projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
swanctl: Be more verbose while loading connections and credentials
[strongswan.git] / src / swanctl / commands / terminate.c
1 /*
2 * Copyright (C) 2014 Martin Willi
3 * Copyright (C) 2014 revosec AG
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "command.h"
17
18 #include <errno.h>
19
20
21 CALLBACK(log_cb, void,
22 bool *raw, char *name, vici_res_t *msg)
23 {
24 if (*raw)
25 {
26 vici_dump(msg, "log", stdout);
27 }
28 else
29 {
30 printf("[%s] %s\n",
31 vici_find_str(msg, " ", "group"),
32 vici_find_str(msg, "", "msg"));
33 }
34 }
35
36 static int terminate(vici_conn_t *conn)
37 {
38 vici_req_t *req;
39 vici_res_t *res;
40 bool raw = FALSE;
41 char *arg, *child = NULL, *ike = NULL;
42 int ret = 0, timeout = 0, level = 1, child_id = 0, ike_id = 0;
43
44 while (TRUE)
45 {
46 switch (command_getopt(&arg))
47 {
48 case 'h':
49 return command_usage(NULL);
50 case 'r':
51 raw = TRUE;
52 continue;
53 case 'c':
54 child = arg;
55 continue;
56 case 'i':
57 ike = arg;
58 continue;
59 case 'C':
60 child_id = atoi(arg);
61 continue;
62 case 'I':
63 ike_id = atoi(arg);
64 continue;
65 case 't':
66 timeout = atoi(arg);
67 continue;
68 case 'l':
69 level = atoi(arg);
70 continue;
71 case EOF:
72 break;
73 default:
74 return command_usage("invalid --terminate option");
75 }
76 break;
77 }
78
79 if (vici_register(conn, "control-log", log_cb, &raw) != 0)
80 {
81 fprintf(stderr, "registering for log failed: %s\n", strerror(errno));
82 return errno;
83 }
84 req = vici_begin("terminate");
85 if (child)
86 {
87 vici_add_key_valuef(req, "child", "%s", child);
88 }
89 if (ike)
90 {
91 vici_add_key_valuef(req, "ike", "%s", ike);
92 }
93 if (child_id)
94 {
95 vici_add_key_valuef(req, "child-id", "%d", child_id);
96 }
97 if (ike_id)
98 {
99 vici_add_key_valuef(req, "ike-id", "%d", ike_id);
100 }
101 if (timeout)
102 {
103 vici_add_key_valuef(req, "timeout", "%d", timeout * 1000);
104 }
105 vici_add_key_valuef(req, "loglevel", "%d", level);
106 res = vici_submit(req, conn);
107 if (!res)
108 {
109 fprintf(stderr, "terminate request failed: %s\n", strerror(errno));
110 return errno;
111 }
112 if (raw)
113 {
114 vici_dump(res, "terminate reply", stdout);
115 }
116 else
117 {
118 if (streq(vici_find_str(res, "no", "success"), "yes"))
119 {
120 printf("terminate completed successfully\n");
121 }
122 else
123 {
124 fprintf(stderr, "terminate failed: %s\n",
125 vici_find_str(res, "", "errmsg"));
126 ret = 1;
127 }
128 }
129 vici_free_res(res);
130 return ret;
131 }
132
133 /**
134 * Register the command.
135 */
136 static void __attribute__ ((constructor))reg()
137 {
138 command_register((command_t) {
139 terminate, 't', "terminate", "terminate a connection",
140 {"--child <name> | --ike <name | --child-id <id> | --ike-id <id>",
141 "[--timeout <s>] [--raw]"},
142 {
143 {"help", 'h', 0, "show usage information"},
144 {"child", 'c', 1, "terminate by CHILD_SA name"},
145 {"ike", 'i', 1, "terminate by IKE_SA name"},
146 {"child-id", 'C', 1, "terminate by CHILD_SA reqid"},
147 {"ike-id", 'I', 1, "terminate by IKE_SA unique identifier"},
148 {"timeout", 't', 1, "timeout in seconds before detaching"},
149 {"raw", 'r', 0, "dump raw response message"},
150 {"loglevel", 'l', 1, "verbosity of redirected log"},
151 }
152 });
153 }
strongSwan - IPsec VPN