ipsec pool --statusattr [--hexout] outputs attribute values in correct format if known

4 files changed, 117 insertions, 41 deletions

diff --git a/src/libhydra/plugins/attr_sql/pool.c b/src/libhydra/plugins/attr_sql/pool.c
index ac11c4d03..e54d7642e 100644
--- a/src/libhydra/plugins/attr_sql/pool.c
+++ b/src/libhydra/plugins/attr_sql/pool.c
@@ -946,7 +946,7 @@ static void do_args(int argc, char *argv[])
 	char *name = "", *value = "", *filter = "", *addresses = NULL;
 	value_type_t value_type = VALUE_NONE;
 	int timeout = 0;
-	bool utc = FALSE;
+	bool utc = FALSE, hexout = FALSE;
 
 	enum {
 		OP_UNDEF,
@@ -993,10 +993,13 @@ static void do_args(int argc, char *argv[])
 			{ "addresses", required_argument, NULL, 'y' },
 			{ "timeout", required_argument, NULL, 't' },
 			{ "filter", required_argument, NULL, 'f' },
+			{ "addr", required_argument, NULL, 'v' },
+			{ "mask", required_argument, NULL, 'v' },
 			{ "server", required_argument, NULL, 'v' },
 			{ "subnet", required_argument, NULL, 'n' },
 			{ "string", required_argument, NULL, 'g' },
 			{ "hex", required_argument, NULL, 'x' },
+			{ "hexout", no_argument, NULL, '5' },
 			{ 0,0,0,0 }
 		};
 
@@ -1116,6 +1119,9 @@ static void do_args(int argc, char *argv[])
 				value_type = VALUE_HEX;
 				value = optarg;
 				continue;
+			case '5':
+				hexout = TRUE;
+				continue;
 			default:
 				usage();
 				exit(EXIT_FAILURE);
@@ -1133,7 +1139,7 @@ static void do_args(int argc, char *argv[])
 			status();
 			break;
 		case OP_STATUS_ATTR:
-			status_attr();
+			status_attr(hexout);
 			break;
 		case OP_ADD:
 			if (addresses != NULL)
diff --git a/src/libhydra/plugins/attr_sql/pool_attributes.c b/src/libhydra/plugins/attr_sql/pool_attributes.c
index 93c8c5b39..51e0a97c6 100644
--- a/src/libhydra/plugins/attr_sql/pool_attributes.c
+++ b/src/libhydra/plugins/attr_sql/pool_attributes.c
@@ -32,7 +32,7 @@ extern database_t *db;
 ENUM(value_type_names, VALUE_HEX, VALUE_SUBNET,
 	"hex",
 	"string",
-	"server",
+	"addr",
 	"subnet"
 );
 
@@ -46,32 +46,36 @@ struct attr_info_t {
 };
 
 static const attr_info_t attr_info[] = {
-	{ "internal_ip4_dns",    VALUE_ADDR,   INTERNAL_IP4_DNS,    0 },
-	{ "internal_ip6_dns",    VALUE_ADDR,   INTERNAL_IP6_DNS,    0 },
-	{ "dns",                 VALUE_ADDR,   INTERNAL_IP4_DNS,
-										   INTERNAL_IP6_DNS       },
-	{ "internal_ip4_nbns",   VALUE_ADDR,   INTERNAL_IP4_NBNS,   0 },
-	{ "internal_ip6_nbns",   VALUE_ADDR,   INTERNAL_IP6_NBNS,   0 },
-	{ "nbns",                VALUE_ADDR,   INTERNAL_IP4_NBNS,
-										   INTERNAL_IP6_NBNS      },
-	{ "wins",                VALUE_ADDR,   INTERNAL_IP4_NBNS,
-										   INTERNAL_IP6_NBNS      },
-	{ "internal_ip4_dhcp",   VALUE_ADDR,   INTERNAL_IP4_DHCP,   0 },
-	{ "internal_ip6_dhcp",   VALUE_ADDR,   INTERNAL_IP6_DHCP,   0 },
-	{ "dhcp",                VALUE_ADDR,   INTERNAL_IP4_DHCP,
-										   INTERNAL_IP6_DHCP      },
-	{ "internal_ip4_server", VALUE_ADDR,   INTERNAL_IP4_SERVER, 0 },
-	{ "internal_ip6_server", VALUE_ADDR,   INTERNAL_IP6_SERVER, 0 },
-	{ "server",              VALUE_ADDR,   INTERNAL_IP4_SERVER,
-										   INTERNAL_IP6_SERVER    },
-	{ "application_version", VALUE_STRING, APPLICATION_VERSION, 0 },
-	{ "version",             VALUE_STRING, APPLICATION_VERSION, 0 },
-	{ "unity_banner",        VALUE_STRING, UNITY_BANNER,        0 },
-	{ "banner",              VALUE_STRING, UNITY_BANNER,        0 },
-	{ "unity_def_domain",    VALUE_STRING, UNITY_DEF_DOMAIN,    0 },
-	{ "unity_splitdns_name", VALUE_STRING, UNITY_SPLITDNS_NAME, 0 },
-	{ "unity_split_include", VALUE_SUBNET, UNITY_SPLIT_INCLUDE, 0 },
-	{ "unity_local_lan",     VALUE_SUBNET, UNITY_LOCAL_LAN,     0 },
+	{ "internal_ip4_dns",     VALUE_ADDR,   INTERNAL_IP4_DNS,     0 },
+	{ "internal_ip6_dns",     VALUE_ADDR,   INTERNAL_IP6_DNS,     0 },
+	{ "dns",                  VALUE_ADDR,   INTERNAL_IP4_DNS,
+											INTERNAL_IP6_DNS        },
+	{ "internal_ip4_netmask", VALUE_ADDR,   INTERNAL_IP4_NETMASK, 0 },
+	{ "internal_ip6_netmask", VALUE_ADDR,   INTERNAL_IP6_NETMASK, 0 },
+	{ "netmask",              VALUE_ADDR,   INTERNAL_IP4_NETMASK,
+							 				INTERNAL_IP6_NETMASK    },
+	{ "internal_ip4_nbns",    VALUE_ADDR,   INTERNAL_IP4_NBNS,    0 },
+	{ "internal_ip6_nbns",    VALUE_ADDR,   INTERNAL_IP6_NBNS,    0 },
+	{ "nbns",                 VALUE_ADDR,   INTERNAL_IP4_NBNS,
+							 				INTERNAL_IP6_NBNS       },
+	{ "wins",                 VALUE_ADDR,   INTERNAL_IP4_NBNS,
+											INTERNAL_IP6_NBNS       },
+	{ "internal_ip4_dhcp",    VALUE_ADDR,   INTERNAL_IP4_DHCP,    0 },
+	{ "internal_ip6_dhcp",    VALUE_ADDR,   INTERNAL_IP6_DHCP,    0 },
+	{ "dhcp",                 VALUE_ADDR,   INTERNAL_IP4_DHCP,
+											INTERNAL_IP6_DHCP       },
+	{ "internal_ip4_server",  VALUE_ADDR,   INTERNAL_IP4_SERVER,  0 },
+	{ "internal_ip6_server",  VALUE_ADDR,   INTERNAL_IP6_SERVER,  0 },
+	{ "server",               VALUE_ADDR,   INTERNAL_IP4_SERVER,
+											INTERNAL_IP6_SERVER     },
+	{ "application_version",  VALUE_STRING, APPLICATION_VERSION,  0 },
+	{ "version",              VALUE_STRING, APPLICATION_VERSION,  0 },
+	{ "unity_banner",         VALUE_STRING, UNITY_BANNER,         0 },
+	{ "banner",               VALUE_STRING, UNITY_BANNER,         0 },
+	{ "unity_def_domain",     VALUE_STRING, UNITY_DEF_DOMAIN,     0 },
+	{ "unity_splitdns_name",  VALUE_STRING, UNITY_SPLITDNS_NAME,  0 },
+	{ "unity_split_include",  VALUE_SUBNET, UNITY_SPLIT_INCLUDE,  0 },
+	{ "unity_local_lan",      VALUE_SUBNET, UNITY_LOCAL_LAN,      0 },
 };
 
 /**
@@ -453,13 +457,16 @@ void del_attr(char *name, char *value, value_type_t value_type)
 /**
  * ipsec pool --statusattr - show all attribute entries
  */
-void status_attr(void)
+void status_attr(bool hexout)
 {
 	configuration_attribute_type_t type;
-	chunk_t value;
+	value_type_t value_type;
+	chunk_t value, addr_chunk, mask_chunk;
 	enumerator_t *enumerator;
+	host_t *addr, *mask;
 	char type_name[30];
 	bool first = TRUE;
+	int i;
 
 	/* enumerate over all attributes */
 	enumerator = db->query(db, "SELECT type, value FROM attributes ORDER BY type",
@@ -470,7 +477,7 @@ void status_attr(void)
 		{
 			if (first)
 			{
-				printf(" type  description          value\n");
+				printf(" type  description           value\n");
 				first = FALSE;
 			}
 			snprintf(type_name, sizeof(type_name), "%N",
@@ -479,7 +486,63 @@ void status_attr(void)
 			{
 				type_name[0] = '\0';
 			}
-			printf("%5d  %-20s %#B\n",type, type_name, &value);
+			printf("%5d  %-20s ",type, type_name);
+
+			value_type = VALUE_HEX;
+			if (!hexout)
+			{
+				for (i = 0; i < countof(attr_info); i++)
+				{
+					if (type == attr_info[i].type)
+					{
+						value_type = attr_info[i].value_type;
+						break; 
+					}
+				}
+			}
+			switch (value_type)
+			{
+				case VALUE_ADDR:
+					addr = host_create_from_chunk(AF_UNSPEC, value, 0);
+					if (addr)
+					{
+						printf(" %H\n", addr);
+						addr->destroy(addr);
+					}
+					else
+					{
+						/* value cannot be represented as an IP address */
+						printf(" %#B\n", &value);
+					}
+					break;
+				case VALUE_SUBNET:
+					if (value.len % UNITY_NETWORK_LEN == 0)
+					{
+						for (i = 0; i < value.len / UNITY_NETWORK_LEN; i++)
+						{
+							addr_chunk = chunk_create(value.ptr + i*UNITY_NETWORK_LEN, 4);
+							addr = host_create_from_chunk(AF_INET, addr_chunk, 0);
+							mask_chunk = chunk_create(addr_chunk.ptr + 4, 4);
+							mask = host_create_from_chunk(AF_INET, mask_chunk, 0);
+							printf("%s%H/%H", (i > 0) ? "," : " ", addr, mask);
+							addr->destroy(addr);
+							mask->destroy(mask);
+						}
+						printf("\n");
+					}
+					else
+					{
+						/* value cannot be represented as a list of subnets */
+						printf(" %#B\n", &value);
+					}
+					break;
+				case VALUE_STRING:
+					printf("\"%.*s\"\n", value.len, value.ptr);
+					break;					
+				case VALUE_HEX:
+				default:
+					printf(" %#B\n", &value);
+			}
 		}
 		enumerator->destroy(enumerator);
 	}
@@ -500,7 +563,7 @@ void show_attr(void)
 		snprintf(value_name, sizeof(value_name), "%N",
 			value_type_names, attr_info[i].value_type);
 	
-		printf("%-19s  --%-6s  (%N", 
+		printf("%-20s  --%-6s  (%N", 
 				attr_info[i].keyword, value_name, 
 				configuration_attribute_type_names, attr_info[i].type);
 
diff --git a/src/libhydra/plugins/attr_sql/pool_attributes.h b/src/libhydra/plugins/attr_sql/pool_attributes.h
index fcbe70f49..04cfbf948 100644
--- a/src/libhydra/plugins/attr_sql/pool_attributes.h
+++ b/src/libhydra/plugins/attr_sql/pool_attributes.h
@@ -46,7 +46,7 @@ void del_attr(char *name, char *value, value_type_t value_type);
 /**
  * ipsec pool --statusattr      - show all attribute entries
  */
-void status_attr(void);
+void status_attr(bool hexout);
 
 /**
  * ipsec pool --showattr - show all supported attribute keywords
diff --git a/src/libhydra/plugins/attr_sql/pool_usage.c b/src/libhydra/plugins/attr_sql/pool_usage.c
index be6b20cf7..b28c8ae15 100644
--- a/src/libhydra/plugins/attr_sql/pool_usage.c
+++ b/src/libhydra/plugins/attr_sql/pool_usage.c
@@ -29,8 +29,11 @@ Usage:\n\
   ipsec pool --status\n\
     Show a list of installed pools with statistics plus nameserver info.\n\
   \n\
-  ipsec pool --statusattr\n\
-    Show a list of all attributes stored in the database.\n\
+  ipsec pool --statusattr [--hexout]\n\
+    Show a list of all attributes stored in the database with the values\n\
+    converted to the correct format if the type is known by --showattr or\n\
+    in hex format otherwise.\n\
+      hexout:  Output all values in hex format\n\
   \n\
   ipsec pool --showattr\n\
     Show a keyword list of the major attribute types.\n\
@@ -56,10 +59,12 @@ Usage:\n\
                resized.\n\
       timeout: Lease time in hours, 0 for static leases\n\
   \n\
-  ipsec pool --addattr <type> --server|--subnet|--string|--hex <value>\n\
+  ipsec pool --addattr <type> --addr|--mask|--server|--subnet|--string|--hex <value>\n\
     Add a new attribute to the database.\n\
       type:    a keyword from --showattr or a number from the range 1..32767\n\
-      server:  IPv4 or IPv6 address of a server\n\
+      addr:    IPv4 or IPv6 address\n\
+      mask:    IPv4 or IPv6 netmask (synonym for --addr)\n\
+      server:  IPv4 or IPv6 address of a server (synonym for --addr)\n\
       subnet:  IPv4 subnet[s] given by network/mask[,network/mask,...]\n\
       string:  value of a string-type attribute\n\
       hex:     hex value of any attribute\n\
@@ -68,10 +73,12 @@ Usage:\n\
     Delete a pool from the database.\n\
       name:    Name of the pool to delete\n\
   \n\
-  ipsec pool --delattr <type> [--server|--subnet|--string|--hex <value>]\n\
+  ipsec pool --delattr <type> [--addr|--mask|--server|--subnet|--string|--hex <value>]\n\
     Delete a specific or all attributes of a given type from the database.\n\
       type:    a keyword from --showattr or a number from the range 1..32767\n\
-      server:  IPv4 or IPv6 address of a server\n\
+      addr:    IPv4 or IPv6 address\n\
+      mask:    IPv4 or IPv6 netmask (synonym for --addr)\n\
+      server:  IPv4 or IPv6 address of a server (synonym for --addr)\n\
       subnet:  IPv4 subnet[s] given by network/mask[,network/mask,...]\n\
       string:  value of a string-type attribute\n\
       hex:     hex value of any attribute\n\