[Openswan dev] _updown called with wrong PLUTO_VERB

hiren joshi joshihirenn at gmail.com
Mon Feb 2 05:27:05 EST 2009 

With reference to:
http://lists.openswan.org/pipermail/users/2009-January/016107.html

For openswan-2.4.x;
the following calls _updown with proper PLUTO_VERB
and exports four additional parameters:
PLUTO_MY_PROTOCOL PLUTO_MY_PORT PLUTO_PEER_PROTOCOL PLUTO_PEER_PORT.

--- programs/manual/manual.in.orig    Sun Jan 18 19:15:11 2009
+++ programs/manual/manual.in    Sun Jan 18 19:14:54 2009
@@ -322,10 +322,24 @@ awk '    BEGIN {
         }
         print "PLUTO_VERB=" verb verbsuf " " cmd " " suffix
     }
+    #split proto/port
+    function splitprotoport(k) {
+        if (k"protoport" in s) {
+            n = split (s[k"protoport"], str, "/")
+            s[k"proto"] = str[1]
+            s[k"port"] = (n > 1) ? (str[2] == "%any" ? 0 : str[2]) : 0
+        }
+        else {
+            set_os_default(k"proto","0")
+            set_os_default(k"port","0")
+        }
+    }
     END {
     #########
     if (failed)
         exit 1
+    splitprotoport("left")
+    splitprotoport("right")
     set_os_default("type", "tunnel")
     type = s["type"]
     shunt = 0
@@ -425,7 +439,7 @@ awk '    BEGIN {
         else if (s["right"] == me)
             me = s["left"]
     }
-    havesubnet = leftsubnet
+    havesubnet = s["leftsubnet"]
     if (s["right"] == me) {
         swap("")        # swaps "left" and "right"
         swap("subnet")
@@ -442,7 +456,7 @@ awk '    BEGIN {
         t = spil
         spil = spir
         spir = t
-        havesubnet = rightsubnet
+        havesubnet = s["rightsubnet"]
     }
     him = s["right"]

@@ -495,11 +509,16 @@ awk '    BEGIN {
     print "PLUTO_PEER_CLIENT=" s["rightsubnet"]
     print "PLUTO_PEER_CLIENT_NET=" s["rightnet"]
     print "PLUTO_PEER_CLIENT_MASK=" s["rightmask"]
+    print "PLUTO_MY_PROTOCOL=" s["leftproto"]
+    print "PLUTO_MY_PORT=" s["leftport"]
+    print "PLUTO_PEER_PROTOCOL=" s["rightproto"]
+    print "PLUTO_PEER_PORT=" s["rightport"]
     print "export PLUTO_VERSION PLUTO_CONNECTION PLUTO_NEXT_HOP"
     print "export PLUTO_INTERFACE PLUTO_ME PLUTO_MY_CLIENT"
     print "export PLUTO_MY_CLIENT_NET PLUTO_MY_CLIENT_MASK PLUTO_PEER"
     print "export PLUTO_PEER_CLIENT PLUTO_PEER_CLIENT_NET"
     print "export PLUTO_PEER_CLIENT_MASK"
+    print "export PLUTO_MY_PROTOCOL PLUTO_MY_PORT PLUTO_PEER_PROTOCOL
PLUTO_PEER_PORT"

     if (op == "--up") {
         print "{"

Regards,
hiren

On Thu, Jan 29, 2009 at 8:38 PM, hiren joshi <joshihirenn at gmail.com> wrote:

> Hello,
>
> When I manually make the following connection up (ipsec manual --up
> manual_keying),
> _updown script is being called with PLUTO_VERB="up-host" instead of
> PLUTO_VERB="up-client".
>
> config setup
>         interfaces="ipsec0=eth1 "
>         klipsdebug=none
>         plutodebug="none"
>         uniqueids=no
>         nat_traversal=yes
>         crlcheckinterval=3600
>         nhelpers=0
>
> conn %default
>         leftupdown=/usr/lib/ipsec/_updown
>         rightupdown=/usr/lib/ipsec/_updown
>
> conn manual_keying
>         leftsubnet=192.168.3.0/24
>         rightsubnet=192.168.2.0/24
>         type=tunnel
>         left=172.16.3.2
>         leftnexthop=172.16.3.1
>         right=172.16.1.11
>         spi=0x100
>         leftespspi=0x1111
>         rightespspi=0x2222
>         esp=des
>         leftespenckey=0x0123456789012345
>         rightespenckey=0x9876543210987654
>
> Any clue?
>
> Thanks for your time.
>
> Regards,
> hiren
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/dev/attachments/20090202/d1e0c2c5/attachment.html

More information about the Dev mailing list