/usr/lib/ipsec/_plutoload is in openswan 1:2.6.38-1.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 | #!/bin/sh
# Pluto database-loading script
# Copyright (C) 1998, 1999, 2001 Henry Spencer.
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
#
# exit status is 13 for protocol violation, that of Pluto otherwise
me='ipsec _plutoload' # for messages
for dummy
do
case "$1" in
--load) plutoload="$2" ; shift ;;
--start) plutostart="$2" ; shift ;;
--wait) plutowait="$2" ; shift ;;
--post) postpluto="$2" ; shift ;;
--) shift ; break ;;
-*) echo "$me: unknown option \`$1'" >&2 ; exit 2 ;;
*) break ;;
esac
shift
done
# searches, if needed
# the way the searches were done ensures plutoload >= plutoroute >= plutostart
plutoroute=`ipsec addconn --listroute`
plutostart=`ipsec addconn --liststart`
# await Pluto's readiness (not likely to be an issue, but...)
eofed=y
while read saying
do
case "$saying" in
'Pluto initialized') eofed= ; break ;; # NOTE BREAK OUT
*) echo "pluto unexpectedly said \`$saying'" ;;
esac
done
info=/var/run/pluto/ipsec.info
if test -s $info
then
. $info
fi
# finally, handle --add|--replace
if [ -n "$defaultrouteaddr" ]
then
options="--defaultroute $defaultrouteaddr"
fi
if [ -n "$defaultroutenexthop" ]
then
options="$options --defaultroutenexthop $defaultroutenexthop"
fi
ipsec addconn $options --addall
# enable listening
ipsec auto --ready
# quickly establish routing
for tu in $plutoroute
do
ipsec auto --route $tu ||
echo "...could not route conn \"$tu\""
done
# tunnel initiation, which may take a while
async=
if test " $plutowait" = " no"
then
async="--asynchronous"
fi
err=0
for tu in $plutostart
do
ipsec auto --up $async $tu
err=$?
if test -z "$async" -a $err -gt 0
then
echo "...could not start conn \"$tu\""
fi
done
# report any further utterances, and watch for exit status
eofed=y
while read saying
do
case "$saying" in
exit) eofed= ; break ;; # NOTE BREAK OUT
*) echo "pluto unexpectedly says \`$saying'" ;;
esac
done
if test "$eofed"
then
echo "pluto died without exit status!?!"
exit 13
fi
if read status
then
exit $status
else
echo "pluto yielded no exit status!?!"
exit 13
fi
|