diff --git a/net/vpnc/Makefile b/net/vpnc/Makefile index c6bcdf38c..147bca93f 100644 --- a/net/vpnc/Makefile +++ b/net/vpnc/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=vpnc PKG_REV:=550 PKG_VERSION:=0.5.3.r$(PKG_REV) -PKG_RELEASE:=4 +PKG_RELEASE:=5 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://svn.unix-ag.uni-kl.de/vpnc/trunk/ diff --git a/net/vpnc/files/vpnc.sh b/net/vpnc/files/vpnc.sh index c408d78ae..971b823b8 100755 --- a/net/vpnc/files/vpnc.sh +++ b/net/vpnc/files/vpnc.sh @@ -28,6 +28,7 @@ proto_vpnc_init_config() { proto_config_add_int "dpd_idle" proto_config_add_string "auth_mode" proto_config_add_string "target_network" + proto_config_add_boolean "authfail" no_device=1 available=1 } @@ -35,7 +36,7 @@ proto_vpnc_init_config() { proto_vpnc_setup() { local config="$1" - json_get_vars server username hexpasswd authgroup password token_mode token_secret interface passgroup hexpassgroup domain vendor natt_mode dh_group pfs enable_single_des enable_no_enc mtu local_addr local_port udp_port dpd_idle auth_mode target_network + json_get_vars server username hexpasswd authgroup password token_mode token_secret interface passgroup hexpassgroup domain vendor natt_mode dh_group pfs enable_single_des enable_no_enc mtu local_addr local_port udp_port dpd_idle auth_mode target_network authfail grep -q tun /proc/modules || insmod tun @@ -90,6 +91,17 @@ proto_vpnc_teardown() { pwfile="/var/etc/vpnc-$config.conf" + json_get_var authfail authfail + # On error exit (vpnc only has success = 0 and error = 1, so + # we can't be fine-grained and say only auth error) + # and authfail setting true, then don't retry starting vpnc + # This is used for the case were the server blocks repeated + # failed authentication attempts (which will occur if the password + # is wrong, for example). + if [ ${ERROR:-0} -gt 0 ] && [ "${authfail:-0}" -gt 0 ]; then + proto_block_restart "$config" + fi + rm -f $pwfile logger -t vpnc "bringing down vpnc" proto_kill_command "$config" 2