]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
vici: List additional key exchanges
authorAndreas Steffen <andreas.steffen@strongswan.org>
Tue, 19 Nov 2019 19:44:39 +0000 (20:44 +0100)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 29 Mar 2020 11:50:36 +0000 (13:50 +0200)
src/libcharon/plugins/vici/vici_query.c
src/swanctl/commands/list_sas.c

index 9de43708191d05017be84c5e38ff7afbc1b4b334..d3725342c95a8d56169e6aa23517d697317a1ce2 100644 (file)
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2015-2017 Tobias Brunner
- * Copyright (C) 2015-2018 Andreas Steffen
+ * Copyright (C) 2015-2019 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * Copyright (C) 2014 Martin Willi
@@ -387,6 +387,7 @@ static void list_ike(private_vici_query_t *this, vici_builder_t *b,
        proposal_t *proposal;
        uint32_t if_id;
        uint16_t alg, ks;
+       int ake;
        host_t *host;
 
        b->add_kv(b, "uniqueid", "%u", ike_sa->get_unique_id(ike_sa));
@@ -470,6 +471,19 @@ static void list_ike(private_vici_query_t *this, vici_builder_t *b,
                {
                        b->add_kv(b, "dh-group", "%N", key_exchange_method_names, alg);
                }
+               for (ake = 1; ake <= 7; ake++)
+               {
+                       transform_type_t transform = ADDITIONAL_KEY_EXCHANGE_1 + ake -1;
+                       char ake_str[5];
+
+                       if (proposal->get_algorithm(proposal, transform, &alg, NULL))
+                       {
+
+                               sprintf(ake_str, "ake%d", ake);
+                               b->add_kv(b, ake_str, "%N", key_exchange_method_names, alg);
+                       }
+
+               }
        }
        add_condition(b, ike_sa, "ppk", COND_PPK);
 
@@ -1335,7 +1349,7 @@ CALLBACK(get_algorithms, vici_message_t*,
        enumerator->destroy(enumerator);
        b->end_section(b);
 
-       b->begin_section(b, "dh");
+       b->begin_section(b, "ke");
        enumerator = lib->crypto->create_ke_enumerator(lib->crypto);
        while (enumerator->enumerate(enumerator, &group, &plugin_name))
        {
index ca2436dd2f7c6ce1c83b746cb9d1b05193792074..0c289c930468e4e53171bd05d63706e84a7acfdb 100644 (file)
@@ -2,7 +2,7 @@
  * Copyright (C) 2014 Martin Willi
  * Copyright (C) 2014 revosec AG
  *
- * Copyright (C) 2016 Andreas Steffen
+ * Copyright (C) 2016-2019 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
 
  * This program is free software; you can redistribute it and/or modify it
@@ -239,6 +239,7 @@ CALLBACK(ike_sa, int,
 {
        if (streq(name, "child-sas"))
        {
+               int ake;
                bool is_initiator = streq(ike->get(ike, "initiator"), "yes");
 
                printf("%s: #%s, %s, IKEv%s, %s_i%s %s_r%s\n",
@@ -290,6 +291,16 @@ CALLBACK(ike_sa, int,
                        }
                        printf("/%s", ike->get(ike, "prf-alg"));
                        printf("/%s", ike->get(ike, "dh-group"));
+                       for (ake = 1; ake <= 7; ake++)
+                       {
+                               char ake_str[5];
+
+                               sprintf(ake_str, "ake%d", ake);
+                               if (ike->get(ike, ake_str))
+                               {
+                                       printf("/%s", ike->get(ike, ake_str));
+                               }
+                       }
                        if (streq(ike->get(ike, "ppk"), "yes"))
                        {
                                printf("/PPK");