]> git.ipfire.org Git - thirdparty/strongswan.git/blob - src/swanctl/commands/list_pols.c
projects / thirdparty / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update copyright headers after acquisition by secunet
[thirdparty/strongswan.git] / src / swanctl / commands / list_pols.c
1 /*
2 * Copyright (C) 2014 Martin Willi
3 *
4 * Copyright (C) secunet Security Networks AG
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 #define _GNU_SOURCE
18 #include <stdio.h>
19 #include <errno.h>
20
21 #include "command.h"
22 #include "swanctl.h"
23
24 #include <collections/hashtable.h>
25
26 /**
27 * Free hashtable with contained strings
28 */
29 static void free_hashtable(hashtable_t *hashtable)
30 {
31 enumerator_t *enumerator;
32 char *str;
33
34 enumerator = hashtable->create_enumerator(hashtable);
35 while (enumerator->enumerate(enumerator, NULL, &str))
36 {
37 free(str);
38 }
39 enumerator->destroy(enumerator);
40
41 hashtable->destroy(hashtable);
42 }
43
44 CALLBACK(policy_values, int,
45 hashtable_t *pol, vici_res_t *res, char *name, void *value, int len)
46 {
47 chunk_t chunk;
48 char *str;
49
50 chunk = chunk_create(value, len);
51 if (chunk_printable(chunk, NULL, ' '))
52 {
53 if (asprintf(&str, "%.*s", len, value) >= 0)
54 {
55 free(pol->put(pol, name, str));
56 }
57 }
58 return 0;
59 }
60
61 CALLBACK(policy_list, int,
62 hashtable_t *pol, vici_res_t *res, char *name, void *value, int len)
63 {
64 chunk_t chunk;
65 char *str;
66
67 chunk = chunk_create(value, len);
68 if (chunk_printable(chunk, NULL, ' '))
69 {
70 str = pol->get(pol, name);
71 if (asprintf(&str, "%s%s%.*s",
72 str ?: "", str ? " " : "", len, value) >= 0)
73 {
74 free(pol->put(pol, name, str));
75 }
76 }
77 return 0;
78 }
79
80 CALLBACK(policies, int,
81 void *null, vici_res_t *res, char *name)
82 {
83 hashtable_t *pol;
84 int ret;
85
86 pol = hashtable_create(hashtable_hash_str, hashtable_equals_str, 1);
87 ret = vici_parse_cb(res, NULL, policy_values, policy_list, pol);
88
89 printf("%s, %s\n", name, pol->get(pol, "mode"));
90 print_label(" label: ", pol->get(pol, "label"));
91 printf(" local: %s\n", pol->get(pol, "local-ts"));
92 printf(" remote: %s\n", pol->get(pol, "remote-ts"));
93
94 free_hashtable(pol);
95 return ret;
96 }
97
98 CALLBACK(list_cb, void,
99 command_format_options_t *format, char *name, vici_res_t *res)
100 {
101 if (*format & COMMAND_FORMAT_RAW)
102 {
103 vici_dump(res, "list-policy event", *format & COMMAND_FORMAT_PRETTY,
104 stdout);
105 }
106 else
107 {
108 if (vici_parse_cb(res, policies, NULL, NULL, NULL) != 0)
109 {
110 fprintf(stderr, "parsing policy event failed: %s\n", strerror(errno));
111 }
112 }
113 }
114
115 static int list_pols(vici_conn_t *conn)
116 {
117 vici_req_t *req;
118 vici_res_t *res;
119 bool trap = FALSE, drop = FALSE, pass = FALSE;
120 command_format_options_t format = COMMAND_FORMAT_NONE;
121 char *arg, *child = NULL;
122 int ret;
123
124 while (TRUE)
125 {
126 switch (command_getopt(&arg))
127 {
128 case 'h':
129 return command_usage(NULL);
130 case 'c':
131 child = arg;
132 continue;
133 case 't':
134 trap = TRUE;
135 continue;
136 case 'd':
137 drop = TRUE;
138 continue;
139 case 'p':
140 pass = TRUE;
141 continue;
142 case 'P':
143 format |= COMMAND_FORMAT_PRETTY;
144 /* fall through to raw */
145 case 'r':
146 format |= COMMAND_FORMAT_RAW;
147 continue;
148 case EOF:
149 break;
150 default:
151 return command_usage("invalid --list-pols option");
152 }
153 break;
154 }
155 if (!trap && !drop && !pass)
156 {
157 trap = drop = pass = TRUE;
158 }
159 if (vici_register(conn, "list-policy", list_cb, &format) != 0)
160 {
161 ret = errno;
162 fprintf(stderr, "registering for policies failed: %s\n",
163 strerror(errno));
164 return ret;
165 }
166 req = vici_begin("list-policies");
167 if (child)
168 {
169 vici_add_key_valuef(req, "child", "%s", child);
170 }
171 if (trap)
172 {
173 vici_add_key_valuef(req, "trap", "yes");
174 }
175 if (drop)
176 {
177 vici_add_key_valuef(req, "drop", "yes");
178 }
179 if (pass)
180 {
181 vici_add_key_valuef(req, "pass", "yes");
182 }
183 res = vici_submit(req, conn);
184 if (!res)
185 {
186 ret = errno;
187 fprintf(stderr, "list-policies request failed: %s\n", strerror(errno));
188 return ret;
189 }
190 if (format & COMMAND_FORMAT_RAW)
191 {
192 vici_dump(res, "list-policies reply", format & COMMAND_FORMAT_PRETTY, stdout);
193 }
194 vici_free_res(res);
195 return 0;
196 }
197
198 /**
199 * Register the command.
200 */
201 static void __attribute__ ((constructor))reg()
202 {
203 command_register((command_t) {
204 list_pols, 'P', "list-pols", "list currently installed policies",
205 {"[--child <name>] [--trap] [--drop] [--pass] [--raw|--pretty]"},
206 {
207 {"help", 'h', 0, "show usage information"},
208 {"child", 'c', 1, "filter policies by CHILD_SA config name"},
209 {"trap", 't', 0, "list trap policies"},
210 {"drop", 'd', 0, "list drop policies"},
211 {"pass", 'p', 0, "list bypass policies"},
212 {"raw", 'r', 0, "dump raw response message"},
213 {"pretty", 'P', 0, "dump raw response message in pretty print"},
214 }
215 });
216 }
Unnamed repository; edit this file 'description' to name the repository.