PKG_NAME:=strongswan
PKG_VERSION:=5.9.1
-PKG_RELEASE:=4
+PKG_RELEASE:=5
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
define Package/strongswan/install
$(INSTALL_DIR) $(1)/etc
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/strongswan.conf $(1)/etc/
+ echo -e "\ninclude /var/ipsec/strongswan.conf" >> $(1)/etc/strongswan.conf
$(INSTALL_DIR) $(1)/usr/lib/ipsec
$(CP) $(PKG_INSTALL_DIR)/usr/lib/ipsec/libstrongswan.so.* $(1)/usr/lib/ipsec/
$(INSTALL_CONF) ./files/ipsec.secrets $(1)/etc/
+ echo -e "\ninclude /var/ipsec/ipsec.secrets" >> $(1)/etc/ipsec.secrets
$(INSTALL_CONF) ./files/ipsec.user $(1)/etc/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/ipsec.init $(1)/etc/init.d/ipsec
define Package/strongswan-ipsec/install
$(INSTALL_DIR) $(1)/etc/ $(1)/usr/sbin
$(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/ipsec.conf $(1)/etc/
+ echo -e "\ninclude /var/ipsec/ipsec.conf" >> $(1)/etc/ipsec.conf
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ipsec $(1)/usr/sbin/
endef
+define Package/strongswan-ipsec/postinst
+#!/bin/sh
+
+[ -z "$${IPKG_INSTROOT}" ] || exit 0
+
+opkg list-changed-conffiles | grep -qx /etc/ipsec.conf || {
+ rm -f /etc/ipsec.conf-opkg
+}
+endef
+
define Package/strongswan-pki/install
$(INSTALL_DIR) $(1)/etc/strongswan.d
$(CP) $(PKG_INSTALL_DIR)/etc/strongswan.d/pki.conf $(1)/etc/strongswan.d/
local file="$1"
shift
- echo "${@}" >> "${file}"
-}
-
-remove_include() {
- local file="$1"
- local include="$2"
-
- sed -i "\_${include}_d" "${file}"
-}
-
-remove_includes() {
- remove_include "${IPSEC_CONN_FILE}" "${IPSEC_VAR_CONN_FILE}"
- remove_include "${IPSEC_SECRETS_FILE}" "${IPSEC_VAR_SECRETS_FILE}"
- remove_include "${STRONGSWAN_CONF_FILE}" "${STRONGSWAN_VAR_CONF_FILE}"
-}
-
-do_include() {
- local conf="$1"
- local uciconf="$2"
- local backup=`mktemp -t -p /tmp/ ipsec-init-XXXXXX`
-
- [ ! -f "${conf}" ] && rm -rf "${conf}"
- touch "${conf}"
-
- cat "${conf}" | grep -v "${uciconf}" > "${backup}"
- mv "${backup}" "${conf}"
- xappend "${conf}" "include ${uciconf}"
- file_reset "${uciconf}"
+ echo "$@" >> "$file"
}
ipsec_reset() {
- do_include "${IPSEC_CONN_FILE}" "${IPSEC_VAR_CONN_FILE}"
+ file_reset "$IPSEC_VAR_CONN_FILE"
}
ipsec_xappend() {
- xappend "${IPSEC_VAR_CONN_FILE}" "$@"
+ xappend "$IPSEC_VAR_CONN_FILE" "$@"
}
swan_reset() {
- do_include "${STRONGSWAN_CONF_FILE}" "${STRONGSWAN_VAR_CONF_FILE}"
+ file_reset "$STRONGSWAN_VAR_CONF_FILE"
}
swan_xappend() {
- xappend "${STRONGSWAN_VAR_CONF_FILE}" "$@"
+ xappend "$STRONGSWAN_VAR_CONF_FILE" "$@"
}
secret_reset() {
- do_include "${IPSEC_SECRETS_FILE}" "${IPSEC_VAR_SECRETS_FILE}"
+ file_reset "$IPSEC_VAR_SECRETS_FILE"
}
secret_xappend() {
- xappend "${IPSEC_VAR_SECRETS_FILE}" "$@"
+ xappend "$IPSEC_VAR_SECRETS_FILE" "$@"
}
warning() {
[ -n "$remote_identifier" ] && ipsec_xappend " rightid=$remote_identifier"
[ -n "$local_updown" ] && ipsec_xappend " leftupdown=$local_updown"
[ -n "$remote_updown" ] && ipsec_xappend " rightupdown=$remote_updown"
- [ -n "$packet_marker" ] && ipsec_xappend " mark=$packet_marker"
+ [ -n "$packet_marker" ] && ipsec_xappend " mark=$packet_marker"
ipsec_xappend " keyexchange=$keyexchange"
set_crypto_proposal "$1"
ipsec_xappend ""
}
+do_preamble() {
+ ipsec_xappend "# generated by /etc/init.d/ipsec"
+ ipsec_xappend "version 2"
+ ipsec_xappend ""
+
+ secret_xappend "# generated by /etc/init.d/ipsec"
+}
+
config_ipsec() {
local debug
local rtinstall_enabled
secret_reset
swan_reset
- ipsec_xappend "# generated by /etc/init.d/ipsec"
- ipsec_xappend "version 2"
- ipsec_xappend ""
-
- secret_xappend "# generated by /etc/init.d/ipsec"
+ do_preamble
config_get debug "$1" debug 0
config_get_bool rtinstall_enabled "$1" rtinstall_enabled 1
prepare_env() {
mkdir -p /var/ipsec
- remove_includes
config_load ipsec
config_foreach config_ipsec ipsec
config_foreach config_remote remote
projects / feed / packages.git / commitdiff