Attachment #208247 for bug #236944

Lines 3-8 Link Here

(-)Makefile (+1 lines)
3		3
4	PORTNAME= strongswan	4	PORTNAME= strongswan
5	PORTVERSION= 5.8.1	5	PORTVERSION= 5.8.1
		6	PORTREVISION= 1
6	CATEGORIES= security net-vpn	7	CATEGORIES= security net-vpn
7	MASTER_SITES= http://download.strongswan.org/ \	8	MASTER_SITES= http://download.strongswan.org/ \
8	http://download2.strongswan.org/	9	http://download2.strongswan.org/




# strongswan_interface (string):
#	Set the control interface to use.
#	Valid options are:
#	"starter" or "stroke" for the old ipsec/starter interface
#	"swanctl" or "vici" for the newer swanctl interface
#	Default is "stroke"

. /etc/rc.subr


load_rc_config $name

strongswan_enable=${strongswan_enable:-"NO"}
strongswan_interface=${strongswan_interface:-"stroke"}

extra_commands="reload statusall"

charon_command=%%PREFIX%%/libexec/ipsec/charon
charon_pidfile=/var/run/charon.pid
swanctl_command=%%PREFIX%%/sbin/swanctl

case $strongswan_interface in
[Ss][Tt][Aa][Rr][Tt][Ee][Rr]|[Ss][Tt][Rr][Oo][Kk][Ee])
	# "stroke"
	command="%%PREFIX%%/sbin/ipsec"
	procname="%%PREFIX%%/libexec/ipsec/starter"
	start_precmd=command_args=start
	reload_cmd="${command} reload" # non-rc.subr reload command
	status_cmd="${command} status" # non-rc.subr status command
	reload_cmd="${command} reload"
	statusall_cmd="${command} statusall"
	;;

[Ss][Ww][Aa][Nn][Cc][Tt][Ll]|[Vv][Ii][Cc][Ii])
	command="/usr/sbin/daemon"
	charon="%%PREFIX%%/libexec/ipsec/charon"
	swanctl="%%PREFIX%%/sbin/swanctl"
	pidfile=/var/run/daemon-charon.pid
	charon_pidfile=/var/run/charon.pid
	command_args="-rS -P ${pidfile} ${charon} --use-syslog"

	start_cmd=strongswan_swanctl_start
	start_postcmd="${swanctl} --load-all --noprompt"
	reload_cmd="strongswan_swanctl --reload-settings" # non-rc.subr reload command
	reload_postcmd=$start_postcmd
	status_cmd="strongswan_swanctl --stats" # non-rc.subr status command
	statusall_cmd="strongswan_swanctl --stats --list-conns --list-sas"
	;;

*)
	warn "\$strongswan_interface setting is invalid - supported options are \"stroke\" or \"vici\"."
	warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"."
	exit 1
	;;
esac

strongswan_swanctl_start()
{
	local _waitmax=5

	check_startmsgs && echo "Starting ${name}."

	${command} ${command_args}

	# Need to wait for charon to finish startup,
	# else vici socket is unreadable
	while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do
		sleep 1
		_waitmax=$((_waitmax - 1))
	done

	${swanctl_command} --load-all --noprompt
}

strongswan_swanctl()
{
	local _commands _c
	${swanctl_command} --load-all --noprompt
}

	_commands="$@"
	if [ -z "$_commands" ]; then
		return
	fi

	if [ -z "$rc_pid" ]; then
		_run_rc_notrunning
		return 1
	fi

	for _c in $_commands; do
		${swanctl} $_c
	done
}

run_rc_command "$1"

Lines 2-5 Strongswan is an open source IPsec-based VPN solution. Link Here

(-)pkg-descr (-1 / +1 lines)
2	Strongswan for FreeBSD implements both the IKEv1 and IKEv2 (RFC 5996) key	2	Strongswan for FreeBSD implements both the IKEv1 and IKEv2 (RFC 5996) key
3	exchange protocols.	3	exchange protocols.
4		4
5	WWW: http://www.strongswan.org	5	WWW: https://www.strongswan.org

Return to bug 236944

Lines 13-20 Link Here

(-)files/strongswan.in (-40 / +43 lines)
13	# strongswan_interface (string):	13	# strongswan_interface (string):
14	# Set the control interface to use.	14	# Set the control interface to use.
15	# Valid options are:	15	# Valid options are:
16	# "stroke" for the old ipsec/startr interface	16	# "starter" or "stroke" for the old ipsec/starter interface
17	# "vici" for the newer swanctl intrface	17	# "swanctl" or "vici" for the newer swanctl interface
18	# Default is "stroke"	18	# Default is "stroke"
19		19
20	. /etc/rc.subr	20	. /etc/rc.subr
Lines 25-97 rcvar=strongswan_enable Link Here
25		25
26	load_rc_config $name	26	load_rc_config $name
27		27
28	: ${strongswan_enable:=NO}	28	strongswan_enable=${strongswan_enable:-"NO"}
29	: ${strongswan_interface:="stroke"}	29	strongswan_interface=${strongswan_interface:-"stroke"}
30		30
31	extra_commands="reload statusall"	31	extra_commands="reload statusall"
32		32
33	charon_command=%%PREFIX%%/libexec/ipsec/charon
34	charon_pidfile=/var/run/charon.pid
35	swanctl_command=%%PREFIX%%/sbin/swanctl
36
37	case $strongswan_interface in	33	case $strongswan_interface in
38	[Ss][Tt][Rr][Oo][Kk][Ee])	34	[Ss][Tt][Aa][Rr][Tt][Ee][Rr]\|[Ss][Tt][Rr][Oo][Kk][Ee])
39	# "stroke"
40	command="%%PREFIX%%/sbin/ipsec"	35	command="%%PREFIX%%/sbin/ipsec"
		36	procname="%%PREFIX%%/libexec/ipsec/starter"
41	start_precmd=command_args=start	37	start_precmd=command_args=start
42	stop_cmd="${command} stop"	38	reload_cmd="${command} reload" # non-rc.subr reload command
43	status_cmd="${command} status"	39	status_cmd="${command} status" # non-rc.subr status command
44	reload_cmd="${command} reload"
45	statusall_cmd="${command} statusall"	40	statusall_cmd="${command} statusall"
46	;;	41	;;
47		42
48	[Vv][Ii][Cc][Ii])	43	[Ss][Ww][Aa][Nn][Cc][Tt][Ll]\|[Vv][Ii][Cc][Ii])
49	# "vici"	44	command="/usr/sbin/daemon"
50	command=/usr/sbin/daemon	45	charon="%%PREFIX%%/libexec/ipsec/charon"
		46	swanctl="%%PREFIX%%/sbin/swanctl"
51	pidfile=/var/run/daemon-charon.pid	47	pidfile=/var/run/daemon-charon.pid
52	command_args="-S -P ${pidfile} ${charon_command} --use-syslog"	48	charon_pidfile=/var/run/charon.pid
53		49	command_args="-rS -P ${pidfile} ${charon} --use-syslog"
54	required_files=${charon_command}	50
55	extra_commands="reload statusall"	51	start_cmd=strongswan_swanctl_start
56		52	start_postcmd="${swanctl} --load-all --noprompt"
57	start_postcmd=${name}_swanctl_poststart	53	reload_cmd="strongswan_swanctl --reload-settings" # non-rc.subr reload command
58	status_cmd="${swanctl_command} --stats"	54	reload_postcmd=$start_postcmd
59	reload_cmd=${name}_swanctl_reload	55	status_cmd="strongswan_swanctl --stats" # non-rc.subr status command
60	statusall_cmd=${name}_swanctl_statusall	56	statusall_cmd="strongswan_swanctl --stats --list-conns --list-sas"
61	;;	57	;;
62		58
63	*)	59	*)
64	# "default"	60	warn "\$strongswan_interface setting is invalid - supported options are \"stroke\" or \"vici\"."
65	warn "\$strongswan_interface setting is invalid - options supported are \"stroke\" or \"vici\"."
66	exit 1	61	exit 1
67	;;	62	;;
68	esac	63	esac
69		64
70	strongswan_swanctl_poststart()	65	strongswan_swanctl_start()
71	{	66	{
72	local _waitmax=5	67	local _waitmax=5
73		68
		69	check_startmsgs && echo "Starting ${name}."
		70
		71	${command} ${command_args}
		72
74	# Need to wait for charon to finish startup,	73	# Need to wait for charon to finish startup,
75	# else vici socket is unreadable	74	# else vici socket is unreadable
76	while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do	75	while [ ! -f ${charon_pidfile} ] && [ ${_waitmax} -gt 0 ]; do
77	sleep 1	76	sleep 1
78	_waitmax=$((_waitmax - 1))	77	_waitmax=$((_waitmax - 1))
79	done	78	done
80
81	${swanctl_command} --load-all --noprompt
82	}	79	}
83		80
84	strongswan_swanctl_reload()	81	strongswan_swanctl()
85	{	82	{
86	${swanctl_command} --reload-settings	83	local _commands _c
87	${swanctl_command} --load-all --noprompt
88	}
89		84
90	strongswan_swanctl_statusall()	85	_commands="$@"
91	{	86	if [ -z "$_commands" ]; then
92	${swanctl_command} --stats	87	return
93	${swanctl_command} --list-conns	88	fi
94	${swanctl_command} --list-sas	89
		90	if [ -z "$rc_pid" ]; then
		91	_run_rc_notrunning
		92	return 1
		93	fi
		94
		95	for _c in $_commands; do
		96	${swanctl} $_c
		97	done
95	}	98	}
96		99
97	run_rc_command "$1"	100	run_rc_command "$1"