#!/sbin/openrc-run
# Copyright 1999-2015 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-misc/openssh/files/sshd.rc6.4,v 1.5 2015/05/04 02:56:25 vapier Exp $

description="OpenBSD Secure Shell server"
description_checkconfig="Verify configuration file"
description_reload="Reload configuration"

extra_commands="checkconfig"
extra_started_commands="reload"

: ${SSHD_CONFDIR:=/etc/ssh}
: ${SSHD_CONFIG:=${SSHD_CONFDIR}/sshd_config}
: ${SSHD_PIDFILE:=/run/${SVCNAME}.pid}
: ${SSHD_BINARY:=/usr/sbin/sshd}

depend() {
	use logger dns
	if [ "${rc_need+set}" = "set" ] ; then
		: # Do nothing, the user has explicitly set rc_need
	else
		local x warn_addr
		for x in $(awk '/^ListenAddress/{ print $2 }' "$SSHD_CONFIG" 2>/dev/null) ; do
			case "${x}" in
				0.0.0.0|0.0.0.0:*) ;;
				::|\[::\]*) ;;
				*) warn_addr="${warn_addr} ${x}" ;;
			esac
		done
		if [ -n "${warn_addr}" ] ; then
			need net
			ewarn "You are binding an interface in ListenAddress statement in your sshd_config!"
			ewarn "You must add rc_need=\"net.FOO\" to your /etc/conf.d/sshd"
			ewarn "where FOO is the interface(s) providing the following address(es):"
			ewarn "${warn_addr}"
		fi
	fi
}

checkconfig() {
	if [ ! -d /var/empty ] ; then
		mkdir -p /var/empty || return 1
	fi

	if [ ! -e "${SSHD_CONFIG}" ] ; then
		eerror "You need an ${SSHD_CONFIG} file to run sshd"
		eerror "There is a sample file in /usr/share/doc/openssh"
		return 1
	fi

	if ! yesno "${SSHD_DISABLE_KEYGEN}"; then
		ssh-keygen -A || return 1
	fi

	[ "${SSHD_PIDFILE}" != "/run/sshd.pid" ] \
		&& SSHD_OPTS="${SSHD_OPTS} -o PidFile=${SSHD_PIDFILE}"
	[ "${SSHD_CONFIG}" != "/etc/ssh/sshd_config" ] \
		&& SSHD_OPTS="${SSHD_OPTS} -f ${SSHD_CONFIG}"

	"${SSHD_BINARY}" -t ${SSHD_OPTS} || return 1
}

start() {
	checkconfig || return 1

	ebegin "Starting ${SVCNAME}"
	start-stop-daemon --start --exec "${SSHD_BINARY}" \
	    --pidfile "${SSHD_PIDFILE}" \
	    -- ${SSHD_OPTS}
	eend $?
}

stop() {
	if [ "${RC_CMD}" = "restart" ] ; then
		checkconfig || return 1
	fi

	ebegin "Stopping ${SVCNAME}"
	start-stop-daemon --stop --exec "${SSHD_BINARY}" \
	    --pidfile "${SSHD_PIDFILE}" --quiet
	eend $?

	if [ "$RC_RUNLEVEL" = "shutdown" ]; then
		local _p _sshd_pids
		for _p in $(pgrep "${SSHD_BINARY##*/}"); do
			[ "$(realpath /proc/$_p/exe)" = "${SSHD_BINARY}" ] \
				|| continue
			_sshd_pids="$_sshd_pids $_p"
		done
		if [ -n "$_sshd_pids" ]; then
			ebegin "Shutting down ssh connections"
			kill -TERM $_sshd_pids >/dev/null 2>&1
			eend 0
		fi
	fi
}

reload() {
	checkconfig || return 1
	ebegin "Reloading ${SVCNAME}"
	start-stop-daemon --signal HUP \
	    --exec "${SSHD_BINARY}" --pidfile "${SSHD_PIDFILE}"
	eend $?
}