Rebuild library.lo after changing ./configure options
[strongswan.git] / src / starter / klips.c
1 /* strongSwan KLIPS starter
2 * Copyright (C) 2001-2002 Mathieu Lafon - Arkoon Network Security
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 */
14
15 #include <sys/types.h>
16 #include <sys/stat.h>
17 #include <stdlib.h>
18
19 #include <freeswan.h>
20
21 #include "../pluto/constants.h"
22 #include "../pluto/defs.h"
23 #include "../pluto/log.h"
24
25 #include "files.h"
26
27 bool
28 starter_klips_init(void)
29 {
30 struct stat stb;
31
32 if (stat(PROC_KLIPS, &stb) != 0)
33 {
34 /* ipsec module makes the pf_key proc interface visible */
35 if (stat(PROC_MODULES, &stb) == 0)
36 {
37 ignore_result(system("modprobe -qv ipsec"));
38 }
39
40 /* now test again */
41 if (stat(PROC_KLIPS, &stb) != 0)
42 {
43 DBG(DBG_CONTROL,
44 DBG_log("kernel appears to lack the KLIPS IPsec stack")
45 )
46 return FALSE;
47 }
48 }
49
50 /* load crypto algorithm modules */
51 ignore_result(system("modprobe -qv ipsec_aes"));
52 ignore_result(system("modprobe -qv ipsec_blowfish"));
53 ignore_result(system("modprobe -qv ipsec_sha2"));
54
55 DBG(DBG_CONTROL,
56 DBG_log("Found KLIPS IPsec stack")
57 )
58
59 return TRUE;
60 }
61
62 void
63 starter_klips_cleanup(void)
64 {
65 if (system("type eroute > /dev/null 2>&1") == 0)
66 {
67 ignore_result(system("spi --clear"));
68 ignore_result(system("eroute --clear"));
69 }
70 else if (system("type setkey > /dev/null 2>&1") == 0)
71 {
72 ignore_result(system("setkey -F"));
73 ignore_result(system("setkey -FP"));
74 }
75 else
76 {
77 plog("WARNING: cannot flush IPsec state/policy database");
78 }
79 }
80