From 91b7e53004d672a602dabde7e8d1180f7f4675f9 Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Wed, 13 Jan 2021 01:39:41 -0600
Subject: [PATCH] Update IKEv2 script

- Improve check for MOBIKE support
---
 .github/workflows/main.yml |  2 --
 extras/ikev2setup.sh       | 73 ++++++++++++++++++--------------------
 2 files changed, 34 insertions(+), 41 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 3c35394..6462d09 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -141,7 +141,6 @@ jobs:
 
 
 
-
           y
           ANSWERS
 
@@ -350,7 +349,6 @@ jobs:
 
 
 
-
           y
           ANSWERS
 
diff --git a/extras/ikev2setup.sh b/extras/ikev2setup.sh
index 05db708..2b2ed4c 100644
--- a/extras/ikev2setup.sh
+++ b/extras/ikev2setup.sh
@@ -367,28 +367,38 @@ case $swan_ver in
 esac
 
 if uname -m | grep -qi -e '^arm' -e '^aarch64'; then
-  mobike_support=0
-fi
-
-if [ "$mobike_support" = "1" ]; then
-  if [ "$in_container" = "0" ]; then
-    # Linux kernels on Ubuntu do not support MOBIKE
-    if [ "$os_type" = "ubuntu" ]; then
+  modprobe -q configs
+  if [ -f /proc/config.gz ]; then
+    if ! zcat /proc/config.gz | grep -q "CONFIG_XFRM_MIGRATE=y"; then
       mobike_support=0
     fi
   fi
 fi
 
+kernel_conf="/boot/config-$(uname -r)"
+if [ -f "$kernel_conf" ]; then
+  if ! grep -qs "CONFIG_XFRM_MIGRATE=y" "$kernel_conf"; then
+    mobike_support=0
+  fi
+fi
+
+# Linux kernels on Ubuntu do not support MOBIKE
+if [ "$in_container" = "0" ]; then
+  if [ "$os_type" = "ubuntu" ] || uname -v | grep -qi ubuntu; then
+    mobike_support=0
+  fi
+else
+  if uname -v | grep -qi ubuntu; then
+    mobike_support=0
+  fi
+fi
+
 echo
 echo -n "Checking for MOBIKE support... "
 if [ "$mobike_support" = "1" ]; then
-  if [ "$in_container" = "0" ]; then
-    echo "yes"
-  else
-    echo "running in a container, see notes below"
-  fi
+  echo "available"
 else
-  echo "no"
+  echo "not available"
 fi
 
 mobike_enable=0
@@ -396,32 +406,17 @@ if [ "$mobike_support" = "1" ]; then
   echo
   echo "The MOBIKE IKEv2 extension allows VPN clients to change network attachment points,"
   echo "e.g. switch between mobile data and Wi-Fi and keep the IPsec tunnel up on the new IP."
-  if [ "$in_container" = "0" ]; then
-    echo
-    printf "Do you want to enable MOBIKE support? [Y/n] "
-    read -r response
-    case $response in
-      [yY][eE][sS]|[yY]|'')
-        mobike_enable=1
-        ;;
-      *)
-        mobike_enable=0
-        ;;
-    esac
-  else
-    echo
-    echo "IMPORTANT: *DO NOT* enable MOBIKE support, if your Docker host runs Ubuntu Linux."
-    printf "Do you want to enable MOBIKE support? [y/N] "
-    read -r response
-    case $response in
-      [yY][eE][sS]|[yY])
-        mobike_enable=1
-        ;;
-      *)
-        mobike_enable=0
-        ;;
-    esac
-  fi
+  echo
+  printf "Do you want to enable MOBIKE support? [Y/n] "
+  read -r response
+  case $response in
+    [yY][eE][sS]|[yY]|'')
+      mobike_enable=1
+      ;;
+    *)
+      mobike_enable=0
+      ;;
+  esac
 fi
 
 cat <<EOF