From 1488ac0ce88c6f938604b59ba8669e90c7bda006 Mon Sep 17 00:00:00 2001 From: hwdsl2 Date: Fri, 27 Oct 2017 00:14:38 -0500 Subject: [PATCH] Workaround for Raspberry Pi - Libreswan version 3.22 does not start on Raspberry Pi - Install version 3.21 on these systems as a workaround --- extras/vpnupgrade.sh | 20 ++++++++++++++++++++ vpnsetup.sh | 3 +++ 2 files changed, 23 insertions(+) diff --git a/extras/vpnupgrade.sh b/extras/vpnupgrade.sh index 712eaf5..29089b2 100644 --- a/extras/vpnupgrade.sh +++ b/extras/vpnupgrade.sh @@ -49,6 +49,26 @@ if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -q "Libreswan"; then exiterr "This script requires Libreswan already installed." fi +if [ "$swan_ver" = "3.22" ]; then + if grep -qs raspbian /etc/os-release; then + echo "Note: For Raspberry Pi systems, this script will install Libreswan" + echo "version 3.21 instead of 3.22, to avoid some recent bugs." + echo + printf "Do you wish to continue? [y/N] " + read -r response + case $response in + [yY][eE][sS]|[yY]) + echo + swan_ver=3.21 + ;; + *) + echo "Aborting." + exit 1 + ;; + esac + fi +fi + if /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$swan_ver"; then echo "You already have Libreswan version $swan_ver installed! " echo "If you continue, the same version will be re-installed." diff --git a/vpnsetup.sh b/vpnsetup.sh index 3c39bef..d61db85 100755 --- a/vpnsetup.sh +++ b/vpnsetup.sh @@ -177,6 +177,9 @@ apt-get -yq install fail2ban || exiterr2 bigecho "Compiling and installing Libreswan..." swan_ver=3.22 +if grep -qs raspbian /etc/os-release; then + swan_ver=3.21 +fi swan_file="libreswan-$swan_ver.tar.gz" swan_url1="https://github.com/libreswan/libreswan/archive/v$swan_ver.tar.gz" swan_url2="https://download.libreswan.org/$swan_file"