#!/bin/sh /etc/rc.common
# Copyright (C) 2016 OpenWrt.org

START=80
STOP=20
USE_PROCD=1

PROG=/usr/bin/obfsproxy

append_arg() {
	local cfg="$1"
	local var="$2"
	local opt="$3"
	local def="$4"
	local val

	config_get val "$cfg" "$var"
	[ -n "$val" -o -n "$def" ] && procd_append_param command "$opt" "${val:-$def}"
}

append_bool() {
	local cfg="$1"
	local var="$2"
	local opt="$3"
	local def="$4"
	local val

	config_get_bool val "$cfg" "$var" "$def"
	[ "$val" = 1 ] && procd_append_param command "$opt"
}

append_plain() {
	procd_append_param command "$1"
}

append_param() {
	local cfg="$1"
	local var="$2"
	local opt="$3"
	local def="$4"
	local val

	config_get val "$cfg" "$var"
	[ -n "$val" -o -n "$def" ] && procd_append_param "$opt" "${val:-$def}"
}

append_proxy_spec() {
	local cfg="$1"
	local scheme_var="$2"
	local username_var="$3"
	local password_var="$4"
	local host_var="$5"
	local port_var="$6"
	local opt="$7"
	local def="$8"
	local scheme
	local username
	local password
	local host
	local port
	local login
	local val

	config_get scheme "$cfg" "$scheme_var"
	config_get username "$cfg" "$username_var"
	config_get password "$cfg" "$password_var"
	config_get host "$cfg" "$host_var"
	config_get port "$cfg" "$port_var"
	[ "$username" ] && login="$username${password:+:$password}@"
	[ -n "$scheme" -a -n "$host" -a -n "$port" ] && val="$scheme://$login$host:$port"
	[ -n "$val" -o -n "$def" ] && procd_append_param command "$opt" "${val:-$def}"
}

append_host_port() {
	local cfg="$1"
	local host_var="$2"
	local port_var="$3"
	local opt="$4"
	local def="$5"
	local host
	local port
	local val

	config_get host "$cfg" "$host_var"
	config_get port "$cfg" "$port_var"
	[ -n "$host" -a -n "$port" ] && val="$host:$port"
	[ -n "$val" -o -n "$def" ] && {
		[ "$opt" ] && procd_append_param command "$opt"
		procd_append_param command "${val:-$def}"
	}
}

start_instance() {
	local cfg="$1"
	local lib_dir="/var/lib/obfsproxy/$cfg"
	local redirect=0
	local enabled
	local user
	local transport
	local password
	local log_min_severity

	config_get_bool enabled "$cfg" 'enabled' '0'
	[ "$enabled" = 0 ] && return 1

	config_get user "$cfg" 'user' 'root'
	config_get transport "$cfg" 'transport'
	[ "$transport" = "scramblesuit" ] && config_get password "$cfg" 'password'

	[ -d "$lib_dir" ] || {
		mkdir -m 0755 -p "$lib_dir/data"
		chmod -R 0700 "$lib_dir"
	}
	[ "$password" ] && {
		echo "$password" > "$lib_dir/secret"
		chmod 0600 "$lib_dir/secret"
	}
	chown -R "$user:" "$lib_dir"

	config_get log_min_severity "$cfg" 'log_min_severity'
	[ "$log_min_severity" = "debug" ] && redirect=1

	procd_open_instance

	procd_set_param command "$PROG" --data-dir "$lib_dir/data" --syslog "obfsproxy($cfg)"

	append_arg "$cfg" log_file "--log-file"
	append_arg "$cfg" log_min_severity "--log-min-severity"
	append_bool "$cfg" no_log "--no-log"
	append_bool "$cfg" no_safe_logging "--no-safe-logging"
	append_proxy_spec "$cfg" proxy_scheme proxy_username proxy_password proxy_host proxy_port "--proxy"

	append_param "$cfg" transport command
	[ "$transport" = "obfs2" ] && append_arg "$cfg" password "--shared-secret"
	[ "$password" ] && procd_append_param command "--password-file" "$lib_dir/secret"

	append_param "$cfg" mode command
	append_host_port "$cfg" dest_host dest_port "--dest"
	append_arg "$cfg" ext_cookie_file "--ext-cookie-file"

	append_host_port "$cfg" listen_host listen_port

	procd_set_param respawn
	procd_set_param stdout $redirect
	procd_set_param stderr $redirect
	append_param "$cfg" user user

	procd_close_instance
}

service_triggers() {
	procd_add_reload_trigger obfsproxy
}

start_service() {
	config_load obfsproxy
	config_foreach start_instance obfsproxy
}