From 3fa8c3e529e8736be5f94d4641ec448e143f4523 Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 12 Feb 2019 12:11:10 +0100
Subject: [PATCH] updown: Pass interface ID to updown script

---
 src/_updown/_updown.in                         |  6 ++++++
 src/libcharon/plugins/updown/updown_listener.c | 11 +++++++++++
 2 files changed, 17 insertions(+)

diff --git a/src/_updown/_updown.in b/src/_updown/_updown.in
index 5f709637e9..d8d7110512 100644
--- a/src/_updown/_updown.in
+++ b/src/_updown/_updown.in
@@ -119,6 +119,12 @@
 #       PLUTO_MARK_OUT
 #              is an optional XFRM mark set on the outbound IPsec SA
 #
+#       PLUTO_IF_ID_IN
+#              is an optional XFRM interface ID set on the inbound IPsec SA
+#
+#       PLUTO_IF_ID_OUT
+#              is an optional XFRM interface ID set on the outbound IPsec SA
+#
 #       PLUTO_UDP_ENC
 #              contains the remote UDP port in the case of ESP_IN_UDP
 #              encapsulation
diff --git a/src/libcharon/plugins/updown/updown_listener.c b/src/libcharon/plugins/updown/updown_listener.c
index bbefd6a027..95d5cded44 100644
--- a/src/libcharon/plugins/updown/updown_listener.c
+++ b/src/libcharon/plugins/updown/updown_listener.c
@@ -258,6 +258,7 @@ static void invoke_once(private_updown_listener_t *this, ike_sa_t *ike_sa,
 	host_t *me, *other, *host;
 	char *iface;
 	uint8_t mask;
+	uint32_t if_id;
 	mark_t mark;
 	bool is_host, is_ipv6;
 	int out;
@@ -356,6 +357,16 @@ static void invoke_once(private_updown_listener_t *this, ike_sa_t *ike_sa,
 		push_env(envp, countof(envp), "PLUTO_MARK_OUT=%u/0x%08x",
 				 mark.value, mark.mask);
 	}
+	if_id = child_sa->get_if_id(child_sa, TRUE);
+	if (if_id)
+	{
+		push_env(envp, countof(envp), "PLUTO_IF_ID_IN=%u", if_id);
+	}
+	if_id = child_sa->get_if_id(child_sa, FALSE);
+	if (if_id)
+	{
+		push_env(envp, countof(envp), "PLUTO_IF_ID_OUT=%u", if_id);
+	}
 	if (ike_sa->has_condition(ike_sa, COND_NAT_ANY))
 	{
 		push_env(envp, countof(envp), "PLUTO_UDP_ENC=%u",