#!/bin/sh /etc/rc.common
# Copyright (C) 2008 OpenWrt.org

START=90

config_load certificate

certificate_delete()
{
	local sectiontype
	local option
	local pemfile
	local crtfile
	
	uci delete ipsec_cer_config.$1
	
	sectiontype=$(uci oget  certificate.$1)
	
	 if [ "$sectiontype" == "trustca"  ];then
    		pemfile="/etc/ipsec.d/cacerts/"$1.pem;
		crtfile="/etc/ipsec.d/cacerts/"$1.crt;
    else
    		pemfile="/etc/ipsec.d/certs/"$1.pem;
		crtfile="/etc/ipsec.d/certs/"$1.crt;
    fi
		
	[ -f "$pemfile" ] && {
		rm -rf $pemfile;
	}
	[ -f "$crtfile" ] && {
		rm -rf $crtfile;
	}
	
	uci commit ipsec_cer_config
}

apply() {
	chage=$(uci fchanges delete certificate)	
	for profile in ${chage}; do
		certificate_delete $profile
	done
			
	uci commit certificate
	
}