From ab8fc59799d4b33f715462ca82f88d0d110851c5 Mon Sep 17 00:00:00 2001
From: Florin Grad <florin@mandriva.com>
Date: Tue, 17 Feb 2004 12:50:30 +0000
Subject: one can now start an ipsec.conf file from scratch

---
 perl-install/standalone/drakvpn | 46 +++++++++++++++++++++++++----------------
 1 file changed, 28 insertions(+), 18 deletions(-)

(limited to 'perl-install/standalone/drakvpn')

diff --git a/perl-install/standalone/drakvpn b/perl-install/standalone/drakvpn
index 92c403450..7ad5f22e9 100644
--- a/perl-install/standalone/drakvpn
+++ b/perl-install/standalone/drakvpn
@@ -66,6 +66,8 @@ if ($kernel_version > 2.5) {
 my $ipsec = network::ipsec::read_ipsec_conf($ipsec_conf,$kernel_version);
 my $racoon = network::ipsec::read_racoon_conf($racoon_conf);
 
+#print network::ipsec::display_ipsec_conf($ipsec_conf,$ipsec,$kernel_version);
+
 $::Wizard_title = N("DrakVPN");
 
 $in->isa('interactive::gtk') and $::isWizard = 1;
@@ -313,10 +315,10 @@ if ($c eq "ipsec" || $c eq "configure") {
 
 step_configure_ipsec_conf:
 
-@section_names = network::ipsec::get_section_names_ipsec_conf($ipsec_conf,$ipsec,$kernel_version) if -e $ipsec_conf;
+@section_names = network::ipsec::get_section_names_ipsec_conf($ipsec,$kernel_version) if $ipsec;
 
 my $choice = $section_names[0] if $section_names[0];
-my $d = $in->ask_from_list_(N("%s entries", $ipsec_conf),
+my $d = $in->ask_from_list(N("%s entries", $ipsec_conf),
 N("The %s file contents
 is divided into sections.\n
 You can now :\n
@@ -332,16 +334,14 @@ my $existing_section = "";
 
 step_display_ipsec_conf:
 
-# BUG: how can $d be "display $ipsec_conf":
 if ($d eq "display $ipsec_conf" || $d eq "Display") {
 	my $ipsec_exists = 0;
 	foreach my $key (keys %$ipsec) {
 		$ipsec_exists = 1 if  $ipsec->{$key};
 	};
-
 	if ($ipsec_exists) {
 		$in->ask_okcancel(N("Display configuration"),
-		network::ipsec::display_ipsec_conf($ipsec_conf,$ipsec,$kernel_version));
+		network::ipsec::display_ipsec_conf($ipsec,$kernel_version));
 		goto step_configure_ipsec_conf;
 	} else {
 $in->ask_okcancel(N("Display configuration"),
@@ -540,19 +540,27 @@ N("Add a Security Policy.\n
 You can now add a Secutiy Policy.\n
 Choose continue when you are done to write the data.\n"), $section)  or goto step_configure_ipsec_conf;
 
-	$existing_section = network::ipsec::already_existing_section_ipsec_conf($section->{src_dest}, $ipsec, $kernel_version);
-
-	if ($existing_section eq "already existing") {
-$in->ask_okcancel(N("Exists !"), 
-N("A section with this name already exists.
-The section names have to be unique.\n
-You'll have to go back and add another section
-or change the name of the section.\n"));
-	goto step_add_section_ipsec_conf_k26;
-};
+#	$existing_section = network::ipsec::already_existing_section_ipsec_conf($section->{src_dest}, $ipsec, $kernel_version);
+#
+#	if ($existing_section eq "already existing") {
+#$in->ask_okcancel(N("Exists !"), 
+#N("A section with this name already exists.
+#The section names have to be unique.\n
+#You'll have to go back and add another section
+#or change the name of the section.\n"));
+#	goto step_add_section_ipsec_conf_k26;
+#};
+
+	if (!$ipsec->{1}) {
+		put_in_hash($ipsec, { max(keys %$ipsec) + 1 => "#!/sbin/setkey -f" });
+		put_in_hash($ipsec, { max(keys %$ipsec) + 1 => "flush;" });
+		put_in_hash($ipsec, { max(keys %$ipsec) + 1 => "spdflush;" });
+	};
 
 	network::ipsec::add_section_ipsec_conf($section, $ipsec);
 
+	@section_names = network::ipsec::get_section_names_ipsec_conf($ipsec,$kernel_version);
+
 	goto step_configure_ipsec_conf;
 };
 
@@ -649,7 +657,7 @@ and then click on next.\n", $ipsec_conf),
 
 	network::ipsec::remove_section_ipsec_conf($choice,$ipsec,$kernel_version);
 
-	@section_names = network::ipsec::get_section_names_ipsec_conf($ipsec_conf,$ipsec,$kernel_version) if -e $ipsec_conf;
+	@section_names = network::ipsec::get_section_names_ipsec_conf($ipsec,$kernel_version) if $ipsec;
 
 	goto step_configure_ipsec_conf;
 
@@ -807,6 +815,8 @@ Choose continue or previous when you are done.\n", $racoon_conf), $sainfo_sectio
 
 network::ipsec::add_section_racoon_conf($sainfo_section, $racoon);
 } 
+
+@section_names = network::ipsec::get_section_names_racoon_conf($racoon) if $racoon;
 	
 goto step_configure_racoon_conf;
 
@@ -850,7 +860,7 @@ You can now edit the path entries.
 
 Choose continue or previous when you are done.\n", $racoon_conf),
 		  [     { label => N("path_type"), val => \$racoon->{$number}{1}[1], list => [ 'certificate', 'pre_shared_key', 'include' ] },
-			{ label => N("real file"), val => \$racoon->{$number}{1}[2], type => 'entry' },
+			{ label => N("real_file"), val => \$racoon->{$number}{1}[2], type => 'entry' },
 		  ]
 ) or goto step_configure_racoon_conf;
 }
@@ -948,7 +958,7 @@ sub ask_info2 {
 
 sub ask_info3 {
     my ($title, $text, $section) = @_;
-	$in->ask_from($title, $text,
+	$in->ask_from($title, $text,,
 	[	{ label => N("Command"), val => \$section->{command}, list => [ 'spdadd' ], allow_empty_list => 1 },
 		{ label => N("Source IP range"), val => \$section->{src_range}, type => 'entry' },
 		{ label => N("Destination IP range"), val => \$section->{dst_range}, type => 'entry' },
-- 
cgit v1.2.1