#!/bin/sh
# DHCP Client Exit Hooks
#
# Douglas Thrift
#
# $Id$

tunnelbroker()
{
	local pass=`python -c "import getpass, hashlib; print hashlib.md5(getpass.getpass('tunnelbroker pass: ')).hexdigest()"`
	read -p 'tunnelbroker user_id: ' -r user_id
	read -p 'tunnelbroker tunnel_id: ' -r tunnel_id
	export CURL_CA_BUNDLE=`mktemp -t dhclient`
	cat >$CURL_CA_BUNDLE <<-EOF
	-----BEGIN CERTIFICATE-----
	MIICsTCCAhoCCQC8IBpX67SYlzANBgkqhkiG9w0BAQQFADCBnDELMAkGA1UEBhMC
	VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEDAOBgNVBAcTB0ZyZW1vbnQxIDAeBgNV
	BAoTF0h1cnJpY2FuZSBFbGVjdHJpYywgTExDMQ0wCwYDVQQLEwRJUFY2MRkwFwYD
	VQQDExB0dW5uZWxicm9rZXIubmV0MRowGAYJKoZIhvcNAQkBFgtpbmZvQGhlLm5l
	dDAeFw0wNzA3MTEwMTM1MzFaFw0xNzA3MDgwMTM1MzFaMIGcMQswCQYDVQQGEwJV
	UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEQMA4GA1UEBxMHRnJlbW9udDEgMB4GA1UE
	ChMXSHVycmljYW5lIEVsZWN0cmljLCBMTEMxDTALBgNVBAsTBElQVjYxGTAXBgNV
	BAMTEHR1bm5lbGJyb2tlci5uZXQxGjAYBgkqhkiG9w0BCQEWC2luZm9AaGUubmV0
	MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXJHwlKn5pdUqFAZGGYI8sluS+
	luS2NiihelZTXAGkE8hrlkS3Xj3AYLknddWgcoTXVMlI9LK0tEQMPZBIV/QXjXHq
	HvhOb4hoT14w+VbySPRXGDqUiakJYBnNFZiIR8OA51AwM9+pUZGkNEAJYMXE+Th8
	euta8zxjPS0kEgjGbwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAFVFliiWM802HDqY
	loveIJOZdcnXhpQuYmnDgHHC9PAadOVcYzdkkmBoQ1APSfugkHEc7zc/vzjiMlVs
	62PFaqFxi692CknGCnwyCn+Hm/PFWx+YnOyNLCji2oOYbTZre97n5iZKrOk/hJZO
	y7bsxRNdmUWgy0urugi331F9y7cf
	-----END CERTIFICATE-----
	EOF
	curl -4 "https://tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$pass&user_id=$user_id&tunnel_id=$tunnel_id"
	echo
	rm $CURL_CA_BUNDLE
	unset CURL_CA_BUNDLE
	if ! grep -q "^gifconfig_${tunnelbroker_gif:=gif0}=\"$new_ip_address $tunnelbroker_server\"$" /etc/rc.conf; then
		sed -Ee "s/^(gifconfig_$tunnelbroker_gif=\").*( $tunnelbroker_server\")$/\1$new_ip_address\2/" -i '' /etc/rc.conf
		ifconfig $tunnelbroker_gif tunnel $new_ip_address $tunnelbroker_server
	fi
}

dns()
{
	read -p 'dns key: ' -r key
	read -p 'dns secret: ' -r secret
	nsupdate -d <<-EOF
	key $key $secret
	update delete $hostname A
	update add $hostname 300 A $new_ip_address
	send
	EOF
}

case ${reason:=RENEW} in
BOUND|RENEW|REBIND|REBOOT)
	case `hostname -s` in
	justonenight)
		hostname='ellwoodbeach.douglasthrift.net'
		tunnelbroker_server='66.220.18.42'
		;;
	backhome)
		hostname='mustang.douglasthrift.net'
		tunnelbroker_server='66.220.18.42'
		;;
	esac

	: ${new_ip_address:=`host -t a $hostname | cut -d ' ' -f 4`}

	[ -n "$tunnelbroker_server" ] && tunnelbroker

	dns
	;;
esac