firewall: add sanity checks to zone default rules (patch from #5459)
[openwrt.git] / package / dropbear / files / dropbear.init
1 #!/bin/sh /etc/rc.common
2 # Copyright (C) 2006-2009 OpenWrt.org
3 # Copyright (C) 2006 Carlos Sobrinho
4
5 NAME=dropbear
6 PROG=/usr/sbin/dropbear
7 START=50
8 PIDCOUNT=0
9 EXTRA_COMMANDS="killclients"
10 EXTRA_HELP=" killclients Kill ${NAME} processes except servers and yourself"
11
12 dropbear_start()
13 {
14 local section="$1"
15
16 # check if section is enabled (default)
17 local enabled
18 config_get_bool enabled "${section}" enable 1
19 [ "${enabled}" -eq 0 ] && return 1
20
21 # verbose parameter
22 local verbosed
23 config_get_bool verbosed "${section}" verbose 0
24
25 # increase pid file count to handle multiple instances correctly
26 PIDCOUNT="$(( ${PIDCOUNT} + 1))"
27
28 # prepare parameters
29 # A) password authentication
30 local nopasswd
31 local passauth
32 config_get_bool passauth "${section}" PasswordAuth 1
33 [ "${passauth}" -eq 0 ] && nopasswd=1
34 # B) listen port
35 local port
36 config_get port "${section}" Port
37
38 # concatenate parameters
39 local args
40 args="${nopasswd:+-s }${port:+-p ${port}} -P /var/run/${NAME}.${PIDCOUNT}.pid"
41
42 # execute program and return its exit code
43 [ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}"
44 ${PROG} ${args}
45 return $?
46 }
47
48 keygen()
49 {
50 for keytype in rsa dss; do
51 # check for keys
52 key=dropbear/dropbear_${keytype}_host_key
53 [ -f /tmp/$key -o -s /etc/$key ] || {
54 # generate missing keys
55 mkdir -p /tmp/dropbear
56 [ -x /usr/bin/dropbearkey ] && {
57 /usr/bin/dropbearkey -t $keytype -f /tmp/$key 2>&- >&- && exec /etc/rc.common "$initscript" start
58 } &
59 exit 0
60 }
61 done
62
63 lock /tmp/.switch2jffs
64 mkdir -p /etc/dropbear
65 mv /tmp/dropbear/dropbear_* /etc/dropbear/
66 lock -u /tmp/.switch2jffs
67 chown root /etc/dropbear
68 chmod 0700 /etc/dropbear
69 }
70
71 start()
72 {
73 [ -s /etc/dropbear/dropbear_rsa_host_key -a \
74 -s /etc/dropbear/dropbear_dss_host_key ] || keygen
75
76 config_load "${NAME}"
77 config_foreach dropbear_start dropbear
78 }
79
80 stop()
81 {
82 # killing all server processes
83 local pidfile
84 for pidfile in `ls /var/run/${NAME}.*.pid`
85 do
86 start-stop-daemon -K -s KILL -p "${pidfile}" -n "${NAME}" >/dev/null
87 rm -f "${pidfile}"
88 done
89 [ -z "${pidfile}" ] && echo "${initscript}: no pid files, if you get problems with start then try killclients"
90 }
91
92 killclients()
93 {
94 local ignore=''
95 local server
96 local pid
97
98 # if this script is run from inside a client session, then ignore that session
99 pid="$$"
100 while [ "${pid}" -ne 0 ]
101 do
102 # get parent process id
103 pid=`cut -d ' ' -f 4 "/proc/${pid}/stat"`
104 [ "${pid}" -eq 0 ] && break
105
106 # check if client connection
107 ps | grep -e "^[ ]*${pid} " | grep "${PROG}" >/dev/null
108 if [ $? -eq 0 ]
109 then
110 append ignore "${pid}"
111 break
112 fi
113 done
114
115 # get all server pids that should be ignored
116 for server in `cat /var/run/${NAME}.*.pid`
117 do
118 append ignore "${server}"
119 done
120
121 # get all running pids and kill client connections
122 local skip
123 for pid in `pidof "${NAME}"`
124 do
125 # check if correct program
126 ps | grep -e "^[ ]*${pid} " | grep "${PROG}" >/dev/null
127 [ $? -ne 0 ] && continue
128
129 # check if pid should be ignored (servers, ourself)
130 skip=0
131 for server in ${ignore}
132 do
133 if [ "${pid}" == "${server}" ]
134 then
135 skip=1
136 break
137 fi
138 done
139 [ "${skip}" -ne 0 ] && continue
140
141 # kill process
142 echo "${initscript}: Killing ${pid}..."
143 kill -KILL ${pid}
144 done
145 }
This page took 0.051357 seconds and 5 git commands to generate.