Attachment #203306 for bug #236944




load_rc_config $name

: ${strongswan_enable:=NO}
strongswan_interface=${strongswan_interface:-"stroke"}

extra_commands="reload statusall"


	# "stroke"
	command="%%PREFIX%%/sbin/ipsec"
	start_precmd=command_args=start

	stop_cmd="${command} stop"
	status_cmd="${command} status"
	reload_cmd="${command} reload"

	pidfile=/var/run/daemon-charon.pid
	command_args="-S -P ${pidfile} ${charon_command} --use-syslog"

	required_files=${charon_command}
	extra_commands="reload statusall"

	start_postcmd=${name}_swanctl_poststart
	status_cmd=${name}_swanctl_status
	stop_postcmd="wait_charon stop"
	reload_cmd=${name}_swanctl_reload
	statusall_cmd=${name}_swanctl_statusall
	;;

*)
	# "default"
	warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"."
	exit 1


strongswan_swanctl_poststart()
{
	wait_charon

	# Need to wait for charon to finish startup,
	# else vici socket is unreadable
	while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do
		sleep 1
		_waitmax=$((_waitmax - 1))
	done

	${swanctl_command} --load-all --noprompt
}

strongswan_swanctl_reload()
{
	check_charon

	echo "Reloading strongSwan swanctl configuration..." >&2
	${swanctl_command} --reload-settings
	${swanctl_command} --load-all --noprompt
}

strongswan_swanctl_status()
{
	check_charon

	${swanctl_command} --stats
}

strongswan_swanctl_statusall()
{
	check_charon

	${swanctl_command} --stats
	${swanctl_command} --list-conns
	${swanctl_command} --list-sas
}

check_charon()
{
	if [ ! -e "${charon_pidfile}" ]
	then
		echo "${name} not running? (check ${charon_pidfile})." >&2
		exit 7
	fi
}

wait_charon()
{
	if [ "$1" = "stop" ]
	then
		charon_status="[ -f ${charon_pidfile} ]"
	else
		charon_status="[ ! -f ${charon_pidfile} ]"
	fi

	local _waitmax=5

	# Need to wait for charon,
	# else vici socket is unreadable
	while eval "${charon_status}" && [ ${_waitmax} -gt 0 ]; do
		sleep 1
		_waitmax=$((_waitmax - 1))
	done
}

run_rc_command "$1"

Return to bug 236944

Lines 26-32 rcvar=strongswan_enable Link Here

(-)files/strongswan.in (-14 / +46 lines)
26	load_rc_config $name	26	load_rc_config $name
27		27
28	: ${strongswan_enable:=NO}	28	: ${strongswan_enable:=NO}
29	: ${strongswan_interface:="stroke"}	29	strongswan_interface=${strongswan_interface:-"stroke"}
30		30
31	extra_commands="reload statusall"	31	extra_commands="reload statusall"
32		32
Lines 39-44 case $strongswan_interface in Link Here
39	# "stroke"	39	# "stroke"
40	command="%%PREFIX%%/sbin/ipsec"	40	command="%%PREFIX%%/sbin/ipsec"
41	start_precmd=command_args=start	41	start_precmd=command_args=start
		42
42	stop_cmd="${command} stop"	43	stop_cmd="${command} stop"
43	status_cmd="${command} status"	44	status_cmd="${command} status"
44	reload_cmd="${command} reload"	45	reload_cmd="${command} reload"
Lines 51-66 case $strongswan_interface in Link Here
51	pidfile=/var/run/daemon-charon.pid	52	pidfile=/var/run/daemon-charon.pid
52	command_args="-S -P ${pidfile} ${charon_command} --use-syslog"	53	command_args="-S -P ${pidfile} ${charon_command} --use-syslog"
53		54
54	required_files=${charon_command}
55	extra_commands="reload statusall"
56
57	start_postcmd=${name}_swanctl_poststart	55	start_postcmd=${name}_swanctl_poststart
58	status_cmd="${swanctl_command} --stats"	56	status_cmd=${name}_swanctl_status
		57	stop_postcmd="wait_charon stop"
59	reload_cmd=${name}_swanctl_reload	58	reload_cmd=${name}_swanctl_reload
60	statusall_cmd=${name}_swanctl_statusall	59	statusall_cmd=${name}_swanctl_statusall
61	;;	60	;;
62		61
63	*)	62	*)
64	# "default"	63	# "default"
65	warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"."	64	warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"."
66	exit 1	65	exit 1
Lines 69-97 esac Link Here
69		68
70	strongswan_swanctl_poststart()	69	strongswan_swanctl_poststart()
71	{	70	{
72	local _waitmax=5	71	wait_charon
73
74	# Need to wait for charon to finish startup,
75	# else vici socket is unreadable
76	while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do
77	sleep 1
78	_waitmax=$((_waitmax - 1))
79	done
80		72
81	${swanctl_command} --load-all --noprompt	73	${swanctl_command} --load-all --noprompt
82	}	74	}
83		75
84	strongswan_swanctl_reload()	76	strongswan_swanctl_reload()
85	{	77	{
		78	check_charon
		79
		80	echo "Reloading strongSwan swanctl configuration..." >&2
86	${swanctl_command} --reload-settings	81	${swanctl_command} --reload-settings
87	${swanctl_command} --load-all --noprompt	82	${swanctl_command} --load-all --noprompt
88	}	83	}
89		84
		85	strongswan_swanctl_status()
		86	{
		87	check_charon
		88
		89	${swanctl_command} --stats
		90	}
		91
90	strongswan_swanctl_statusall()	92	strongswan_swanctl_statusall()
91	{	93	{
		94	check_charon
		95
92	${swanctl_command} --stats	96	${swanctl_command} --stats
93	${swanctl_command} --list-conns	97	${swanctl_command} --list-conns
94	${swanctl_command} --list-sas	98	${swanctl_command} --list-sas
95	}	99	}
96		100
		101	check_charon()
		102	{
		103	if [ ! -e "${charon_pidfile}" ]
		104	then
		105	echo "${name} not running? (check ${charon_pidfile})." >&2
		106	exit 7
		107	fi
		108	}
		109
		110	wait_charon()
		111	{
		112	if [ "$1" = "stop" ]
		113	then
		114	charon_status="[ -f ${charon_pidfile} ]"
		115	else
		116	charon_status="[ ! -f ${charon_pidfile} ]"
		117	fi
		118
		119	local _waitmax=5
		120
		121	# Need to wait for charon,
		122	# else vici socket is unreadable
		123	while eval "${charon_status}" && [ ${_waitmax} -gt 0 ]; do
		124	sleep 1
		125	_waitmax=$((_waitmax - 1))
		126	done
		127	}
		128
97	run_rc_command "$1"	129	run_rc_command "$1"