From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jonatan Schlag <jonatan.schlag@ipfire.org>
To: network@lists.ipfire.org
Subject: [PATCH] IPsec: regenerate a swanctl config on connection startup if
 config is found
Date: Thu, 08 Mar 2018 09:08:22 +0000
Message-ID: <1520500102-5317-1-git-send-email-jonatan.schlag@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============5622174022449891039=="
List-Id: <network.lists.ipfire.org>

--===============5622174022449891039==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This is an easy way to forcing a regenration if we do not want to change any =
setting.

Fixes: #11627

Signed-off-by: Jonatan Schlag <jonatan.schlag(a)ipfire.org>
---
 src/functions/functions.ipsec | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec
index 6f14c8e..d8206e0 100644
--- a/src/functions/functions.ipsec
+++ b/src/functions/functions.ipsec
@@ -526,6 +526,12 @@ ipsec_connection_up() {
 		return ${EXIT_ERROR}
 	fi
=20
+	if ! [ -f "${NETWORK_IPSEC_SWANCTL_CONNECTIONS_DIR}/${connection}.conf" ]; =
then
+		log DEBUG "Could not find a swanctl config, generating swanctl config"
+		ipsec_connection_to_strongswan "${connection}"
+		ipsec_strongswan_load
+	fi
+
 	cmd swanctl --initiate --child "${connection}"
 }
=20
--=20
2.6.3


--===============5622174022449891039==--