Imported Upstream version 4.5.1

1 files changed, 25 insertions, 0 deletions

diff --git a/src/stroke/stroke.c b/src/stroke/stroke.c
index 103617f08..a88fa10d7 100644
--- a/src/stroke/stroke.c
+++ b/src/stroke/stroke.c
@@ -197,6 +197,16 @@ static int terminate_connection_srcip(char *start, char *end)
 	return send_stroke_msg(&msg);
 }
 
+static int rekey_connection(char *name)
+{
+	stroke_msg_t msg;
+
+	msg.type = STR_REKEY;
+	msg.length = offsetof(stroke_msg_t, buffer);
+	msg.rekey.name = push_string(&msg, name);
+	return send_stroke_msg(&msg);
+}
+
 static int route_connection(char *name)
 {
 	stroke_msg_t msg;
@@ -276,6 +286,8 @@ static int reread(stroke_keyword_t kw)
 static int purge_flags[] = {
 	PURGE_OCSP,
 	PURGE_IKE,
+	PURGE_CRLS,
+	PURGE_CERTS,
 };
 
 static int purge(stroke_keyword_t kw)
@@ -373,6 +385,10 @@ static void exit_usage(char *error)
 	printf("    stroke rereadsecrets|rereadcrls|rereadall\n");
 	printf("  Purge ocsp cache entries:\n");
 	printf("    stroke purgeocsp\n");
+	printf("  Purge CRL cache entries:\n");
+	printf("    stroke purgecrls\n");
+	printf("  Purge X509 cache entries:\n");
+	printf("    stroke purgecerts\n");
 	printf("  Purge IKE_SAs without a CHILD_SA:\n");
 	printf("    stroke purgeike\n");
 	printf("  Export credentials to the console:\n");
@@ -443,6 +459,13 @@ int main(int argc, char *argv[])
 			}
 			res = terminate_connection_srcip(argv[2], argc > 3 ? argv[3] : NULL);
 			break;
+		case STROKE_REKEY:
+			if (argc < 3)
+			{
+				exit_usage("\"rekey\" needs a connection name");
+			}
+			res = rekey_connection(argv[2]);
+			break;
 		case STROKE_ROUTE:
 			if (argc < 3)
 			{
@@ -491,6 +514,8 @@ int main(int argc, char *argv[])
 			res = reread(token->kw);
 			break;
 		case STROKE_PURGE_OCSP:
+		case STROKE_PURGE_CRLS:
+		case STROKE_PURGE_CERTS:
 		case STROKE_PURGE_IKE:
 			res = purge(token->kw);
 			break;