LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9783 Commits
1 Branch
46 MiB
Tree: 8068fd5192
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '8068fd5192'
${ noResults }
openwrt-packages-dist/net/radsecproxy/files/radsecproxy.init

142 lines
3.4 KiB
Raw Normal View History

radsecproxy: add package Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
10 years ago
radsecproxy: UCIfied configuration Signed-off-by: Ondřej Caletka <ondrej@caletka.cz>
8 years ago
radsecproxy: add package Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
10 years ago
radsecproxy: UCIfied configuration Signed-off-by: Ondřej Caletka <ondrej@caletka.cz>
8 years ago
radsecproxy: add package Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
10 years ago
radsecproxy: UCIfied configuration Signed-off-by: Ondřej Caletka <ondrej@caletka.cz>
8 years ago
 
  1. #!/bin/sh /etc/rc.common
  2. # Copyright (C) 2006-2011 OpenWrt.org
  3. 

  4. START=70
  5. 

  6. USE_PROCD=1
  7. PROG=/usr/sbin/radsecproxy
  8. CONFFILE=/var/etc/radsecproxy.conf
  9. LIST_SEP="
  10. "
  11. append_params() {
  12. 	local param
  13. 	local value
  14. 	local section="$1"
  15. 	shift
  16. 	for param in $*; do
  17. 		config_get value "$section" "$param"
  18. 		[ -z "$value" ] && {
  19. 			param=$(echo $param | tr [A-Z] [a-z])
  20. 			config_get value "$section" "$param"
  21. 		}
  22. 		IFS="$LIST_SEP"
  23. 		for value in $value; do
  24. 			[ -n "$value" ] && echo "    $param '$value'" >> "$CONFFILE"
  25. 		done
  26. 		unset IFS
  27. 	done
  28. }
  29. 

  30. append_bools() {
  31. 	local param
  32. 	local value
  33. 	local section="$1"
  34. 	shift
  35. 	for param in $*; do
  36. 		config_get_bool value "$section" "$param"
  37. 		[ -z "$value" ] && {
  38. 			param=$(echo $param | tr [A-Z] [a-z])
  39. 			config_get_bool value "$section" "$param"
  40. 		}
  41. 		[ -n "$value" ] && {
  42. 			[ "$value" -eq 0 ] && echo "    $param off" >> "$CONFFILE"
  43. 			[ "$value" -eq 1 ] && echo "    $param on" >> "$CONFFILE"
  44. 		}
  45. 	done
  46. }
  47. 

  48. radsecproxy_options() {
  49. 	local cfg="$1"
  50. 	append_params "$cfg" \
  51. 		Include PidFile LogLevel LogDestination FTicksReporting FTicksMAC FTicksKey \
  52. 		FTicksSyslogFacility ListenUDP ListenTCP ListenTLS ListenDTLS SourceUDP \
  53. 		SourceTCP SourceTLS SourceDTLS TTLAttribute AddTTL
  54. 	append_bools "$cfg" \
  55. 		LoopPrevention IPv4Only IPv6Only
  56. }
  57. 

  58. tls_block() {
  59. 	local cfg="$1"
  60. 	local name
  61. 	config_get name "$cfg" name
  62. 	echo "tls '$name' {" >> "$CONFFILE"
  63. 	append_params "$cfg" \
  64. 		Include CACertificateFile CACertificatePath certificateFile certificateKeyFile \
  65. 		certificateKeyPassword cacheExpiry policyOID
  66. 	append_bools "$cfg" \
  67. 		CRLCheck
  68. 	echo "}" >> "$CONFFILE"
  69. }
  70. 

  71. rewrite_block() {
  72. 	local cfg="$1"
  73. 	local name
  74. 	config_get name "$cfg" name
  75. 	echo "rewrite '$name' {" >> "$CONFFILE"
  76. 	append_params "$cfg" \
  77. 		Include addAttribute addVendorAttribute removeAttribute removeVendorAttribute \
  78. 		modifyAttribute
  79. 	echo "}" >> "$CONFFILE"
  80. }
  81. 

  82. client_block() {
  83. 	local cfg="$1"
  84. 	local name
  85. 	config_get name "$cfg" name
  86. 	echo "client '$name' {" >> "$CONFFILE"
  87. 	append_params "$cfg" \
  88. 		Include host type secret tls matchCertificateAttribute duplicateInterval \
  89. 		AddTTL fticksVISCOUNTRY fticksVISINST rewrite rewriteIn rewriteOut \
  90. 		rewriteAttribute
  91. 	append_bools "$cfg" \
  92. 		IPv4Only IPv6Only certificateNameCheck
  93. 	echo "}" >> "$CONFFILE"
  94. }
  95. 

  96. server_block() {
  97. 	local cfg="$1"
  98. 	local name
  99. 	config_get name "$cfg" name
  100. 	echo "server '$name' {" >> "$CONFFILE"
  101. 	append_params "$cfg" \
  102. 		Include host port type secret tls matchCertificateAttribute \
  103. 		AddTTL rewrite rewriteIn rewriteOut retryCount dynamicLookupCommand \
  104. 		retryInterval
  105. 	append_bools "$cfg" \
  106. 		IPv4Only IPv6Only certificateNameCheck statusServer LoopPrevention
  107. 	echo "}" >> "$CONFFILE"
  108. }
  109. 

  110. realm_block() {
  111. 	local cfg="$1"
  112. 	local name
  113. 	config_get name "$cfg" name
  114. 	echo "realm '$name' {" >> "$CONFFILE"
  115. 	append_params "$cfg" \
  116. 		Include server accountingServer replyMessage
  117. 	append_bools "$cfg" \
  118. 		accountingResponse
  119. 	echo "}" >> "$CONFFILE"
  120. }
  121. 

  122. start_service() {
  123. 	mkdir -p $(dirname $CONFFILE)
  124. 	echo "# auto-generated config file from /etc/config/radsecproxy" > $CONFFILE
  125. 	config_load 'radsecproxy'
  126. 	config_foreach radsecproxy_options options
  127. 	config_foreach tls_block tls
  128. 	config_foreach rewrite_block rewrite
  129. 	config_foreach client_block client
  130. 	config_foreach server_block server
  131. 	config_foreach realm_block realm
  132. 

  133. 	procd_open_instance
  134. 	procd_set_param command $PROG -f -c $CONFFILE
  135. 	procd_set_param file $CONFFILE
  136. 	procd_set_param respawn
  137. 	procd_close_instance
  138. }
  139. 

  140. service_triggers() {
  141. 	procd_add_reload_trigger 'radsecproxy'
  142. }