vici: Use unique names for CHILD_SAs in the list-sas command

The original name is returned in the new "name" attribute.

This fixes an issue with bindings that map VICI messages to
dictionaries.  For instance, in roadwarrior scenarios where every
CHILD_SA has the same name only the information of the last CHILD_SA
would end up in the dictionary for that name.

diff --git a/src/libcharon/plugins/vici/README.md b/src/libcharon/plugins/vici/README.md
index 556d05e..0a06e5d 100644 (file)
--- a/src/libcharon/plugins/vici/README.md
+++ b/src/libcharon/plugins/vici/README.md
@@ -746,7 +746,8 @@ command.
                                <list of tasks currently handling passively>
                        ]
                        child-sas = {
-                               <child-sa-name>* = {
+                               <unique child-sa-name>* = {
+                                       name = <name of the CHILD_SA>
                                        uniqueid = <unique CHILD_SA identifier>
                                        reqid = <reqid of CHILD_SA>
                                        state = <state string of CHILD_SA>

diff --git a/src/libcharon/plugins/vici/vici_query.c b/src/libcharon/plugins/vici/vici_query.c
index ba2318a..c60b889 100644 (file)
--- a/src/libcharon/plugins/vici/vici_query.c
+++ b/src/libcharon/plugins/vici/vici_query.c
@@ -128,6 +128,7 @@ static void list_child(private_vici_query_t *this, vici_builder_t *b,
        enumerator_t *enumerator;
        traffic_selector_t *ts;
 
+       b->add_kv(b, "name", "%s", child->get_name(child));
        b->add_kv(b, "uniqueid", "%u", child->get_unique_id(child));
        b->add_kv(b, "reqid", "%u", child->get_reqid(child));
        b->add_kv(b, "state", "%N", child_sa_state_names, child->get_state(child));
@@ -420,6 +421,7 @@ CALLBACK(list_sas, vici_message_t*,
        char *ike;
        u_int ike_id;
        bool bl;
+       char buf[BUF_LEN];
 
        bl = request->get_str(request, NULL, "noblock") == NULL;
        ike = request->get_str(request, NULL, "ike");
@@ -448,7 +450,9 @@ CALLBACK(list_sas, vici_message_t*,
                csas = ike_sa->create_child_sa_enumerator(ike_sa);
                while (csas->enumerate(csas, &child_sa))
                {
-                       b->begin_section(b, child_sa->get_name(child_sa));
+                       snprintf(buf, sizeof(buf), "%s-%u", child_sa->get_name(child_sa),
+                                        child_sa->get_unique_id(child_sa));
+                       b->begin_section(b, buf);
                        list_child(this, b, child_sa, now);
                        b->end_section(b);
                }

diff --git a/src/swanctl/commands/list_sas.c b/src/swanctl/commands/list_sas.c
index 4257c83..28602fc 100644 (file)
--- a/src/swanctl/commands/list_sas.c
+++ b/src/swanctl/commands/list_sas.c
@@ -112,8 +112,9 @@ CALLBACK(child_sas, int,
        if (ret == 0)
        {
                printf("  %s: #%s, reqid %s, %s, %s%s, %s:",
-                       name, child->get(child, "uniqueid"), child->get(child, "reqid"),
-                       child->get(child, "state"), child->get(child, "mode"),
+                       child->get(child, "name"), child->get(child, "uniqueid"),
+                       child->get(child, "reqid"), child->get(child, "state"),
+                       child->get(child, "mode"),
                        child->get(child, "encap") ? "-in-UDP" : "",
                        child->get(child, "protocol"));