FreeBSD Bugzilla – Attachment 201208 Details for
Bug 234648
security/strongswan: start/stop/reload modern vici-based configurations
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch set type #2 for security/strongswan (rev 1)
security_strongswan.diff (text/plain), 4.11 KB, created by
Please Delete
on 2019-01-17 13:53:48 UTC
(
hide
)
Description:
Patch set type #2 for security/strongswan (rev 1)
Filename:
MIME Type:
Creator:
Please Delete
Created:
2019-01-17 13:53:48 UTC
Size:
4.11 KB
patch
obsolete
>diff -ruN security/strongswan.orig/Makefile security/strongswan/Makefile >--- security/strongswan.orig/Makefile 2018-10-02 07:00:10.000000000 -0400 >+++ security/strongswan/Makefile 2019-01-14 19:05:57.370826000 -0500 >@@ -3,6 +3,7 @@ > > PORTNAME= strongswan > PORTVERSION= 5.7.1 >+PORTREVISION= 1 > CATEGORIES= security > MASTER_SITES= http://download.strongswan.org/ \ > http://download2.strongswan.org/ >@@ -14,7 +15,7 @@ > LICENSE_FILE= ${WRKSRC}/LICENSE > > USES= cpe libtool:keepla pkgconfig tar:bzip2 ssl >-USE_RC_SUBR= strongswan >+USE_RC_SUBR= strongswan strongswan_swanctl > GNU_CONFIGURE= yes > USE_LDCONFIG= ${PREFIX}/lib/ipsec > INSTALL_TARGET= install-strip >diff -ruN security/strongswan.orig/files/strongswan.in security/strongswan/files/strongswan.in >--- security/strongswan.orig/files/strongswan.in 2018-10-02 06:58:37.000000000 -0400 >+++ security/strongswan/files/strongswan.in 2019-01-16 15:18:39.317149000 -0500 >@@ -4,34 +4,31 @@ > > # PROVIDE: strongswan > # REQUIRE: DAEMON >-# BEFORE: LOGIN >+# BEFORE: LOGIN strongswan_swanctl > # KEYWORD: shutdown > >+# strongswan_enable (bool): Set it to "YES" to enable strongswan >+# Default is "NO" >+# >+ > . /etc/rc.subr > > name=strongswan >+desc="Strongswan IPsec startup script" > rcvar=strongswan_enable > >-extra_commands="reload statusall" >- > load_rc_config $name > >-command="%%PREFIX%%/sbin/ipsec" >+: ${strongswan_enable:=NO} >+ >+command=%%PREFIX%%/sbin/ipsec >+ >+extra_commands="reload statusall" > >-start_precmd="strongswan_precmd" >-stop_cmd="strongswan_cmd" >-status_cmd="strongswan_cmd" >-reload_cmd="strongswan_cmd" >-statusall_cmd="strongswan_cmd" >- >-strongswan_precmd() >-{ >- command_args=${rc_arg} >-} >- >-strongswan_cmd() >-{ >- ${command} ${rc_arg} >-} >+start_precmd=command_args=start >+stop_cmd="${command} stop" >+status_cmd="${command} status" >+reload_cmd="${command} reload" >+statusall_cmd="${command} statusall" > > run_rc_command "$1" >diff -ruN security/strongswan.orig/files/strongswan_swanctl.in security/strongswan/files/strongswan_swanctl.in >--- security/strongswan.orig/files/strongswan_swanctl.in 1969-12-31 19:00:00.000000000 -0500 >+++ security/strongswan/files/strongswan_swanctl.in 2019-01-16 15:59:19.193481000 -0500 >@@ -0,0 +1,78 @@ >+#!/bin/sh >+# Start or stop strongswan using swanctl >+# $FreeBSD$ >+ >+# PROVIDE: strongswan_swanctl >+# REQUIRE: DAEMON >+# BEFORE: LOGIN >+# KEYWORD: shutdown >+ >+# strongswan_swanctl_enable (bool): Set it to "YES" to enable strongswan swanctl >+# Default is "NO" >+ >+. /etc/rc.subr >+ >+name=strongswan_swanctl >+desc="Start or stop strongswan using swanctl" >+rcvar=strongswan_swanctl_enable >+ >+load_rc_config $name >+ >+: ${strongswan_swanctl_enable:=NO} >+ >+charon_command=%%PREFIX%%/libexec/ipsec/charon >+charon_pidfile=/var/run/charon.pid >+swanctl_command=%%PREFIX%%/sbin/swanctl >+ >+command=/usr/sbin/daemon >+pidfile=/var/run/daemon-charon.pid >+command_args="-S -P ${pidfile} ${charon_command} --use-syslog" >+ >+required_files=${charon_command} >+extra_commands="reload statusall" >+ >+start_precmd=${name}_prestart >+start_postcmd=${name}_poststart >+status_cmd="${swanctl_command} --stats" >+reload_cmd=${name}_reload >+statusall_cmd=${name}_statusall >+ >+strongswan_swanctl_prestart() >+{ >+ # Allow both strongwan_swanctl and strongwan to be enabled, with caveats: >+ # * Limit to one charon manager, else vici socket breaks >+ # * Swanctl can load config to ipsec starter invoked charon, but not reverse >+ if [ ! -z ${strongswan_enable} ] && checkyesno strongswan_enable; then >+ warn "legacy rc.d/strongswan is enabled? refusing to start rc.d/strongswan_swanctl, only loading swanctl.conf." >+ strongswan_swanctl_poststart >+ return 1 >+ fi >+} >+ >+strongswan_swanctl_poststart() >+{ >+ local _waitmax=5 >+ >+ # Need to wait for charon to finish startup, else vici socket is unreadable >+ while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do >+ sleep 1 >+ _waitmax=$((_waitmax - 1)) >+ done >+ >+ ${swanctl_command} --load-all --noprompt >+} >+ >+strongswan_swanctl_reload() >+{ >+ ${swanctl_command} --reload-settings >+ ${swanctl_command} --load-all --noprompt >+} >+ >+strongswan_swanctl_statusall() >+{ >+ ${swanctl_command} --stats >+ ${swanctl_command} --list-conns >+ ${swanctl_command} --list-sas >+} >+ >+run_rc_command "$1"
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=201208">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 234648
:
200820
|
200947
|
200948
|
201047
|
201171
| 201208 |
201209
|
202474
|
202573