strongswan: fix sharing of ipsec section variables

Variables set in config_ipsec() need to be shared with do_postamble() function, so change scoping to parent (prepare_env()). Also, remove unused settings like "remote_sourceip", "reqid", and "packet_marker". Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2021-06-17 00:18:46 -06:00 · 2021-06-17 00:18:46 -06:00 · 2ccd2665cb
commit 2ccd2665cb
parent bda9ae631e
2 changed files with 12 additions and 11 deletions
--- a/net/strongswan/Makefile
+++ b/net/strongswan/Makefile
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=strongswan
 PKG_VERSION:=5.9.2
-PKG_RELEASE:=8
+PKG_RELEASE:=9

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=https://download.strongswan.org/ https://download2.strongswan.org/
--- a/net/strongswan/files/swanctl.init
+++ b/net/strongswan/files/swanctl.init
@ -220,7 +220,6 @@ config_conn() {
 	local updown
 	local firewall
 	local remote_subnet
-	local remote_sourceip
 	local lifetime
 	local dpdaction
 	local closeaction
@ -234,7 +233,6 @@ config_conn() {
 	config_get updown "$1" updown ""
 	config_get firewall "$1" firewall ""
 	config_get remote_subnet "$1" remote_subnet ""
-	config_get remote_sourceip "$1" remote_sourceip ""
 	config_get lifetime "$1" lifetime ""
 	config_get dpdaction "$1" dpdaction "none"
 	config_get closeaction "$1" closeaction "none"
@ -315,6 +313,7 @@ config_conn() {
 		swanctl_xappend4 "life_time = $(seconds2time $(((110 * $(time2seconds $rekeytime)) / 100)))"
 	fi
 	[ -n "$rekeytime" ] && swanctl_xappend4 "rekey_time = $rekeytime"
+	[ -n "$inactivity" ] && swanctl_xappend4 "inactivity = $inactivity"

 	[ -n "$updown" ] && swanctl_xappend4 "updown = $updown"
 	[ -n "$dpdaction" ] && swanctl_xappend4 "dpd_action = $dpdaction"
@ -345,8 +344,6 @@ config_remote() {
 	local dpddelay
 	local inactivity
 	local keyexchange
-	local reqid
-	local packet_marker
 	local fragmentation
 	local mobike
 	local local_cert
@ -368,8 +365,6 @@ config_remote() {
 	config_get dpddelay "$1" dpddelay "30s"
 	config_get inactivity "$1" inactivity
 	config_get keyexchange "$1" keyexchange "ikev2"
-	config_get reqid "$1" reqid
-	config_get packet_marker "$1" packet_marker
 	config_get fragmentation "$1" fragmentation "yes"
 	config_get_bool mobike "$1" mobike 1
 	config_get local_cert "$1" local_cert ""
@ -508,14 +503,15 @@ do_preamble() {
 	swanctl_xappend0 "# generated by /etc/init.d/swanctl"
 }

+append_interface() {
+	append interface_list "$1" " "
+}
+
 config_ipsec() {
-	local debug
 	local rtinstall_enabled
-	local routing_tables_ignored
 	local routing_table
 	local routing_table_id
 	local interface
-	local device_list

 	config_get debug "$1" debug 0
 	config_get_bool rtinstall_enabled "$1" rtinstall_enabled 1
@ -532,7 +528,9 @@ config_ipsec() {
 		[ -n "$routing_table_id" ] && append routing_tables_ignored "$routing_table_id"
 	done

-	local interface_list=$(config_get "$1" "interface")
+	local interface_list
+	config_list_foreach "$1" interface append_interface
+
 	if [ -z "$interface_list" ]; then
 		WAIT_FOR_INTF=0
 	else
@ -569,6 +567,9 @@ prepare_env() {
 	swanctl_reset
 	do_preamble

+	# needed by do_postamble
+	local debug install_routes routing_tables_ignored device_list
+
 	config_load ipsec
 	config_foreach config_ipsec ipsec
 	config_foreach config_remote remote