Attachment #208097 for bug #236944

Lines 3-8 Link Here

(-)Makefile (+1 lines)
3		3
4	PORTNAME= strongswan	4	PORTNAME= strongswan
5	PORTVERSION= 5.8.1	5	PORTVERSION= 5.8.1
		6	PORTREVISION= 1
6	CATEGORIES= security net-vpn	7	CATEGORIES= security net-vpn
7	MASTER_SITES= http://download.strongswan.org/ \	8	MASTER_SITES= http://download.strongswan.org/ \
8	http://download2.strongswan.org/	9	http://download2.strongswan.org/




# strongswan_interface (string):
#	Set the control interface to use.
#	Valid options are:
#	"starter" or "stroke" for the old ipsec/starter interface
#	"swanctl" or "vici" for the newer swanctl interface
#	Default is "stroke"

. /etc/rc.subr


load_rc_config $name

strongswan_enable=${strongswan_enable:-"NO"}
strongswan_interface=${strongswan_interface:-"stroke"}

extra_commands="reload statusall"

charon_command=%%PREFIX%%/libexec/ipsec/charon
charon_pidfile=/var/run/charon.pid
swanctl_command=%%PREFIX%%/sbin/swanctl

case $strongswan_interface in
[Ss][Tt][Aa][Rr][Tt][Ee][Rr]|[Ss][Tt][Rr][Oo][Kk][Ee])
	# "stroke"
	command="%%PREFIX%%/sbin/ipsec"
	procname="%%PREFIX%%/libexec/ipsec/starter"
	start_precmd=command_args=start
	reload_cmd="${command} reload" # non-rc.subr reload command
	status_cmd="${command} status" # non-rc.subr status command
	reload_cmd="${command} reload"
	statusall_cmd="${command} statusall"
	;;

[Ss][Ww][Aa][Nn][Cc][Tt][Ll]|[Vv][Ii][Cc][Ii])
	command="/usr/sbin/daemon"
	charon_command="%%PREFIX%%/libexec/ipsec/charon"
	swanctl="%%PREFIX%%/sbin/swanctl"
	pidfile=/var/run/daemon-charon.pid
	command_args="-rS -P ${pidfile} ${charon_command} --use-syslog"

	start_cmd=strongswan_swanctl_start
	start_postcmd="${swanctl} --load-all --noprompt"
	reload_cmd="strongswan_swanctl --reload-settings" # non-rc.subr reload command
	reload_postcmd=$start_postcmd
	status_cmd="strongswan_swanctl --stats" # non-rc.subr status command
	statusall_cmd="strongswan_swanctl --stats --list-conns --list-sas"
	statusall_cmd=${name}_swanctl_statusall
	;;

*)
	warn "\$strongswan_interface setting is invalid - supported options are \"stroke\" or \"vici\"."
	warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"."
	exit 1
	;;
esac

strongswan_swanctl_start()
{
	check_startmsgs && echo "Starting ${name}."

	# Need to wait for charon to finish startup,
	# else vici socket is unreadable
	while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do
		sleep 1
		_waitmax=$((_waitmax - 1))
	done

	${command} ${command_args}
	sleep 0.01
}

strongswan_swanctl()
{
	local _commands _c
	${swanctl_command} --load-all --noprompt
}

	_commands="$@"
	if [ -z "$_commands" ]; then
		return
	fi

	if [ -z "$rc_pid" ]; then
		_run_rc_notrunning
		return 1
	fi

	for _c in $_commands; do
		${swanctl} $_c
	done
}

run_rc_command "$1"

Lines 2-5 Strongswan is an open source IPsec-based VPN solution. Link Here

(-)pkg-descr (-1 / +1 lines)
2	Strongswan for FreeBSD implements both the IKEv1 and IKEv2 (RFC 5996) key	2	Strongswan for FreeBSD implements both the IKEv1 and IKEv2 (RFC 5996) key
3	exchange protocols.	3	exchange protocols.
4		4
5	WWW: http://www.strongswan.org	5	WWW: https://www.strongswan.org

Return to bug 236944

Lines 13-20 Link Here

(-)files/strongswan.in (-47 / +41 lines)
13	# strongswan_interface (string):	13	# strongswan_interface (string):
14	# Set the control interface to use.	14	# Set the control interface to use.
15	# Valid options are:	15	# Valid options are:
16	# "stroke" for the old ipsec/startr interface	16	# "starter" or "stroke" for the old ipsec/starter interface
17	# "vici" for the newer swanctl intrface	17	# "swanctl" or "vici" for the newer swanctl interface
18	# Default is "stroke"	18	# Default is "stroke"
19		19
20	. /etc/rc.subr	20	. /etc/rc.subr
Lines 25-97 rcvar=strongswan_enable Link Here
25		25
26	load_rc_config $name	26	load_rc_config $name
27		27
28	: ${strongswan_enable:=NO}	28	strongswan_enable=${strongswan_enable:-"NO"}
29	: ${strongswan_interface:="stroke"}	29	strongswan_interface=${strongswan_interface:-"stroke"}
30		30
31	extra_commands="reload statusall"	31	extra_commands="reload statusall"
32		32
33	charon_command=%%PREFIX%%/libexec/ipsec/charon
34	charon_pidfile=/var/run/charon.pid
35	swanctl_command=%%PREFIX%%/sbin/swanctl
36
37	case $strongswan_interface in	33	case $strongswan_interface in
38	[Ss][Tt][Rr][Oo][Kk][Ee])	34	[Ss][Tt][Aa][Rr][Tt][Ee][Rr]\|[Ss][Tt][Rr][Oo][Kk][Ee])
39	# "stroke"
40	command="%%PREFIX%%/sbin/ipsec"	35	command="%%PREFIX%%/sbin/ipsec"
		36	procname="%%PREFIX%%/libexec/ipsec/starter"
41	start_precmd=command_args=start	37	start_precmd=command_args=start
42	stop_cmd="${command} stop"	38	reload_cmd="${command} reload" # non-rc.subr reload command
43	status_cmd="${command} status"	39	status_cmd="${command} status" # non-rc.subr status command
44	reload_cmd="${command} reload"
45	statusall_cmd="${command} statusall"	40	statusall_cmd="${command} statusall"
46	;;	41	;;
47		42
48	[Vv][Ii][Cc][Ii])	43	[Ss][Ww][Aa][Nn][Cc][Tt][Ll]\|[Vv][Ii][Cc][Ii])
49	# "vici"	44	command="/usr/sbin/daemon"
50	command=/usr/sbin/daemon	45	charon_command="%%PREFIX%%/libexec/ipsec/charon"
		46	swanctl="%%PREFIX%%/sbin/swanctl"
51	pidfile=/var/run/daemon-charon.pid	47	pidfile=/var/run/daemon-charon.pid
52	command_args="-S -P ${pidfile} ${charon_command} --use-syslog"	48	command_args="-rS -P ${pidfile} ${charon_command} --use-syslog"
53		49
54	required_files=${charon_command}	50	start_cmd=strongswan_swanctl_start
55	extra_commands="reload statusall"	51	start_postcmd="${swanctl} --load-all --noprompt"
56		52	reload_cmd="strongswan_swanctl --reload-settings" # non-rc.subr reload command
57	start_postcmd=${name}_swanctl_poststart	53	reload_postcmd=$start_postcmd
58	status_cmd="${swanctl_command} --stats"	54	status_cmd="strongswan_swanctl --stats" # non-rc.subr status command
59	reload_cmd=${name}_swanctl_reload	55	statusall_cmd="strongswan_swanctl --stats --list-conns --list-sas"
60	statusall_cmd=${name}_swanctl_statusall
61	;;	56	;;
62		57
63	*)	58	*)
64	# "default"	59	warn "\$strongswan_interface setting is invalid - supported options are \"stroke\" or \"vici\"."
65	warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"."
66	exit 1	60	exit 1
67	;;	61	;;
68	esac	62	esac
69		63
70	strongswan_swanctl_poststart()	64	strongswan_swanctl_start()
71	{	65	{
72	local _waitmax=5	66	check_startmsgs && echo "Starting ${name}."
73
74	# Need to wait for charon to finish startup,
75	# else vici socket is unreadable
76	while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do
77	sleep 1
78	_waitmax=$((_waitmax - 1))
79	done
80		67
81	${swanctl_command} --load-all --noprompt	68	${command} ${command_args}
		69	sleep 0.01
82	}	70	}
83		71
84	strongswan_swanctl_reload()	72	strongswan_swanctl()
85	{	73	{
86	${swanctl_command} --reload-settings	74	local _commands _c
87	${swanctl_command} --load-all --noprompt
88	}
89		75
90	strongswan_swanctl_statusall()	76	_commands="$@"
91	{	77	if [ -z "$_commands" ]; then
92	${swanctl_command} --stats	78	return
93	${swanctl_command} --list-conns	79	fi
94	${swanctl_command} --list-sas	80
		81	if [ -z "$rc_pid" ]; then
		82	_run_rc_notrunning
		83	return 1
		84	fi
		85
		86	for _c in $_commands; do
		87	${swanctl} $_c
		88	done
95	}	89	}
96		90
97	run_rc_command "$1"	91	run_rc_command "$1"