From patchwork Thu Aug 31 18:56:40 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [3/4] Reconfigure vpn-select for keyxchangev2 From: Christian Dresel X-Patchwork-Id: 457 Message-Id: <1504205801-1921-3-git-send-email-fff@chrisi01.de> To: franken-dev@freifunk.net Date: Thu, 31 Aug 2017 20:56:40 +0200 we need some little changes and copy some things to fff-hood later Signed-off-by: Christian Dresel --- .../files/etc/hotplug.d/iface/50-vpn-select | 6 ------ .../fff-vpn-select/files/usr/lib/micron.d/vpn-select | 1 - .../fff/fff-vpn-select/files/usr/sbin/vpn-select | 18 +++++++----------- 3 files changed, 7 insertions(+), 18 deletions(-) delete mode 100755 src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select delete mode 100644 src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select diff --git a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select deleted file mode 100755 index 16d9853..0000000 --- a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh -[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && { - sleep 3 - /usr/sbin/vpn-select -} - diff --git a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select deleted file mode 100644 index dc20486..0000000 --- a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select +++ /dev/null @@ -1 +0,0 @@ -*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select index c3d003f..0b8589f 100755 --- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select @@ -9,7 +9,6 @@ rm /tmp/fastd_${project}_peers/* count=0 # get fastd peers pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c - --show-key --machine-readable) -wget -T15 "http://keyserver.freifunk-franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port&key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_${project}_output) for file in $filecounts; do awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_${project}_output | sed 's/ float;/;/g' > /etc/fastd/$project/peers/$file @@ -42,14 +41,17 @@ test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver test_ipv4_host2="8.8.8.8" # Google DNS test_ipv6_host1="heise.de" # heise Zeitschriftenverlag +# need this here because the next if need this variable +. /etc/community.cfg +project="$VPN_PROJECT" + # Only do something when the router has internet connection -if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null || +if (ping -w5 -c3 "$test_ipv4_host1" &>/dev/null || ping -w5 -c3 "$test_ipv4_host2" &>/dev/null || - ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then + ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null) && + [ -n /tmp/fastd_${project}_output ]; then # set some vars - . /etc/community.cfg - project="$VPN_PROJECT" mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' /sys/class/net/br-mesh/address 2>/dev/null) lat=$(uci get system.@system[0].latitude) long=$(uci get system.@system[0].longitude) @@ -60,12 +62,6 @@ if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null || if [ ! -d /tmp/fastd_${project}_peers ]; then # first run after reboot mkdir /tmp/fastd_${project}_peers - # do we have a fastd secret - if ! egrep "option secret '[0-9a-f]{64}'" /etc/config/fastd &>/dev/null; then - secret=$(fastd --generate-key 2>&1 | awk '/[Ss]ecret/ { print $2 }') - uci set fastd.${project}.secret="$secret" - uci commit fastd - fi make_config # start fastd only if there are some peers left [ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ] && /etc/init.d/fastd start