diff options
Diffstat (limited to 'src/starter/invokecharon.c')
| -rw-r--r-- | src/starter/invokecharon.c | 30 |
1 files changed, 1 insertions, 29 deletions
diff --git a/src/starter/invokecharon.c b/src/starter/invokecharon.c index 477be1faa..ade71fc56 100644 --- a/src/starter/invokecharon.c +++ b/src/starter/invokecharon.c @@ -103,8 +103,8 @@ starter_stop_charon (void) int starter_start_charon (starter_config_t *cfg, bool debug) { - int pid, i; struct stat stb; + int pid, i; char buffer[BUF_LEN]; int argc = 1; char *arg[] = { @@ -159,34 +159,6 @@ starter_start_charon (starter_config_t *cfg, bool debug) unlink(CHARON_CTL_FILE); _stop_requested = 0; - /* if ipsec.secrets file is missing then generate RSA default key pair */ - if (stat(SECRETS_FILE, &stb) != 0) - { - mode_t oldmask; - FILE *f; - - plog("no %s file, generating RSA key", SECRETS_FILE); - seteuid(IPSEC_UID); - setegid(IPSEC_GID); - system("ipsec scepclient --out pkcs1 --out cert-self --quiet"); - seteuid(0); - setegid(0); - - /* ipsec.secrets is root readable only */ - oldmask = umask(0066); - - f = fopen(SECRETS_FILE, "w"); - if (f) - { - fprintf(f, "# /etc/ipsec.secrets - strongSwan IPsec secrets file\n"); - fprintf(f, "\n"); - fprintf(f, ": RSA myKey.der\n"); - fclose(f); - } - chown(SECRETS_FILE, IPSEC_UID, IPSEC_GID); - umask(oldmask); - } - pid = fork(); switch (pid) { |