[vpn-help] Shrew VPN in Ubuntu
andrew
atimonin at online.ru
Wed Dec 19 11:44:04 CST 2012
Hi everybody!
I've found out that there is no /etc/resolv.conf in Ubuntu at all.
So I've made some investigation and suggest a patch to Shrew VPN.
The main idea is simple: if there is resolv.conf, do as usual, if not -
do as Ubuntu want: cat new-resolv.conf | resolvconf
--------> Cut here <---------------- a/source/iked/ike.socket.cpp
2011-02-06 19:26:31.000000000 +0300
+++ b/source/iked/ike.socket.cpp 2012-07-14 14:51:56.920048345 +0400
@@ -845,56 +845,73 @@
if( tunnel->xconf.opts & ( IPSEC_OPTS_DNSS | IPSEC_OPTS_DOMAIN ) )
{
- // backup the current resolv.conf file
+ if (accsess ("/etc/resolv.conf", R_OK|W_OK) == 0) { // do we have
resolv.conf?
+ // backup the current resolv.conf file
- rename( "/etc/resolv.conf", "/etc/resolv.iked" );
+ rename( "/etc/resolv.conf", "/etc/resolv.iked" );
- FILE * fp1 = fopen( "/etc/resolv.iked", "r" );
- FILE * fp2 = fopen( "/etc/resolv.conf", "w+" );
+ FILE * fp1 = fopen( "/etc/resolv.iked", "r" );
+ FILE * fp2 = fopen( "/etc/resolv.conf", "w+" );
- if( fp2 != NULL )
- {
- // write configuration
-
- if( tunnel->xconf.opts & IPSEC_OPTS_DOMAIN )
- fprintf( fp2, "domain\t%s\n", tunnel->xconf.nscfg.dnss_suffix );
-
- if( tunnel->xconf.opts & IPSEC_OPTS_DNSS )
- for( int i = 0; i < tunnel->xconf.nscfg.dnss_count; i++ )
- fprintf( fp2, "nameserver\t%s\n",
- inet_ntoa( tunnel->xconf.nscfg.dnss_list[ i ] ) );
-
- if( fp1 != NULL )
+ if( fp2 != NULL )
{
- // merge additional options
+ // write configuration
- char line[ 1024 ];
+ if( tunnel->xconf.opts & IPSEC_OPTS_DOMAIN )
+ fprintf( fp2, "domain\t%s\n", tunnel->xconf.nscfg.dnss_suffix );
- while( fgets( line, sizeof( line ), fp1 ) != NULL )
+ if( tunnel->xconf.opts & IPSEC_OPTS_DNSS )
+ for( int i = 0; i < tunnel->xconf.nscfg.dnss_count; i++ )
+ fprintf( fp2, "nameserver\t%s\n",
+ inet_ntoa( tunnel->xconf.nscfg.dnss_list[ i ] ) );
+
+ if( fp1 != NULL )
{
- if( !strncmp( line, "domain", 6 ) )
- {
- if( !( tunnel->xconf.opts & IPSEC_OPTS_DOMAIN ) )
- fwrite( line, strlen( line ), 1, fp2 );
+ // merge additional options
- continue;
- }
+ char line[ 1024 ];
- if( !strncmp( line, "nameserver", 9 ) )
+ while( fgets( line, sizeof( line ), fp1 ) != NULL )
{
- if( !( tunnel->xconf.opts & IPSEC_OPTS_DNSS ) )
- fwrite( line, strlen( line ), 1, fp2 );
+ if( !strncmp( line, "domain", 6 ) )
+ {
+ if( !( tunnel->xconf.opts & IPSEC_OPTS_DOMAIN ) )
+ fwrite( line, strlen( line ), 1, fp2 );
+
+ continue;
+ }
+
+ if( !strncmp( line, "nameserver", 9 ) )
+ {
+ if( !( tunnel->xconf.opts & IPSEC_OPTS_DNSS ) )
+ fwrite( line, strlen( line ), 1, fp2 );
- continue;
+ continue;
+ }
+
+ fwrite( line, strlen( line ), 1, fp2 );
}
- fwrite( line, strlen( line ), 1, fp2 );
+ fclose( fp1 );
}
- fclose( fp1 );
+ fclose( fp2 );
+ }
+ }
+ else
+ { // assume "resolvconf iked" a good choise - FIXME should be
site/vpn name
+ FILE * fp;
+ if ( fp = popen("/sbin/resolvconf -a iked", "w")) {
+ // write configuration
+ if( tunnel->xconf.opts & IPSEC_OPTS_DOMAIN )
+ fprintf( fp, "domain\t%s\n", tunnel->xconf.nscfg.dnss_suffix );
+
+ if( tunnel->xconf.opts & IPSEC_OPTS_DNSS )
+ for( int i = 0; i < tunnel->xconf.nscfg.dnss_count; i++ )
+ fprintf( fp, "nameserver\t%s\n",
+ inet_ntoa( tunnel->xconf.nscfg.dnss_list[ i ] ) );
+ pclose (fp);
}
-
- fclose( fp2 );
}
}
@@ -905,9 +922,12 @@
{
if( tunnel->xconf.opts & ( IPSEC_OPTS_DNSS | IPSEC_OPTS_DOMAIN ) )
{
- // restore the previous resolv.conf file
-
- rename( "/etc/resolv.iked", "/etc/resolv.conf" );
+ if (accsess ("/etc/resolv.conf", R_OK|W_OK) == 0)
+ // restore the previous resolv.conf file
+ rename( "/etc/resolv.iked", "/etc/resolv.conf" );
+ else
+ // FIXME should be site/vpn name
+ system("/sbin/resolvconf -d iked")
}
if( tunnel->xconf.opts & IPSEC_OPTS_ADDR )
--------> Cut here <------------
--
Andrew Timonin
More information about the vpn-help
mailing list