diff options
author | Jeff Leung <jleung@v10networks.ca> | 2015-11-04 21:43:44 -0800 |
---|---|---|
committer | Jeff Leung <jleung@v10networks.ca> | 2015-11-04 21:43:44 -0800 |
commit | bb0034b11cbb5797e5a3e820fd7c9416964f91eb (patch) | |
tree | b676cffaf46c978c9b76f01e08bec64ae38c0e3e /scripts/vpn-config.pl | |
parent | 8aa86bf3a045c51bae264a5716dd3d9c1063411e (diff) | |
download | vyatta-cfg-vpn-bb0034b11cbb5797e5a3e820fd7c9416964f91eb.tar.gz vyatta-cfg-vpn-bb0034b11cbb5797e5a3e820fd7c9416964f91eb.zip |
Allow the user to include a custom ipsec.secrets file.
This may be useful for scenarios where a user prefers to use an ECDSA key
or implement an xauth IPSec RA server without having to code for the VyOS/EdgeOS
platform.
Diffstat (limited to 'scripts/vpn-config.pl')
-rwxr-xr-x | scripts/vpn-config.pl | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/scripts/vpn-config.pl b/scripts/vpn-config.pl index dd14446..a238d20 100755 --- a/scripts/vpn-config.pl +++ b/scripts/vpn-config.pl @@ -1119,12 +1119,19 @@ if ($vcVPN->exists('ipsec')) { # Include a custom configuration file # my $custom_include = $vcVPN->returnValue("ipsec include-ipsec-conf"); + my $custom_secrets = $vcVPN->returnValue("ipsec include-ipsec-secrets"); if (defined($custom_include)) { if ( ! -e $custom_include ) { vpn_die(["vpn","ipsec","include-ipsec-conf"],"$vpn_cfg_err The specified file for inclusion inside ipsec.conf does not exist."); } $genout .= "\ninclude $custom_include"; } + if (defined($custom_secrets)) { + if ( ! -e $custom_secrets) { + vpn_die(["vpn","ipsec","include-ipsec-secrets"],"$vpn_cfg_err The specified file for inclusion inside ipsec.secrets does not exist."); + } + $genout_secrets .= "\ninclude $custom_secrets\n"; + } if (-e '/etc/dmvpn.conf') { $genout .= "\ninclude /etc/dmvpn.conf\n"; } |