From patchwork Thu Mar 8 20:08:22 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jonatan Schlag X-Patchwork-Id: 1694 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.i.ipfire.org (Postfix) with ESMTP id C23556095C for ; Thu, 8 Mar 2018 10:08:28 +0100 (CET) X-Virus-Scanned: ClamAV at mail01.ipfire.org X-Spam-Flag: NO X-Spam-Score: -1.1 X-Spam-Level: X-Spam-Status: No, score=-1.1 tagged_above=-999 required=5 tests=[ALL_TRUSTED=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=disabled Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id BEA80108C382; Thu, 8 Mar 2018 09:08:27 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520500107; x=1523092107; bh=rm1iq0IMKnog9Ae4LRRofGJjOwJO3QuBpl+wtmHOkmw=; h=From:To:Subject:Date:Message-Id:Sender:From:To:Cc:Date: Content-Type:Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=MWvKkMJoVVRc8zTCkPmo2OFcEqndexPSqywOfnetQxeRNEjrGIKjWDxfg/2Z7Yzyd E5z/7ARDb0zL5a0nxd6EADOPm3DXgNDleFfS5TsAfb/TtBBZLxs9eVdAd/fOLvyvE/ fKbN+ViBQuhx4/4xulX0eK3f5GIKuehfyNoRneMv3F+rCbqinE0zLmnVbvRJiQr6mZ Lx72gsrk81mWxJkRbKPnibuWf5F+F9q8K1v/qZpDqQLWoAd1vTkwGs2kLuKPlgn7p0 qZHlTgRoZWy/UcrUBVRCqtTUhNXw2YYtH40m1L+/YQFMhyiM6eJbCxGgk63pGk9+O0 TDlh3UnjUFPyg== X-Virus-Scanned: ClamAV at mail01.ipfire.org Received: from localhost.localdomain (dslb-088-073-193-081.088.073.pools.vodafone-ip.de [88.73.193.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 15EF0108C382; Thu, 8 Mar 2018 09:08:24 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520500105; x=1523092105; bh=rm1iq0IMKnog9Ae4LRRofGJjOwJO3QuBpl+wtmHOkmw=; h=From:To:Cc:Subject:Date:Message-Id:From:To:Cc:Date:Content-Type: Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=HA1piLCsNpuYTs7jXKOR+K4jXc9is6EAumeHbS3/2nChOD2DCdKOrFVD4q2DKC2t3 sANt+aFsicUV6uM8WfK1MJP5mfBtzfftXtLnfJZMdFALta80fPqXsKBGwuNr0GbfNK MSrM2CexNhADlKQKBmBM4PxTVEeesWJPr/Qjkq7SuFaL9dKB/bYGwDQLYrAWhIeED7 KUyJXCuR/EruCTvgj59bnp+mNXfTqPmdiukcXnIgBpfBeePgGfCndt2vvbHBUoOn6l 1u8hBdVHp+lWK7hmPLfnPlyCrdEKL+4VG6bv3zvha9D/CbQA5KSak3AWSvaYHDkOkY 5KRt9V/ZPvGbA== From: Jonatan Schlag To: network@lists.ipfire.org Subject: [PATCH] IPsec: regenerate a swanctl config on connection startup if config is found Date: Thu, 8 Mar 2018 09:08:22 +0000 Message-Id: <1520500102-5317-1-git-send-email-jonatan.schlag@ipfire.org> X-Mailer: git-send-email 2.6.3 X-BeenThere: network@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List for the network package List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: network-bounces@lists.ipfire.org Sender: "network" This is an easy way to forcing a regenration if we do not want to change any setting. Fixes: #11627 Signed-off-by: Jonatan Schlag --- src/functions/functions.ipsec | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec index 6f14c8e..d8206e0 100644 --- a/src/functions/functions.ipsec +++ b/src/functions/functions.ipsec @@ -526,6 +526,12 @@ ipsec_connection_up() { return ${EXIT_ERROR} fi + if ! [ -f "${NETWORK_IPSEC_SWANCTL_CONNECTIONS_DIR}/${connection}.conf" ]; then + log DEBUG "Could not find a swanctl config, generating swanctl config" + ipsec_connection_to_strongswan "${connection}" + ipsec_strongswan_load + fi + cmd swanctl --initiate --child "${connection}" }