rpms
/
vpnc-script
21
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated to latest upstream and use iproute

Browse Source 
Resolves: rhbz#1481164
epel9
Nikos Mavrogiannopoulos 7 years ago
parent 3c6755c7eb
commit dcd45c563d
2 changed files with 120 additions and 44 deletions
Show Stats Download Patch File Download Diff File

153
vpnc-script
Unescape View File

@ -121,7 +121,10 @@ if [ -r /etc/openwrt_release ] && [ -n "$OPENWRT_INTERFACE" ]; then
include /lib/network include /lib/network
MODIFYRESOLVCONF=modify_resolvconf_openwrt MODIFYRESOLVCONF=modify_resolvconf_openwrt
RESTORERESOLVCONF=restore_resolvconf_openwrt RESTORERESOLVCONF=restore_resolvconf_openwrt
elif [ -x /sbin/resolvconf ] && [ "$OS" != "FreeBSD" ]; then # Optional tool on Debian, Ubuntu, Gentoo - but not FreeBSD, it seems to work different elif [ -x /usr/bin/busctl ]; then # For systemd-resolved (version 229 and above)
MODIFYRESOLVCONF=modify_resolved_manager
RESTORERESOLVCONF=restore_resolved_manager
elif [ -x /sbin/resolvconf ]; then # Optional tool on Debian, Ubuntu, Gentoo and FreeBSD
MODIFYRESOLVCONF=modify_resolvconf_manager MODIFYRESOLVCONF=modify_resolvconf_manager
RESTORERESOLVCONF=restore_resolvconf_manager RESTORERESOLVCONF=restore_resolvconf_manager
elif [ -x /sbin/netconfig ]; then # tool on Suse after 11.1 elif [ -x /sbin/netconfig ]; then # tool on Suse after 11.1
@ -369,48 +372,31 @@ modify_resolvconf_generic() {
# and will be overwritten by vpnc # and will be overwritten by vpnc
# as long as the above mark is intact" # as long as the above mark is intact"
# Remember the original value of CISCO_DEF_DOMAIN we need it later DOMAINS="$CISCO_DEF_DOMAIN"
CISCO_DEF_DOMAIN_ORIG="$CISCO_DEF_DOMAIN"
# Don't step on INTERNAL_IP4_DNS value, use a temporary variable
INTERNAL_IP4_DNS_TEMP="$INTERNAL_IP4_DNS"
exec 6< "$RESOLV_CONF_BACKUP" exec 6< "$RESOLV_CONF_BACKUP"
while read LINE <&6 ; do while read LINE <&6 ; do
case "$LINE" in case "$LINE" in
nameserver*) # omit; we will overwrite these
if [ -n "$INTERNAL_IP4_DNS_TEMP" ]; then nameserver*) ;;
read ONE_NAMESERVER INTERNAL_IP4_DNS_TEMP <<-EOF # extract listed domains and prepend to list
$INTERNAL_IP4_DNS_TEMP domain* | search*) DOMAINS="${LINE#* } $DOMAINS" ;;
EOF # retain other lines
LINE="nameserver $ONE_NAMESERVER" *) NEW_RESOLVCONF="$NEW_RESOLVCONF
else $LINE" ;;
LINE=""
fi
;;
search*)
if [ -n "$CISCO_DEF_DOMAIN" ]; then
LINE="$LINE $CISCO_DEF_DOMAIN"
CISCO_DEF_DOMAIN=""
fi
;;
domain*)
if [ -n "$CISCO_DEF_DOMAIN" ]; then
LINE="domain $CISCO_DEF_DOMAIN"
CISCO_DEF_DOMAIN=""
fi
;;
esac esac
NEW_RESOLVCONF="$NEW_RESOLVCONF
$LINE"
done done
exec 6<&- exec 6<&-
for i in $INTERNAL_IP4_DNS_TEMP ; do for i in $INTERNAL_IP4_DNS ; do
NEW_RESOLVCONF="$NEW_RESOLVCONF NEW_RESOLVCONF="$NEW_RESOLVCONF
nameserver $i" nameserver $i"
done done
if [ -n "$CISCO_DEF_DOMAIN" ]; then # note that "search" is mutually exclusive with "domain";
# "search" allows multiple domains to be listed, so use that
if [ -n "$DOMAINS" ]; then
NEW_RESOLVCONF="$NEW_RESOLVCONF NEW_RESOLVCONF="$NEW_RESOLVCONF
search $CISCO_DEF_DOMAIN" search $DOMAINS"
fi fi
echo "$NEW_RESOLVCONF" > /etc/resolv.conf echo "$NEW_RESOLVCONF" > /etc/resolv.conf
@ -428,12 +414,31 @@ search $CISCO_DEF_DOMAIN"
# Cannot use multiple DNS matching in this case # Cannot use multiple DNS matching in this case
OVERRIDE_PRIMARY='d.add OverridePrimary # 1' OVERRIDE_PRIMARY='d.add OverridePrimary # 1'
fi fi
# Overriding the default gateway breaks split routing
OVERRIDE_GATEWAY=""
# Not overriding the default gateway breaks usage of
# INTERNAL_IP4_DNS. Prepend INTERNAL_IP4_DNS to list
# of used DNS servers
SERVICE=`echo "show State:/Network/Global/IPv4" | scutil | grep -oE '[a-fA-F0-9]{8}-([a-fA-F0-9]{4}-){3}[a-fA-F0-9]{12}'`
SERVICE_DNS=`echo "show State:/Network/Service/$SERVICE/DNS" | scutil | grep -oE '([0-9]{1,3}[\.]){3}[0-9]{1,3}' | xargs`
if [ X"$SERVICE_DNS" != X"$INTERNAL_IP4_DNS" ]; then
scutil >/dev/null 2>&1 <<-EOF
open
get State:/Network/Service/$SERVICE/DNS
d.add ServerAddresses * $INTERNAL_IP4_DNS $SERVICE_DNS
set State:/Network/Service/$SERVICE/DNS
close
EOF
fi
else
# No split routing. Override default gateway
OVERRIDE_GATEWAY="d.add Router $INTERNAL_IP4_ADDRESS"
fi fi
# Uncomment the following if/fi pair to use multiple # Uncomment the following if/fi pair to use multiple
# DNS matching when available. When multiple DNS matching # DNS matching when available. When multiple DNS matching
# is present, anything reading the /etc/resolv.conf file # is present, anything reading the /etc/resolv.conf file
# directly will probably not work as intended. # directly will probably not work as intended.
#if [ -z "$CISCO_DEF_DOMAIN_ORIG" ]; then #if [ -z "$CISCO_DEF_DOMAIN" ]; then
# Cannot use multiple DNS matching without a domain # Cannot use multiple DNS matching without a domain
OVERRIDE_PRIMARY='d.add OverridePrimary # 1' OVERRIDE_PRIMARY='d.add OverridePrimary # 1'
#fi #fi
@ -443,8 +448,7 @@ search $CISCO_DEF_DOMAIN"
d.add ServerAddresses * $INTERNAL_IP4_DNS d.add ServerAddresses * $INTERNAL_IP4_DNS
set State:/Network/Service/$TUNDEV/DNS set State:/Network/Service/$TUNDEV/DNS
d.init d.init
# next line overrides the default gateway and breaks split routing $OVERRIDE_GATEWAY
# d.add Router $INTERNAL_IP4_ADDRESS
d.add Addresses * $INTERNAL_IP4_ADDRESS d.add Addresses * $INTERNAL_IP4_ADDRESS
d.add SubnetMasks * 255.255.255.255 d.add SubnetMasks * 255.255.255.255
d.add InterfaceName $TUNDEV d.add InterfaceName $TUNDEV
@ -452,13 +456,13 @@ search $CISCO_DEF_DOMAIN"
set State:/Network/Service/$TUNDEV/IPv4 set State:/Network/Service/$TUNDEV/IPv4
close close
EOF EOF
if [ -n "$CISCO_DEF_DOMAIN_ORIG" ]; then if [ -n "$CISCO_DEF_DOMAIN" ]; then
scutil >/dev/null 2>&1 <<-EOF scutil >/dev/null 2>&1 <<-EOF
open open
get State:/Network/Service/$TUNDEV/DNS get State:/Network/Service/$TUNDEV/DNS
d.add DomainName $CISCO_DEF_DOMAIN_ORIG d.add DomainName $CISCO_DEF_DOMAIN
d.add SearchDomains * $CISCO_DEF_DOMAIN_ORIG d.add SearchDomains * $CISCO_DEF_DOMAIN
d.add SupplementalMatchDomains * $CISCO_DEF_DOMAIN_ORIG d.add SupplementalMatchDomains * $CISCO_DEF_DOMAIN
set State:/Network/Service/$TUNDEV/DNS set State:/Network/Service/$TUNDEV/DNS
close close
EOF EOF
@ -488,6 +492,21 @@ restore_resolvconf_generic() {
remove State:/Network/Service/$TUNDEV/DNS remove State:/Network/Service/$TUNDEV/DNS
close close
EOF EOF
# Split routing required prepending of INTERNAL_IP4_DNS
# to list of used DNS servers
if [ -n "$CISCO_SPLIT_INC" ]; then
SERVICE=`echo "show State:/Network/Global/IPv4" | scutil | grep -oE '[a-fA-F0-9]{8}-([a-fA-F0-9]{4}-){3}[a-fA-F0-9]{12}'`
SERVICE_DNS=`echo "show State:/Network/Service/$SERVICE/DNS" | scutil | grep -oE '([0-9]{1,3}[\.]){3}[0-9]{1,3}' | xargs`
if [ X"$SERVICE_DNS" != X"$INTERNAL_IP4_DNS" ]; then
scutil >/dev/null 2>&1 <<-EOF
open
get State:/Network/Service/$SERVICE/DNS
d.add ServerAddresses * ${SERVICE_DNS##$INTERNAL_IP4_DNS}
set State:/Network/Service/$SERVICE/DNS
close
EOF
fi
fi
;; ;;
esac esac
fi fi
@ -560,6 +579,60 @@ restore_resolvconf_manager() {
/sbin/resolvconf -d $TUNDEV /sbin/resolvconf -d $TUNDEV
} }
AF_INET=2
get_if_index() {
local link
link="$(ip link show dev "$1")" || return $?
echo ${link} | awk -F: '{print $1}'
}
busctl_call() {
local dest node
dest=org.freedesktop.resolve1
node=/org/freedesktop/resolve1
busctl call "$dest" "${node}" "${dest}.Manager" "$@"
}
busctl_set_nameservers() {
local if_index addresses args addr
if_index=$1
shift
addresses="$@"
args="$if_index $#"
for addr in ${addresses}; do
args="$args ${AF_INET} 4 $(echo $addr | sed 's/[.]/ /g')"
done
busctl_call SetLinkDNS 'ia(iay)' ${args}
}
busctl_set_search() {
local if_index domains args domain
if_index=$1
shift
domains="$@"
args="$if_index $#"
for domain in ${domains}; do
args="$args ${domain} false"
done
busctl_call SetLinkDomains 'ia(sb)' ${args}
}
modify_resolved_manager() {
local if_index
if_index=$(get_if_index $TUNDEV)
busctl_set_nameservers $if_index $INTERNAL_IP4_DNS
if [ -n "$CISCO_DEF_DOMAIN" ]; then
busctl_set_search $if_index $CISCO_DEF_DOMAIN
fi
}
restore_resolved_manager() {
local if_index
if_index=$(get_if_index $TUNDEV)
busctl_call RevertLink 'i' $if_index
}
# === resolv.conf handling via unbound ========= # === resolv.conf handling via unbound =========
modify_resolvconf_unbound() { modify_resolvconf_unbound() {
@ -593,7 +666,7 @@ kernel_is_2_6_or_above() {
do_pre_init() { do_pre_init() {
if [ "$OS" = "Linux" ]; then if [ "$OS" = "Linux" ]; then
if (exec 6<> /dev/net/tun) > /dev/null 2>&1 ; then if (exec 6< /dev/net/tun) > /dev/null 2>&1 ; then
: :
else # can't open /dev/net/tun else # can't open /dev/net/tun
test -e /proc/sys/kernel/modprobe && `cat /proc/sys/kernel/modprobe` tun 2>/dev/null test -e /proc/sys/kernel/modprobe && `cat /proc/sys/kernel/modprobe` tun 2>/dev/null

11
vpnc-script.spec
Unescape View File

@ -1,14 +1,14 @@
%global git_date 20140805 %global git_date 20170821
%global git_commit_hash df5808b %global git_commit_hash 6f87b0f
Name: vpnc-script Name: vpnc-script
Version: %{git_date} Version: %{git_date}
Release: 6.git%{git_commit_hash}%{?dist} Release: 1.git%{git_commit_hash}%{?dist}
Summary: Routing setup script for vpnc and openconnect Summary: Routing setup script for vpnc and openconnect
Group: Applications/Internet Group: Applications/Internet
BuildArch: noarch BuildArch: noarch
Requires: net-tools Requires: iproute
Requires: which Requires: which
License: GPLv2+ License: GPLv2+
@ -36,6 +36,9 @@ install -m 0755 vpnc-script \
%{_sysconfdir}/vpnc/vpnc-script %{_sysconfdir}/vpnc/vpnc-script
%changelog %changelog
* Mon Aug 21 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 20170821-1.git6f87b0f
- new upstream release (#1481164)
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 20140805-6.gitdf5808b * Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 20140805-6.gitdf5808b
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

Write Preview
Loading…
Cancel
Save