts" ] && mkdir -p "$TMP_TINC/$s/hosts"
119
120 config_get k "$s" key_size
121 if [ -z "$k" ]; then
122 $BIN -c "$TMP_TINC/$s" --generate-keys </dev/null
123 else
124 $BIN -c "$TMP_TINC/$s" "--generate-keys=$k" </dev/null
125 fi
126
127 [ ! -d "/etc/tinc/$s/hosts" ] && mkdir -p "/etc/tinc/$s/hosts"
128 cp "$TMP_TINC/$s/rsa_key.priv" "/etc/tinc/$s/"
129 [ -n "$n" ] && cp "$TMP_TINC/$s/hosts/$n" "/etc/tinc/$s/hosts/"
130 }
131
132 prepare_net() {
133 local s="$1"
134 local n
135
136 section_enabled "$s" || return 1
137
138 [ ! -d "$TMP_TINC/$s" ] && mkdir -p "$TMP_TINC/$s"
139 [ -d "/etc/tinc/$s" ] && cp -r "/etc/tinc/$s" "$TMP_TINC/"
140
141 # append flags
142 append_conf_bools "$s" "$TMP_TINC/$s/tinc.conf" \
143 DecrementTTL DirectOnly Hostnames IffOneQueue \
144 LocalDiscovery PriorityInheritance StrictSubnets TunnelServer \
145 ClampMSS IndirectData PMTUDiscovery TCPOnly
146
147 # append params
148 append_conf_params "$s" "$TMP_TINC/$s/tinc.conf" \
149 AddressFamily BindToAddress ConnectTo BindToInterface \
150 Broadcast Device DeviceType Forwarding \
151 GraphDumpFile Interface KeyExpire MACExpire \
152 MaxTimeout Mode Name PingInterval PingTimeout \
153 PrivateKey PrivateKeyFile ProcessPriority ReplayWindow \
154 UDPRcvBuf UDPSndBuf \
155 Address Cipher Compression Digest MACLength PMTU \
156 Port PublicKey PublicKeyFile Subnet
157
158 check_gen_own_key "$s" && return 0
159 }
160
161 start_instance() {
162 local s="$1"
163
164 section_enabled "$s" || return 1
165
166 ARGS=""
167
168 # append params
169 append_params "$s" log debug
170
171 SERVICE_PID_FILE="/var/run/tinc.$s.pid"
172 service_start $BIN -c "$TMP_TINC/$s" -n $s $ARGS --pidfile="$SERVICE_PID_FILE"
173 }
174
175 stop_instance() {
176 local s="$1"
177
178 section_enabled "$s" || return 1
179
180 SERVICE_PID_FILE="/var/run/tinc.$s.pid"
181 service_stop $BIN
182 }
183
184 reload_instance() {
185 local s="$1"
186
187 section_enabled "$s" || return 1
188
189 SERVICE_PID_FILE="/var/run/tinc.$s.pid"
190 service_reload $BIN
191 }
192
193 start() {
194 config_load 'tinc'
195
196 config_foreach prepare_net 'tinc-net'
197 config_foreach prepare_host 'tinc-host'
198
199 config_foreach start_instance 'tinc-net'
200 }
201
202 stop() {
203 config_load 'tinc'
204 config_foreach stop_instance 'tinc-net'
205 }
206
207 reload() {
208 config_load 'tinc'
209 config_foreach reload_instance 'tinc-net'
210 }
211
212 up() {
213 local exists
214 local instance
215 config_load 'tinc'
216 for instance in "$@"; do
217 config_get exists "$instance" 'TYPE'
218 if [ "$exists" == "tinc-net" ]; then
219 prepare_net "$instance"
220 config_foreach prepare_host 'tinc-host' "$instance"
221 start_instance "$instance"
222 fi
223 done
224 }
225
226 down() {
227 local exists
228 local instance
229 config_load 'tinc'
230 for instance in "$@"; do
231 config_get exists "$instance" 'TYPE'
232 if [ "$exists" == "tinc-net" ]; then
233 stop_instance "$instance"
234 fi
235 done
236 }
OpenWrt SVN history