From: Michael Tremer Date: Thu, 23 Mar 2017 18:13:47 +0000 (+0100) Subject: Drop support for SixXS X-Git-Tag: 009~265 X-Git-Url: http://git.ipfire.org/?p=people%2Fms%2Fnetwork.git;a=commitdiff_plain;h=14ccbff51cb6f230c0a1f85d7cd3d8d7d5502da2 Drop support for SixXS The project has announced that it will be shut down. The aiccu technology is not used by anybody else AFAIK hence we can drop this. Signed-off-by: Michael Tremer --- diff --git a/Makefile.am b/Makefile.am index f377747b..ecc6ed7c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -101,7 +101,6 @@ EXTRA_DIST += \ src/functions/functions.in dist_network_SCRIPTS = \ - src/functions/functions.aiccu \ src/functions/functions.at \ src/functions/functions.auth \ src/functions/functions.batman-adv \ @@ -171,8 +170,6 @@ dist_network_SCRIPTS = \ src/ppp/pppoe-server dist_helpers_SCRIPTS = \ - src/helpers/aiccu \ - src/helpers/aiccu-config-helper \ src/helpers/bridge-stp \ src/helpers/dhcpd-config-helper \ src/helpers/firewall-kernel-init \ @@ -216,7 +213,6 @@ dist_hooks_ports_SCRIPTS = \ dist_hooks_zones_SCRIPTS = \ src/hooks/zones/6rd \ src/hooks/zones/6to4-tunnel \ - src/hooks/zones/aiccu \ src/hooks/zones/bridge \ src/hooks/zones/modem \ src/hooks/zones/pppoe \ @@ -349,7 +345,6 @@ MANPAGES = \ man/network-zone.8 \ man/network-zone-6rd.8 \ man/network-zone-6to4-tunnel.8 \ - man/network-zone-aiccu.8 \ man/network-zone-bridge.8 \ man/network-zone-config-pppoe-server.8 \ man/network-zone-modem.8 \ diff --git a/man/network-zone-aiccu.xml b/man/network-zone-aiccu.xml deleted file mode 100644 index ecd3db76..00000000 --- a/man/network-zone-aiccu.xml +++ /dev/null @@ -1,188 +0,0 @@ - - - - - - network-zone-aiccu - network - - - - Developer - Stefan - Schantl - stefan.schantl@ipfire.org - - - - - - network-zone-aiccu - 8 - - - - network-zone-aiccu - Network Configuration Control Program - - - - - network zone new ZONE aiccu ... - - - - network zone ZONE edit ... - - - - - Description - - - The aiccu hook is used to create IPv6 tunnels over IPv4 networks - when the provider does not provide native IPv6. - - - - - Options - - - The following options are understood: - - - - - - - - - - - The username of your account from the tunnel brocker. - - - - - - - - - - - - The password of your account from the tunnel brocker. - - - - - - - Optional arguments, that can be used with aiccu. - - - - - - - - - - - The configuration server to use for setting up the tunnel. - - - - This option has to be set to the configuration server of your - tunnel brocker. Defaults to tic.sixxs.net. - - - - - - - - - - - - The used protocol to setup the tunnel. - - - - TIC is the Tunnel Information and Control protocol. It provides information - about tunnels and the ability to control the details of a tunnel to TIC clients. - - - - The Tunnel Setup Protocol (TSP) is used to negotiate IP tunnel setup parameters - between a tunnel client and a tunnel broker server. - - - - Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual - private networks (VPNs) or as part of the delivery of services by ISPs. - - - - This option defaults to tic and have - to be changed if your tunnel brocker does not support that. - - - - - - - - - - - - The ID of this tunnel, given to you by your tunnel brocker. - - - - This option is only required when multiple tunnels have been requested. - - - - - - - - - - - - Use STARTTLS to secure the connection to the configuration server. - - - - When set to true and the server does not support TLS, the transaction - will fail. When set to false, it also tries a STARTTLS, but if this is - not supported by the server, aiccu will continue and send the user and - password information as plain text. - - - - - - - - - See Also - - - - network - 8 - , - - network-zone - 8 - - - - diff --git a/src/functions/functions.aiccu b/src/functions/functions.aiccu deleted file mode 100644 index 1b5708fb..00000000 --- a/src/functions/functions.aiccu +++ /dev/null @@ -1,139 +0,0 @@ -#!/bin/bash -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2013 IPFire Network Development Team # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see . # -# # -############################################################################### - -# Define protocols which are supported by aiccu. -AICCU_SUPPORTED_PROTOCOLS="tic tsp l2tp" - -aiccu_start() { - local device=${1} - assert isset device - - # Tell systemd to start aiccu on this device. - service_start "aiccu@${device}.service" - local ret=$? - - if [ ${ret} -eq ${EXIT_OK} ]; then - log DEBUG "aiccu was successfully started on '${device}'." - else - log ERROR "Could not start aiccu properly on '${device}': ${ret}" - return ${EXIT_ERROR} - fi - - return ${EXIT_OK} -} - -aiccu_stop() { - local device=${1} - assert isset device - - # Tell sysemd to stop aiccu on this device. - service_stop "aiccu@${device}.service" -} - -aiccu_write_config() { - local device=${1} - local file=${2} - shift 2 - - assert isset device - assert isset file - - local username - local password - local server - local protocol="tic" - local tunnel_id - local require_tls - - while [ $# -gt 0 ]; do - case "${1}" in - --username=*) - username="$(cli_get_val ${1})" - ;; - --password=*) - password="$(cli_get_val ${1})" - ;; - --server=*) - server="$(cli_get_val ${1})" - ;; - --protocol=*) - protocol="$(cli_get_val ${1})" - ;; - --tunnel-id=*) - tunnel_id="$(cli_get_val ${1})" - ;; - --require-tls=*) - require_tls="$(cli_get_val ${1})" - - if enabled val; then - require_tls="true" - else - require_tls="false" - fi - ;; - esac - shift - done - - assert isset username - assert isset password - assert isset server - assert isset protocol - assert isset require_tls - assert isoneof protocol ${AICCU_SUPPORTED_PROTOCOLS} - - # Write configuration file header. - config_header "aiccu configuration file for ${zone}" > ${file} - - ( - print "# Server info" - print "server ${server}" - print "protocol ${protocol}" - print - - if isset tunnel_id; then - print "# Tunnel ID" - print "tunnel_id ${tunnel_id}" - print - fi - - print "# Credentials" - print "username ${username}" - print "password ${password}" - print - - print "ipv6_interface ${device}" - print "setupscript /usr/lib/network/helpers/aiccu" - print - - print "# Security" - print "requiretls ${require_tls}" - print - - # Misc. - print "defaultroute false" - print "verbose true" - print "daemonize false" - print "automatic true" - ) >> ${file} - - return ${EXIT_OK} -} diff --git a/src/helpers/aiccu b/src/helpers/aiccu deleted file mode 100644 index 604e7191..00000000 --- a/src/helpers/aiccu +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/bash -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2015 IPFire Network Development Team # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see . # -# # -############################################################################### - -. /usr/lib/network/functions - -# Read network settings -network_settings_read - -assert isset ACTION -assert isset INTERFACE - -case "${ACTION}" in - up) - db_set "${INTERFACE}/ipv6/local-ip-address" "${LOCAL_ADDRESS}" - db_set "${INTERFACE}/ipv6/remote-ip-address" "${REMOTE_ADDRESS}" - db_set "${INTERFACE}/ipv6/active" "1" - db_set "${INTERFACE}/ipv6/mtu" "${MTU}" - - # Refresh routing - routing_update "${INTERFACE}" ipv6 - routing_default_update - ;; - - down) - db_delete "${INTERFACE}/ipv6" - - # Refresh routing - routing_update "${INTERFACE}" ipv6 - routing_default_update - ;; - - *) - log ERROR "Unhandled action called: ${ACTION}" - exit ${EXIT_ERROR} - ;; -esac - -exit ${EXIT_OK} diff --git a/src/helpers/aiccu-config-helper b/src/helpers/aiccu-config-helper deleted file mode 100644 index bd6d9746..00000000 --- a/src/helpers/aiccu-config-helper +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/bash -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2013 IPFire Network Development Team # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see . # -# # -############################################################################### - -. /usr/lib/network/functions - -# Read network settings -network_settings_read - -action="${1}" -assert isset action - -zone="${2}" -assert isset zone -assert zone_exists ${zone} - -config_file="${RUN_DIR}/${zone}/aiccu.conf" - -case "${action}" in - create) - # Create the configuration file for this zone. - zone_settings_read "${zone}" - - config_dir="$(dirname ${config_file})" - mkdir -p ${config_dir} - - aiccu_write_config ${zone} ${config_file} \ - --server="${SERVER}" \ - --protocol="${PROTOCOL}" \ - --username="${USERNAME}" \ - --password="${PASSWORD}" \ - --tunnel-id="${TUNNEL_ID}" \ - --require-tls="${REQUIRE_TLS}" - ;; - - remove) - rm -f ${config_file} - ;; - - *) - log ERROR "Unknown action passed: ${action}" - exit ${EXIT_ERROR} - ;; -esac - -exit ${EXIT_OK} diff --git a/src/hooks/zones/aiccu b/src/hooks/zones/aiccu deleted file mode 100644 index d6f1e432..00000000 --- a/src/hooks/zones/aiccu +++ /dev/null @@ -1,127 +0,0 @@ -#!/bin/bash -############################################################################### -# # -# IPFire.org - A linux based firewall # -# Copyright (C) 2013 IPFire Network Development Team # -# # -# This program is free software: you can redistribute it and/or modify # -# it under the terms of the GNU General Public License as published by # -# the Free Software Foundation, either version 3 of the License, or # -# (at your option) any later version. # -# # -# This program is distributed in the hope that it will be useful, # -# but WITHOUT ANY WARRANTY; without even the implied warranty of # -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # -# # -# You should have received a copy of the GNU General Public License # -# along with this program. If not, see . # -# # -############################################################################### - -. /usr/lib/network/header-zone - -HOOK_SETTINGS="HOOK PASSWORD PROTOCOL REQUIRE_TLS USERNAME SERVER TUNNEL_ID" - -USERNAME= -PASSWORD= -SERVER="tic.sixxs.net" -PROTOCOL="tic" -TUNNEL_ID= -REQUIRE_TLS="true" - -hook_check_settings() { - assert isset USERNAME - assert isset PASSWORD - assert isset SERVER - assert isset PROTOCOL - assert isset REQUIRE_TLS - - # Check if a supported protocol has been given. - if ! list_match "${PROTOCOL}" ${AICCU_SUPPORTED_PROTOCOLS}; then - log ERROR "This protocol is not supported by aiccu: ${PROTOCOL}" - log ERROR "Valid protocols are: ${AICCU_SUPPORTED_PROTOCOLS}" - return ${EXIT_ERROR} - fi -} - -hook_parse_cmdline() { - local value - - while [ $# -gt 0 ]; do - case "$1" in - --username=*) - USERNAME="$(cli_get_val ${1})" - ;; - --password=*) - PASSWORD="$(cli_get_val ${1})" - ;; - --server=*) - SERVER="$(cli_get_val ${1})" - ;; - --protocol=*) - PROTOCOL="$(cli_get_val ${1})" - ;; - --tunnel-id=*) - TUNNEL_ID="$(cli_get_val ${1})" - ;; - --require-tls=*) - REQUIRE_TLS="$(cli_get_val ${1})" - - if enabled val; then - REQUIRE_TLS="true" - else - REQUIRE_TLS="false" - fi - ;; - *) - echo "Unknown option: $1" >&2 - exit ${EXIT_ERROR} - ;; - esac - shift - done -} - -hook_up() { - local zone=${1} - assert isset zone - - # Start aiccu on this zone. - aiccu_start ${zone} - - exit ${EXIT_OK} -} - -hook_down() { - local zone=${1} - assert isset zone - - # Stop aiccu on this zone. - aiccu_stop ${zone} - - exit ${EXIT_OK} -} - -hook_status() { - local zone=${1} - assert isset zone - - cli_device_headline ${zone} - - zone_settings_read "${zone}" - - cli_headline 2 "Configuration" - cli_print_fmt1 2 "User" "${USERNAME}" - cli_print_fmt1 2 "Secret" "" - cli_space - cli_print_fmt1 2 "Server" "${SERVER}" - cli_print_fmt1 2 "Protocol" "${PROTOCOL}" - if isset TUNNEL_ID; then - cli_space - cli_print_fmt1 2 "Tunnel ID" "${TUNNEL_ID}" - fi - cli_space - - exit ${EXIT_OK} -} diff --git a/src/tmpfiles/network.conf b/src/tmpfiles/network.conf index 9eb4380b..856c9d65 100644 --- a/src/tmpfiles/network.conf +++ b/src/tmpfiles/network.conf @@ -2,7 +2,6 @@ # This will hold temporary configuration files, # PID files and much more. d /run/network 0755 root root - -d /run/network/aiccu 0755 root root - d /run/network/hostapd 0755 root root - # Point-to-point protocol daemon