This patch adds protocol support for PPP over SSH. The protocol name is
'pppossh' with the following options.
- server, SSH server name. Required
- port, SSH server port. Defaults to 22.
- sshuser, SSH login username. Required.
- identity, list of client private key files. ~/.ssh/id_{rsa,dsa} will
be used if no identity file was specified and at least one of them must
be valid for the public key authentication to proceed.
- ipaddr, local ip address to be assigned.
- peeraddr, peer ip address to be assigned.
- ssh_options, extra ssh client options.
Because the protocol script file ppp.sh will be called with $HOME set to
'/', we need to explicitly set it to the right value so that dropbear
client can read '~/known_hosts' correctly.
Signed-off-by: Yousong Zhou <yszhou4t...@gmail.com>
---
I can make this a standalone package (maybe in packages feeds) if that is more
preferable.
v5 -> v6
- Specify 'localip:peerip' directly without `ippair' variable.
v4 -> v5
- Remove `acceptunknown' option. For dropbear client `-y' option can be
used, and for OpenSSH client it's '-o StrictHostKeyChecking xx'. Both of
them can be specified through the `ssh_options'.
- Make variable `pty' local.
v3 -> v4
- Use default identity files only when no explicit key files were
specified.
- Added a new option `ssh_options' which will be added as part of ssh
client options.
- Change the type of `port' option to int.
- Change the type of `identity` option to array type.
v2 -> v3
- Change type of acceptunknown to boolean.
- Squeeze multiple calls to proto_config_add_string to one.
v1 -> v2
- Use common option names as suggested by jow and nbd.
- Default to using ~/.ssh/id_{rsa,dsa} as the identity file.
- Set $HOME to correct value for the current user instead of unset it.
package/network/services/ppp/files/ppp.sh | 54 +++++++++++++++++++++++++++++
1 file changed, 54 insertions(+)
diff --git a/package/network/services/ppp/files/ppp.sh
b/package/network/services/ppp/files/ppp.sh
index f07b11f..6266cc4 100755
--- a/package/network/services/ppp/files/ppp.sh
+++ b/package/network/services/ppp/files/ppp.sh
@@ -212,10 +212,64 @@ proto_pptp_teardown() {
ppp_generic_teardown "$@"
}
+proto_pppossh_init_config() {
+ ppp_generic_init_config
+ proto_config_add_string server sshuser ipaddr peeraddr ssh_options
+ proto_config_add_string 'identity:list(string)'
+ proto_config_add_int port
+ available=1
+ no_device=1
+}
+
+proto_pppossh_setup() {
+ local config="$1"
+ local iface="$2"
+ local user="$(id -nu)"
+ local home=$(sh -c "echo ~$user")
+ local ip serv_addr errmsg
+ local opts pty
+
+ json_get_vars port sshuser identity ipaddr peeraddr ssh_options
+ json_get_var server server && {
+ for ip in $(resolveip -t 5 "$server"); do
+ ( proto_add_host_dependency "$config" "$ip" )
+ serv_addr=1
+ done
+ }
+ [ -n "$serv_addr" ] || errmsg="${errmsg}Could not resolve $server.\n"
+ [ -n "$sshuser" ] || errmsg="${errmsg}Missing sshuser option.\n"
+ [ -z "$identity" ] && identity="'$home/.ssh/id_rsa' '$home/.ssh/id_dsa'"
+ {
+ local fn
+ for fn in $identity; do
+ [ -f "$fn" ] && opts="$opts -i $fn"
+ done
+ [ -n "$opts" ] || errmsg="${errmsg}Cannot find valid identity
file.\n"
+ }
+ [ -n "$errmsg" ] && {
+ echo -ne "$errmsg"
+ sleep 5
+ proto_setup_failed "$config"
+ exit 1
+ }
+ opts="$opts ${port:+-p $port}"
+ opts="$opts ${ssh_options}"
+ opts="$opts $sshuser@$server"
+ pty="env 'HOME=$home' /usr/bin/ssh $opts pppd nodetach notty noauth"
+
+ ppp_generic_setup "$config" \
+ noauth pty "$pty" "$ipaddr:$peeraddr"
+}
+
+proto_pppossh_teardown() {
+ ppp_generic_teardown "$@"
+}
+
[ -n "$INCLUDE_ONLY" ] || {
add_protocol ppp
[ -f /usr/lib/pppd/*/rp-pppoe.so ] && add_protocol pppoe
[ -f /usr/lib/pppd/*/pppoatm.so ] && add_protocol pppoa
[ -f /usr/lib/pppd/*/pptp.so ] && add_protocol pptp
+ [ -x /usr/bin/ssh ] && add_protocol pppossh
}
--
1.7.10.4
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
