mr/openwrt
2
0
Fork 1
Code Issues 7 Pull Requests Releases Wiki Activity
be86eab8e6
openwrt/package/network/ipv6/6in4/files/6in4.sh
Steven Barth c5b5e68879 6in4: detect curl and busybox wget 
b52053b 6in4: https support for he.net tunnel api
introduced HTTPS support using wget.
The busybox version of wget, however, doesn't support the -V option,
thus poluting logfiles with a full invalid-parameter-output.
Redirect stderr to fix that.
As libcurl and curl support selecting the SSL library of your choice,
also add support for curl which is more commonly used on OpenWrt than
"real" wget which needs libopenssl.
Also make sure to respect SSL_CERT_DIR and increase timeouts.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

SVN-Revision: 43228
2014-11-09 13:46:29 +00:00

135 lines
3.4 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
# 6in4.sh - IPv6-in-IPv4 tunnel backend
# Copyright (c) 2010-2014 OpenWrt.org
[ -n "$INCLUDE_ONLY" ] || {
. /lib/functions.sh
. /lib/functions/network.sh
. ../netifd-proto.sh
init_proto "$@"
}
proto_6in4_setup() {
local cfg="$1"
local iface="$2"
local link="6in4-$cfg"
local mtu ttl tos ipaddr peeraddr ip6addr ip6prefix tunnelid username password updatekey sourcerouting
json_get_vars mtu ttl tos ipaddr peeraddr ip6addr ip6prefix tunnelid username password updatekey sourcerouting
[ -z "$peeraddr" ] && {
proto_notify_error "$cfg" "MISSING_ADDRESS"
proto_block_restart "$cfg"
return
}
( proto_add_host_dependency "$cfg" 0.0.0.0 )
[ -z "$ipaddr" ] && {
local wanif
if ! network_find_wan wanif || ! network_get_ipaddr ipaddr "$wanif"; then
proto_notify_error "$cfg" "NO_WAN_LINK"
return
fi
}
proto_init_update "$link" 1
local source=""
[ "$sourcerouting" != "0" ] && source="::/128"
proto_add_ipv6_route "::" 0 "" "" "" "$source"
[ -n "$ip6addr" ] && {
local local6="${ip6addr%%/*}"
local mask6="${ip6addr##*/}"
[[ "$local6" = "$mask6" ]] && mask6=
proto_add_ipv6_address "$local6" "$mask6"
[ "$sourcerouting" != "0" ] && proto_add_ipv6_route "::" 0 "" "" "" "$local6/$mask6"
}
[ -n "$ip6prefix" ] && {
proto_add_ipv6_prefix "$ip6prefix"
[ "$sourcerouting" != "0" ] && proto_add_ipv6_route "::" 0 "" "" "" "$ip6prefix"
}
proto_add_tunnel
json_add_string mode sit
json_add_int mtu "${mtu:-1280}"
json_add_int ttl "${ttl:-64}"
[ -n "$tos" ] && json_add_string tos "$tos"
json_add_string local "$ipaddr"
json_add_string remote "$peeraddr"
proto_close_tunnel
proto_send_update "$cfg"
[ -n "$tunnelid" -a -n "$username" -a \( -n "$password" -o -n "$updatekey" \) ] && {
[ -n "$updatekey" ] && password="$updatekey"
local http="http"
local urlget="wget"
local urlget_opts="-qO/dev/stdout"
local ca_path="${SSL_CERT_DIR-/etc/ssl/certs}"
if [ -n "$(which curl)" ]; then
urlget="curl"
urlget_opts="-s -S"
if curl -V | grep "Protocols:" | grep -qF "https"; then
http="https"
urlget_opts="$urlget_opts --capath $ca_path"
fi
fi
if [ "$http" = "http" ] &&
wget --version 2>&1 | grep -qF "+https"; then
urlget="wget"
urlget_opts="-qO/dev/stdout --ca-directory=$ca_path"
http="https"
fi
[ "$http" = "https" -a -z "$(find $ca_path -name "*.0" 2>/dev/null)" ] && {
if [ "$urlget" = "curl" ]; then
urlget_opts="$urlget_opts -k"
else
urlget_opts="$urlget_opts --no-check-certificate"
fi
}
local url="$http://ipv4.tunnelbroker.net/nic/update?username=$username&password=$password&hostname=$tunnelid"
local try=0
local max=3
while [ $((++try)) -le $max ]; do
( exec $urlget $urlget_opts "$url" | logger -t "$link" ) &
local pid=$!
( sleep 20; kill $pid 2>/dev/null ) &
wait $pid && break
sleep 20;
done
}
}
proto_6in4_teardown() {
local cfg="$1"
}
proto_6in4_init_config() {
no_device=1
available=1
proto_config_add_string "ipaddr"
proto_config_add_string "ip6addr"
proto_config_add_string "ip6prefix"
proto_config_add_string "peeraddr"
proto_config_add_string "tunnelid"
proto_config_add_string "username"
proto_config_add_string "password"
proto_config_add_string "updatekey"
proto_config_add_int "mtu"
proto_config_add_int "ttl"
proto_config_add_string "tos"
proto_config_add_boolean "sourcerouting"
}
[ -n "$INCLUDE_ONLY" ] || {
add_protocol 6in4
}
Reference in New Issue View Git Blame Copy Permalink