(legacy) vpn/ipsec remove some single used functions

3d765c02 · Ad Schellevis · cb975aff · 3d765c02
Commit 3d765c02 authored Sep 03, 2015 by Ad Schellevis
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 34 deletions

vpn.inc src/etc/inc/vpn.inc +18 -34

No files found.
--- a/src/etc/inc/vpn.inc
+++ b/src/etc/inc/vpn.inc
@@ -31,26 +31,6 @@

 require_once("ipsec.inc");

-function vpn_ipsec_configure_loglevels($forconfig = false)
-{
-  global $config, $ipsec_loglevels;
-
-  $cfgtext = array();
-  if (isset($ipsec_loglevels)) {
-    foreach ($ipsec_loglevels as $lkey => $ldescr) {
-      if (!isset($config['ipsec']["ipsec_{$lkey}"]) && !$forconfig)
-        mwexec("/usr/local/sbin/ipsec stroke loglevel {$lkey} -- -1", false);
-      else if (isset($config['ipsec']["ipsec_{$lkey}"]) && is_numeric($config['ipsec']["ipsec_{$lkey}"]) &&
-          intval($config['ipsec']["ipsec_{$lkey}"]) >= 1 && intval($config['ipsec']["ipsec_{$lkey}"]) <= 5)
-        $forconfig ? $cfgtext[] = "${lkey} " . (intval($config['ipsec']["ipsec_{$lkey}"]) - 1) :
-          mwexec("/usr/local/sbin/ipsec stroke loglevel {$lkey} " . (intval($config['ipsec']["ipsec_{$lkey}"]) - 1) , false);
-    }
-  }
-
-  if ($forconfig) {
-    return implode(',', $cfgtext);
-  }
-}

 /* include all configuration functions */
 function vpn_ipsec_convert_to_modp($index)
@@ -89,13 +69,18 @@ function vpn_ipsec_convert_to_modp($index)

 function vpn_ipsec_configure()
 {
-  global $config, $p2_ealgos;
+  global $config, $p2_ealgos, $ipsec_loglevels;

  /* get the automatic ping_hosts.sh ready */
  @unlink('/var/db/ipsecpinghosts');
  touch('/var/db/ipsecpinghosts');

-  vpn_ipsec_configure_preferoldsa();
+  //  Prefer older IPsec SAs (advanced setting)
+  if (isset($config['ipsec']['preferoldsa'])) {
+    set_single_sysctl("net.key.preferred_oldsa", "-30");
+  } else {
+    set_single_sysctl("net.key.preferred_oldsa", "0");
+  }

  $syscfg = $config['system'];
  $ipseccfg = $config['ipsec'];
@@ -502,7 +487,17 @@ EOD;
    if (is_array($a_phase1) && count($a_phase1))  {
        $ipsecconf .= "# This file is automatically generated. Do not edit\n";
        $ipsecconf .= "config setup\n\tuniqueids = yes\n";
-        $ipsecconf .= "\tcharondebug=\"" . vpn_ipsec_configure_loglevels(true) . "\"\n";
+        // parse debug tags
+        $cfg_loglevels = array();
+        if (isset($ipsec_loglevels)) {
+            foreach ($ipsec_loglevels as $lkey => $ldescr) {
+                if (isset($config['ipsec']["ipsec_{$lkey}"]) && is_numeric($config['ipsec']["ipsec_{$lkey}"]) &&
+                  intval($config['ipsec']["ipsec_{$lkey}"]) >= 1 && intval($config['ipsec']["ipsec_{$lkey}"]) <= 5) {
+                      $cfg_loglevels[] = "${lkey} " . (intval($config['ipsec']["ipsec_{$lkey}"]) - 1) ;
+                }
+            }
+        }
+        $ipsecconf .= "\tcharondebug=\"" .implode(',', $cfg_loglevels) . "\"\n";

        foreach ($a_phase1 as $ph1ent) {
            if (isset($ph1ent['disabled'])) {
@@ -1584,14 +1579,3 @@ EOD;

  return 0;
 }
-
-function vpn_ipsec_configure_preferoldsa()
-{
-  global $config;
-
-  if (isset($config['ipsec']['preferoldsa'])) {
-    set_single_sysctl("net.key.preferred_oldsa", "-30");
-  } else {
-    set_single_sysctl("net.key.preferred_oldsa", "0");
-  }
-}