NETWORK_HELPERS_DIR=/usr/lib/network/helpers
NETWORK_TRIGGERS_DIR=/usr/lib/network/triggers
NETWORK_SHARE_DIR=/usr/share/network
+NETWORK_CACHE_DIR=/var/cache/network
NETWORK_IPSEC_CONNS_DIR="${NETWORK_CONFIG_DIR}/vpn/ipsec/connections"
NETWORK_IPSEC_SWANCTL_CONNECTIONS_DIR="/etc/swanctl/connections"
assert isset file
shift
- if [ ! -w "${file}" ]; then
+ if [ -e "${file}" ] && [ ! -w "${file}" ]; then
log ERROR "${file}: No such file"
return ${EXIT_ERROR}
fi
print "%s" "$@" >> ${file} 2>/dev/null
}
+file_exists() {
+ local file=${1}
+
+ [ -e "${file}" ] && return ${EXIT_TRUE} || return ${EXIT_FALSE}
+}
+
+file_is_newer_than() {
+ local file1="${1}"
+ local file2="${2}"
+
+ local age1=$(file_get_age "${file1}")
+ local age2=$(file_get_age "${file2}")
+
+ if [ ${age1} -gt ${age2} ]; then
+ return ${EXIT_TRUE}
+ else
+ return ${EXIT_FALSE}
+ fi
+}
+
+file_get_age() {
+ local file="${1}"
+
+ if [ -e "${file}" ]; then
+ stat --format="%Y" "${file}"
+ return $?
+ fi
+
+ return ${EXIT_ERROR}
+}
+
make_parent_dir() {
local path="${1}"
vpn_security_policies_make_ah_proposal() {
local name=${1}
+ if ! vpn_security_policy_exists ${name}; then
+ return ${EXIT_ERROR}
+ fi
+
+ local config_path="$(vpn_security_policies_path ${name})"
+ local cache_path="${NETWORK_CACHE_DIR}/vpn/security-policies/${name}/ah-proposal"
+
+ # Get data from cache if possible
+ if file_exists "${cache_path}" && ! file_is_newer_than "${config_path}" "${cache_path}"; then
+ fread "${cache_path}"
+ return ${EXIT_OK}
+ fi
+
+ # No or invalid cache data found
+ local proposal=$(_vpn_security_policies_make_ah_proposal "${name}")
+
+ # Write proposal to cache
+ if ! make_parent_dir "${cache_path}" || ! fwrite "${cache_path}" "${proposal}"; then
+ log WARNING "Could not write to cache: ${cache_path}"
+ fi
+
+ print "${proposal}"
+}
+
+_vpn_security_policies_make_ah_proposal() {
+ local name=${1}
+
# Read the config settings
local ${VPN_SECURITY_POLICIES_CONFIG_SETTINGS}
if ! vpn_security_policies_read_config "${name}"; then
vpn_security_policies_make_esp_proposal() {
local name=${1}
+ if ! vpn_security_policy_exists ${name}; then
+ return ${EXIT_ERROR}
+ fi
+
+ local config_path="$(vpn_security_policies_path ${name})"
+ local cache_path="${NETWORK_CACHE_DIR}/vpn/security-policies/${name}/esp-proposal"
+
+ # Get data from cache if possible
+ if file_exists "${cache_path}" && ! file_is_newer_than "${config_path}" "${cache_path}"; then
+ fread "${cache_path}"
+ return ${EXIT_OK}
+ fi
+
+ # No or invalid cache data found
+ local proposal=$(_vpn_security_policies_make_esp_proposal "${name}")
+
+ # Write proposal to cache
+ if ! make_parent_dir "${cache_path}" || ! fwrite "${cache_path}" "${proposal}"; then
+ log WARNING "Could not write to cache: ${cache_path}"
+ fi
+
+ print "${proposal}"
+}
+
+_vpn_security_policies_make_esp_proposal() {
+ local name=${1}
+
# Read the config settings
local ${VPN_SECURITY_POLICIES_CONFIG_SETTINGS}
if ! vpn_security_policies_read_config "${name}"; then