1 files changed, 28 insertions, 10 deletions

diff --git a/src/libcharon/plugins/vici/vici_control.c b/src/libcharon/plugins/vici/vici_control.c
index 752007c24..87794d24d 100644
--- a/src/libcharon/plugins/vici/vici_control.c
+++ b/src/libcharon/plugins/vici/vici_control.c
@@ -134,7 +134,7 @@ static child_cfg_t* get_child_from_peer(peer_cfg_t *peer_cfg, char *name)
 /**
  * Find a peer/child config from a child config name
  */
-static child_cfg_t* find_child_cfg(char *name, peer_cfg_t **out)
+static child_cfg_t* find_child_cfg(char *name, char *pname, peer_cfg_t **out)
 {
 	enumerator_t *enumerator;
 	peer_cfg_t *peer_cfg;
@@ -144,6 +144,10 @@ static child_cfg_t* find_child_cfg(char *name, peer_cfg_t **out)
 							charon->backends, NULL, NULL, NULL, NULL, IKE_ANY);
 	while (enumerator->enumerate(enumerator, &peer_cfg))
 	{
+		if (pname && !streq(pname, peer_cfg->get_name(peer_cfg)))
+		{
+			continue;
+		}
 		child_cfg = get_child_from_peer(peer_cfg, name);
 		if (child_cfg)
 		{
@@ -161,15 +165,17 @@ CALLBACK(initiate, vici_message_t*,
 {
 	child_cfg_t *child_cfg = NULL;
 	peer_cfg_t *peer_cfg;
-	char *child;
-	u_int timeout;
+	char *child, *ike;
+	int timeout;
 	bool limits;
+	controller_cb_t log_cb = NULL;
 	log_info_t log = {
 		.dispatcher = this->dispatcher,
 		.id = id,
 	};
 
 	child = request->get_str(request, NULL, "child");
+	ike = request->get_str(request, NULL, "ike");
 	timeout = request->get_int(request, 0, "timeout");
 	limits = request->get_bool(request, FALSE, "init-limits");
 	log.level = request->get_int(request, 1, "loglevel");
@@ -178,16 +184,20 @@ CALLBACK(initiate, vici_message_t*,
 	{
 		return send_reply(this, "missing configuration name");
 	}
+	if (timeout >= 0)
+	{
+		log_cb = (controller_cb_t)log_vici;
+	}
 
 	DBG1(DBG_CFG, "vici initiate '%s'", child);
 
-	child_cfg = find_child_cfg(child, &peer_cfg);
+	child_cfg = find_child_cfg(child, ike, &peer_cfg);
 	if (!child_cfg)
 	{
 		return send_reply(this, "CHILD_SA config '%s' not found", child);
 	}
 	switch (charon->controller->initiate(charon->controller, peer_cfg,
-				child_cfg, (controller_cb_t)log_vici, &log, timeout, limits))
+									child_cfg, log_cb, &log, timeout, limits))
 	{
 		case SUCCESS:
 			return send_reply(this, NULL);
@@ -208,11 +218,13 @@ CALLBACK(terminate, vici_message_t*,
 {
 	enumerator_t *enumerator, *isas, *csas;
 	char *child, *ike, *errmsg = NULL;
-	u_int timeout, child_id, ike_id, current, *del, done = 0;
+	u_int child_id, ike_id, current, *del, done = 0;
+	int timeout;
 	ike_sa_t *ike_sa;
 	child_sa_t *child_sa;
 	array_t *ids;
 	vici_builder_t *builder;
+	controller_cb_t log_cb = NULL;
 	log_info_t log = {
 		.dispatcher = this->dispatcher,
 		.id = id,
@@ -247,6 +259,11 @@ CALLBACK(terminate, vici_message_t*,
 		DBG1(DBG_CFG, "vici terminate CHILD_SA '%s'", child);
 	}
 
+	if (timeout >= 0)
+	{
+		log_cb = (controller_cb_t)log_vici;
+	}
+
 	ids = array_create(sizeof(u_int), 0);
 
 	isas = charon->controller->create_ike_sa_enumerator(charon->controller, TRUE);
@@ -296,7 +313,7 @@ CALLBACK(terminate, vici_message_t*,
 		if (child || child_id)
 		{
 			if (charon->controller->terminate_child(charon->controller, *del,
-						(controller_cb_t)log_vici, &log, timeout) == SUCCESS)
+											log_cb, &log, timeout) == SUCCESS)
 			{
 				done++;
 			}
@@ -304,7 +321,7 @@ CALLBACK(terminate, vici_message_t*,
 		else
 		{
 			if (charon->controller->terminate_ike(charon->controller, *del,
-						(controller_cb_t)log_vici, &log, timeout) == SUCCESS)
+											log_cb, &log, timeout) == SUCCESS)
 			{
 				done++;
 			}
@@ -379,10 +396,11 @@ CALLBACK(install, vici_message_t*,
 {
 	child_cfg_t *child_cfg = NULL;
 	peer_cfg_t *peer_cfg;
-	char *child;
+	char *child, *ike;
 	bool ok;
 
 	child = request->get_str(request, NULL, "child");
+	ike = request->get_str(request, NULL, "ike");
 	if (!child)
 	{
 		return send_reply(this, "missing configuration name");
@@ -390,7 +408,7 @@ CALLBACK(install, vici_message_t*,
 
 	DBG1(DBG_CFG, "vici install '%s'", child);
 
-	child_cfg = find_child_cfg(child, &peer_cfg);
+	child_cfg = find_child_cfg(child, ike, &peer_cfg);
 	if (!child_cfg)
 	{
 		return send_reply(this, "configuration name not found");