From a783986cbc9e2dea5f2ccf4c429bdb634fd286a8 Mon Sep 17 00:00:00 2001 From: Philip Prindeville Date: Tue, 1 Jun 2021 20:13:14 -0600 Subject: [PATCH] strongswan: start charon directly from swanctl ipsec uses starter, and reads /etc/ipsec.conf (which then includes /var/ipsec/ipsec.conf, etc). This is overly complicated, and can be problematic if you're using both swanctl and ipsec for migration. Running charon directly from procd via the init.d script avoid all of this. Signed-off-by: Philip Prindeville --- net/strongswan/Makefile | 2 +- net/strongswan/files/swanctl.init | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/net/strongswan/Makefile b/net/strongswan/Makefile index f68bf1b98..09452d751 100644 --- a/net/strongswan/Makefile +++ b/net/strongswan/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=strongswan PKG_VERSION:=5.9.2 -PKG_RELEASE:=7 +PKG_RELEASE:=8 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/ diff --git a/net/strongswan/files/swanctl.init b/net/strongswan/files/swanctl.init index a1fb7c311..f83d11fc3 100644 --- a/net/strongswan/files/swanctl.init +++ b/net/strongswan/files/swanctl.init @@ -4,7 +4,7 @@ START=90 STOP=10 USE_PROCD=1 -PROG=/usr/lib/ipsec/starter +PROG=/usr/lib/ipsec/charon . $IPKG_INSTROOT/lib/functions.sh . $IPKG_INSTROOT/lib/functions/network.sh @@ -614,7 +614,7 @@ start_service() { procd_open_instance - procd_set_param command $PROG --daemon charon --nofork + procd_set_param command $PROG procd_set_param file $SWANCTL_CONF_FILE procd_append_param file /etc/swanctl/conf.d/*.conf