This patch adds protocol support for PPP over SSH. The protocol name is 'pppossh' with the following options.
- server, SSH server name. Required - port, SSH server port. Defaults to 22. - sshuser, SSH login username. Required. - identity, list of client private key files. ~/.ssh/id_{rsa,dsa} will be used if no identity file was specified and at least one of them must be valid for the public key authentication to proceed. - ipaddr, local ip address to be assigned. - peeraddr, peer ip address to be assigned. - ssh_options, extra ssh client options. Because the protocol script file ppp.sh will be called with $HOME set to '/', we need to explicitly set it to the right value so that dropbear client can read '~/known_hosts' correctly. Signed-off-by: Yousong Zhou <yszhou4t...@gmail.com> --- I can make this a standalone package (maybe in packages feeds) if that is more preferable. v5 -> v6 - Specify 'localip:peerip' directly without `ippair' variable. v4 -> v5 - Remove `acceptunknown' option. For dropbear client `-y' option can be used, and for OpenSSH client it's '-o StrictHostKeyChecking xx'. Both of them can be specified through the `ssh_options'. - Make variable `pty' local. v3 -> v4 - Use default identity files only when no explicit key files were specified. - Added a new option `ssh_options' which will be added as part of ssh client options. - Change the type of `port' option to int. - Change the type of `identity` option to array type. v2 -> v3 - Change type of acceptunknown to boolean. - Squeeze multiple calls to proto_config_add_string to one. v1 -> v2 - Use common option names as suggested by jow and nbd. - Default to using ~/.ssh/id_{rsa,dsa} as the identity file. - Set $HOME to correct value for the current user instead of unset it. package/network/services/ppp/files/ppp.sh | 54 +++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) diff --git a/package/network/services/ppp/files/ppp.sh b/package/network/services/ppp/files/ppp.sh index f07b11f..6266cc4 100755 --- a/package/network/services/ppp/files/ppp.sh +++ b/package/network/services/ppp/files/ppp.sh @@ -212,10 +212,64 @@ proto_pptp_teardown() { ppp_generic_teardown "$@" } +proto_pppossh_init_config() { + ppp_generic_init_config + proto_config_add_string server sshuser ipaddr peeraddr ssh_options + proto_config_add_string 'identity:list(string)' + proto_config_add_int port + available=1 + no_device=1 +} + +proto_pppossh_setup() { + local config="$1" + local iface="$2" + local user="$(id -nu)" + local home=$(sh -c "echo ~$user") + local ip serv_addr errmsg + local opts pty + + json_get_vars port sshuser identity ipaddr peeraddr ssh_options + json_get_var server server && { + for ip in $(resolveip -t 5 "$server"); do + ( proto_add_host_dependency "$config" "$ip" ) + serv_addr=1 + done + } + [ -n "$serv_addr" ] || errmsg="${errmsg}Could not resolve $server.\n" + [ -n "$sshuser" ] || errmsg="${errmsg}Missing sshuser option.\n" + [ -z "$identity" ] && identity="'$home/.ssh/id_rsa' '$home/.ssh/id_dsa'" + { + local fn + for fn in $identity; do + [ -f "$fn" ] && opts="$opts -i $fn" + done + [ -n "$opts" ] || errmsg="${errmsg}Cannot find valid identity file.\n" + } + [ -n "$errmsg" ] && { + echo -ne "$errmsg" + sleep 5 + proto_setup_failed "$config" + exit 1 + } + opts="$opts ${port:+-p $port}" + opts="$opts ${ssh_options}" + opts="$opts $sshuser@$server" + pty="env 'HOME=$home' /usr/bin/ssh $opts pppd nodetach notty noauth" + + ppp_generic_setup "$config" \ + noauth pty "$pty" "$ipaddr:$peeraddr" +} + +proto_pppossh_teardown() { + ppp_generic_teardown "$@" +} + [ -n "$INCLUDE_ONLY" ] || { add_protocol ppp [ -f /usr/lib/pppd/*/rp-pppoe.so ] && add_protocol pppoe [ -f /usr/lib/pppd/*/pppoatm.so ] && add_protocol pppoa [ -f /usr/lib/pppd/*/pptp.so ] && add_protocol pptp + [ -x /usr/bin/ssh ] && add_protocol pppossh } -- 1.7.10.4 _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel