summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorRenato Botelho <renato@netgate.com>2017-07-31 16:38:05 -0300
committerRenato Botelho <renato@netgate.com>2017-07-31 16:38:05 -0300
commit23273a9b1c7612080420d59188ca591dfa21de9f (patch)
treedabcf543e87c420bcd07862b3229961478bd697b /src
parent4b1d0e0536cc44260de3e1cbc6083645fec3944a (diff)
parent7c6f38e49a2005812e37fe5b365717edc0d5dd44 (diff)
downloadpfsense-23273a9b1c7612080420d59188ca591dfa21de9f.zip
pfsense-23273a9b1c7612080420d59188ca591dfa21de9f.tar.gz
Merge pull request #3773 from PiBa-NL/20170703-ipsec-sleep-lock
Diffstat (limited to 'src')
-rwxr-xr-xsrc/etc/rc.newipsecdns34
1 files changed, 23 insertions, 11 deletions
diff --git a/src/etc/rc.newipsecdns b/src/etc/rc.newipsecdns
index 4670b37..387e731 100755
--- a/src/etc/rc.newipsecdns
+++ b/src/etc/rc.newipsecdns
@@ -25,8 +25,21 @@
* limitations under the License.
*/
-/* parse the configuration and include all functions used below */
require_once("util.inc");
+require_once("globals.inc");
+
+/* make sure to wait until the boot scripts have finished */
+if (file_exists("{$g['varrun_path']}/booting")) {
+ return;
+}
+
+$ipseclck_pending = try_lock('ipsecdns_pending', 0);
+if (!$ipseclck_pending) {
+ /* if a vpn_ipsec_configure() is still pending no need to stack up another one */
+ return;
+}
+
+/* parse the configuration and include all functions used below */
require_once("config.inc");
require_once("gwlb.inc");
require_once("functions.inc");
@@ -36,21 +49,20 @@ require_once("auth.inc");
require_once("ipsec.inc");
require_once("vpn.inc");
-/* make sure to wait until the boot scripts have finished */
-if (file_exists("{$g['varrun_path']}/booting")) {
- return;
-}
-
-if (ipsec_enabled()) {
- sleep(15);
- log_error("IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.");
-} else {
+if (!ipsec_enabled()) {
+ unlock($ipseclck_pending);
return;
}
$ipseclck = lock('ipsecdns', LOCK_EX);
+sleep(12);
+unlock($ipseclck_pending);
+sleep(3);
+log_error("IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.");
+
+/* make sure we have the latest configuration changes loaded. */
+$config = parse_config();
vpn_ipsec_configure();
unlock($ipseclck);
-?>
OpenPOWER on IntegriCloud