package/gluon-mesh-layer3-common/luasrc/lib/gluon/upgrade/250-layer3-ip6

+#!/usr/bin/lua
+
+local sysconfig = require 'gluon.sysconfig'
+local uci = require('simple-uci').cursor()
+local site = require 'gluon.site'
+local iputil = require 'gluon.iputil'
+
+local ip = iputil.mac_to_ip(site.node_prefix6(), sysconfig.primary_mac)
+
+uci:set('network', 'loopback', 'ip6addr', ip)
+uci:save('network')

package/gluon-mesh-layer3-common/luasrc/lib/gluon/upgrade/310-layer3-firewall

+#!/usr/bin/lua
+
+local uci = require('simple-uci').cursor()
+
+uci:section('firewall', 'forwarding', 'fcc', {
+	src = 'loc_client',
+	dest = 'loc_client',
+})
+
+uci:section('firewall', 'forwarding', 'fcm', {
+	src = 'loc_client',
+	dest = 'mesh',
+})
+
+uci:section('firewall', 'forwarding', 'fmc', {
+	src = 'mesh',
+	dest = 'loc_client',
+})
+
+uci:section('firewall', 'forwarding', 'fmm', {
+	src = 'mesh',
+	dest = 'mesh',
+})
+
+uci:save('firewall')

package/gluon-mesh-layer3-common/luasrc/usr/lib/lua/gluon/l3.lua

+local util = require("gluon.util")
+
+local M = {}
+
+-- returns a prefix generated from the domain-seed
+-- for l3roamd -P <node-client-prefix>
+function M.node_client_prefix6()
+	local key = "gluon-l3roamd.node_client_prefix6"
+	local prefix_seed = util.domain_seed_bytes(key, 7)
+	return (("fd" .. prefix_seed):gsub(("(%x%x%x%x)"):rep(4), "%1:%2:%3:%4" .. "::/64"))
+end
+
+return M

package/gluon-mesh-olsrd/Makefile

+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=gluon-mesh-olsrd
+PKG_VERSION=1
+
+include ../gluon.mk
+
+define Package/gluon-mesh-olsrd
+	TITLE:=olsrd mesh
+	DEPENDS:= \
+		+gluon-core \
+		@IPV6 \
+		+oonf-olsrd2 \
+		+firewall \
+		+gluon-mesh-layer3-common \
+		+gluon-l3roamd
+	PROVIDES:=gluon-mesh-provider
+endef
+
+$(eval $(call BuildPackageGluon,gluon-mesh-olsrd))

package/gluon-mesh-olsrd/check_site.lua

+need_table({'mesh', 'olsrd', 'v2', 'config'}, nil, false)

package/gluon-mesh-olsrd/files/lib/gluon/core/mesh/post-setup.d/30-reload-olsr

+#!/bin/sh
+
+reload_running() {
+	if [ -x /etc/init.d/"$1" ] && /etc/init.d/"$1" enabled && /etc/init.d/"$1" running; then
+		echo "(post-setup.d:$IFNAME) Reloading $1..."
+		/etc/init.d/"$1" reload
+	fi
+}
+
+reload_running olsrd2

package/gluon-mesh-olsrd/files/lib/gluon/core/mesh/teardown.d/70-reload-olsr

+#!/bin/sh
+
+reload_running() {
+	if [ -x /etc/init.d/"$1" ] && /etc/init.d/"$1" enabled && /etc/init.d/"$1" running; then
+		echo "(teardown.d:$IFNAME) Reloading $1..."
+		/etc/init.d/"$1" reload
+	fi
+}
+
+reload_running olsrd2

package/gluon-mesh-olsrd/files/usr/lib/autoupdater/abort.d/10olsrd

+#!/bin/sh
+
+# shellcheck source=package/gluon-autoupdater/files/lib/gluon/autoupdater/lib.sh
+. /lib/gluon/autoupdater/lib.sh
+
+
+start_enabled olsrd2
+wifi up

package/gluon-mesh-olsrd/files/usr/lib/autoupdater/upgrade.d/10olsrd

+#!/bin/sh
+
+# shellcheck source=package/gluon-autoupdater/files/lib/gluon/autoupdater/lib.sh
+. /lib/gluon/autoupdater/lib.sh
+
+
+stop olsrd2
+wifi down

package/gluon-mesh-olsrd/luasrc/lib/gluon/upgrade/360-gluon-mesh-olsrd-setup-intf

+#!/usr/bin/lua
+
+local uci = require('simple-uci').cursor()
+local site = require 'gluon.site'
+local util = require 'gluon.util'
+local wireless = require 'gluon.wireless'
+local l3 = require 'gluon.l3'
+
+local mesh_interfaces = util.get_role_interfaces(uci, 'mesh')
+local uplink_interfaces = util.get_role_interfaces(uci, 'uplink')
+local client_interfaces = util.get_role_interfaces(uci, 'client')
+
+local mesh_interfaces_uplink = {}
+local mesh_interfaces_client = {}
+local mesh_interfaces_other = {}
+for _, iface in ipairs(mesh_interfaces) do
+	if util.contains(uplink_interfaces, iface) then
+		table.insert(mesh_interfaces_uplink, iface)
+	elseif util.contains(client_interfaces, iface) then
+		table.insert(mesh_interfaces_client, iface)
+	else
+		table.insert(mesh_interfaces_other, iface)
+	end
+end
+
+local intf = {
+	wired_mesh = {},
+	vpn_mesh = {},
+	radio_mesh = {},
+}
+
+intf.all_intfs = {}
+
+for _, l in ipairs({ intf.wired_mesh, intf.vpn_mesh, intf.radio_mesh }) do
+	for _, n in ipairs(l) do
+		table.insert(intf.all_intfs, n)
+	end
+end
+
+-- get all mesh radios and mesh lans and then add them to olsrd
+wireless.foreach_radio(uci, function(radio, _, _)
+	local radio_name = radio['.name']
+	table.insert(intf.radio_mesh, 'mesh_' .. radio_name)
+end)
+
+if pcall(function() require 'gluon.mesh-vpn' end) then
+	local vpn_core = require 'gluon.mesh-vpn'
+
+	if vpn_core.enabled() then
+		-- mesh_vpn is a interface that has the right ifname
+		-- we can't use mesh-vpn (dash instead of underscore) since it's not a uci interface
+		table.insert(intf.vpn_mesh, 'mesh_vpn')
+	end
+end
+
+
+local has_uplink_mesh = false
+local has_other_mesh = false
+
+for _,i in pairs(mesh_interfaces) do
+	if util.contains(uplink_interfaces, i) then
+		has_uplink_mesh = true
+	else
+		has_other_mesh = true
+	end
+end
+
+if has_uplink_mesh then
+	table.insert(intf.wired_mesh, 'mesh_uplink')
+end
+
+if has_other_mesh then
+	table.insert(intf.wired_mesh, 'mesh_other')
+end
+
+uci:delete_all('olsrd2', 'interface')
+uci:delete_all('olsrd2', 'lan_import')
+
+if site.mesh.olsrd.v2.enable(true) then
+	os.execute('/etc/init.d/olsrd2 enable')
+
+	local addrs = { }
+	local lan = nil
+	local orig = { }
+	local cfg = site.mesh.olsrd.v2
+
+	-- set global config
+	local olsr2Config = {
+		failfast = 'no',
+		pidfile = '/var/run/olsrd2.pid',
+		lockfile = '/var/lock/olsrd2'
+	}
+
+	local extraConf = cfg.config()
+	if extraConf then
+		for k, _ in pairs(extraConf) do
+			olsr2Config[k] = extraConf[k]
+		end
+	end
+
+	uci:delete_all('olsrd2', 'global')
+	uci:section('olsrd2', 'global', 'global', olsr2Config)
+
+	uci:delete_all('olsrd2', 'telnet')
+	uci:section('olsrd2', 'telnet', 'telnet', {
+
+	})
+
+	uci:delete_all('olsrd2', 'http')
+	uci:section('olsrd2', 'http', 'http', {
+
+	})
+
+	if cfg.lan() then
+		lan = cfg.lan()
+	end
+
+	table.insert(addrs, '-127.0.0.1/8')
+	table.insert(addrs, '-::1/128')
+	local addr = uci:get('network', 'loopback', 'ip6addr')
+	table.insert(orig, addr)
+
+	table.insert(addrs, 'default_accept')
+	table.insert(orig, 'default_reject')
+
+	local client_ranges_v6 = {}
+	local l3roamd_ranges = {}
+
+	table.insert(client_ranges_v6, site.prefix6())
+	table.insert(client_ranges_v6, 'default_reject')
+
+	table.insert(l3roamd_ranges, l3.node_client_prefix6())
+	table.insert(l3roamd_ranges, 'default_reject')
+
+	uci:delete_all('olsrd2', 'olsrv2')
+	uci:section('olsrd2', 'olsrv2', nil, {
+		originator = orig,
+		lan = lan,
+	})
+
+	if #intf.wired_mesh then
+		uci:section('olsrd2', 'interface', 'wired_mesh', {
+			ifname = intf.wired_mesh,
+			bindto = addrs,
+		})
+	end
+
+	if #intf.vpn_mesh then
+		uci:section('olsrd2', 'interface', 'vpn_mesh', {
+			ifname = intf.vpn_mesh,
+			bindto = addrs,
+		})
+	end
+
+	if #intf.radio_mesh then
+		uci:section('olsrd2', 'interface', 'radio_mesh', {
+			ifname = intf.radio_mesh,
+			bindto = addrs,
+		})
+	end
+
+	local loopback_addrs = {
+		uci:get('network', 'loopback', 'ip6addr'),
+		'default_reject',
+	}
+
+	uci:section('olsrd2', 'interface', 'loopback', {
+		ifname = { 'loopback' },
+		routeable = loopback_addrs,
+		bindto = loopback_addrs,
+	})
+
+	uci:section('olsrd2', 'lan_import', 'l3roamd_clients_v6', {
+		name = 'l3roamd_clients_v6',
+		matches = client_ranges_v6,
+		prefix_length = 128,
+		protocol = 158, -- l3roamd
+	})
+
+	-- This does not work as olsrv2 rejects any addresses from loopback
+	-- as that is already a mesh interface
+	-- l3roamd works fine without, as wifi disassociation events still notify
+	-- the daemon and remove the routes
+	--uci:section('olsrd2', 'lan_import', 'l3roamd_prefix', {
+	--	name = 'l3roamd_ranges',
+	--	matches = l3roamd_ranges,
+	--})
+
+	uci:section('firewall', 'rule', 'allow_olsr2_mesh', {
+		src = 'mesh',
+		dest_port = '269',
+		proto = 'udp',
+		target = 'ACCEPT',
+	})
+else
+	-- site.mesh.olsrd.v2.enable false
+	os.execute('/etc/init.d/olsrd2 disable')
+	uci:delete('firewall', 'allow_olsr2_mesh')
+end
+uci:save('olsrd2')
+uci:save('firewall')
+uci:save('network')

package/gluon-mesh-olsrd/luasrc/lib/gluon/upgrade/370-gluon-mesh-olsrd-setup-fw

+#!/usr/bin/lua
+
+local uci = require('simple-uci').cursor()
+local util = require 'gluon.util'
+
+local networks = uci:get_list('firewall', 'drop', 'network')
+util.remove_from_set(networks, 'client')
+uci:set_list('firewall', 'drop', 'network', networks)
+
+uci:save('firewall')

package/gluon-mesh-vpn-core/Makefile

 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=gluon-mesh-vpn-core
-PKG_VERSION:=1
 
 include ../gluon.mk
 
 define Package/gluon-mesh-vpn-core
   TITLE:=Basic support for connecting meshes via VPN tunnels
-  DEPENDS:=+gluon-core +gluon-wan-dnsmasq +iptables +iptables-mod-extra +simple-tc \
-	+@GLUON_SPECIALIZE_KERNEL:KERNEL_NETFILTER_XT_MATCH_ADDRTYPE \
-	+@GLUON_SPECIALIZE_KERNEL:KERNEL_NETFILTER_XT_MATCH_OWNER \
-	+@GLUON_SPECIALIZE_KERNEL:KERNEL_NETFILTER_XT_MATCH_PKTTYPE \
-	+@GLUON_SPECIALIZE_KERNEL:KERNEL_NETFILTER_XT_MATCH_QUOTA \
-	+@GLUON_SPECIALIZE_KERNEL:KERNEL_NET_CLS_BASIC \
-	+@GLUON_SPECIALIZE_KERNEL:KERNEL_NET_SCH_TBF \
-	+@GLUON_SPECIALIZE_KERNEL:KERNEL_NET_SCH_INGRESS
+  DEPENDS:=+gluon-core +gluon-wan-dnsmasq +iptables-zz-legacy +iptables-mod-extra
   USERID:=:gluon-mesh-vpn=800
 endef
 

package/gluon-mesh-vpn-core/check_site.lua

 need_boolean(in_site({'mesh_vpn', 'enabled'}), false)
-need_number({'mesh_vpn', 'mtu'})
 need_boolean(in_site({'mesh_vpn', 'pubkey_privacy'}), false)
 
 need_boolean(in_site({'mesh_vpn', 'bandwidth_limit', 'enabled'}), false)

package/gluon-mesh-vpn-core/luasrc/lib/gluon/mesh-vpn/update-config

+#!/usr/bin/lua
+
+local uci = require('simple-uci').cursor()
+local vpn_name, vpn = require('gluon.mesh-vpn').get_active_provider()
+
+local vpn_config = {
+	enabled = uci:get_bool('gluon', 'mesh_vpn', 'enabled'),
+	limit_enabled = uci:get_bool('gluon', 'mesh_vpn', 'limit_enabled'),
+	limit_egress = uci:get('gluon', 'mesh_vpn', 'limit_egress'),
+	limit_ingress = uci:get('gluon', 'mesh_vpn', 'limit_ingress'),
+}
+
+if vpn_name ~= 'fastd' then
+	uci:set('fastd', 'mesh_vpn', 'enabled', false)
+	uci:save('fastd')
+end
+
+vpn.enable(vpn_config.enabled)
+if vpn_config.limit_enabled then
+	vpn.set_limit(vpn_config.limit_ingress, vpn_config.limit_egress)
+else
+	vpn.set_limit(nil, nil)
+end
+

package/gluon-mesh-vpn-core/luasrc/lib/gluon/upgrade/500-mesh-vpn

 #!/usr/bin/lua
 
 local site = require 'gluon.site'
-local users = require 'gluon.users'
 local util = require 'gluon.util'
 
 local uci = require('simple-uci').cursor()
-local unistd = require 'posix.unistd'
 
+local vpn_core = require 'gluon.mesh-vpn'
+local _, active_vpn = vpn_core.get_active_provider()
 
 uci:section('network', 'interface', 'mesh_vpn', {
-	ifname = 'mesh-vpn',
+	ifname = vpn_core.get_interface(),
 	proto = 'gluon_mesh',
-	transitive = true,
 	fixed_mtu = true,
-	macaddr = util.generate_mac(7),
-	mtu = site.mesh_vpn.mtu(),
+	macaddr = util.generate_mac_by_name('mesh_vpn'),
+	mtu = active_vpn.mtu(),
 })
 
 uci:save('network')
 
 
-if unistd.access('/etc/config/gluon-simple-tc') then
-	os.rename('/etc/config/gluon-simple-tc', '/etc/config/simple-tc')
-end
-
-if not uci:get('simple-tc', 'mesh_vpn') then
-	uci:section('simple-tc', 'interface', 'mesh_vpn', {
-		ifname = 'mesh-vpn',
-		enabled = site.mesh_vpn.bandwidth_limit.enabled(false),
-		limit_ingress = site.mesh_vpn.bandwidth_limit.ingress(),
-		limit_egress = site.mesh_vpn.bandwidth_limit.egress(),
-	})
-	uci:save('simple-tc')
-end
-
-
--- The previously used user and group are removed, we now have a generic group
-users.remove_user('gluon-fastd')
-users.remove_group('gluon-fastd')
-
 uci:section('firewall', 'include', 'mesh_vpn_dns', {
 	type = 'restore',
 	path = '/lib/gluon/mesh-vpn/iptables.rules',
@@ -47,44 +27,21 @@ uci:section('firewall', 'include', 'mesh_vpn_dns', {
 
 uci:save('firewall')
 
+-- Inital VPN setup
+if not uci:get('gluon', 'mesh_vpn') then
+	local enabled = site.mesh_vpn.enabled(false)
 
--- VPN migration
-local has_fastd = unistd.access('/lib/gluon/mesh-vpn/fastd')
-local fastd_enabled = uci:get('fastd', 'mesh_vpn', 'enabled')
+	local limit_enabled = site.mesh_vpn.bandwidth_limit.enabled(false)
+	local limit_ingress = site.mesh_vpn.bandwidth_limit.ingress()
+	local limit_egress = site.mesh_vpn.bandwidth_limit.egress()
 
-local has_tunneldigger = unistd.access('/lib/gluon/mesh-vpn/tunneldigger')
-local tunneldigger_enabled = uci:get('tunneldigger', 'mesh_vpn', 'enabled')
-
-local enabled
-
--- If the installed VPN package has its enabled state set, keep the value
-if has_fastd and fastd_enabled then
-	enabled = fastd_enabled == '1'
-elseif has_tunneldigger and tunneldigger_enabled then
-	enabled = tunneldigger_enabled == '1'
--- Otherwise, migrate the other package's value if any is set
-elseif fastd_enabled or tunneldigger_enabled then
-	enabled = fastd_enabled == '1' or tunneldigger_enabled == '1'
--- If nothing is set, use the default
-else
-	enabled = site.mesh_vpn.enabled(false)
-end
-
-if has_fastd then
-	uci:set('fastd', 'mesh_vpn', 'enabled', enabled)
-else
-	uci:delete('fastd', 'mesh_vpn')
+	uci:section('gluon', 'mesh_vpn', 'mesh_vpn', {
+		enabled = enabled,
+		limit_enabled = limit_enabled,
+		limit_ingress = limit_ingress,
+		limit_egress = limit_egress,
+	})
+	uci:save('gluon')
 end
-uci:save('fastd')
 
-if has_tunneldigger then
-	uci:set('tunneldigger', 'mesh_vpn', 'enabled', enabled)
-	if site.mesh_vpn.bandwidth_limit.enabled(false) then
-		uci:set('tunneldigger', 'mesh_vpn', 'limit_bw_down', site.mesh_vpn.bandwidth_limit.ingress())
-		uci:set('simple-tc', 'mesh_vpn', 'limit_ingress', 0)
-		uci:save('simple-tc')
-	end
-else
-	uci:delete('tunneldigger', 'mesh_vpn')
-end
-uci:save('tunneldigger')
+os.execute('exec /lib/gluon/mesh-vpn/update-config')

package/gluon-mesh-vpn-core/luasrc/usr/bin/gluon-wan-dns

+#!/usr/bin/lua
+
+local GROUP = 'gluon-mesh-vpn'
+
+local grp = require 'posix.grp'
+local unistd = require 'posix.unistd'
+
+if #arg < 1 then
+	io.stderr:write('Usage: gluon-wan-dns <command> ...\n')
+	os.exit(1)
+end
+
+local g = grp.getgrnam(GROUP)
+if not g then
+	io.stderr:write(string.format("gluon-wan-dns: unable to find group '%s'\n", GROUP))
+	os.exit(1)
+end
+
+local ok, err = unistd.setpid('g', g.gr_gid)
+if ok ~= 0 then
+	io.stderr:write(string.format("gluon-wan-dns: unable to change to group: %s\n", err))
+	os.exit(1)
+end
+local args = {[0] = arg[1], unpack(arg)}
+table.remove(args, 1)
+
+local _
+_, err = unistd.execp(args[0], args)
+
+io.stderr:write(string.format("gluon-wan-dns: exec failed: %s\n", err))
+os.exit(1)

package/gluon-mesh-vpn-core/luasrc/usr/lib/lua/gluon/mesh-vpn.lua

+local uci = require('simple-uci').cursor()
+
+local util = require 'gluon.util'
+
+local M = {}
+
+function M.enabled()
+	return uci:get_bool('gluon', 'mesh_vpn', 'enabled')
+end
+
+function M.enable(val)
+	return uci:set('gluon', 'mesh_vpn', 'enabled', val)
+end
+
+function M.get_interface()
+	return 'mesh-vpn'
+end
+
+function M.get_provider(name)
+	return require('gluon.mesh-vpn.provider.' .. name)
+end
+
+function M.get_provider_names()
+	local out = {}
+
+	for _, v in ipairs(util.glob('/lib/gluon/mesh-vpn/provider/*')) do
+		table.insert(out, v:match('([^/]+)$'))
+	end
+
+	return out
+end
+
+function M.get_active_provider()
+	-- Active provider is the provider in use
+	-- by the currently active site / domain
+
+	for _, name in ipairs(M.get_provider_names()) do
+		local provider = M.get_provider(name)
+		if provider.active() then
+			return name, provider
+		end
+	end
+
+	return nil, nil
+end
+
+return M

package/gluon-mesh-vpn-core/src/Makefile

+all: respondd.so
+
+CFLAGS += -Wall -Werror-implicit-function-declaration
+
+respondd.so: respondd.c
+	$(CC) $(CPPFLAGS) $(CFLAGS) $(LDFLAGS) -shared -fPIC -D_GNU_SOURCE -o $@ $^ $(LDLIBS) -lgluonutil -luci

package/gluon-mesh-vpn-core/src/respondd.c

+/* SPDX-FileCopyrightText: 2021, Aiyion <gluon@aiyionpri.me> */
+/* SPDX-FileCopyrightText: 2016, Matthias Schiffer <mschiffer@universe-factory.net> */
+/* SPDX-License-Identifier: BSD-2-Clause */
+
+#include <respondd.h>
+
+#include <stdbool.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <json-c/json.h>
+#include <libgluonutil.h>
+#include <uci.h>
+
+
+static struct json_object * get_bandwidth_limit(void) {
+	bool enabled = false;
+	int egress = -1;
+	int ingress = -1;
+
+	struct json_object *ret = json_object_new_object();
+
+	struct uci_context *ctx = uci_alloc_context();
+	if (!ctx)
+		goto disabled;
+	ctx->flags &= ~UCI_FLAG_STRICT;
+
+	struct uci_package *p;
+	if (uci_load(ctx, "gluon", &p))
+		goto disabled;
+
+	struct uci_section *s = uci_lookup_section(ctx, p, "mesh_vpn");
+	if (!s)
+		goto disabled;
+
+	const char *enabled_str = uci_lookup_option_string(ctx, s, "limit_enabled");
+	if (enabled_str && strcmp(enabled_str, "1"))
+		goto disabled;
+
+	enabled = true;
+
+	const char *egress_str = uci_lookup_option_string(ctx, s, "limit_egress");
+	if (egress_str && strcmp(egress_str, "-"))
+		egress = atoi(egress_str);
+
+	const char *ingress_str = uci_lookup_option_string(ctx, s, "limit_ingress");
+	if (ingress_str && strcmp(ingress_str, "-"))
+		ingress = atoi(ingress_str);
+
+	if (egress >= 0)
+		json_object_object_add(ret, "egress", json_object_new_int(egress));
+	if (ingress >= 0)
+		json_object_object_add(ret, "ingress", json_object_new_int(ingress));
+
+disabled:
+	if (ctx)
+		uci_free_context(ctx);
+
+	json_object_object_add(ret, "enabled", json_object_new_boolean(enabled));
+	return ret;
+}
+
+char * read_stdout(const char *command) {
+	FILE *f = popen(command, "r");
+	if (!f)
+		return NULL;
+
+	char *line = NULL;
+	size_t len = 0;
+
+	ssize_t r = getline(&line, &len, f);
+
+	pclose(f);
+
+	if (r < 0) {
+		free(line);
+		return NULL;
+	}
+
+	/* The len given by getline is the buffer size, not the string length */
+	len = strlen(line);
+
+	if (len && line[len-1] == '\n')
+		line[len-1] = 0;
+
+	return line;
+}
+
+static struct json_object * get_mesh_vpn_enabled() {
+	int enabled = -1;
+	char *line = read_stdout("exec lua -e 'print(require(\"gluon.mesh-vpn\").enabled())'");
+
+	if (!line)
+		return NULL;
+
+	if (!strcmp(line, "true"))
+		enabled = 1;
+	if (!strcmp(line, "false"))
+		enabled = 0;
+	free(line);
+
+	if (enabled < 0)
+		return NULL;
+
+	struct json_object *ret = json_object_new_boolean((json_bool)enabled);
+	return ret;
+}
+
+static struct json_object * get_active_vpn_provider() {
+	char *line = read_stdout("exec lua -e 'name, _ = require(\"gluon.mesh-vpn\").get_active_provider(); print(name)'");
+
+	if (line && !strcmp(line, "nil")) {
+		free(line);
+		return NULL;
+	}
+
+	return gluonutil_wrap_and_free_string(line);
+}
+
+static struct json_object * respondd_provider_nodeinfo(void) {
+	struct json_object *ret = json_object_new_object();
+	struct json_object *network = json_object_new_object();
+	struct json_object *mesh_vpn = json_object_new_object();
+
+	json_object_object_add(mesh_vpn, "bandwidth_limit", get_bandwidth_limit());
+	json_object_object_add(mesh_vpn, "provider", get_active_vpn_provider());
+	json_object_object_add(mesh_vpn, "enabled", get_mesh_vpn_enabled());
+	json_object_object_add(network, "mesh_vpn", mesh_vpn);
+	json_object_object_add(ret, "network", network);
+
+	return ret;
+}
+
+const struct respondd_provider_info respondd_providers[] = {
+	{"nodeinfo", respondd_provider_nodeinfo},
+	{},
+	{}
+};