FreeBSD Bugzilla – Attachment 204703 Details for
Bug 236944
security/strongswan: startup script improvements
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Improve strongswan.in
strongswan.patch (text/plain), 3.64 KB, created by
Jose Luis Duran
on 2019-05-29 15:43:39 UTC
(
hide
)
Description:
Improve strongswan.in
Filename:
MIME Type:
Creator:
Jose Luis Duran
Created:
2019-05-29 15:43:39 UTC
Size:
3.64 KB
patch
obsolete
>diff --git Makefile Makefile >index 49a1c4e..2f0bbf6 100644 >--- Makefile >+++ Makefile >@@ -3,9 +3,10 @@ > > PORTNAME= strongswan > PORTVERSION= 5.8.0 >+PORTREVISION= 1 > CATEGORIES= security >-MASTER_SITES= http://download.strongswan.org/ \ >- http://download2.strongswan.org/ >+MASTER_SITES= https://download.strongswan.org/ \ >+ https://download2.strongswan.org/ > > MAINTAINER= strongswan@nanoteq.com > COMMENT= Open Source IKEv2 IPsec-based VPN solution >diff --git files/strongswan.in files/strongswan.in >index 74e2f60..fd756dc 100644 >--- files/strongswan.in >+++ files/strongswan.in >@@ -13,8 +13,8 @@ > # strongswan_interface (string): > # Set the control interface to use. > # Valid options are: >-# "stroke" for the old ipsec/startr interface >-# "vici" for the newer swanctl intrface >+# "stroke" for the old ipsec/starter interface >+# "vici" for the newer swanctl interface > # Default is "stroke" > > . /etc/rc.subr >@@ -26,14 +26,10 @@ rcvar=strongswan_enable > load_rc_config $name > > : ${strongswan_enable:=NO} >-: ${strongswan_interface:="stroke"} >+strongswan_interface=${strongswan_interface:-"stroke"} > > extra_commands="reload statusall" > >-charon_command=%%PREFIX%%/libexec/ipsec/charon >-charon_pidfile=/var/run/charon.pid >-swanctl_command=%%PREFIX%%/sbin/swanctl >- > case $strongswan_interface in > [Ss][Tt][Rr][Oo][Kk][Ee]) > # "stroke" >@@ -48,50 +44,81 @@ case $strongswan_interface in > [Vv][Ii][Cc][Ii]) > # "vici" > command=/usr/sbin/daemon >+ charon_command=%%PREFIX%%/libexec/ipsec/charon >+ charon_pidfile=/var/run/charon.pid >+ swanctl_command=%%PREFIX%%/sbin/swanctl > pidfile=/var/run/daemon-charon.pid > command_args="-S -P ${pidfile} ${charon_command} --use-syslog" > >- required_files=${charon_command} >- extra_commands="reload statusall" >- > start_postcmd=${name}_swanctl_poststart >- status_cmd="${swanctl_command} --stats" >+ status_cmd=${name}_swanctl_status >+ stop_postcmd="wait_charon stop" > reload_cmd=${name}_swanctl_reload > statusall_cmd=${name}_swanctl_statusall > ;; > >- *) >+*) > # "default" >- warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"." >+ warn "\$strongswan_interface setting is invalid - supported options are \"stroke\" or \"vici\"." > exit 1 > ;; > esac > > strongswan_swanctl_poststart() > { >- local _waitmax=5 >- >- # Need to wait for charon to finish startup, >- # else vici socket is unreadable >- while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do >- sleep 1 >- _waitmax=$((_waitmax - 1)) >- done >+ wait_charon > > ${swanctl_command} --load-all --noprompt > } > > strongswan_swanctl_reload() > { >+ check_charon >+ > ${swanctl_command} --reload-settings > ${swanctl_command} --load-all --noprompt > } > >+strongswan_swanctl_status() >+{ >+ check_charon >+ >+ ${swanctl_command} --stats >+} >+ > strongswan_swanctl_statusall() > { >+ check_charon >+ > ${swanctl_command} --stats > ${swanctl_command} --list-conns > ${swanctl_command} --list-sas > } > >+check_charon() >+{ >+ if [ ! -e "${charon_pidfile}" ]; then >+ echo "${name} is not running." >&2 >+ exit 7 >+ fi >+} >+ >+wait_charon() >+{ >+ if [ "$1" = "stop" ]; then >+ charon_status="[ -f ${charon_pidfile} ]" >+ else >+ charon_status="[ ! -f ${charon_pidfile} ]" >+ fi >+ >+ local _waitmax=5 >+ >+ # Need to wait for charon, >+ # else vici socket is unreadable >+ while eval "${charon_status}" && [ ${_waitmax} -gt 0 ]; do >+ sleep 1 >+ _waitmax=$((_waitmax - 1)) >+ done >+} >+ > run_rc_command "$1" >diff --git pkg-descr pkg-descr >index 163408c..2fc49d1 100644 >--- pkg-descr >+++ pkg-descr >@@ -2,4 +2,4 @@ Strongswan is an open source IPsec-based VPN solution. > Strongswan for FreeBSD implements both the IKEv1 and IKEv2 (RFC 5996) key > exchange protocols. > >-WWW: http://www.strongswan.org >+WWW: https://www.strongswan.org
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=204703">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 236944
:
203306
|
203395
|
203489
|
203887
|
204210
|
204703
|
208097
|
208247