if (child_sa->get_state(child_sa) == CHILD_INSTALLED)
{
- u_int16_t my_cpi = child_sa->get_cpi(child_sa, TRUE);
- u_int16_t other_cpi = child_sa->get_cpi(child_sa, FALSE);
-
- fprintf(out, ", %N SPIs: %.8x_i %.8x_o",
+ fprintf(out, ", %N%s SPIs: %.8x_i %.8x_o",
protocol_id_names, child_sa->get_protocol(child_sa),
+ child_sa->has_encap(child_sa) ? " in UDP": "",
ntohl(child_sa->get_spi(child_sa, TRUE)),
ntohl(child_sa->get_spi(child_sa, FALSE)));
- /* Is IPCOMP activated ? */
- if (my_cpi && other_cpi)
+ if (child_sa->get_ipcomp(child_sa) != IPCOMP_NONE)
{
fprintf(out, ", IPCOMP CPIs: %.4x_i %.4x_o",
- ntohs(my_cpi), ntohs(other_cpi));
+ ntohs(child_sa->get_cpi(child_sa, TRUE)),
+ ntohs(child_sa->get_cpi(child_sa, FALSE)));
}
if (all)
}
/**
+ * Implementation of child_sa_t.has_encap
+ */
+static bool has_encap(private_child_sa_t *this)
+{
+ return this->encap;
+}
+
+/**
+ * Implementation of child_sa_t.get_ipcomp
+ */
+static ipcomp_transform_t get_ipcomp(private_child_sa_t *this)
+{
+ return this->ipcomp;
+}
+
+/**
* Implements child_sa_t.get_state
*/
static child_sa_state_t get_state(private_child_sa_t *this)
this->public.get_cpi = (u_int16_t(*)(child_sa_t*, bool))get_cpi;
this->public.get_protocol = (protocol_id_t(*)(child_sa_t*))get_protocol;
this->public.get_mode = (ipsec_mode_t(*)(child_sa_t*))get_mode;
+ this->public.get_ipcomp = (ipcomp_transform_t(*)(child_sa_t*))get_ipcomp;
+ this->public.has_encap = (bool(*)(child_sa_t*))has_encap;
this->public.get_encryption = (encryption_algorithm_t(*)(child_sa_t*, bool, chunk_t*))get_encryption;
this->public.get_integrity = (integrity_algorithm_t(*)(child_sa_t*, bool, chunk_t*))get_integrity;
this->public.get_lifetime = (u_int32_t(*)(child_sa_t*, bool))get_lifetime;
ipsec_mode_t (*get_mode)(child_sa_t *this);
/**
+ * Get the used IPComp algorithm.
+ *
+ * @return IPComp compression algorithm.
+ */
+ ipcomp_transform_t (*get_ipcomp)(child_sa_t *this);
+
+ /**
+ * Check if this CHILD_SA uses UDP encapsulation.
+ *
+ * @return TRUE if SA encapsulates ESP packets
+ */
+ bool (*has_encap)(child_sa_t *this);
+
+ /**
* Get the IPsec encryption key.
*
* @param inbound TRUE for inbound, FALSE for outbound key