wareck
/
lede_packages


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142
							#!/bin/sh /etc/rc.common
# Copyright (C) 2006-2011 OpenWrt.org

START=70

USE_PROCD=1
PROG=/usr/sbin/radsecproxy
CONFFILE=/var/etc/radsecproxy.conf
LIST_SEP="
"
append_params() {
	local param
	local value
	local section="$1"
	shift
	for param in $*; do
		config_get value "$section" "$param"
		[ -z "$value" ] && {
			param=$(echo $param | tr [A-Z] [a-z])
			config_get value "$section" "$param"
		}
		IFS="$LIST_SEP"
		for value in $value; do
			[ -n "$value" ] && echo "    $param '$value'" >> "$CONFFILE"
		done
		unset IFS
	done
}

append_bools() {
	local param
	local value
	local section="$1"
	shift
	for param in $*; do
		config_get_bool value "$section" "$param"
		[ -z "$value" ] && {
			param=$(echo $param | tr [A-Z] [a-z])
			config_get_bool value "$section" "$param"
		}
		[ -n "$value" ] && {
			[ "$value" -eq 0 ] && echo "    $param off" >> "$CONFFILE"
			[ "$value" -eq 1 ] && echo "    $param on" >> "$CONFFILE"
		}
	done
}

radsecproxy_options() {
	local cfg="$1"
	append_params "$cfg" \
		Include PidFile LogLevel LogDestination FTicksReporting FTicksMAC FTicksKey \
		FTicksSyslogFacility ListenUDP ListenTCP ListenTLS ListenDTLS SourceUDP \
		SourceTCP SourceTLS SourceDTLS TTLAttribute AddTTL
	append_bools "$cfg" \
		LoopPrevention IPv4Only IPv6Only
}

tls_block() {
	local cfg="$1"
	local name
	config_get name "$cfg" name
	echo "tls '$name' {" >> "$CONFFILE"
	append_params "$cfg" \
		Include CACertificateFile CACertificatePath certificateFile certificateKeyFile \
		certificateKeyPassword cacheExpiry policyOID
	append_bools "$cfg" \
		CRLCheck
	echo "}" >> "$CONFFILE"
}

rewrite_block() {
	local cfg="$1"
	local name
	config_get name "$cfg" name
	echo "rewrite '$name' {" >> "$CONFFILE"
	append_params "$cfg" \
		Include addAttribute addVendorAttribute removeAttribute removeVendorAttribute \
		modifyAttribute
	echo "}" >> "$CONFFILE"
}

client_block() {
	local cfg="$1"
	local name
	config_get name "$cfg" name
	echo "client '$name' {" >> "$CONFFILE"
	append_params "$cfg" \
		Include host type secret tls matchCertificateAttribute duplicateInterval \
		AddTTL fticksVISCOUNTRY fticksVISINST rewrite rewriteIn rewriteOut \
		rewriteAttribute
	append_bools "$cfg" \
		IPv4Only IPv6Only certificateNameCheck
	echo "}" >> "$CONFFILE"
}

server_block() {
	local cfg="$1"
	local name
	config_get name "$cfg" name
	echo "server '$name' {" >> "$CONFFILE"
	append_params "$cfg" \
		Include host port type secret tls matchCertificateAttribute \
		AddTTL rewrite rewriteIn rewriteOut retryCount dynamicLookupCommand \
		retryInterval
	append_bools "$cfg" \
		IPv4Only IPv6Only certificateNameCheck statusServer LoopPrevention
	echo "}" >> "$CONFFILE"
}

realm_block() {
	local cfg="$1"
	local name
	config_get name "$cfg" name
	echo "realm '$name' {" >> "$CONFFILE"
	append_params "$cfg" \
		Include server accountingServer replyMessage
	append_bools "$cfg" \
		accountingResponse
	echo "}" >> "$CONFFILE"
}

start_service() {
	mkdir -p $(dirname $CONFFILE)
	echo "# auto-generated config file from /etc/config/radsecproxy" > $CONFFILE
	config_load 'radsecproxy'
	config_foreach radsecproxy_options options
	config_foreach tls_block tls
	config_foreach rewrite_block rewrite
	config_foreach client_block client
	config_foreach server_block server
	config_foreach realm_block realm

	procd_open_instance
	procd_set_param command $PROG -f -c $CONFFILE
	procd_set_param file $CONFFILE
	procd_set_param respawn
	procd_close_instance
}

service_triggers() {
	procd_add_reload_trigger 'radsecproxy'
}