From 04c0219e55d9338b6492548c073189bfd3d5431b Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 9 Dec 2016 14:45:41 +0100
Subject: [PATCH] vici: Use unique names for CHILD_SAs in the list-sas command

The original name is returned in the new "name" attribute.

This fixes an issue with bindings that map VICI messages to
dictionaries.  For instance, in roadwarrior scenarios where every
CHILD_SA has the same name only the information of the last CHILD_SA
would end up in the dictionary for that name.
---
 src/libcharon/plugins/vici/README.md    | 3 ++-
 src/libcharon/plugins/vici/vici_query.c | 6 +++++-
 src/swanctl/commands/list_sas.c         | 5 +++--
 3 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/libcharon/plugins/vici/README.md b/src/libcharon/plugins/vici/README.md
index 556d05e32..0a06e5d7c 100644
--- a/src/libcharon/plugins/vici/README.md
+++ b/src/libcharon/plugins/vici/README.md
@@ -746,7 +746,8 @@ command.
 				<list of tasks currently handling passively>
 			]
 			child-sas = {
-				<child-sa-name>* = {
+				<unique child-sa-name>* = {
+					name = <name of the CHILD_SA>
 					uniqueid = <unique CHILD_SA identifier>
 					reqid = <reqid of CHILD_SA>
 					state = <state string of CHILD_SA>
diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c
index ba2318a46..c60b88946 100644
--- a/src/libcharon/plugins/vici/vici_query.c
+++ b/src/libcharon/plugins/vici/vici_query.c
@@ -128,6 +128,7 @@ static void list_child(private_vici_query_t *this, vici_builder_t *b,
 	enumerator_t *enumerator;
 	traffic_selector_t *ts;
 
+	b->add_kv(b, "name", "%s", child->get_name(child));
 	b->add_kv(b, "uniqueid", "%u", child->get_unique_id(child));
 	b->add_kv(b, "reqid", "%u", child->get_reqid(child));
 	b->add_kv(b, "state", "%N", child_sa_state_names, child->get_state(child));
@@ -420,6 +421,7 @@ CALLBACK(list_sas, vici_message_t*,
 	char *ike;
 	u_int ike_id;
 	bool bl;
+	char buf[BUF_LEN];
 
 	bl = request->get_str(request, NULL, "noblock") == NULL;
 	ike = request->get_str(request, NULL, "ike");
@@ -448,7 +450,9 @@ CALLBACK(list_sas, vici_message_t*,
 		csas = ike_sa->create_child_sa_enumerator(ike_sa);
 		while (csas->enumerate(csas, &child_sa))
 		{
-			b->begin_section(b, child_sa->get_name(child_sa));
+			snprintf(buf, sizeof(buf), "%s-%u", child_sa->get_name(child_sa),
+					 child_sa->get_unique_id(child_sa));
+			b->begin_section(b, buf);
 			list_child(this, b, child_sa, now);
 			b->end_section(b);
 		}
diff --git a/src/swanctl/commands/list_sas.c b/src/swanctl/commands/list_sas.c
index 4257c83a5..28602fc65 100644
--- a/src/swanctl/commands/list_sas.c
+++ b/src/swanctl/commands/list_sas.c
@@ -112,8 +112,9 @@ CALLBACK(child_sas, int,
 	if (ret == 0)
 	{
 		printf("  %s: #%s, reqid %s, %s, %s%s, %s:",
-			name, child->get(child, "uniqueid"), child->get(child, "reqid"),
-			child->get(child, "state"), child->get(child, "mode"),
+			child->get(child, "name"), child->get(child, "uniqueid"),
+			child->get(child, "reqid"), child->get(child, "state"),
+			child->get(child, "mode"),
 			child->get(child, "encap") ? "-in-UDP" : "",
 			child->get(child, "protocol"));