[v5,3/4] Reconfigure vpn-select for keyxchangev2

we need some little changes and copy some things to fff-hood later

Update in v5:
 - nothing

Signed-off-by: Christian Dresel <fff@chrisi01.de>
---
 .../files/etc/hotplug.d/iface/50-vpn-select            |  6 ------
 .../fff-vpn-select/files/usr/lib/micron.d/vpn-select   |  1 -
 .../fff/fff-vpn-select/files/usr/sbin/vpn-select       | 18 +++++++-----------
 3 files changed, 7 insertions(+), 18 deletions(-)
 delete mode 100755 src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-select
 delete mode 100644 src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-select

Hi

Unten ein paar Kommentare, aber eigentlich brauchst du dir die nicht
angucken, denn das ganze vpn-select wird durch fff-hoods weg fallen.


Tim

Am Freitag, den 15.09.2017, 19:12 +0200 schrieb Christian Dresel:
> we need some little changes and copy some things to fff-hood later
> 
> Update in v5:
>  - nothing
> 
> Signed-off-by: Christian Dresel <fff@chrisi01.de>
> ---
>  .../files/etc/hotplug.d/iface/50-vpn-select            |  6 ------
>  .../fff-vpn-select/files/usr/lib/micron.d/vpn-select   |  1 -
>  .../fff/fff-vpn-select/files/usr/sbin/vpn-select       | 18 +++++++-
> ----------
>  3 files changed, 7 insertions(+), 18 deletions(-)
>  delete mode 100755 src/packages/fff/fff-vpn-
> select/files/etc/hotplug.d/iface/50-vpn-select
>  delete mode 100644 src/packages/fff/fff-vpn-
> select/files/usr/lib/micron.d/vpn-select
> 
> diff --git a/src/packages/fff/fff-vpn-
> select/files/etc/hotplug.d/iface/50-vpn-select
> b/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-vpn-
> select
> deleted file mode 100755
> index 16d9853..0000000
> --- a/src/packages/fff/fff-vpn-select/files/etc/hotplug.d/iface/50-
> vpn-select
> +++ /dev/null
> @@ -1,6 +0,0 @@
> -#!/bin/sh 
> -[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && {
> -       sleep 3
> -       /usr/sbin/vpn-select
> -}
> -
> diff --git a/src/packages/fff/fff-vpn-
> select/files/usr/lib/micron.d/vpn-select b/src/packages/fff/fff-vpn-
> select/files/usr/lib/micron.d/vpn-select
> deleted file mode 100644
> index dc20486..0000000
> --- a/src/packages/fff/fff-vpn-select/files/usr/lib/micron.d/vpn-
> select
> +++ /dev/null
> @@ -1 +0,0 @@
> -*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/vpn-select
> diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-
> select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> index c3d003f..0b8589f 100755
> --- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
> @@ -9,7 +9,6 @@ rm /tmp/fastd_${project}_peers/*
>  count=0
>  # get fastd peers
>  pubkey=$(echo "secret \"$(uci get fastd.fff.secret)\";" | fastd -c -
> --show-key --machine-readable)
> -wget -T15 "http://keyserver.freifunk-franken.de/${project}/geo.php?m
> ac=$mac&name=$hostname&port=$port&key=$pubkey&lat=$lat&long=$long" -O
> /tmp/fastd_${project}_output
>  filecounts=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "",
> $0); print $0; }' /tmp/fastd_${project}_output)
>  for file in $filecounts; do
>      awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};"
> /tmp/fastd_${project}_output | sed 's/ float;/;/g' >
> /etc/fastd/$project/peers/$file
> @@ -42,14 +41,17 @@ test_ipv4_host1="keyserver.freifunk-franken.de" #
> Freifunk-Franken keyserver
>  test_ipv4_host2="8.8.8.8"        # Google DNS
>  test_ipv6_host1="heise.de"       # heise Zeitschriftenverlag
>  
> +# need this here because the next if need this variable
> +. /etc/community.cfg
> +project="$VPN_PROJECT"
Das ist nicht nötigt. Für den zentralen keyXchange war das wichtig,
weil der Knoten sich so eine andere Variante des keyXchanges auswählen
konnte. Das wurde z.B. für die AUX benutzt.

Da wir das aber mit dem dezentralen definitiv nicht mehr brauchen, und
diese Variable jetzt eh nur noch für interne Pfad-Angaben genutzt wird,
kann sie ganz raus!

> +
>  # Only do something when the router has internet connection
> -if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
> +if (ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
>     ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
> -   ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then
> +   ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null) &&
Braucht es den Ping noch?

> +   [ -n /tmp/fastd_${project}_output ]; then
>  
>      # set some vars
> -    . /etc/community.cfg
> -    project="$VPN_PROJECT"
>      mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }'
> /sys/class/net/br-mesh/address 2>/dev/null)
>      lat=$(uci get system.@system[0].latitude)
Kann raus

>      long=$(uci get system.@system[0].longitude)
Kann raus

> @@ -60,12 +62,6 @@ if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
>      if [ ! -d /tmp/fastd_${project}_peers ]; then
>          # first run after reboot
>          mkdir /tmp/fastd_${project}_peers
> -        # do we have a fastd secret
> -        if ! egrep "option secret '[0-9a-f]{64}'" /etc/config/fastd
> &>/dev/null; then
> -            secret=$(fastd --generate-key 2>&1 |  awk '/[Ss]ecret/ {
> print $2 }')
> -            uci set fastd.${project}.secret="$secret"
> -            uci commit fastd
> -        fi
>          make_config
>          # start fastd only if there are some peers left
>          [ "$(ls /etc/fastd/${project}/peers/* 2>/dev/null)" ] &&
> /etc/init.d/fastd start
> -- 
> 2.1.4
>