FreeBSD Bugzilla – Attachment 208097 Details for
Bug 236944
security/strongswan: startup script improvements
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Improve strongswan.in
strongswan.patch (text/plain), 4.04 KB, created by
Jose Luis Duran
on 2019-10-04 18:28:00 UTC
(
hide
)
Description:
Improve strongswan.in
Filename:
MIME Type:
Creator:
Jose Luis Duran
Created:
2019-10-04 18:28:00 UTC
Size:
4.04 KB
patch
obsolete
>diff --git Makefile Makefile >index 6a2bb21..441cb50 100644 >--- Makefile >+++ Makefile >@@ -3,6 +3,7 @@ > > PORTNAME= strongswan > PORTVERSION= 5.8.1 >+PORTREVISION= 1 > CATEGORIES= security net-vpn > MASTER_SITES= http://download.strongswan.org/ \ > http://download2.strongswan.org/ >diff --git files/strongswan.in files/strongswan.in >index 74e2f60..81dba44 100644 >--- files/strongswan.in >+++ files/strongswan.in >@@ -13,8 +13,8 @@ > # strongswan_interface (string): > # Set the control interface to use. > # Valid options are: >-# "stroke" for the old ipsec/startr interface >-# "vici" for the newer swanctl intrface >+# "starter" or "stroke" for the old ipsec/starter interface >+# "swanctl" or "vici" for the newer swanctl interface > # Default is "stroke" > > . /etc/rc.subr >@@ -25,73 +25,67 @@ rcvar=strongswan_enable > > load_rc_config $name > >-: ${strongswan_enable:=NO} >-: ${strongswan_interface:="stroke"} >+strongswan_enable=${strongswan_enable:-"NO"} >+strongswan_interface=${strongswan_interface:-"stroke"} > > extra_commands="reload statusall" > >-charon_command=%%PREFIX%%/libexec/ipsec/charon >-charon_pidfile=/var/run/charon.pid >-swanctl_command=%%PREFIX%%/sbin/swanctl >- > case $strongswan_interface in >-[Ss][Tt][Rr][Oo][Kk][Ee]) >- # "stroke" >+[Ss][Tt][Aa][Rr][Tt][Ee][Rr]|[Ss][Tt][Rr][Oo][Kk][Ee]) > command="%%PREFIX%%/sbin/ipsec" >+ procname="%%PREFIX%%/libexec/ipsec/starter" > start_precmd=command_args=start >- stop_cmd="${command} stop" >- status_cmd="${command} status" >- reload_cmd="${command} reload" >+ reload_cmd="${command} reload" # non-rc.subr reload command >+ status_cmd="${command} status" # non-rc.subr status command > statusall_cmd="${command} statusall" > ;; > >-[Vv][Ii][Cc][Ii]) >- # "vici" >- command=/usr/sbin/daemon >+[Ss][Ww][Aa][Nn][Cc][Tt][Ll]|[Vv][Ii][Cc][Ii]) >+ command="/usr/sbin/daemon" >+ charon_command="%%PREFIX%%/libexec/ipsec/charon" >+ swanctl="%%PREFIX%%/sbin/swanctl" > pidfile=/var/run/daemon-charon.pid >- command_args="-S -P ${pidfile} ${charon_command} --use-syslog" >- >- required_files=${charon_command} >- extra_commands="reload statusall" >- >- start_postcmd=${name}_swanctl_poststart >- status_cmd="${swanctl_command} --stats" >- reload_cmd=${name}_swanctl_reload >- statusall_cmd=${name}_swanctl_statusall >+ command_args="-rS -P ${pidfile} ${charon_command} --use-syslog" >+ >+ start_cmd=strongswan_swanctl_start >+ start_postcmd="${swanctl} --load-all --noprompt" >+ reload_cmd="strongswan_swanctl --reload-settings" # non-rc.subr reload command >+ reload_postcmd=$start_postcmd >+ status_cmd="strongswan_swanctl --stats" # non-rc.subr status command >+ statusall_cmd="strongswan_swanctl --stats --list-conns --list-sas" > ;; > >- *) >- # "default" >- warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"." >+*) >+ warn "\$strongswan_interface setting is invalid - supported options are \"stroke\" or \"vici\"." > exit 1 > ;; > esac > >-strongswan_swanctl_poststart() >+strongswan_swanctl_start() > { >- local _waitmax=5 >- >- # Need to wait for charon to finish startup, >- # else vici socket is unreadable >- while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do >- sleep 1 >- _waitmax=$((_waitmax - 1)) >- done >+ check_startmsgs && echo "Starting ${name}." > >- ${swanctl_command} --load-all --noprompt >+ ${command} ${command_args} >+ sleep 0.01 > } > >-strongswan_swanctl_reload() >+strongswan_swanctl() > { >- ${swanctl_command} --reload-settings >- ${swanctl_command} --load-all --noprompt >-} >+ local _commands _c > >-strongswan_swanctl_statusall() >-{ >- ${swanctl_command} --stats >- ${swanctl_command} --list-conns >- ${swanctl_command} --list-sas >+ _commands="$@" >+ if [ -z "$_commands" ]; then >+ return >+ fi >+ >+ if [ -z "$rc_pid" ]; then >+ _run_rc_notrunning >+ return 1 >+ fi >+ >+ for _c in $_commands; do >+ ${swanctl} $_c >+ done > } > > run_rc_command "$1" >diff --git pkg-descr pkg-descr >index 163408c..2fc49d1 100644 >--- pkg-descr >+++ pkg-descr >@@ -2,4 +2,4 @@ Strongswan is an open source IPsec-based VPN solution. > Strongswan for FreeBSD implements both the IKEv1 and IKEv2 (RFC 5996) key > exchange protocols. > >-WWW: http://www.strongswan.org >+WWW: https://www.strongswan.org
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=208097">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 236944
:
203306
|
203395
|
203489
|
203887
|
204210
|
204703
|
208097
|
208247