#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2013  IPFire Network Development Team                         #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

. /usr/lib/network/header-zone

HOOK_SETTINGS="HOOK PASSWORD PROTOCOL REQUIRE_TLS USERNAME SERVER TUNNEL_ID"

USERNAME=
PASSWORD=
SERVER="tic.sixxs.net"
PROTOCOL="tic"
TUNNEL_ID=
REQUIRE_TLS="true"

hook_check_settings() {
	assert isset USERNAME
	assert isset PASSWORD
	assert isset SERVER
	assert isset PROTOCOL
	assert isset REQUIRE_TLS

	# Check if a supported protocol has been given.
	if ! list_match "${PROTOCOL}" ${AICCU_SUPPORTED_PROTOCOLS}; then
		log ERROR "This protocol is not supported by aiccu: ${PROTOCOL}"
		log ERROR "Valid protocols are: ${AICCU_SUPPORTED_PROTOCOLS}"
		return ${EXIT_ERROR}
	fi
}

hook_parse_cmdline() {
	local value

	while [ $# -gt 0 ]; do
		case "$1" in
			--username=*)
				USERNAME="$(cli_get_val ${1})"
				;;
			--password=*)
				PASSWORD="$(cli_get_val ${1})"
				;;
			--server=*)
				SERVER="$(cli_get_val ${1})"
				;;
			--protocol=*)
				PROTOCOL="$(cli_get_val ${1})"
				;;
			--tunnel-id=*)
				TUNNEL_ID="$(cli_get_val ${1})"
				;;
			--require-tls=*)
				REQUIRE_TLS="$(cli_get_val ${1})"

				if enabled val; then
					REQUIRE_TLS="true"
				else
					REQUIRE_TLS="false"
				fi
				;;
			*)
				echo "Unknown option: $1" >&2
				exit ${EXIT_ERROR}
				;;
		esac
		shift
	done
}

hook_up() {
	local zone=${1}
	assert isset zone

	# Start aiccu on this zone.
	aiccu_start ${zone}

	exit ${EXIT_OK}
}

hook_down() {
	local zone=${1}
	assert isset zone

	# Stop aiccu on this zone.
	aiccu_stop ${zone}

	exit ${EXIT_OK}
}

hook_status() {
	local zone=${1}
	assert isset zone

	cli_device_headline ${zone}

	zone_settings_read "${zone}"

	cli_headline 2 "Configuration"
	cli_print_fmt1 2 "User" "${USERNAME}"
	cli_print_fmt1 2 "Secret" "<hidden>"
	cli_space
	cli_print_fmt1 2 "Server" "${SERVER}"
	cli_print_fmt1 2 "Protocol" "${PROTOCOL}"
	if isset TUNNEL_ID; then
		cli_space
		cli_print_fmt1 2 "Tunnel ID" "${TUNNEL_ID}"
	fi
	cli_space

	exit ${EXIT_OK}
}
