#! /bin/sh -e

##
## THIS FILE IS UNDER PUPPET CONTROL. DON'T EDIT IT HERE.
## USE: git clone git+ssh://$USER@puppet.debian.org/srv/puppet.debian.org/git/dsa-puppet.git
##

### BEGIN INIT INFO
# Provides:          stunnel4
# Required-Start:    $local_fs $remote_fs
# Required-Stop:     $local_fs $remote_fs
# Should-Start:      $syslog
# Should-Stop:       $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start or stop stunnel 4.x (SSL tunnel for network daemons)
### END INIT INFO

DEFAULTPIDFILE="/var/run/stunnel4.pid"
DAEMON=/usr/bin/stunnel4
NAME=stunnel
DESC="SSL tunnels"
OPTIONS=""
ENABLED=0

ulimit -n 4096

if [ -n "${2:-}" ]; then
	if [ -e "/etc/stunnel/$2.conf" ]; then
		FILES="/etc/stunnel/$2.conf"
	else
		echo >&2 "/etc/stunnel/$2.conf does not exist."
		exit 1
	fi
else
	FILES="/etc/stunnel/*.conf"
fi

get_pids() {
   local file=$1
   if test -f $file; then
     CHROOT=`grep "^chroot" $file|sed "s;.*= *;;"`
     PIDFILE=`grep "^pid" $file|sed "s;.*= *;;"`
     if [ "$PIDFILE" = "" ]; then
       PIDFILE=$DEFAULTPIDFILE
     fi
     if test -f $CHROOT/$PIDFILE; then
       cat $CHROOT/$PIDFILE
     fi
   fi
}

startdaemons() {
  if ! [ -d /var/run/stunnel4 ]; then
    rm -rf /var/run/stunnel4
    install -d -o stunnel4 -g stunnel4 /var/run/stunnel4
  fi
  for file in $FILES; do 
    if test -f $file; then
      ARGS="$file $OPTIONS"
      PROCLIST=`get_pids $file`
      if [ "$PROCLIST" ] && kill -0 $PROCLIST 2>/dev/null; then
        echo -n "[Already running: $file] "
      elif $DAEMON $ARGS; then
	echo -n "[Started: $file] "
      else
	echo "[Failed: $file]"
	echo "You should check that you have specified the pid= in you configuration file"
	exit 1
      fi
    fi
  done;
}

killdaemons()
{
  for file in $FILES; do
    PROCLIST=`get_pids $file`
    for p in $PROCLIST; do
      #start-stop-daemon --stop --retry 30 --pid "$p"
      # start-stop-daemon in wheezy does not have a --pid yet, it interprets it as --pidfile
      kill "$p"
      c=150
      while [ "$c" -gt 0 ] && kill -0 "$p" 2> /dev/null ; do
        sleep 0.20
        c=$((c - 1))
        [ "$((c % 5))" = 0 ] && echo -n .
      done
      if kill -0 "$p" 2> /dev/null; then kill -9 "$p"; fi
      echo -n "[stopped: $file] "
    done
  done
}

if [ "x$OPTIONS" != "x" ]; then
  OPTIONS="-- $OPTIONS"
fi

test -f /etc/default/stunnel4 && . /etc/default/stunnel4
if [ "$ENABLED" = "0" ] ; then
  echo "$DESC disabled, see /etc/default/stunnel4"
  exit 0
fi

test -x $DAEMON || exit 0

set -e

case "$1" in
  start)
        echo -n "Starting $DESC: "
        startdaemons
        echo "$NAME."
        ;;
  stop)
        echo -n "Stopping $DESC: "
        killdaemons
        echo "$NAME."
        ;;
#force-reload does not send a SIGHUP, since SIGHUP is interpreted as a 
#quit signal by stunnel. I reported this problem to upstream authors.
  force-reload|restart)
        echo -n "Restarting $DESC: "
        killdaemons
        #sleep 5
        startdaemons
        echo "$NAME."
        ;;
  *)
        N=/etc/init.d/$NAME
        echo "Usage: $N {start|stop|force-reload|restart} [<stunnel instance>]" >&2
        exit 1
        ;;
esac

exit 0