From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 9 Dec 2016 13:45:41 +0000 (+0100)
Subject: vici: Use unique names for CHILD_SAs in the list-sas command
X-Git-Tag: 5.5.2dr5~9^2~8
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=04c0219e55d9338b6492548c073189bfd3d5431b;p=thirdparty%2Fstrongswan.git

vici: Use unique names for CHILD_SAs in the list-sas command

The original name is returned in the new "name" attribute.

This fixes an issue with bindings that map VICI messages to
dictionaries.  For instance, in roadwarrior scenarios where every
CHILD_SA has the same name only the information of the last CHILD_SA
would end up in the dictionary for that name.
---

diff --git a/src/libcharon/plugins/vici/README.md b/src/libcharon/plugins/vici/README.md
index 556d05e32c..0a06e5d7c0 100644
--- a/src/libcharon/plugins/vici/README.md
+++ b/src/libcharon/plugins/vici/README.md
@@ -746,7 +746,8 @@ command.
 				<list of tasks currently handling passively>
 			]
 			child-sas = {
-				<child-sa-name>* = {
+				<unique child-sa-name>* = {
+					name = <name of the CHILD_SA>
 					uniqueid = <unique CHILD_SA identifier>
 					reqid = <reqid of CHILD_SA>
 					state = <state string of CHILD_SA>
diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c
index ba2318a463..c60b889466 100644
--- a/src/libcharon/plugins/vici/vici_query.c
+++ b/src/libcharon/plugins/vici/vici_query.c
@@ -128,6 +128,7 @@ static void list_child(private_vici_query_t *this, vici_builder_t *b,
 	enumerator_t *enumerator;
 	traffic_selector_t *ts;
 
+	b->add_kv(b, "name", "%s", child->get_name(child));
 	b->add_kv(b, "uniqueid", "%u", child->get_unique_id(child));
 	b->add_kv(b, "reqid", "%u", child->get_reqid(child));
 	b->add_kv(b, "state", "%N", child_sa_state_names, child->get_state(child));
@@ -420,6 +421,7 @@ CALLBACK(list_sas, vici_message_t*,
 	char *ike;
 	u_int ike_id;
 	bool bl;
+	char buf[BUF_LEN];
 
 	bl = request->get_str(request, NULL, "noblock") == NULL;
 	ike = request->get_str(request, NULL, "ike");
@@ -448,7 +450,9 @@ CALLBACK(list_sas, vici_message_t*,
 		csas = ike_sa->create_child_sa_enumerator(ike_sa);
 		while (csas->enumerate(csas, &child_sa))
 		{
-			b->begin_section(b, child_sa->get_name(child_sa));
+			snprintf(buf, sizeof(buf), "%s-%u", child_sa->get_name(child_sa),
+					 child_sa->get_unique_id(child_sa));
+			b->begin_section(b, buf);
 			list_child(this, b, child_sa, now);
 			b->end_section(b);
 		}
diff --git a/src/swanctl/commands/list_sas.c b/src/swanctl/commands/list_sas.c
index 4257c83a5b..28602fc659 100644
--- a/src/swanctl/commands/list_sas.c
+++ b/src/swanctl/commands/list_sas.c
@@ -112,8 +112,9 @@ CALLBACK(child_sas, int,
 	if (ret == 0)
 	{
 		printf("  %s: #%s, reqid %s, %s, %s%s, %s:",
-			name, child->get(child, "uniqueid"), child->get(child, "reqid"),
-			child->get(child, "state"), child->get(child, "mode"),
+			child->get(child, "name"), child->get(child, "uniqueid"),
+			child->get(child, "reqid"), child->get(child, "state"),
+			child->get(child, "mode"),
 			child->get(child, "encap") ? "-in-UDP" : "",
 			child->get(child, "protocol"));