|
|
- #!/bin/sh /etc/rc.common
- # Copyright (C) 2006-2008 OpenWrt.org
-
- START=90
- USE_PROCD=1
-
- PID_FILE="/var/run/stunnel.pid"
- CONF_FILE="/tmp/stunnel.conf"
- BIN="/usr/bin/stunnel"
-
- global_defs() {
- local debug compression
-
- config_get alt_config_file 'globals' alt_config_file
- [ -z "$alt_config_file" ] || return 0
-
- # Set default settings
- printf "foreground = yes\n" >> "$CONF_FILE"
- printf "pid = %s\n" "$PID_FILE" >> "$CONF_FILE"
- printf "syslog = yes\n" >> "$CONF_FILE"
-
- config_get debug 'globals' debug '5'
- printf "debug = %s\n" "$debug" >> "$CONF_FILE"
-
- config_get compression 'globals' compression
- [ -z "$compression" ] || printf "compression = %s\n" "$compression" >> "$CONF_FILE"
- }
-
- print_options() {
- local config=$1
- shift
- for opt in "$@"; do
- local $opt
- local value
- local is_boolean=0
-
- if [ "${opt:0:5}" == "bool_" ]; then
- opt="${opt:5}"
- is_boolean=1
- fi
-
- config_get "value" "$config" "$opt"
- [ -z "$value" ] || {
- if [ "$value" = '1' ] && [ "$is_boolean" -eq "1" ]; then
- value="yes"
- elif [ "$value" = '0' ] && [ "$is_boolean" -eq "1" ] ; then
- value="no"
- fi
- printf "%s = %s\n" "$opt" "$value" >> "$CONF_FILE"
- }
- done
- }
-
- print_list() {
- local config=$1
- shift
- for opt in "$@"; do
- local $opt
- local elements
- config_get "elements" "$config" "$opt"
- for element in $elements; do
- printf "%s = %s\n" "$opt" "$element" >> "$CONF_FILE"
- done
- done
- }
-
- print_list_colon() {
- local config=$1
- local value
- shift
- for opt in "$@"; do
- local $opt
- local elements
- config_get "elements" "$config" "$opt"
- for element in $elements; do
- value="${value}:${element}"
- done
- printf "%s = %s\n" "$opt" "${value#*:}" >> "$CONF_FILE"
- done
- }
-
- service_section() {
- local cfg="$1"
- local accept_host accept_port enabled
-
- config_get_bool enabled "$cfg" 'enabled' '1'
- [ ${enabled} -gt 0 ] || return 0
-
- printf "\n" >> "$CONF_FILE"
- printf "[%s]\n" "$cfg" >> "$CONF_FILE"
-
- config_get accept_host "$cfg" accept_host 'localhost'
- config_get accept_port "$cfg" accept_port
- printf "accept = %s:%s\n" "$accept_host" "$accept_port" >> "$CONF_FILE"
-
- print_options "$cfg" CApath \
- CAfile \
- cert \
- CRLpath \
- CRLfile \
- curve \
- logId \
- debug \
- engineId \
- engineNum \
- failover \
- ident \
- key \
- local \
- PSKidentity \
- PSKsecrets \
- sslVersion \
- TIMEOUTbusy \
- TIMEOUTclose \
- TIMEOUTconnect \
- TIMEOUTidle \
- bool_delay \
- bool_libwrap \
- bool_reset \
- bool_requireCert \
- bool_verifyChain \
- bool_verifyPeer \
- bool_client
-
- print_list "$cfg" checkEmail \
- checkHost \
- checkIP \
- connect \
- options
-
- print_list_colon "$cfg" ciphers
- }
-
- process_config() {
- local alt_config_file
-
- rm -f "$CONF_FILE"
-
- # First line
- printf "; STunnel configuration file generated by uci\n" > "$CONF_FILE"
- printf "; Written %s\n\n" "$(date +'%c')" >> "$CONF_FILE"
-
- [ -f /etc/config/stunnel ] || return 0
-
- config_load stunnel
- global_defs
-
- # If "alt_config_file" specified, use that instead
- [ -n "$alt_config_file" ] && [ -f "$alt_config_file" ] && {
- rm -f "$CONF_FILE"
- # Symlink "alt_config_file" since it's a bit easier and safer
- ln -s "$alt_config_file" "$CONF_FILE"
- return 0
- }
-
- config_foreach service_section service
- }
-
- reload_service() {
- process_config
- # SIGHUP is used by stunnel to do init.d reload
- procd_send_signal stunnel
- }
-
- service_triggers() {
- procd_add_reload_trigger "stunnel"
- }
-
- start_service() {
- procd_open_instance
- procd_set_param command "$BIN"
- procd_append_param command "$CONF_FILE"
-
- process_config
-
- # set auto respawn behavior
- procd_set_param respawn
- procd_close_instance
- }
|
