diff options
Diffstat (limited to 'programs/_plutoload')
-rw-r--r-- | programs/_plutoload/.cvsignore | 1 | ||||
-rw-r--r-- | programs/_plutoload/Makefile | 43 | ||||
-rw-r--r-- | programs/_plutoload/_plutoload.8 | 33 | ||||
-rwxr-xr-x | programs/_plutoload/_plutoload.in | 164 |
4 files changed, 241 insertions, 0 deletions
diff --git a/programs/_plutoload/.cvsignore b/programs/_plutoload/.cvsignore new file mode 100644 index 000000000..cbcf7e699 --- /dev/null +++ b/programs/_plutoload/.cvsignore @@ -0,0 +1 @@ +_plutoload diff --git a/programs/_plutoload/Makefile b/programs/_plutoload/Makefile new file mode 100644 index 000000000..af9ffee18 --- /dev/null +++ b/programs/_plutoload/Makefile @@ -0,0 +1,43 @@ +# Makefile for miscelaneous programs +# Copyright (C) 2002 Michael Richardson <mcr@freeswan.org> +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 2 of the License, or (at your +# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# for more details. +# +# RCSID $Id: Makefile,v 1.1 2004/03/15 20:35:27 as Exp $ + +FREESWANSRCDIR=../.. +include ${FREESWANSRCDIR}/Makefile.inc + +PROGRAM=_plutoload +PROGRAMDIR=${LIBDIR} + +include ../Makefile.program + +# +# $Log: Makefile,v $ +# Revision 1.1 2004/03/15 20:35:27 as +# added files from freeswan-2.04-x509-1.5.3 +# +# Revision 1.3 2002/08/02 16:01:19 mcr +# moved user visible programs to $PREFIX/libexec, while moving +# private files to $PREFIX/lib. +# +# Revision 1.2 2002/06/02 22:02:14 mcr +# changed TOPDIR->FREESWANSRCDIR in all Makefiles. +# (note that linux/net/ipsec/Makefile uses TOPDIR because this is the +# kernel sense.) +# +# Revision 1.1 2002/04/24 07:55:32 mcr +# #include patches and Makefiles for post-reorg compilation. +# +# +# + diff --git a/programs/_plutoload/_plutoload.8 b/programs/_plutoload/_plutoload.8 new file mode 100644 index 000000000..ba421b6c3 --- /dev/null +++ b/programs/_plutoload/_plutoload.8 @@ -0,0 +1,33 @@ +.TH _PLUTOLOAD 8 "25 Apr 2002" +.\" +.\" RCSID $Id: _plutoload.8,v 1.1 2004/03/15 20:35:27 as Exp $ +.\" +.SH NAME +ipsec _plutoload \- internal script to start pluto +.SH DESCRIPTION +.I _plutoload +is called by +.B _plutorun +to actually start the pluto executable. +.SH "SEE ALSO" +ipsec(8), ipsec_setup(8), ipsec__realsetup(8), ipsec__plutorun(8) +.SH HISTORY +Man page written for the Linux FreeS/WAN project <http://www.freeswan.org/> +by Michael Richardson. Original program by Henry Spencer. +.\" +.\" $Log: _plutoload.8,v $ +.\" Revision 1.1 2004/03/15 20:35:27 as +.\" added files from freeswan-2.04-x509-1.5.3 +.\" +.\" Revision 1.2 2002/04/29 22:39:31 mcr +.\" added basic man page for all internal commands. +.\" +.\" Revision 1.1 2002/04/26 01:21:43 mcr +.\" while tracking down a missing (not installed) /etc/ipsec.conf, +.\" MCR has decided that it is not okay for each program subdir to have +.\" some subset (determined with -f) of possible files. +.\" Each subdir that defines $PROGRAM, MUST have a PROGRAM.8 file as well as a PROGRAM file. +.\" Optional PROGRAM.5 files have been added to the makefiles. +.\" +.\" +.\" diff --git a/programs/_plutoload/_plutoload.in b/programs/_plutoload/_plutoload.in new file mode 100755 index 000000000..73841197d --- /dev/null +++ b/programs/_plutoload/_plutoload.in @@ -0,0 +1,164 @@ +#!/bin/sh +# Pluto database-loading script +# Copyright (C) 1998, 1999, 2001 Henry Spencer. +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 2 of the License, or (at your +# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY +# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License +# for more details. +# +# RCSID $Id: _plutoload.in,v 1.2 2004/03/31 16:15:10 as Exp $ +# +# exit status is 13 for protocol violation, that of Pluto otherwise + +me='ipsec _plutoload' # for messages + +for dummy +do + case "$1" in + --load) plutoload="$2" ; shift ;; + --start) plutostart="$2" ; shift ;; + --wait) plutowait="$2" ; shift ;; + --post) postpluto="$2" ; shift ;; + --) shift ; break ;; + -*) echo "$me: unknown option \`$1'" >&2 ; exit 2 ;; + *) break ;; + esac + shift +done + +# load ca information +eval `ipsec _confread --varprefix PLUTO --type ca --search auto add start` +if test " $PLUTO_confreadstatus" != " " +then + echo "auto=add/start search: $PLUTO_confreadstatus" + echo "unable to determine what ca information to add -- adding none" + caload= +else + caload="$PLUTO_confreadnames" +fi + +# searches, if needed +# the way the searches were done ensures plutoload >= plutoroute >= plutostart + +# search for things to "ipsec auto --add": auto in "add" "route" "start" +eval `ipsec _confread --varprefix PLUTO --search auto add route start` +if test " $PLUTO_confreadstatus" != " " +then + echo "auto=add/route/start search: $PLUTO_confreadstatus" + echo "unable to determine what conns to add -- adding none" + plutoload= +else + plutoload="$PLUTO_confreadnames" +fi + +# search for things to "ipsec auto --route": auto in "route" "start" +eval `ipsec _confread --varprefix PLUTO --search auto route start` +if test " $PLUTO_confreadstatus" != " " +then + echo "auto=route/start search: $PLUTO_confreadstatus" + echo "unable to determine what conns to route -- routing none" + plutoroute= +else + plutoroute="$PLUTO_confreadnames" +fi + +# search for things to "ipsec auto --up": auto in "start" +eval `ipsec _confread --varprefix PLUTO --search auto start` +if test " $PLUTO_confreadstatus" != " " +then + echo "auto=start search: $PLUTO_confreadstatus" + echo "unable to determine what conns to start -- starting none" + plutostart= +else + plutostart="$PLUTO_confreadnames" +fi + +# await Pluto's readiness (not likely to be an issue, but...) +eofed=y +while read saying +do + case "$saying" in + 'Pluto initialized') eofed= ; break ;; # NOTE BREAK OUT + *) echo "pluto unexpectedly said \`$saying'" ;; + esac +done +if test "$eofed" +then + echo "pluto died unexpectedly!?!" + exit 13 +fi + +# ca database load +for tu in $caload +do + ipsec auto --type ca --add $tu || + echo "...could not add ca \"$tu\"" +done + +# conn database load +for tu in $plutoload +do + ipsec auto --add $tu || + echo "...could not add conn \"$tu\"" +done + +# enable listening +ipsec auto --ready + +# execute any post-startup cleanup +if test " $postpluto" != " " +then + $postpluto + st=$? + if test " $st" -ne 0 + then + echo "...postpluto command exited with status $st" + fi +fi + +# quickly establish routing +for tu in $plutoroute +do + ipsec auto --route $tu || + echo "...could not route conn \"$tu\"" +done + +# tunnel initiation, which may take a while +async= +if test " $plutowait" = " no" +then + async="--asynchronous" +fi +for tu in $plutostart +do + ipsec auto --up $async $tu || + echo "...could not start conn \"$tu\"" +done + +# report any further utterances, and watch for exit status +eofed=y +while read saying +do + case "$saying" in + exit) eofed= ; break ;; # NOTE BREAK OUT + *) echo "pluto unexpectedly says \`$saying'" ;; + esac +done +if test "$eofed" +then + echo "pluto died without exit status!?!" + exit 13 +fi +if read status +then + exit $status +else + echo "pluto yielded no exit status!?!" + exit 13 +fi |