diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/charon/plugins/stroke/stroke_list.c | 12 | ||||
-rw-r--r-- | src/charon/sa/child_sa.c | 18 | ||||
-rw-r--r-- | src/charon/sa/child_sa.h | 14 |
3 files changed, 37 insertions, 7 deletions
diff --git a/src/charon/plugins/stroke/stroke_list.c b/src/charon/plugins/stroke/stroke_list.c index 9ce89dc1c..962286ae4 100644 --- a/src/charon/plugins/stroke/stroke_list.c +++ b/src/charon/plugins/stroke/stroke_list.c @@ -135,19 +135,17 @@ static void log_child_sa(FILE *out, child_sa_t *child_sa, bool all) if (child_sa->get_state(child_sa) == CHILD_INSTALLED) { - u_int16_t my_cpi = child_sa->get_cpi(child_sa, TRUE); - u_int16_t other_cpi = child_sa->get_cpi(child_sa, FALSE); - - fprintf(out, ", %N SPIs: %.8x_i %.8x_o", + fprintf(out, ", %N%s SPIs: %.8x_i %.8x_o", protocol_id_names, child_sa->get_protocol(child_sa), + child_sa->has_encap(child_sa) ? " in UDP": "", ntohl(child_sa->get_spi(child_sa, TRUE)), ntohl(child_sa->get_spi(child_sa, FALSE))); - /* Is IPCOMP activated ? */ - if (my_cpi && other_cpi) + if (child_sa->get_ipcomp(child_sa) != IPCOMP_NONE) { fprintf(out, ", IPCOMP CPIs: %.4x_i %.4x_o", - ntohs(my_cpi), ntohs(other_cpi)); + ntohs(child_sa->get_cpi(child_sa, TRUE)), + ntohs(child_sa->get_cpi(child_sa, FALSE))); } if (all) diff --git a/src/charon/sa/child_sa.c b/src/charon/sa/child_sa.c index 03a028257..4bc2c2cd4 100644 --- a/src/charon/sa/child_sa.c +++ b/src/charon/sa/child_sa.c @@ -248,6 +248,22 @@ protocol_id_t get_protocol(private_child_sa_t *this) } /** + * Implementation of child_sa_t.has_encap + */ +static bool has_encap(private_child_sa_t *this) +{ + return this->encap; +} + +/** + * Implementation of child_sa_t.get_ipcomp + */ +static ipcomp_transform_t get_ipcomp(private_child_sa_t *this) +{ + return this->ipcomp; +} + +/** * Implements child_sa_t.get_state */ static child_sa_state_t get_state(private_child_sa_t *this) @@ -989,6 +1005,8 @@ child_sa_t * child_sa_create(host_t *me, host_t* other, this->public.get_cpi = (u_int16_t(*)(child_sa_t*, bool))get_cpi; this->public.get_protocol = (protocol_id_t(*)(child_sa_t*))get_protocol; this->public.get_mode = (ipsec_mode_t(*)(child_sa_t*))get_mode; + this->public.get_ipcomp = (ipcomp_transform_t(*)(child_sa_t*))get_ipcomp; + this->public.has_encap = (bool(*)(child_sa_t*))has_encap; this->public.get_encryption = (encryption_algorithm_t(*)(child_sa_t*, bool, chunk_t*))get_encryption; this->public.get_integrity = (integrity_algorithm_t(*)(child_sa_t*, bool, chunk_t*))get_integrity; this->public.get_lifetime = (u_int32_t(*)(child_sa_t*, bool))get_lifetime; diff --git a/src/charon/sa/child_sa.h b/src/charon/sa/child_sa.h index 3e9998649..d76e23af7 100644 --- a/src/charon/sa/child_sa.h +++ b/src/charon/sa/child_sa.h @@ -155,6 +155,20 @@ struct child_sa_t { ipsec_mode_t (*get_mode)(child_sa_t *this); /** + * Get the used IPComp algorithm. + * + * @return IPComp compression algorithm. + */ + ipcomp_transform_t (*get_ipcomp)(child_sa_t *this); + + /** + * Check if this CHILD_SA uses UDP encapsulation. + * + * @return TRUE if SA encapsulates ESP packets + */ + bool (*has_encap)(child_sa_t *this); + + /** * Get the IPsec encryption key. * * @param inbound TRUE for inbound, FALSE for outbound key |