From a241d6b53ac8d1aefe854d673ed5f41693ce9388 Mon Sep 17 00:00:00 2001
From: Renato Botelho <garga@FreeBSD.org>
Date: Tue, 23 Jun 2015 14:12:29 -0300
Subject: Instead of sending USR1, just call ipsec reload. And before it, call
 ipsec rereadsecrets to make sure new secretes are updated. It should fix
 #4785

---
 etc/inc/vpn.inc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'etc')

diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc
index 1bf7fa9..b3b9ad5 100644
--- a/etc/inc/vpn.inc
+++ b/etc/inc/vpn.inc
@@ -1136,7 +1136,8 @@ EOD;
 		if (isvalidpid("{$g['varrun_path']}/starter.charon.pid")) {
 			/* Update configuration changes */
 			/* Read secrets */
-			sigkillbypid("{$g['varrun_path']}/starter.charon.pid", 'USR1');
+			mwexec("/usr/local/sbin/ipsec rereadsecrets", false);
+			mwexec("/usr/local/sbin/ipsec reload", false);
 		} else {
 			mwexec("/usr/local/sbin/ipsec start", false); 
 		}
-- 
cgit v1.1