mirror of
https://dev.iopsys.eu/feed/iopsys.git
synced 2025-12-10 07:44:50 +01:00
icwmp: avoid unexpected DHCP release at runtime
This commit is contained in:
Suvendhu Hansa
parent
c6437fbf53
commit
653b74aacf
3 changed files with 108 additions and 95 deletions
|
|
@ -88,6 +88,7 @@ define Package/icwmp/install
|
|||
$(INSTALL_BIN) ./files/etc/uci-defaults/90-cwmpfirewall $(1)/etc/uci-defaults/
|
||||
$(INSTALL_BIN) ./files/etc/uci-defaults/95-set-random-inform-time $(1)/etc/uci-defaults/
|
||||
$(INSTALL_BIN) ./files/etc/uci-defaults/85-migrate-gw-info $(1)/etc/uci-defaults/
|
||||
$(INSTALL_BIN) ./files/etc/uci-defaults/999-cwmp-conn-config $(1)/etc/uci-defaults/
|
||||
$(INSTALL_BIN) ./files/etc/icwmpd/vendor_log.sh $(1)/etc/icwmpd/vendor_log.sh
|
||||
$(INSTALL_BIN) ./files/etc/icwmpd/firewall.cwmp $(1)/etc/icwmpd/firewall.cwmp
|
||||
$(INSTALL_DATA) ./files/lib/upgrade/keep.d/icwmp $(1)/lib/upgrade/keep.d/icwmp
|
||||
|
|
|
|||
|
|
@ -16,79 +16,6 @@ log() {
|
|||
echo "${@}"|logger -t cwmp.init -p info
|
||||
}
|
||||
|
||||
regenerate_ssl_link() {
|
||||
local cert_dir
|
||||
|
||||
cert_dir="${1%/}"
|
||||
if [ -f "${cert_dir}" ]; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
# do not generate the c_rehash if its system default cert path
|
||||
# ca-certificate package already generates c_rehash on compilation
|
||||
[ ! -d "${cert_dir}" ] || [ "${cert_dir}" = "/etc/ssl/certs" ] && return 0
|
||||
|
||||
generate_links() {
|
||||
local file_type="$1"
|
||||
local files="${cert_dir}"/*."${file_type}"
|
||||
for cfile in ${files}; do
|
||||
if [ -f "${cfile}" ]; then
|
||||
rehash="$(openssl x509 -hash -noout -in "${cfile}")"
|
||||
if [ ! -f "${cert_dir}/${rehash}.0" ]; then
|
||||
log "Generating c_rehash for ${cfile}=>${rehash}.0"
|
||||
ln -s "${cfile}" "${cert_dir}/${rehash}.0"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
generate_links "pem"
|
||||
}
|
||||
|
||||
enable_dhcp_option43() {
|
||||
local wan="${1}"
|
||||
|
||||
### Ask for DHCP Option 43 only if CWMP is enabled ###
|
||||
local reqopts="$(uci -q get network."${wan}".reqopts)"
|
||||
local proto="$(uci -q get network."${wan}".proto)"
|
||||
local newreqopts=""
|
||||
local option43_present=0
|
||||
|
||||
for ropt in $reqopts; do
|
||||
case $ropt in
|
||||
43) option43_present=1 ;;
|
||||
*) ;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ ${option43_present} -eq 1 ]; then
|
||||
return;
|
||||
fi
|
||||
|
||||
newreqopts="$reqopts 43"
|
||||
if [ "${proto}" = "dhcp" ]; then
|
||||
uci -q set network."${wan}".reqopts="$newreqopts"
|
||||
uci commit network
|
||||
ubus call network reload
|
||||
fi
|
||||
}
|
||||
|
||||
set_vendor_id() {
|
||||
local wan="${1}"
|
||||
local proto="$(uci -q get network."${wan}".proto)"
|
||||
|
||||
if [ "${proto}" = "dhcp" ]; then
|
||||
vendorid="$(uci -q get network."${wan}".vendorid)"
|
||||
if [ -z "${vendorid}" ]; then
|
||||
uci -q set network."${wan}".vendorid="dslforum.org"
|
||||
ubus call uci commit '{"config":"network"}'
|
||||
elif [[ $vendorid != *"dslforum.org"* ]]; then
|
||||
uci -q set network."${wan}".vendorid="${vendorid},dslforum.org"
|
||||
ubus call uci commit '{"config":"network"}'
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
wait_for_resolvfile() {
|
||||
local time=$1
|
||||
local tm=1
|
||||
|
|
@ -211,28 +138,6 @@ validate_defaults() {
|
|||
}
|
||||
|
||||
boot() {
|
||||
local dhcp_discovery wan_interface skip_dhcp_boot_options
|
||||
|
||||
config_load cwmp
|
||||
config_get wan_interface cpe default_wan_interface "wan"
|
||||
config_get dhcp_discovery acs dhcp_discovery "0"
|
||||
config_get skip_dhcp_boot_options acs skip_dhcp_boot_options "0"
|
||||
|
||||
if [ "${dhcp_discovery}" = "enable" ] || [ "${dhcp_discovery}" = "1" ]; then
|
||||
if [ "${skip_dhcp_boot_options}" -ne 1 ]; then
|
||||
# Set dhcp option 43 if not already configured
|
||||
enable_dhcp_option43 "${wan_interface}"
|
||||
# Set dhcp option 60
|
||||
set_vendor_id "${wan_interface}"
|
||||
fi
|
||||
fi
|
||||
|
||||
config_get ssl_capath acs ssl_capath
|
||||
|
||||
if [ -n "${ssl_capath}" ]; then
|
||||
regenerate_ssl_link "${ssl_capath}"
|
||||
fi
|
||||
|
||||
# Copy backup data so that if it restart latter on, it gets the info
|
||||
copy_cwmp_etc_files_to_varstate
|
||||
mkdir -p /var/run/icwmpd/
|
||||
|
|
|
|||
107
icwmp/files/etc/uci-defaults/999-cwmp-conn-config
Normal file
107
icwmp/files/etc/uci-defaults/999-cwmp-conn-config
Normal file
|
|
@ -0,0 +1,107 @@
|
|||
#!/bin/sh
|
||||
|
||||
. /lib/functions.sh
|
||||
|
||||
log() {
|
||||
echo "${@}"|logger -t cwmp.defaults -p info
|
||||
}
|
||||
|
||||
set_vendor_id() {
|
||||
local wan="${1}"
|
||||
local proto="$(uci -q get network."${wan}".proto)"
|
||||
|
||||
if [ "${proto}" = "dhcp" ]; then
|
||||
vendorid="$(uci -q get network."${wan}".vendorid)"
|
||||
if [ -z "${vendorid}" ]; then
|
||||
uci -q set network."${wan}".vendorid="dslforum.org"
|
||||
elif [[ $vendorid != *"dslforum.org"* ]]; then
|
||||
uci -q set network."${wan}".vendorid="${vendorid},dslforum.org"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
enable_dhcp_option43() {
|
||||
local wan="${1}"
|
||||
|
||||
local reqopts="$(uci -q get network."${wan}".reqopts)"
|
||||
local proto="$(uci -q get network."${wan}".proto)"
|
||||
local newreqopts=""
|
||||
local option43_present=0
|
||||
|
||||
for ropt in $reqopts; do
|
||||
case $ropt in
|
||||
43) option43_present=1 ;;
|
||||
*) ;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [ ${option43_present} -eq 1 ]; then
|
||||
return;
|
||||
fi
|
||||
|
||||
newreqopts="$reqopts 43"
|
||||
if [ "${proto}" = "dhcp" ]; then
|
||||
uci -q set network."${wan}".reqopts="$newreqopts"
|
||||
fi
|
||||
}
|
||||
|
||||
regenerate_ssl_link() {
|
||||
local cert_dir
|
||||
|
||||
cert_dir="${1%/}"
|
||||
if [ -f "${cert_dir}" ]; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
# do not generate the c_rehash if its system default cert path
|
||||
# ca-certificate package already generates c_rehash on compilation
|
||||
[ ! -d "${cert_dir}" ] || [ "${cert_dir}" = "/etc/ssl/certs" ] && return 0
|
||||
|
||||
generate_links() {
|
||||
local file_type="$1"
|
||||
local files="${cert_dir}"/*."${file_type}"
|
||||
for cfile in ${files}; do
|
||||
if [ -f "${cfile}" ]; then
|
||||
rehash="$(openssl x509 -hash -noout -in "${cfile}")"
|
||||
if [ ! -f "${cert_dir}/${rehash}.0" ]; then
|
||||
log "Generating c_rehash for ${cfile}=>${rehash}.0"
|
||||
ln -s "${cfile}" "${cert_dir}/${rehash}.0"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
generate_links "pem"
|
||||
}
|
||||
|
||||
configure_dhcp_discovery() {
|
||||
local dhcp_discovery wan_interface skip_dhcp_boot_options
|
||||
|
||||
config_load cwmp
|
||||
config_get wan_interface cpe default_wan_interface "wan"
|
||||
config_get dhcp_discovery acs dhcp_discovery "0"
|
||||
config_get skip_dhcp_boot_options acs skip_dhcp_boot_options "0"
|
||||
|
||||
if [ "${dhcp_discovery}" = "enable" ] || [ "${dhcp_discovery}" = "1" ]; then
|
||||
if [ "${skip_dhcp_boot_options}" -ne 1 ]; then
|
||||
# Set dhcp option 43 if not already configured
|
||||
enable_dhcp_option43 "${wan_interface}"
|
||||
# Set dhcp option 60
|
||||
set_vendor_id "${wan_interface}"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
configure_ssl_path() {
|
||||
local ssl_capath
|
||||
|
||||
config_load cwmp
|
||||
config_get ssl_capath acs ssl_capath
|
||||
|
||||
if [ -n "${ssl_capath}" ]; then
|
||||
regenerate_ssl_link "${ssl_capath}"
|
||||
fi
|
||||
}
|
||||
|
||||
configure_dhcp_discovery
|
||||
configure_ssl_path
|
||||
Loading…
Add table
Reference in a new issue