sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-03 00:00:24 -04:00
Code Issues Projects Releases Wiki Activity

vici: Include configured local and remote ports in list-conns

Browse Source 
Closes strongswan/strongswan#2869
This commit is contained in:
Mathias Aerts 2025-08-21 12:59:00 +02:00 committed by Tobias Brunner
parent b36da850b5
commit a24dc2e9ad
3 changed files with 17 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/libcharon/plugins/vici/README.md
View File

@ -882,6 +882,8 @@ _list-conns_ command.
remote_addrs = [
<list of valid remote IKE endpoint addresses>
]
local_port = <local IKE endpoint port>
remote_port = <remote IKE endpoint port>
version = <IKE version as string, IKEv1|IKEv2 or 0 for any>
reauth_time = <IKE_SA reauthentication interval in seconds>
rekey_time = <IKE_SA rekeying interval in seconds>

5
src/libcharon/plugins/vici/vici_query.c
View File

@ -956,6 +956,11 @@ CALLBACK(list_conns, vici_message_t*,
tokens->destroy(tokens);
b->end_list(b);
b->add_kv(b, "local_port", "%u",
ike_cfg->get_my_port(ike_cfg));
b->add_kv(b, "remote_port", "%u",
ike_cfg->get_other_port(ike_cfg));
b->add_kv(b, "version", "%N", ike_version_names,
peer_cfg->get_ike_version(peer_cfg));
b->add_kv(b, "reauth_time", "%u",

13
src/swanctl/commands/list_conns.c
View File

@ -223,17 +223,19 @@ CALLBACK(conn_sn, int,
}
CALLBACK(conn_list, int,
hashtable_t *sa, vici_res_t *res, char *name, void *value, int len)
hashtable_t *ike, vici_res_t *res, char *name, void *value, int len)
{
if (chunk_printable(chunk_create(value, len), NULL, ' '))
{
if (streq(name, "local_addrs"))
{
printf(" local: %.*s\n", len, value);
printf(" local: %.*s[%s]\n", len, value,
ike->get(ike, "local_port"));
}
if (streq(name, "remote_addrs"))
{
printf(" remote: %.*s\n", len, value);
printf(" remote: %.*s[%s]\n", len, value,
ike->get(ike, "remote_port"));
}
}
return 0;
@ -244,15 +246,20 @@ CALLBACK(conns, int,
{
int ret;
char *version, *reauth_time, *rekey_time, *dpd_delay, *ppk_id, *ppk_req;
char *local_port, *remote_port;
hashtable_t *ike;
version = vici_find_str(res, "", "%s.version", name);
reauth_time = vici_find_str(res, "0", "%s.reauth_time", name);
rekey_time = vici_find_str(res, "0", "%s.rekey_time", name);
dpd_delay = vici_find_str(res, "0", "%s.dpd_delay", name);
local_port = vici_find_str(res, "0", "%s.local_port", name);
remote_port = vici_find_str(res, "0", "%s.remote_port", name);
ike = hashtable_create(hashtable_hash_str, hashtable_equals_str, 1);
free(ike->put(ike,"dpd_delay", strdup(dpd_delay)));
free(ike->put(ike,"local_port", strdup(local_port)));
free(ike->put(ike,"remote_port", strdup(remote_port)));
printf("%s: %s, ", name, version);
if (streq(version, "IKEv1"))