3 files changed, 37 insertions, 7 deletions

diff --git a/src/charon/plugins/stroke/stroke_list.c b/src/charon/plugins/stroke/stroke_list.c
index 9ce89dc1c..962286ae4 100644
--- a/src/charon/plugins/stroke/stroke_list.c
+++ b/src/charon/plugins/stroke/stroke_list.c
@@ -135,19 +135,17 @@ static void log_child_sa(FILE *out, child_sa_t *child_sa, bool all)
 	
 	if (child_sa->get_state(child_sa) == CHILD_INSTALLED)
 	{
-		u_int16_t my_cpi    = child_sa->get_cpi(child_sa, TRUE);
-		u_int16_t other_cpi = child_sa->get_cpi(child_sa, FALSE);		
-
-		fprintf(out, ", %N SPIs: %.8x_i %.8x_o",
+		fprintf(out, ", %N%s SPIs: %.8x_i %.8x_o",
 				protocol_id_names, child_sa->get_protocol(child_sa),
+				child_sa->has_encap(child_sa) ? " in UDP": "",
 				ntohl(child_sa->get_spi(child_sa, TRUE)),
 				ntohl(child_sa->get_spi(child_sa, FALSE)));
 
-		/* Is IPCOMP activated ? */
-		if (my_cpi && other_cpi)
+		if (child_sa->get_ipcomp(child_sa) != IPCOMP_NONE)
 		{
 			fprintf(out, ", IPCOMP CPIs: %.4x_i %.4x_o",
-					ntohs(my_cpi), ntohs(other_cpi));
+					ntohs(child_sa->get_cpi(child_sa, TRUE)),
+					ntohs(child_sa->get_cpi(child_sa, FALSE)));
 		}
 
 		if (all)
diff --git a/src/charon/sa/child_sa.c b/src/charon/sa/child_sa.c
index 03a028257..4bc2c2cd4 100644
--- a/src/charon/sa/child_sa.c
+++ b/src/charon/sa/child_sa.c
@@ -248,6 +248,22 @@ protocol_id_t get_protocol(private_child_sa_t *this)
 }
 
 /**
+ * Implementation of child_sa_t.has_encap
+ */
+static bool has_encap(private_child_sa_t *this)
+{
+	return this->encap;
+}
+
+/**
+ * Implementation of child_sa_t.get_ipcomp
+ */
+static ipcomp_transform_t get_ipcomp(private_child_sa_t *this)
+{
+	return this->ipcomp;
+}
+
+/**
  * Implements child_sa_t.get_state
  */
 static child_sa_state_t get_state(private_child_sa_t *this)
@@ -989,6 +1005,8 @@ child_sa_t * child_sa_create(host_t *me, host_t* other,
 	this->public.get_cpi = (u_int16_t(*)(child_sa_t*, bool))get_cpi;
 	this->public.get_protocol = (protocol_id_t(*)(child_sa_t*))get_protocol;
 	this->public.get_mode = (ipsec_mode_t(*)(child_sa_t*))get_mode;
+	this->public.get_ipcomp = (ipcomp_transform_t(*)(child_sa_t*))get_ipcomp;
+	this->public.has_encap = (bool(*)(child_sa_t*))has_encap;
 	this->public.get_encryption = (encryption_algorithm_t(*)(child_sa_t*, bool, chunk_t*))get_encryption;
 	this->public.get_integrity = (integrity_algorithm_t(*)(child_sa_t*, bool, chunk_t*))get_integrity;
 	this->public.get_lifetime = (u_int32_t(*)(child_sa_t*, bool))get_lifetime;
diff --git a/src/charon/sa/child_sa.h b/src/charon/sa/child_sa.h
index 3e9998649..d76e23af7 100644
--- a/src/charon/sa/child_sa.h
+++ b/src/charon/sa/child_sa.h
@@ -155,6 +155,20 @@ struct child_sa_t {
 	ipsec_mode_t (*get_mode)(child_sa_t *this);
 	
 	/**
+	 * Get the used IPComp algorithm.
+	 *
+	 * @return			IPComp compression algorithm.
+	 */
+	ipcomp_transform_t (*get_ipcomp)(child_sa_t *this);
+	
+	/**
+	 * Check if this CHILD_SA uses UDP encapsulation.
+	 *
+	 * @return			TRUE if SA encapsulates ESP packets
+	 */
+	bool (*has_encap)(child_sa_t *this);
+	
+	/**
 	 * Get the IPsec encryption key.
 	 *
 	 * @param inbound	TRUE for inbound, FALSE for outbound key