Attachment #203395 for bug #236944

Lines 3-9 Link Here

(-)Makefile (-1 / +1 lines)
3		3
4	PORTNAME= strongswan	4	PORTNAME= strongswan
5	PORTVERSION= 5.7.2	5	PORTVERSION= 5.7.2
6	PORTREVISION= 2	6	PORTREVISION= 3
7	CATEGORIES= security	7	CATEGORIES= security
8	MASTER_SITES= http://download.strongswan.org/ \	8	MASTER_SITES= http://download.strongswan.org/ \
9	http://download2.strongswan.org/	9	http://download2.strongswan.org/




load_rc_config $name

: ${strongswan_enable:=NO}
strongswan_interface=${strongswan_interface:-"stroke"}

extra_commands="reload statusall"

charon_command=%%PREFIX%%/libexec/ipsec/charon
charon_pidfile=/var/run/charon.pid
swanctl_command=%%PREFIX%%/sbin/swanctl

case $strongswan_interface in
[Ss][Tt][Rr][Oo][Kk][Ee])
	# "stroke"
	command="%%PREFIX%%/sbin/ipsec"

	start_precmd=command_args=start
	stop_cmd="${command} stop"
	status_cmd="${command} status"

[Vv][Ii][Cc][Ii])
	# "vici"
	command=/usr/sbin/daemon
	charon_command=%%PREFIX%%/libexec/ipsec/charon
	charon_pidfile=/var/run/charon.pid
	swanctl_command=%%PREFIX%%/sbin/swanctl
	pidfile=/var/run/daemon-charon.pid
	command_args="-S -P ${pidfile} ${charon_command} --use-syslog"

	required_files=${charon_command}
	extra_commands="reload statusall"

	start_postcmd=${name}_swanctl_poststart
	status_cmd=${name}_swanctl_status
	stop_postcmd="wait_charon stop"
	reload_cmd=${name}_swanctl_reload
	statusall_cmd=${name}_swanctl_statusall
	;;

*)
	# "default"
	warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"."
	exit 1


strongswan_swanctl_poststart()
{
	wait_charon

	# Need to wait for charon to finish startup,
	# else vici socket is unreadable
	while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do
		sleep 1
		_waitmax=$((_waitmax - 1))
	done

	${swanctl_command} --load-all --noprompt
}

strongswan_swanctl_reload()
{
	check_charon

	${swanctl_command} --reload-settings
	${swanctl_command} --load-all --noprompt
}

strongswan_swanctl_status()
{
	check_charon

	${swanctl_command} --stats
}

strongswan_swanctl_statusall()
{
	check_charon

	${swanctl_command} --stats
	${swanctl_command} --list-conns
	${swanctl_command} --list-sas
}

check_charon()
{
	if [ ! -e "${charon_pidfile}" ]
	then
		echo "${name} not running? (check ${charon_pidfile})." >&2
		exit 7
	fi
}

wait_charon()
{
	if [ "$1" = "stop" ]
	then
		charon_status="[ -f ${charon_pidfile} ]"
	else
		charon_status="[ ! -f ${charon_pidfile} ]"
	fi

	local _waitmax=5

	# Need to wait for charon,
	# else vici socket is unreadable
	while eval "${charon_status}" && [ ${_waitmax} -gt 0 ]; do
		sleep 1
		_waitmax=$((_waitmax - 1))
	done
}

run_rc_command "$1"

Lines 2-5 Strongswan is an open source IPsec-based VPN solution. Link Here

(-)pkg-descr (-1 / +1 lines)
2	Strongswan for FreeBSD implements both the IKEv1 and IKEv2 (RFC 5996) key	2	Strongswan for FreeBSD implements both the IKEv1 and IKEv2 (RFC 5996) key
3	exchange protocols.	3	exchange protocols.
4		4
5	WWW: http://www.strongswan.org	5	WWW: https://www.strongswan.org

Return to bug 236944

Lines 26-43 rcvar=strongswan_enable Link Here

(-)files/strongswan.in (-18 / +48 lines)
26	load_rc_config $name	26	load_rc_config $name
27		27
28	: ${strongswan_enable:=NO}	28	: ${strongswan_enable:=NO}
29	: ${strongswan_interface:="stroke"}	29	strongswan_interface=${strongswan_interface:-"stroke"}
30		30
31	extra_commands="reload statusall"	31	extra_commands="reload statusall"
32		32
33	charon_command=%%PREFIX%%/libexec/ipsec/charon
34	charon_pidfile=/var/run/charon.pid
35	swanctl_command=%%PREFIX%%/sbin/swanctl
36
37	case $strongswan_interface in	33	case $strongswan_interface in
38	[Ss][Tt][Rr][Oo][Kk][Ee])	34	[Ss][Tt][Rr][Oo][Kk][Ee])
39	# "stroke"	35	# "stroke"
40	command="%%PREFIX%%/sbin/ipsec"	36	command="%%PREFIX%%/sbin/ipsec"
		37
41	start_precmd=command_args=start	38	start_precmd=command_args=start
42	stop_cmd="${command} stop"	39	stop_cmd="${command} stop"
43	status_cmd="${command} status"	40	status_cmd="${command} status"
Lines 48-66 case $strongswan_interface in Link Here
48	[Vv][Ii][Cc][Ii])	45	[Vv][Ii][Cc][Ii])
49	# "vici"	46	# "vici"
50	command=/usr/sbin/daemon	47	command=/usr/sbin/daemon
		48	charon_command=%%PREFIX%%/libexec/ipsec/charon
		49	charon_pidfile=/var/run/charon.pid
		50	swanctl_command=%%PREFIX%%/sbin/swanctl
51	pidfile=/var/run/daemon-charon.pid	51	pidfile=/var/run/daemon-charon.pid
52	command_args="-S -P ${pidfile} ${charon_command} --use-syslog"	52	command_args="-S -P ${pidfile} ${charon_command} --use-syslog"
53		53
54	required_files=${charon_command}
55	extra_commands="reload statusall"
56
57	start_postcmd=${name}_swanctl_poststart	54	start_postcmd=${name}_swanctl_poststart
58	status_cmd="${swanctl_command} --stats"	55	status_cmd=${name}_swanctl_status
		56	stop_postcmd="wait_charon stop"
59	reload_cmd=${name}_swanctl_reload	57	reload_cmd=${name}_swanctl_reload
60	statusall_cmd=${name}_swanctl_statusall	58	statusall_cmd=${name}_swanctl_statusall
61	;;	59	;;
62		60
63	*)	61	*)
64	# "default"	62	# "default"
65	warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"."	63	warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"."
66	exit 1	64	exit 1
Lines 69-97 esac Link Here
69		67
70	strongswan_swanctl_poststart()	68	strongswan_swanctl_poststart()
71	{	69	{
72	local _waitmax=5	70	wait_charon
73
74	# Need to wait for charon to finish startup,
75	# else vici socket is unreadable
76	while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do
77	sleep 1
78	_waitmax=$((_waitmax - 1))
79	done
80		71
81	${swanctl_command} --load-all --noprompt	72	${swanctl_command} --load-all --noprompt
82	}	73	}
83		74
84	strongswan_swanctl_reload()	75	strongswan_swanctl_reload()
85	{	76	{
		77	check_charon
		78
86	${swanctl_command} --reload-settings	79	${swanctl_command} --reload-settings
87	${swanctl_command} --load-all --noprompt	80	${swanctl_command} --load-all --noprompt
88	}	81	}
89		82
		83	strongswan_swanctl_status()
		84	{
		85	check_charon
		86
		87	${swanctl_command} --stats
		88	}
		89
90	strongswan_swanctl_statusall()	90	strongswan_swanctl_statusall()
91	{	91	{
		92	check_charon
		93
92	${swanctl_command} --stats	94	${swanctl_command} --stats
93	${swanctl_command} --list-conns	95	${swanctl_command} --list-conns
94	${swanctl_command} --list-sas	96	${swanctl_command} --list-sas
95	}	97	}
96		98
		99	check_charon()
		100	{
		101	if [ ! -e "${charon_pidfile}" ]
		102	then
		103	echo "${name} not running? (check ${charon_pidfile})." >&2
		104	exit 7
		105	fi
		106	}
		107
		108	wait_charon()
		109	{
		110	if [ "$1" = "stop" ]
		111	then
		112	charon_status="[ -f ${charon_pidfile} ]"
		113	else
		114	charon_status="[ ! -f ${charon_pidfile} ]"
		115	fi
		116
		117	local _waitmax=5
		118
		119	# Need to wait for charon,
		120	# else vici socket is unreadable
		121	while eval "${charon_status}" && [ ${_waitmax} -gt 0 ]; do
		122	sleep 1
		123	_waitmax=$((_waitmax - 1))
		124	done
		125	}
		126
97	run_rc_command "$1"	127	run_rc_command "$1"