[network-manager-libreswan/th/vpn-plugin-debug-bgo766872: 2/20] build: add configure option "--with-nm-ipsec-conf" and "--with-nm-ipsec-secrets-dir"
- From: Thomas Haller <thaller src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [network-manager-libreswan/th/vpn-plugin-debug-bgo766872: 2/20] build: add configure option "--with-nm-ipsec-conf" and "--with-nm-ipsec-secrets-dir"
- Date: Tue, 14 Jun 2016 13:11:12 +0000 (UTC)
commit 03298458c84e9839179444a9009accaced7f7101
Author: Thomas Haller <thaller redhat com>
Date: Fri May 27 11:35:57 2016 +0200
build: add configure option "--with-nm-ipsec-conf" and "--with-nm-ipsec-secrets-dir"
nm-libreswan passes "--config" to pluto, but it used as path SYSCONFDIR"/ipsec.conf".
Also, it would write the secret file to SYSCONFDIR"/ipsec.d/ipsec-%s.secrets".
However, SYSCONFDIR is "${prefix}/etc", so when installing nm-libreswan to
a different prefix, this is wrong.
Make these locations configurable, and change the defaults to
"/etc/ipsec.conf" and "/etc/ipsec.d".
configure.ac | 16 ++++++++++++++++
src/Makefile.am | 1 -
src/nm-libreswan-service.c | 4 ++--
3 files changed, 18 insertions(+), 3 deletions(-)
---
diff --git a/configure.ac b/configure.ac
index 9bad2f2..d358634 100644
--- a/configure.ac
+++ b/configure.ac
@@ -50,6 +50,20 @@ if test -n "$ac_macro_dir"; then
fi
AC_SUBST([ACLOCAL_AMFLAGS])
+AC_ARG_WITH(nm-ipsec-conf, AS_HELP_STRING([--with-nm-ipsec-conf=path], [The IPSec configuration file,
defaults to /etc/ipsec.conf]), [], [with_nm_ipsec_conf=])
+AS_IF([test -z "$with_nm_ipsec_conf"], with_nm_ipsec_conf="/etc/ipsec.conf")
+if (printf '%s' "$with_nm_ipsec_conf" | grep -v -q '^/'); then
+ AC_MSG_ERROR([--with-nm-ipsec-conf must be an absolute path, instead it is '$with_nm_ipsec_conf'])
+fi
+AC_DEFINE_UNQUOTED(NM_IPSEC_CONF, "$with_nm_ipsec_conf", [IPSec configuration file])
+
+AC_ARG_WITH(nm-ipsec-secrets-dir, AS_HELP_STRING([--with-nm-ipsec-secrets-dir=path], [The directory where to
put IPSec secrets, defaults to /etc/ipsec.d/]), [], [with_nm_ipsec_secrets_dir=])
+AS_IF([test -z "$with_nm_ipsec_secrets_dir"], with_nm_ipsec_secrets_dir="/etc/ipsec.d")
+if (printf '%s' "$with_nm_ipsec_secrets_dir" | grep -v -q '^/'); then
+ AC_MSG_ERROR([--with-nm-ipsec-secrets-dir must be an absolute path, instead it is
'$with_nm_ipsec_secrets_dir'])
+fi
+AC_DEFINE_UNQUOTED(NM_IPSEC_SECRETS_DIR, "$with_nm_ipsec_secrets_dir", [IPSec secret dir])
+
dnl
dnl GNOME support
dnl
@@ -153,3 +167,5 @@ echo " --with-gnome=$with_gnome"
echo " --with-libnm-glib=$with_libnm_glib"
echo " --enable-absolute-paths=$enable_absolute_paths"
echo " --enable-more-warnings=$set_more_warnings"
+echo " --with-nm-ipsec-conf=$with_nm_ipsec_conf"
+echo " --with-nm-ipsec-secrets-dir=$with_nm_ipsec_secrets_dir"
diff --git a/src/Makefile.am b/src/Makefile.am
index 42c9b44..b72636a 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -8,7 +8,6 @@ AM_CPPFLAGS = \
$(LIBNL_CFLAGS) \
-DBINDIR=\"$(bindir)\" \
-DPREFIX=\""$(prefix)"\" \
- -DSYSCONFDIR=\""$(sysconfdir)"\" \
-DLIBDIR=\""$(libdir)"\" \
-DLIBEXECDIR=\""$(libexecdir)"\" \
-DLOCALSTATEDIR=\""$(localstatedir)"\" \
diff --git a/src/nm-libreswan-service.c b/src/nm-libreswan-service.c
index df28b3e..07709e0 100644
--- a/src/nm-libreswan-service.c
+++ b/src/nm-libreswan-service.c
@@ -1574,7 +1574,7 @@ connect_step (NMLibreswanPlugin *self, GError **error)
success = do_spawn (self, &priv->pid, NULL, NULL, error, priv->ipsec_path, "setup",
"start", NULL);
else {
success = do_spawn (self, &priv->pid, NULL, NULL, error,
- priv->pluto_path, "--config", SYSCONFDIR "/ipsec.conf",
+ priv->pluto_path, "--config", NM_IPSEC_CONF,
NULL);
}
if (success) {
@@ -1697,7 +1697,7 @@ _connect_common (NMVpnServicePlugin *plugin,
/* Write the IPsec secret (group password); *SWAN always requires this and
* doesn't ask for it interactively.
*/
- priv->secrets_path = g_strdup_printf (SYSCONFDIR "/ipsec.d/ipsec-%s.secrets", con_name);
+ priv->secrets_path = g_strdup_printf (NM_IPSEC_SECRETS_DIR"/ipsec-%s.secrets", con_name);
if (!nm_libreswan_config_psk_write (s_vpn, priv->secrets_path, error))
return FALSE;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]