diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2006-05-22 06:41:59 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2006-05-22 06:41:59 +0000 |
| commit | c6d4f7459c3436c6e629a6b1fcd7f73bcaeca790 (patch) | |
| tree | ceeffc0a0897427a5c42733da1d9d46992f303f7 /debian/strongswan.config | |
| parent | 4769e2f961d2930ffcc6cfa5b1561548e4ea552c (diff) | |
| download | vyos-strongswan-c6d4f7459c3436c6e629a6b1fcd7f73bcaeca790.tar.gz vyos-strongswan-c6d4f7459c3436c6e629a6b1fcd7f73bcaeca790.zip | |
- s/openswan/strongswan/g
- s/Openswan/strongSwan/g
But basically manually. Is certainly incomplete right now.
Diffstat (limited to 'debian/strongswan.config')
| -rw-r--r-- | debian/strongswan.config | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/debian/strongswan.config b/debian/strongswan.config new file mode 100644 index 000000000..e779a2ab1 --- /dev/null +++ b/debian/strongswan.config @@ -0,0 +1,57 @@ +#!/bin/sh -e + +. /usr/share/debconf/confmodule + +db_input medium openswan/start_level || true + +db_input medium openswan/restart || true + +db_input high openswan/enable-oe || true + +db_input high openswan/create_rsa_key || true +db_go || true + +db_get openswan/create_rsa_key +if [ "$RET" = "true" ]; then + db_input high openswan/rsa_key_type || true + db_go || true + + db_get openswan/rsa_key_type + if [ "$RET" = "plain" ]; then + # create just a plain RSA keypair + db_input medium openswan/rsa_key_length || true + db_go || true + else + # extract the RSA keypair from a x509 certificate + db_input high openswan/existing_x509_certificate || true + db_go || true + + # create a new certificate + db_input medium openswan/rsa_key_length || true + db_input high openswan/x509_self_signed || true + # we can't allow the country code to be empty - openssl will + # refuse to create a certificate this way + countrycode="" + while [ -z "$countrycode" ]; do + db_input medium openswan/x509_country_code || true + db_go || true + db_get openswan/x509_country_code + countrycode="$RET" + done + db_input medium openswan/x509_state_name || true + db_input medium openswan/x509_locality_name || true + db_input medium openswan/x509_organization_name || true + db_input medium openswan/x509_organizational_unit || true + db_input medium openswan/x509_common_name || true + db_input medium openswan/x509_email_address || true + db_go || true + fi +else + db_get openswan/existing_x509_certificate + if [ "$RET" = "true" ]; then + # existing certificate - use it + db_input critical openswan/existing_x509_certificate_filename || true + db_input critical openswan/existing_x509_key_filename || true + db_go || true + fi +fi |