[PATCH] Make vpn-select modular

Robert Langhammer rlanghammer at web.de
Fr Aug 7 01:33:29 CEST 2020


vpn-select is an old relic and did not reflect the opportunities of our hoodfile.
This rewrite makes vpn-select modular to easely add new vpn-protocols.

The stuff dependent on the vpn-protocol is outsourced to files in /etc/vpn-select.d and comes in with the respective vpn package.

vpn-stop is removed to use the protocol independent start/stop mechanism of vpn-select.

Signed-off-by: Robert Langhammer <rlanghammer at web.de>
---
 .../fff-fastd/files/etc/vpn-select.d/fastd    | 35 +++++++++
 .../fff-hoods/files/usr/sbin/configurehood    |  2 +-
 .../fff-vpn-select/files/usr/sbin/vpn-select  | 75 +++++++------------
 .../fff-vpn-select/files/usr/sbin/vpn-stop    |  5 --
 4 files changed, 62 insertions(+), 55 deletions(-)
 create mode 100644 src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd
 delete mode 100755 src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop

diff --git a/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd b/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd
new file mode 100644
index 0000000..bd73761
--- /dev/null
+++ b/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd
@@ -0,0 +1,35 @@
+protocol=fastd
+
+fastd_clear() {
+	rm /tmp/fastd_fff_peers/*
+}
+
+fastd_addpeer() {
+	[ -d /tmp/fastd_fff_peers ] || mkdir /tmp/fastd_fff_peers
+
+	# write fastd-config
+	json_get_var servername name
+	filename="/etc/fastd/fff/peers/$servername"
+	echo "#name \"${servername}\";" > "$filename"
+	json_get_var key key
+	echo "key \"${key}\";" >> "$filename"
+	json_get_var address address
+	json_get_var port port
+	echo "remote \"${address}\" port ${port};" >> "$filename"
+	echo "" >> "$filename"
+	echo "float yes;" >> "$filename"
+}
+
+fastd_start_stop() {
+	/etc/init.d/fastd reload # does nothing if fastd was not running
+
+	# fastd start/stop for various situations
+	# this is needed for first start and if fastd comes up or disappears in hoodfile
+	pidfile="/tmp/run/fastd.fff.pid"
+	if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then
+		([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) || /etc/init.d/fastd start
+	else
+		([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) && /etc/init.d/fastd stop
+	fi
+}
+
diff --git a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
index 3b92cbc..c84a8cc 100755
--- a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
+++ b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
@@ -207,7 +207,7 @@ if [ -s "$hoodfiletmp" ]; then
 	if hasInternet ; then
 		/usr/sbin/vpn-select "$hoodfiletmp"
 	else
-		/usr/sbin/vpn-stop
+		/usr/sbin/vpn-select stop-VPN
 	fi

 	# now we load the prefix from the hoodfile and set this to br-mesh
diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
index 30883f5..8f48f9a 100755
--- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
+++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
@@ -1,65 +1,42 @@
 #!/bin/sh

 # Usage: vpn-select <path-to-hood-file>
+# To add a new protocol, put a file with three functions to /etc/vpn-select.d/ .
+# The file must start with protocol=name. It is most important to use the same name here and in hoodfile.
+# The old config can be cleared in function ${protocol}_clear(). It is called once per installed protocol.
+# The function ${protocol}_addpeer() is called for every peer in hoodfile.
+# The function ${protocol}_start_stop() is called once per installed protocol.

 . /usr/share/libubox/jshn.sh

 hoodfile="$1"

-make_config() {
-	# remove old config
-	rm /tmp/fastd_fff_peers/*
+# source functions
+for file in /etc/vpn-select.d/*; do
+	. "$file"
+	supported_protocols="$supported_protocols $protocol"
+done

-	# prepare
-	Index=1
+# clear old config
+for protocol in $supported_protocols; do
+	"${protocol}_clear"
+done
+
+# load hoodfile and add peers
+if [ -s "$hoodfile" ] ; then
 	json_load "$(cat "$hoodfile")"
 	json_select vpn
-
-	# get fastd peers
-	while json_select "$Index" > /dev/null
-	do
+	index=1
+	while json_select "$index" > /dev/null ; do
 		json_get_var protocol protocol
-		if [ "$protocol" = "fastd" ]; then
-			# set up fastd
-			json_get_var servername name
-			filename="/etc/fastd/fff/peers/$servername"
-			echo "#name \"${servername}\";" > "$filename"
-			json_get_var key key
-			echo "key \"${key}\";" >> "$filename"
-			json_get_var address address
-			json_get_var port port
-			echo "remote \"${address}\" port ${port};" >> "$filename"
-			echo "" >> "$filename"
-			echo "float yes;" >> "$filename"
-		fi
+		"${protocol}_addpeer" || echo "protocol $protocol unknown"
 		json_select ".." # back to vpn
-		Index=$(( Index + 1 ))
+		index=$(( index + 1 ))
 	done
-	json_select ".." # back to root
-}
+fi

-# Only do something if file is there and not empty; otherwise exit 1
-if [ -s "$hoodfile" ]; then
-	if [ ! -d /tmp/fastd_fff_peers ]; then
-		# first run after reboot
-		mkdir /tmp/fastd_fff_peers
-		make_config
-		# start fastd only if there are some peers
-		[ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ] && /etc/init.d/fastd start
-	else
-		make_config
-		/etc/init.d/fastd reload
+# start/restart/stop vpnservices
+for protocol in $supported_protocols; do
+	"${protocol}_start_stop"
+done

-		# fastd start/stop for various situations
-		pidfile="/tmp/run/fastd.fff.pid"
-		if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then
-			([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) || /etc/init.d/fastd start
-		else
-			([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) && /etc/init.d/fastd stop
-		fi
-	fi
-	exit 0
-else
-	echo "vpn-select: Hood file not found or empty!"
-	exit 1
-fi
diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop
deleted file mode 100755
index 03a160b..0000000
--- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-
-rm /tmp/fastd_fff_peers/*
-/etc/init.d/fastd stop
-
--
2.20.1



Mehr Informationen über die Mailingliste franken-dev