strongswan: fix sharing of ipsec section variables

author Philip Prindeville <philipp@redfish-solutions.com>

Thu, 17 Jun 2021 06:18:46 +0000 (00:18 -0600)

committer Philip Prindeville <philipp@redfish-solutions.com>

Thu, 17 Jun 2021 15:46:55 +0000 (09:46 -0600)
author Philip Prindeville <philipp@redfish-solutions.com>
Thu, 17 Jun 2021 06:18:46 +0000 (00:18 -0600)
committer Philip Prindeville <philipp@redfish-solutions.com>
Thu, 17 Jun 2021 15:46:55 +0000 (09:46 -0600)
diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile

index 09452d75194969e443c2fab9eeaca4d5c4ae4877..42d7ec218df1f476b239670e1532ca7b2ee5f4f1 100644 (file)
--- a/net/strongswan/Makefile
+++ b/net/strongswan/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
  
  PKG_NAME:=strongswan
  PKG_VERSION:=5.9.2
-PKG_RELEASE:=8
+PKG_RELEASE:=9
  
  PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
  PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
diff --git a/net/strongswan/files/swanctl.init b/net/strongswan/files/swanctl.init

index f83d11fc31f1a4a1370255235272c524e2952419..41d7dd5a24f2271de8c5047e79ee5a18e73ccd14 100644 (file)
--- a/net/strongswan/files/swanctl.init
+++ b/net/strongswan/files/swanctl.init
@@ -220,7 +220,6 @@ config_conn() {
         local updown
         local firewall
         local remote_subnet
-       local remote_sourceip
         local lifetime
         local dpdaction
         local closeaction
@@ -234,7 +233,6 @@ config_conn() {
         config_get updown "$1" updown ""
         config_get firewall "$1" firewall ""
         config_get remote_subnet "$1" remote_subnet ""
-       config_get remote_sourceip "$1" remote_sourceip ""
         config_get lifetime "$1" lifetime ""
         config_get dpdaction "$1" dpdaction "none"
         config_get closeaction "$1" closeaction "none"
@@ -315,6 +313,7 @@ config_conn() {
                 swanctl_xappend4 "life_time = $(seconds2time $(((110 * $(time2seconds $rekeytime)) / 100)))"
         fi
         [ -n "$rekeytime" ] && swanctl_xappend4 "rekey_time = $rekeytime"
+       [ -n "$inactivity" ] && swanctl_xappend4 "inactivity = $inactivity"
  
         [ -n "$updown" ] && swanctl_xappend4 "updown = $updown"
         [ -n "$dpdaction" ] && swanctl_xappend4 "dpd_action = $dpdaction"
@@ -345,8 +344,6 @@ config_remote() {
         local dpddelay
         local inactivity
         local keyexchange
-       local reqid
-       local packet_marker
         local fragmentation
         local mobike
         local local_cert
@@ -368,8 +365,6 @@ config_remote() {
         config_get dpddelay "$1" dpddelay "30s"
         config_get inactivity "$1" inactivity
         config_get keyexchange "$1" keyexchange "ikev2"
-       config_get reqid "$1" reqid
-       config_get packet_marker "$1" packet_marker
         config_get fragmentation "$1" fragmentation "yes"
         config_get_bool mobike "$1" mobike 1
         config_get local_cert "$1" local_cert ""
@@ -508,14 +503,15 @@ do_preamble() {
         swanctl_xappend0 "# generated by /etc/init.d/swanctl"
  }
  
+append_interface() {
+       append interface_list "$1" " "
+}
+
  config_ipsec() {
-       local debug
         local rtinstall_enabled
-       local routing_tables_ignored
         local routing_table
         local routing_table_id
         local interface
-       local device_list
  
         config_get debug "$1" debug 0
         config_get_bool rtinstall_enabled "$1" rtinstall_enabled 1
@@ -532,7 +528,9 @@ config_ipsec() {
                 [ -n "$routing_table_id" ] && append routing_tables_ignored "$routing_table_id"
         done
  
-       local interface_list=$(config_get "$1" "interface")
+       local interface_list
+       config_list_foreach "$1" interface append_interface
+
         if [ -z "$interface_list" ]; then
                 WAIT_FOR_INTF=0
         else
@@ -569,6 +567,9 @@ prepare_env() {
         swanctl_reset
         do_preamble
  
+       # needed by do_postamble
+       local debug install_routes routing_tables_ignored device_list
+
         config_load ipsec
         config_foreach config_ipsec ipsec
         config_foreach config_remote remote
author	Philip Prindeville <philipp@redfish-solutions.com>
	Thu, 17 Jun 2021 06:18:46 +0000 (00:18 -0600)
committer	Philip Prindeville <philipp@redfish-solutions.com>
	Thu, 17 Jun 2021 15:46:55 +0000 (09:46 -0600)
net/strongswan/Makefile		patch \| blob \| history
net/strongswan/files/swanctl.init		patch \| blob \| history