mirror of
https://github.com/openwrt/packages.git
synced 2026-06-17 14:50:07 +04:00
openvpn: add hotplug handling back in
This commit adds hotplug handling back in.
Fixes: 2607b761 ("openvpn: introduce proto handler")
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
This commit is contained in:
Florian Eckert
committed by
Florian Eckert
Florian Eckert
parent
337a449c03
commit
647b67e18b
@@ -90,6 +90,10 @@ define Build/Configure
|
||||
)
|
||||
endef
|
||||
|
||||
define Package/openvpn-$(BUILD_VARIANT)/conffiles
|
||||
/etc/openvpn.user
|
||||
endef
|
||||
|
||||
define Package/openvpn-$(BUILD_VARIANT)/install
|
||||
$(INSTALL_DIR) $(1)/usr/sbin
|
||||
$(INSTALL_BIN) \
|
||||
@@ -127,6 +131,21 @@ define Package/openvpn-$(BUILD_VARIANT)/install
|
||||
$(INSTALL_DATA) \
|
||||
files/lib/upgrade/keep.d/openvpn \
|
||||
$(1)/lib/upgrade/keep.d/
|
||||
|
||||
$(INSTALL_DIR) $(1)/usr/libexec
|
||||
$(INSTALL_BIN) \
|
||||
files/usr/libexec/openvpn-hotplug \
|
||||
$(1)/usr/libexec/
|
||||
|
||||
$(INSTALL_DIR) $(1)/etc
|
||||
$(INSTALL_DATA) \
|
||||
files/etc/openvpn.user \
|
||||
$(1)/etc/
|
||||
|
||||
$(INSTALL_DIR) $(1)/etc/hotplug.d/openvpn
|
||||
$(INSTALL_DATA) \
|
||||
files/etc/hotplug.d/openvpn/01-user \
|
||||
$(1)/etc/hotplug.d/openvpn/
|
||||
endef
|
||||
|
||||
$(eval $(call BuildPackage,openvpn-openssl))
|
||||
|
||||
@@ -0,0 +1,40 @@
|
||||
#!/bin/sh
|
||||
|
||||
main() {
|
||||
local command
|
||||
|
||||
[ -e "/etc/openvpn.user" ] && {
|
||||
env -i ACTION="$ACTION" INSTANCE="$INSTANCE" \
|
||||
/bin/sh \
|
||||
/etc/openvpn.user \
|
||||
$*
|
||||
}
|
||||
|
||||
# Wrap user defined scripts on up|down|route-up|route-pre-down|ipchange
|
||||
# events. Scripts set with up|down|route-up|route-pre-down|ipchange
|
||||
# in the openvpn config are also executed with the command=user_xxxx
|
||||
case "$ACTION" in
|
||||
up)
|
||||
command=$user_up
|
||||
;;
|
||||
down)
|
||||
command=$user_down
|
||||
;;
|
||||
route-up)
|
||||
command=$user_route_up
|
||||
;;
|
||||
route-pre-down)
|
||||
command=$user_route_pre_down
|
||||
;;
|
||||
ipchange)
|
||||
command=$user_ipchange
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ -n "$command" ]; then
|
||||
shift
|
||||
exec /bin/sh -c "$command $*"
|
||||
fi
|
||||
}
|
||||
|
||||
main
|
||||
@@ -0,0 +1,11 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# This file is interpreted as shell script.
|
||||
# Put your custom openvpn action here, they will
|
||||
# be executed with each opevnp event.
|
||||
#
|
||||
# $ACTION
|
||||
# <down> down action is generated after the TUN/TAP device is closed
|
||||
# <up> up action is generated after the TUN/TAP device is opened
|
||||
# $INSTANCE Name of the openvpn instance which went up or down
|
||||
|
||||
@@ -159,6 +159,43 @@ proto_openvpn_setup() {
|
||||
# Testing option
|
||||
# ${tls_exit:+--tls-exit} \
|
||||
|
||||
# Check 'script_security' option
|
||||
json_get_var script_security script_security
|
||||
[ -z "$script_security" ] && {
|
||||
script_security=3
|
||||
}
|
||||
|
||||
# Add default hotplug handling if 'script_security' option is equal '3'
|
||||
if [ "$script_security" -eq '3' ]; then
|
||||
logger -t "openvpn(proto)" \
|
||||
-p daemon.info "Enabled default hotplug processing, as the openvpn configuration 'script_security' is '3'"
|
||||
|
||||
append exec_params " --setenv INTERFACE $config"
|
||||
append exec_params " --script-security 3"
|
||||
|
||||
append exec_params "--up '/usr/libexec/openvpn-hotplug'"
|
||||
[ -n "$up" ] && append exec_params "--setenv user_up '$up'"
|
||||
|
||||
append exec_params "--down '/usr/libexec/openvpn-hotplug'"
|
||||
[ -n "$down" ] && append exec_params "--setenv user_down '$down'"
|
||||
|
||||
append exec_params "--route-up '/usr/libexec/openvpn-hotplug'"
|
||||
[ -n "$route_up" ] && append exec_params "--setenv user_route_up '$route_up'"
|
||||
|
||||
append exec_params "--route-pre-down '/usr/libexec/openvpn-hotplug'"
|
||||
[ -n "$route_pre_down" ] && append exec_params "--setenv user_route_pre_down '$route_pre_down'"
|
||||
|
||||
json_get_var client client
|
||||
json_get_var tls_client tls_client
|
||||
if [ "$client" = 1 ] || [ "$tls_client" = 1 ]; then
|
||||
append exec_params "--ipchange '/usr/libexec/openvpn-hotplug'"
|
||||
[ -n "$ip_change" ] && append exec_params "--setenv user_ipchange '$ipchange'"
|
||||
fi
|
||||
else
|
||||
logger -t "openvpn(proto)" \
|
||||
-p daemon.warn "Default hotplug processing disabled, as the openvpn configuration 'script_security' is less than '3'"
|
||||
fi
|
||||
|
||||
# shellcheck disable=SC2086
|
||||
proto_run_command "$config" openvpn $exec_params
|
||||
|
||||
|
||||
@@ -0,0 +1,18 @@
|
||||
#!/bin/sh
|
||||
|
||||
[ -z "$script_type"] && {
|
||||
logger -t "openvpn(proto)" -p daemon.warn "hotplug: variable 'script_type' not found"
|
||||
exit
|
||||
}
|
||||
|
||||
[ -z "$INTERFACE"] && {
|
||||
logger -t "openvpn(proto)" -p daemon.warn "hotplug: variable 'INTERFACE' not found"
|
||||
exit
|
||||
}
|
||||
|
||||
ACTION="$script_type"
|
||||
INSTANCE="$INTERFACE"
|
||||
|
||||
export ACTION=$ACTION
|
||||
export INSTANCE=$INSTANCE
|
||||
exec /sbin/hotplug-call openvpn "$@"
|
||||
Reference in New Issue
Block a user