File: strongswan-starter.config

package info (click to toggle)
strongswan 5.2.1-6+deb8u2~bpo70+1
  • links: PTS, VCS
  • area: main
  • in suites: wheezy-backports
  • size: 48,080 kB
  • sloc: ansic: 292,318; sh: 16,273; sql: 7,950; makefile: 5,254; xml: 574; cs: 522; ruby: 453; lex: 406; yacc: 374; python: 236; ada: 111; perl: 93
file content (46 lines) | stat: -rw-r--r-- 1,613 bytes parent folder | download | duplicates (9)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
#!/bin/sh -e

. /usr/share/debconf/confmodule

# disable for now, until we can deal with the don't-edit-conffiles situation
#db_input high strongswan/ikev1 || true
#db_input high strongswan/ikev2 || true

db_input medium strongswan/restart || true

db_input high strongswan/enable-oe || true

db_get strongswan/install_x509_certificate
if [ "$RET" = "true" ]; then
    db_input high strongswan/how_to_get_x509_certificate || true
    db_go || true

    db_get strongswan/how_to_get_x509_certificate
    if [ "$RET" = "create" ]; then
	# create a new certificate
	db_input medium strongswan/rsa_key_length || true
	db_input high strongswan/x509_self_signed || true
	# we can't allow the country code to be empty - openssl will
	# refuse to create a certificate this way
	countrycode=""
	while [ -z "$countrycode" ]; do
	   db_input medium strongswan/x509_country_code || true
	   db_go || true
	   db_get strongswan/x509_country_code
	   countrycode="$RET"
	done
	db_input medium strongswan/x509_state_name || true
	db_input medium strongswan/x509_locality_name || true
	db_input medium strongswan/x509_organization_name || true
	db_input medium strongswan/x509_organizational_unit || true
	db_input medium strongswan/x509_common_name || true
	db_input medium strongswan/x509_email_address || true
	db_go || true
    elif [ "$RET" = "import" ]; then
	# existing certificate - use it
	db_input critical strongswan/existing_x509_certificate_filename || true
	db_input critical strongswan/existing_x509_key_filename || true
	db_input critical strongswan/existing_x509_rootca_filename || true
	db_go || true
    fi
fi