openvpn: handle ovpnproto exclusively

Since proto was migrated to ovpnproto to avoid collision
with netifd proto, this shall be handled separately.

Also avoid using uci commands to migrate the config which
requires knowing property types; use awk instead.

follow-up to 2607b761549a4793eff91dcb60a287c05f631846

Signed-off-by: Paul Donald <redacted>

diff --git a/net/openvpn/Makefile b/net/openvpn/Makefile
index e859bd89c5a54788d35362087a83e11df7e43f0a..dd60e700f21ce874848f8268f37fd8c4801fa7c5 100644 (file)
--- a/net/openvpn/Makefile
+++ b/net/openvpn/Makefile
@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=openvpn
 
 PKG_VERSION:=2.6.14
-PKG_RELEASE:=5
+PKG_RELEASE:=6
 
 PKG_SOURCE_URL:=\
        https://build.openvpn.net/downloads/releases/ \

diff --git a/net/openvpn/files/etc/uci-defaults/60_openvpn_migrate.sh b/net/openvpn/files/etc/uci-defaults/60_openvpn_migrate.sh
index cec0772cbe5060da5681d9514a69be67fc8607ff..b33ee2918b1efff1d3c745a3627bca7f483feb4a 100644 (file)
--- a/net/openvpn/files/etc/uci-defaults/60_openvpn_migrate.sh
+++ b/net/openvpn/files/etc/uci-defaults/60_openvpn_migrate.sh
@@ -1,48 +1,55 @@
 #!/bin/sh
 
-OPENVPN_PKG="openvpn"
-NETWORK_PKG="network"
-
-# Exit if no openvpn config exists
-uci -q show "$OPENVPN_PKG" >/dev/null || exit 0
-
-uci batch <<EOF
-$(
-
-# Find named openvpn sections
-uci show "$OPENVPN_PKG" | \
-sed -n "s/^$OPENVPN_PKG\.\\([^=]*\\)=openvpn$/\\1/p" | \
-while read -r sec; do
-       iface="$sec"
-
-       # Skip if interface already exists
-       uci -q get $NETWORK_PKG.$iface >/dev/null && continue
-
-       # Create interface in network 
-       echo "set $NETWORK_PKG.$iface=interface"
-       # Set the interface protocol to 'openvpn'
-       echo "set $NETWORK_PKG.$iface.proto='openvpn'"
-
-       # Copy options, skipping the section header
-       uci show "$OPENVPN_PKG.$sec" | \
-       while IFS='=' read -r key val; do
-               case "$key" in
-                       # section declaration: openvpn.vpn0=openvpn
-                       "$OPENVPN_PKG.$sec") continue ;;
-                       "$OPENVPN_PKG.$sec.proto")
-                               echo "set $NETWORK_PKG.$iface.ovpnproto=$val"
-                               continue
-                               ;;
-               esac
-
-               opt="${key##*.}"
-
-               echo "set $NETWORK_PKG.$iface.$opt=$val"
-       done
-done
-
-echo "commit $NETWORK_PKG"
-)
-EOF
+OPENVPN_PKG="/etc/config/openvpn"
+NETWORK_PKG="/etc/config/network"
+
+[ -f "$OPENVPN_PKG" ] || exit 0
+
+awk '
+function section_exists(name) {
+       cmd = "uci -q get network." name " >/dev/null 2>&1"
+       return (system(cmd) == 0)
+}
+
+BEGIN {
+       in_section=0
+       secname = ""
+}
+
+/^config[ \t]+openvpn[ \t]+/ {
+       # get section name
+       secname = $3
+       gsub(/'\''/, "", secname)
+
+       if (section_exists(secname)) {
+               in_section=0
+               next
+       }
+
+       in_section=1
+
+       sub(/^config[ \t]+openvpn/, "config interface")
+       print
+       print "\toption proto '\''openvpn'\''"
+       next
+}
+
+# Start of another section
+/^config[ \t]+/ {
+       in_section=0
+}
+
+# Inside openvpn section, rename proto
+in_section && /^[ \t]*option[ \t]+proto[ \t]/ {
+       sub(/option[ \t]+proto/, "option ovpnproto")
+       print
+       next
+}
+
+# Inside openvpn section; copy as-is
+in_section {
+       print
+}
+' "$OPENVPN_PKG" >> "$NETWORK_PKG"
 
 exit 0
\ No newline at end of file

diff --git a/net/openvpn/files/lib/netifd/proto/openvpn.sh b/net/openvpn/files/lib/netifd/proto/openvpn.sh
index 0f086803361ea7d20b66a06ef2a5e7523c2f0c5f..1f70a07626c4374415a6a5f2876e5cf846a99ba1 100755 (executable)
--- a/net/openvpn/files/lib/netifd/proto/openvpn.sh
+++ b/net/openvpn/files/lib/netifd/proto/openvpn.sh
@@ -152,9 +152,11 @@ proto_openvpn_setup() {
        # ${tls_exit:+--tls-exit} \
 
        json_get_var dev_type dev_type
+       json_get_var ovpnproto ovpnproto
        # shellcheck disable=SC2086
        proto_run_command "$config" openvpn \
                $([ -z "$dev_type" ] && echo " --dev-type tun") \
+               $([ -z "$ovpnproto" ] && echo " --proto $ovpnproto") \
                --cd "$cd_dir" \
                --status "/var/run/openvpn.$config.status" \
                --syslog "openvpn_$config" \

diff --git a/net/openvpn/files/lib/netifd/proto/openvpn.uc b/net/openvpn/files/lib/netifd/proto/openvpn.uc
index 094accee19fd2ec6cbde00d48a9d131d55fc3d64..69dac66ee1795e65d0cec9de40790b787ec3cf97 100755 (executable)
--- a/net/openvpn/files/lib/netifd/proto/openvpn.uc
+++ b/net/openvpn/files/lib/netifd/proto/openvpn.uc
@@ -79,7 +79,6 @@ const OPENVPN_STRING_PARAMS = [
        { name: 'mark' },
        { name: 'mode' },
        { name: 'mtu_disc' },
-       { name: 'ovpnproto' },
        { name: 'peer_fingerprint' },
        { name: 'pkcs11_id' },
        { name: 'pkcs11_providers' },
@@ -361,6 +360,9 @@ function build_exec_params(cfg) {
                }
        }
 
+       if (cfg['ovpnproto'])
+               add_param(params, 'proto', cfg['ovpnproto']);
+
        return params;
 }
 

diff --git a/net/openvpn/files/openvpn.options b/net/openvpn/files/openvpn.options
index b9c313f7308a1221049219d96b118ced9b741276..a2534464727edd58b28b5eeccf4983c7b8e87127 100644 (file)
--- a/net/openvpn/files/openvpn.options
+++ b/net/openvpn/files/openvpn.options
@@ -65,7 +65,6 @@ management_external_key
 mark
 mode
 mtu_disc
-ovpnproto
 peer_fingerprint
 pkcs11_id
 pkcs11_providers