From fa33d8306ac46cc3e9893b1f1caf08cf46080a6e Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Fri, 4 Aug 2017 21:39:43 +0000 Subject: [PATCH] ipsec: Properly shut down connections when destroyed Signed-off-by: Michael Tremer --- src/functions/functions.ipsec | 24 ++++++++++++++++++++---- src/functions/functions.util | 6 ++++++ 2 files changed, 26 insertions(+), 4 deletions(-) diff --git a/src/functions/functions.ipsec b/src/functions/functions.ipsec index d75d920d..702527dd 100644 --- a/src/functions/functions.ipsec +++ b/src/functions/functions.ipsec @@ -94,7 +94,7 @@ cli_ipsec_connection() { ipsec_connection_new $@ ;; destroy) - ipsec_connection_destroy $@ + cli_ipsec_connection_destroy $@ ;; ""|*) if [ -n "${action}" ]; then @@ -106,6 +106,20 @@ cli_ipsec_connection() { fi } +cli_ipsec_connection_destroy() { + local connection="${1}" + + if ! ipsec_connection_destroy "${connection}"; then + return ${EXIT_ERROR} + fi + + # Inform strongswan about the changes + ipsec_strongswan_load + + # Configure strongswan autostart + ipsec_strongswan_autostart +} + cli_ipsec_connection_show() { local connection="${1}" @@ -1022,14 +1036,16 @@ ipsec_connection_destroy() { fi log DEBUG "Deleting VPN IPsec connection ${connection}" + + # Delete strongswan configuration file + file_delete "${NETWORK_IPSEC_SWANCTL_CONNECTIONS_DIR}/${connection}.conf" + if ! rm -rf "${NETWORK_IPSEC_CONNS_DIR}/${connection}"; then log ERROR "Deleting the VPN IPsec connection ${connection} was not sucessful" return ${EXIT_ERROR} fi - done - # Configure strongswan autostart - ipsec_strongswan_autostart + done } # List all ipsec connections diff --git a/src/functions/functions.util b/src/functions/functions.util index 91601de6..d1e2a92b 100644 --- a/src/functions/functions.util +++ b/src/functions/functions.util @@ -211,6 +211,12 @@ fappend() { print "%s" "$@" >> ${file} 2>/dev/null } +file_delete() { + local file=${1} + + unlink "${file}" 2>/dev/null +} + file_exists() { local file=${1} -- 2.39.2