hak5
/
openwrt-owl
mirror of https://github.com/hak5/openwrt-owl.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

procd: convert services to the new validation api 

Signed-off-by: John Crispin <blogic@openwrt.org>

SVN-Revision: 38787
owl
John Crispin 2013-11-13 10:49:41 +00:00
parent 130d7de07f
commit 1f93857092
2 changed files with 67 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

109
package/network/services/dropbear/files/dropbear.init
View File

@ -12,76 +12,68 @@ PIDCOUNT=0
EXTRA_COMMANDS="killclients" EXTRA_COMMANDS="killclients"
EXTRA_HELP=" killclients Kill ${NAME} processes except servers and yourself" EXTRA_HELP=" killclients Kill ${NAME} processes except servers and yourself"
dropbear_instance() append_ports()
{ {
append_ports() local ifname="$1"
{ local port="$2"
local ifname="$1"
local port="$2"
grep -qs "^ *$ifname:" /proc/net/dev || { grep -qs "^ *$ifname:" /proc/net/dev || {
procd_append_param command -p "$port" procd_append_param command -p "$port"
return return
}
for addr in $(
ifconfig "$ifname" | sed -ne '
/addr: *fe[89ab][0-9a-f]:/d
s/.* addr: *\([0-9a-f:\.]*\).*/\1/p
'
); do
procd_append_param command -p "$addr:$port"
done
} }
for addr in $(
ifconfig "$ifname" | sed -ne '
/addr: *fe[89ab][0-9a-f]:/d
s/.* addr: *\([0-9a-f:\.]*\).*/\1/p
'
); do
procd_append_param command -p "$addr:$port"
done
}
local section="$1" validate_section_dropbear()
{
uci_validate_section dropbear dropbear "${1}" \
'PasswordAuth:bool:1' \
'enable:bool:1' \
'Interface:string' \
'GatewayPorts:integer:0' \
'RootPasswordAuth:bool:1' \
'RootLogin:bool:1' \
'rsakeyfile:file' \
'dsskeyfile:file' \
'BannerFile:file' \
'Port:list(port):22'
return $?
}
# check if section is enabled (default) dropbear_instance()
local enabled {
config_get_bool enabled "${section}" enable 1 local PasswordAuth enable Interface GatewayPorts \
[ "${enabled}" -eq 0 ] && return 1 RootPasswordAuth RootLogin rsakeyfile \
dsskeyfile BannerFile Port
# increase pid file count to handle multiple instances correctly validate_section_dropbear "${1}" || {
echo "validation failed"
return 1
}
[ "${enable}" = "0" ] && return 1
PIDCOUNT="$(( ${PIDCOUNT} + 1))" PIDCOUNT="$(( ${PIDCOUNT} + 1))"
local pid_file="/var/run/${NAME}.${PIDCOUNT}.pid" local pid_file="/var/run/${NAME}.${PIDCOUNT}.pid"
procd_open_instance procd_open_instance
procd_set_param command "$PROG" -F -P "$pid_file" procd_set_param command "$PROG" -F -P "$pid_file"
[ "${PasswordAuth}" -eq 0 ] && procd_append_param command -s
# prepare parameters (initialise with pid file) [ "${GatewayPorts}" -eq 1 ] && procd_append_param command -a
local val [ "${RootPasswordAuth}" -eq 0 ] && procd_append_param command -g
[ "${RootLogin}" -eq 0 ] && procd_append_param command -w
# A) password authentication [ -n "${rsakeyfile}" ] && procd_append_param command -r "${rsakeyfile}"
config_get_bool val "${section}" PasswordAuth 1 [ -n "${dsskeyfile}" ] && procd_append_param command -d "${dsskeyfile}"
[ "${val}" -eq 0 ] && procd_append_param command -s [ -n "${BannerFile}" ] && procd_append_param command -b "${BannerFile}"
[ -n "${interface}" ] && network_get_device interface "${interface}"
# B) listen interface and port append_ports "${interface}" "${Port}"
local port
local interface
config_get interface "${section}" Interface
[ -n "$interface" ] && network_get_device interface "$interface"
config_get port "${section}" Port 22
append_ports "$interface" "$port"
# C) banner file
config_get val "${section}" BannerFile
[ -f "${val}" ] && procd_append_param command -b "${val}"
# D) gatewayports
config_get_bool val "${section}" GatewayPorts 0
[ "${val}" -eq 1 ] && procd_append_param command -a
# E) root password authentication
config_get_bool val "${section}" RootPasswordAuth 1
[ "${val}" -eq 0 ] && procd_append_param command -g
# F) root login
config_get_bool val "${section}" RootLogin 1
[ "${val}" -eq 0 ] && procd_append_param command -w
# G) host keys
config_get val "${section}" rsakeyfile
[ -f "${val}" ] && procd_append_param command -r "${val}"
config_get val "${section}" dsskeyfile
[ -f "${val}" ] && procd_append_param command -d "${val}"
procd_close_instance procd_close_instance
} }
@ -123,6 +115,7 @@ start_service()
service_triggers() service_triggers()
{ {
procd_add_reload_trigger "dropbear" procd_add_reload_trigger "dropbear"
procd_add_validation validate_section_dropbear
} }
killclients() killclients()

30
package/utils/busybox/files/sysntpd
View File

@ -6,26 +6,27 @@ START=98
USE_PROCD=1 USE_PROCD=1
PROG=/usr/sbin/ntpd PROG=/usr/sbin/ntpd
validate_ntp_section() {
uci_validate_section system timeserver "${1}" \
'server:list(string)' 'enable_server:bool:0'
}
start_service() { start_service() {
local peers local server enable_server peer
local args="-n"
local enable_server
config_load system validate_ntp_section ntp || {
config_get peers ntp server echo "validation failed"
config_get_bool enable_server ntp enable_server 0 return 1
}
[ $enable_server -eq 0 -a -z "$peers" ] && return [ $enable_server -eq 0 -a -z "$server" ] && return
procd_open_instance procd_open_instance
procd_set_param command "$PROG" -n procd_set_param command "$PROG" -n
[ $enable_server -ne 0 ] && procd_append_param command -l [ "$enable_server" = "1" ] && procd_append_param command -l
[ -n "$peers" ] && { for peer in "$server"; do
local peer procd_append_param command -p $peer
for peer in $peers; do done
procd_append_param command -p $peer
done
}
procd_set_param respawn procd_set_param respawn
procd_close_instance procd_close_instance
} }
@ -33,4 +34,5 @@ start_service() {
service_triggers() service_triggers()
{ {
procd_add_reload_trigger "system" procd_add_reload_trigger "system"
procd_add_validation validate_ntp_section
} }