src/ipsec/ipsec.in

   1 #! /bin/sh
   2 # prefix command to run stuff from our programs directory
   3 # Copyright (C) 1998-2002  Henry Spencer.
   4 # Copyright (C) 2006 Andreas Steffen
   5 # Copyright (C) 2006 Martin Willi
   6 #
   7 # This program is free software; you can redistribute it and/or modify it
   8 # under the terms of the GNU General Public License as published by the
   9 # Free Software Foundation; either version 2 of the License, or (at your
  10 # option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  11 #
  12 # This program is distributed in the hope that it will be useful, but
  13 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  14 # or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  15 # for more details.
  16 #
  17 # RCSID $Id: ipsec.in,v 1.13 2006/03/09 20:09:33 as Exp $
  18
  19 # name and version of the ipsec implementation
  20 IPSEC_NAME="@IPSEC_NAME@"
  21 IPSEC_VERSION="U@IPSEC_VERSION@/K`uname -r`"
  22
  23 # where the private directory and the config files are
  24 IPSEC_DIR="@IPSEC_DIR@"
  25 IPSEC_SBINDIR="@IPSEC_SBINDIR@"
  26 IPSEC_CONFDIR="@IPSEC_CONFDIR@"
  27 IPSEC_PIDDIR="@IPSEC_PIDDIR@"
  28
  29 IPSEC_STARTER_PID="${IPSEC_PIDDIR}/starter.pid"
  30 IPSEC_PLUTO_PID="${IPSEC_PIDDIR}/pluto.pid"
  31 IPSEC_CHARON_PID="${IPSEC_PIDDIR}/charon.pid"
  32
  33 IPSEC_WHACK="${IPSEC_DIR}/whack"
  34 IPSEC_STROKE="${IPSEC_DIR}/stroke"
  35 IPSEC_STARTER="${IPSEC_DIR}/starter"
  36
  37 export IPSEC_DIR IPSEC_SBINDIR IPSEC_CONFDIR IPSEC_PIDDIR IPSEC_VERSION IPSEC_NAME IPSEC_STARTER_PID IPSEC_PLUTO_PID IPSEC_CHARON_PID
  38
  39 IPSEC_DISTRO="Institute for Internet Technologies and Applications\n
  40               University of Applied Sciences Rapperswil, Switzerland"
  41
  42 case "$1" in
  43 '')
  44         echo "Usage: ipsec command argument ..."
  45         echo "Use --help for list of commands, or see ipsec(8) manual page"
  46         echo "or the $IPSEC_NAME documentation for names of the common ones."
  47         echo "Most have their own manual pages, e.g. ipsec_auto(8)."
  48         echo "See <http://www.strongswan.org> for more general info."
  49         exit 0
  50         ;;
  51 --help)
  52         echo "Usage: ipsec command argument ..."
  53         echo "where command is one of:"
  54         echo "  start|restart  arguments..."
  55         echo "  update|reload|stop"
  56         echo "  up|down|route|unroute <connectionname>"
  57         echo "  status|statusall [<connectionname>]"
  58         echo "  ready"
  59         echo "  listalgs|listpubkeys|listcerts [--utc]"
  60         echo "  listcacerts|listaacerts|listocspcerts [--utc]"
  61         echo "  listacerts|listgroups|listcainfos [--utc]"
  62         echo "  listcrls|listocsp|listcards|listall [--utc]"
  63         echo "  rereadsecrets|rereadgroups"
  64         echo "  rereadcacerts|rereadaacerts|rereadocspcerts"
  65         echo "  rereadacerts|rereadcrls|rereadall"
  66         echo "  purgeocsp"
  67         echo "  scencrypt|scdecrypt <value> [--inbase <base>] [--outbase <base>] [--keyid <id>]"
  68         echo "  barf"
  69         echo "  openac"
  70         echo "  pluto"
  71         echo "  scepclient"
  72         echo "  secrets"
  73         echo "  starter"
  74         echo "  version"
  75         echo "  whack"
  76         echo "  stoke"
  77         echo
  78         echo "Some of these functions have their own manual pages, e.g. ipsec_scepclient(8)."
  79         exit 0
  80         ;;
  81 --versioncode)
  82         echo "$IPSEC_VERSION"
  83         exit 0
  84         ;;
  85 --copyright)
  86         set _copyright
  87         # and fall through, invoking "ipsec _copyright"
  88         ;;
  89 --directory)
  90         echo "$IPSEC_DIR"
  91         exit 0
  92         ;;
  93 --confdir)
  94         echo "$IPSEC_CONFDIR"
  95         exit 0
  96         ;;
  97 down)
  98         shift
  99         if [ "$#" -ne 1 ]
 100         then
 101             echo "Usage: ipsec down <connection name>"
 102             exit 1
 103         fi
 104         if test -e $IPSEC_PLUTO_PID
 105         then
 106                 $IPSEC_WHACK --name "$1" --terminate
 107         fi
 108         if test -e $IPSEC_CHARON_PID
 109         then
 110                 $IPSEC_STROKE down "$1"
 111         fi
 112         exit 0
 113         ;;
 114 listalgs|listpubkeys|\listcards|\
 115 rereadsecrets|rereadgroups)
 116         op="$1"
 117         shift
 118         if test -e $IPSEC_PLUTO_PID
 119         then
 120                 $IPSEC_WHACK "$@" "--$op"
 121         fi
 122         exit 0
 123         ;;
 124 listcerts|listcacerts|listaacerts|\
 125 listacerts\listgroups\listocspcerts|\
 126 listcainfos|listcrls|listocsp|listall|\
 127 rereadcacerts|rereadaacerts|rereadacerts|\
 128 rereadocspcerts|rereadcrls|\
 129 rereadall|purgeocsp)
 130         op="$1"
 131         shift
 132         if test -e $IPSEC_PLUTO_PID
 133         then
 134                 $IPSEC_WHACK "$@" "--$op"
 135         fi
 136         if test -e $IPSEC_CHARON_PID
 137         then
 138                 $IPSEC_STROKE "$op" "$@"
 139         fi
 140         exit 0
 141         ;;
 142 ready)
 143         shift
 144         if test -e $IPSEC_PLUTO_PID
 145         then
 146                 $IPSEC_WHACK --listen
 147         fi
 148         exit 0
 149         ;;
 150 reload)
 151         if test -e $IPSEC_STARTER_PID
 152         then
 153             echo "Reloading strongSwan IPsec configuration..." >&2
 154             kill -s USR1 `cat $IPSEC_STARTER_PID`
 155         else
 156             echo "ipsec starter is not running" >&2
 157         fi
 158         exit 0
 159         ;;
 160 restart)
 161         $IPSEC_SBINDIR/ipsec stop
 162         sleep 2
 163         shift
 164         $IPSEC_SBINDIR/ipsec start "$@"
 165         exit 0
 166         ;;
 167 route|unroute)
 168         op="$1"
 169         shift
 170         if [ "$#" -ne 1 ]
 171         then
 172             echo "Usage: ipsec $op <connection name>"
 173             exit 1
 174         fi
 175         if test -e $IPSEC_PLUTO_PID
 176         then
 177                 $IPSEC_WHACK --name "$1" "--$op"
 178         fi
 179         if test -e $IPSEC_CHARON_PID
 180         then
 181                 $IPSEC_STROKE "$op" "$1"
 182         fi
 183         exit 0
 184         ;;
 185 scencrypt|scdecrypt)
 186         op="$1"
 187         shift
 188         if test -e $IPSEC_PLUTO_PID
 189         then
 190                 $IPSEC_WHACK "--$op" "$@"
 191         fi
 192         exit 0
 193         ;;
 194 secrets)
 195         if test -e $IPSEC_PLUTO_PID
 196         then
 197                 $IPSEC_WHACK --rereadsecrets
 198         fi
 199         exit 0
 200         ;;
 201 start)
 202         shift
 203         exec $IPSEC_STARTER "$@"
 204         ;;
 205 status|statusall)
 206         op="$1"
 207         shift
 208         if test $# -eq 0
 209         then
 210                 if test -e $IPSEC_PLUTO_PID
 211                 then
 212                         $IPSEC_WHACK "--$op"
 213                 fi
 214                 if test -e $IPSEC_CHARON_PID
 215                 then
 216                         $IPSEC_STROKE "$op"
 217                 fi
 218         else
 219                 if test -e $IPSEC_PLUTO_PID
 220                 then
 221                         $IPSEC_WHACK --name "$1" "--$op"
 222                 fi
 223                 if test -e $IPSEC_CHARON_PID
 224                 then
 225                         $IPSEC_STROKE "$op" "$1"
 226                 fi
 227         fi
 228         exit 0
 229         ;;
 230 stop)
 231         if test -e $IPSEC_STARTER_PID
 232         then
 233             echo "Stopping strongSwan IPsec..." >&2
 234             kill `cat $IPSEC_STARTER_PID`
 235         else
 236             echo "ipsec starter is not running" >&2
 237         fi
 238         exit 0
 239         ;;
 240 up)
 241         shift
 242         if [ "$#" -ne 1 ]
 243         then
 244             echo "Usage: ipsec up <connection name>"
 245             exit 1
 246         fi
 247         if test -e $IPSEC_PLUTO_PID
 248         then
 249                 $IPSEC_WHACK --name "$1" --initiate
 250         fi
 251         if test -e $IPSEC_CHARON_PID
 252         then
 253             $IPSEC_STROKE up "$1"
 254         fi
 255         exit 0
 256         ;;
 257 update)
 258         if test -e $IPSEC_STARTER_PID
 259         then
 260                 echo "Updating strongSwan IPsec configuration..." >&2
 261                 kill -s HUP `cat $IPSEC_STARTER_PID`
 262         else
 263                 echo "ipsec starter is not running" >&2
 264         fi
 265         exit 0
 266         ;;
 267 version|--version)
 268         echo "Linux $IPSEC_NAME $IPSEC_VERSION"
 269         echo "See \`ipsec --copyright' for copyright information."
 270         echo $IPSEC_DISTRO
 271         exit 0
 272         ;;
 273 --*)
 274         echo "$0: unknown option \`$1' (perhaps command name was omitted?)" >&2
 275         exit 1
 276         ;;
 277 esac
 278
 279 cmd="$1"
 280 shift
 281
 282 path="$IPSEC_DIR/$cmd"
 283
 284 if test ! -x "$path"
 285 then
 286     path="$IPSEC_DIR/$cmd"
 287     if test ! -x "$path"
 288     then
 289         echo "$0: unknown IPsec command \`$cmd' (\`ipsec --help' for list)" >&2
 290         exit 1
 291     fi
 292 fi
 293
 294 exec $path "$@"