smeserver-libreswan/contribs10/smeserver-libreswan-remove-obsoletes.patch

diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup
--- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup       2018-06-21 14:38:06.078134549 +0200
+++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup   2018-06-21 14:39:00.708831748 +0200
@@ -34,7 +34,6 @@
         $OUT .= "    #klipsdebug=none\n";
         $OUT .= "    plutostderrlog=/var/log/pluto/pluto.log\n";
         $OUT .= "    dumpdir=/var/run/pluto/\n";
-        $OUT .= "    nat_traversal=yes\n";
 
         if ( $keepalive ne '' ) {
             $OUT .= "    keep-alive=$keepalive\n";
@@ -52,18 +51,27 @@
         foreach my $ipsecprop (@connections) {
 
             # Note that L2TPD needs the localsubnet in here
+            # Second thoughts I don't think it does
+            # Only when you have subnet <-> subnet
 
             my $ipsecstatus = $ipsecDB->get_prop( "$ipsecprop", 'status' ) || "disabled";
 
-            if ( $ipsecstatus eq 'enabled' ) {
+            my $ipsecrecord = $ipsecDB->get($ipsecprop);
+            my $type = $ipsecrecord->prop('type');
+
+            if ( $ipsecstatus eq 'enabled' && $type eq 'ipsec' ) {
+
                 my $rightsubnet = $ipsecDB->get_prop( "$ipsecprop", 'rightsubnet' );
 
+                unless ( $rightsubnet ) {
+                warn ("Warning $ipsecprop has no right subnet");
+                }
+
                 # Check if the network is a unique value
-                if ( !( $rightsubnet ~~ @subnetArr ) ) {
-                    print "$rightsubnet\n";
-                    
+                if ( $rightsubnet && !( $rightsubnet ~~ @subnetArr ) ) {
                     push( @subnetArr, $rightsubnet );
                 }
+
             }
 
         }    # End foreach
diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection
--- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection  2018-06-21 14:38:06.079134599 +0200
+++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection      2018-06-21 14:39:00.707831698 +0200
@@ -148,7 +148,8 @@
                            $ipsecDB->get_prop( $ipsecprop, 'forceencaps' )
                         || $configDB->get_prop( $dbKey, 'forceencaps' )
                         || 'no';
-                    $OUT .= "    forceencaps=$forceencaps\n";
+                    
+                    $OUT .= "    encapsulation=$forceencaps\n";
 
                     my $keyingtries =
                            $ipsecDB->get_prop( $ipsecprop, 'keyingtries' )
1	brianr	1.1	diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup
2			--- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2018-06-21 14:38:06.078134549 +0200
3			+++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2018-06-21 14:39:00.708831748 +0200
4			@@ -34,7 +34,6 @@
5			$OUT .= " #klipsdebug=none\n";
6			$OUT .= " plutostderrlog=/var/log/pluto/pluto.log\n";
7			$OUT .= " dumpdir=/var/run/pluto/\n";
8			- $OUT .= " nat_traversal=yes\n";
9
10			if ( $keepalive ne '' ) {
11			$OUT .= " keep-alive=$keepalive\n";
12			@@ -52,18 +51,27 @@
13			foreach my $ipsecprop (@connections) {
14
15			# Note that L2TPD needs the localsubnet in here
16			+ # Second thoughts I don't think it does
17			+ # Only when you have subnet <-> subnet
18
19			my $ipsecstatus = $ipsecDB->get_prop( "$ipsecprop", 'status' ) \|\| "disabled";
20
21			- if ( $ipsecstatus eq 'enabled' ) {
22			+ my $ipsecrecord = $ipsecDB->get($ipsecprop);
23			+ my $type = $ipsecrecord->prop('type');
24			+
25			+ if ( $ipsecstatus eq 'enabled' && $type eq 'ipsec' ) {
26			+
27			my $rightsubnet = $ipsecDB->get_prop( "$ipsecprop", 'rightsubnet' );
28
29			+ unless ( $rightsubnet ) {
30			+ warn ("Warning $ipsecprop has no right subnet");
31			+ }
32			+
33			# Check if the network is a unique value
34			- if ( !( $rightsubnet ~~ @subnetArr ) ) {
35			- print "$rightsubnet\n";
36			-
37			+ if ( $rightsubnet && !( $rightsubnet ~~ @subnetArr ) ) {
38			push( @subnetArr, $rightsubnet );
39			}
40			+
41			}
42
43			} # End foreach
44			diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection
45			--- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection 2018-06-21 14:38:06.079134599 +0200
46			+++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection 2018-06-21 14:39:00.707831698 +0200
47			@@ -148,7 +148,8 @@
48			$ipsecDB->get_prop( $ipsecprop, 'forceencaps' )
49			\|\| $configDB->get_prop( $dbKey, 'forceencaps' )
50			\|\| 'no';
51			- $OUT .= " forceencaps=$forceencaps\n";
52			+
53			+ $OUT .= " encapsulation=$forceencaps\n";
54
55			my $keyingtries =
56			$ipsecDB->get_prop( $ipsecprop, 'keyingtries' )