[network-manager-libreswan/th/vpn-plugin-debug-bgo766872: 2/22] build: add configure option "--with-nm-ipsec-conf" and "--with-nm-ipsec-secrets-dir"

From: Thomas Haller <thaller src gnome org>
To: commits-list gnome org
Cc:
Subject: [network-manager-libreswan/th/vpn-plugin-debug-bgo766872: 2/22] build: add configure option "--with-nm-ipsec-conf" and "--with-nm-ipsec-secrets-dir"
Date: Tue, 7 Jun 2016 14:11:44 +0000 (UTC)

commit 0af6ef7b562693632ce994a1b18705db65065152
Author: Thomas Haller <thaller redhat com>
Date:   Fri May 27 11:35:57 2016 +0200

    build: add configure option "--with-nm-ipsec-conf" and "--with-nm-ipsec-secrets-dir"
    
    nm-libreswan passes "--config" to pluto, but it used as path SYSCONFDIR"/ipsec.conf".
    Also, it would write the secret file to SYSCONFDIR"/ipsec.d/ipsec-%s.secrets".
    
    However, SYSCONFDIR is "${prefix}/etc", so when installing nm-libreswan to
    a different prefix, this is wrong.
    
    Make these locations configurable, and change the defaults to
    "/etc/ipsec.conf" and "/etc/ipsec.d".

 configure.ac               |   16 ++++++++++++++++
 src/Makefile.am            |    1 -
 src/nm-libreswan-service.c |    4 ++--
 3 files changed, 18 insertions(+), 3 deletions(-)
---
diff --git a/configure.ac b/configure.ac
index 9bad2f2..d358634 100644
--- a/configure.ac
+++ b/configure.ac
@@ -50,6 +50,20 @@ if test -n "$ac_macro_dir"; then
 fi
 AC_SUBST([ACLOCAL_AMFLAGS])
 
+AC_ARG_WITH(nm-ipsec-conf, AS_HELP_STRING([--with-nm-ipsec-conf=path], [The IPSec configuration file, 
defaults to /etc/ipsec.conf]), [], [with_nm_ipsec_conf=])
+AS_IF([test -z "$with_nm_ipsec_conf"], with_nm_ipsec_conf="/etc/ipsec.conf")
+if (printf '%s' "$with_nm_ipsec_conf" | grep -v -q '^/'); then
+       AC_MSG_ERROR([--with-nm-ipsec-conf must be an absolute path, instead it is '$with_nm_ipsec_conf'])
+fi
+AC_DEFINE_UNQUOTED(NM_IPSEC_CONF, "$with_nm_ipsec_conf", [IPSec configuration file])
+
+AC_ARG_WITH(nm-ipsec-secrets-dir, AS_HELP_STRING([--with-nm-ipsec-secrets-dir=path], [The directory where to 
put IPSec secrets, defaults to /etc/ipsec.d/]), [], [with_nm_ipsec_secrets_dir=])
+AS_IF([test -z "$with_nm_ipsec_secrets_dir"], with_nm_ipsec_secrets_dir="/etc/ipsec.d")
+if (printf '%s' "$with_nm_ipsec_secrets_dir" | grep -v -q '^/'); then
+       AC_MSG_ERROR([--with-nm-ipsec-secrets-dir must be an absolute path, instead it is 
'$with_nm_ipsec_secrets_dir'])
+fi
+AC_DEFINE_UNQUOTED(NM_IPSEC_SECRETS_DIR, "$with_nm_ipsec_secrets_dir", [IPSec secret dir])
+
 dnl
 dnl GNOME support
 dnl
@@ -153,3 +167,5 @@ echo "  --with-gnome=$with_gnome"
 echo "  --with-libnm-glib=$with_libnm_glib"
 echo "  --enable-absolute-paths=$enable_absolute_paths"
 echo "  --enable-more-warnings=$set_more_warnings"
+echo "  --with-nm-ipsec-conf=$with_nm_ipsec_conf"
+echo "  --with-nm-ipsec-secrets-dir=$with_nm_ipsec_secrets_dir"
diff --git a/src/Makefile.am b/src/Makefile.am
index 42c9b44..b72636a 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -8,7 +8,6 @@ AM_CPPFLAGS = \
     $(LIBNL_CFLAGS) \
     -DBINDIR=\"$(bindir)\" \
     -DPREFIX=\""$(prefix)"\" \
-    -DSYSCONFDIR=\""$(sysconfdir)"\" \
     -DLIBDIR=\""$(libdir)"\" \
     -DLIBEXECDIR=\""$(libexecdir)"\" \
     -DLOCALSTATEDIR=\""$(localstatedir)"\" \
diff --git a/src/nm-libreswan-service.c b/src/nm-libreswan-service.c
index df28b3e..07709e0 100644
--- a/src/nm-libreswan-service.c
+++ b/src/nm-libreswan-service.c
@@ -1574,7 +1574,7 @@ connect_step (NMLibreswanPlugin *self, GError **error)
                        success = do_spawn (self, &priv->pid, NULL, NULL, error, priv->ipsec_path, "setup", 
"start", NULL);
                else {
                        success = do_spawn (self, &priv->pid, NULL, NULL, error,
-                                           priv->pluto_path, "--config", SYSCONFDIR "/ipsec.conf",
+                                           priv->pluto_path, "--config", NM_IPSEC_CONF,
                                            NULL);
                }
                if (success) {
@@ -1697,7 +1697,7 @@ _connect_common (NMVpnServicePlugin   *plugin,
        /* Write the IPsec secret (group password); *SWAN always requires this and
         * doesn't ask for it interactively.
         */
-       priv->secrets_path = g_strdup_printf (SYSCONFDIR "/ipsec.d/ipsec-%s.secrets", con_name);
+       priv->secrets_path = g_strdup_printf (NM_IPSEC_SECRETS_DIR"/ipsec-%s.secrets", con_name);
        if (!nm_libreswan_config_psk_write (s_vpn, priv->secrets_path, error))
                return FALSE;

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]