sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-16 00:00:37 -04:00
Code Issues Projects Releases Wiki Activity

Split swanctl --raw mode into single-line and --pretty mode

Browse Source
This commit is contained in:
Andreas Steffen 2014-06-12 22:57:15 +02:00
parent 12d618e280
commit dacb75f5c0
18 changed files with 310 additions and 185 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/libcharon/plugins/vici/libvici.c
View File

@ -438,9 +438,9 @@ void vici_free_req(vici_req_t *req)
free(req);
}
int vici_dump(vici_res_t *res, char *label, FILE *out)
int vici_dump(vici_res_t *res, char *label, bool pretty, FILE *out)
{
if (res->message->dump(res->message, label, out))
if (res->message->dump(res->message, label, pretty, out))
{
return 0;
}

5
src/libcharon/plugins/vici/libvici.h
View File

@ -75,6 +75,8 @@
#include <stdio.h>
#include <utils/utils.h>
/**
* Opaque vici connection contex.
*/
@ -278,10 +280,11 @@ void vici_free_req(vici_req_t *req);
*
* @param res response message to dump
* @param label a label to print for this message
* @param pretty use pretty print with indentation
* @param out FILE to dump to
* @return 0 if dumped complete message, 1 on error
*/
int vici_dump(vici_res_t *res, char *label, FILE *out);
int vici_dump(vici_res_t *res, char *label, bool pretty, FILE *out);
/**
* Parse next element from a vici response message.

66
src/libcharon/plugins/vici/vici_message.c
View File

@ -49,7 +49,8 @@ struct private_vici_message_t {
linked_list_t *strings;
};
ENUM(vici_type_names, VICI_SECTION_START, VICI_END,
ENUM(vici_type_names, VICI_START, VICI_END,
"start",
"section-start",
"section-end",
"key-value",
@ -449,6 +450,9 @@ METHOD(vici_message_t, parse, bool,
{
switch (type)
{
case VICI_START:
/* should never occur */
continue;
case VICI_KEY_VALUE:
if (ctx->level == base && kv)
{
@ -507,15 +511,31 @@ METHOD(vici_message_t, parse, bool,
}
METHOD(vici_message_t, dump, bool,
private_vici_message_t *this, char *label, FILE *out)
private_vici_message_t *this, char *label, bool pretty, FILE *out)
{
enumerator_t *enumerator;
int ident = 0, delta = 2;
vici_type_t type;
char *name;
int ident = 0, delta;
vici_type_t type, last_type = VICI_START;
char *name, *term, *sep, *separ, *assign;
chunk_t value;
fprintf(out, "%s {\n", label);
/* pretty print uses indentation on multiple lines */
if (pretty)
{
delta = 2;
term = "\n";
separ = "";
assign = " = ";
}
else
{
delta = 0;
term = "";
separ = " ";
assign = "=";
}
fprintf(out, "%s {%s", label, term);
ident += delta;
enumerator = create_enumerator(this);
@ -523,43 +543,54 @@ METHOD(vici_message_t, dump, bool,
{
switch (type)
{
case VICI_START:
/* should never occur */
break;
case VICI_SECTION_START:
fprintf(out, "%*s%s {\n", ident, "", name);
sep = (last_type != VICI_SECTION_START &&
last_type != VICI_START) ? separ : "";
fprintf(out, "%*s%s%s {%s", ident, "", sep, name, term);
ident += delta;
break;
case VICI_SECTION_END:
ident -= delta;
fprintf(out, "%*s}\n", ident, "");
fprintf(out, "%*s}%s", ident, "", term);
break;
case VICI_KEY_VALUE:
sep = (last_type != VICI_SECTION_START &&
last_type != VICI_START) ? separ : "";
if (chunk_printable(value, NULL, ' '))
{
fprintf(out, "%*s%s = %.*s\n",
ident, "", name, (int)value.len, value.ptr);
fprintf(out, "%*s%s%s%s%.*s%s", ident, "", sep, name,
assign, (int)value.len, value.ptr, term);
}
else
{
fprintf(out, "%*s%s = 0x%+#B\n",
ident, "", name, &value);
fprintf(out, "%*s%s%s%s0x%+#B%s", ident, "", sep, name,
assign, &value, term);
}
break;
case VICI_LIST_START:
fprintf(out, "%*s%s = [\n", ident, "", name);
sep = (last_type != VICI_SECTION_START &&
last_type != VICI_START) ? separ : "";
fprintf(out, "%*s%s%s%s[%s", ident, "", sep, name, assign, term);
ident += delta;
break;
case VICI_LIST_END:
ident -= delta;
fprintf(out, "%*s]\n", ident, "");
fprintf(out, "%*s]%s", ident, "", term);
break;
case VICI_LIST_ITEM:
sep = (last_type != VICI_LIST_START) ? separ : "";
if (chunk_printable(value, NULL, ' '))
{
fprintf(out, "%*s%.*s\n",
ident, "", (int)value.len, value.ptr);
fprintf(out, "%*s%s%.*s%s", ident, "", sep,
(int)value.len, value.ptr, term);
}
else
{
fprintf(out, "%*s 0x%+#B\n", ident, "", &value);
fprintf(out, "%*s%s0x%+#B%s", ident, "", sep,
&value, term);
}
break;
case VICI_END:
@ -567,6 +598,7 @@ METHOD(vici_message_t, dump, bool,
enumerator->destroy(enumerator);
return TRUE;
}
last_type = type;
}
enumerator->destroy(enumerator);
return FALSE;

26
src/libcharon/plugins/vici/vici_message.h
View File

@ -31,21 +31,24 @@ typedef enum vici_type_t vici_type_t;
* Vici message encoding types
*/
enum vici_type_t {
/** never used in an argument list, needed by dump as initial value */
VICI_START = 0,
/** begin of new section, argument is section name as char* */
VICI_SECTION_START = 0,
VICI_SECTION_START = 1,
/** end of current section, no arguments */
VICI_SECTION_END,
VICI_SECTION_END = 2,
/** key/value, arguments are key as char*, value as chunk_t */
VICI_KEY_VALUE,
VICI_KEY_VALUE = 3,
/** list start, argument is list name as char* */
VICI_LIST_START,
VICI_LIST_START = 4,
/** list item, argument is item value as chunk_t */
VICI_LIST_ITEM,
VICI_LIST_ITEM = 5,
/** end of list, no arguments */
VICI_LIST_END,
VICI_LIST_END = 6,
/** end of argument list, no arguments (never encoded) */
VICI_END
VICI_END = 7
};
/**
@ -184,11 +187,12 @@ struct vici_message_t {
/**
* Dump a message text representation to a FILE stream.
*
* @param label label to print for message
* @param out FILE stream to dump to
* @return TRUE if message valid
* @param label label to print for message
* @param pretty use pretty print with indentation
* @param out FILE stream to dump to
* @return TRUE if message valid
*/
bool (*dump)(vici_message_t *this, char *label, FILE *out);
bool (*dump)(vici_message_t *this, char *label, bool pretty, FILE *out);
/**
* Destroy a vici_message_t.

12
src/swanctl/command.h
View File

@ -41,7 +41,7 @@
typedef struct command_t command_t;
typedef struct command_option_t command_option_t;
typedef enum command_type_t command_type_t;
typedef enum command_format_options_t command_format_options_t;
/**
* Option specification
@ -75,6 +75,16 @@ struct command_t {
command_option_t options[MAX_OPTIONS];
};
/**
* Command format options
*/
enum command_format_options_t {
COMMAND_FORMAT_NONE = 0,
COMMAND_FORMAT_RAW = (1<<0),
COMMAND_FORMAT_PRETTY = (1<<1),
COMMAND_FORMAT_PEM = (1<<2),
};
/**
* Get the next option, as with getopt.
*/

24
src/swanctl/commands/initiate.c
View File

@ -17,13 +17,12 @@
#include <errno.h>
CALLBACK(log_cb, void,
bool *raw, char *name, vici_res_t *msg)
command_format_options_t *format, char *name, vici_res_t *msg)
{
if (*raw)
if (*format & COMMAND_FORMAT_RAW)
{
vici_dump(msg, "log", stdout);
vici_dump(msg, "log", *format & COMMAND_FORMAT_PRETTY, stdout);
}
else
{
@ -37,7 +36,7 @@ static int initiate(vici_conn_t *conn)
{
vici_req_t *req;
vici_res_t *res;
bool raw = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
char *arg, *child = NULL;
int ret = 0, timeout = 0, level = 1;
@ -47,8 +46,11 @@ static int initiate(vici_conn_t *conn)
{
case 'h':
return command_usage(NULL);
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_RAW;
continue;
case 'c':
child = arg;
@ -67,7 +69,7 @@ static int initiate(vici_conn_t *conn)
break;
}
if (vici_register(conn, "control-log", log_cb, &raw) != 0)
if (vici_register(conn, "control-log", log_cb, &format) != 0)
{
fprintf(stderr, "registering for log failed: %s\n", strerror(errno));
return errno;
@ -88,9 +90,10 @@ static int initiate(vici_conn_t *conn)
fprintf(stderr, "initiate request failed: %s\n", strerror(errno));
return errno;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "initiate reply", stdout);
vici_dump(res, "initiate reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
else
{
@ -116,12 +119,13 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
initiate, 'i', "initiate", "initiate a connection",
{"--child <name> [--timeout <s>] [--raw]"},
{"--child <name> [--timeout <s>] [--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"child", 'c', 1, "initate a CHILD_SA configuration"},
{"timeout", 't', 1, "timeout in seconds before detaching"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
{"loglevel", 'l', 1, "verbosity of redirected log"},
}
});

17
src/swanctl/commands/install.c
View File

@ -21,7 +21,7 @@ static int manage_policy(vici_conn_t *conn, char *label)
{
vici_req_t *req;
vici_res_t *res;
bool raw = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
char *arg, *child = NULL;
int ret = 0;
@ -31,8 +31,11 @@ static int manage_policy(vici_conn_t *conn, char *label)
{
case 'h':
return command_usage(NULL);
case 'P':
format |= COMMAND_FORMAT_RAW;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_PRETTY;
continue;
case 'c':
child = arg;
@ -55,10 +58,10 @@ static int manage_policy(vici_conn_t *conn, char *label)
fprintf(stderr, "%s request failed: %s\n", label, strerror(errno));
return errno;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
puts(label);
vici_dump(res, " reply", stdout);
vici_dump(res, " reply", format & COMMAND_FORMAT_PRETTY, stdout);
}
else
{
@ -94,11 +97,12 @@ static void __attribute__ ((constructor))reg_uninstall()
{
command_register((command_t) {
uninstall, 'u', "uninstall", "uninstall a trap or shunt policy",
{"--child <name> [--raw]"},
{"--child <name> [--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"child", 'c', 1, "CHILD_SA configuration to uninstall"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}
@ -110,11 +114,12 @@ static void __attribute__ ((constructor))reg_install()
{
command_register((command_t) {
install, 'p', "install", "install a trap or shunt policy",
{"--child <name> [--raw]"},
{"--child <name> [--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"child", 'c', 1, "CHILD_SA configuration to install"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}

32
src/swanctl/commands/list_certs.c
View File

@ -28,11 +28,6 @@
#include "command.h"
typedef enum {
FORMAT_RAW = (1<<0),
FORMAT_PEM = (1<<1),
} format_options_t;
/**
* Print PEM encoding of a certificate
*/
@ -541,11 +536,12 @@ static void print_cert(certificate_t *cert, bool has_privkey)
}
CALLBACK(list_cb, void,
format_options_t *format, char *name, vici_res_t *res)
command_format_options_t *format, char *name, vici_res_t *res)
{
if (*format & FORMAT_RAW)
if (*format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "list-cert event", stdout);
vici_dump(res, "list-cert event", *format & COMMAND_FORMAT_PRETTY,
stdout);
}
else
{
@ -566,7 +562,7 @@ CALLBACK(list_cb, void,
BUILD_END);
if (cert)
{
if (*format & FORMAT_PEM)
if (*format & COMMAND_FORMAT_PEM)
{
print_pem(cert);
}
@ -592,7 +588,7 @@ static int list_certs(vici_conn_t *conn)
{
vici_req_t *req;
vici_res_t *res;
format_options_t format = 0;
command_format_options_t format = COMMAND_FORMAT_NONE;
char *arg, *subject = NULL, *type = NULL;
while (TRUE)
@ -608,10 +604,13 @@ static int list_certs(vici_conn_t *conn)
type = arg;
continue;
case 'p':
format |= FORMAT_PEM;
format |= COMMAND_FORMAT_PEM;
continue;
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
format |= FORMAT_RAW;
format |= COMMAND_FORMAT_RAW;
continue;
case EOF:
break;
@ -641,9 +640,10 @@ static int list_certs(vici_conn_t *conn)
fprintf(stderr, "list-certs request failed: %s\n", strerror(errno));
return errno;
}
if (format & FORMAT_RAW)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "list-certs reply", stdout);
vici_dump(res, "list-certs reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
vici_free_res(res);
return 0;
@ -656,13 +656,15 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
list_certs, 'x', "list-certs", "list stored certificates",
{"[--subject <dn/san>] [--type X509|X509_AC|X509_CRL] [--pem] [--raw]"},
{"[--subject <dn/san>] [--type X509|X509_AC|X509_CRL] [--pem] "
"[--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"subject", 's', 1, "filter by certificate subject"},
{"type", 't', 1, "filter by certificate type"},
{"pem", 'p', 0, "print PEM encoding of certificate"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}

24
src/swanctl/commands/list_conns.c
View File

@ -161,11 +161,12 @@ CALLBACK(conns, int,
}
CALLBACK(list_cb, void,
bool *raw, char *name, vici_res_t *res)
command_format_options_t *format, char *name, vici_res_t *res)
{
if (*raw)
if (*format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "list-conn event", stdout);
vici_dump(res, "list-conn event", *format & COMMAND_FORMAT_PRETTY,
stdout);
}
else
{
@ -180,7 +181,7 @@ static int list_conns(vici_conn_t *conn)
{
vici_req_t *req;
vici_res_t *res;
bool raw = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
char *arg;
while (TRUE)
@ -189,8 +190,11 @@ static int list_conns(vici_conn_t *conn)
{
case 'h':
return command_usage(NULL);
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_RAW;
continue;
case EOF:
break;
@ -199,7 +203,7 @@ static int list_conns(vici_conn_t *conn)
}
break;
}
if (vici_register(conn, "list-conn", list_cb, &raw) != 0)
if (vici_register(conn, "list-conn", list_cb, &format) != 0)
{
fprintf(stderr, "registering for connections failed: %s\n",
strerror(errno));
@ -212,9 +216,10 @@ static int list_conns(vici_conn_t *conn)
fprintf(stderr, "list-conns request failed: %s\n", strerror(errno));
return errno;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "list-conns reply", stdout);
vici_dump(res, "list-conns reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
vici_free_res(res);
return 0;
@ -227,10 +232,11 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
list_conns, 'L', "list-conns", "list loaded configurations",
{"[--raw]"},
{"[--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}

24
src/swanctl/commands/list_pols.c
View File

@ -93,11 +93,12 @@ CALLBACK(policies, int,
}
CALLBACK(list_cb, void,
bool *raw, char *name, vici_res_t *res)
command_format_options_t *format, char *name, vici_res_t *res)
{
if (*raw)
if (*format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "list-policy event", stdout);
vici_dump(res, "list-policy event", *format & COMMAND_FORMAT_PRETTY,
stdout);
}
else
{
@ -112,7 +113,8 @@ static int list_pols(vici_conn_t *conn)
{
vici_req_t *req;
vici_res_t *res;
bool raw = FALSE, trap = FALSE, drop = FALSE, pass = FALSE;
bool trap = FALSE, drop = FALSE, pass = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
char *arg, *child = NULL;
while (TRUE)
@ -133,8 +135,11 @@ static int list_pols(vici_conn_t *conn)
case 'p':
pass = TRUE;
continue;
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_RAW;
continue;
case EOF:
break;
@ -147,7 +152,7 @@ static int list_pols(vici_conn_t *conn)
{
trap = drop = pass = TRUE;
}
if (vici_register(conn, "list-policy", list_cb, &raw) != 0)
if (vici_register(conn, "list-policy", list_cb, &format) != 0)
{
fprintf(stderr, "registering for policies failed: %s\n",
strerror(errno));
@ -176,9 +181,9 @@ static int list_pols(vici_conn_t *conn)
fprintf(stderr, "list-policies request failed: %s\n", strerror(errno));
return errno;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "list-policies reply", stdout);
vici_dump(res, "list-policies reply", format & COMMAND_FORMAT_PRETTY, stdout);
}
vici_free_res(res);
return 0;
@ -191,7 +196,7 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
list_pols, 'P', "list-pols", "list currently installed policies",
{"[--child <name>] [--trap] [--drop] [--pass] [--raw]"},
{"[--child <name>] [--trap] [--drop] [--pass] [--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"child", 'c', 1, "filter policies by CHILD_SA config name"},
@ -199,6 +204,7 @@ static void __attribute__ ((constructor))reg()
{"drop", 'd', 0, "list drop policies"},
{"pass", 'p', 0, "list bypass policies"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}

15
src/swanctl/commands/list_pools.c
View File

@ -40,7 +40,7 @@ static int list_pools(vici_conn_t *conn)
{
vici_req_t *req;
vici_res_t *res;
bool raw = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
char *arg;
int ret = 0;
@ -50,8 +50,11 @@ static int list_pools(vici_conn_t *conn)
{
case 'h':
return command_usage(NULL);
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_RAW;
continue;
case EOF:
break;
@ -68,9 +71,10 @@ static int list_pools(vici_conn_t *conn)
fprintf(stderr, "get-pools request failed: %s\n", strerror(errno));
return errno;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "get-pools reply", stdout);
vici_dump(res, "get-pools reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
else
{
@ -87,10 +91,11 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
list_pools, 'A', "list-pools", "list loaded pool configurations",
{"[--raw]"},
{"[--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}

25
src/swanctl/commands/list_sas.c
View File

@ -260,11 +260,12 @@ CALLBACK(ike_sas, int,
}
CALLBACK(list_cb, void,
bool *raw, char *name, vici_res_t *res)
command_format_options_t *format, char *name, vici_res_t *res)
{
if (*raw)
if (*format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "list-sa event", stdout);
vici_dump(res, "list-sa event", *format & COMMAND_FORMAT_PRETTY,
stdout);
}
else
{
@ -279,7 +280,8 @@ static int list_sas(vici_conn_t *conn)
{
vici_req_t *req;
vici_res_t *res;
bool raw = FALSE, noblock = FALSE;
bool noblock = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
char *arg, *ike = NULL;
int ike_id = 0;
@ -298,8 +300,11 @@ static int list_sas(vici_conn_t *conn)
case 'n':
noblock = TRUE;
continue;
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_RAW;
continue;
case EOF:
break;
@ -308,7 +313,7 @@ static int list_sas(vici_conn_t *conn)
}
break;
}
if (vici_register(conn, "list-sa", list_cb, &raw) != 0)
if (vici_register(conn, "list-sa", list_cb, &format) != 0)
{
fprintf(stderr, "registering for SAs failed: %s\n", strerror(errno));
return errno;
@ -332,9 +337,10 @@ static int list_sas(vici_conn_t *conn)
fprintf(stderr, "list-sas request failed: %s\n", strerror(errno));
return errno;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "list-sas reply", stdout);
vici_dump(res, "list-sas reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
vici_free_res(res);
return 0;
@ -347,13 +353,14 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
list_sas, 'l', "list-sas", "list currently active IKE_SAs",
{"[--raw]"},
{"[--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"ike", 'i', 1, "filter IKE_SAs by name"},
{"ike-id", 'I', 1, "filter IKE_SAs by unique identifier"},
{"noblock", 'n', 0, "don't wait for IKE_SAs in use"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}

41
src/swanctl/commands/load_conns.c
View File

@ -185,7 +185,7 @@ static void add_sections(vici_req_t *req, settings_t *cfg, char *section)
* Load an IKE_SA config with CHILD_SA configs from a section
*/
static bool load_conn(vici_conn_t *conn, settings_t *cfg,
char *section, bool raw)
char *section, command_format_options_t format)
{
vici_req_t *req;
vici_res_t *res;
@ -207,9 +207,10 @@ static bool load_conn(vici_conn_t *conn, settings_t *cfg,
fprintf(stderr, "load-conn request failed: %s\n", strerror(errno));
return FALSE;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "load-conn reply", stdout);
vici_dump(res, "load-conn reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
else if (!streq(vici_find_str(res, "no", "success"), "yes"))
{
@ -243,7 +244,8 @@ CALLBACK(list_conn, int,
/**
* Create a list of currently loaded connections
*/
static linked_list_t* list_conns(vici_conn_t *conn, bool raw)
static linked_list_t* list_conns(vici_conn_t *conn,
command_format_options_t format)
{
linked_list_t *list;
vici_res_t *res;
@ -253,9 +255,10 @@ static linked_list_t* list_conns(vici_conn_t *conn, bool raw)
res = vici_submit(vici_begin("get-conns"), conn);
if (res)
{
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "get-conns reply", stdout);
vici_dump(res, "get-conns reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
vici_parse_cb(res, NULL, NULL, list_conn, list);
vici_free_res(res);
@ -286,7 +289,8 @@ static void remove_from_list(linked_list_t *list, char *str)
/**
* Unload a connection by name
*/
static bool unload_conn(vici_conn_t *conn, char *name, bool raw)
static bool unload_conn(vici_conn_t *conn, char *name,
command_format_options_t format)
{
vici_req_t *req;
vici_res_t *res;
@ -300,9 +304,10 @@ static bool unload_conn(vici_conn_t *conn, char *name, bool raw)
fprintf(stderr, "unload-conn request failed: %s\n", strerror(errno));
return FALSE;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "unload-conn reply", stdout);
vici_dump(res, "unload-conn reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
else if (!streq(vici_find_str(res, "no", "success"), "yes"))
{
@ -316,8 +321,8 @@ static bool unload_conn(vici_conn_t *conn, char *name, bool raw)
static int load_conns(vici_conn_t *conn)
{
bool raw = FALSE;
u_int found = 0, loaded = 0, unloaded = 0;
command_format_options_t format = COMMAND_FORMAT_NONE;
char *arg, *section;
enumerator_t *enumerator;
linked_list_t *conns;
@ -329,8 +334,11 @@ static int load_conns(vici_conn_t *conn)
{
case 'h':
return command_usage(NULL);
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_RAW;
continue;
case EOF:
break;
@ -347,14 +355,14 @@ static int load_conns(vici_conn_t *conn)
return EINVAL;
}
conns = list_conns(conn, raw);
conns = list_conns(conn, format);
enumerator = cfg->create_section_enumerator(cfg, "connections");
while (enumerator->enumerate(enumerator, &section))
{
remove_from_list(conns, section);
found++;
if (load_conn(conn, cfg, section, raw))
if (load_conn(conn, cfg, section, format))
{
loaded++;
}
@ -366,7 +374,7 @@ static int load_conns(vici_conn_t *conn)
/* unload all connection in daemon, but not in file */
while (conns->remove_first(conns, (void**)&section) == SUCCESS)
{
if (unload_conn(conn, section, raw))
if (unload_conn(conn, section, format))
{
unloaded++;
}
@ -374,7 +382,7 @@ static int load_conns(vici_conn_t *conn)
}
conns->destroy(conns);
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
return 0;
}
@ -401,10 +409,11 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
load_conns, 'c', "load-conns", "(re-)load connection configuration",
{"[--raw]"},
{"[--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}

82
src/swanctl/commands/load_creds.c
View File

@ -27,8 +27,8 @@
/**
* Load a single certificate over vici
*/
static bool load_cert(vici_conn_t *conn, bool raw, char *dir,
char *type, chunk_t data)
static bool load_cert(vici_conn_t *conn, command_format_options_t format,
char *dir, char *type, chunk_t data)
{
vici_req_t *req;
vici_res_t *res;
@ -45,9 +45,10 @@ static bool load_cert(vici_conn_t *conn, bool raw, char *dir,
fprintf(stderr, "load-cert request failed: %s\n", strerror(errno));
return FALSE;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "load-cert reply", stdout);
vici_dump(res, "load-cert reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
else if (!streq(vici_find_str(res, "no", "success"), "yes"))
{
@ -66,7 +67,8 @@ static bool load_cert(vici_conn_t *conn, bool raw, char *dir,
/**
* Load certficiates from a directory
*/
static void load_certs(vici_conn_t *conn, bool raw, char *type, char *dir)
static void load_certs(vici_conn_t *conn, command_format_options_t format,
char *type, char *dir)
{
enumerator_t *enumerator;
struct stat st;
@ -83,7 +85,7 @@ static void load_certs(vici_conn_t *conn, bool raw, char *type, char *dir)
map = chunk_map(path, FALSE);
if (map)
{
load_cert(conn, raw, path, type, *map);
load_cert(conn, format, path, type, *map);
chunk_unmap(map);
}
else
@ -100,8 +102,8 @@ static void load_certs(vici_conn_t *conn, bool raw, char *type, char *dir)
/**
* Load a single private key over vici
*/
static bool load_key(vici_conn_t *conn, bool raw, char *dir,
char *type, chunk_t data)
static bool load_key(vici_conn_t *conn, command_format_options_t format,
char *dir, char *type, chunk_t data)
{
vici_req_t *req;
vici_res_t *res;
@ -118,9 +120,10 @@ static bool load_key(vici_conn_t *conn, bool raw, char *dir,
fprintf(stderr, "load-key request failed: %s\n", strerror(errno));
return FALSE;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "load-key reply", stdout);
vici_dump(res, "load-key reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
else if (!streq(vici_find_str(res, "no", "success"), "yes"))
{
@ -204,7 +207,7 @@ static private_key_t* decrypt_key(char *name, char *type, chunk_t encoding)
/**
* Try to decrypt and load a private key
*/
static bool load_encrypted_key(vici_conn_t *conn, bool raw,
static bool load_encrypted_key(vici_conn_t *conn, command_format_options_t format,
char *rel, char *path, char *type, chunk_t data)
{
private_key_t *private;
@ -220,10 +223,10 @@ static bool load_encrypted_key(vici_conn_t *conn, bool raw,
switch (private->get_type(private))
{
case KEY_RSA:
loaded = load_key(conn, raw, path, "rsa", encoding);
loaded = load_key(conn, format, path, "rsa", encoding);
break;
case KEY_ECDSA:
loaded = load_key(conn, raw, path, "ecdsa", encoding);
loaded = load_key(conn, format, path, "ecdsa", encoding);
break;
default:
break;
@ -238,8 +241,8 @@ static bool load_encrypted_key(vici_conn_t *conn, bool raw,
/**
* Load private keys from a directory
*/
static void load_keys(vici_conn_t *conn, bool raw, bool noprompt,
char *type, char *dir)
static void load_keys(vici_conn_t *conn, command_format_options_t format,
bool noprompt, char *type, char *dir)
{
enumerator_t *enumerator;
struct stat st;
@ -257,9 +260,9 @@ static void load_keys(vici_conn_t *conn, bool raw, bool noprompt,
if (map)
{
if (noprompt ||
!load_encrypted_key(conn, raw, rel, path, type, *map))
!load_encrypted_key(conn, format, rel, path, type, *map))
{
load_key(conn, raw, path, type, *map);
load_key(conn, format, path, type, *map);
}
chunk_unmap(map);
}
@ -278,7 +281,7 @@ static void load_keys(vici_conn_t *conn, bool raw, bool noprompt,
* Load a single secret over VICI
*/
static bool load_secret(vici_conn_t *conn, settings_t *cfg,
char *section, bool raw)
char *section, command_format_options_t format)
{
enumerator_t *enumerator;
vici_req_t *req;
@ -351,9 +354,10 @@ static bool load_secret(vici_conn_t *conn, settings_t *cfg,
fprintf(stderr, "load-shared request failed: %s\n", strerror(errno));
return FALSE;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "load-shared reply", stdout);
vici_dump(res, "load-shared reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
else if (!streq(vici_find_str(res, "no", "success"), "yes"))
{
@ -372,7 +376,7 @@ static bool load_secret(vici_conn_t *conn, settings_t *cfg,
/**
* Clear all currently loaded credentials
*/
static bool clear_creds(vici_conn_t *conn, bool raw)
static bool clear_creds(vici_conn_t *conn, command_format_options_t format)
{
vici_res_t *res;
@ -382,9 +386,10 @@ static bool clear_creds(vici_conn_t *conn, bool raw)
fprintf(stderr, "clear-creds request failed: %s\n", strerror(errno));
return FALSE;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "clear-creds reply", stdout);
vici_dump(res, "clear-creds reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
vici_free_res(res);
return TRUE;
@ -392,7 +397,8 @@ static bool clear_creds(vici_conn_t *conn, bool raw)
static int load_creds(vici_conn_t *conn)
{
bool raw = FALSE, clear = FALSE, noprompt = FALSE;
bool clear = FALSE, noprompt = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
enumerator_t *enumerator;
settings_t *cfg;
char *arg, *section;
@ -409,8 +415,11 @@ static int load_creds(vici_conn_t *conn)
case 'n':
noprompt = TRUE;
continue;
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_RAW;
continue;
case EOF:
break;
@ -422,21 +431,21 @@ static int load_creds(vici_conn_t *conn)
if (clear)
{
if (!clear_creds(conn, raw))
if (!clear_creds(conn, format))
{
return ECONNREFUSED;
}
}
load_certs(conn, raw, "x509", SWANCTL_X509DIR);
load_certs(conn, raw, "x509ca", SWANCTL_X509CADIR);
load_certs(conn, raw, "x509aa", SWANCTL_X509AADIR);
load_certs(conn, raw, "x509crl", SWANCTL_X509CRLDIR);
load_certs(conn, raw, "x509ac", SWANCTL_X509ACDIR);
load_certs(conn, format, "x509", SWANCTL_X509DIR);
load_certs(conn, format, "x509ca", SWANCTL_X509CADIR);
load_certs(conn, format, "x509aa", SWANCTL_X509AADIR);
load_certs(conn, format, "x509crl", SWANCTL_X509CRLDIR);
load_certs(conn, format, "x509ac", SWANCTL_X509ACDIR);
load_keys(conn, raw, noprompt, "rsa", SWANCTL_RSADIR);
load_keys(conn, raw, noprompt, "ecdsa", SWANCTL_ECDSADIR);
load_keys(conn, raw, noprompt, "any", SWANCTL_PKCS8DIR);
load_keys(conn, format, noprompt, "rsa", SWANCTL_RSADIR);
load_keys(conn, format, noprompt, "ecdsa", SWANCTL_ECDSADIR);
load_keys(conn, format, noprompt, "any", SWANCTL_PKCS8DIR);
cfg = settings_create(SWANCTL_CONF);
if (!cfg)
@ -448,7 +457,7 @@ static int load_creds(vici_conn_t *conn)
enumerator = cfg->create_section_enumerator(cfg, "secrets");
while (enumerator->enumerate(enumerator, &section))
{
load_secret(conn, cfg, section, raw);
load_secret(conn, cfg, section, format);
}
enumerator->destroy(enumerator);
@ -464,12 +473,13 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
load_creds, 's', "load-creds", "(re-)load credentials",
{"[--raw]"},
{"[--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"clear", 'c', 0, "clear previously loaded credentials"},
{"noprompt", 'n', 0, "do not prompt for passwords"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}

41
src/swanctl/commands/load_pools.c
View File

@ -67,7 +67,7 @@ static void add_key_values(vici_req_t *req, settings_t *cfg, char *section)
* Load a pool configuration
*/
static bool load_pool(vici_conn_t *conn, settings_t *cfg,
char *section, bool raw)
char *section, command_format_options_t format)
{
vici_req_t *req;
vici_res_t *res;
@ -88,9 +88,10 @@ static bool load_pool(vici_conn_t *conn, settings_t *cfg,
fprintf(stderr, "load-pool request failed: %s\n", strerror(errno));
return FALSE;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "load-pool reply", stdout);
vici_dump(res, "load-pool reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
else if (!streq(vici_find_str(res, "no", "success"), "yes"))
{
@ -116,7 +117,8 @@ CALLBACK(list_pool, int,
/**
* Create a list of currently loaded pools
*/
static linked_list_t* list_pools(vici_conn_t *conn, bool raw)
static linked_list_t* list_pools(vici_conn_t *conn,
command_format_options_t format)
{
linked_list_t *list;
vici_res_t *res;
@ -126,9 +128,10 @@ static linked_list_t* list_pools(vici_conn_t *conn, bool raw)
res = vici_submit(vici_begin("get-pools"), conn);
if (res)
{
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "get-pools reply", stdout);
vici_dump(res, "get-pools reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
vici_parse_cb(res, list_pool, NULL, NULL, list);
vici_free_res(res);
@ -159,7 +162,8 @@ static void remove_from_list(linked_list_t *list, char *str)
/**
* Unload a pool by name
*/
static bool unload_pool(vici_conn_t *conn, char *name, bool raw)
static bool unload_pool(vici_conn_t *conn, char *name,
command_format_options_t format)
{
vici_req_t *req;
vici_res_t *res;
@ -173,9 +177,10 @@ static bool unload_pool(vici_conn_t *conn, char *name, bool raw)
fprintf(stderr, "unload-pool request failed: %s\n", strerror(errno));
return FALSE;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "unload-pool reply", stdout);
vici_dump(res, "unload-pool reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
else if (!streq(vici_find_str(res, "no", "success"), "yes"))
{
@ -189,7 +194,7 @@ static bool unload_pool(vici_conn_t *conn, char *name, bool raw)
static int load_pools(vici_conn_t *conn)
{
bool raw = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
u_int found = 0, loaded = 0, unloaded = 0;
char *arg, *section;
enumerator_t *enumerator;
@ -202,8 +207,11 @@ static int load_pools(vici_conn_t *conn)
{
case 'h':
return command_usage(NULL);
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_RAW;
continue;
case EOF:
break;
@ -220,14 +228,14 @@ static int load_pools(vici_conn_t *conn)
return EINVAL;
}
pools = list_pools(conn, raw);
pools = list_pools(conn, format);
enumerator = cfg->create_section_enumerator(cfg, "pools");
while (enumerator->enumerate(enumerator, &section))
{
remove_from_list(pools, section);
found++;
if (load_pool(conn, cfg, section, raw))
if (load_pool(conn, cfg, section, format))
{
loaded++;
}
@ -239,7 +247,7 @@ static int load_pools(vici_conn_t *conn)
/* unload all pools in daemon, but not in file */
while (pools->remove_first(pools, (void**)&section) == SUCCESS)
{
if (unload_pool(conn, section, raw))
if (unload_pool(conn, section, format))
{
unloaded++;
}
@ -247,7 +255,7 @@ static int load_pools(vici_conn_t *conn)
}
pools->destroy(pools);
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
return 0;
}
@ -274,10 +282,11 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
load_pools, 'a', "load-pools", "(re-)load pool configuration",
{"[--raw]"},
{"[--raw|--pretty"},
{
{"help", 'h', 0, "show usage information"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}

18
src/swanctl/commands/log.c
View File

@ -19,11 +19,11 @@
#include <unistd.h>
CALLBACK(log_cb, void,
bool *raw, char *name, vici_res_t *msg)
command_format_options_t *format, char *name, vici_res_t *msg)
{
if (*raw)
if (*format & COMMAND_FORMAT_RAW)
{
vici_dump(msg, "log", stdout);
vici_dump(msg, "log", *format & COMMAND_FORMAT_PRETTY, stdout);
}
else
{
@ -48,7 +48,7 @@ CALLBACK(log_cb, void,
static int logcmd(vici_conn_t *conn)
{
bool raw = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
char *arg;
while (TRUE)
@ -57,8 +57,11 @@ static int logcmd(vici_conn_t *conn)
{
case 'h':
return command_usage(NULL);
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_RAW;
continue;
case EOF:
break;
@ -68,7 +71,7 @@ static int logcmd(vici_conn_t *conn)
break;
}
if (vici_register(conn, "log", log_cb, &raw) != 0)
if (vici_register(conn, "log", log_cb, &format) != 0)
{
fprintf(stderr, "registering for log failed: %s\n", strerror(errno));
return errno;
@ -88,10 +91,11 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
logcmd, 'T', "log", "trace logging output",
{"[--raw]"},
{"[--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}

24
src/swanctl/commands/terminate.c
View File

@ -17,13 +17,12 @@
#include <errno.h>
CALLBACK(log_cb, void,
bool *raw, char *name, vici_res_t *msg)
command_format_options_t *format, char *name, vici_res_t *msg)
{
if (*raw)
if (*format & COMMAND_FORMAT_RAW)
{
vici_dump(msg, "log", stdout);
vici_dump(msg, "log", *format & COMMAND_FORMAT_PRETTY, stdout);
}
else
{
@ -37,7 +36,7 @@ static int terminate(vici_conn_t *conn)
{
vici_req_t *req;
vici_res_t *res;
bool raw = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
char *arg, *child = NULL, *ike = NULL;
int ret = 0, timeout = 0, level = 1, child_id = 0, ike_id = 0;
@ -47,8 +46,11 @@ static int terminate(vici_conn_t *conn)
{
case 'h':
return command_usage(NULL);
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_RAW;
continue;
case 'c':
child = arg;
@ -76,7 +78,7 @@ static int terminate(vici_conn_t *conn)
break;
}
if (vici_register(conn, "control-log", log_cb, &raw) != 0)
if (vici_register(conn, "control-log", log_cb, &format) != 0)
{
fprintf(stderr, "registering for log failed: %s\n", strerror(errno));
return errno;
@ -109,9 +111,10 @@ static int terminate(vici_conn_t *conn)
fprintf(stderr, "terminate request failed: %s\n", strerror(errno));
return errno;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "terminate reply", stdout);
vici_dump(res, "terminate reply", format & COMMAND_FORMAT_PRETTY,
stdout);
}
else
{
@ -138,7 +141,7 @@ static void __attribute__ ((constructor))reg()
command_register((command_t) {
terminate, 't', "terminate", "terminate a connection",
{"--child <name> | --ike <name | --child-id <id> | --ike-id <id>",
"[--timeout <s>] [--raw]"},
"[--timeout <s>] [--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"child", 'c', 1, "terminate by CHILD_SA name"},
@ -147,6 +150,7 @@ static void __attribute__ ((constructor))reg()
{"ike-id", 'I', 1, "terminate by IKE_SA unique identifier"},
{"timeout", 't', 1, "timeout in seconds before detaching"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
{"loglevel", 'l', 1, "verbosity of redirected log"},
}
});

15
src/swanctl/commands/version.c
View File

@ -22,7 +22,8 @@ static int version(vici_conn_t *conn)
vici_req_t *req;
vici_res_t *res;
char *arg;
bool raw = FALSE, daemon = FALSE;;
bool daemon = FALSE;
command_format_options_t format = COMMAND_FORMAT_NONE;
while (TRUE)
{
@ -30,8 +31,11 @@ static int version(vici_conn_t *conn)
{
case 'h':
return command_usage(NULL);
case 'P':
format |= COMMAND_FORMAT_PRETTY;
/* fall through to raw */
case 'r':
raw = TRUE;
format |= COMMAND_FORMAT_RAW;
continue;
case 'd':
daemon = TRUE;
@ -57,9 +61,9 @@ static int version(vici_conn_t *conn)
fprintf(stderr, "version request failed: %s\n", strerror(errno));
return errno;
}
if (raw)
if (format & COMMAND_FORMAT_RAW)
{
vici_dump(res, "version reply", stdout);
vici_dump(res, "version reply", format & COMMAND_FORMAT_PRETTY, stdout);
}
else
{
@ -81,11 +85,12 @@ static void __attribute__ ((constructor))reg()
{
command_register((command_t) {
version, 'v', "version", "show version information",
{"[--raw]"},
{"[--raw|--pretty]"},
{
{"help", 'h', 0, "show usage information"},
{"daemon", 'd', 0, "query daemon version"},
{"raw", 'r', 0, "dump raw response message"},
{"pretty", 'P', 0, "dump raw response message in pretty print"},
}
});
}