#! /bin/sh -e
### BEGIN INIT INFO
# Provides:          stunnel4
# Required-Start:    $local_fs $remote_fs
# Required-Stop:     $local_fs $remote_fs
# Should-Start:      $syslog
# Should-Stop:       $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start or stop stunnel 4.x (SSL tunnel for network daemons)
# Description:       Starts or stops all configured SSL network tunnels. Each *.conf file in
#                    /etc/stunnel/ will spawn a separate stunnel process. The list of files
#                    can be overriden in /etc/default/stunnel, and that same file can be used
#                    to completely disable *all* tunnels.
### END INIT INFO

. /lib/lsb/init-functions

DEFAULTPIDFILE="/var/run/stunnel4.pid"
DAEMON=/usr/bin/stunnel4
NAME=stunnel
DESC="SSL tunnels"
OPTIONS=""
ENABLED=0

get_opt() {
  sed -e "s;^[[:space:]]*;;" -e "s;[[:space:]]*$;;" \
    -e "s;[[:space:]]*=[[:space:]]*;=;" "$1" |
    grep -i "^$2=" | sed -e "s;^[^=]*=;;"
}

get_pids() {
  local file=$1
  if [ -f $file ]; then
    CHROOT=`get_opt $file chroot`
    PIDFILE=`get_opt $file pid`
    if [ "$PIDFILE" = "" ]; then
      PIDFILE=$DEFAULTPIDFILE
    fi
    if [ -f $CHROOT/$PIDFILE ]; then
      cat $CHROOT/$PIDFILE
    fi
  fi
}

startdaemons() {
  if ! [ -d /var/run/stunnel4 ]; then
    rm -rf /var/run/stunnel4
    install -d -o stunnel4 -g stunnel4 /var/run/stunnel4
  fi
  if [ -n "$RLIMITS" ]; then
    ulimit $RLIMITS
  fi
  for file in $FILES; do 
    if [ -f $file ]; then
      ARGS="$file $OPTIONS"
      PROCLIST=`get_pids $file`
      if egrep -qe '^pid[[:space:]]*=' "$file"; then
	warn=''
      else
	warn=' (no pid=pidfile specified!)'
      fi
      if [ "$PROCLIST" ] && kill -s 0 $PROCLIST 2>/dev/null; then
        echo -n "[Already running$warn: $file] "
      elif $DAEMON $ARGS; then
	echo -n "[Started$warn: $file] "
      else
	echo "[Failed$warn: $file]"
	echo "You should check that you have specified the pid= in you configuration file"
	exit 1
      fi
    fi
  done;
}

killdaemons()
{
  SIGNAL=${1:-TERM}
  for file in $FILES; do
    PROCLIST=`get_pids $file`
    if [ "$PROCLIST" ] && kill -s 0 $PROCLIST 2>/dev/null; then
       kill -s $SIGNAL $PROCLIST
       echo -n "[stopped: $file] "
    fi
  done
}

querydaemons()
{
  res=0
  echo -n "$DESC status:"
  for file in $FILES; do
    echo -n " $file: "
    PROCLIST=`get_pids $file`
    if [ "$PROCLIST" ] && kill -s 0 $PROCLIST 2>/dev/null; then
      echo -n 'running'
    else
      echo -n 'stopped'
      res=1
    fi
  done
  echo ''
  exit "$res"
}

if [ "x$OPTIONS" != "x" ]; then
  OPTIONS="-- $OPTIONS"
fi

[ -f /etc/default/stunnel4 ] && . /etc/default/stunnel4
if [ "$ENABLED" = "0" ] ; then
  echo "$DESC disabled, see /etc/default/stunnel4"
  exit 0
fi

# If the user want to manage a single tunnel, the conf file's name
# is in $2. Otherwise, respect /etc/default/stunnel4 setting. If no
# setting there, use /etc/stunnel/*.conf
if [ -n "${2:-}" ]; then
  if [ -e "/etc/stunnel/$2.conf" ]; then
    FILES="/etc/stunnel/$2.conf"
  else
    echo >&2 "/etc/stunnel/$2.conf does not exist."
    exit 1
  fi
else
  if [ -z "$FILES" ]; then
    FILES="/etc/stunnel/*.conf"
  fi
fi

[ -x $DAEMON ] || exit 0

set -e

case "$1" in
  start)
        echo -n "Starting $DESC: "
        startdaemons
        echo "$NAME."
        ;;
  stop)
        echo -n "Stopping $DESC: "
        killdaemons
        echo "$NAME."
        ;;
  reopen-logs)
        echo -n "Reopening log files $DESC: "
        killdaemons USR1
        echo "$NAME."
        ;;
  force-reload|reload)
        echo -n "Reloading configuration $DESC: "
        killdaemons HUP
        echo "$NAME."
        ;;  
  restart)
        echo -n "Restarting $DESC: "
        killdaemons
        sleep 5
        startdaemons
        echo "$NAME."
        ;;
  status)
	querydaemons
	;;
  *)
        N=/etc/init.d/$NAME
        echo "Usage: $N {start|stop|status|reload|reopen-logs|restart} [<stunnel instance>]" >&2
        exit 1
        ;;
esac

exit 0
