Ubuntu 12.04 have no /etc/resolv.conf file at all, but instead have
resolvconf utility to do the same things (maybe more gracefully?)
Attached is a crude and dirty patch to deal with this.
In two words: if we have no /etc/resolv.conf, execute resolvconf in pipe
and write all needed info to it.
ike version is 2.0.2-bets-2 (ike-2.2.0-beta-2.tgz)
TODO: use vpn/site name as a label for resolvconf to later delete this
DNS configuration change. It's essential in case of more than one VPN is
used simultaneously.
Sincerely,
--
Andrew Timonin
--- a/source/iked/ike.socket.cpp 2011-02-06 19:26:31.000000000 +0300
+++ b/source/iked/ike.socket.cpp 2012-07-14 14:51:56.920048345 +0400
@@ -845,56 +845,73 @@
if( tunnel->xconf.opts & ( IPSEC_OPTS_DNSS | IPSEC_OPTS_DOMAIN ) )
{
- // backup the current resolv.conf file
+ if (accsess ("/etc/resolv.conf", R_OK|W_OK) == 0) { // do we have resolv.conf?
+ // backup the current resolv.conf file
- rename( "/etc/resolv.conf", "/etc/resolv.iked" );
+ rename( "/etc/resolv.conf", "/etc/resolv.iked" );
- FILE * fp1 = fopen( "/etc/resolv.iked", "r" );
- FILE * fp2 = fopen( "/etc/resolv.conf", "w+" );
+ FILE * fp1 = fopen( "/etc/resolv.iked", "r" );
+ FILE * fp2 = fopen( "/etc/resolv.conf", "w+" );
- if( fp2 != NULL )
- {
- // write configuration
-
- if( tunnel->xconf.opts & IPSEC_OPTS_DOMAIN )
- fprintf( fp2, "domain\t%s\n", tunnel->xconf.nscfg.dnss_suffix );
-
- if( tunnel->xconf.opts & IPSEC_OPTS_DNSS )
- for( int i = 0; i < tunnel->xconf.nscfg.dnss_count; i++ )
- fprintf( fp2, "nameserver\t%s\n",
- inet_ntoa( tunnel->xconf.nscfg.dnss_list[ i ] ) );
-
- if( fp1 != NULL )
+ if( fp2 != NULL )
{
- // merge additional options
+ // write configuration
- char line[ 1024 ];
+ if( tunnel->xconf.opts & IPSEC_OPTS_DOMAIN )
+ fprintf( fp2, "domain\t%s\n", tunnel->xconf.nscfg.dnss_suffix );
- while( fgets( line, sizeof( line ), fp1 ) != NULL )
+ if( tunnel->xconf.opts & IPSEC_OPTS_DNSS )
+ for( int i = 0; i < tunnel->xconf.nscfg.dnss_count; i++ )
+ fprintf( fp2, "nameserver\t%s\n",
+ inet_ntoa( tunnel->xconf.nscfg.dnss_list[ i ] ) );
+
+ if( fp1 != NULL )
{
- if( !strncmp( line, "domain", 6 ) )
- {
- if( !( tunnel->xconf.opts & IPSEC_OPTS_DOMAIN ) )
- fwrite( line, strlen( line ), 1, fp2 );
+ // merge additional options
- continue;
- }
+ char line[ 1024 ];
- if( !strncmp( line, "nameserver", 9 ) )
+ while( fgets( line, sizeof( line ), fp1 ) != NULL )
{
- if( !( tunnel->xconf.opts & IPSEC_OPTS_DNSS ) )
- fwrite( line, strlen( line ), 1, fp2 );
+ if( !strncmp( line, "domain", 6 ) )
+ {
+ if( !( tunnel->xconf.opts & IPSEC_OPTS_DOMAIN ) )
+ fwrite( line, strlen( line ), 1, fp2 );
+
+ continue;
+ }
+
+ if( !strncmp( line, "nameserver", 9 ) )
+ {
+ if( !( tunnel->xconf.opts & IPSEC_OPTS_DNSS ) )
+ fwrite( line, strlen( line ), 1, fp2 );
- continue;
+ continue;
+ }
+
+ fwrite( line, strlen( line ), 1, fp2 );
}
- fwrite( line, strlen( line ), 1, fp2 );
+ fclose( fp1 );
}
- fclose( fp1 );
+ fclose( fp2 );
+ }
+ }
+ else
+ { // assume "resolvconf iked" a good choise - FIXME should be site/vpn name
+ FILE * fp;
+ if ( fp = popen("/sbin/resolvconf -a iked", "w")) {
+ // write configuration
+ if( tunnel->xconf.opts & IPSEC_OPTS_DOMAIN )
+ fprintf( fp, "domain\t%s\n", tunnel->xconf.nscfg.dnss_suffix );
+
+ if( tunnel->xconf.opts & IPSEC_OPTS_DNSS )
+ for( int i = 0; i < tunnel->xconf.nscfg.dnss_count; i++ )
+ fprintf( fp, "nameserver\t%s\n",
+ inet_ntoa( tunnel->xconf.nscfg.dnss_list[ i ] ) );
+ pclose (fp);
}
-
- fclose( fp2 );
}
}
@@ -905,9 +922,12 @@
{
if( tunnel->xconf.opts & ( IPSEC_OPTS_DNSS | IPSEC_OPTS_DOMAIN ) )
{
- // restore the previous resolv.conf file
-
- rename( "/etc/resolv.iked", "/etc/resolv.conf" );
+ if (accsess ("/etc/resolv.conf", R_OK|W_OK) == 0)
+ // restore the previous resolv.conf file
+ rename( "/etc/resolv.iked", "/etc/resolv.conf" );
+ else
+ // FIXME should be site/vpn name
+ system("/sbin/resolvconf -d iked")
}
if( tunnel->xconf.opts & IPSEC_OPTS_ADDR )
_______________________________________________
vpn-help mailing list
[email protected]
http://lists.shrew.net/mailman/listinfo/vpn-help
