Add ipsec.user.conf & secrets for user defined connections (e.g. XAUTH).
authorArne Fitzenreiter <arne_f@ipfire.org>
Sat, 26 Jun 2010 17:44:02 +0000 (19:44 +0200)
committerArne Fitzenreiter <arne_f@ipfire.org>
Sat, 26 Jun 2010 17:44:02 +0000 (19:44 +0200)
config/etc/ipsec.user.conf [new file with mode: 0644]
config/etc/ipsec.user.secrets [new file with mode: 0644]
config/rootfiles/common/stage2
config/rootfiles/common/strongswan
html/cgi-bin/vpnmain.cgi

diff --git a/config/etc/ipsec.user.conf b/config/etc/ipsec.user.conf
new file mode 100644 (file)
index 0000000..19f35db
--- /dev/null
@@ -0,0 +1,2 @@
+# user connections that should not overwritten by the webif
+#
diff --git a/config/etc/ipsec.user.secrets b/config/etc/ipsec.user.secrets
new file mode 100644 (file)
index 0000000..0e0858a
--- /dev/null
@@ -0,0 +1,2 @@
+# user secrets that should not overwritten by the webif
+#
index f542667..a7655e6 100644 (file)
@@ -15,6 +15,8 @@ etc/hddtemp.db
 etc/host.conf
 etc/inittab
 etc/inputrc
+#etc/ipsec.user.conf
+#etc/ipsec.user.secrets
 etc/issue
 etc/ld.so.conf
 etc/logrotate.conf
index 4367cd0..bd0f1de 100644 (file)
@@ -1,4 +1,5 @@
 etc/ipsec.conf
+etc/ipsec.user.conf
 #etc/ipsec.d
 etc/ipsec.d/aacerts
 etc/ipsec.d/acerts
@@ -9,6 +10,7 @@ etc/ipsec.d/ocspcerts
 etc/ipsec.d/private
 etc/ipsec.d/reqs
 etc/ipsec.secrets
+etc/ipsec.user.secrets
 etc/strongswan.conf
 #usr/lib/libcharon.a
 #usr/lib/libcharon.la
index 85bb713..2ed83f0 100644 (file)
@@ -289,6 +289,12 @@ sub writeipsecfiles {
     #print CONF "\tdisablearrivalcheck=no\n";
     print CONF "\n";
 
+    # Add user includes to config file
+    print CONF "include /etc/ipsec.user.conf\n";
+    print CONF "\n";
+
+    print SECRETS "include /etc/ipsec.user/secrets\n";
+
     if (-f "${General::swroot}/certs/hostkey.pem") {
         print SECRETS ": RSA ${General::swroot}/certs/hostkey.pem\n"
     }