From 41da54ce14d2d43a5ce9738bd80b73355fa26180 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ermal=20LU=C3=87I?= Date: Sat, 31 Jan 2015 11:06:44 +0100 Subject: Fixes #4353 Identify when strongswan.conf needs a reload and restart ipsec service. --- usr/local/www/vpn_ipsec_mobile.php | 5 ++--- usr/local/www/vpn_ipsec_settings.php | 28 +++++++++++++++++++++------- 2 files changed, 23 insertions(+), 10 deletions(-) (limited to 'usr/local/www') diff --git a/usr/local/www/vpn_ipsec_mobile.php b/usr/local/www/vpn_ipsec_mobile.php index ac32a87..98072d8 100644 --- a/usr/local/www/vpn_ipsec_mobile.php +++ b/usr/local/www/vpn_ipsec_mobile.php @@ -112,7 +112,8 @@ if ($_POST['create']) { if ($_POST['apply']) { $retval = 0; - $retval = vpn_ipsec_configure(); + /* NOTE: #4353 Always restart ipsec when mobile clients settings change */ + $retval = vpn_ipsec_configure(true); $savemsg = get_std_save_message($retval); if ($retval >= 0) if (is_subsystem_dirty('ipsec')) @@ -227,8 +228,6 @@ if ($_POST['submit']) { if ($pconfig['login_banner_enable']) $client['login_banner'] = $pconfig['login_banner']; -// $echo "login banner = {$pconfig['login_banner']}"; - $a_client = $client; write_config(); diff --git a/usr/local/www/vpn_ipsec_settings.php b/usr/local/www/vpn_ipsec_settings.php index 9de5a26..fa9ae0b 100644 --- a/usr/local/www/vpn_ipsec_settings.php +++ b/usr/local/www/vpn_ipsec_settings.php @@ -130,20 +130,34 @@ if ($_POST) { } } - if($_POST['compression'] == "yes") + $needsrestart = false; + + if($_POST['compression'] == "yes") { + if (!isset($config['ipsec']['compression'])) + $needsrestart = true; $config['ipsec']['compression'] = true; - elseif (isset($config['ipsec']['compression'])) + } elseif (isset($config['ipsec']['compression'])) { + $needsrestart = true; unset($config['ipsec']['compression']); + } - if($_POST['unityplugin'] == "yes") + if($_POST['unityplugin'] == "yes") { + if (!isset($config['ipsec']['unityplugin'])) + $needsrestart = true; $config['ipsec']['unityplugin'] = true; - elseif (isset($config['ipsec']['unityplugin'])) + } elseif (isset($config['ipsec']['unityplugin'])) { + $needsrestart = true; unset($config['ipsec']['unityplugin']); + } - if($_POST['acceptunencryptedmainmode'] == "yes") + if($_POST['acceptunencryptedmainmode'] == "yes") { + if (!isset($config['ipsec']['acceptunencryptedmainmode'])) + $needsrestart = true; $config['ipsec']['acceptunencryptedmainmode'] = true; - elseif (isset($config['ipsec']['acceptunencryptedmainmode'])) + } elseif (isset($config['ipsec']['acceptunencryptedmainmode'])) { + $needsrestart = true; unset($config['ipsec']['acceptunencryptedmainmode']); + } if($_POST['maxmss_enable'] == "yes") { $config['system']['maxmss_enable'] = true; @@ -163,7 +177,7 @@ if ($_POST) { $savemsg = gettext($retval); vpn_ipsec_configure_preferoldsa(); - vpn_ipsec_configure(); + vpn_ipsec_configure($needsrestart); vpn_ipsec_configure_loglevels(); // header("Location: vpn_ipsec_settings.php"); -- cgit v1.1