From patchwork Thu Mar 8 20:09:02 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jonatan Schlag X-Patchwork-Id: 1695 Return-Path: Received: from mail01.ipfire.org (mail01.ipfire.org [IPv6:2001:470:7183:25::1]) by web02.i.ipfire.org (Postfix) with ESMTP id 6B5696095C for ; Thu, 8 Mar 2018 10:09:10 +0100 (CET) X-Virus-Scanned: ClamAV at mail01.ipfire.org X-Spam-Flag: NO X-Spam-Score: -1.1 X-Spam-Level: X-Spam-Status: No, score=-1.1 tagged_above=-999 required=5 tests=[ALL_TRUSTED=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=disabled Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 7CFA3108C382; Thu, 8 Mar 2018 09:09:09 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520500149; x=1523092149; bh=rm1iq0IMKnog9Ae4LRRofGJjOwJO3QuBpl+wtmHOkmw=; h=From:To:Subject:Date:Message-Id:Sender:From:To:Cc:Date: Content-Type:Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=DoiW8MulbkjxAB7DofoYEnn0CjKLlr+trelIR8Za+5K6nwpnJ6/02pg6Xg7uU98ux 6f1rsfr29yYR++Cn/wZiqJ/J1UPDGWScWoZhBZxki7yqcNgjxn/CcpRLV7V9LGfDQW /Xcg7MGkDfRwTdYnjpwyfx0HMf/ZGHaEmNdHSVTYmTVIF691SH2WRbA2j2wDlzWcqE 5YFtpYfke80fNs2wvnB2ALYT/uWdC3PIDo9UJgl9ZrhbK+Ge6UFUO9ap2pt44kTKJj 08ga3nvJTsIse8qJjdsTzEPEhcSO6niLwal6fESyxzGVF3T//Ss0A6+r+BKLHtcOoD kcrlXCvT99K5Q== X-Virus-Scanned: ClamAV at mail01.ipfire.org Received: from localhost.localdomain (dslb-088-073-193-081.088.073.pools.vodafone-ip.de [88.73.193.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id BEED4108C382; Thu, 8 Mar 2018 09:09:07 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520500147; x=1523092147; bh=rm1iq0IMKnog9Ae4LRRofGJjOwJO3QuBpl+wtmHOkmw=; h=From:To:Cc:Subject:Date:Message-Id:From:To:Cc:Date:Content-Type: Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=ut+SJ+Wy0Mzcz2uxpYoEKHbVrFsX5oL4a0W5st5IEQL9L3MBLRJaeta+tQH8yLkgj a2qDgm0ugWuStcVFpWzYl6WsDHwWsZAaW5ZFj0N8Domw0O2mB6uq7UunjC2leKkDcu 9K7o+tEvRHA503/M6AlwHftnk8Pqj2YSNgH6wQQXffbugd0G8YanxqNAipFbhquzL9 qiM2Dm1ui8HT7koaK5WIITDywGPxJ7DGIlfXST1UAVmJGX8lQQcqwiP//brC8yiVhh 5fEHDeojIMPIRsEeHMqnn+FUe02lndlMak5YRy257H4fGKkBLlVGIcw/fK237exaJo kCKHSFpKcgubw== From: Jonatan Schlag To: network@lists.ipfire.org Subject: [PATCH v2] IPsec: regenerate a swanctl config on connection startup if no config is found Date: Thu, 8 Mar 2018 09:09:02 +0000 Message-Id: <1520500142-5362-1-git-send-email-jonatan.schlag@ipfire.org> X-Mailer: git-send-email 2.6.3 X-BeenThere: network@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List for the network package List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: network-bounces@lists.ipfire.org Sender: "network" This is an easy way to forcing a regenration if we do not want to change any setting. Fixes: #11627 Signed-off-by: Jonatan Schlag --- src/functions/functions.ipsec | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec index 6f14c8e..d8206e0 100644 --- a/src/functions/functions.ipsec +++ b/src/functions/functions.ipsec @@ -526,6 +526,12 @@ ipsec_connection_up() { return ${EXIT_ERROR} fi + if ! [ -f "${NETWORK_IPSEC_SWANCTL_CONNECTIONS_DIR}/${connection}.conf" ]; then + log DEBUG "Could not find a swanctl config, generating swanctl config" + ipsec_connection_to_strongswan "${connection}" + ipsec_strongswan_load + fi + cmd swanctl --initiate --child "${connection}" }