Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

strongswan: add support for remote cacerts

Browse source 
Signed-off-by: Glen Huang <me@glenhuang.com>
This commit is contained in:
Glen Huang 2023-03-25 19:55:08 +08:00 committed by Tianling Shen
parent 08a0f7bb94
commit d347448ffb
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
net/strongswan/files/swanctl.init
View file

@ -434,6 +434,7 @@ config_connection() {
local local_key
local ca_cert
local rekeytime
local remote_ca_certs
local pools
config_get_bool enabled "$1" enabled 0
@ -458,6 +459,7 @@ config_connection() {
config_get overtime "$1" overtime
config_list_foreach "$1" local_sourceip append_var local_sourceip ","
config_list_foreach "$1" remote_ca_certs append_var remote_ca_certs ","
config_list_foreach "$1" pools append_var pools ","
case "$fragmentation" in
@ -529,6 +531,7 @@ config_connection() {
swanctl_xappend2 "remote {"
swanctl_xappend3 "auth = $auth_method"
[ -n "$remote_identifier" ] && swanctl_xappend3 "id = \"$remote_identifier\""
[ -n "$remote_ca_certs" ] && swanctl_xappend3 "cacerts = \"$remote_ca_certs\""
swanctl_xappend2 "}"
swanctl_xappend2 "children {"