/* strongSwan netkey starter * Copyright (C) 2001-2002 Mathieu Lafon - Arkoon Network Security * * This program is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License as published by the * Free Software Foundation; either version 2 of the License, or (at your * option) any later version. See . * * This program is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. */ #include #include #include #include #include #include #include "files.h" bool starter_netkey_init(void) { struct stat stb; if (stat(PROC_NETKEY, &stb) != 0) { /* af_key module makes the netkey proc interface visible */ if (stat(PROC_MODULES, &stb) == 0) { ignore_result(system("modprobe -qv af_key")); } /* now test again */ if (stat(PROC_NETKEY, &stb) != 0) { DBG2(DBG_APP, "kernel appears to lack the native netkey IPsec stack"); return FALSE; } } /* make sure that all required IPsec modules are loaded */ if (stat(PROC_MODULES, &stb) == 0) { ignore_result(system("modprobe -qv ah4")); ignore_result(system("modprobe -qv esp4")); ignore_result(system("modprobe -qv ipcomp")); ignore_result(system("modprobe -qv xfrm4_tunnel")); ignore_result(system("modprobe -qv xfrm_user")); } DBG2(DBG_APP, "found netkey IPsec stack"); return TRUE; } void starter_netkey_cleanup(void) { if (!lib->plugins->load(lib->plugins, lib->settings->get_str(lib->settings, "starter.load", PLUGINS))) { DBG1(DBG_APP, "unable to load kernel plugins"); return; } hydra->kernel_interface->flush_sas(hydra->kernel_interface); hydra->kernel_interface->flush_policies(hydra->kernel_interface); lib->plugins->unload(lib->plugins); }