diff options
| -rw-r--r-- | src/charon/kernel/kernel_interface.c | 1 | ||||
| -rw-r--r-- | src/charon/plugins/stroke/stroke_list.c | 12 | ||||
| -rw-r--r-- | src/charon/sa/child_sa.c | 19 | ||||
| -rw-r--r-- | src/charon/sa/child_sa.h | 16 | ||||
| -rw-r--r-- | src/charon/sa/tasks/child_create.c | 2 |
5 files changed, 43 insertions, 7 deletions
diff --git a/src/charon/kernel/kernel_interface.c b/src/charon/kernel/kernel_interface.c index 9d9aaacb1..44b79cc2f 100644 --- a/src/charon/kernel/kernel_interface.c +++ b/src/charon/kernel/kernel_interface.c @@ -2014,6 +2014,7 @@ static status_t get_cpi(private_kernel_interface_t *this, u_int32_t reqid, u_int16_t *cpi) { u_int32_t received_spi = 0; + DBG2(DBG_KNL, "getting CPI for reqid {%d}", reqid); if (get_spi_internal(this, src, dst, diff --git a/src/charon/plugins/stroke/stroke_list.c b/src/charon/plugins/stroke/stroke_list.c index 138e24e93..8f67b2c91 100644 --- a/src/charon/plugins/stroke/stroke_list.c +++ b/src/charon/plugins/stroke/stroke_list.c @@ -127,11 +127,21 @@ static void log_child_sa(FILE *out, child_sa_t *child_sa, bool all) if (child_sa->get_state(child_sa) == CHILD_INSTALLED) { + u_int16_t my_cpi = child_sa->get_cpi(child_sa, TRUE); + u_int16_t other_cpi = child_sa->get_cpi(child_sa, FALSE); + fprintf(out, ", %N SPIs: %.8x_i %.8x_o", protocol_id_names, child_sa->get_protocol(child_sa), ntohl(child_sa->get_spi(child_sa, TRUE)), ntohl(child_sa->get_spi(child_sa, FALSE))); - + + /* Is IPcomp installed ? */ + if (my_cpi && other_cpi) + { + fprintf(out, ", IPCOMP CPIs: %.4x_i %.4x_o", + ntohs(my_cpi), ntohs(other_cpi)); + } + if (all) { fprintf(out, "\n%12s{%d}: ", child_sa->get_name(child_sa), diff --git a/src/charon/sa/child_sa.c b/src/charon/sa/child_sa.c index 57595e11a..baab1d5db 100644 --- a/src/charon/sa/child_sa.c +++ b/src/charon/sa/child_sa.c @@ -210,6 +210,18 @@ u_int32_t get_spi(private_child_sa_t *this, bool inbound) } /** + * Implements child_sa_t.get_cpi + */ +u_int16_t get_cpi(private_child_sa_t *this, bool inbound) +{ + if (inbound) + { + return this->me.cpi; + } + return this->other.cpi; +} + +/** * Implements child_sa_t.get_protocol */ protocol_id_t get_protocol(private_child_sa_t *this) @@ -924,9 +936,9 @@ static void activate_ipcomp(private_child_sa_t *this, ipcomp_transform_t ipcomp, } /** - * Implementation of child_sa_t.get_my_cpi. + * Implementation of child_sa_t.allocate_cpi. */ -static u_int16_t get_my_cpi(private_child_sa_t *this) +static u_int16_t allocate_cpi(private_child_sa_t *this) { if (!this->cpi_allocated) { @@ -1028,6 +1040,7 @@ child_sa_t * child_sa_create(host_t *me, host_t* other, this->public.get_name = (char*(*)(child_sa_t*))get_name; this->public.get_reqid = (u_int32_t(*)(child_sa_t*))get_reqid; this->public.get_spi = (u_int32_t(*)(child_sa_t*, bool))get_spi; + this->public.get_cpi = (u_int16_t(*)(child_sa_t*, bool))get_cpi; this->public.get_protocol = (protocol_id_t(*)(child_sa_t*))get_protocol; this->public.get_stats = (void(*)(child_sa_t*, mode_t*,encryption_algorithm_t*,size_t*,integrity_algorithm_t*,size_t*,u_int32_t*,u_int32_t*,u_int32_t*,u_int32_t*))get_stats; this->public.alloc = (status_t(*)(child_sa_t*,linked_list_t*))alloc; @@ -1041,7 +1054,7 @@ child_sa_t * child_sa_create(host_t *me, host_t* other, this->public.get_state = (child_sa_state_t(*)(child_sa_t*))get_state; this->public.get_config = (child_cfg_t*(*)(child_sa_t*))get_config; this->public.activate_ipcomp = (void(*)(child_sa_t*,ipcomp_transform_t,u_int16_t))activate_ipcomp; - this->public.get_my_cpi = (u_int16_t(*)(child_sa_t*))get_my_cpi; + this->public.allocate_cpi = (u_int16_t(*)(child_sa_t*))allocate_cpi; this->public.set_virtual_ip = (void(*)(child_sa_t*,host_t*))set_virtual_ip; this->public.destroy = (void(*)(child_sa_t*))destroy; diff --git a/src/charon/sa/child_sa.h b/src/charon/sa/child_sa.h index c566e563c..e4d116a1c 100644 --- a/src/charon/sa/child_sa.h +++ b/src/charon/sa/child_sa.h @@ -114,11 +114,23 @@ struct child_sa_t { * FALSE to get those we use for sending packets. * * @param inbound TRUE to get inbound SPI, FALSE for outbound. - * @return spi of the CHILD SA + * @return SPI of the CHILD SA */ u_int32_t (*get_spi) (child_sa_t *this, bool inbound); /** + * Get the CPI of this CHILD_SA. + * + * Set the boolean parameter inbound to TRUE to + * get the SPI for which we receive packets, use + * FALSE to get those we use for sending packets. + * + * @param inbound TRUE to get inbound CPI, FALSE for outbound. + * @return CPI of the CHILD SA + */ + u_int16_t (*get_cpi) (child_sa_t *this, bool inbound); + + /** * Get the protocol which this CHILD_SA uses to protect traffic. * * @return AH | ESP @@ -270,7 +282,7 @@ struct child_sa_t { * * @return allocated CPI */ - u_int16_t (*get_my_cpi) (child_sa_t *this); + u_int16_t (*allocate_cpi) (child_sa_t *this); /** * Destroys a child_sa. diff --git a/src/charon/sa/tasks/child_create.c b/src/charon/sa/tasks/child_create.c index 743cf5bb8..dcdc85364 100644 --- a/src/charon/sa/tasks/child_create.c +++ b/src/charon/sa/tasks/child_create.c @@ -456,7 +456,7 @@ static void build_ipcomp_supported_notify(private_child_create_t *this, return; } - cpi = this->child_sa->get_my_cpi(this->child_sa); + cpi = this->child_sa->allocate_cpi(this->child_sa); tid = this->ipcomp; if (cpi) { |