This file is indexed.

/usr/lib/ipsec/_plutoload is in openswan 1:2.6.38-1.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
#!/bin/sh
# Pluto database-loading script
# Copyright (C) 1998, 1999, 2001  Henry Spencer.
# 
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
# 
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
# for more details.
#
# exit status is 13 for protocol violation, that of Pluto otherwise

me='ipsec _plutoload'		# for messages

for dummy
do
	case "$1" in
	--load)	plutoload="$2" ; shift	;;
	--start)	plutostart="$2" ; shift	;;
	--wait)	plutowait="$2" ; shift	;;
	--post)	postpluto="$2" ; shift	;;
	--)	shift ; break	;;
	-*)	echo "$me: unknown option \`$1'" >&2 ; exit 2	;;
	*)	break	;;
	esac
	shift
done

# searches, if needed
# the way the searches were done ensures plutoload >= plutoroute >= plutostart

plutoroute=`ipsec addconn --listroute`
plutostart=`ipsec addconn --liststart`

# await Pluto's readiness (not likely to be an issue, but...)
eofed=y
while read saying
do
	case "$saying" in
	'Pluto initialized')	eofed= ; break	;;	# NOTE BREAK OUT
	*)	echo "pluto unexpectedly said \`$saying'"	;;
	esac
done

info=/var/run/pluto/ipsec.info
if test -s $info
then
	. $info
fi

# finally, handle --add|--replace
if [ -n "$defaultrouteaddr" ]
then
    options="--defaultroute $defaultrouteaddr"
fi
if [ -n "$defaultroutenexthop" ]
then
    options="$options --defaultroutenexthop $defaultroutenexthop"
fi
ipsec addconn $options --addall

# enable listening
ipsec auto --ready

# quickly establish routing
for tu in $plutoroute
do
	ipsec auto --route $tu ||
		echo "...could not route conn \"$tu\""
done

# tunnel initiation, which may take a while
async=
if test " $plutowait" = " no"
then
	async="--asynchronous"
fi
err=0
for tu in $plutostart
do
	ipsec auto --up $async $tu
	err=$?
	if test -z "$async" -a $err -gt 0
	then
		echo "...could not start conn \"$tu\""
	fi
done

# report any further utterances, and watch for exit status
eofed=y
while read saying
do
	case "$saying" in
	exit)	eofed= ; break	;;		# NOTE BREAK OUT
	*)	echo "pluto unexpectedly says \`$saying'"	;;
	esac
done
if test "$eofed"
then
	echo "pluto died without exit status!?!"
	exit 13
fi
if read status
then
	exit $status
else
	echo "pluto yielded no exit status!?!"
	exit 13
fi