package/dropbear/files/dropbear.init

   1 #!/bin/sh /etc/rc.common
   2 # Copyright (C) 2006-2010 OpenWrt.org
   3 # Copyright (C) 2006 Carlos Sobrinho
   4
   5 NAME=dropbear
   6 PROG=/usr/sbin/dropbear
   7 START=50
   8 STOP=50
   9 PIDCOUNT=0
  10 EXTRA_COMMANDS="killclients"
  11 EXTRA_HELP="    killclients Kill ${NAME} processes except servers and yourself"
  12
  13 dropbear_start()
  14 {
  15         local section="$1"
  16
  17         # check if section is enabled (default)
  18         local enabled
  19         config_get_bool enabled "${section}" enable 1
  20         [ "${enabled}" -eq 0 ] && return 1
  21
  22         # verbose parameter
  23         local verbosed
  24         config_get_bool verbosed "${section}" verbose 0
  25
  26         # increase pid file count to handle multiple instances correctly
  27         PIDCOUNT="$(( ${PIDCOUNT} + 1))"
  28
  29         # prepare parameters (initialise with pid file)
  30         local args="-P /var/run/${NAME}.${PIDCOUNT}.pid"
  31         local val
  32         # A) password authentication
  33         config_get_bool val "${section}" PasswordAuth 1
  34         [ "${val}" -eq 0 ] && append args "-s"
  35         # B) listen interface and port
  36         local interface
  37         local address
  38         config_get interface "${section}" Interface
  39         config_get address "${interface}" ipaddr
  40         config_get val "${section}" Port
  41         val="${address:+${address}:}${val}"
  42         [ -n "${val}" ] && append args "-p ${val}"
  43         # C) banner file
  44         config_get val "${section}" BannerFile
  45         [ -f "${val}" ] && append args "-b ${val}"
  46         # D) gatewayports
  47         config_get_bool val "${section}" GatewayPorts 0
  48         [ "${val}" -eq 1 ] && append args "-a"
  49         # E) root password authentication
  50         config_get_bool val "${section}" RootPasswordAuth 1
  51         [ "${val}" -eq 0 ] && append args "-g"
  52         # F) root login
  53         config_get_bool val "${section}" RootLogin 1
  54         [ "${val}" -eq 0 ] && append args "-w"
  55         # G) host keys
  56         config_get val "${section}" rsakeyfile
  57         [ -f "${val}" ] && append args "-r ${val}"
  58         config_get val "${section}" dsskeyfile
  59         [ -f "${val}" ] && append args "-d ${val}"
  60
  61         # execute program and return its exit code
  62         [ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}"
  63         ${PROG} ${args}
  64         return $?
  65 }
  66
  67 keygen()
  68 {
  69         for keytype in rsa dss; do
  70                 # check for keys
  71                 key=dropbear/dropbear_${keytype}_host_key
  72                 [ -f /tmp/$key -o -s /etc/$key ] || {
  73                         # generate missing keys
  74                         mkdir -p /tmp/dropbear
  75                         [ -x /usr/bin/dropbearkey ] && {
  76                                 /usr/bin/dropbearkey -t $keytype -f /tmp/$key 2>&- >&- && exec /etc/rc.common "$initscript" start
  77                         } &
  78                 exit 0
  79                 }
  80         done
  81
  82         lock /tmp/.switch2jffs
  83         mkdir -p /etc/dropbear
  84         mv /tmp/dropbear/dropbear_* /etc/dropbear/
  85         lock -u /tmp/.switch2jffs
  86         chown root /etc/dropbear
  87         chmod 0700 /etc/dropbear
  88 }
  89
  90 start()
  91 {
  92         [ -s /etc/dropbear/dropbear_rsa_host_key -a \
  93           -s /etc/dropbear/dropbear_dss_host_key ] || keygen
  94
  95         include /lib/network
  96         scan_interfaces
  97         config_load "${NAME}"
  98         config_foreach dropbear_start dropbear
  99 }
 100
 101 stop()
 102 {
 103         # killing all server processes
 104         local pidfile
 105         for pidfile in `ls /var/run/${NAME}.*.pid`
 106          do
 107                 start-stop-daemon -q -K -s KILL -p "${pidfile}" -n "${NAME}"
 108                 rm -f "${pidfile}"
 109         done
 110         [ -z "${pidfile}" ] && echo "${initscript}: no pid files, if you get problems with start then try killclients"
 111 }
 112
 113 killclients()
 114 {
 115         local ignore=''
 116         local server
 117         local pid
 118
 119         # if this script is run from inside a client session, then ignore that session
 120         pid="$$"
 121         while [ "${pid}" -ne 0 ]
 122          do
 123                 # get parent process id
 124                 pid=`cut -d ' ' -f 4 "/proc/${pid}/stat"`
 125                 [ "${pid}" -eq 0 ] && break
 126
 127                 # check if client connection
 128                 grep -F -q -e "${PROG}" "/proc/${pid}/cmdline" && {
 129                         append ignore "${pid}"
 130                         break
 131                 }
 132         done
 133
 134         # get all server pids that should be ignored
 135         for server in `cat /var/run/${NAME}.*.pid`
 136          do
 137                 append ignore "${server}"
 138         done
 139
 140         # get all running pids and kill client connections
 141         local skip
 142         for pid in `pidof "${NAME}"`
 143          do
 144                 # check if correct program, otherwise process next pid
 145                 grep -F -q -e "${PROG}" "/proc/${pid}/cmdline" || {
 146                         continue
 147                 }
 148
 149                 # check if pid should be ignored (servers, ourself)
 150                 skip=0
 151                 for server in ${ignore}
 152                  do
 153                         if [ "${pid}" == "${server}" ]
 154                          then
 155                                 skip=1
 156                                 break
 157                         fi
 158                 done
 159                 [ "${skip}" -ne 0 ] && continue
 160
 161                 # kill process
 162                 echo "${initscript}: Killing ${pid}..."
 163                 kill -KILL ${pid}
 164         done
 165 }