From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jonatan Schlag To: network@lists.ipfire.org Subject: [PATCH] ipsec-pool: do not delete a pool when this pool is used by a connection Date: Thu, 24 Aug 2017 12:12:15 +0200 Message-ID: <1503569535-5228-1-git-send-email-jonatan.schlag@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3641488668237458470==" List-Id: --===============3641488668237458470== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Fixes: #11448 Signed-off-by: Jonatan Schlag --- src/functions/functions.ipsec-pool | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/src/functions/functions.ipsec-pool b/src/functions/functions.ips= ec-pool index e5da518..f7d73f6 100644 --- a/src/functions/functions.ipsec-pool +++ b/src/functions/functions.ipsec-pool @@ -219,6 +219,27 @@ ipsec_pool_new() { fi } =20 +ipsec_pool_is_in_use() { + [ $# -eq 1 ] + local pool=3D"${1}" + + for connection in $(ipsec_list_connections); do + local POOLS + + if ! ipsec_connection_read_config "${connection}" "POOLS"; then + log WARNING "Could not read configuration" + continue + fi + + if list_match "${pool}" ${POOLS}; then + return ${EXIT_TRUE} + break + fi + done + + return ${EXIT_FALSE} +} + # Function that deletes based on the passed parameters # one ore more vpn ipsec pools ipsec_pool_destroy() { @@ -229,6 +250,11 @@ ipsec_pool_destroy() { continue fi =20 + if ipsec_pool_is_in_use "${pool}"; then + log ERROR "The VPN IPsec pool is in use an can thats why not deleted" + return ${EXIT_ERROR} + fi + if [ -f "${NETWORK_IPSEC_SWANCTL_POOLS_DIR}/${pool}.conf" ]; then if ! file_delete "${NETWORK_IPSEC_SWANCTL_POOLS_DIR}/${pool}.conf"; then # We going on here to delete at least the configuration directory --=20 2.6.3 --===============3641488668237458470==--