Added options to whack to query in-memory leases.

2010-03-31 13:10:11 +02:00 · 2010-03-31 13:10:11 +02:00 · 6bfa8e907c
parent 4db0af9080
commit 6bfa8e907c
4 changed files with 52 additions and 5 deletions
--- a/src/pluto/rcv_whack.c
+++ b/src/pluto/rcv_whack.c
@ -57,6 +57,7 @@
 #include "myid.h"
 #include "kernel_alg.h"
 #include "ike_alg.h"
+#include "whack_attribute.h"

 /* helper variables and function to decode strings from whack message */

@ -326,6 +327,8 @@ void whack_handle(int whackctlfd)
 		|| !unpack_str(&msg.ike)                /* string 24 */
 		|| !unpack_str(&msg.esp)                /* string 25 */
 		|| !unpack_str(&msg.sc_data)            /* string 26 */
+		|| !unpack_str(&msg.whack_lease_ip)     /* string 27 */
+		|| !unpack_str(&msg.whack_lease_id)     /* string 28 */
 		|| str_roof - next_str != (ptrdiff_t)msg.keyval.len)    /* check chunk */
 		{
 			ugh = "message from whack contains bad string";
@ -469,6 +472,11 @@ void whack_handle(int whackctlfd)
 		free_ocsp_cache();
 	}

+	if (msg.whack_leases)
+	{
+		list_leases(msg.name, msg.whack_lease_ip, msg.whack_lease_id);
+	}
+
   if (msg.whack_list & LIST_PUBKEYS)
 	{
 		list_public_keys(msg.whack_utc);
--- a/src/starter/starterwhack.c
+++ b/src/starter/starterwhack.c
@ -91,6 +91,8 @@ static int send_whack_msg (whack_message_t *msg)
 	||  !pack_str(&msg->ike,            &str_next, &str_roof)
 	||  !pack_str(&msg->esp,            &str_next, &str_roof)
 	||  !pack_str(&msg->sc_data,        &str_next, &str_roof)
+	||  !pack_str(&msg->whack_lease_ip, &str_next, &str_roof)
+	||  !pack_str(&msg->whack_lease_id, &str_next, &str_roof)
 	||  (str_roof - str_next < msg->keyval.len))
 	{
 		plog("send_wack_msg(): can't pack strings");
--- a/src/whack/whack.c
+++ b/src/whack/whack.c
@ -185,6 +185,10 @@ static void help(void)
 			" [--debug-private]"
 			"\n\n"
 #endif
+		"leases: whack --leases"
+			" [--name <connection_name>]"
+			" [--lease-addr <ip-address> | --lease-id <identity>]"
+			"\n\n"
 		"listen: whack"
 			" (--listen | --unlisten)"
 			"\n\n"
@ -322,6 +326,10 @@ enum {
 	OPT_LISTEN,
 	OPT_UNLISTEN,

+	OPT_LEASES,
+	OPT_LEASEADDR,
+	OPT_LEASEID,
+
 	OPT_PURGEOCSP,

 	OPT_REREADSECRETS,
@ -519,6 +527,10 @@ static const struct option long_opts[] = {
 	{ "listen", no_argument, NULL, OPT_LISTEN + OO },
 	{ "unlisten", no_argument, NULL, OPT_UNLISTEN + OO },

+	{ "leases", no_argument, NULL, OPT_LEASES + OO },
+	{ "lease-addr", required_argument, NULL, OPT_LEASEADDR + OO },
+	{ "lease-id", required_argument, NULL, OPT_LEASEID + OO },
+
 	{ "purgeocsp", no_argument, NULL, OPT_PURGEOCSP + OO },

 	{ "rereadsecrets", no_argument, NULL, OPT_REREADSECRETS + OO },
@ -1103,6 +1115,18 @@ int main(int argc, char **argv)
 				diagq("0.0.0.0 or 0::0 isn't a valid client address", optarg);
 			continue;

+		case OPT_LEASES:        /* --leases */
+			msg.whack_leases = TRUE;
+			continue;
+
+		case OPT_LEASEADDR:     /* --lease-addr <ip-address> */
+			msg.whack_lease_ip = optarg;      /* decoded by Pluto */
+			continue;
+
+		case OPT_LEASEID:       /* --lease-id <identity> */
+			msg.whack_lease_id = optarg;      /* decoded by Pluto */
+			continue;
+
 		case OPT_LISTEN:        /* --listen */
 			msg.whack_listen = TRUE;
 			continue;
@ -1618,6 +1642,12 @@ int main(int argc, char **argv)
 		break;
 	}

+	/* check leases */
+	if (LHAS(opts_seen, OPT_LEASEADDR) && LHAS(opts_seen, OPT_LEASEID))
+	{
+		diag("--lease-addr and --lease-id cannot be used together");
+	}
+
 	/* check connection description */
 	if (LHAS(opts_seen, OPT_CD))
 	{
@ -1682,7 +1712,7 @@ int main(int argc, char **argv)
 		if (!LHAS(opts_seen, OPT_NAME) && !msg.whack_ca)
 			diag("missing --name <connection_name>");
 	}
-	else if (!msg.whack_options && !msg.whack_status)
+	else if (!msg.whack_options && !msg.whack_status && !msg.whack_leases)
 	{
 		if (LHAS(opts_seen, OPT_NAME))
 			diag("no reason for --name");
@ -1698,9 +1728,10 @@ int main(int argc, char **argv)
 	|| msg.whack_delete || msg.whack_deletestate
 	|| msg.whack_initiate || msg.whack_oppo_initiate || msg.whack_terminate
 	|| msg.whack_route || msg.whack_unroute || msg.whack_listen
-	|| msg.whack_unlisten || msg.whack_list || msg.whack_purgeocsp || msg.whack_reread
-	|| msg.whack_ca || msg.whack_status || msg.whack_options || msg.whack_shutdown
-	|| msg.whack_sc_op))
+	|| msg.whack_unlisten || msg.whack_list || msg.whack_purgeocsp
+	|| msg.whack_reread || msg.whack_ca || msg.whack_status
+	|| msg.whack_options || msg.whack_shutdown || msg.whack_sc_op
+	|| msg.whack_leases))
 	{
 		diag("no action specified; try --help for hints");
 	}
@ -1771,6 +1802,8 @@ int main(int argc, char **argv)
 	||  !pack_str(&msg.ike)              /* string 24 */
 	||  !pack_str(&msg.esp)              /* string 25 */
 	||  !pack_str(&msg.sc_data)          /* string 26 */
+	||  !pack_str(&msg.whack_lease_ip)   /* string 27 */
+	||  !pack_str(&msg.whack_lease_id)   /* string 28 */
 	||  str_roof - next_str < (ptrdiff_t)msg.keyval.len)
 		diag("too many bytes of strings to fit in message to pluto");

--- a/src/whack/whack.h
+++ b/src/whack/whack.h
@ -65,7 +65,7 @@ struct whack_end {
 	int   sourceip_mask;
 	ip_address host_addr;
 	ip_address host_nexthop;
-	ip_address host_srcip;	
+	ip_address host_srcip;
 	ip_subnet client;
 	bool key_from_DNS_on_demand;
 	bool has_client;
@ -177,6 +177,10 @@ struct whack_message {
 	bool whack_deletestate;
 	so_serial_t whack_deletestateno;

+	/* for WHACK_LEASES: */
+	bool whack_leases;
+	char *whack_lease_ip, *whack_lease_id;
+
 	/* for WHACK_LISTEN: */
 	bool whack_listen, whack_unlisten;