[svn-upgrade] Integrating new upstream version, strongswan (4.1.3)

author: Rene Mayrhofer <rene@mayrhofer.eu.org> 2007-06-03 17:36:35 +0000
committer: Rene Mayrhofer <rene@mayrhofer.eu.org> 2007-06-03 17:36:35 +0000
commit: 08ee5250bd9c43fda5f24d10b791ca2c4c17fcee (patch)
tree: d4e2fc7144e288d624555a38955593e1ee066531 /src/starter/invokepluto.c
parent: b0d8ed94fe9e74afb49fdf5f11e4add29879c65c (diff)
download: vyos-strongswan-08ee5250bd9c43fda5f24d10b791ca2c4c17fcee.tar.gz
vyos-strongswan-08ee5250bd9c43fda5f24d10b791ca2c4c17fcee.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/starter/invokepluto.c b/src/starter/invokepluto.c
index 1b11b4a10..240d98391 100644
--- a/src/starter/invokepluto.c
+++ b/src/starter/invokepluto.c
@@ -216,7 +216,11 @@ starter_start_pluto (starter_config_t *cfg, bool debug)
 	    FILE *f;
 
 	    plog("no %s file, generating RSA key", SECRETS_FILE);
+	    seteuid(IPSEC_UID);
+	    setegid(IPSEC_GID);
 	    system("ipsec scepclient --out pkcs1 --out cert-self --quiet");
+	    seteuid(0);
+	    setegid(0);
 
 	    /* ipsec.secrets is root readable only */
 	    oldmask = umask(0066);
@@ -229,6 +233,7 @@ starter_start_pluto (starter_config_t *cfg, bool debug)
 		fprintf(f, ": RSA myKey.der\n");
 		fclose(f);
 	    }
+	    chown(SECRETS_FILE, IPSEC_UID, IPSEC_GID);
 	    umask(oldmask);
 	}
author	Rene Mayrhofer <rene@mayrhofer.eu.org>	2007-06-03 17:36:35 +0000
committer	Rene Mayrhofer <rene@mayrhofer.eu.org>	2007-06-03 17:36:35 +0000
commit	08ee5250bd9c43fda5f24d10b791ca2c4c17fcee (patch)
tree	d4e2fc7144e288d624555a38955593e1ee066531 /src/starter/invokepluto.c
parent	b0d8ed94fe9e74afb49fdf5f11e4add29879c65c (diff)
download	vyos-strongswan-08ee5250bd9c43fda5f24d10b791ca2c4c17fcee.tar.gz vyos-strongswan-08ee5250bd9c43fda5f24d10b791ca2c4c17fcee.zip