Ability to call up and down scripts

Signed-off-by: Sergey Matveev <stargrave@stargrave.org>

diff --git a/README b/README
index 058ef02937ec51fe90f24e9337ec28107c607a63..c529c3e67bbd359db466d789612da520658e8949 100644 (file)
--- a/README
+++ b/README
@@ -28,6 +28,10 @@ mutual zero-knowledge authentication and perfect-forward secrecy
 property. An attacker can not know anything from captured traffic, even
 if pre-shared key is compromised.
 
+Also you can provide up and down scripts that will be executed after
+either connection is initiated (up-script in background), or is went
+down. The first argument for them is an interface name.
+
 COMPARISON TO OpenVPN
 
 * Faster handshake
@@ -97,6 +101,16 @@ FreeBSD IPv6 client-server example:
     client% route -6 add default fc00::1
     client% while :; do govpn -key key.txt -iface tap10 -remote [fe80::1%me0]:1194; done
 
+Example up-script:
+
+    client% cat > up.sh <<EOF
+    #!/bin/sh
+    dhclient $1
+    rtsol $1
+    EOF
+    client% chmod +x up.sh
+    client% govpn -key key.txt -iface tap10 -remote [fe80::1%me0]:1194 -up ./up.sh
+
 If client won't finish handshake during -timeout, then it will exit.
 If no packets are received from remote side during timeout, then daemon
 will stop sending packets to the client and client will exit. In all

diff --git a/govpn.go b/govpn.go
index 89ccabffa6e602f7b767639457b10fd38a7ecfc1..1e157107c33cafab4cbdd7631184bed511666acb 100644 (file)
--- a/govpn.go
+++ b/govpn.go
@@ -18,6 +18,7 @@ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 package main
 
 import (
+       "bytes"
        "encoding/binary"
        "encoding/hex"
        "flag"
@@ -26,6 +27,9 @@ import (
        "io/ioutil"
        "log"
        "net"
+       "os"
+       "os/exec"
+       "os/signal"
        "time"
 
        "code.google.com/p/go.crypto/poly1305"
@@ -37,6 +41,8 @@ var (
        bindAddr   = flag.String("bind", "", "Bind to address")
        ifaceName  = flag.String("iface", "tap0", "TAP network interface")
        keyPath    = flag.String("key", "", "Path to authentication key file")
+       upPath     = flag.String("up", "", "Path to up-script")
+       downPath   = flag.String("down", "", "Path to down-script")
        mtu        = flag.Int("mtu", 1500, "MTU")
        timeoutP   = flag.Int("timeout", 60, "Timeout seconds")
        verboseP   = flag.Bool("v", false, "Increase verbosity")
@@ -68,6 +74,18 @@ type UDPPkt struct {
        size int
 }
 
+func ScriptCall(path *string) {
+       if *path == "" {
+               return
+       }
+       cmd := exec.Command(*path, *ifaceName)
+       var out bytes.Buffer
+       cmd.Stdout = &out
+       if err := cmd.Run(); err != nil {
+               fmt.Println(time.Now(), "script error: ", err.Error(), string(out.Bytes()))
+       }
+}
+
 func main() {
        flag.Parse()
        timeout := *timeoutP
@@ -187,12 +205,17 @@ func main() {
        heartbeat := time.Tick(time.Second * time.Duration(timeout/3))
        heartbeatMark := []byte(HeartBeatMark)
 
+       termSignal := make(chan os.Signal, 1)
+       signal.Notify(termSignal, os.Interrupt, os.Kill)
+
        finished := false
        for {
                if finished {
                        break
                }
                select {
+               case <-termSignal:
+                       finished = true
                case <-heartbeat:
                        go func() { ethSink <- -1 }()
                case udpPkt = <-udpSink:
@@ -227,6 +250,7 @@ func main() {
                                        fmt.Print("[HS-OK]")
                                        peer = p
                                        delete(states, addr)
+                                       go ScriptCall(upPath)
                                }
                                continue
                        }
@@ -296,4 +320,5 @@ func main() {
                        }
                }
        }
+       ScriptCall(downPath)
 }