#!/bin/sh

# fill in most pluto flags for debugging
# Only argument is east or west
# Actually, extra args are passed on to pluto, so --nofork might be useful

cd /tmp

. CONFIG

case "$1" in
east) INTERFACE=$EASTIF ; MYPLUTO=${EASTPLUTO:-$PLUTO} ; MYWHACK=${EASTWHACK:-$WHACK} ;;
west) INTERFACE=$WESTIF ; MYPLUTO=${WESTPLUTO:-$PLUTO} ; MYWHACK=${WESTWHACK:-$WHACK} ;;
north) INTERFACE=$NORTHIF ; MYPLUTO=${NORTHPLUTO:-$PLUTO} ; MYWHACK=${NORTHWHACK:-$WHACK} ;;
south) INTERFACE=$SOUTHIF ; MYPLUTO=${SOUTHPLUTO:-$PLUTO} ; MYWHACK=${SOUTHWHACK:-$WHACK} ;;
*) echo "$0: \"east\" or \"west\" expected" >&2
   exit 1;
   ;;
esac

SIDE=$1
shift

# the purpose of this function is to hide differences that don't count
# from the log: path to pluto and LWDNSQOPTION
function performpluto() {
	mkdir -p pluto/$SIDE && cd pluto/$SIDE
	ln -s -f ../../ipsec.secrets .
	ln -s -f ${TESTING}/pluto/ipsec.d/west .
	ln -s -f ${TESTING}/pluto/ipsec.d/east .
	echo PWD: `pwd`
	echo "PLUTO" "$@"
	$MYPLUTO ${LWDNSQOPTION:-} "$@" || echo RC: $?
	}

LOCK=pluto/$SIDE/pluto.$SIDE.pid

if [ -f $LOCK ]
then
	echo Removing stale lock $LOCK
	$MYWHACK --ctlbase pluto.$SIDE --shutdown
	rm -f $LOCK
fi

# make sure it is set to something
HELPERS=${HELPERS-}

performpluto \
	--ctlbase pluto.$SIDE \
	--interface $INTERFACE \
	--ikeport $IKEPORT $HELPERS \
	--secretsfile `pwd`/ipsec.secrets/$SIDE \
	--ipsecdir `pwd`/$SIDE \
	--noklips --uniqueids --stderrlog --nhelpers 0 \
	--debug-all --debug-private \
	"$@"