include $(TOPDIR)/rules.mk
PKG_NAME:=tinc
-PKG_VERSION:=1.0.14
-PKG_RELEASE:=1
+PKG_VERSION:=1.0.16
+PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://www.tinc-vpn.org/packages \
- http://ftp.yi.se/pub/tinc \
- http://www.mirrors.wiretapped.net/security/network-security/tinc
-PKG_MD5SUM:=967dfafc4aa41a614c1d2739df8a8372
+PKG_SOURCE_URL:=http://www.tinc-vpn.org/packages
+PKG_MD5SUM:=f1c7ed94878725fb2cf4efb02bf160da
PKG_INSTALL:=1
define Package/tinc/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/tincd $(1)/usr/sbin/
+ $(INSTALL_DIR) $(1)/etc/init.d/
+ $(INSTALL_BIN) files/$(PKG_NAME).init $(1)/etc/init.d/$(PKG_NAME)
+ $(INSTALL_DIR) $(1)/etc/config
+ $(INSTALL_CONF) files/$(PKG_NAME).config $(1)/etc/config/$(PKG_NAME)
+ $(INSTALL_DIR) $(1)/etc/openvpn
+ $(INSTALL_DIR) $(1)/lib/upgrade/keep.d
+ $(INSTALL_DATA) files/tinc.upgrade $(1)/lib/upgrade/keep.d/tinc
+endef
+
+define Package/tinc/conffiles
+/etc/config/tinc
endef
$(eval $(call BuildPackage,tinc))
--- /dev/null
+config tinc-net NETNAME
+ option enabled 0
+
+ ## Daemon Configuration (cmd arguments)
+ #option generate_keys 0
+ #option key_size 2048
+ #option log /tmp/log/tinc.NETNAME.log
+ #option debug 3
+
+ ## Server Configuration (tinc.conf)
+ #option AddressFamily any
+ #option BindToAddress 127.0.0.1
+ #option BindToInterface lo
+
+ #list ConnectTo peer1
+
+ #option DirectOnly 0
+ #option Forwarding internal
+ #option GraphDumpFile /tmp/log/tinc.NETNAME.dot
+ #option Hostnames 0
+ #option IffOneQueue 0
+ #option Interface NETNAME
+ #option KeyExpire 3600
+ #option MACExpire 600
+ #option MaxTimeout 900
+ #option Mode router
+
+ option Name NODENAME
+
+ #option PingInterval 60
+ #option PingTimeout 5
+ #option PriorityInheritance 0
+ #option PrivateKeyFile /etc/tinc/NETNAME/rsa_key.priv
+ #option ProcessPriority normal
+ #option ReplayWindow 16
+ #option StrictSubnets 0
+ #option TunnelServer 0
+ #option UDPRcvBuf x
+ #option UDPSndBuf x
+
+config tinc-host NODENAME
+ option enabled 0
+
+ option net NETNAME
+
+ #list Address example.com
+ #option Cipher blowfish
+ #option ClampMSS yes
+ #option Compression 0
+ #option Digest sha1
+ #option IndirectData 0
+ #option MACLength 4
+ #option PMTU 1514
+ #option PMTUDiscovery yes
+ #option Port 655
+ #option Subnet 192.168.1.0/24
--- /dev/null
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2011 OpenWrt.org
+# Copyright (C) 2011 Linus Lüssing
+# Based on Jo-Philipp Wich's OpenVPN init script
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+
+START=42
+
+SERVICE_USE_PID=1
+
+BIN=/usr/sbin/tincd
+EXTRA_COMMANDS="up down"
+
+LIST_SEP="
+"
+TMP_TINC="/tmp/tinc"
+
+append_param() {
+ local v="$1"
+ case "$v" in
+ *_*_*_*) v=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_} ;;
+ *_*_*) v=${v%%_*}-${v#*_}; v=${v%%_*}-${v#*_} ;;
+ *_*) v=${v%%_*}-${v#*_} ;;
+ esac
+ ARGS="$ARGS --$v"
+ return 0
+}
+
+append_conf_bools() {
+ local p; local v; local s="$1"; local f="$2"; shift; shift
+ for p in $*; do
+ config_get_bool v "$s" "$p"
+ [ "$v" == 1 ] && echo "$p = yes" >> "$f"
+ [ "$v" == 0 ] && echo "$p = no" >> "$f"
+ done
+}
+
+append_params() {
+ local p; local v; local s="$1"; shift
+ for p in $*; do
+ config_get v "$s" "$p"
+ IFS="$LIST_SEP"
+ for v in $v; do
+ [ -n "$v" ] && append_param "$p" && ARGS="$ARGS $v"
+ done
+ unset IFS
+ done
+}
+
+append_conf_params() {
+ local p; local v; local s="$1"; local f="$2"; shift; shift
+ for p in $*; do
+ config_get v "$s" "$p"
+ IFS="$LIST_SEP"
+ for v in $v; do
+ # Look up OpenWRT interface names
+ [ "$p" = "BindToInterface" ] && {
+ local ifname=$(uci -P /var/state get network.$v.ifname 2>&-)
+ [ -n "$ifname" ] && v="$ifname"
+ }
+
+ [ -n "$v" ] && echo "$p = $v" >> "$f"
+ done
+ unset IFS
+ done
+}
+
+section_enabled() {
+ config_get_bool enabled "$1" 'enabled' 0
+ [ $enabled -gt 0 ]
+}
+
+prepare_host() {
+ local s="$1"
+ local n
+
+ # net disabled?
+ config_get n "$s" net
+ section_enabled "$n" || return 1
+
+ if [ "$#" = "2" ]; then
+ [ "$2" != "$n" ] && return 1
+ fi
+
+ # host disabled?
+ section_enabled "$s" || {
+ [ -f "$TMP_TINC/$n/hosts/$s" ] && rm "$TMP_TINC/$n/hosts/$s"
+ return 1
+ }
+
+ [ ! -f "/etc/tinc/$n/hosts/$s" ] && {
+ echo -n "tinc: Warning, public key for $s for network $n "
+ echo -n "missing in /etc/tinc/$n/hosts/$s, "
+ echo "skipping configuration of $s"
+ return 1
+ }
+
+ # append flags
+ append_conf_bools "$s" "$TMP_TINC/$n/hosts/$s" \
+ ClampMSS IndirectData PMTUDiscovery
+
+ # append params
+ append_conf_params "$s" "$TMP_TINC/$n/hosts/$s" \
+ Address Cipher Compression Digest MACLength PMTU Port Subnet
+}
+
+check_gen_own_key() {
+ local s="$1"; local n; local k
+
+ config_get n "$s" Name
+ config_get_bool k "$s" generate_keys 0
+ [ "$k" == 0 ] && return 0
+
+ ([ -z "$n" ] || [ -f "$TMP_TINC/$s/hosts/$n" ] || [ -f "$TMP_TINC/$s/rsa_key.priv" ]) && \
+ return 0
+ [ ! -d "$TMP_TINC/$s/hosts" ] && mkdir -p "$TMP_TINC/$s/hosts"
+
+ config_get k "$s" key_size
+ if [ -z "$k" ]; then
+ $BIN -c "$TMP_TINC/$s" --generate-keys </dev/null
+ else
+ $BIN -c "$TMP_TINC/$s" "--generate-keys=$k" </dev/null
+ fi
+
+ [ ! -d "/etc/tinc/$s/hosts" ] && mkdir -p "/etc/tinc/$s/hosts"
+ cp "$TMP_TINC/$s/rsa_key.priv" "/etc/tinc/$s/"
+ [ -n "$n" ] && cp "$TMP_TINC/$s/hosts/$n" "/etc/tinc/$s/hosts/"
+}
+
+prepare_net() {
+ local s="$1"
+ local n
+
+ section_enabled "$s" || return 1
+
+ [ ! -d "$TMP_TINC/$s" ] && mkdir -p "$TMP_TINC/$s"
+ [ -d "/etc/tinc/$s" ] && cp -r "/etc/tinc/$s" "$TMP_TINC/"
+
+ # append flags
+ append_conf_bools "$s" "$TMP_TINC/$s/tinc.conf" \
+ DirectOnly Hostnames IffOneQueue PriorityInheritance \
+ StrictSubnets TunnelServer \
+ ClampMSS IndirectData PMTUDiscovery
+
+ # append params
+ append_conf_params "$s" "$TMP_TINC/$s/tinc.conf" \
+ AddressFamily BindToAddress ConnectTo BindToInterface \
+ Forwarding GraphDumpFile Interface KeyExpire MACExpire \
+ MaxTimeout Mode Name PingInterval PingTimeout PrivateKeyFile \
+ ProcessPriority ReplayWindow UDPRcvBuf UDPSndBuf \
+ Address Cipher Compression Digest MACLength PMTU Port Subnet
+
+ check_gen_own_key "$s" && return 0
+}
+
+start_instance() {
+ local s="$1"
+
+ section_enabled "$s" || return 1
+
+ ARGS=""
+
+ # append params
+ append_params "$s" log debug
+
+ SERVICE_PID_FILE="/var/run/tinc.$s.pid"
+ service_start $BIN -c "$TMP_TINC/$s" -n $s $ARGS --pidfile="$SERVICE_PID_FILE"
+}
+
+stop_instance() {
+ local s="$1"
+
+ section_enabled "$s" || return 1
+
+ SERVICE_PID_FILE="/var/run/tinc.$s.pid"
+ service_stop $BIN
+}
+
+reload_instance() {
+ local s="$1"
+
+ section_enabled "$s" || return 1
+
+ SERVICE_PID_FILE="/var/run/tinc.$s.pid"
+ service_reload $BIN
+}
+
+start() {
+ config_load 'tinc'
+
+ config_foreach prepare_net 'tinc-net'
+ config_foreach prepare_host 'tinc-host'
+
+ config_foreach start_instance 'tinc-net'
+}
+
+stop() {
+ config_load 'tinc'
+ config_foreach stop_instance 'tinc-net'
+}
+
+reload() {
+ config_load 'tinc'
+ config_foreach reload_instance 'tinc-net'
+}
+
+up() {
+ local exists
+ local instance
+ config_load 'tinc'
+ for instance in "$@"; do
+ config_get exists "$instance" 'TYPE'
+ if [ "$exists" == "tinc-net" ]; then
+ prepare_net "$instance"
+ config_foreach prepare_host 'tinc-host' "$instance"
+ start_instance "$instance"
+ fi
+ done
+}
+
+down() {
+ local exists
+ local instance
+ config_load 'tinc'
+ for instance in "$@"; do
+ config_get exists "$instance" 'TYPE'
+ if [ "$exists" == "tinc-net" ]; then
+ stop_instance "$instance"
+ fi
+ done
+}
projects / 10.03 / packages.git / commitdiff