diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2015-06-23 14:12:29 -0300 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2015-06-23 14:12:39 -0300 |
| commit | a241d6b53ac8d1aefe854d673ed5f41693ce9388 (patch) | |
| tree | 755caa5b75664df853b207a8d1b5301cb6cb4659 | |
| parent | bc7748f76c2deb0c593290e289dcd588006e7165 (diff) | |
| download | pfsense-a241d6b53ac8d1aefe854d673ed5f41693ce9388.zip pfsense-a241d6b53ac8d1aefe854d673ed5f41693ce9388.tar.gz | |
Instead of sending USR1, just call ipsec reload. And before it, call ipsec rereadsecrets to make sure new secretes are updated. It should fix #4785
| -rw-r--r-- | etc/inc/vpn.inc | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index 1bf7fa9..b3b9ad5 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -1136,7 +1136,8 @@ EOD; if (isvalidpid("{$g['varrun_path']}/starter.charon.pid")) { /* Update configuration changes */ /* Read secrets */ - sigkillbypid("{$g['varrun_path']}/starter.charon.pid", 'USR1'); + mwexec("/usr/local/sbin/ipsec rereadsecrets", false); + mwexec("/usr/local/sbin/ipsec reload", false); } else { mwexec("/usr/local/sbin/ipsec start", false); } |
