[src/trunk]: src/etc/rc.d if ipsec_flags is given, treat it as an interface n...

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/ffcdd33390a4
branches:  trunk
changeset: 787383:ffcdd33390a4
user:      christos <christos%NetBSD.org@localhost>
date:      Fri Jun 14 16:37:55 2013 +0000

description:
if ipsec_flags is given, treat it as an interface name and change @LOCAL_ADDR@
to the IP address for it. This makes dynamic addresses work during autoconf.
Also while here in restart, re-use start and stop instead of duplicating them.

diffstat:

 etc/rc.d/ipsec |  22 +++++++++++++++++-----
 1 files changed, 17 insertions(+), 5 deletions(-)

diffs (48 lines):

diff -r 1ebd5cc93c90 -r ffcdd33390a4 etc/rc.d/ipsec
--- a/etc/rc.d/ipsec    Fri Jun 14 16:29:14 2013 +0000
+++ b/etc/rc.d/ipsec    Fri Jun 14 16:37:55 2013 +0000
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $NetBSD: ipsec,v 1.11 2008/11/22 20:23:33 tsutsui Exp $
+# $NetBSD: ipsec,v 1.12 2013/06/14 16:37:55 christos Exp $
 #
 
 # PROVIDE: ipsec
@@ -29,10 +29,23 @@
        return 0
 }
 
+ipsec_getip() {
+       ifconfig $1 | while read what address rest; do
+               case "$what" in
+               inet)   echo "$address";;
+               esac
+       done
+}
+
 ipsec_start()
 {
        echo "Installing ipsec manual keys/policies."
-       /sbin/setkey -f /etc/ipsec.conf
+       if [ -n "$ipsec_flags" ]; then
+               sed -e "s/@LOCAL_ADDR@/$(ipsec_getip "$ipsec_flags")/" \
+                   < /etc/ipsec.conf | /sbin/setkey -f -
+       else
+               /sbin/setkey -f /etc/ipsec.conf
+       fi
 }
 
 ipsec_stop()
@@ -50,9 +63,8 @@
 ipsec_reload()
 {
        echo "Reloading ipsec manual keys/policies."
-       /sbin/setkey -F
-       /sbin/setkey -FP
-       /sbin/setkey -f /etc/ipsec.conf
+       ipsec_stop
+       ipsec_start
 }
 
 load_rc_config $name