[PATCH v5 3/4] Reconfigure vpn-select for keyxchangev2
Christian Dresel
fff at chrisi01.de
Fr Sep 15 19:12:12 CEST 2017
we need some little changes and copy some things to fff-hood later
Update in v5:
- nothing
Signed-off-by: Christian Dresel <fff at chrisi01.de>
---
.../files/etc/hotplug.d/iface/50-vpn-select | 6 ------
.../fff-vpn-select/files/usr/lib/micron.d/vpn-select | 1 -
.../fff/fff-vpn-select/files/usr/sbin/vpn-select | 18 +++++++-----------
3 files changed, 7 insertions(+), 18 deletions(-)
delete mode 100755 src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
delete mode 100644 src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
diff --git a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
deleted file mode 100755
index 16d9853..0000000
--- a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && {
- sleep 3
- /usr/sbin/vpn-select
-}
-
diff --git a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
deleted file mode 100644
index dc20486..0000000
--- a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select
+++ /dev/null
@@ -1 +0,0 @@
-*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select
diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
index c3d003f..0b8589f 100755
--- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
+++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
@@ -9,7 +9,6 @@ rm /tmp/fastd_${project}_peers/*
count=0
# get fastd peers
pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c - --show-key --machine-readable)
-wget -T15 "http://keyserver.freifunk-franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port&key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output
filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_${project}_output)
for file in $filecounts; do
awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_${project}_output | sed 's/ float;/;/g' > /etc/fastd/$project/peers/$file
@@ -42,14 +41,17 @@ test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver
test_ipv4_host2="8.8.8.8" # Google DNS
test_ipv6_host1="heise.de" # heise Zeitschriftenverlag
+# need this here because the next if need this variable
+. /etc/community.cfg
+project="$VPN_PROJECT"
+
# Only do something when the router has internet connection
-if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
+if (ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
- ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then
+ ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null) &&
+ [ -n /tmp/fastd_${project}_output ]; then
# set some vars
- . /etc/community.cfg
- project="$VPN_PROJECT"
mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' /sys/class/net/br-mesh/address 2>/dev/null)
lat=$(uci get system. at system[0].latitude)
long=$(uci get system. at system[0].longitude)
@@ -60,12 +62,6 @@ if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
if [ ! -d /tmp/fastd_${project}_peers ]; then
# first run after reboot
mkdir /tmp/fastd_${project}_peers
- # do we have a fastd secret
- if ! egrep "option secret '[0-9a-f]{64}'" /etc/config/fastd &>/dev/null; then
- secret=$(fastd --generate-key 2>&1 | awk '/[Ss]ecret/ { print $2 }')
- uci set fastd.${project}.secret="$secret"
- uci commit fastd
- fi
make_config
# start fastd only if there are some peers left
[ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ] && /etc/init.d/fastd start
--
2.1.4
Mehr Informationen über die Mailingliste franken-dev