/** * Unload a pool by name */ static bool unload_pool(vici_conn_t *conn, char *name, command_format_options_t format) { vici_req_t *req; vici_res_t *res; bool ret = TRUE; req = vici_begin("unload-pool"); vici_add_key_valuef(req, "name", "%s", name); res = vici_submit(req, conn); if (!res) { fprintf(stderr, "unload-pool request failed: %s\n", strerror(errno)); return FALSE; } if (format & COMMAND_FORMAT_RAW) { vici_dump(res, "unload-pool reply", format & COMMAND_FORMAT_PRETTY, stdout); } else if (!streq(vici_find_str(res, "no", "success"), "yes")) { fprintf(stderr, "unloading pool '%s' failed: %s\n", name, vici_find_str(res, "", "errmsg")); ret = FALSE; } vici_free_res(res); return ret; }
/** * Load a single certificate over vici */ static bool load_cert(vici_conn_t *conn, bool raw, char *dir, char *type, chunk_t data) { vici_req_t *req; vici_res_t *res; bool ret = TRUE; req = vici_begin("load-cert"); vici_add_key_valuef(req, "type", "%s", type); vici_add_key_value(req, "data", data.ptr, data.len); res = vici_submit(req, conn); if (!res) { fprintf(stderr, "load-cert request failed: %s\n", strerror(errno)); return FALSE; } if (raw) { vici_dump(res, "load-cert reply", stdout); } else if (!streq(vici_find_str(res, "no", "success"), "yes")) { fprintf(stderr, "loading '%s' failed: %s\n", dir, vici_find_str(res, "", "errmsg")); ret = FALSE; } else { printf("loaded %s certificate '%s'\n", type, dir); } vici_free_res(res); return ret; }
/** * Load a single private key over vici */ static bool load_key(load_ctx_t *ctx, char *dir, char *type, chunk_t data) { vici_req_t *req; vici_res_t *res; bool ret = TRUE; char *id; req = vici_begin("load-key"); if (streq(type, "private") || streq(type, "pkcs8")) { /* as used by vici */ vici_add_key_valuef(req, "type", "any"); } else { vici_add_key_valuef(req, "type", "%s", type); } vici_add_key_value(req, "data", data.ptr, data.len); res = vici_submit(req, ctx->conn); if (!res) { fprintf(stderr, "load-key request failed: %s\n", strerror(errno)); return FALSE; } if (ctx->format & COMMAND_FORMAT_RAW) { vici_dump(res, "load-key reply", ctx->format & COMMAND_FORMAT_PRETTY, stdout); } else if (!streq(vici_find_str(res, "no", "success"), "yes")) { fprintf(stderr, "loading '%s' failed: %s\n", dir, vici_find_str(res, "", "errmsg")); ret = FALSE; } else { printf("loaded %s key from '%s'\n", type, dir); id = vici_find_str(res, "", "id"); free(ctx->keys->remove(ctx->keys, id)); } vici_free_res(res); return ret; }
/** * Load an authority configuration */ static bool load_authority(vici_conn_t *conn, settings_t *cfg, char *section, command_format_options_t format) { vici_req_t *req; vici_res_t *res; bool ret = TRUE; char buf[128]; snprintf(buf, sizeof(buf), "%s.%s", "authorities", section); req = vici_begin("load-authority"); vici_begin_section(req, section); if (!add_key_values(req, cfg, buf)) { vici_free_req(req); return FALSE; } vici_end_section(req); res = vici_submit(req, conn); if (!res) { fprintf(stderr, "load-authority request failed: %s\n", strerror(errno)); return FALSE; } if (format & COMMAND_FORMAT_RAW) { vici_dump(res, "load-authority reply", format & COMMAND_FORMAT_PRETTY, stdout); } else if (!streq(vici_find_str(res, "no", "success"), "yes")) { fprintf(stderr, "loading authority '%s' failed: %s\n", section, vici_find_str(res, "", "errmsg")); ret = FALSE; } else { printf("loaded authority '%s'\n", section); } vici_free_res(res); return ret; }
static int list_pools(vici_conn_t *conn) { vici_req_t *req; vici_res_t *res; bool raw = FALSE; char *arg; int ret = 0; while (TRUE) { switch (command_getopt(&arg)) { case 'h': return command_usage(NULL); case 'r': raw = TRUE; continue; case EOF: break; default: return command_usage("invalid --list-pools option"); } break; } req = vici_begin("get-pools"); res = vici_submit(req, conn); if (!res) { fprintf(stderr, "get-pools request failed: %s\n", strerror(errno)); return errno; } if (raw) { vici_dump(res, "get-pools reply", stdout); } else { ret = vici_parse_cb(res, list_pool, NULL, NULL, NULL); } vici_free_res(res); return ret; }
/** * Create a list of currently loaded pools */ static linked_list_t* list_pools(vici_conn_t *conn, command_format_options_t format) { linked_list_t *list; vici_res_t *res; list = linked_list_create(); res = vici_submit(vici_begin("get-pools"), conn); if (res) { if (format & COMMAND_FORMAT_RAW) { vici_dump(res, "get-pools reply", format & COMMAND_FORMAT_PRETTY, stdout); } vici_parse_cb(res, list_pool, NULL, NULL, list); vici_free_res(res); } return list; }
/** * Load a single certificate over vici */ static bool load_cert(load_ctx_t *ctx, char *dir, certificate_type_t type, x509_flag_t flag, chunk_t data) { vici_req_t *req; vici_res_t *res; bool ret = TRUE; req = vici_begin("load-cert"); vici_add_key_valuef(req, "type", "%N", certificate_type_names, type); if (type == CERT_X509) { vici_add_key_valuef(req, "flag", "%N", x509_flag_names, flag); } vici_add_key_value(req, "data", data.ptr, data.len); res = vici_submit(req, ctx->conn); if (!res) { fprintf(stderr, "load-cert request failed: %s\n", strerror(errno)); return FALSE; } if (ctx->format & COMMAND_FORMAT_RAW) { vici_dump(res, "load-cert reply", ctx->format & COMMAND_FORMAT_PRETTY, stdout); } else if (!streq(vici_find_str(res, "no", "success"), "yes")) { fprintf(stderr, "loading '%s' failed: %s\n", dir, vici_find_str(res, "", "errmsg")); ret = FALSE; } else { printf("loaded certificate from '%s'\n", dir); } vici_free_res(res); return ret; }
static int stats(vici_conn_t *conn) { vici_req_t *req; vici_res_t *res; char *arg; command_format_options_t format = COMMAND_FORMAT_NONE; while (TRUE) { switch (command_getopt(&arg)) { case 'h': return command_usage(NULL); case 'P': format |= COMMAND_FORMAT_PRETTY; /* fall through to raw */ case 'r': format |= COMMAND_FORMAT_RAW; continue; case EOF: break; default: return command_usage("invalid --stats option"); } break; } req = vici_begin("stats"); res = vici_submit(req, conn); if (!res) { fprintf(stderr, "stats request failed: %s\n", strerror(errno)); return errno; } if (format & COMMAND_FORMAT_RAW) { vici_dump(res, "stats reply", format & COMMAND_FORMAT_PRETTY, stdout); } else { printf("uptime: %s, since %s\n", vici_find_str(res, "", "uptime.running"), vici_find_str(res, "", "uptime.since")); printf("worker threads: %s total, %s idle, working: %s/%s/%s/%s\n", vici_find_str(res, "", "workers.total"), vici_find_str(res, "", "workers.idle"), vici_find_str(res, "", "workers.active.critical"), vici_find_str(res, "", "workers.active.high"), vici_find_str(res, "", "workers.active.medium"), vici_find_str(res, "", "workers.active.low")); printf("job queues: %s/%s/%s/%s\n", vici_find_str(res, "", "queues.critical"), vici_find_str(res, "", "queues.high"), vici_find_str(res, "", "queues.medium"), vici_find_str(res, "", "queues.low")); printf("jobs scheduled: %s\n", vici_find_str(res, "", "scheduled")); printf("IKE_SAs: %s total, %s half-open\n", vici_find_str(res, "", "ikesas.total"), vici_find_str(res, "", "ikesas.half-open")); if (vici_find_str(res, NULL, "mem.total")) { printf("memory usage: %s bytes, %s allocations\n", vici_find_str(res, "", "mem.total"), vici_find_str(res, "", "mem.allocs")); } if (vici_find_str(res, NULL, "mallinfo.sbrk")) { printf("mallinfo: sbrk %s, mmap %s, used %s, free %s\n", vici_find_str(res, "", "mallinfo.sbrk"), vici_find_str(res, "", "mallinfo.mmap"), vici_find_str(res, "", "mallinfo.used"), vici_find_str(res, "", "mallinfo.free")); } } vici_free_res(res); return 0; }
static int initiate(vici_conn_t *conn) { vici_req_t *req; vici_res_t *res; command_format_options_t format = COMMAND_FORMAT_NONE; char *arg, *child = NULL; int ret = 0, timeout = 0, level = 1; while (TRUE) { switch (command_getopt(&arg)) { case 'h': return command_usage(NULL); case 'P': format |= COMMAND_FORMAT_PRETTY; /* fall through to raw */ case 'r': format |= COMMAND_FORMAT_RAW; continue; case 'c': child = arg; continue; case 't': timeout = atoi(arg); continue; case 'l': level = atoi(arg); continue; case EOF: break; default: return command_usage("invalid --initiate option"); } break; } if (vici_register(conn, "control-log", log_cb, &format) != 0) { fprintf(stderr, "registering for log failed: %s\n", strerror(errno)); return errno; } req = vici_begin("initiate"); if (child) { vici_add_key_valuef(req, "child", "%s", child); } if (timeout) { vici_add_key_valuef(req, "timeout", "%d", timeout * 1000); } vici_add_key_valuef(req, "loglevel", "%d", level); res = vici_submit(req, conn); if (!res) { fprintf(stderr, "initiate request failed: %s\n", strerror(errno)); return errno; } if (format & COMMAND_FORMAT_RAW) { vici_dump(res, "initiate reply", format & COMMAND_FORMAT_PRETTY, stdout); } else { if (streq(vici_find_str(res, "no", "success"), "yes")) { printf("initiate completed successfully\n"); } else { fprintf(stderr, "initiate failed: %s\n", vici_find_str(res, "", "errmsg")); ret = 1; } } vici_free_res(res); return ret; }
static int manage_policy(vici_conn_t *conn, char *label) { vici_req_t *req; vici_res_t *res; command_format_options_t format = COMMAND_FORMAT_NONE; char *arg, *child = NULL, *ike = NULL; int ret = 0; while (TRUE) { switch (command_getopt(&arg)) { case 'h': return command_usage(NULL); case 'P': format |= COMMAND_FORMAT_RAW; /* fall through to raw */ case 'r': format |= COMMAND_FORMAT_PRETTY; continue; case 'c': child = arg; continue; case 'i': ike = arg; continue; case EOF: break; default: return command_usage("invalid --%s option", label); } break; } req = vici_begin(label); if (child) { vici_add_key_valuef(req, "child", "%s", child); } if (ike) { vici_add_key_valuef(req, "ike", "%s", ike); } res = vici_submit(req, conn); if (!res) { ret = errno; fprintf(stderr, "%s request failed: %s\n", label, strerror(errno)); return ret; } if (format & COMMAND_FORMAT_RAW) { puts(label); vici_dump(res, " reply", format & COMMAND_FORMAT_PRETTY, stdout); } else { if (streq(vici_find_str(res, "no", "success"), "yes")) { printf("%s completed successfully\n", label); } else { fprintf(stderr, "%s failed: %s\n", label, vici_find_str(res, "", "errmsg")); ret = 1; } } vici_free_res(res); return ret; }