net/radsecproxy/files/radsecproxy.init

   1 #!/bin/sh /etc/rc.common
   2 # Copyright (C) 2006-2011 OpenWrt.org
   3
   4 START=70
   5
   6 USE_PROCD=1
   7 PROG=/usr/sbin/radsecproxy
   8 CONFFILE=/var/etc/radsecproxy.conf
   9 LIST_SEP="
  10 "
  11 append_params() {
  12         local param
  13         local value
  14         local section="$1"
  15         shift
  16         for param in $*; do
  17                 config_get value "$section" "$param"
  18                 [ -z "$value" ] && {
  19                         param=$(echo $param | tr [A-Z] [a-z])
  20                         config_get value "$section" "$param"
  21                 }
  22                 IFS="$LIST_SEP"
  23                 for value in $value; do
  24                         [ -n "$value" ] && echo "    $param '$value'" >> "$CONFFILE"
  25                 done
  26                 unset IFS
  27         done
  28 }
  29
  30 append_bools() {
  31         local param
  32         local value
  33         local section="$1"
  34         shift
  35         for param in $*; do
  36                 config_get_bool value "$section" "$param"
  37                 [ -z "$value" ] && {
  38                         param=$(echo $param | tr [A-Z] [a-z])
  39                         config_get_bool value "$section" "$param"
  40                 }
  41                 [ -n "$value" ] && {
  42                         [ "$value" -eq 0 ] && echo "    $param off" >> "$CONFFILE"
  43                         [ "$value" -eq 1 ] && echo "    $param on" >> "$CONFFILE"
  44                 }
  45         done
  46 }
  47
  48 radsecproxy_options() {
  49         local cfg="$1"
  50         append_params "$cfg" \
  51                 Include PidFile LogLevel LogDestination FTicksReporting FTicksMAC FTicksKey \
  52                 FTicksSyslogFacility ListenUDP ListenTCP ListenTLS ListenDTLS SourceUDP \
  53                 SourceTCP SourceTLS SourceDTLS TTLAttribute AddTTL
  54         append_bools "$cfg" \
  55                 LoopPrevention IPv4Only IPv6Only
  56 }
  57
  58 tls_block() {
  59         local cfg="$1"
  60         local name
  61         config_get name "$cfg" name
  62         echo "tls '$name' {" >> "$CONFFILE"
  63         append_params "$cfg" \
  64                 Include CACertificateFile CACertificatePath certificateFile certificateKeyFile \
  65                 certificateKeyPassword cacheExpiry policyOID
  66         append_bools "$cfg" \
  67                 CRLCheck
  68         echo "}" >> "$CONFFILE"
  69 }
  70
  71 rewrite_block() {
  72         local cfg="$1"
  73         local name
  74         config_get name "$cfg" name
  75         echo "rewrite '$name' {" >> "$CONFFILE"
  76         append_params "$cfg" \
  77                 Include addAttribute addVendorAttribute removeAttribute removeVendorAttribute \
  78                 modifyAttribute
  79         echo "}" >> "$CONFFILE"
  80 }
  81
  82 client_block() {
  83         local cfg="$1"
  84         local name
  85         config_get name "$cfg" name
  86         echo "client '$name' {" >> "$CONFFILE"
  87         append_params "$cfg" \
  88                 Include host type secret tls matchCertificateAttribute duplicateInterval \
  89                 AddTTL fticksVISCOUNTRY fticksVISINST rewrite rewriteIn rewriteOut \
  90                 rewriteAttribute
  91         append_bools "$cfg" \
  92                 IPv4Only IPv6Only certificateNameCheck
  93         echo "}" >> "$CONFFILE"
  94 }
  95
  96 server_block() {
  97         local cfg="$1"
  98         local name
  99         config_get name "$cfg" name
 100         echo "server '$name' {" >> "$CONFFILE"
 101         append_params "$cfg" \
 102                 Include host port type secret tls matchCertificateAttribute \
 103                 AddTTL rewrite rewriteIn rewriteOut retryCount dynamicLookupCommand \
 104                 retryInterval
 105         append_bools "$cfg" \
 106                 IPv4Only IPv6Only certificateNameCheck statusServer LoopPrevention
 107         echo "}" >> "$CONFFILE"
 108 }
 109
 110 realm_block() {
 111         local cfg="$1"
 112         local name
 113         config_get name "$cfg" name
 114         echo "realm '$name' {" >> "$CONFFILE"
 115         append_params "$cfg" \
 116                 Include server accountingServer replyMessage
 117         append_bools "$cfg" \
 118                 accountingResponse
 119         echo "}" >> "$CONFFILE"
 120 }
 121
 122 start_service() {
 123         mkdir -p $(dirname $CONFFILE)
 124         echo "# auto-generated config file from /etc/config/radsecproxy" > $CONFFILE
 125         config_load 'radsecproxy'
 126         config_foreach radsecproxy_options options
 127         config_foreach tls_block tls
 128         config_foreach rewrite_block rewrite
 129         config_foreach client_block client
 130         config_foreach server_block server
 131         config_foreach realm_block realm
 132
 133         procd_open_instance
 134         procd_set_param command $PROG -f -c $CONFFILE
 135         procd_set_param file $CONFFILE
 136         procd_set_param respawn
 137         procd_close_instance
 138 }
 139
 140 service_triggers() {
 141         procd_add_reload_trigger 'radsecproxy'
 142 }