[PATCH] Make vpn-select modular
Robert Langhammer
rlanghammer at web.de
Fr Aug 7 01:33:29 CEST 2020
vpn-select is an old relic and did not reflect the opportunities of our hoodfile.
This rewrite makes vpn-select modular to easely add new vpn-protocols.
The stuff dependent on the vpn-protocol is outsourced to files in /etc/vpn-select.d and comes in with the respective vpn package.
vpn-stop is removed to use the protocol independent start/stop mechanism of vpn-select.
Signed-off-by: Robert Langhammer <rlanghammer at web.de>
---
.../fff-fastd/files/etc/vpn-select.d/fastd | 35 +++++++++
.../fff-hoods/files/usr/sbin/configurehood | 2 +-
.../fff-vpn-select/files/usr/sbin/vpn-select | 75 +++++++------------
.../fff-vpn-select/files/usr/sbin/vpn-stop | 5 --
4 files changed, 62 insertions(+), 55 deletions(-)
create mode 100644 src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd
delete mode 100755 src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop
diff --git a/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd b/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd
new file mode 100644
index 0000000..bd73761
--- /dev/null
+++ b/src/packages/fff/fff-fastd/files/etc/vpn-select.d/fastd
@@ -0,0 +1,35 @@
+protocol=fastd
+
+fastd_clear() {
+ rm /tmp/fastd_fff_peers/*
+}
+
+fastd_addpeer() {
+ [ -d /tmp/fastd_fff_peers ] || mkdir /tmp/fastd_fff_peers
+
+ # write fastd-config
+ json_get_var servername name
+ filename="/etc/fastd/fff/peers/$servername"
+ echo "#name \"${servername}\";" > "$filename"
+ json_get_var key key
+ echo "key \"${key}\";" >> "$filename"
+ json_get_var address address
+ json_get_var port port
+ echo "remote \"${address}\" port ${port};" >> "$filename"
+ echo "" >> "$filename"
+ echo "float yes;" >> "$filename"
+}
+
+fastd_start_stop() {
+ /etc/init.d/fastd reload # does nothing if fastd was not running
+
+ # fastd start/stop for various situations
+ # this is needed for first start and if fastd comes up or disappears in hoodfile
+ pidfile="/tmp/run/fastd.fff.pid"
+ if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then
+ ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) || /etc/init.d/fastd start
+ else
+ ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) && /etc/init.d/fastd stop
+ fi
+}
+
diff --git a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
index 3b92cbc..c84a8cc 100755
--- a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
+++ b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
@@ -207,7 +207,7 @@ if [ -s "$hoodfiletmp" ]; then
if hasInternet ; then
/usr/sbin/vpn-select "$hoodfiletmp"
else
- /usr/sbin/vpn-stop
+ /usr/sbin/vpn-select stop-VPN
fi
# now we load the prefix from the hoodfile and set this to br-mesh
diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
index 30883f5..8f48f9a 100755
--- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
+++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
@@ -1,65 +1,42 @@
#!/bin/sh
# Usage: vpn-select <path-to-hood-file>
+# To add a new protocol, put a file with three functions to /etc/vpn-select.d/ .
+# The file must start with protocol=name. It is most important to use the same name here and in hoodfile.
+# The old config can be cleared in function ${protocol}_clear(). It is called once per installed protocol.
+# The function ${protocol}_addpeer() is called for every peer in hoodfile.
+# The function ${protocol}_start_stop() is called once per installed protocol.
. /usr/share/libubox/jshn.sh
hoodfile="$1"
-make_config() {
- # remove old config
- rm /tmp/fastd_fff_peers/*
+# source functions
+for file in /etc/vpn-select.d/*; do
+ . "$file"
+ supported_protocols="$supported_protocols $protocol"
+done
- # prepare
- Index=1
+# clear old config
+for protocol in $supported_protocols; do
+ "${protocol}_clear"
+done
+
+# load hoodfile and add peers
+if [ -s "$hoodfile" ] ; then
json_load "$(cat "$hoodfile")"
json_select vpn
-
- # get fastd peers
- while json_select "$Index" > /dev/null
- do
+ index=1
+ while json_select "$index" > /dev/null ; do
json_get_var protocol protocol
- if [ "$protocol" = "fastd" ]; then
- # set up fastd
- json_get_var servername name
- filename="/etc/fastd/fff/peers/$servername"
- echo "#name \"${servername}\";" > "$filename"
- json_get_var key key
- echo "key \"${key}\";" >> "$filename"
- json_get_var address address
- json_get_var port port
- echo "remote \"${address}\" port ${port};" >> "$filename"
- echo "" >> "$filename"
- echo "float yes;" >> "$filename"
- fi
+ "${protocol}_addpeer" || echo "protocol $protocol unknown"
json_select ".." # back to vpn
- Index=$(( Index + 1 ))
+ index=$(( index + 1 ))
done
- json_select ".." # back to root
-}
+fi
-# Only do something if file is there and not empty; otherwise exit 1
-if [ -s "$hoodfile" ]; then
- if [ ! -d /tmp/fastd_fff_peers ]; then
- # first run after reboot
- mkdir /tmp/fastd_fff_peers
- make_config
- # start fastd only if there are some peers
- [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ] && /etc/init.d/fastd start
- else
- make_config
- /etc/init.d/fastd reload
+# start/restart/stop vpnservices
+for protocol in $supported_protocols; do
+ "${protocol}_start_stop"
+done
- # fastd start/stop for various situations
- pidfile="/tmp/run/fastd.fff.pid"
- if [ "$(ls /etc/fastd/fff/peers/* 2>/dev/null)" ]; then
- ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) || /etc/init.d/fastd start
- else
- ([ -s "$pidfile" ] && [ -d "/proc/$(cat "$pidfile")" ]) && /etc/init.d/fastd stop
- fi
- fi
- exit 0
-else
- echo "vpn-select: Hood file not found or empty!"
- exit 1
-fi
diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop
deleted file mode 100755
index 03a160b..0000000
--- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-stop
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/bin/sh
-
-rm /tmp/fastd_fff_peers/*
-/etc/init.d/fastd stop
-
--
2.20.1
Mehr Informationen über die Mailingliste franken-dev