debug info on preshared secrets
[strongswan.git] / src / ipsec / ipsec.in
1 #! /bin/sh
2 # prefix command to run stuff from our programs directory
3 # Copyright (C) 1998-2002  Henry Spencer.
4 # Copyright (C) 2006 Andreas Steffen
5 # Copyright (C) 2006 Martin Willi 
6
7 # This program is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by the
9 # Free Software Foundation; either version 2 of the License, or (at your
10 # option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
11
12 # This program is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 # or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
15 # for more details.
16 #
17 # RCSID $Id: ipsec.in,v 1.13 2006/03/09 20:09:33 as Exp $
18
19 # name and version of the ipsec implementation
20 IPSEC_NAME="@IPSEC_NAME@"
21 IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`"
22
23 # where the private directory and the config files are
24 IPSEC_DIR="@IPSEC_DIR@"
25 IPSEC_SBINDIR="@IPSEC_SBINDIR@"
26 IPSEC_CONFDIR="@IPSEC_CONFDIR@"
27 IPSEC_PIDDIR="@IPSEC_PIDDIR@"
28
29 IPSEC_STARTER_PID="${IPSEC_PIDDIR}/starter.pid"
30 IPSEC_PLUTO_PID="${IPSEC_PIDDIR}/pluto.pid"
31 IPSEC_CHARON_PID="${IPSEC_PIDDIR}/charon.pid"
32
33 IPSEC_WHACK="${IPSEC_DIR}/whack"
34 IPSEC_STROKE="${IPSEC_DIR}/stroke"
35 IPSEC_STARTER="${IPSEC_DIR}/starter"
36
37 export IPSEC_DIR IPSEC_SBINDIR IPSEC_CONFDIR IPSEC_PIDDIR IPSEC_VERSION IPSEC_NAME IPSEC_STARTER_PID IPSEC_PLUTO_PID IPSEC_CHARON_PID
38
39 IPSEC_DISTRO="Institute for Internet Technologies and Applications\nUniversity of Applied Sciences Rapperswil, Switzerland"
40
41 case "$1" in
42 '')
43         echo "Usage: ipsec command argument ..."
44         echo "Use --help for list of commands, or see ipsec(8) manual page"
45         echo "or the $IPSEC_NAME documentation for names of the common ones."
46         echo "Most have their own manual pages, e.g. ipsec_auto(8)."
47         echo "See <http://www.strongswan.org> for more general info."
48         exit 0
49         ;;
50 --help)
51         echo "Usage: ipsec command argument ..."
52         echo "where command is one of:"
53         echo "  start|restart  arguments..."
54         echo "  update|reload|stop"
55         echo "  up|down|route|unroute <connectionname>"
56         echo "  status|statusall [<connectionname>]"
57         echo "  ready"
58         echo "  listalgs|listpubkeys|listcerts [--utc]"
59         echo "  listcacerts|listaacerts|listocspcerts [--utc]"
60         echo "  listacerts|listgroups|listcainfos [--utc]"
61         echo "  listcrls|listocsp|listcards|listall [--utc]"
62         echo "  rereadsecrets|rereadgroups"
63         echo "  rereadcacerts|rereadaacerts|rereadocspcerts"
64         echo "  rereadacerts|rereadcrls|rereadall"
65         echo "  purgeocsp"
66         echo "  scencrypt|scdecrypt <value> [--inbase <base>] [--outbase <base>] [--keyid <id>]"
67         echo "  barf"
68         echo "  openac"
69         echo "  pluto"
70         echo "  scepclient"
71         echo "  secrets"
72         echo "  starter"
73         echo "  version"
74         echo "  whack"
75         echo "  stroke"
76         echo
77         echo "Some of these functions have their own manual pages, e.g. ipsec_scepclient(8)."
78         exit 0
79         ;;
80 --versioncode)
81         echo "$IPSEC_VERSION"
82         exit 0
83         ;;
84 --directory)
85         echo "$IPSEC_DIR"
86         exit 0
87         ;;
88 --confdir)
89         echo "$IPSEC_CONFDIR"
90         exit 0
91         ;;
92 copyright|--copyright)
93         set _copyright
94         # and fall through, invoking "ipsec _copyright"
95         ;;
96 down)
97         shift
98         if [ "$#" -ne 1 ]
99         then
100             echo "Usage: ipsec down <connection name>"
101             exit 1
102         fi
103         if test -e $IPSEC_PLUTO_PID
104         then
105                 $IPSEC_WHACK --name "$1" --terminate
106         fi
107         if test -e $IPSEC_CHARON_PID
108         then
109                 $IPSEC_STROKE down "$1"
110         fi
111         exit 0
112         ;;
113 listalgs|listpubkeys|\listcards|\
114 rereadsecrets|rereadgroups)
115         op="$1"
116         shift
117         if test -e $IPSEC_PLUTO_PID
118         then
119                 $IPSEC_WHACK "$@" "--$op"
120         fi
121         exit 0
122         ;;
123 listcerts|listcacerts|listaacerts|\
124 listacerts|listgroups|listocspcerts|\
125 listcainfos|listcrls|listocsp|listall|\
126 rereadcacerts|rereadaacerts|rereadacerts|\
127 rereadocspcerts|rereadcrls|\
128 rereadall|purgeocsp)
129         op="$1"
130         shift
131         if test -e $IPSEC_PLUTO_PID
132         then
133                 $IPSEC_WHACK "$@" "--$op"
134         fi
135         if test -e $IPSEC_CHARON_PID
136         then
137                 $IPSEC_STROKE "$op" "$@"
138         fi
139         exit 0
140         ;;
141 ready)
142         shift
143         if test -e $IPSEC_PLUTO_PID
144         then
145                 $IPSEC_WHACK --listen
146         fi
147         exit 0
148         ;;
149 reload)
150         if test -e $IPSEC_STARTER_PID 
151         then
152             echo "Reloading strongSwan IPsec configuration..." >&2
153             kill -s USR1 `cat $IPSEC_STARTER_PID`
154         else
155             echo "ipsec starter is not running" >&2
156         fi
157         exit 0
158         ;;
159 restart)
160         $IPSEC_SBINDIR/ipsec stop
161         sleep 2
162         shift
163         $IPSEC_SBINDIR/ipsec start "$@"
164         exit 0
165         ;;
166 route|unroute)
167         op="$1"
168         shift
169         if [ "$#" -ne 1 ]
170         then
171             echo "Usage: ipsec $op <connection name>"
172             exit 1
173         fi
174         if test -e $IPSEC_PLUTO_PID
175         then
176                 $IPSEC_WHACK --name "$1" "--$op"
177         fi
178         if test -e $IPSEC_CHARON_PID
179         then
180                 $IPSEC_STROKE "$op" "$1"
181         fi
182         exit 0
183         ;;
184 scencrypt|scdecrypt)
185         op="$1"
186         shift
187         if test -e $IPSEC_PLUTO_PID
188         then
189                 $IPSEC_WHACK "--$op" "$@"
190         fi
191         exit 0
192         ;;
193 secrets)
194         if test -e $IPSEC_PLUTO_PID
195         then
196                 $IPSEC_WHACK --rereadsecrets
197         fi
198         exit 0
199         ;;
200 start)
201         shift
202         exec $IPSEC_STARTER "$@"
203         ;;
204 status|statusall)
205         op="$1"
206         shift
207         if test $# -eq 0
208         then
209                 if test -e $IPSEC_PLUTO_PID
210                 then
211                         $IPSEC_WHACK "--$op"
212                 fi
213                 if test -e $IPSEC_CHARON_PID
214                 then
215                         $IPSEC_STROKE "$op"
216                 fi
217         else
218                 if test -e $IPSEC_PLUTO_PID
219                 then
220                         $IPSEC_WHACK --name "$1" "--$op"
221                 fi
222                 if test -e $IPSEC_CHARON_PID
223                 then
224                         $IPSEC_STROKE "$op" "$1"
225                 fi
226         fi
227         exit 0
228         ;;
229 stop)
230         if test -e $IPSEC_STARTER_PID 
231         then
232             echo "Stopping strongSwan IPsec..." >&2
233             kill `cat $IPSEC_STARTER_PID`
234         else
235             echo "ipsec starter is not running" >&2
236         fi
237         exit 0
238         ;;
239 up)
240         shift
241         if [ "$#" -ne 1 ]
242         then
243             echo "Usage: ipsec up <connection name>"
244             exit 1
245         fi
246         if test -e $IPSEC_PLUTO_PID
247         then
248                 $IPSEC_WHACK --name "$1" --initiate
249         fi
250         if test -e $IPSEC_CHARON_PID
251         then
252             $IPSEC_STROKE up "$1"
253         fi
254         exit 0
255         ;;
256 update)
257         if test -e $IPSEC_STARTER_PID 
258         then
259                 echo "Updating strongSwan IPsec configuration..." >&2
260                 kill -s HUP `cat $IPSEC_STARTER_PID`
261         else
262                 echo "ipsec starter is not running" >&2
263         fi
264         exit 0
265         ;;
266 version|--version)
267         echo "Linux $IPSEC_NAME $IPSEC_VERSION"
268         echo -e $IPSEC_DISTRO
269         echo "See \`ipsec --copyright' for copyright information."
270         exit 0
271         ;;
272 --*)
273         echo "$0: unknown option \`$1' (perhaps command name was omitted?)" >&2
274         exit 1
275         ;;
276 esac
277
278 cmd="$1"
279 shift
280
281 path="$IPSEC_DIR/$cmd"
282
283 if test ! -x "$path" 
284 then
285     path="$IPSEC_DIR/$cmd"
286     if test ! -x "$path"
287     then
288         echo "$0: unknown IPsec command \`$cmd' (\`ipsec --help' for list)" >&2
289         exit 1
290     fi
291 fi
292
293 exec $path "$@"