From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 5 May 2016 12:53:22 +0000 (+0200)
Subject: swanctl: Do not display rekey times for shunts
X-Git-Tag: 5.4.1dr2~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b9522f9d64371c9b620f398852e4ade857105974;p=thirdparty%2Fstrongswan.git

swanctl: Do not display rekey times for shunts
---

diff --git a/src/swanctl/commands/list_conns.c b/src/swanctl/commands/list_conns.c
index 6167a45daa..19e7050da8 100644
--- a/src/swanctl/commands/list_conns.c
+++ b/src/swanctl/commands/list_conns.c
@@ -83,7 +83,7 @@ CALLBACK(children_sn, int,
 	hashtable_t *ike, vici_res_t *res, char *name)
 {
 	hashtable_t *child;
-	char *interface, *priority;
+	char *mode, *interface, *priority;
 	char *rekey_time, *rekey_bytes, *rekey_packets;
 	bool no_time, no_bytes, no_packets, or = FALSE;
 	int ret;
@@ -92,7 +92,8 @@ CALLBACK(children_sn, int,
 	ret = vici_parse_cb(res, NULL, values, list, child);
 	if (ret == 0)
 	{
-		printf("  %s: %s, ", name, child->get(child, "mode"));
+		mode = child->get(child, "mode");
+		printf("  %s: %s, ", name, mode);
 
 		rekey_time    = child->get(child, "rekey_time");
 		rekey_bytes   = child->get(child, "rekey_bytes");
@@ -101,7 +102,8 @@ CALLBACK(children_sn, int,
 		no_bytes   = streq(rekey_bytes, "0");
 		no_packets = streq(rekey_packets, "0");
 
-		if (no_time && no_bytes && no_packets)
+		if (strcaseeq(mode, "PASS") || strcaseeq(mode, "DROP") ||
+		   (no_time && no_bytes && no_packets))
 		{
 			printf("no rekeying\n");
 		}
diff --git a/testing/tests/swanctl/manual-prio/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/swanctl/manual-prio/hosts/moon/etc/swanctl/swanctl.conf
index 3e8464cb9a..53883f79de 100755
--- a/testing/tests/swanctl/manual-prio/hosts/moon/etc/swanctl/swanctl.conf
+++ b/testing/tests/swanctl/manual-prio/hosts/moon/etc/swanctl/swanctl.conf
@@ -25,6 +25,7 @@ connections {
    }
 
    shunts {
+      rekey_time = 0
 
       children {
          drop-eth0-default {