#!/bin/sh
#
# openvpn       This shell script takes care of starting and stopping openvpn
#
# The init script does the following:
#
# - Starts an openvpn process for each .conf file it finds in
#   /etc/openvpn/work
#
# - If /etc/openvpn/work/xxx.sh exists for a xxx.conf file then it executes
#   it before starting openvpn (useful for doing openvpn --mktun...).

# Location of openvpn binary
openvpn=""
openvpn_locations="/sbin/openvpn /usr/sbin/openvpn /usr/local/sbin/openvpn"
for location in $openvpn_locations
do
  if [ -f "$location" ]
  then
    openvpn=$location
  fi
done

if [ ! -d /var/lock/subsys/ ]; then
  mkdir -p /var/lock/subsys > /dev/null 2>/dev/null
fi

# Lockfile
lock="/var/lock/subsys/openvpn_client"

# PID directory
piddir="/var/run/openvpn_client"

# Our working directory
work=/etc/openvpn/work/client

# Source function library.
#. /etc/rc.d/init.d/functions

# Source networking configuration.
#. /etc/sysconfig/network

# Check that networking is up.
#if [ ${NETWORKING} = "no" ]
#then
#  echo "Networking is down"
#  exit 0
#fi

# Check that binary exists
if ! [ -f  $openvpn ] 
then
  echo "openvpn binary not found"
  exit 0
fi

. /etc/openvpn/work/vars

# See how we were called.
case "$1" in
  start)
	echo -n $"Starting openvpn: "

	/sbin/modprobe tun >/dev/null 2>&1

	killall openvpn_client_logrotate
	
	# Run startup script, if defined
	if [ -f $work/openvpn-startup ]; then
	    $work/openvpn-startup
	fi

	if [ ! -d  $piddir ]; then
	    mkdir $piddir
	fi

	if [ -f $lock ]; then
	    # we were not shut down correctly
	    for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
	      if [ -s $pidf ]; then
		kill `cat $pidf` >/dev/null 2>&1
	      fi
	      rm -f $pidf
	    done
	    rm -f $lock
	    sleep 2
	fi

	rm -f $piddir/*.pid

	errors=0
	successes=0

	if [ -d $work ]; then
		cd $work

		# Start every .conf in $work and run .sh if exists
		for c in `/bin/ls *.conf 2>/dev/null`; do
			bn=${c%%.conf}
			if [ -f "$bn.sh" ]; then
			. ./$bn.sh
			fi
			rm -f $piddir/$bn.pid
				# Handle backward compatibility, see Red Hat Bugzilla ID #458594
				script_security=''
				if [ -z "$( grep '^[[:space:]]*script-security[[:space:]]' $c )" ]; then
					script_security="--script-security 2"
				fi

				up=''
				if [ -x "$bn.up" ]; then
				  up="--up ./"$bn.up
				fi
				down=''
				if [ -x "$bn.down" ]; then
				  down="--down ./"$bn.down
				fi

			$openvpn --daemon --writepid $piddir/$bn.pid --cd $work --config $c $script_security $up $down

			if [ $? = 0 ]; then
				successes=1
				/etc/init.d/openvpn_client_logrotate &
			else
				errors=1
			fi
		done
	fi #if [ -d $work ]

	if [ $errors = 1 ]; then
	    #failure; echo
	    echo "Failure"
	else
	    #success; echo
	    echo "Success"
	fi

	if [ $successes = 1 ]; then
	    touch $lock
	fi
	;;
  stop)
	echo -n $"Shutting down openvpn: "
	
	killall openvpn_client_logrotate
	
	for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
	  if [ -s $pidf ]; then
	    kill `cat $pidf` >/dev/null 2>&1
	  fi
	  rm -f $pidf
	done

	# Run shutdown script, if defined
	if [ -f $work/openvpn-shutdown ]; then
	    $work/openvpn-shutdown
	fi

	#success; echo
	echo "Success"
	rm -f $lock
	;;
  restart)
	$0 stop
	sleep 2
	$0 start
	;;
  reload)
	if [ -f $lock ]; then
	    for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
		if [ -s $pidf ]; then
		    kill -HUP `cat $pidf` >/dev/null 2>&1
		fi
	    done
	else
	    echo "openvpn: service not started"
	    exit 1
	fi
	;;
  reopen)
	if [ -f $lock ]; then
	    for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
		if [ -s $pidf ]; then
		    kill -USR1 `cat $pidf` >/dev/null 2>&1
		fi
	    done
	else
	    echo "openvpn: service not started"
	    exit 1
	fi
	;;
  condrestart)
	if [ -f $lock ]; then
	    $0 stop
	    # avoid race
	    sleep 2
	    $0 start
	fi
	;;
  status)
	if [ -f $lock ]; then
	    for pidf in `/bin/ls $piddir/*.pid 2>/dev/null`; do
		if [ -s $pidf ]; then
		    kill -USR2 `cat $pidf` >/dev/null 2>&1
		fi
	    done
	    echo "Status written to /var/log/messages"
	else
	    echo "openvpn: service not started"
	    exit 1
	fi
        ;;
  *)
	echo "Usage: openvpn {start|stop|restart|condrestart|reload|reopen|status}"
	exit 1
	;;
esac
exit 0
