From 2ccd2665cbb31ff931123ee178380cb74ea38660 Mon Sep 17 00:00:00 2001 From: Philip Prindeville Date: Thu, 17 Jun 2021 00:18:46 -0600 Subject: [PATCH] strongswan: fix sharing of ipsec section variables Variables set in config_ipsec() need to be shared with do_postamble() function, so change scoping to parent (prepare_env()). Also, remove unused settings like "remote_sourceip", "reqid", and "packet_marker". Signed-off-by: Philip Prindeville --- net/strongswan/Makefile | 2 +- net/strongswan/files/swanctl.init | 21 +++++++++++---------- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile index 09452d751..42d7ec218 100644 --- a/net/strongswan/Makefile +++ b/net/strongswan/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=strongswan PKG_VERSION:=5.9.2 -PKG_RELEASE:=8 +PKG_RELEASE:=9 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/ diff --git a/net/strongswan/files/swanctl.init b/net/strongswan/files/swanctl.init index f83d11fc3..41d7dd5a2 100644 --- a/net/strongswan/files/swanctl.init +++ b/net/strongswan/files/swanctl.init @@ -220,7 +220,6 @@ config_conn() { local updown local firewall local remote_subnet - local remote_sourceip local lifetime local dpdaction local closeaction @@ -234,7 +233,6 @@ config_conn() { config_get updown "$1" updown "" config_get firewall "$1" firewall "" config_get remote_subnet "$1" remote_subnet "" - config_get remote_sourceip "$1" remote_sourceip "" config_get lifetime "$1" lifetime "" config_get dpdaction "$1" dpdaction "none" config_get closeaction "$1" closeaction "none" @@ -315,6 +313,7 @@ config_conn() { swanctl_xappend4 "life_time = $(seconds2time $(((110 * $(time2seconds $rekeytime)) / 100)))" fi [ -n "$rekeytime" ] && swanctl_xappend4 "rekey_time = $rekeytime" + [ -n "$inactivity" ] && swanctl_xappend4 "inactivity = $inactivity" [ -n "$updown" ] && swanctl_xappend4 "updown = $updown" [ -n "$dpdaction" ] && swanctl_xappend4 "dpd_action = $dpdaction" @@ -345,8 +344,6 @@ config_remote() { local dpddelay local inactivity local keyexchange - local reqid - local packet_marker local fragmentation local mobike local local_cert @@ -368,8 +365,6 @@ config_remote() { config_get dpddelay "$1" dpddelay "30s" config_get inactivity "$1" inactivity config_get keyexchange "$1" keyexchange "ikev2" - config_get reqid "$1" reqid - config_get packet_marker "$1" packet_marker config_get fragmentation "$1" fragmentation "yes" config_get_bool mobike "$1" mobike 1 config_get local_cert "$1" local_cert "" @@ -508,14 +503,15 @@ do_preamble() { swanctl_xappend0 "# generated by /etc/init.d/swanctl" } +append_interface() { + append interface_list "$1" " " +} + config_ipsec() { - local debug local rtinstall_enabled - local routing_tables_ignored local routing_table local routing_table_id local interface - local device_list config_get debug "$1" debug 0 config_get_bool rtinstall_enabled "$1" rtinstall_enabled 1 @@ -532,7 +528,9 @@ config_ipsec() { [ -n "$routing_table_id" ] && append routing_tables_ignored "$routing_table_id" done - local interface_list=$(config_get "$1" "interface") + local interface_list + config_list_foreach "$1" interface append_interface + if [ -z "$interface_list" ]; then WAIT_FOR_INTF=0 else @@ -569,6 +567,9 @@ prepare_env() { swanctl_reset do_preamble + # needed by do_postamble + local debug install_routes routing_tables_ignored device_list + config_load ipsec config_foreach config_ipsec ipsec config_foreach config_remote remote