From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Fri, 22 Jun 2018 08:39:36 +0000 (+0200)
Subject: vici: list cert_policy parameter
X-Git-Tag: 5.7.0dr4~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ef4a63524ff74b76766de5c4dcbaf305cc9090d0;p=thirdparty%2Fstrongswan.git

vici: list cert_policy parameter
---

diff --git a/src/libcharon/plugins/vici/vici_config.c b/src/libcharon/plugins/vici/vici_config.c
index 109944c160..78a77d271a 100644
--- a/src/libcharon/plugins/vici/vici_config.c
+++ b/src/libcharon/plugins/vici/vici_config.c
@@ -3,7 +3,7 @@
  * Copyright (C) 2014 revosec AG
  *
  * Copyright (C) 2015-2017 Tobias Brunner
- * Copyright (C) 2015-2016 Andreas Steffen
+ * Copyright (C) 2015-2018 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c
index 82c3d78554..4385cf6061 100644
--- a/src/libcharon/plugins/vici/vici_query.c
+++ b/src/libcharon/plugins/vici/vici_query.c
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2015-2017 Tobias Brunner
- * Copyright (C) 2015 Andreas Steffen
+ * Copyright (C) 2015-2018 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * Copyright (C) 2014 Martin Willi
@@ -737,6 +737,18 @@ static void build_auth_cfgs(peer_cfg_t *peer_cfg, bool local, vici_builder_t *b)
 		rules->destroy(rules);
 		b->end_list(b);
 
+		b->begin_list(b, "cert_policy");
+		rules = auth->create_enumerator(auth);
+		while (rules->enumerate(rules, &rule, &v))
+		{
+			if (rule == AUTH_RULE_CERT_POLICY)
+			{
+				b->add_li(b, "%s", v.str);
+			}
+		}
+		rules->destroy(rules);
+		b->end_list(b);
+
 		b->begin_list(b, "certs");
 		rules = auth->create_enumerator(auth);
 		while (rules->enumerate(rules, &rule, &v))
diff --git a/src/swanctl/commands/list_conns.c b/src/swanctl/commands/list_conns.c
index f692e9966f..ce903e50d1 100644
--- a/src/swanctl/commands/list_conns.c
+++ b/src/swanctl/commands/list_conns.c
@@ -2,7 +2,7 @@
  * Copyright (C) 2014 Martin Willi
  * Copyright (C) 2014 revosec AG
  *
- * Copyright (C) 2016 Andreas Steffen
+ * Copyright (C) 2016-2018 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -199,6 +199,10 @@ CALLBACK(conn_sn, int,
 			{
 				printf("    groups: %s\n", auth->get(auth, "groups"));
 			}
+			if (auth->get(auth, "cert_policy"))
+			{
+				printf("    cert policy: %s\n", auth->get(auth, "cert_policy"));
+			}
 			if (auth->get(auth, "certs"))
 			{
 				printf("    certs: %s\n", auth->get(auth, "certs"));