![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to rekey.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / swanctl / commands|
Return to rekey.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / swanctl / commands |
1.1 misho 1: /*
2: * Copyright (C) 2017-2018 Tobias Brunner
3: * HSR Hochschule fuer Technik Rapperswil
4: *
5: * This program is free software; you can redistribute it and/or modify it
6: * under the terms of the GNU General Public License as published by the
7: * Free Software Foundation; either version 2 of the License, or (at your
8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9: *
10: * This program is distributed in the hope that it will be useful, but
11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13: * for more details.
14: */
15:
16: #include "command.h"
17:
18: #include <errno.h>
19:
20: static int rekey(vici_conn_t *conn)
21: {
22: vici_req_t *req;
23: vici_res_t *res;
24: command_format_options_t format = COMMAND_FORMAT_NONE;
25: char *arg, *child = NULL, *ike = NULL;
26: int ret = 0, child_id = 0, ike_id = 0;
27: bool reauth = FALSE;
28:
29: while (TRUE)
30: {
31: switch (command_getopt(&arg))
32: {
33: case 'h':
34: return command_usage(NULL);
35: case 'P':
36: format |= COMMAND_FORMAT_PRETTY;
37: /* fall through to raw */
38: case 'r':
39: format |= COMMAND_FORMAT_RAW;
40: continue;
41: case 'c':
42: child = arg;
43: continue;
44: case 'i':
45: ike = arg;
46: continue;
47: case 'C':
48: child_id = atoi(arg);
49: continue;
50: case 'I':
51: ike_id = atoi(arg);
52: continue;
53: case 'a':
54: reauth = TRUE;
55: continue;
56: case EOF:
57: break;
58: default:
59: return command_usage("invalid --rekey option");
60: }
61: break;
62: }
63:
64: req = vici_begin("rekey");
65: if (child)
66: {
67: vici_add_key_valuef(req, "child", "%s", child);
68: }
69: if (ike)
70: {
71: vici_add_key_valuef(req, "ike", "%s", ike);
72: }
73: if (child_id)
74: {
75: vici_add_key_valuef(req, "child-id", "%d", child_id);
76: }
77: if (ike_id)
78: {
79: vici_add_key_valuef(req, "ike-id", "%d", ike_id);
80: }
81: if (reauth)
82: {
83: vici_add_key_valuef(req, "reauth", "yes");
84: }
85: res = vici_submit(req, conn);
86: if (!res)
87: {
88: ret = errno;
89: fprintf(stderr, "rekey request failed: %s\n", strerror(errno));
90: return ret;
91: }
92: if (format & COMMAND_FORMAT_RAW)
93: {
94: vici_dump(res, "rekey reply", format & COMMAND_FORMAT_PRETTY,
95: stdout);
96: }
97: else
98: {
99: if (streq(vici_find_str(res, "no", "success"), "yes"))
100: {
101: printf("rekey completed successfully\n");
102: }
103: else
104: {
105: fprintf(stderr, "rekey failed: %s\n",
106: vici_find_str(res, "", "errmsg"));
107: ret = 1;
108: }
109: }
110: vici_free_res(res);
111: return ret;
112: }
113:
114: /**
115: * Register the command.
116: */
117: static void __attribute__ ((constructor))reg()
118: {
119: command_register((command_t) {
120: rekey, 'R', "rekey", "rekey an SA",
121: {"--child <name> | --ike <name> | --child-id <id> | --ike-id <id>",
122: "[--reauth] [--raw|--pretty]"},
123: {
124: {"help", 'h', 0, "show usage information"},
125: {"child", 'c', 1, "rekey by CHILD_SA name"},
126: {"ike", 'i', 1, "rekey by IKE_SA name"},
127: {"child-id", 'C', 1, "rekey by CHILD_SA unique identifier"},
128: {"ike-id", 'I', 1, "rekey by IKE_SA unique identifier"},
129: {"reauth", 'a', 0, "reauthenticate instead of rekey an IKEv2 SA"},
130: {"raw", 'r', 0, "dump raw response message"},
131: {"pretty", 'P', 0, "dump raw response message in pretty print"},
132: }
133: });
134: }