Added methods to bio_reader_t to read data from end of buffer
[strongswan.git] / src / ipsec / _ipsec.in
1 #! @IPSEC_SHELL@
2 # prefix command to run stuff from our programs directory
3 # Copyright (C) 1998-2002  Henry Spencer.
4 # Copyright (C) 2006 Andreas Steffen
5 # Copyright (C) 2006 Martin Willi
6 #
7 # This program is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by the
9 # Free Software Foundation; either version 2 of the License, or (at your
10 # option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
11 #
12 # This program is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 # or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
15 # for more details.
16
17 # define a minimum PATH environment in case it is not set
18 PATH="/sbin:/bin:/usr/sbin:/usr/bin:@IPSEC_SBINDIR@"
19 export PATH
20
21 # name and version of the ipsec implementation
22 OS_NAME=`uname -s`
23 IPSEC_NAME="@IPSEC_NAME@"
24 IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`"
25
26 # where the private directory and the config files are
27 IPSEC_DIR="@IPSEC_DIR@"
28 IPSEC_SBINDIR="@IPSEC_SBINDIR@"
29 IPSEC_CONFDIR="@IPSEC_CONFDIR@"
30 IPSEC_PIDDIR="@IPSEC_PIDDIR@"
31 IPSEC_SCRIPT="@IPSEC_SCRIPT@"
32
33 IPSEC_STARTER_PID="${IPSEC_PIDDIR}/starter.pid"
34 IPSEC_CHARON_PID="${IPSEC_PIDDIR}/charon.pid"
35
36 IPSEC_STROKE="${IPSEC_DIR}/stroke"
37 IPSEC_STARTER="${IPSEC_DIR}/starter"
38
39 export IPSEC_DIR IPSEC_SBINDIR IPSEC_CONFDIR IPSEC_PIDDIR IPSEC_SCRIPT IPSEC_VERSION IPSEC_NAME IPSEC_STARTER_PID IPSEC_CHARON_PID
40
41 IPSEC_DISTRO="Institute for Internet Technologies and Applications\nUniversity of Applied Sciences Rapperswil, Switzerland"
42
43 case "$1" in
44 '')
45         echo "Usage: $IPSEC_SCRIPT command argument ..."
46         echo "Use --help for list of commands, or see $IPSEC_SCRIPT(8) manual "
47         echo "page or the $IPSEC_NAME documentation for names of the common "
48         echo "ones."
49         echo "See <http://www.strongswan.org> for more general info."
50         exit 0
51         ;;
52 --help)
53         echo "Usage: $IPSEC_SCRIPT command argument ..."
54         echo "where command is one of:"
55         echo "  start|restart  arguments..."
56         echo "  update|reload|stop"
57         echo "  up|down|route|unroute <connectionname>"
58         echo "  status|statusall [<connectionname>]"
59         echo "  listalgs|listpubkeys|listcerts [--utc]"
60         echo "  listcacerts|listaacerts|listocspcerts [--utc]"
61         echo "  listacerts|listgroups|listcainfos [--utc]"
62         echo "  listcrls|listocsp|listcards|listplugins|listall [--utc]"
63         echo "  leases [<poolname> [<address>]]"
64         echo "  rereadsecrets|rereadgroups"
65         echo "  rereadcacerts|rereadaacerts|rereadocspcerts"
66         echo "  rereadacerts|rereadcrls|rereadall"
67         echo "  purgeocsp|purgecrls|purgecerts|purgeike"
68         echo "  openac"
69         echo "  scepclient"
70         echo "  secrets"
71         echo "  starter"
72         echo "  version"
73         echo "  stroke"
74         echo
75         echo "Some of these functions have their own manual pages, e.g. ipsec_scepclient(8)."
76         exit 0
77         ;;
78 --versioncode)
79         echo "$IPSEC_VERSION"
80         exit 0
81         ;;
82 --directory)
83         echo "$IPSEC_DIR"
84         exit 0
85         ;;
86 --confdir)
87         echo "$IPSEC_CONFDIR"
88         exit 0
89         ;;
90 copyright|--copyright)
91         set _copyright
92         # and fall through, invoking "ipsec _copyright"
93         ;;
94 down)
95         shift
96         if [ "$#" -ne 1 ]
97         then
98             echo "Usage: $IPSEC_SCRIPT down <connection name>"
99             exit 2
100         fi
101         rc=7
102         if [ -e $IPSEC_CHARON_PID ]
103         then
104                 $IPSEC_STROKE down "$1"
105                 rc="$?"
106         fi
107         exit "$rc"
108         ;;
109 down-srcip)
110         shift
111         if [ "$#" -lt 1 ]
112         then
113             echo "Usage: $IPSEC_SCRIPT down-srcip <start> [<end>]"
114             exit 2
115         fi
116         rc=7
117         if [ -e $IPSEC_CHARON_PID ]
118         then
119                 $IPSEC_STROKE down-srcip $*
120                 rc="$?"
121         fi
122         exit "$rc"
123         ;;
124 listcards|rereadgroups)
125         op="$1"
126         shift
127         if [ -e $IPSEC_CHARON_PID ]
128         then
129                 exit 3
130         else
131                 exit 7
132         fi
133         ;;
134 leases)
135         op="$1"
136         rc=7
137         shift
138         if [ -e $IPSEC_CHARON_PID ]
139         then
140                 case "$#" in
141                 0) $IPSEC_STROKE "$op" ;;
142                 1) $IPSEC_STROKE "$op" "$1" ;;
143                 *) $IPSEC_STROKE "$op" "$1" "$2" ;;
144                 esac
145                 rc="$?"
146         fi
147         exit "$rc"
148         ;;
149 listalgs|listpubkeys|listplugins|\
150 listcerts|listcacerts|listaacerts|\
151 listacerts|listgroups|listocspcerts|\
152 listcainfos|listcrls|listocsp|listall|\
153 rereadsecrets|rereadcacerts|rereadaacerts|\
154 rereadacerts|rereadocspcerts|rereadcrls|\
155 rereadall|purgeocsp)
156         op="$1"
157         rc=7
158         shift
159         if [ -e $IPSEC_CHARON_PID ]
160         then
161                 $IPSEC_STROKE "$op" "$@"
162                 rc="$?"
163         fi
164         exit "$rc"
165         ;;
166 purgeike|purgecrls|purgecerts)
167         rc=7
168         if [ -e $IPSEC_CHARON_PID ]
169         then
170                 $IPSEC_STROKE "$1"
171                 rc="$?"
172         fi
173         exit "$rc"
174         ;;
175 reload)
176         rc=7
177         if [ -e $IPSEC_STARTER_PID ]
178         then
179                 echo "Reloading strongSwan IPsec configuration..." >&2
180                 kill -USR1 `cat $IPSEC_STARTER_PID` 2>/dev/null && rc=0
181         else
182                 echo "Reloading strongSwan IPsec failed: starter is not running" >&2
183         fi
184         exit "$rc"
185         ;;
186 restart)
187         $IPSEC_SBINDIR/$IPSEC_SCRIPT stop
188         sleep 2
189         shift
190         exec $IPSEC_SBINDIR/$IPSEC_SCRIPT start "$@"
191         ;;
192 route|unroute)
193         op="$1"
194         rc=7
195         shift
196         if [ "$#" -ne 1 ]
197         then
198                 echo "Usage: $IPSEC_SCRIPT $op <connection name>"
199                 exit 2
200         fi
201         if [ -e $IPSEC_CHARON_PID ]
202         then
203                 $IPSEC_STROKE "$op" "$1"
204                 rc="$?"
205         fi
206         exit "$rc"
207         ;;
208 secrets)
209         rc=7
210         if [ -e $IPSEC_CHARON_PID ]
211         then
212                 $IPSEC_STROKE rereadsecrets
213                 rc="$?"
214         fi
215         exit "$rc"
216         ;;
217 start)
218         shift
219         if [ -d /var/lock/subsys ]; then
220                 touch /var/lock/subsys/ipsec
221         fi
222         exec $IPSEC_STARTER "$@"
223         ;;
224 status|statusall)
225         op="$1"
226         # Return value is slightly different for the status command:
227         # 0 - service up and running
228         # 1 - service dead, but /var/run/  pid  file exists
229         # 2 - service dead, but /var/lock/ lock file exists
230         # 3 - service not running (unused)
231         # 4 - service status unknown :-(
232         # 5--199 reserved (5--99 LSB, 100--149 distro, 150--199 appl.)
233         shift
234         if [ $# -eq 0 ]
235         then
236                 if [ -e $IPSEC_CHARON_PID ]
237                 then
238                         $IPSEC_STROKE "$op"
239                 fi
240         else
241                 if [ -e $IPSEC_CHARON_PID ]
242                 then
243                         $IPSEC_STROKE "$op" "$1"
244                 fi
245         fi
246         if [ -e $IPSEC_STARTER_PID ]
247         then
248                 kill -0 `cat $IPSEC_STARTER_PID` 2>/dev/null
249                 exit $?
250         fi
251         exit 3
252         ;;
253 stop)
254         # stopping a not-running service is considered as success
255         if [ -e $IPSEC_STARTER_PID ]
256         then
257                 echo "Stopping strongSwan IPsec..." >&2
258                 spid=`cat $IPSEC_STARTER_PID`
259                 if [ -n "$spid" ]
260                 then
261                         kill $spid 2>/dev/null
262                         loop=11
263                         while [ $loop -gt 0 ] ; do
264                                 kill -0 $spid 2>/dev/null || break
265                                 sleep 1
266                                 loop=$(($loop - 1))
267                         done
268                         if [ $loop -eq 0 ]
269                         then
270                                 kill -KILL $spid 2>/dev/null
271                                 rm -f $IPSEC_STARTER_PID
272                         fi
273                 fi
274         else
275                 echo "Stopping strongSwan IPsec failed: starter is not running" >&2
276         fi
277         if [ -d /var/lock/subsys ]; then
278                 rm -f /var/lock/subsys/ipsec
279         fi
280         exit 0
281         ;;
282 up)
283         shift
284         if [ "$#" -ne 1 ]
285         then
286             echo "Usage: $IPSEC_SCRIPT up <connection name>"
287             exit 2
288         fi
289         rc=7
290         if [ -e $IPSEC_CHARON_PID ]
291         then
292                 $IPSEC_STROKE up "$1"
293                 rc="$?"
294         fi
295         exit "$rc"
296         ;;
297 update)
298         if [ -e $IPSEC_STARTER_PID ]
299         then
300                 echo "Updating strongSwan IPsec configuration..." >&2
301                 kill -HUP `cat $IPSEC_STARTER_PID`
302                 exit 0
303         else
304                 echo "Updating strongSwan IPsec failed: starter is not running" >&2
305                 exit 7
306         fi
307         ;;
308 version|--version)
309         printf "$OS_NAME $IPSEC_NAME $IPSEC_VERSION\n"
310         printf "$IPSEC_DISTRO\n"
311         printf "See '$IPSEC_SCRIPT --copyright' for copyright information.\n"
312         exit 0
313         ;;
314 --*)
315         echo "$0: unknown option \`$1' (perhaps command name was omitted?)" >&2
316         exit 2
317         ;;
318 esac
319
320 cmd="$1"
321 shift
322
323 path="$IPSEC_DIR/$cmd"
324
325 if [ ! -x "$path" ]
326 then
327     path="$IPSEC_DIR/$cmd"
328     if [ ! -x "$path" ]
329     then
330         echo "$0: unknown IPsec command \`$cmd' (\`$IPSEC_SCRIPT --help' for list)" >&2
331         exit 2
332     fi
333 fi
334
335 exec $path "$@"