23 files changed, 455 insertions, 0 deletions

diff --git a/retiolum/bin/announce_pubkey b/retiolum/bin/announce_pubkey
new file mode 100755
index 00000000..ce5aed19
--- /dev/null
+++ b/retiolum/bin/announce_pubkey
@@ -0,0 +1,35 @@
+#!/bin/sh
+set -euf
+HOST="${1:-}"
+
+usage (){
+cat <<EOF
+usage: $0 HOSTNAME
+
+also, you are made of stupid
+EOF
+exit 23
+}
+
+[ "x$HOST" = "x" ] && usage
+
+CHANNEL="#krebsco"
+IRCHOST="irc.freenode.net"
+PORT=6667
+RETIOLUM="/etc/tinc/retiolum"
+PUBFILE="$RETIOLUM/hosts/$HOST"
+
+if [ ! -e $PUBFILE ] ;then
+    echo "cannot find $PUBFILE - host $HOST wrong?" ; 
+    echo
+    usage
+fi
+
+NICK="${HOST}_$((RANDOM%666))"
+
+(   echo "NICK $NICK";
+    echo "USER $NICK $IRCHOST bla : $NICK";
+    echo "JOIN $CHANNEL";
+    sleep 23;
+    sed "s/^\(.*\)/PRIVMSG $CHANNEL : \1/" $PUBFILE;
+    sleep 5; ) | telnet $IRCHOST $PORT
diff --git a/retiolum/bin/check-free-retiolum-v4 b/retiolum/bin/check-free-retiolum-v4
new file mode 100755
index 00000000..3492f7f6
--- /dev/null
+++ b/retiolum/bin/check-free-retiolum-v4
@@ -0,0 +1,21 @@
+#! /bin/sh
+netname=retiolum
+myipv4=${1-10.243.0.-1}
+v4num=${myipv4##*.}
+printf "Retard check: "
+if [ "$v4num" -gt 0 -a "$v4num" -lt "256" ];
+then 
+  printf "No retard detected\n"
+  cd /etc/tinc/$netname/hosts
+  printf "Check if ip is still free: "
+  for i in `ls -1`; do
+    if grep -q -e $myipv4\$ $i ;then
+      echo "Host IP already taken by $i! "
+      exit 1
+    fi
+  done
+  printf "Passed\n"
+else
+  printf "you are made of stupid. bailing out\n" 
+  exit 1
+fi
diff --git a/retiolum/bin/check-free-retiolum-v6 b/retiolum/bin/check-free-retiolum-v6
new file mode 100755
index 00000000..20f87efe
--- /dev/null
+++ b/retiolum/bin/check-free-retiolum-v6
@@ -0,0 +1,2 @@
+#! /bin/sh
+exit 0
diff --git a/retiolum/bin/create-host-tar b/retiolum/bin/create-host-tar
new file mode 100755
index 00000000..48ce26d5
--- /dev/null
+++ b/retiolum/bin/create-host-tar
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -euf
+if [ x"${1:-}" = "x" ];then
+	echo "usage: $0 DIRECTORY"
+	exit 1
+fi
+
+WEBDIR=$1
+HOSTDIR=${HOSTDIR:-../hosts}
+HOSTFILE=$WEBDIR/hosts.tar.gz
+
+cd $(dirname $(readlink -f $0))
+rm -f $HOSTFILE
+tar czf  $HOSTFILE  -C $HOSTDIR .
+chmod a+rx $HOSTFILE
diff --git a/retiolum/bin/create-supernode-tar b/retiolum/bin/create-supernode-tar
new file mode 100755
index 00000000..1e90c26c
--- /dev/null
+++ b/retiolum/bin/create-supernode-tar
@@ -0,0 +1,13 @@
+#!/bin/sh
+set -euf
+if [ x"${1:-}" = "x" ];then
+	echo "usage: $0 DIRECTORY"
+	exit 1
+fi
+HOSTDIR=${HOSTDIR:-../hosts}
+WEBDIR=$1
+HOSTFILE=$WEBDIR/supernodes.tar.gz
+cd $(dirname $(readlink -f $0))
+rm -f $HOSTFILE
+tar czf $HOSTFILE  -C $HOSTDIR `python ../scripts/adv_graphgen/tinc_stats/Supernodes.py |cut -d\  -f1`
+chmod a+rx $HOSTFILE
diff --git a/retiolum/bin/dump-graph b/retiolum/bin/dump-graph
new file mode 100755
index 00000000..87539f49
--- /dev/null
+++ b/retiolum/bin/dump-graph
@@ -0,0 +1,9 @@
+#! /bin/sh
+set -euf
+
+t0="`date '+%Y-%m-%d %H:%M:%S'`"
+systemctl kill --signal=USR2 tincd@retiolum
+sleep 5
+journalctl --since="$t0" | sed -n '
+  s/.*tinc\.retiolum\[[0-9]\+\]: \([^ ]\+\) to \([^ ]\+\) at \([^ ]\+\) .*$/\1 \2 \3/p
+'
diff --git a/retiolum/bin/fillxx b/retiolum/bin/fillxx
new file mode 100755
index 00000000..5e558362
--- /dev/null
+++ b/retiolum/bin/fillxx
@@ -0,0 +1,6 @@
+#! /bin/sh
+while echo $1 | grep -q xx; do 
+  xx=`od -An -tx1 -N 1 /dev/urandom | tr -d \ `
+  set -- `echo $1 | sed s/xx/$xx/`
+done
+echo $1 
diff --git a/retiolum/bin/find-active-nodes b/retiolum/bin/find-active-nodes
new file mode 100755
index 00000000..2c316d0e
--- /dev/null
+++ b/retiolum/bin/find-active-nodes
@@ -0,0 +1,21 @@
+#! /bin/dash
+set -eu
+cd /etc/tinc/retiolum/hosts
+for name in `
+  grep '^[[:space:]]*Address[[:space:]]*=' * |
+    cut -d: -f1 | sort | uniq
+`; do
+  if eval "`sed -n '
+      s/[[:space:]]\+//g
+      s/^\(Address\|Port\)=\(.*\)/\1="\${\1+\$\1\n}\2"/p
+    ' $name`"; then
+    port=${Port-655}
+    for host in $Address; do
+      if nc -zw 2 $host $port 2>/dev/null; then
+        echo "$name [('$host', $port)]"
+      fi &
+    done
+    wait
+  fi &
+done
+wait
diff --git a/retiolum/bin/find-supernodes b/retiolum/bin/find-supernodes
new file mode 100755
index 00000000..2c316d0e
--- /dev/null
+++ b/retiolum/bin/find-supernodes
@@ -0,0 +1,21 @@
+#! /bin/dash
+set -eu
+cd /etc/tinc/retiolum/hosts
+for name in `
+  grep '^[[:space:]]*Address[[:space:]]*=' * |
+    cut -d: -f1 | sort | uniq
+`; do
+  if eval "`sed -n '
+      s/[[:space:]]\+//g
+      s/^\(Address\|Port\)=\(.*\)/\1="\${\1+\$\1\n}\2"/p
+    ' $name`"; then
+    port=${Port-655}
+    for host in $Address; do
+      if nc -zw 2 $host $port 2>/dev/null; then
+        echo "$name [('$host', $port)]"
+      fi &
+    done
+    wait
+  fi &
+done
+wait
diff --git a/retiolum/bin/get-tinc-dir b/retiolum/bin/get-tinc-dir
new file mode 100755
index 00000000..3f48b2cd
--- /dev/null
+++ b/retiolum/bin/get-tinc-dir
@@ -0,0 +1,9 @@
+#!/bin/ksh
+case `uname -a` in
+  Linux*|CYGWIN*|MING*)   echo "/etc/tinc" 
+  ;;
+  SunOS*|Darwin*)   echo "/usr/local/etc/tinc" 
+  ;;
+  *)        echo "/etc/tinc" 
+  ;;
+esac
diff --git a/retiolum/bin/hosts b/retiolum/bin/hosts
new file mode 100755
index 00000000..4856d494
--- /dev/null
+++ b/retiolum/bin/hosts
@@ -0,0 +1,13 @@
+#! /bin/sh
+set -euf
+
+netname=${1-retiolum}
+
+cd /etc/tinc/$netname/hosts
+
+for i in `ls`; do
+  sed -n '
+    s|^ *Subnet *= *\([^ /]*\)\(/[0-9]*\)\? *$|\1\t'$i'.'$netname' '$i'|p
+  ' $i
+done | sort
+
diff --git a/retiolum/bin/install b/retiolum/bin/install
new file mode 100755
index 00000000..9e4459fb
--- /dev/null
+++ b/retiolum/bin/install
@@ -0,0 +1,18 @@
+#! /bin/sh
+#
+#
+#
+set -euf
+
+trap 'echo "${comment+$comment
+}You are made of stupid!">&2; exit 23' EXIT
+
+if ! test -e /usr/sbin/tincd; then
+  if grep -iq ubuntu /etc/issue; then
+    sudo apt-get install --yes tinc
+  else
+    comment='Install tinc to continue.' exit
+  fi
+fi
+
+trap - EXIT
diff --git a/retiolum/bin/ipv6 b/retiolum/bin/ipv6
new file mode 100755
index 00000000..34c6de71
--- /dev/null
+++ b/retiolum/bin/ipv6
@@ -0,0 +1,35 @@
+#! /bin/sh
+#
+# Manage IPv6 of the retiolum interface.
+#
+# usage: ipv6 {start,stop}
+#
+set -euf
+
+if test `id -u` != 0; then
+  echo "we're going sudo..." >&2
+  exec sudo "$0" "$@"
+  exit 23 # go to hell
+fi
+
+file=/etc/tinc/retiolum/hosts/`hostname`
+addr=`sed -n 's|^Subnet *= *\(42:[0-9A-Fa-f:]*/128\)|\1|p' $file`
+route=42::/16
+
+start() {
+  stop
+  ip -6 addr add $addr dev retiolum
+  ip -6 route add $route dev retiolum
+}
+
+stop() {
+  ip -6 addr del $addr dev retiolum 2>/dev/null || :
+  ip -6 route del $route dev retiolum 2>/dev/null || :
+}
+
+## dispatch
+case "$1" in
+  (start) start;;
+  (stop) stop;;
+  (*) echo "You're made of stupid" 2>/dev/null; exit 23;;
+esac
diff --git a/retiolum/bin/list-known-public-addresses b/retiolum/bin/list-known-public-addresses
new file mode 100755
index 00000000..21b1c389
--- /dev/null
+++ b/retiolum/bin/list-known-public-addresses
@@ -0,0 +1,38 @@
+#! /bin/sh
+#
+# printf '%s %s\n' hostname IP-address for each known public retiolum address
+#
+set -eu
+
+_list_hostname_address() {
+  cd /etc/tinc/retiolum/hosts
+  grep --with-filename '^Address' * |
+  sed -n '
+    s/: */ /
+    s/ *= */ /
+    s/ Address \([a-zA-Z0-9.:_]*\) \?.*/ \1/p'
+}
+_lookup_address() {
+  sed '
+    /:/!{/ [0-9.]*$/!{s/ / `dig +short /;s/$/` \&/}}
+    s/^/echo /
+    $s/$/\nwait/
+  ' | sh
+}
+_filter_public() {
+  sed '
+    # drop private IPv4 addresses
+    / 10\./d
+    / 172\.\(1[6-9]\|2[0-9]\|3[01]\)\./d
+    / 192\.168\./d
+    # TODO drop private IPv6 addresses
+  '
+}
+_filter_online() {
+  awk '
+    {print"nc -zw 2 "$2" 655 2>/dev/null && echo "$1" "$2" &"}
+    END {print"wait"}
+  ' | sh
+}
+
+_list_hostname_address | _lookup_address | _filter_public
diff --git a/retiolum/bin/nodes-to-json b/retiolum/bin/nodes-to-json
new file mode 100644
index 00000000..ca9d3c8c
--- /dev/null
+++ b/retiolum/bin/nodes-to-json
@@ -0,0 +1,37 @@
+#!/usr/bin/python
+
+def parse_hosts_path(path="/etc/tinc/retiolum/hosts"):
+  import os
+  import re
+
+  needle_addr = re.compile("Subnet\s*=\s*(.*)/[0-9]+")
+  needle_port = re.compile("Port\s*=\s*(.*)")
+  for f in os.listdir(path):
+    with open(path+"/"+f) as of:
+      addrs = []
+      port = "655"
+
+      for line in of.readlines():
+
+        addr_found = needle_addr.match(line)
+        if addr_found:
+          addrs.append(addr_found.group(1))
+
+        port_found = needle_port.match(line)
+        if port_found:
+          port = port_found.group(1)
+      
+      if addrs : yield (f ,[(addr ,int(port)) for addr in addrs])
+
+
+
+if __name__ == "__main__":
+  """
+  usage
+  """
+  import json
+  import sys
+  db={}
+  for host,addrs in parse_hosts_path(sys.argv[1] if len(sys.argv) > 2 else "/etc/tinc/retiolum/hosts"):
+    db[host] = addrs
+  print(json.dumps(db))
diff --git a/retiolum/bin/patch-retiolum-hosts b/retiolum/bin/patch-retiolum-hosts
new file mode 100755
index 00000000..69d7b92c
--- /dev/null
+++ b/retiolum/bin/patch-retiolum-hosts
@@ -0,0 +1,13 @@
+#! /bin/sh
+#
+# Apply custom retiolum hosts patches, if any.
+#
+# usage: patch-retiolum-hosts [--reverse]
+#
+set -euf
+
+patch=/etc/tinc/retiolum/hosts.patch
+
+if test -e $patch; then
+  patch -N -d /etc/tinc/retiolum/hosts -r - "$@" < $patch
+fi
diff --git a/retiolum/bin/pgrep-retiolum-tincd-args b/retiolum/bin/pgrep-retiolum-tincd-args
new file mode 100755
index 00000000..19c05fbe
--- /dev/null
+++ b/retiolum/bin/pgrep-retiolum-tincd-args
@@ -0,0 +1,2 @@
+#! /bin/sh
+ps -e -o args | grep -E '(^|[ /])tincd +([^ ].* )?(-n +|--net=)retiolum'
diff --git a/retiolum/bin/restart-tincd b/retiolum/bin/restart-tincd
new file mode 100755
index 00000000..17d939d9
--- /dev/null
+++ b/retiolum/bin/restart-tincd
@@ -0,0 +1,14 @@
+#! /bin/sh
+set -xeuf
+
+PATH="$(dirname $(readlink -f "$0"))${PATH+:$PATH}"
+
+if args="`pgrep-retiolum-tincd-args`"; then
+  while $args --kill; do
+    sleep 1
+  done
+  $args
+else
+  echo "$0: there is no retiolum tincd process to restart" >&2
+  exit 23
+fi
diff --git a/retiolum/bin/supernode-update-hosts-and-hup b/retiolum/bin/supernode-update-hosts-and-hup
new file mode 100755
index 00000000..b6b03c69
--- /dev/null
+++ b/retiolum/bin/supernode-update-hosts-and-hup
@@ -0,0 +1,44 @@
+#! /bin/sh
+#
+# @oxberg we do put this into crontab:
+# * * * * * /supernode-update-hosts-and-hup
+#
+set -euf
+
+cd /etc/tinc/retiolum/hosts
+
+temp1="`mktemp`"
+temp2="`mktemp`"
+trap "rm -f $temp1 $temp2" EXIT INT TERM
+
+old_commit="`cat .commit 2>/dev/null || :`"
+
+_hrefs() {
+  sed -n 's/href="\([^"]\+\)"/\n&\n/gp' |
+      sed -n 's/^href="\([^"]\+\)"$/\1/p'; }
+
+if curl -fsS \
+    "https://github.com/krebscode/painload/tree/master/retiolum/hosts" |
+    _hrefs |
+    grep '^/krebscode/painload/blob/' |
+    grep -v "/blob/$old_commit/" >$temp1
+then
+
+  new_commit=`sed 's|^/krebscode/painload/blob/\([^/]*\)/.*|\1|;q' $temp1`
+
+  sed '
+    s|^/krebscode/painload/blob/[^/]*/retiolum/hosts/\([^/]*\)$|\1|
+  ' $temp1 > $temp2
+
+  xargs rm -v -f <$temp2
+
+  sed "
+    s|^.*$|https://raw.github.com/krebscode/painload/$new_commit/retiolum/hosts/&|
+  " $temp2 > $temp1
+
+  wget -qi- < $temp1
+
+  echo $new_commit > .commit
+
+  pkill -HUP tincd
+fi
diff --git a/retiolum/bin/tinc b/retiolum/bin/tinc
new file mode 100755
index 00000000..ffa1dbee
--- /dev/null
+++ b/retiolum/bin/tinc
@@ -0,0 +1,18 @@
+#! /bin/sh
+#
+set -euf
+
+init() {
+  f=/tmp/retiolum.GraphDumpFile
+  if ! test -f $f; then
+    touch $f &&
+    chown -v tincd: $f
+  fi
+
+  modprobe -v tun
+}
+
+if init; then
+  exec tincd --user=tincd --net=retiolum "$@"
+fi
+
diff --git a/retiolum/bin/tinc2json b/retiolum/bin/tinc2json
new file mode 120000
index 00000000..31bd0775
--- /dev/null
+++ b/retiolum/bin/tinc2json
@@ -0,0 +1 @@
+../scripts/adv_graphgen/tinc_stats/Log2JSON.py
\ No newline at end of file
diff --git a/retiolum/bin/update-retiolum-hosts b/retiolum/bin/update-retiolum-hosts
new file mode 100755
index 00000000..eb57af3f
--- /dev/null
+++ b/retiolum/bin/update-retiolum-hosts
@@ -0,0 +1,14 @@
+#! /bin/sh
+set -euf
+
+if test "${nosudo-false}" != true -a `id -u` != 0; then
+  echo "we're going sudo..." >&2
+  exec sudo "$0" "$@"
+  exit 23 # go to hell
+fi
+
+# cd //retiolum
+cd $(dirname $(readlink -f $0))/..
+
+mkdir -p /etc/tinc/retiolum/hosts
+rsync -va -I --delete hosts/ /etc/tinc/retiolum/hosts/
diff --git a/retiolum/bin/update_tinc_hosts b/retiolum/bin/update_tinc_hosts
new file mode 100755
index 00000000..ce1be497
--- /dev/null
+++ b/retiolum/bin/update_tinc_hosts
@@ -0,0 +1,56 @@
+#! /bin/sh
+set -euf
+
+if test "${nosudo-false}" != true -a `id -u` != 0; then
+  echo "we're going sudo..." >&2
+  exec sudo "$0" "$@"
+  exit 23 # go to hell
+fi
+
+list_hosts="$(
+  basename="`readlink -f "$0"`"
+  bindir="`dirname "$basename"`"
+  echo "$bindir/hosts"
+)"
+hosts() { "$list_hosts"; }
+
+hosts="${hosts-/etc/hosts}"
+
+bs='# BEGIN OF RETIOLUM'
+es='# END OF RETIOLUM'
+
+case "${*-I am made of stupid}" in
+  (start|restart)
+      hosts | egrep  "^(10|42)" | $0 replace magic
+    ;;
+  (stop)
+    $0 clear magic
+    ;;
+  ('print magic')
+    echo "$bs"
+    cat
+    echo "$es"
+    ;;
+  ('create magic')
+    $0 has magic || $0 print magic >> $hosts < /dev/null
+    $0 start
+    ;;
+  ('destroy magic')
+    if $0 has magic; then
+      cache="`cat $hosts`"
+      echo "$cache" | sed "/^$bs$/,/^$es$/d" > $hosts 
+    fi
+    ;;
+  ('has magic')
+    grep -q "^$bs$" $hosts && grep -q "^$es$" $hosts
+    ;;
+  ('replace magic')
+    $0 destroy magic && $0 print magic >> $hosts
+    ;;
+  ('clear magic')
+    $0 replace magic < /dev/null
+    ;;
+  (*)
+    echo 'Error 1: You are made of stupid!' >&2
+    exit 23
+esac