removed IKE_SA (%K) and CHILD_SA (%P) printf handlers, 3 more to go
This commit is contained in:
parent
cd08b6880b
commit
a3ce4bc214
|
@ -967,8 +967,8 @@ static void stroke_del_ca(private_stroke_interface_t *this,
|
|||
/**
|
||||
* show status of daemon
|
||||
*/
|
||||
static void stroke_statusall(private_stroke_interface_t *this,
|
||||
stroke_msg_t *msg, FILE *out)
|
||||
static void stroke_status(private_stroke_interface_t *this,
|
||||
stroke_msg_t *msg, FILE *out, bool all)
|
||||
{
|
||||
iterator_t *iterator, *children;
|
||||
linked_list_t *list;
|
||||
|
@ -978,26 +978,6 @@ static void stroke_statusall(private_stroke_interface_t *this,
|
|||
child_cfg_t *child_cfg;
|
||||
ike_sa_t *ike_sa;
|
||||
char *name = NULL;
|
||||
|
||||
leak_detective_status(out);
|
||||
|
||||
fprintf(out, "Performance:\n");
|
||||
fprintf(out, " worker threads: %d idle of %d,",
|
||||
charon->thread_pool->get_idle_threads(charon->thread_pool),
|
||||
charon->thread_pool->get_pool_size(charon->thread_pool));
|
||||
fprintf(out, " job queue load: %d,",
|
||||
charon->job_queue->get_count(charon->job_queue));
|
||||
fprintf(out, " scheduled events: %d\n",
|
||||
charon->event_queue->get_count(charon->event_queue));
|
||||
list = charon->kernel_interface->create_address_list(charon->kernel_interface);
|
||||
|
||||
fprintf(out, "Listening on %d IP addresses:\n", list->get_count(list));
|
||||
while (list->remove_first(list, (void**)&host) == SUCCESS)
|
||||
{
|
||||
fprintf(out, " %H\n", host);
|
||||
host->destroy(host);
|
||||
}
|
||||
list->destroy(list);
|
||||
|
||||
if (msg->status.name)
|
||||
{
|
||||
|
@ -1005,123 +985,200 @@ static void stroke_statusall(private_stroke_interface_t *this,
|
|||
name = msg->status.name;
|
||||
}
|
||||
|
||||
fprintf(out, "Connections:\n");
|
||||
iterator = this->backend->create_peer_cfg_iterator(this->backend);
|
||||
while (iterator->iterate(iterator, (void**)&peer_cfg))
|
||||
if (all)
|
||||
{
|
||||
if (peer_cfg->get_ike_version(peer_cfg) != 2 ||
|
||||
(name && !streq(name, peer_cfg->get_name(peer_cfg))))
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
ike_cfg = peer_cfg->get_ike_cfg(peer_cfg);
|
||||
fprintf(out, "%12s: %H[%D]...%H[%D]\n", peer_cfg->get_name(peer_cfg),
|
||||
ike_cfg->get_my_host(ike_cfg), peer_cfg->get_my_id(peer_cfg),
|
||||
ike_cfg->get_other_host(ike_cfg), peer_cfg->get_other_id(peer_cfg));
|
||||
children = peer_cfg->create_child_cfg_iterator(peer_cfg);
|
||||
while (children->iterate(children, (void**)&child_cfg))
|
||||
{
|
||||
linked_list_t *my_ts, *other_ts;
|
||||
my_ts = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
|
||||
other_ts = child_cfg->get_traffic_selectors(child_cfg, FALSE, NULL, NULL);
|
||||
fprintf(out, "%12s: %#R=== %#R\n", child_cfg->get_name(child_cfg),
|
||||
my_ts, other_ts);
|
||||
my_ts->destroy_offset(my_ts, offsetof(traffic_selector_t, destroy));
|
||||
other_ts->destroy_offset(other_ts, offsetof(traffic_selector_t, destroy));
|
||||
}
|
||||
children->destroy(children);
|
||||
}
|
||||
iterator->destroy(iterator);
|
||||
leak_detective_status(out);
|
||||
|
||||
fprintf(out, "Performance:\n");
|
||||
fprintf(out, " worker threads: %d idle of %d,",
|
||||
charon->thread_pool->get_idle_threads(charon->thread_pool),
|
||||
charon->thread_pool->get_pool_size(charon->thread_pool));
|
||||
fprintf(out, " job queue load: %d,",
|
||||
charon->job_queue->get_count(charon->job_queue));
|
||||
fprintf(out, " scheduled events: %d\n",
|
||||
charon->event_queue->get_count(charon->event_queue));
|
||||
list = charon->kernel_interface->create_address_list(charon->kernel_interface);
|
||||
|
||||
fprintf(out, "Listening on %d IP addresses:\n", list->get_count(list));
|
||||
while (list->remove_first(list, (void**)&host) == SUCCESS)
|
||||
{
|
||||
fprintf(out, " %H\n", host);
|
||||
host->destroy(host);
|
||||
}
|
||||
list->destroy(list);
|
||||
|
||||
fprintf(out, "Connections:\n");
|
||||
iterator = this->backend->create_peer_cfg_iterator(this->backend);
|
||||
while (iterator->iterate(iterator, (void**)&peer_cfg))
|
||||
{
|
||||
if (peer_cfg->get_ike_version(peer_cfg) != 2 ||
|
||||
(name && !streq(name, peer_cfg->get_name(peer_cfg))))
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
ike_cfg = peer_cfg->get_ike_cfg(peer_cfg);
|
||||
fprintf(out, "%12s: %H[%D]...%H[%D]\n", peer_cfg->get_name(peer_cfg),
|
||||
ike_cfg->get_my_host(ike_cfg), peer_cfg->get_my_id(peer_cfg),
|
||||
ike_cfg->get_other_host(ike_cfg), peer_cfg->get_other_id(peer_cfg));
|
||||
children = peer_cfg->create_child_cfg_iterator(peer_cfg);
|
||||
while (children->iterate(children, (void**)&child_cfg))
|
||||
{
|
||||
linked_list_t *my_ts, *other_ts;
|
||||
my_ts = child_cfg->get_traffic_selectors(child_cfg, TRUE, NULL, NULL);
|
||||
other_ts = child_cfg->get_traffic_selectors(child_cfg, FALSE, NULL, NULL);
|
||||
fprintf(out, "%12s: %#R=== %#R\n", child_cfg->get_name(child_cfg),
|
||||
my_ts, other_ts);
|
||||
my_ts->destroy_offset(my_ts, offsetof(traffic_selector_t, destroy));
|
||||
other_ts->destroy_offset(other_ts, offsetof(traffic_selector_t, destroy));
|
||||
}
|
||||
children->destroy(children);
|
||||
}
|
||||
iterator->destroy(iterator);
|
||||
}
|
||||
|
||||
iterator = charon->ike_sa_manager->create_iterator(charon->ike_sa_manager);
|
||||
if (iterator->get_count(iterator) > 0)
|
||||
if (all && iterator->get_count(iterator) > 0)
|
||||
{
|
||||
fprintf(out, "Security Associations:\n");
|
||||
}
|
||||
while (iterator->iterate(iterator, (void**)&ike_sa))
|
||||
{
|
||||
bool ike_sa_printed = FALSE;
|
||||
bool ike_match = FALSE, ike_printed = FALSE;
|
||||
child_sa_t *child_sa;
|
||||
iterator_t *children = ike_sa->create_child_sa_iterator(ike_sa);
|
||||
|
||||
/* print IKE_SA */
|
||||
if (name == NULL || strcmp(name, ike_sa->get_name(ike_sa)) == 0)
|
||||
if (name == NULL || streq(name, ike_sa->get_name(ike_sa)))
|
||||
{
|
||||
fprintf(out, "%#K\n", ike_sa);
|
||||
ike_sa_printed = TRUE;
|
||||
ike_match = TRUE;
|
||||
}
|
||||
|
||||
while (children->iterate(children, (void**)&child_sa))
|
||||
{
|
||||
bool child_sa_match = name == NULL ||
|
||||
strcmp(name, child_sa->get_name(child_sa)) == 0;
|
||||
|
||||
/* print IKE_SA if its name differs from the CHILD_SA's name */
|
||||
if (!ike_sa_printed && child_sa_match)
|
||||
bool child_match = FALSE;
|
||||
|
||||
if (name == NULL || streq(name, child_sa->get_name(child_sa)))
|
||||
{
|
||||
fprintf(out, "%#K\n", ike_sa);
|
||||
ike_sa_printed = TRUE;
|
||||
child_match = TRUE;
|
||||
}
|
||||
|
||||
/* print CHILD_SA */
|
||||
if (child_sa_match)
|
||||
if ((child_match || ike_match) && !ike_printed)
|
||||
{
|
||||
fprintf(out, "%#P\n", child_sa);
|
||||
}
|
||||
}
|
||||
children->destroy(children);
|
||||
}
|
||||
iterator->destroy(iterator);
|
||||
}
|
||||
peer_cfg_t *cfg = ike_sa->get_peer_cfg(ike_sa);
|
||||
u_int32_t next;
|
||||
|
||||
/**
|
||||
* show status of daemon
|
||||
*/
|
||||
static void stroke_status(private_stroke_interface_t *this,
|
||||
stroke_msg_t *msg, FILE *out)
|
||||
{
|
||||
iterator_t *iterator;
|
||||
ike_sa_t *ike_sa;
|
||||
char *name = NULL;
|
||||
fprintf(out, "%12s[%d]: %N, %H[%D]...%H[%D]\n",
|
||||
ike_sa->get_name(ike_sa), ike_sa->get_unique_id(ike_sa),
|
||||
ike_sa_state_names, ike_sa->get_state(ike_sa),
|
||||
ike_sa->get_my_host(ike_sa), ike_sa->get_my_id(ike_sa),
|
||||
ike_sa->get_other_host(ike_sa), ike_sa->get_other_id(ike_sa));
|
||||
|
||||
if (all)
|
||||
{
|
||||
fprintf(out, "%12s[%d]: IKE SPIs: %J, ",
|
||||
ike_sa->get_name(ike_sa), ike_sa->get_unique_id(ike_sa),
|
||||
ike_sa->get_id(ike_sa));
|
||||
|
||||
ike_sa->get_stats(ike_sa, &next);
|
||||
if (next)
|
||||
{
|
||||
fprintf(out, "%s in %ds\n", cfg->use_reauth(cfg) ?
|
||||
"reauthentication" : "rekeying", next - time(NULL));
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(out, "rekeying disabled");
|
||||
}
|
||||
}
|
||||
|
||||
if (msg->status.name)
|
||||
{
|
||||
pop_string(msg, &(msg->status.name));
|
||||
name = msg->status.name;
|
||||
}
|
||||
|
||||
iterator = charon->ike_sa_manager->create_iterator(charon->ike_sa_manager);
|
||||
while (iterator->iterate(iterator, (void**)&ike_sa))
|
||||
{
|
||||
bool ike_sa_printed = FALSE;
|
||||
child_sa_t *child_sa;
|
||||
iterator_t *children = ike_sa->create_child_sa_iterator(ike_sa);
|
||||
|
||||
/* print IKE_SA */
|
||||
if (name == NULL || strcmp(name, ike_sa->get_name(ike_sa)) == 0)
|
||||
{
|
||||
fprintf(out, "%K\n", ike_sa);
|
||||
ike_sa_printed = TRUE;
|
||||
}
|
||||
|
||||
while (children->iterate(children, (void**)&child_sa))
|
||||
{
|
||||
bool child_sa_match = name == NULL ||
|
||||
strcmp(name, child_sa->get_name(child_sa)) == 0;
|
||||
|
||||
/* print IKE_SA if its name differs from the CHILD_SA's name */
|
||||
if (!ike_sa_printed && child_sa_match)
|
||||
{
|
||||
fprintf(out, "%K\n", ike_sa);
|
||||
ike_sa_printed = TRUE;
|
||||
ike_printed = TRUE;
|
||||
}
|
||||
|
||||
/* print CHILD_SA */
|
||||
if (child_sa_match)
|
||||
if (child_match)
|
||||
{
|
||||
fprintf(out, "%P\n", child_sa);
|
||||
u_int32_t now, rekey;
|
||||
u_int32_t use_in, use_out, use_fwd;
|
||||
encryption_algorithm_t encr_alg;
|
||||
integrity_algorithm_t int_alg;
|
||||
size_t encr_len, int_len;
|
||||
mode_t mode;
|
||||
|
||||
now = time(NULL);
|
||||
child_sa->get_stats(child_sa, &mode, &encr_alg, &encr_len,
|
||||
&int_alg, &int_len, &rekey, &use_in, &use_out,
|
||||
&use_fwd);
|
||||
|
||||
fprintf(out, "%12s{%d}: %N, %N",
|
||||
child_sa->get_name(child_sa), child_sa->get_reqid(child_sa),
|
||||
child_sa_state_names, child_sa->get_state(child_sa),
|
||||
mode_names, mode);
|
||||
|
||||
if (child_sa->get_state(child_sa) == CHILD_INSTALLED)
|
||||
{
|
||||
fprintf(out, ", %N SPIs: 0x%0x_i 0x%0x_o",
|
||||
protocol_id_names, child_sa->get_protocol(child_sa),
|
||||
htonl(child_sa->get_spi(child_sa, TRUE)),
|
||||
htonl(child_sa->get_spi(child_sa, FALSE)));
|
||||
|
||||
if (all)
|
||||
{
|
||||
fprintf(out, "\n%12s{%d}: ", child_sa->get_name(child_sa),
|
||||
child_sa->get_reqid(child_sa));
|
||||
|
||||
|
||||
if (child_sa->get_protocol(child_sa) == PROTO_ESP)
|
||||
{
|
||||
fprintf(out, "%N", encryption_algorithm_names, encr_alg);
|
||||
|
||||
if (encr_len)
|
||||
{
|
||||
fprintf(out, "-%d", encr_len);
|
||||
}
|
||||
fprintf(out, "/");
|
||||
}
|
||||
|
||||
fprintf(out, "%N", integrity_algorithm_names, int_alg);
|
||||
if (int_len)
|
||||
{
|
||||
fprintf(out, "-%d", int_len);
|
||||
}
|
||||
fprintf(out, ", rekeying ");
|
||||
|
||||
if (rekey)
|
||||
{
|
||||
fprintf(out, "in %ds", rekey - now);
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(out, "disabled");
|
||||
}
|
||||
|
||||
fprintf(out, ", last use: ");
|
||||
use_in = max(use_in, use_fwd);
|
||||
if (use_in)
|
||||
{
|
||||
fprintf(out, "%ds_i ", now - use_in);
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(out, "no_i ");
|
||||
}
|
||||
if (use_out)
|
||||
{
|
||||
fprintf(out, "%ds_o ", now - use_out);
|
||||
}
|
||||
else
|
||||
{
|
||||
fprintf(out, "no_o ");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
fprintf(out, "\n%12s{%d}: %#R=== %#R\n",
|
||||
child_sa->get_name(child_sa), child_sa->get_reqid(child_sa),
|
||||
child_sa->get_traffic_selectors(child_sa, TRUE),
|
||||
child_sa->get_traffic_selectors(child_sa, FALSE));
|
||||
}
|
||||
}
|
||||
children->destroy(children);
|
||||
|
@ -1392,10 +1449,10 @@ static void stroke_process(private_stroke_interface_t *this, int strokefd)
|
|||
stroke_terminate(this, msg, out);
|
||||
break;
|
||||
case STR_STATUS:
|
||||
stroke_status(this, msg, out);
|
||||
stroke_status(this, msg, out, FALSE);
|
||||
break;
|
||||
case STR_STATUS_ALL:
|
||||
stroke_statusall(this, msg, out);
|
||||
stroke_status(this, msg, out, TRUE);
|
||||
break;
|
||||
case STR_ADD_CONN:
|
||||
stroke_add_conn(this, msg, out);
|
||||
|
|
|
@ -27,7 +27,6 @@
|
|||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <printf.h>
|
||||
|
||||
#include <daemon.h>
|
||||
|
||||
|
@ -211,6 +210,52 @@ static child_cfg_t* get_config(private_child_sa_t *this)
|
|||
return this->config;
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of child_sa_t.get_stats.
|
||||
*/
|
||||
static void get_stats(private_child_sa_t *this, mode_t *mode,
|
||||
encryption_algorithm_t *encr_algo, size_t *encr_len,
|
||||
integrity_algorithm_t *int_algo, size_t *int_len,
|
||||
u_int32_t *rekey, u_int32_t *use_in, u_int32_t *use_out,
|
||||
u_int32_t *use_fwd)
|
||||
{
|
||||
sa_policy_t *policy;
|
||||
iterator_t *iterator;
|
||||
u_int32_t in = 0, out = 0, fwd = 0, time;
|
||||
|
||||
iterator = this->policies->create_iterator(this->policies, TRUE);
|
||||
while (iterator->iterate(iterator, (void**)&policy))
|
||||
{
|
||||
|
||||
if (charon->kernel_interface->query_policy(charon->kernel_interface,
|
||||
policy->other_ts, policy->my_ts, POLICY_IN, &time) == SUCCESS)
|
||||
{
|
||||
in = max(in, time);
|
||||
}
|
||||
if (charon->kernel_interface->query_policy(charon->kernel_interface,
|
||||
policy->my_ts, policy->other_ts, POLICY_OUT, &time) == SUCCESS)
|
||||
{
|
||||
out = max(out, time);
|
||||
}
|
||||
if (charon->kernel_interface->query_policy(charon->kernel_interface,
|
||||
policy->other_ts, policy->my_ts, POLICY_FWD, &time) == SUCCESS)
|
||||
{
|
||||
fwd = max(fwd, time);
|
||||
}
|
||||
}
|
||||
iterator->destroy(iterator);
|
||||
|
||||
*mode = this->mode;
|
||||
*encr_algo = this->encryption.algorithm;
|
||||
*encr_len = this->encryption.key_size;
|
||||
*int_algo = this->integrity.algorithm;
|
||||
*int_len = this->integrity.key_size;
|
||||
*rekey = this->rekey_time;
|
||||
*use_in = in;
|
||||
*use_out = out;
|
||||
*use_fwd = fwd;
|
||||
}
|
||||
|
||||
/**
|
||||
* Run the up/down script
|
||||
*/
|
||||
|
@ -542,7 +587,7 @@ static status_t install(private_child_sa_t *this, proposal_t *proposal,
|
|||
this->encryption = *enc_algo;
|
||||
this->integrity = *int_algo;
|
||||
this->install_time = time(NULL);
|
||||
this->rekey_time = soft;
|
||||
this->rekey_time = this->install_time + soft;
|
||||
|
||||
return status;
|
||||
}
|
||||
|
@ -736,126 +781,6 @@ static status_t get_use_time(private_child_sa_t *this, bool inbound, time_t *use
|
|||
return status;
|
||||
}
|
||||
|
||||
/**
|
||||
* output handler in printf()
|
||||
*/
|
||||
static int print(FILE *stream, const struct printf_info *info,
|
||||
const void *const *args)
|
||||
{
|
||||
private_child_sa_t *this = *((private_child_sa_t**)(args[0]));
|
||||
iterator_t *iterator;
|
||||
sa_policy_t *policy;
|
||||
u_int32_t now, rekeying;
|
||||
u_int32_t use, use_in, use_fwd;
|
||||
status_t status;
|
||||
size_t written = 0;
|
||||
|
||||
if (this == NULL)
|
||||
{
|
||||
return fprintf(stream, "(null)");
|
||||
}
|
||||
|
||||
now = time(NULL);
|
||||
|
||||
written += fprintf(stream, "%12s{%d}: %N, %N",
|
||||
this->config->get_name(this->config), this->reqid,
|
||||
child_sa_state_names, this->state,
|
||||
mode_names, this->mode);
|
||||
|
||||
if (this->state == CHILD_INSTALLED)
|
||||
{
|
||||
written += fprintf(stream, ", %N SPIs: 0x%0x_i 0x%0x_o",
|
||||
protocol_id_names, this->protocol,
|
||||
htonl(this->me.spi), htonl(this->other.spi));
|
||||
|
||||
if (info->alt)
|
||||
{
|
||||
written += fprintf(stream, "\n%12s{%d}: ",
|
||||
this->config->get_name(this->config),
|
||||
this->reqid);
|
||||
|
||||
if (this->protocol == PROTO_ESP)
|
||||
{
|
||||
written += fprintf(stream, "%N", encryption_algorithm_names,
|
||||
this->encryption.algorithm);
|
||||
|
||||
if (this->encryption.key_size)
|
||||
{
|
||||
written += fprintf(stream, "-%d", this->encryption.key_size);
|
||||
}
|
||||
written += fprintf(stream, "/");
|
||||
}
|
||||
|
||||
written += fprintf(stream, "%N", integrity_algorithm_names,
|
||||
this->integrity.algorithm);
|
||||
if (this->integrity.key_size)
|
||||
{
|
||||
written += fprintf(stream, "-%d", this->integrity.key_size);
|
||||
}
|
||||
written += fprintf(stream, ", rekeying ");
|
||||
|
||||
/* calculate rekey times */
|
||||
if (this->rekey_time)
|
||||
{
|
||||
rekeying = this->install_time + this->rekey_time - now;
|
||||
written += fprintf(stream, "in %ds", rekeying);
|
||||
}
|
||||
else
|
||||
{
|
||||
written += fprintf(stream, "disabled");
|
||||
}
|
||||
}
|
||||
}
|
||||
iterator = this->policies->create_iterator(this->policies, TRUE);
|
||||
while (iterator->iterate(iterator, (void**)&policy))
|
||||
{
|
||||
written += fprintf(stream, "\n%12s{%d}: %R===%R, last use: ",
|
||||
this->config->get_name(this->config), this->reqid,
|
||||
policy->my_ts, policy->other_ts);
|
||||
|
||||
/* query time of last policy use */
|
||||
|
||||
/* inbound: POLICY_IN or POLICY_FWD */
|
||||
status = charon->kernel_interface->query_policy(charon->kernel_interface,
|
||||
policy->other_ts, policy->my_ts, POLICY_IN, &use_in);
|
||||
use_in = (status == SUCCESS)? use_in : 0;
|
||||
status = charon->kernel_interface->query_policy(charon->kernel_interface,
|
||||
policy->other_ts, policy->my_ts, POLICY_FWD, &use_fwd);
|
||||
use_fwd = (status == SUCCESS)? use_fwd : 0;
|
||||
use = max(use_in, use_fwd);
|
||||
if (use)
|
||||
{
|
||||
written += fprintf(stream, "%ds_i ", now - use);
|
||||
}
|
||||
else
|
||||
{
|
||||
written += fprintf(stream, "no_i ");
|
||||
}
|
||||
|
||||
/* outbound: POLICY_OUT */
|
||||
status = charon->kernel_interface->query_policy(charon->kernel_interface,
|
||||
policy->my_ts, policy->other_ts, POLICY_OUT, &use);
|
||||
if (status == SUCCESS && use)
|
||||
{
|
||||
written += fprintf(stream, "%ds_o ", now - use);
|
||||
}
|
||||
else
|
||||
{
|
||||
written += fprintf(stream, "no_o ");
|
||||
}
|
||||
}
|
||||
iterator->destroy(iterator);
|
||||
return written;
|
||||
}
|
||||
|
||||
/**
|
||||
* register printf() handlers
|
||||
*/
|
||||
static void __attribute__ ((constructor))print_register()
|
||||
{
|
||||
register_printf_function(PRINTF_CHILD_SA, print, arginfo_ptr);
|
||||
}
|
||||
|
||||
/**
|
||||
* Update the host adress/port of a SA
|
||||
*/
|
||||
|
@ -1082,6 +1007,7 @@ child_sa_t * child_sa_create(host_t *me, host_t* other,
|
|||
this->public.get_reqid = (u_int32_t(*)(child_sa_t*))get_reqid;
|
||||
this->public.get_spi = (u_int32_t(*)(child_sa_t*, bool))get_spi;
|
||||
this->public.get_protocol = (protocol_id_t(*)(child_sa_t*))get_protocol;
|
||||
this->public.get_stats = (void(*)(child_sa_t*, mode_t*,encryption_algorithm_t*,size_t*,integrity_algorithm_t*,size_t*,u_int32_t*,u_int32_t*,u_int32_t*,u_int32_t*))get_stats;
|
||||
this->public.alloc = (status_t(*)(child_sa_t*,linked_list_t*))alloc;
|
||||
this->public.add = (status_t(*)(child_sa_t*,proposal_t*,mode_t,prf_plus_t*))add;
|
||||
this->public.update = (status_t(*)(child_sa_t*,proposal_t*,mode_t,prf_plus_t*))update;
|
||||
|
|
|
@ -140,6 +140,25 @@ struct child_sa_t {
|
|||
*/
|
||||
protocol_id_t (*get_protocol) (child_sa_t *this);
|
||||
|
||||
/**
|
||||
* @brief Get info and statistics about this CHILD_SA.
|
||||
*
|
||||
* @param mode mode this IKE_SA uses
|
||||
* @param encr_algo encryption algorithm used by this CHILD_SA.
|
||||
* @param encr_len key length of the algorithm, if any
|
||||
* @param int_algo integrity algorithm used by this CHILD_SA
|
||||
* @param int_len key length of the algorithm, if any
|
||||
* @param rekey time when rekeying is scheduled
|
||||
* @param use_in time when last traffic was seen coming in
|
||||
* @param use_out time when last traffic was seen going out
|
||||
* @param use_fwd time when last traffic was getting forwarded
|
||||
*/
|
||||
void (*get_stats)(child_sa_t *this, mode_t *mode,
|
||||
encryption_algorithm_t *encr, size_t *encr_len,
|
||||
integrity_algorithm_t *int_algo, size_t *int_len,
|
||||
u_int32_t *rekey, u_int32_t *use_in, u_int32_t *use_out,
|
||||
u_int32_t *use_fwd);
|
||||
|
||||
/**
|
||||
* @brief Allocate SPIs for given proposals.
|
||||
*
|
||||
|
|
|
@ -280,6 +280,18 @@ static char *get_name(private_ike_sa_t *this)
|
|||
return "(unnamed)";
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Implementation of ike_sa_t.get_stats.
|
||||
*/
|
||||
static void get_stats(private_ike_sa_t *this, u_int32_t *next_rekeying)
|
||||
{
|
||||
if (next_rekeying)
|
||||
{
|
||||
*next_rekeying = this->time.rekey;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of ike_sa_t.get_my_host.
|
||||
*/
|
||||
|
@ -1807,54 +1819,6 @@ static void add_dns_server(private_ike_sa_t *this, host_t *dns)
|
|||
fclose(file);
|
||||
}
|
||||
|
||||
/**
|
||||
* output handler in printf()
|
||||
*/
|
||||
static int print(FILE *stream, const struct printf_info *info,
|
||||
const void *const *args)
|
||||
{
|
||||
int written = 0;
|
||||
bool reauth = FALSE;
|
||||
private_ike_sa_t *this = *((private_ike_sa_t**)(args[0]));
|
||||
|
||||
if (this->peer_cfg)
|
||||
{
|
||||
reauth = this->peer_cfg->use_reauth(this->peer_cfg);
|
||||
}
|
||||
|
||||
if (this == NULL)
|
||||
{
|
||||
return fprintf(stream, "(null)");
|
||||
}
|
||||
|
||||
written = fprintf(stream, "%12s[%d]: %N, %H[%D]...%H[%D]", get_name(this),
|
||||
this->unique_id, ike_sa_state_names, this->state,
|
||||
this->my_host, this->my_id, this->other_host,
|
||||
this->other_id);
|
||||
if (this->time.rekey)
|
||||
{
|
||||
written += fprintf(stream, "\n%12s[%d]: IKE SPIs: %J, %s in %ds",
|
||||
get_name(this), this->unique_id, this->ike_sa_id,
|
||||
reauth ? "reauthentication" : "rekeying",
|
||||
this->time.rekey - time(NULL));
|
||||
}
|
||||
else
|
||||
{
|
||||
written += fprintf(stream, "\n%12s[%d]: IKE SPIs: %J, rekeying disabled",
|
||||
get_name(this), this->unique_id, this->ike_sa_id);
|
||||
}
|
||||
|
||||
return written;
|
||||
}
|
||||
|
||||
/**
|
||||
* register printf() handlers
|
||||
*/
|
||||
static void __attribute__ ((constructor))print_register()
|
||||
{
|
||||
register_printf_function(PRINTF_IKE_SA, print, arginfo_ptr);
|
||||
}
|
||||
|
||||
/**
|
||||
* Implementation of ike_sa_t.destroy.
|
||||
*/
|
||||
|
@ -1906,6 +1870,7 @@ ike_sa_t * ike_sa_create(ike_sa_id_t *ike_sa_id)
|
|||
/* Public functions */
|
||||
this->public.get_state = (ike_sa_state_t(*)(ike_sa_t*)) get_state;
|
||||
this->public.set_state = (void(*)(ike_sa_t*,ike_sa_state_t)) set_state;
|
||||
this->public.get_stats = (void(*)(ike_sa_t*,u_int32_t*))get_stats;
|
||||
this->public.get_name = (char*(*)(ike_sa_t*))get_name;
|
||||
this->public.process_message = (status_t(*)(ike_sa_t*, message_t*)) process_message;
|
||||
this->public.initiate = (status_t(*)(ike_sa_t*,child_cfg_t*)) initiate;
|
||||
|
|
|
@ -183,6 +183,13 @@ struct ike_sa_t {
|
|||
*/
|
||||
ike_sa_state_t (*get_state) (ike_sa_t *this);
|
||||
|
||||
/**
|
||||
* @brief Get some statistics about this IKE_SA.
|
||||
*
|
||||
* @param next_rekeying when the next rekeying is scheduled
|
||||
*/
|
||||
void (*get_stats)(ike_sa_t *this, u_int32_t *next_rekeying);
|
||||
|
||||
/**
|
||||
* @brief Set the state of the IKE_SA.
|
||||
*
|
||||
|
|
|
@ -41,12 +41,8 @@
|
|||
/** 1 argument: ike_sa_id_t *id */
|
||||
#define PRINTF_IKE_SA_ID 'J'
|
||||
/** 1 argument: ike_sa_t *ike_sa */
|
||||
#define PRINTF_IKE_SA 'K'
|
||||
/** 1 argument: message_t *message */
|
||||
#define PRINTF_ENUM 'N'
|
||||
/** 1 argument: child_sa_t *child_sa */
|
||||
#define PRINTF_CHILD_SA 'P'
|
||||
/** 1 argument: traffic_selector_t *ts */
|
||||
#define PRINTF_TRAFFIC_SELECTOR 'R'
|
||||
/** 1 argument: time_t *time; with #-modifier 2 arguments: time_t *time, bool utc */
|
||||
#define PRINTF_TIME 'T'
|
||||
|
|
Loading…
Reference in New Issue