From 5ee1f53cb1190bae51e43e1469a3c89f380376ee Mon Sep 17 00:00:00 2001 From: Florian Fainelli Date: Wed, 28 Feb 2007 13:30:51 +0000 Subject: Add strongswan (#1330) git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6429 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- .../strongswan/patches/200-wakeup-showstatus.patch | 227 +++++++++++++++++++++ 1 file changed, 227 insertions(+) create mode 100644 package/strongswan/patches/200-wakeup-showstatus.patch (limited to 'package/strongswan/patches/200-wakeup-showstatus.patch') diff --git a/package/strongswan/patches/200-wakeup-showstatus.patch b/package/strongswan/patches/200-wakeup-showstatus.patch new file mode 100644 index 0000000000..2722282454 --- /dev/null +++ b/package/strongswan/patches/200-wakeup-showstatus.patch @@ -0,0 +1,227 @@ +diff -ruN strongswan-2.8.2-orig/programs/Makefile strongswan-2.8.2/programs/Makefile +--- strongswan-2.8.2-orig/programs/Makefile 2006-08-28 07:12:36.000000000 -0400 ++++ strongswan-2.8.2/programs/Makefile 2007-02-05 00:27:47.214280563 -0500 +@@ -22,7 +22,7 @@ + SUBDIRS+=_realsetup _secretcensor _startklips _updown _updown_espmark + SUBDIRS+=auto barf ipsec look manual ranbits secrets starter + SUBDIRS+=rsasigkey send-pr setup showdefaults showhostkey calcgoo mailkey +-SUBDIRS+=ikeping examples openac scepclient ++SUBDIRS+=ikeping examples openac scepclient _showstatus wakeup + + ifeq ($(USE_LWRES),true) + SUBDIRS+=lwdnsq +diff -ruN strongswan-2.8.2-orig/programs/_showstatus/Makefile strongswan-2.8.2/programs/_showstatus/Makefile +--- strongswan-2.8.2-orig/programs/_showstatus/Makefile 1969-12-31 19:00:00.000000000 -0500 ++++ strongswan-2.8.2/programs/_showstatus/Makefile 2007-02-05 00:31:11.380714322 -0500 +@@ -0,0 +1,22 @@ ++# Makefile for miscelaneous programs ++# Copyright (C) 2002 Michael Richardson ++# ++# This program is free software; you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by the ++# Free Software Foundation; either version 2 of the License, or (at your ++# option) any later version. See . ++# ++# This program is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++# for more details. ++# ++# RCSID $Id: Makefile,v 1.3 2006/04/17 06:48:49 as Exp $ ++ ++FREESWANSRCDIR=../.. ++include ${FREESWANSRCDIR}/Makefile.inc ++ ++PROGRAM=_showstatus ++PROGRAMDIR=${LIBDIR} ++ ++include ../Makefile.program +diff -ruN strongswan-2.8.2-orig/programs/_showstatus/_showstatus.8 strongswan-2.8.2/programs/_showstatus/_showstatus.8 +--- strongswan-2.8.2-orig/programs/_showstatus/_showstatus.8 1969-12-31 19:00:00.000000000 -0500 ++++ strongswan-2.8.2/programs/_showstatus/_showstatus.8 2007-02-05 00:36:00.650410824 -0500 +@@ -0,0 +1,23 @@ ++.TH _showstatus 8 "03 Feb 2007" ++.\" ++.\" RCSID $Id: _showstatus.8 ++.\" ++.SH NAME ++ipsec _showstatus \- give state feedback via led or other method ++.SH SYNOPSIS ++.I _showstatus ++is invoked by _updown to trigger led's, or other distribution ++or platform specific behavior. Presently, the SES button is ++supported as a status light on OpenWRT platforms. The button ++is configurable by environment variable: ++-B IPSEC_STATUS_LED_START ++defaults to ses_orange, and ++-B IPSEC_STATUS_LED_VALID ++defaults to ses_white. ++.SH "SEE ALSO" ++ipsec(8), ipsec_updown(8). ++.SH HISTORY ++Man page written for the Linux strongSwan project ++by Kevin Cody Jr. Original manpage for _updown by Michael Richardson. ++Original program written by Henry Spencer. Extended for the Linux strongSwan ++project by Andreas Steffen. +diff -ruN strongswan-2.8.2-orig/programs/_showstatus/_showstatus.in strongswan-2.8.2/programs/_showstatus/_showstatus.in +--- strongswan-2.8.2-orig/programs/_showstatus/_showstatus.in 1969-12-31 19:00:00.000000000 -0500 ++++ strongswan-2.8.2/programs/_showstatus/_showstatus.in 2007-02-05 00:55:56.563116192 -0500 +@@ -0,0 +1,70 @@ ++#! /bin/sh ++# ++# Copyright (C) 2007 Kevin Cody Jr. ++# ++# This program is free software; you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by the ++# Free Software Foundation; either version 2 of the License, or (at your ++# option) any later version. See . ++# ++# This program is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++# for more details. ++# ++# RCSID $Id: _showstatus.in ++ ++ ++LED_START=$IPSEC_STATUS_LED_START ++LED_VALID=$IPSEC_STATUS_LED_VALID ++ ++[ -z "$LED_START" ] && LED_START="ses_orange" ++[ -z "$LED_VALID" ] && LED_VALID="ses_white" ++ ++ ++setled() { ++ led=$1 ++ st=$2 ++ ++ [ -n "$led" -a -n "$st" ] || return ++ ++ if [ -w "/proc/diag/led/$led" ] ; then ++ echo "$st" > "/proc/diag/led/$led" ++ fi ++ ++ # integrate other led control methods here ++ ++} ++ ++ ++case "$1" in ++ 'start') ++ [ -n "$LED_VALID" ] && setled "$LED_START" 1 ++ [ -z "$LED_VALID" ] && setled "$LED_START" f ++ setled "$LED_VALID" 0 ++ ;; ++ 'stop') ++ setled "$LED_START" 0 ++ setled "$LED_VALID" 0 ++ ;; ++ 'valid') ++ setled "$LED_VALID" 1 ++ ;; ++ 'invalid') ++ setled "$LED_VALID" 0 ++ ;; ++ 'up') ++ [ -n "$LED_VALID" ] && setled "$LED_START" 0 ++ [ -z "$LED_VALID" ] && setled "$LED_START" 1 ++ setled "$LED_VALID" 1 ++ ;; ++ 'down') ++ [ -n "$LED_VALID" ] && setled "$LED_START" 1 ++ [ -z "$LED_VALID" ] && setled "$LED_START" f ++ setled "$LED_VALID" f ++ ;; ++ *) ++ echo "$0: unknown status $status" >&2 ++ ;; ++esac ++ +diff -ruN strongswan-2.8.2-orig/programs/wakeup/Makefile strongswan-2.8.2/programs/wakeup/Makefile +--- strongswan-2.8.2-orig/programs/wakeup/Makefile 1969-12-31 19:00:00.000000000 -0500 ++++ strongswan-2.8.2/programs/wakeup/Makefile 2007-02-05 00:28:03.960726309 -0500 +@@ -0,0 +1,22 @@ ++# Makefile for miscelaneous programs ++# Copyright (C) 2002 Michael Richardson ++# ++# This program is free software; you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by the ++# Free Software Foundation; either version 2 of the License, or (at your ++# option) any later version. See . ++# ++# This program is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++# for more details. ++# ++# RCSID $Id: Makefile,v 1.3 2006/04/17 06:48:49 as Exp $ ++ ++FREESWANSRCDIR=../.. ++include ${FREESWANSRCDIR}/Makefile.inc ++ ++PROGRAM=wakeup ++PROGRAMDIR=${LIBDIR} ++ ++include ../Makefile.program +diff -ruN strongswan-2.8.2-orig/programs/wakeup/wakeup.8 strongswan-2.8.2/programs/wakeup/wakeup.8 +--- strongswan-2.8.2-orig/programs/wakeup/wakeup.8 1969-12-31 19:00:00.000000000 -0500 ++++ strongswan-2.8.2/programs/wakeup/wakeup.8 2007-02-05 00:36:34.029298760 -0500 +@@ -0,0 +1,16 @@ ++.TH wakeup 8 "03 Feb 2007" ++.\" ++.\" RCSID $Id: wakeup.8 ++.\" ++.SH NAME ++ipsec wakeup \- stalled and down connection detection ++.SH SYNOPSIS ++.I wakeup ++is invoked by cron and checks ipsec status, whacking as necessary. ++.SH "SEE ALSO" ++ipsec(8), ipsec_whack(8). ++.SH HISTORY ++Man page written for the Linux strongSwan project ++by Kevin Cody Jr. Original manpage for _updown by Michael Richardson. ++Original program written by Henry Spencer. Extended for the Linux strongSwan ++project by Andreas Steffen. +diff -ruN strongswan-2.8.2-orig/programs/wakeup/wakeup.in strongswan-2.8.2/programs/wakeup/wakeup.in +--- strongswan-2.8.2-orig/programs/wakeup/wakeup.in 1969-12-31 19:00:00.000000000 -0500 ++++ strongswan-2.8.2/programs/wakeup/wakeup.in 2007-02-05 00:28:03.961726336 -0500 +@@ -0,0 +1,38 @@ ++#! /bin/sh ++# wakeup script ++# ++# Copyright (C) 2007 Kevin Cody Jr. ++# ++# This program is free software; you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by the ++# Free Software Foundation; either version 2 of the License, or (at your ++# option) any later version. See . ++# ++# This program is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++# for more details. ++# ++ ++# only applicable when ipsec is running ++[ -e /var/run/pluto.pid ] || exit ++ ++# loop through any erouted tunnels in the HOLD state ++for f in `ipsec status | awk '/erouted HOLD/{ print $2 }' | cut -f1 -d\: | cut -f2 -d\"` ; do ++ ++ # only whack if no pending events at all exists ++ ipsec status | grep STATE | grep -q $f || ++ ipsec whack --name $f --initiate --asynchronous ++ ++done ++ ++# loop through any tunnels that don't quite exist ++for f in `ipsec status | awk '/prospective erouted/{ print $2 }' | cut -f1 -d: | grep -v \# | cut -f2 -d\"` ; do ++ ++ ipsec status | grep STATE_QUICK | grep -q $f || { ++ ipsec status | grep STATE_MAIN | grep -q $f && ipsec down $f ++ ipsec up $f ++ } ++ ++done ++ -- cgit v1.2.3