[v2] IPsec: regenerate a swanctl config on connection startup if no config is found
Commit Message
This is an easy way to forcing a regenration if we do not want to change any setting.
Fixes: #11627
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
---
src/functions/functions.ipsec | 6 ++++++
1 file changed, 6 insertions(+)
Comments
Where is the change to the first patch?
Please state that in the commit message.
On Thu, 2018-03-08 at 09:09 +0000, Jonatan Schlag wrote:
> This is an easy way to forcing a regenration if we do not want to change any
> setting.
>
> Fixes: #11627
>
> Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
> ---
> src/functions/functions.ipsec | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec
> index 6f14c8e..d8206e0 100644
> --- a/src/functions/functions.ipsec
> +++ b/src/functions/functions.ipsec
> @@ -526,6 +526,12 @@ ipsec_connection_up() {
> return ${EXIT_ERROR}
> fi
>
> + if ! [ -f
> "${NETWORK_IPSEC_SWANCTL_CONNECTIONS_DIR}/${connection}.conf" ]; then
> + log DEBUG "Could not find a swanctl config, generating
> swanctl config"
> + ipsec_connection_to_strongswan "${connection}"
> + ipsec_strongswan_load
> + fi
> +
> cmd swanctl --initiate --child "${connection}"
> }
>
@@ -526,6 +526,12 @@ ipsec_connection_up() {
return ${EXIT_ERROR}
fi
+ if ! [ -f "${NETWORK_IPSEC_SWANCTL_CONNECTIONS_DIR}/${connection}.conf" ]; then
+ log DEBUG "Could not find a swanctl config, generating swanctl config"
+ ipsec_connection_to_strongswan "${connection}"
+ ipsec_strongswan_load
+ fi
+
cmd swanctl --initiate --child "${connection}"
}