#!/bin/sh

DAEMON=openssh
DAEMON_LONG_NAME="openssh SSH server"
DAEMON_BIN=sshd
. /etc/init.d/modlibrc

CONFFILE=/mod/etc/sshd_conf

gen_key() {
	rm -f "$1"
	rm -f "$1.pub"
	echo "Creating host key $(basename $1)"
	if [ ! -e /usr/bin/ssh-keygen ]; then
		echo "Error[$DAEMON]: Can't generate key. Please include openssh keyutils to your image or provide public and private $2 host keys via Web Interface!"
		exit 1
	fi
	/usr/bin/ssh-keygen -q -t $2 -f "$1" -N ""
}

check_key_file() {
	if [ -e "$1" ]; then
		grep -q "[a-zA-Z0-9]" $1 && return
	fi
	gen_key "$1" "$2"
	chmod 600 $1
	/usr/bin/modsave flash
}

# BEGIN compat
convert_compat()
{
	if [ -d "/tmp/flash/.ssh" ]; then
		rm -rf /tmp/flash/openssh
		mv /tmp/flash/.ssh /tmp/flash/openssh
	fi
	[ -e /tmp/flash/rsa_host_key ] && mv /tmp/flash/rsa_host_key /tmp/flash/openssh/rsa_host_key
	[ -e /tmp/flash/dsa_host_key ] && mv /tmp/flash/dsa_host_key /tmp/flash/openssh/dsa_host_key
	[ -e /tmp/flash/host_key ] && mv /tmp/flash/host_key /tmp/flash/openssh/host_key
}
# END compat

config() {
	mkdir -p /tmp/flash/openssh
	mkdir -p /var/empty

	# BEGIN compat
	convert_compat
	# END compat

	check_key_file "/tmp/flash/openssh/rsa_host_key" "rsa"
	check_key_file "/tmp/flash/openssh/dsa_host_key" "dsa"

	if [ ! -d "/mod/etc/ssh" ]; then
		mkdir -p /mod/etc/ssh
		ln -s /tmp/flash/openssh/rsa_host_key /mod/etc/ssh/rsa_host_key
		ln -s /tmp/flash/openssh/dsa_host_key /mod/etc/ssh/dsa_host_key
	fi

	echo "$OPENSSH_SETTINGS" > $CONFFILE
	if [ "$OPENSSH_PWDAUTH" = "yes" ]; then
		if cat /etc/shadow | grep -q '^root:[*!]:'; then
			echo "Error[$DAEMON]: no root password set - run 'passwd root'" 1>&2
			exit 1
		fi
		echo "PasswordAuthentication yes" >> $CONFFILE
	else
		echo "PasswordAuthentication no" >> $CONFFILE
	fi
	if [ "$OPENSSH_ROOT" = "yes" ]; then
		echo "PermitRootLogin yes" >> $CONFFILE
	else
		echo "PermitRootLogin no" >> $CONFFILE
	fi
}

start() {
	set -o noglob
	modlib_startdaemon /usr/sbin/sshd -p "$OPENSSH_PORT" -f $CONFFILE $OPENSSH_OPTIONS
}

case $1 in
	""|load)
		modreg cgi 'openssh' 'OpenSSH sshd'
		modreg daemon $DAEMON

		modreg file openssh "dsa_key" "dsa_key" 0 "dsa_key"
		modreg file openssh "rsa_key" "rsa_key" 0 "rsa_key"

		mkdir -p /tmp/openssh
		modlib_addgroup sshd
		modlib_adduser sshd -G sshd -s /bin/false -H -D -h /tmp/openssh -g "sshd account"

		modlib_start $OPENSSH_ENABLED
		;;
	unload)
		modunreg daemon $DAEMON
		modunreg cgi openssh
		modlib_stop
		;;
	start)
		modlib_start
		;;
	stop)
		modlib_stop
		;;
	restart)
		modlib_restart
		;;
	status)
		modlib_status
		;;
	*)
		echo "Usage: $0 [load|unload|start|stop|restart|status]" 1>&2
		exit 1
		;;
esac

exit 0