[xburst] Add 2.6.36 patches
[openwrt.git] / package / dropbear / files / dropbear.init
index aaa4470..aa7e07d 100755 (executable)
@@ -1,28 +1,71 @@
 #!/bin/sh /etc/rc.common
-# Copyright (C) 2006 OpenWrt.org
-START=50
+# Copyright (C) 2006-2010 OpenWrt.org
 # Copyright (C) 2006 Carlos Sobrinho
 
-config_cb() {
-       local cfg="$CONFIG_SECTION"
-       local nopasswd
-       local cfgt
-       config_get cfgt "$cfg" TYPE
-
-       case "$cfgt" in
-               dropbear)
-                       config_get passauth $cfg PasswordAuth
-                       config_get port $cfg Port
-
-                       case "$passauth" in
-                               no|off|disabled|0) nopasswd=1;;
-                       esac
-                       DROPBEAR_ARGS="${nopasswd:+-s }${port:+-p $port}"
-               ;;
-       esac
+NAME=dropbear
+PROG=/usr/sbin/dropbear
+START=50
+STOP=50
+PIDCOUNT=0
+EXTRA_COMMANDS="killclients"
+EXTRA_HELP="   killclients Kill ${NAME} processes except servers and yourself"
+
+dropbear_start()
+{
+       local section="$1"
+
+       # check if section is enabled (default)
+       local enabled
+       config_get_bool enabled "${section}" enable 1
+       [ "${enabled}" -eq 0 ] && return 1
+
+       # verbose parameter
+       local verbosed
+       config_get_bool verbosed "${section}" verbose 0
+
+       # increase pid file count to handle multiple instances correctly
+       PIDCOUNT="$(( ${PIDCOUNT} + 1))"
+
+       # prepare parameters (initialise with pid file)
+       local args="-P /var/run/${NAME}.${PIDCOUNT}.pid"
+       local val
+       # A) password authentication
+       config_get_bool val "${section}" PasswordAuth 1
+       [ "${val}" -eq 0 ] && append args "-s"
+       # B) listen interface and port
+       local interface
+       local address
+       config_get interface "${section}" Interface
+       config_get address "${interface}" ipaddr
+       config_get val "${section}" Port
+       val="${address:+${address}:}${val}"
+       [ -n "${val}" ] && append args "-p ${val}"
+       # C) banner file
+       config_get val "${section}" BannerFile
+       [ -f "${val}" ] && append args "-b ${val}"
+       # D) gatewayports
+       config_get_bool val "${section}" GatewayPorts 0
+       [ "${val}" -eq 1 ] && append args "-a"
+       # E) root password authentication
+       config_get_bool val "${section}" RootPasswordAuth 1
+       [ "${val}" -eq 0 ] && append args "-g"
+       # F) root login
+       config_get_bool val "${section}" RootLogin 1
+       [ "${val}" -eq 0 ] && append args "-w"
+       # G) host keys
+       config_get val "${section}" rsakeyfile
+       [ -f "${val}" ] && append args "-r ${val}"
+       config_get val "${section}" dsskeyfile
+       [ -f "${val}" ] && append args "-d ${val}"
+
+       # execute program and return its exit code
+       [ "${verbosed}" -ne 0 ] && echo "${initscript}: section ${section} starting ${PROG} ${args}"
+       ${PROG} ${args}
+       return $?
 }
 
-keygen() {
+keygen()
+{
        for keytype in rsa dss; do
                # check for keys
                key=dropbear/dropbear_${keytype}_host_key
@@ -44,14 +87,79 @@ keygen() {
        chmod 0700 /etc/dropbear
 }
 
-start() {
+start()
+{
        [ -s /etc/dropbear/dropbear_rsa_host_key -a \
          -s /etc/dropbear/dropbear_dss_host_key ] || keygen
-       
-       config_load dropbear
-       /usr/sbin/dropbear $DROPBEAR_ARGS
+
+       include /lib/network
+       scan_interfaces
+       config_load "${NAME}"
+       config_foreach dropbear_start dropbear
+}
+
+stop()
+{
+       # killing all server processes
+       local pidfile
+       for pidfile in `ls /var/run/${NAME}.*.pid`
+        do
+               start-stop-daemon -q -K -s KILL -p "${pidfile}" -n "${NAME}"
+               rm -f "${pidfile}"
+       done
+       [ -z "${pidfile}" ] && echo "${initscript}: no pid files, if you get problems with start then try killclients"
 }
 
-stop() {
-       killall dropbear
+killclients()
+{
+       local ignore=''
+       local server
+       local pid
+
+       # if this script is run from inside a client session, then ignore that session
+       pid="$$"
+       while [ "${pid}" -ne 0 ]
+        do
+               # get parent process id
+               pid=`cut -d ' ' -f 4 "/proc/${pid}/stat"`
+               [ "${pid}" -eq 0 ] && break
+
+               # check if client connection
+               grep -F -q -e "${PROG}" "/proc/${pid}/cmdline" && {
+                       append ignore "${pid}"
+                       break
+               }
+       done
+
+       # get all server pids that should be ignored
+       for server in `cat /var/run/${NAME}.*.pid`
+        do
+               append ignore "${server}"
+       done
+
+       # get all running pids and kill client connections
+       local skip
+       for pid in `pidof "${NAME}"`
+        do
+               # check if correct program, otherwise process next pid
+               grep -F -q -e "${PROG}" "/proc/${pid}/cmdline" || {
+                       continue
+               }
+
+               # check if pid should be ignored (servers, ourself)
+               skip=0
+               for server in ${ignore}
+                do
+                       if [ "${pid}" == "${server}" ]
+                        then
+                               skip=1
+                               break
+                       fi
+               done
+               [ "${skip}" -ne 0 ] && continue
+
+               # kill process
+               echo "${initscript}: Killing ${pid}..."
+               kill -KILL ${pid}
+       done
 }
This page took 0.0278 seconds and 4 git commands to generate.