smeserver-libreswan/contribs10/smeserver-libreswan-remove-obsoletes.patch

diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup
--- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup       2018-06-21 14:38:06.078134549 +0200
+++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup   2018-06-21 14:39:00.708831748 +0200
@@ -34,7 +34,6 @@
         $OUT .= "    #klipsdebug=none\n";
         $OUT .= "    plutostderrlog=/var/log/pluto/pluto.log\n";
         $OUT .= "    dumpdir=/var/run/pluto/\n";
-        $OUT .= "    nat_traversal=yes\n";
 
         if ( $keepalive ne '' ) {
             $OUT .= "    keep-alive=$keepalive\n";
@@ -52,18 +51,27 @@
         foreach my $ipsecprop (@connections) {
 
             # Note that L2TPD needs the localsubnet in here
+            # Second thoughts I don't think it does
+            # Only when you have subnet <-> subnet
 
             my $ipsecstatus = $ipsecDB->get_prop( "$ipsecprop", 'status' ) || "disabled";
 
-            if ( $ipsecstatus eq 'enabled' ) {
+            my $ipsecrecord = $ipsecDB->get($ipsecprop);
+            my $type = $ipsecrecord->prop('type');
+
+            if ( $ipsecstatus eq 'enabled' && $type eq 'ipsec' ) {
+
                 my $rightsubnet = $ipsecDB->get_prop( "$ipsecprop", 'rightsubnet' );
 
+                unless ( $rightsubnet ) {
+                warn ("Warning $ipsecprop has no right subnet");
+                }
+
                 # Check if the network is a unique value
-                if ( !( $rightsubnet ~~ @subnetArr ) ) {
-                    print "$rightsubnet\n";
-                    
+                if ( $rightsubnet && !( $rightsubnet ~~ @subnetArr ) ) {
                     push( @subnetArr, $rightsubnet );
                 }
+
             }
 
         }    # End foreach
diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection
--- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection  2018-06-21 14:38:06.079134599 +0200
+++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection      2018-06-21 14:39:00.707831698 +0200
@@ -148,7 +148,8 @@
                            $ipsecDB->get_prop( $ipsecprop, 'forceencaps' )
                         || $configDB->get_prop( $dbKey, 'forceencaps' )
                         || 'no';
-                    $OUT .= "    forceencaps=$forceencaps\n";
+                    
+                    $OUT .= "    encapsulation=$forceencaps\n";
 
                     my $keyingtries =
                            $ipsecDB->get_prop( $ipsecprop, 'keyingtries' )
1	diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup
2	--- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2018-06-21 14:38:06.078134549 +0200
3	+++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.conf/10Setup 2018-06-21 14:39:00.708831748 +0200
4	@@ -34,7 +34,6 @@
5	$OUT .= " #klipsdebug=none\n";
6	$OUT .= " plutostderrlog=/var/log/pluto/pluto.log\n";
7	$OUT .= " dumpdir=/var/run/pluto/\n";
8	- $OUT .= " nat_traversal=yes\n";
9
10	if ( $keepalive ne '' ) {
11	$OUT .= " keep-alive=$keepalive\n";
12	@@ -52,18 +51,27 @@
13	foreach my $ipsecprop (@connections) {
14
15	# Note that L2TPD needs the localsubnet in here
16	+ # Second thoughts I don't think it does
17	+ # Only when you have subnet <-> subnet
18
19	my $ipsecstatus = $ipsecDB->get_prop( "$ipsecprop", 'status' ) \|\| "disabled";
20
21	- if ( $ipsecstatus eq 'enabled' ) {
22	+ my $ipsecrecord = $ipsecDB->get($ipsecprop);
23	+ my $type = $ipsecrecord->prop('type');
24	+
25	+ if ( $ipsecstatus eq 'enabled' && $type eq 'ipsec' ) {
26	+
27	my $rightsubnet = $ipsecDB->get_prop( "$ipsecprop", 'rightsubnet' );
28
29	+ unless ( $rightsubnet ) {
30	+ warn ("Warning $ipsecprop has no right subnet");
31	+ }
32	+
33	# Check if the network is a unique value
34	- if ( !( $rightsubnet ~~ @subnetArr ) ) {
35	- print "$rightsubnet\n";
36	-
37	+ if ( $rightsubnet && !( $rightsubnet ~~ @subnetArr ) ) {
38	push( @subnetArr, $rightsubnet );
39	}
40	+
41	}
42
43	} # End foreach
44	diff -ruN smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection
45	--- smeserver-libreswan-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection 2018-06-21 14:38:06.079134599 +0200
46	+++ smeserver-libreswan-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/10Connection 2018-06-21 14:39:00.707831698 +0200
47	@@ -148,7 +148,8 @@
48	$ipsecDB->get_prop( $ipsecprop, 'forceencaps' )
49	\|\| $configDB->get_prop( $dbKey, 'forceencaps' )
50	\|\| 'no';
51	- $OUT .= " forceencaps=$forceencaps\n";
52	+
53	+ $OUT .= " encapsulation=$forceencaps\n";
54
55	my $keyingtries =
56	$ipsecDB->get_prop( $ipsecprop, 'keyingtries' )