[openwrt/openwrt] openvpn: Allow override of interface name

Thu Jul 23 07:10:13 EDT 2020

jow pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/cdb25bcef3799ae2bee026a51f2f9a4e19da1e5c

commit cdb25bcef3799ae2bee026a51f2f9a4e19da1e5c
Author: Michal Hrusecky <michal at hrusecky.net>
AuthorDate: Mon Jul 20 15:23:07 2020 +0200

    openvpn: Allow override of interface name
    
    If using a configuration file for OpenVPN, allow overriding name of the
    interface. The reason is that then people could use configuration file
    provided by VPN provider directly and override the name of the interface
    to include it in correct firewall zone without need to alter the
    configuration file.
    
    Signed-off-by: Michal Hrusecky <michal at hrusecky.net>
    (cherry picked from commit c93667358515ec078ef4ac96393623ac084e5c9e)
---
 package/network/services/openvpn/Makefile          |  2 +-
 .../network/services/openvpn/files/openvpn.init    | 37 +++++++++++++++++++++-
 2 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/package/network/services/openvpn/Makefile b/package/network/services/openvpn/Makefile
index 3bd7ad8d1c..8126b3a7c7 100644
--- a/package/network/services/openvpn/Makefile
+++ b/package/network/services/openvpn/Makefile
@@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk
 PKG_NAME:=openvpn
 
 PKG_VERSION:=2.4.9
-PKG_RELEASE:=2
+PKG_RELEASE:=3
 
 PKG_SOURCE_URL:=\
 	https://build.openvpn.net/downloads/releases/ \
diff --git a/package/network/services/openvpn/files/openvpn.init b/package/network/services/openvpn/files/openvpn.init
index a560b89ff2..a454eb4ba0 100644
--- a/package/network/services/openvpn/files/openvpn.init
+++ b/package/network/services/openvpn/files/openvpn.init
@@ -69,6 +69,40 @@ section_enabled() {
 	[ $enable -gt 0 ] || [ $enabled -gt 0 ]
 }
 
+openvpn_get_dev() {
+	local dev dev_type
+	local name="$1"
+	local conf="$2"
+
+	# Do override only for configurations with config_file
+	config_get config_file "$name" config
+	[ -n "$config_file" ] || return
+
+	# Check there is someething to override
+	config_get dev "$name" dev
+	config_get dev_type "$name" dev_type
+	[ -n "$dev" ] || return
+
+	# If there is a no dev_type, try to guess it
+	if [ -z "$dev_type" ]; then
+		. /lib/functions/openvpn.sh
+
+		local odev odev_type
+		get_openvpn_option "$conf" odev dev
+		get_openvpn_option "$conf" odev_type dev-type
+		[ -n "$odev_type" ] || odev_type="$odev"
+
+		case "$odev_type" in
+			tun*) dev_type="tun" ;;
+			tap*) dev_type="tap" ;;
+			*) return;;
+		esac
+	fi
+
+	# Return overrides
+	echo "--dev-type $dev_type --dev $dev"
+}
+
 openvpn_add_instance() {
 	local name="$1"
 	local dir="$2"
@@ -83,7 +117,8 @@ openvpn_add_instance() {
 		--config "$conf" \
 		--up "/usr/libexec/openvpn-hotplug up $name" \
 		--down "/usr/libexec/openvpn-hotplug down $name" \
-		--script-security "${security:-2}"
+		--script-security "${security:-2}" \
+		$(openvpn_get_dev "$name" "$conf")
 	procd_set_param file "$dir/$conf"
 	procd_set_param term_timeout 15
 	procd_set_param respawn

