implemented IKE_SA initiation in manager

src/manager/Makefile.am

@@ -3,7 +3,7 @@ ipsec_PROGRAMS = manager.fcgi
 manager_fcgi_SOURCES = \
 main.c manager.c manager.h gateway.h gateway.c database.h database.c \
 controller/auth_controller.c controller/auth_controller.h \
-controller/status_controller.c controller/status_controller.h \
+controller/ikesa_controller.c controller/ikesa_controller.h \
 controller/control_controller.c controller/control_controller.h \
 controller/config_controller.c controller/config_controller.h \
 controller/gateway_controller.c controller/gateway_controller.h
@@ -36,8 +36,11 @@ ipsec_templates_auth_DATA = templates/auth/login.cs
 ipsec_templates_gatewaydir = ${ipsec_templatesdir}/gateway
 ipsec_templates_gateway_DATA = templates/gateway/list.cs
 
-ipsec_templates_statusdir = ${ipsec_templatesdir}/status
-ipsec_templates_status_DATA = templates/status/ikesalist.cs
+ipsec_templates_ikesadir = ${ipsec_templatesdir}/ikesa
+ipsec_templates_ikesa_DATA = templates/ikesa/list.cs
+
+ipsec_templates_controldir = ${ipsec_templatesdir}/control
+ipsec_templates_control_DATA = templates/control/result.cs
 
 ipsec_templates_configdir = ${ipsec_templatesdir}/config
 ipsec_templates_config_DATA = templates/config/list.cs
@@ -51,8 +54,8 @@ templates/static/router.png templates/static/gateway-right.png templates/static/
 templates/static/close.png templates/static/initiate.png
 
 EXTRA_DIST = manager.db templates/header.cs templates/footer.cs templates/error.cs \
-templates/auth/login.cs templates/gateway/list.cs templates/status/ikesalist.cs \
-templates/config/list.cs \
+templates/auth/login.cs templates/gateway/list.cs templates/ikesa/list.cs \
+templates/config/list.cs templates/control/result.cs \
 templates/static/style.css templates/static/script.js templates/static/jquery.js \
 templates/static/pipe.png templates/static/pipe-good.png templates/static/pipe-bad.png \
 templates/static/pipe-thin.png templates/static/pipe-thin-left.png templates/static/pipe-thin-right.png \

src/manager/controller/auth_controller.c

@@ -60,7 +60,7 @@ static void check(private_auth_controller_t *this, request_t *request)
 	if (username && password &&
 		this->manager->login(this->manager, username, password))
 	{
-		request->redirect(request, "status/ikesalist");
+		request->redirect(request, "ikesa/list");
 	}
 	else
 	{

src/manager/controller/config_controller.c

@@ -55,7 +55,7 @@ static void process_peerconfig(private_config_controller_t *this,
 {
 	xml_t *xml;
 	enumerator_t *e1, *e2, *e3;
-	char *name, *value, *config = "", *child = "";
+	char *name, *value, *config = "", *child = "", *section = "";
 
 	while (e->enumerate(e, &xml, &name, &value))
 	{
@@ -80,7 +80,7 @@ static void process_peerconfig(private_config_controller_t *this,
 			e1 = xml->children(xml);
 			while (e1->enumerate(e1, &xml, &name, &value))
 			{
-				if (streq(name, "childcfg"))
+				if (streq(name, "childconfig"))
 				{
 					int num = 0;
 					
@@ -93,13 +93,14 @@ static void process_peerconfig(private_config_controller_t *this,
 						}
 						else if (streq(name, "local") || streq(name, "remote"))
 						{
+							section = name;
 							e3 = xml->children(xml);
 							while (e3->enumerate(e3, &xml, &name, &value))
 							{
 								if (streq(name, "network"))
 								{
-									r->setf(r, "peercfgs.%s.childcfgs.%s.%s.%d=%s",
-											config, child, name, ++num, value);
+									r->setf(r, "peercfgs.%s.childcfgs.%s.%s.networks.%d=%s",
+											config, child, section, ++num, value);
 								}
 							}
 							e3->destroy(e3);

src/manager/controller/control_controller.c

@@ -48,17 +48,46 @@ struct private_control_controller_t {
 };
 
 /**
- * terminate a IKE or CHILD SA
+ * handle the result of a control operation
  */
-static void terminate(private_control_controller_t *this, request_t *r,
-					  bool ike, u_int32_t id)
+static void handle_result(private_control_controller_t *this, request_t *r,
+						  enumerator_t *e)
 {
-	gateway_t *gateway;
-
-	gateway = this->manager->select_gateway(this->manager, 0);
-	if (gateway->terminate(gateway, ike, id))
+	enumerator_t *e1;
+	xml_t *xml;
+	char *name, *value;
+	int num = 0;
+	
+	if (e)
 	{
-		r->redirect(r, "status/ikesalist");
+		while (e->enumerate(e, &xml, &name, &value))
+		{
+			if (streq(name, "status"))
+			{
+				if (value && atoi(value) == 0)
+				{
+					r->set(r, "result", "Operation executed successfully:");
+				}
+				else
+				{
+					r->set(r, "result", "Operation failed:");
+				}
+			}
+			else if (streq(name, "log"))
+			{
+				e1 = xml->children(xml);
+				while (e1->enumerate(e1, &xml, &name, &value))
+				{
+					if (streq(name, "item"))
+					{
+						r->setf(r, "log.%d=%s", ++num, value);
+					}
+				}
+				e1->destroy(e1);
+			}
+		}
+		e->destroy(e);
+		r->render(r, "templates/control/result.cs");
 	}
 	else
 	{
@@ -68,6 +97,36 @@ static void terminate(private_control_controller_t *this, request_t *r,
 	}
 }
 
+/**
+ * initiate an IKE or CHILD SA
+ */
+static void initiate(private_control_controller_t *this, request_t *r,
+					 bool ike, char *config)
+{
+	gateway_t *gateway;
+	enumerator_t *e;
+
+	r->setf(r, "title=Establishing %s SA %s", ike ? "IKE" : "CHILD", config);
+	gateway = this->manager->select_gateway(this->manager, 0);
+	e = gateway->initiate(gateway, ike, config);
+	handle_result(this, r, e);
+}
+
+/**
+ * terminate an IKE or CHILD SA
+ */
+static void terminate(private_control_controller_t *this, request_t *r,
+					  bool ike, u_int32_t id)
+{
+	gateway_t *gateway;
+	enumerator_t *e;
+	
+	r->setf(r, "title=Terminate %s SA %d", ike ? "IKE" : "CHILD", id);
+	gateway = this->manager->select_gateway(this->manager, 0);
+	e = gateway->terminate(gateway, ike, id);
+	handle_result(this, r, e);
+}
+
 /**
  * Implementation of controller_t.get_name
  */
@@ -80,7 +139,7 @@ static char* get_name(private_control_controller_t *this)
  * Implementation of controller_t.handle
  */
 static void handle(private_control_controller_t *this,
-				   request_t *request, char *action, char *strid)
+				   request_t *request, char *action, char *str)
 {
 	if (!this->manager->logged_in(this->manager))
 	{
@@ -96,20 +155,34 @@ static void handle(private_control_controller_t *this,
 	
 		if (streq(action, "terminateike"))
 		{
-			if (strid && (id = atoi(strid)))
+			if (str && (id = atoi(str)))
 			{
 				return terminate(this, request, TRUE, id);
 			}
 		}
 		if (streq(action, "terminatechild"))
 		{
-			if (strid && (id = atoi(strid)))
+			if (str && (id = atoi(str)))
 			{
 				return terminate(this, request, FALSE, id);
 			}
 		}
+		if (streq(action, "initiateike"))
+		{
+			if (str)
+			{
+				return initiate(this, request, TRUE, str);
+			}
+		}
+		if (streq(action, "initiatechild"))
+		{
+			if (str)
+			{
+				return initiate(this, request, FALSE, str);
+			}
+		}
 	}
-	return request->redirect(request, "status/ikesalist");
+	return request->redirect(request, "ikesa/list");
 }
 
 /**

src/manager/controller/gateway_controller.c

@@ -82,7 +82,7 @@ static void _select(private_gateway_controller_t *this, request_t *request)
 	{
 		if (this->manager->select_gateway(this->manager, atoi(id)))
 		{
-			request->redirect(request, "status/ikesalist");
+			request->redirect(request, "ikesa/list");
 			return;
 		}
 	}

src/manager/controller/ikesa_controller.c

@@ -1,7 +1,7 @@
 /**
- * @file status_controller.c
+ * @file ikesa_controller.c
  *
- * @brief Implementation of status_controller_t.
+ * @brief Implementation of ikesa_controller_t.
  *
  */
 
@@ -20,7 +20,7 @@
  * for more details.
  */
 
-#include "status_controller.h"
+#include "ikesa_controller.h"
 #include "../manager.h"
 #include "../gateway.h"
 
@@ -29,17 +29,17 @@
 #include <library.h>
 
 
-typedef struct private_status_controller_t private_status_controller_t;
+typedef struct private_ikesa_controller_t private_ikesa_controller_t;
 
 /**
  * private data of the task manager
  */
-struct private_status_controller_t {
+struct private_ikesa_controller_t {
 
 	/**
 	 * public functions
 	 */
-	status_controller_t public;
+	ikesa_controller_t public;
 	
 	/**
 	 * manager instance
@@ -50,7 +50,7 @@ struct private_status_controller_t {
 /**
  * read XML of a childsa element and fill template
  */
-static void process_childsa(private_status_controller_t *this, char *id,
+static void process_childsa(private_ikesa_controller_t *this, char *id,
 							enumerator_t *e, request_t *r)
 {
 	xml_t *xml;
@@ -102,7 +102,7 @@ static void process_childsa(private_status_controller_t *this, char *id,
 /**
  * read XML of a ikesa element and fill template
  */
-static void process_ikesa(private_status_controller_t *this,
+static void process_ikesa(private_ikesa_controller_t *this,
 						  enumerator_t *e, request_t *r)
 {
 	xml_t *xml;
@@ -146,7 +146,7 @@ static void process_ikesa(private_status_controller_t *this,
 	}
 }
 
-static void ikesalist(private_status_controller_t *this, request_t *r)
+static void list(private_ikesa_controller_t *this, request_t *r)
 {
 	gateway_t *gateway;
 	xml_t *xml;
@@ -176,22 +176,22 @@ static void ikesalist(private_status_controller_t *this, request_t *r)
 		}
 		e1->destroy(e1);
 
-		r->render(r, "templates/status/ikesalist.cs");
+		r->render(r, "templates/ikesa/list.cs");
 	}
 }
 
 /**
  * Implementation of controller_t.get_name
  */
-static char* get_name(private_status_controller_t *this)
+static char* get_name(private_ikesa_controller_t *this)
 {
-	return "status";
+	return "ikesa";
 }
 
 /**
  * Implementation of controller_t.handle
  */
-static void handle(private_status_controller_t *this,
+static void handle(private_ikesa_controller_t *this,
 				   request_t *request, char *action)
 {
 	if (!this->manager->logged_in(this->manager))
@@ -204,18 +204,18 @@ static void handle(private_status_controller_t *this,
 	}
 	if (action)
 	{
-		if (streq(action, "ikesalist"))
+		if (streq(action, "list"))
 		{
-			return ikesalist(this, request);
+			return list(this, request);
 		}
 	}
-	return request->redirect(request, "status/ikesalist");
+	return request->redirect(request, "ikesa/list");
 }
 
 /**
  * Implementation of controller_t.destroy
  */
-static void destroy(private_status_controller_t *this)
+static void destroy(private_ikesa_controller_t *this)
 {
 	free(this);
 }
@@ -223,9 +223,9 @@ static void destroy(private_status_controller_t *this)
 /*
  * see header file
  */
-controller_t *status_controller_create(context_t *context, void *param)
+controller_t *ikesa_controller_create(context_t *context, void *param)
 {
-	private_status_controller_t *this = malloc_thing(private_status_controller_t);
+	private_ikesa_controller_t *this = malloc_thing(private_ikesa_controller_t);
 
 	this->public.controller.get_name = (char*(*)(controller_t*))get_name;
 	this->public.controller.handle = (void(*)(controller_t*,request_t*,char*,char*,char*,char*,char*))handle;

src/manager/controller/ikesa_controller.h

@@ -1,7 +1,7 @@
 /**
- * @file status_controller.h
+ * @file ikesa_controller.h
  * 
- * @brief Interface of status_controller_t.
+ * @brief Interface of ikesa_controller_t.
  * 
  */
 
@@ -20,18 +20,18 @@
  * for more details.
  */
 
-#ifndef STATUS_CONTROLLER_H_
-#define STATUS_CONTROLLER_H_
+#ifndef IKESA_CONTROLLER_H_
+#define IKESA_CONTROLLER_H_
 
 
 #include <controller.h>
 
-typedef struct status_controller_t status_controller_t;
+typedef struct ikesa_controller_t ikesa_controller_t;
 
 /**
  * @brief Status controller.
  */
-struct status_controller_t {
+struct ikesa_controller_t {
 
 	/**
 	 * Implements controller_t interface.
@@ -40,8 +40,8 @@ struct status_controller_t {
 };
 
 /**
- * @brief Create a status_controller controller instance.
+ * @brief Create a ikesa_controller controller instance.
  */
-controller_t *status_controller_create(context_t *context, void *param);
+controller_t *ikesa_controller_create(context_t *context, void *param);
 
-#endif /* STATUS_CONTROLLER_H_ */
+#endif /* IKESA_CONTROLLER_H_ */

src/manager/gateway.c

@@ -57,6 +57,11 @@ struct private_gateway_t {
 	 * socket file descriptor, > 0 if connected
 	 */
 	int fd;
+	
+	/**
+	 * unique id assigned to each xml message
+	 */
+	int xmlid;
 };
 
 struct sockaddr_un unix_addr = { AF_UNIX, IPSEC_PIDDIR "/charon.xml"};
@@ -127,14 +132,14 @@ static char* request(private_gateway_t *this, char *xml, ...)
 		}
 		if (send(this->fd, buf, len, 0) != len)
 		{
-			return NULL;
+			if (!connect_(this))
+			{
+				return NULL;
+			}
+			continue;
 		}
 		len = recv(this->fd, buf, sizeof(buf) - 1, 0);
-		if (len < 0)
-		{
-			return NULL;
-		}
-		if (len == 0)
+		if (len <= 0)
 		{
 			if (!connect_(this))
 			{
@@ -156,11 +161,11 @@ static enumerator_t* query_ikesalist(private_gateway_t *this)
 	xml_t *xml;
 	enumerator_t *e1, *e2, *e3, *e4 = NULL;
 	
-	str = request(this,	"<message type=\"request\" id=\"1\">"
+	str = request(this,	"<message type=\"request\" id=\"%d\">"
 							"<query>"
 								"<ikesalist/>"
 							"</query>"
-						"</message>");
+						"</message>", this->xmlid++);
 	if (str == NULL)
 	{
 		return NULL;
@@ -214,11 +219,11 @@ static enumerator_t* query_configlist(private_gateway_t *this)
 	xml_t *xml;
 	enumerator_t *e1, *e2, *e3, *e4 = NULL;
 	
-	str = request(this,	"<message type=\"request\" id=\"1\">"
+	str = request(this,	"<message type=\"request\" id=\"%d\">"
 							"<query>"
 								"<configlist/>"
 							"</query>"
-						"</message>");
+						"</message>", this->xmlid++);
 	if (str == NULL)
 	{
 		return NULL;
@@ -262,11 +267,52 @@ static enumerator_t* query_configlist(private_gateway_t *this)
 	return NULL;
 }
 
+/**
+ * create enumerator over control elements children of a control response
+ */
+static enumerator_t* read_result(private_gateway_t *this, char *res)
+{
+	char *name, *value;
+	xml_t *xml;
+	enumerator_t *e1, *e2, *e3;
+
+	if (res == NULL)
+	{
+		return NULL;
+	}
+	xml = xml_create(res);
+	if (xml == NULL)
+	{
+		return NULL;
+	}
+	e1 = xml->children(xml);
+	free(res);
+	while (e1->enumerate(e1, &xml, &name, &value))
+	{
+		if (streq(name, "message"))
+		{
+			e2 = xml->children(xml);
+			while (e2->enumerate(e2, &xml, &name, &value))
+			{
+				if (streq(name, "control"))
+				{
+					e3 = xml->children(xml);
+					e1->destroy(e1);
+					e2->destroy(e2);
+					return e3;
+				}
+			}
+			e2->destroy(e2);
+		}
+	}
+	e1->destroy(e1);
+	return NULL;
+}
 
 /**
- * Implementation of gateway_t.terminate.
+ * Implementation of gateway_t.initiate.
  */
-static bool terminate(private_gateway_t *this, bool ike, u_int32_t id)
+static enumerator_t* initiate(private_gateway_t *this, bool ike, char *name)
 {
 	char *str, *kind;
 	
@@ -278,18 +324,35 @@ static bool terminate(private_gateway_t *this, bool ike, u_int32_t id)
 	{
 		kind = "child";
 	}
-	
-	str = request(this,	"<message type=\"request\" id=\"1\">"
+	str = request(this,	"<message type=\"request\" id=\"%d\">"
 							"<control>"
-								"<%ssaterminate><id>%d</id></%ssaterminate>"
+								"<%ssainitiate>%s</%ssainitiate>"
 							"</control>"
-						"</message>", kind, id, kind);
-	if (str == NULL)
+						"</message>", this->xmlid++, kind, name, kind);
+	return read_result(this, str);
+}
+
+/**
+ * Implementation of gateway_t.terminate.
+ */
+static enumerator_t* terminate(private_gateway_t *this, bool ike, u_int32_t id)
+{
+	char *str, *kind;
+	
+	if (ike)
 	{
-		return FALSE;
+		kind = "ike";
 	}
-	free(str);
-	return TRUE;
+	else
+	{
+		kind = "child";
+	}
+	str = request(this,	"<message type=\"request\" id=\"%d\">"
+							"<control>"
+								"<%ssaterminate>%d</%ssaterminate>"
+							"</control>"
+						"</message>", this->xmlid++, kind, id, kind);
+	return read_result(this, str);
 }
 
 /**
@@ -316,12 +379,14 @@ static private_gateway_t *gateway_create(char *name)
 	this->public.request = (char*(*)(gateway_t*, char *xml))request;
 	this->public.query_ikesalist = (enumerator_t*(*)(gateway_t*))query_ikesalist;
 	this->public.query_configlist = (enumerator_t*(*)(gateway_t*))query_configlist;
-	this->public.terminate = (bool(*)(gateway_t*, bool ike, u_int32_t id))terminate;
+	this->public.initiate = (enumerator_t*(*)(gateway_t*, bool ike, char *name))initiate;
+	this->public.terminate = (enumerator_t*(*)(gateway_t*, bool ike, u_int32_t id))terminate;
 	this->public.destroy = (void(*)(gateway_t*))destroy;
 	
 	this->name = strdup(name);
 	this->host = NULL;
 	this->fd = -1;
+	this->xmlid = 1;
 	
 	return this;
 }

src/manager/gateway.h

@@ -59,9 +59,19 @@ struct gateway_t {
 	 * @brief Terminate an IKE or a CHILD SA.
 	 *
 	 * @param ike		TRUE for IKE-, FALSE for a CHILD-SA
-	 * @return			TRUE if successful
+	 * @param id		ID of the SA to terminate
+	 * @return			enumerator over control response XML children
 	 */
-	bool (*terminate)(gateway_t *this, bool ike, u_int32_t id);
+	enumerator_t* (*terminate)(gateway_t *this, bool ike, u_int32_t id);
+	
+	/**
+	 * @brief Initiate an IKE or a CHILD SA.
+	 *
+	 * @param ike		TRUE for IKE-, FALSE for CHILD-SA
+	 * @param name		name of the peer/child config
+	 * @return			enumerator over control response XML children
+	 */
+	enumerator_t* (*initiate)(gateway_t *this, bool ike, char *name);
 	
 	/**
      * @brief Destroy a gateway instance.

src/manager/main.c

@@ -26,7 +26,7 @@
 #include "manager.h"
 #include "database.h"
 #include "controller/auth_controller.h"
-#include "controller/status_controller.h"
+#include "controller/ikesa_controller.h"
 #include "controller/gateway_controller.h"
 #include "controller/control_controller.h"
 #include "controller/config_controller.h"
@@ -54,7 +54,7 @@ int main (int arc, char *argv[])
 	
 	dispatcher = dispatcher_create(socket, SESSION_TIMEOUT,
 						(context_constructor_t)manager_create, database);
-	dispatcher->add_controller(dispatcher, status_controller_create, NULL);
+	dispatcher->add_controller(dispatcher, ikesa_controller_create, NULL);
 	dispatcher->add_controller(dispatcher, gateway_controller_create, NULL);
 	dispatcher->add_controller(dispatcher, auth_controller_create, NULL);
 	dispatcher->add_controller(dispatcher, control_controller_create, NULL);

src/manager/templates/config/list.cs

@@ -1,39 +1,43 @@
 <?cs include:"templates/header.cs" ?>
 <?cs each:peercfg = peercfgs ?>
   <div class="expand" id="peercfg-<?cs name:peercfg ?>">
-  <h1><?cs name:peercfg ?></h1>
+  <h1><?cs name:peercfg ?>:
+  	<span><?cs var:peercfg.local ?></span> &lt;-&gt; 
+  	<span><?cs var:peercfg.remote ?></span>
+  </h1>
   <div class="controls">
-    <a title="initiate SA" href="<?cs var:base ?>/control/initiate/<?cs name:peercfg ?>">
+    <a title="initiate SA" href="<?cs var:base ?>/control/initiateike/<?cs name:peercfg ?>">
       <img src="<?cs var:base ?>/static/initiate.png"/>
     </a>
   </div>
   <div class="expander">
-    <hr/>
-    <?cs var:peercfg.local ?> - <?cs var:peercfg.remote ?>
     <hr/>
     <?cs each:childcfg = peercfg.childcfgs ?>
-    helo
+    <div class="expand">
+    <h1><?cs name:childcfg ?>:</h1>
+  <div class="controls">
+    <a title="initiate SA" href="<?cs var:base ?>/control/initiatechild/<?cs name:childcfg ?>">
+      <img src="<?cs var:base ?>/static/initiate.png"/>
+    </a>
+  </div>
+    <div class="expander">
     <table>
-      <tr>
-        <td colspan="2"><?cs name:childcfg ?></td>
+      <tr class="images">
+      	<td>
+          <?cs each:net = childcfg.local.networks ?>
+      	    <p><?cs var:net ?></p>
+          <?cs /each ?>
+      	</td>
+      	<td>&lt;-&gt;</td>
+      	<td class="right">
+          <?cs each:net = childcfg.remote.networks ?>
+      	    <p><?cs var:net ?></p>
+          <?cs /each ?>
+      	</td>
       </tr>
-      <tr>
-      	<td>Local</td>
-      	<td>Remote</td>
-      </tr>
-      <tr>
-        <td>
-		  <?cs each:net = childcfg.local.networks ?>
-	  	    <p><?cs var:net ?></p>
-		  <?cs /each ?>
-		</td>
-        <td>
-		  <?cs each:net = childcfg.remote.networks ?>
-	  	    <p><?cs var:net ?></p>
-		  <?cs /each ?>
-		</td>
-	  </tr>
-	</table>
+    </table>
+	</div>
+	</div>
     <?cs /each ?>
   </div>
   </div>

src/manager/templates/control/result.cs

@@ -0,0 +1,14 @@
+<?cs include:"templates/header.cs" ?>
+<div class="expand">
+  <h1><?cs var:result ?></h1>
+  <div class="controls">&nbsp;</div>
+  <div class="expander">
+  <hr/>
+  <ul>
+  <?cs each:item = log ?>
+    <li><?cs var:item ?></li>
+  <?cs /each ?>
+  </ul>
+  </div>
+</div>
+<?cs include:"templates/footer.cs" ?>

src/manager/templates/header.cs

@@ -9,14 +9,14 @@
   </head>
   <body>
   	<div class="fleft">
-      <a href="<?cs var:base ?>/status/ikesalist">
+      <a href="<?cs var:base ?>/ikesa/list">
         <img class="fleft" src="<?cs var:base ?>/static/strongswan.png"/>
       </a>
       <h1>strongSwan Manager</h1>
   	  <h2><?cs var:title ?></h2>
     </div>
     <div class="menu">
-      | <a href="<?cs var:base ?>/status/ikesalist">IKE SAs</a>
+      | <a href="<?cs var:base ?>/ikesa/list">IKE SAs</a>
       | <a href="<?cs var:base ?>/config/list">Config</a>
       | <a href="<?cs var:base ?>/gateway/list">Select Gateway</a>
       | <a href="<?cs var:base ?>/auth/logout">Logout</a>

src/manager/templates/static/script.js

@@ -1,8 +1,7 @@
 
 $(function(){
-  $(".expander").hide();
   $(".expand > h1").toggle(
-    function(){$(this).parent(".expand").find(".expander").slideDown('fast');},
-    function(){$(this).parent(".expand").find(".expander").slideUp('fast');}
+    function(){$(this).parent(".expand").find(".expander").slideUp('fast');},
+    function(){$(this).parent(".expand").find(".expander").slideDown('fast');}
   );
 });

src/manager/templates/static/style.css

@@ -58,6 +58,7 @@ a img {
     cursor: pointer;
     margin: 0;
     float: left;
+    padding-top: 3px;
 }
 
 .expand h1 span {