{
child = <CHILD_SA configuration name to install>
- ike = <optional IKE_SA configuraiton name to find child under>
+ ike = <optional IKE_SA configuration name to find child under>
} => {
success = <yes or no>
errmsg = <error string on failure>
{
child = <CHILD_SA configuration name to install>
+ ike = <optional IKE_SA configuration name to find child under,
+ if not given the first policy matching child is removed>
} => {
success = <yes or no>
errmsg = <error string on failure>
{
case MODE_PASS:
case MODE_DROP:
- charon->shunts->install(charon->shunts, NULL, child_cfg);
+ charon->shunts->install(charon->shunts,
+ peer_cfg->get_name(peer_cfg), child_cfg);
break;
default:
charon->traps->install(charon->traps, peer_cfg, child_cfg,
{
enumerator_t *enumerator, *children;
child_sa_t *child_sa;
+ peer_cfg_t *peer_cfg;
ike_sa_t *ike_sa;
uint32_t id = 0, others;
array_t *ids = NULL, *ikeids = NULL;
{
case MODE_PASS:
case MODE_DROP:
- charon->shunts->uninstall(charon->shunts, NULL, name);
+ charon->shunts->uninstall(charon->shunts, peer_name, name);
break;
default:
enumerator = charon->traps->create_enumerator(charon->traps);
- while (enumerator->enumerate(enumerator, NULL, &child_sa))
+ while (enumerator->enumerate(enumerator, &peer_cfg,
+ &child_sa))
{
- if (streq(name, child_sa->get_name(child_sa)))
+ if (streq(peer_name, peer_cfg->get_name(peer_cfg)) &&
+ streq(name, child_sa->get_name(child_sa)))
{
id = child_sa->get_reqid(child_sa);
break;
{
case MODE_PASS:
case MODE_DROP:
- ok = charon->shunts->install(charon->shunts, NULL, child_cfg);
+ ok = charon->shunts->install(charon->shunts,
+ peer_cfg->get_name(peer_cfg), child_cfg);
break;
default:
ok = charon->traps->install(charon->traps, peer_cfg, child_cfg,
CALLBACK(uninstall, vici_message_t*,
private_vici_control_t *this, char *name, u_int id, vici_message_t *request)
{
+ peer_cfg_t *peer_cfg;
+ child_cfg_t *child_cfg;
child_sa_t *child_sa;
enumerator_t *enumerator;
uint32_t reqid = 0;
- char *child;
+ char *child, *ike, *ns;
child = request->get_str(request, NULL, "child");
+ ike = request->get_str(request, NULL, "ike");
if (!child)
{
return send_reply(this, "missing configuration name");
DBG1(DBG_CFG, "vici uninstall '%s'", child);
- if (charon->shunts->uninstall(charon->shunts, NULL, child))
+ if (!ike)
+ {
+ enumerator = charon->shunts->create_enumerator(charon->shunts);
+ while (enumerator->enumerate(enumerator, &ns, &child_cfg))
+ {
+ if (ns && streq(child, child_cfg->get_name(child_cfg)))
+ {
+ ike = strdup(ns);
+ break;
+ }
+ }
+ enumerator->destroy(enumerator);
+ if (ike && charon->shunts->uninstall(charon->shunts, ike, child))
+ {
+ free(ike);
+ return send_reply(this, NULL);
+ }
+ free(ike);
+ }
+ else if (charon->shunts->uninstall(charon->shunts, ike, child))
{
return send_reply(this, NULL);
}
enumerator = charon->traps->create_enumerator(charon->traps);
- while (enumerator->enumerate(enumerator, NULL, &child_sa))
+ while (enumerator->enumerate(enumerator, &peer_cfg, &child_sa))
{
- if (streq(child, child_sa->get_name(child_sa)))
+ if ((!ike || streq(ike, peer_cfg->get_name(peer_cfg))) &&
+ streq(child, child_sa->get_name(child_sa)))
{
reqid = child_sa->get_reqid(child_sa);
break;
projects / strongswan.git / commitdiff