X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=blobdiff_plain;f=src%2Fmisc-progs%2Fipsecctrl.c;h=eb3fc4984f22ccfe4e46a2f2f804a60bf4386559;hp=633004e2331d4d7044c77f4cf9d5f1dc82938a30;hb=8fcb92530e4ddd8146d0d82e380a161cc85413e4;hpb=360378014d0ba62c1ced4b204080f05c2a3de575

diff --git a/src/misc-progs/ipsecctrl.c b/src/misc-progs/ipsecctrl.c
index 633004e23..eb3fc4984 100644
--- a/src/misc-progs/ipsecctrl.c
+++ b/src/misc-progs/ipsecctrl.c
@@ -13,7 +13,9 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <signal.h>
+
 #include "setuid.h"
+#include "netutil.h"
 
 /*
     This module is responsible for start stop of the vpn system.
@@ -42,6 +44,14 @@ void usage() {
         fprintf (stderr, "\t\tI : Print Statusinfo\n");
 }
 
+static void ipsec_reload() {
+	/* Re-read all configuration files and secrets and
+	 * reload the daemon (#10339).
+	 */
+	safe_system("/usr/sbin/ipsec rereadall >/dev/null 2>&1");
+	safe_system("/usr/sbin/ipsec reload >/dev/null 2>&1");
+}
+
 /*
         ACCEPT the ipsec protocol ah, esp & udp (for nat traversal) on the specified interface
 */
@@ -144,8 +154,8 @@ void turn_connection_on(char *name, char *type) {
                 "/usr/sbin/ipsec down %s >/dev/null", name);
         safe_system(command);
 
-	// Reload the configuration into the daemon.
-	safe_system("/usr/sbin/ipsec reload >/dev/null 2>&1");
+	// Reload the configuration into the daemon (#10339).
+	ipsec_reload();
 
 	// Bring the connection up again.
 	snprintf(command, STRING_SIZE - 1,
@@ -169,7 +179,7 @@ void turn_connection_off (char *name) {
         safe_system(command);
 
 	// Reload, so the connection is dropped.
-        safe_system("/usr/sbin/ipsec reload >/dev/null 2>&1");
+	ipsec_reload();
 }
 
 int main(int argc, char *argv[]) {
@@ -193,7 +203,7 @@ int main(int argc, char *argv[]) {
         }
 
         if (strcmp(argv[1], "R") == 0) {
-                safe_system("/usr/sbin/ipsec reload >/dev/null 2>&1");
+		ipsec_reload();
                 exit(0);
         }