diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-06-04 20:12:02 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-06-04 20:21:27 +0200 |
commit | a07d4ebdf05a357e2d5ebd711efadb24746bc068 (patch) | |
tree | f8624b78d4fe16f3396265390fd162a8d8b764ad /packages/strongswan/patches/1003-vici-add-support-for-individual-sa-state-changes.patch | |
parent | f007e183af7c402d334ceb9b553f48af0cbe3cfc (diff) | |
download | vyos-build-a07d4ebdf05a357e2d5ebd711efadb24746bc068.tar.gz vyos-build-a07d4ebdf05a357e2d5ebd711efadb24746bc068.zip |
strongSwan: T1888: import DMVPN patches from Alpine Linux
Patches imported from commit 7921a30493eb1 of the following repo:
https://gitlab.alpinelinux.org/alpine/aports/-/commits/master/main/strongswan
Diffstat (limited to 'packages/strongswan/patches/1003-vici-add-support-for-individual-sa-state-changes.patch')
-rw-r--r-- | packages/strongswan/patches/1003-vici-add-support-for-individual-sa-state-changes.patch | 158 |
1 files changed, 158 insertions, 0 deletions
diff --git a/packages/strongswan/patches/1003-vici-add-support-for-individual-sa-state-changes.patch b/packages/strongswan/patches/1003-vici-add-support-for-individual-sa-state-changes.patch new file mode 100644 index 00000000..debbfc9a --- /dev/null +++ b/packages/strongswan/patches/1003-vici-add-support-for-individual-sa-state-changes.patch @@ -0,0 +1,158 @@ +From 85538df79427beec3556505f2f74eb2f328171df Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi> +Date: Mon, 21 Sep 2015 13:42:11 +0300 +Subject: [PATCH 4/4] vici: add support for individual sa state changes +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Useful for monitoring and tracking full SA. + +Signed-off-by: Timo Teräs <timo.teras@iki.fi> +--- + src/libcharon/plugins/vici/vici_query.c | 105 ++++++++++++++++++++++++ + 1 file changed, 105 insertions(+) + +diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c +index 2ca885e8b..29f77c769 100644 +--- a/src/libcharon/plugins/vici/vici_query.c ++++ b/src/libcharon/plugins/vici/vici_query.c +@@ -1673,8 +1673,16 @@ static void manage_commands(private_vici_query_t *this, bool reg) + this->dispatcher->manage_event(this->dispatcher, "list-cert", reg); + this->dispatcher->manage_event(this->dispatcher, "ike-updown", reg); + this->dispatcher->manage_event(this->dispatcher, "ike-rekey", reg); ++ this->dispatcher->manage_event(this->dispatcher, "ike-state-established", reg); ++ this->dispatcher->manage_event(this->dispatcher, "ike-state-destroying", reg); + this->dispatcher->manage_event(this->dispatcher, "child-updown", reg); + this->dispatcher->manage_event(this->dispatcher, "child-rekey", reg); ++ this->dispatcher->manage_event(this->dispatcher, "child-state-installing", reg); ++ this->dispatcher->manage_event(this->dispatcher, "child-state-installed", reg); ++ this->dispatcher->manage_event(this->dispatcher, "child-state-updating", reg); ++ this->dispatcher->manage_event(this->dispatcher, "child-state-rekeying", reg); ++ this->dispatcher->manage_event(this->dispatcher, "child-state-rekeyed", reg); ++ this->dispatcher->manage_event(this->dispatcher, "child-state-destroying", reg); + manage_command(this, "list-sas", list_sas, reg); + manage_command(this, "list-policies", list_policies, reg); + manage_command(this, "list-conns", list_conns, reg); +@@ -1745,6 +1753,45 @@ METHOD(listener_t, ike_rekey, bool, + return TRUE; + } + ++METHOD(listener_t, ike_state_change, bool, ++ private_vici_query_t *this, ike_sa_t *ike_sa, ike_sa_state_t state) ++{ ++ char *event; ++ vici_builder_t *b; ++ time_t now; ++ ++ switch (state) ++ { ++ case IKE_ESTABLISHED: ++ event = "ike-state-established"; ++ break; ++ case IKE_DESTROYING: ++ event = "ike-state-destroying"; ++ break; ++ default: ++ return TRUE; ++ } ++ ++ if (!this->dispatcher->has_event_listeners(this->dispatcher, event)) ++ { ++ return TRUE; ++ } ++ ++ now = time_monotonic(NULL); ++ ++ b = vici_builder_create(); ++ b->begin_section(b, ike_sa->get_name(ike_sa)); ++ list_ike(this, b, ike_sa, now, state != IKE_DESTROYING); ++ b->begin_section(b, "child-sas"); ++ b->end_section(b); ++ b->end_section(b); ++ ++ this->dispatcher->raise_event(this->dispatcher, ++ event, 0, b->finalize(b)); ++ ++ return TRUE; ++} ++ + METHOD(listener_t, child_updown, bool, + private_vici_query_t *this, ike_sa_t *ike_sa, child_sa_t *child_sa, bool up) + { +@@ -1820,6 +1867,62 @@ METHOD(listener_t, child_rekey, bool, + return TRUE; + } + ++METHOD(listener_t, child_state_change, bool, ++ private_vici_query_t *this, ike_sa_t *ike_sa, child_sa_t *child_sa, child_sa_state_t state) ++{ ++ char *event; ++ vici_builder_t *b; ++ time_t now; ++ ++ switch (state) ++ { ++ case CHILD_INSTALLING: ++ event = "child-state-installing"; ++ break; ++ case CHILD_INSTALLED: ++ event = "child-state-installed"; ++ break; ++ case CHILD_UPDATING: ++ event = "child-state-updating"; ++ break; ++ case CHILD_REKEYING: ++ event = "child-state-rekeying"; ++ break; ++ case CHILD_REKEYED: ++ event = "child-state-rekeyed"; ++ break; ++ case CHILD_DESTROYING: ++ event = "child-state-destroying"; ++ break; ++ default: ++ return TRUE; ++ } ++ ++ if (!this->dispatcher->has_event_listeners(this->dispatcher, event)) ++ { ++ return TRUE; ++ } ++ ++ now = time_monotonic(NULL); ++ ++ b = vici_builder_create(); ++ b->begin_section(b, ike_sa->get_name(ike_sa)); ++ list_ike(this, b, ike_sa, now, state != CHILD_DESTROYING); ++ b->begin_section(b, "child-sas"); ++ ++ b->begin_section(b, child_sa->get_name(child_sa)); ++ list_child(this, b, child_sa, now); ++ b->end_section(b); ++ ++ b->end_section(b); ++ b->end_section(b); ++ ++ this->dispatcher->raise_event(this->dispatcher, ++ event, 0, b->finalize(b)); ++ ++ return TRUE; ++} ++ + METHOD(vici_query_t, destroy, void, + private_vici_query_t *this) + { +@@ -1839,8 +1942,10 @@ vici_query_t *vici_query_create(vici_dispatcher_t *dispatcher) + .listener = { + .ike_updown = _ike_updown, + .ike_rekey = _ike_rekey, ++ .ike_state_change = _ike_state_change, + .child_updown = _child_updown, + .child_rekey = _child_rekey, ++ .child_state_change = _child_state_change, + }, + .destroy = _destroy, + }, +-- +2.24.0 |