vici 5.5.0 → 5.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/vici.rb +245 -183
- metadata +7 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: f706f4e7acb760cf181ad3454c9cb18e588099cfc6fe167ae7e360aed632385b
|
4
|
+
data.tar.gz: 857e86dd19e2249e92fdcd425eedfe8673cd12b18d8726a43a9da9e41c957490
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 80e29dd51f68803c33a33d90084d7e84e63cc9bde36a9243769cb969b8fce094e9b2227f8c295e44225babd4806e3671b1350a858bcca6d7241732b61720866a
|
7
|
+
data.tar.gz: 4f214f90b0aac721588c4a77fcbda59366cb04cb5cbd0d6c85712c56988be77ef52fd26a31d1698ec8493d58efde2c32870ada8b35e949dc6e09329639e880b5
|
data/lib/vici.rb
CHANGED
@@ -3,6 +3,9 @@
|
|
3
3
|
# strongSwan VICI protocol. The Connection class provides a high-level
|
4
4
|
# interface to issue requests or listen for events.
|
5
5
|
#
|
6
|
+
# Copyright (C) 2019 Tobias Brunner
|
7
|
+
# HSR Hochschule fuer Technik Rapperswil
|
8
|
+
#
|
6
9
|
# Copyright (C) 2014 Martin Willi
|
7
10
|
# Copyright (C) 2014 revosec AG
|
8
11
|
#
|
@@ -25,7 +28,6 @@
|
|
25
28
|
# THE SOFTWARE.
|
26
29
|
|
27
30
|
module Vici
|
28
|
-
|
29
31
|
##
|
30
32
|
# Vici specific exception all others inherit from
|
31
33
|
class Error < StandardError
|
@@ -76,12 +78,10 @@ module Vici
|
|
76
78
|
class StopEventListening < Exception
|
77
79
|
end
|
78
80
|
|
79
|
-
|
80
81
|
##
|
81
82
|
# The Message class provides the low level encoding and decoding of vici
|
82
83
|
# protocol messages. Directly using this class is usually not required.
|
83
84
|
class Message
|
84
|
-
|
85
85
|
SECTION_START = 1
|
86
86
|
SECTION_END = 2
|
87
87
|
KEY_VALUE = 3
|
@@ -90,8 +90,8 @@ module Vici
|
|
90
90
|
LIST_END = 6
|
91
91
|
|
92
92
|
def initialize(data = "")
|
93
|
-
if data
|
94
|
-
@root =
|
93
|
+
if data.nil?
|
94
|
+
@root = {}
|
95
95
|
elsif data.is_a?(Hash)
|
96
96
|
@root = data
|
97
97
|
else
|
@@ -102,18 +102,14 @@ module Vici
|
|
102
102
|
##
|
103
103
|
# Get the raw byte encoding of an on-the-wire message
|
104
104
|
def encoding
|
105
|
-
if @encoded
|
106
|
-
@encoded = encode(@root)
|
107
|
-
end
|
105
|
+
@encoded = encode(@root) if @encoded.nil?
|
108
106
|
@encoded
|
109
107
|
end
|
110
108
|
|
111
109
|
##
|
112
110
|
# Get the root element of the parsed ruby data structures
|
113
111
|
def root
|
114
|
-
if @root
|
115
|
-
@root = parse(@encoded)
|
116
|
-
end
|
112
|
+
@root = parse(@encoded) if @root.nil?
|
117
113
|
@root
|
118
114
|
end
|
119
115
|
|
@@ -124,9 +120,7 @@ module Vici
|
|
124
120
|
end
|
125
121
|
|
126
122
|
def encode_value(value)
|
127
|
-
if value.class != String
|
128
|
-
value = value.to_s
|
129
|
-
end
|
123
|
+
value = value.to_s if value.class != String
|
130
124
|
[value.length].pack("n") << value
|
131
125
|
end
|
132
126
|
|
@@ -150,18 +144,13 @@ module Vici
|
|
150
144
|
def encode(node)
|
151
145
|
encoding = ""
|
152
146
|
node.each do |key, value|
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
encoding = encode_list(encoding, key, value)
|
161
|
-
else
|
162
|
-
encoding = encode_kv(encoding, key, value)
|
163
|
-
end
|
164
|
-
end
|
147
|
+
encoding = if value.is_a?(Hash)
|
148
|
+
encode_section(encoding, key, value)
|
149
|
+
elsif value.is_a?(Array)
|
150
|
+
encode_list(encoding, key, value)
|
151
|
+
else
|
152
|
+
encode_kv(encoding, key, value)
|
153
|
+
end
|
165
154
|
end
|
166
155
|
encoding
|
167
156
|
end
|
@@ -169,63 +158,57 @@ module Vici
|
|
169
158
|
def parse_name(encoding)
|
170
159
|
len = encoding.unpack("c")[0]
|
171
160
|
name = encoding[1, len]
|
172
|
-
|
161
|
+
[encoding[(1 + len)..-1], name]
|
173
162
|
end
|
174
163
|
|
175
164
|
def parse_value(encoding)
|
176
165
|
len = encoding.unpack("n")[0]
|
177
166
|
value = encoding[2, len]
|
178
|
-
|
167
|
+
[encoding[(2 + len)..-1], value]
|
179
168
|
end
|
180
169
|
|
181
170
|
def parse(encoding)
|
182
|
-
stack = [
|
171
|
+
stack = [{}]
|
183
172
|
list = nil
|
184
|
-
|
173
|
+
until encoding.empty?
|
185
174
|
type = encoding.unpack("c")[0]
|
186
175
|
encoding = encoding[1..-1]
|
187
176
|
case type
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
else
|
212
|
-
raise ParseError, "invalid type: #{type}"
|
177
|
+
when SECTION_START
|
178
|
+
encoding, name = parse_name(encoding)
|
179
|
+
stack.push(stack[-1][name] = {})
|
180
|
+
when SECTION_END
|
181
|
+
raise ParseError, "unexpected section end" if stack.length == 1
|
182
|
+
stack.pop
|
183
|
+
when KEY_VALUE
|
184
|
+
encoding, name = parse_name(encoding)
|
185
|
+
encoding, value = parse_value(encoding)
|
186
|
+
stack[-1][name] = value
|
187
|
+
when LIST_START
|
188
|
+
encoding, name = parse_name(encoding)
|
189
|
+
stack[-1][name] = []
|
190
|
+
list = name
|
191
|
+
when LIST_ITEM
|
192
|
+
raise ParseError, "unexpected list item" if list.nil?
|
193
|
+
encoding, value = parse_value(encoding)
|
194
|
+
stack[-1][list].push(value)
|
195
|
+
when LIST_END
|
196
|
+
raise ParseError, "unexpected list end" if list.nil?
|
197
|
+
list = nil
|
198
|
+
else
|
199
|
+
raise ParseError, "invalid type: #{type}"
|
213
200
|
end
|
214
201
|
end
|
215
|
-
if stack.length
|
216
|
-
raise ParseError, "unexpected message end"
|
217
|
-
end
|
202
|
+
raise ParseError, "unexpected message end" if stack.length > 1
|
218
203
|
stack[0]
|
219
204
|
end
|
220
205
|
end
|
221
206
|
|
222
|
-
|
223
207
|
##
|
224
208
|
# The Transport class implements to low level segmentation of packets
|
225
209
|
# to the underlying transport stream. Directly using this class is usually
|
226
210
|
# not required.
|
227
211
|
class Transport
|
228
|
-
|
229
212
|
CMD_REQUEST = 0
|
230
213
|
CMD_RESPONSE = 1
|
231
214
|
CMD_UNKNOWN = 2
|
@@ -239,18 +222,16 @@ module Vici
|
|
239
222
|
# Create a transport layer using a provided socket for communication.
|
240
223
|
def initialize(socket)
|
241
224
|
@socket = socket
|
242
|
-
@events =
|
225
|
+
@events = {}
|
243
226
|
end
|
244
227
|
|
245
228
|
##
|
246
229
|
# Receive data from socket, until len bytes read
|
247
230
|
def recv_all(len)
|
248
231
|
encoding = ""
|
249
|
-
while encoding.length < len
|
232
|
+
while encoding.length < len
|
250
233
|
data = @socket.recv(len - encoding.length)
|
251
|
-
if data.empty?
|
252
|
-
raise TransportError, "connection closed"
|
253
|
-
end
|
234
|
+
raise TransportError, "connection closed" if data.empty?
|
254
235
|
encoding << data
|
255
236
|
end
|
256
237
|
encoding
|
@@ -260,9 +241,7 @@ module Vici
|
|
260
241
|
# Send data to socket, until all bytes sent
|
261
242
|
def send_all(encoding)
|
262
243
|
len = 0
|
263
|
-
while len < encoding.length
|
264
|
-
len += @socket.send(encoding[len..-1], 0)
|
265
|
-
end
|
244
|
+
len += @socket.send(encoding[len..-1], 0) while len < encoding.length
|
266
245
|
end
|
267
246
|
|
268
247
|
##
|
@@ -270,12 +249,8 @@ module Vici
|
|
270
249
|
# specifies the message, the optional label and message get appended.
|
271
250
|
def write(type, label, message)
|
272
251
|
encoding = ""
|
273
|
-
if label
|
274
|
-
|
275
|
-
end
|
276
|
-
if message
|
277
|
-
encoding << message.encoding
|
278
|
-
end
|
252
|
+
encoding << label.length << label if label
|
253
|
+
encoding << message.encoding if message
|
279
254
|
send_all([encoding.length + 1, type].pack("Nc") + encoding)
|
280
255
|
end
|
281
256
|
|
@@ -288,18 +263,20 @@ module Vici
|
|
288
263
|
type = encoding.unpack("c")[0]
|
289
264
|
len = 1
|
290
265
|
case type
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
|
295
|
-
|
296
|
-
|
297
|
-
|
298
|
-
end
|
299
|
-
if encoding.length == len
|
300
|
-
return type, label, Message.new
|
266
|
+
when CMD_REQUEST, EVENT_REGISTER, EVENT_UNREGISTER, EVENT
|
267
|
+
label = encoding[2, encoding[1].unpack("c")[0]]
|
268
|
+
len += label.length + 1
|
269
|
+
when CMD_RESPONSE, CMD_UNKNOWN, EVENT_CONFIRM, EVENT_UNKNOWN
|
270
|
+
label = nil
|
271
|
+
else
|
272
|
+
raise TransportError, "invalid message: #{type}"
|
301
273
|
end
|
302
|
-
|
274
|
+
message = if encoding.length == len
|
275
|
+
Message.new
|
276
|
+
else
|
277
|
+
Message.new(encoding[len..-1])
|
278
|
+
end
|
279
|
+
[type, label, message]
|
303
280
|
end
|
304
281
|
|
305
282
|
def dispatch_event(name, message)
|
@@ -310,22 +287,17 @@ module Vici
|
|
310
287
|
|
311
288
|
def read_and_dispatch_event
|
312
289
|
type, label, message = read
|
313
|
-
|
314
|
-
|
315
|
-
|
316
|
-
else
|
317
|
-
raise TransportError, "unexpected message: #{type}"
|
318
|
-
end
|
290
|
+
raise TransportError, "unexpected message: #{type}" if type != EVENT
|
291
|
+
|
292
|
+
dispatch_event(label, message)
|
319
293
|
end
|
320
294
|
|
321
295
|
def read_and_dispatch_events
|
322
296
|
loop do
|
323
297
|
type, label, message = read
|
324
|
-
if type
|
325
|
-
|
326
|
-
|
327
|
-
return type, label, message
|
328
|
-
end
|
298
|
+
return type, label, message if type != EVENT
|
299
|
+
|
300
|
+
dispatch_event(label, message)
|
329
301
|
end
|
330
302
|
end
|
331
303
|
|
@@ -334,14 +306,14 @@ module Vici
|
|
334
306
|
# the reply message on success.
|
335
307
|
def request(name, message = nil)
|
336
308
|
write(CMD_REQUEST, name, message)
|
337
|
-
type,
|
309
|
+
type, _label, message = read_and_dispatch_events
|
338
310
|
case type
|
339
|
-
|
340
|
-
|
341
|
-
|
342
|
-
|
343
|
-
|
344
|
-
|
311
|
+
when CMD_RESPONSE
|
312
|
+
return message
|
313
|
+
when CMD_UNKNOWN
|
314
|
+
raise CommandUnknownError, name
|
315
|
+
else
|
316
|
+
raise CommandError, "invalid response for #{name}"
|
345
317
|
end
|
346
318
|
end
|
347
319
|
|
@@ -349,18 +321,18 @@ module Vici
|
|
349
321
|
# Register a handler method for the given event name
|
350
322
|
def register(name, handler)
|
351
323
|
write(EVENT_REGISTER, name, nil)
|
352
|
-
type,
|
324
|
+
type, _label, _message = read_and_dispatch_events
|
353
325
|
case type
|
354
|
-
|
355
|
-
|
356
|
-
|
357
|
-
else
|
358
|
-
@events[name] = [handler];
|
359
|
-
end
|
360
|
-
when EVENT_UNKNOWN
|
361
|
-
raise EventUnknownError, name
|
326
|
+
when EVENT_CONFIRM
|
327
|
+
if @events.key?(name)
|
328
|
+
@events[name] += [handler]
|
362
329
|
else
|
363
|
-
|
330
|
+
@events[name] = [handler]
|
331
|
+
end
|
332
|
+
when EVENT_UNKNOWN
|
333
|
+
raise EventUnknownError, name
|
334
|
+
else
|
335
|
+
raise EventError, "invalid response for #{name} register"
|
364
336
|
end
|
365
337
|
end
|
366
338
|
|
@@ -368,19 +340,18 @@ module Vici
|
|
368
340
|
# Unregister a handler method for the given event name
|
369
341
|
def unregister(name, handler)
|
370
342
|
write(EVENT_UNREGISTER, name, nil)
|
371
|
-
type,
|
343
|
+
type, _label, _message = read_and_dispatch_events
|
372
344
|
case type
|
373
|
-
|
374
|
-
|
375
|
-
|
376
|
-
|
377
|
-
|
378
|
-
|
345
|
+
when EVENT_CONFIRM
|
346
|
+
@events[name] -= [handler]
|
347
|
+
when EVENT_UNKNOWN
|
348
|
+
raise EventUnknownError, name
|
349
|
+
else
|
350
|
+
raise EventError, "invalid response for #{name} unregister"
|
379
351
|
end
|
380
352
|
end
|
381
353
|
end
|
382
354
|
|
383
|
-
|
384
355
|
##
|
385
356
|
# The Connection class provides the high-level interface to monitor, configure
|
386
357
|
# and control the IKE daemon. It takes a connected stream-oriented Socket for
|
@@ -393,19 +364,65 @@ module Vici
|
|
393
364
|
# Non-String values that are not a Hash nor an Array get converted with .to_s
|
394
365
|
# during encoding.
|
395
366
|
class Connection
|
396
|
-
|
367
|
+
##
|
368
|
+
# Create a connection, optionally using the given socket
|
397
369
|
def initialize(socket = nil)
|
398
|
-
if socket
|
399
|
-
socket = UNIXSocket.new("/var/run/charon.vici")
|
400
|
-
end
|
370
|
+
socket = UNIXSocket.new("/var/run/charon.vici") if socket.nil?
|
401
371
|
@transp = Transport.new(socket)
|
402
372
|
end
|
403
373
|
|
404
374
|
##
|
405
|
-
#
|
406
|
-
|
407
|
-
|
408
|
-
|
375
|
+
# Get daemon version information
|
376
|
+
def version
|
377
|
+
call("version")
|
378
|
+
end
|
379
|
+
|
380
|
+
##
|
381
|
+
# Get daemon statistics and information.
|
382
|
+
def stats
|
383
|
+
call("stats")
|
384
|
+
end
|
385
|
+
|
386
|
+
##
|
387
|
+
# Reload strongswan.conf settings.
|
388
|
+
def reload_settings
|
389
|
+
call("reload-settings")
|
390
|
+
end
|
391
|
+
|
392
|
+
##
|
393
|
+
# Initiate a connection. The provided closure is invoked for each log line.
|
394
|
+
def initiate(options, &block)
|
395
|
+
call_with_event("initiate", Message.new(options), "control-log", &block)
|
396
|
+
end
|
397
|
+
|
398
|
+
##
|
399
|
+
# Terminate a connection. The provided closure is invoked for each log line.
|
400
|
+
def terminate(options, &block)
|
401
|
+
call_with_event("terminate", Message.new(options), "control-log", &block)
|
402
|
+
end
|
403
|
+
|
404
|
+
##
|
405
|
+
# Initiate the rekeying of an SA.
|
406
|
+
def rekey(options)
|
407
|
+
call("rekey", Message.new(options))
|
408
|
+
end
|
409
|
+
|
410
|
+
##
|
411
|
+
# Redirect an IKE_SA.
|
412
|
+
def redirect(options)
|
413
|
+
call("redirect", Message.new(options))
|
414
|
+
end
|
415
|
+
|
416
|
+
##
|
417
|
+
# Install a shunt/route policy.
|
418
|
+
def install(policy)
|
419
|
+
call("install", Message.new(policy))
|
420
|
+
end
|
421
|
+
|
422
|
+
##
|
423
|
+
# Uninstall a shunt/route policy.
|
424
|
+
def uninstall(policy)
|
425
|
+
call("uninstall", Message.new(policy))
|
409
426
|
end
|
410
427
|
|
411
428
|
##
|
@@ -423,6 +440,19 @@ module Vici
|
|
423
440
|
&block)
|
424
441
|
end
|
425
442
|
|
443
|
+
##
|
444
|
+
# List matching loaded connections. The provided closure is invoked
|
445
|
+
# for each matching connection.
|
446
|
+
def list_conns(match = nil, &block)
|
447
|
+
call_with_event("list-conns", Message.new(match), "list-conn", &block)
|
448
|
+
end
|
449
|
+
|
450
|
+
##
|
451
|
+
# Get the names of connections managed by vici.
|
452
|
+
def get_conns
|
453
|
+
call("get-conns")
|
454
|
+
end
|
455
|
+
|
426
456
|
##
|
427
457
|
# List matching loaded certificates. The provided closure is invoked
|
428
458
|
# for each matching certificate definition.
|
@@ -431,120 +461,144 @@ module Vici
|
|
431
461
|
end
|
432
462
|
|
433
463
|
##
|
434
|
-
#
|
435
|
-
|
436
|
-
|
464
|
+
# List matching loaded certification authorities. The provided closure is
|
465
|
+
# invoked for each matching certification authority definition.
|
466
|
+
def list_authorities(match = nil, &block)
|
467
|
+
call_with_event("list-authorities", Message.new(match), "list-authority",
|
468
|
+
&block)
|
437
469
|
end
|
438
470
|
|
439
471
|
##
|
440
|
-
#
|
441
|
-
def
|
442
|
-
|
472
|
+
# Get the names of certification authorities managed by vici.
|
473
|
+
def get_authorities
|
474
|
+
call("get-authorities")
|
443
475
|
end
|
444
476
|
|
445
477
|
##
|
446
|
-
#
|
447
|
-
def
|
448
|
-
|
478
|
+
# Load a connection into the daemon.
|
479
|
+
def load_conn(conn)
|
480
|
+
call("load-conn", Message.new(conn))
|
449
481
|
end
|
450
482
|
|
451
483
|
##
|
452
|
-
#
|
453
|
-
def
|
454
|
-
|
484
|
+
# Unload a connection from the daemon.
|
485
|
+
def unload_conn(conn)
|
486
|
+
call("unload-conn", Message.new(conn))
|
455
487
|
end
|
456
488
|
|
457
489
|
##
|
458
490
|
# Load a certificate into the daemon.
|
459
491
|
def load_cert(cert)
|
460
|
-
|
492
|
+
call("load-cert", Message.new(cert))
|
461
493
|
end
|
462
494
|
|
463
495
|
##
|
464
496
|
# Load a private key into the daemon.
|
465
497
|
def load_key(key)
|
466
|
-
|
498
|
+
call("load-key", Message.new(key))
|
499
|
+
end
|
500
|
+
|
501
|
+
##
|
502
|
+
# Unload a private key from the daemon.
|
503
|
+
def unload_key(key)
|
504
|
+
call("unload-key", Message.new(key))
|
505
|
+
end
|
506
|
+
|
507
|
+
##
|
508
|
+
# Get the identifiers of private keys loaded via vici.
|
509
|
+
def get_keys
|
510
|
+
call("get-keys")
|
511
|
+
end
|
512
|
+
|
513
|
+
##
|
514
|
+
# Load a private key located on a token into the daemon.
|
515
|
+
def load_token(token)
|
516
|
+
call("load-token", Message.new(token))
|
467
517
|
end
|
468
518
|
|
469
519
|
##
|
470
520
|
# Load a shared key into the daemon.
|
471
521
|
def load_shared(shared)
|
472
|
-
|
522
|
+
call("load-shared", Message.new(shared))
|
473
523
|
end
|
474
524
|
|
475
525
|
##
|
476
|
-
#
|
477
|
-
def
|
478
|
-
|
526
|
+
# Unload a shared key from the daemon.
|
527
|
+
def unload_shared(shared)
|
528
|
+
call("unload-shared", Message.new(shared))
|
479
529
|
end
|
480
530
|
|
481
531
|
##
|
482
|
-
#
|
483
|
-
def
|
484
|
-
|
532
|
+
# Get the unique identifiers of shared keys loaded via vici.
|
533
|
+
def get_shared
|
534
|
+
call("get-shared")
|
485
535
|
end
|
486
536
|
|
487
537
|
##
|
488
|
-
#
|
489
|
-
def
|
490
|
-
|
538
|
+
# Flush credential cache.
|
539
|
+
def flush_certs(match = nil)
|
540
|
+
call("flush-certs", Message.new(match))
|
491
541
|
end
|
492
542
|
|
493
543
|
##
|
494
|
-
#
|
495
|
-
def
|
496
|
-
|
497
|
-
"control-log", &block))
|
544
|
+
# Clear all loaded credentials.
|
545
|
+
def clear_creds
|
546
|
+
call("clear-creds")
|
498
547
|
end
|
499
548
|
|
500
549
|
##
|
501
|
-
#
|
502
|
-
def
|
503
|
-
|
504
|
-
"control-log", &block))
|
550
|
+
# Load a certification authority into the daemon.
|
551
|
+
def load_authority(authority)
|
552
|
+
call("load-authority", Message.new(authority))
|
505
553
|
end
|
506
554
|
|
507
555
|
##
|
508
|
-
#
|
509
|
-
def
|
510
|
-
|
556
|
+
# Unload a certification authority from the daemon.
|
557
|
+
def unload_authority(authority)
|
558
|
+
call("unload-authority", Message.new(authority))
|
511
559
|
end
|
512
560
|
|
513
561
|
##
|
514
|
-
#
|
515
|
-
def
|
516
|
-
|
562
|
+
# Load a virtual IP / attribute pool into the daemon.
|
563
|
+
def load_pool(pool)
|
564
|
+
call("load-pool", Message.new(pool))
|
517
565
|
end
|
518
566
|
|
519
567
|
##
|
520
|
-
#
|
521
|
-
def
|
522
|
-
|
568
|
+
# Unload a virtual IP / attribute pool from the daemon.
|
569
|
+
def unload_pool(pool)
|
570
|
+
call("unload-pool", Message.new(pool))
|
523
571
|
end
|
524
572
|
|
525
573
|
##
|
526
|
-
#
|
527
|
-
def
|
528
|
-
|
574
|
+
# Get the currently loaded pools.
|
575
|
+
def get_pools(options)
|
576
|
+
call("get-pools", Message.new(options))
|
529
577
|
end
|
530
578
|
|
531
579
|
##
|
532
|
-
# Get
|
533
|
-
def
|
534
|
-
|
580
|
+
# Get currently loaded algorithms and their implementation.
|
581
|
+
def get_algorithms
|
582
|
+
call("get-algorithms")
|
535
583
|
end
|
536
584
|
|
537
585
|
##
|
538
|
-
# Get
|
539
|
-
def
|
540
|
-
|
586
|
+
# Get global or connection-specific counters for IKE events.
|
587
|
+
def get_counters(options = nil)
|
588
|
+
call("get-counters", Message.new(options))
|
589
|
+
end
|
590
|
+
|
591
|
+
##
|
592
|
+
# Reset global or connection-specific IKE event counters.
|
593
|
+
def reset_counters(options = nil)
|
594
|
+
call("reset-counters", Message.new(options))
|
541
595
|
end
|
542
596
|
|
543
597
|
##
|
544
598
|
# Listen for a set of event messages. This call is blocking, and invokes
|
545
599
|
# the passed closure for each event received. The closure receives the
|
546
600
|
# event name and the event message as argument. To stop listening, the
|
547
|
-
# closure may raise a StopEventListening exception, the only
|
601
|
+
# closure may raise a StopEventListening exception, the only caught
|
548
602
|
# exception.
|
549
603
|
def listen_events(events, &block)
|
550
604
|
self.class.instance_eval do
|
@@ -567,6 +621,13 @@ module Vici
|
|
567
621
|
end
|
568
622
|
end
|
569
623
|
|
624
|
+
##
|
625
|
+
# Issue a command request. Checks if the reply of a command indicates
|
626
|
+
# "success", otherwise raises a CommandExecError exception.
|
627
|
+
def call(command, request = nil)
|
628
|
+
check_success(@transp.request(command, request))
|
629
|
+
end
|
630
|
+
|
570
631
|
##
|
571
632
|
# Issue a command request, but register for a specific event while the
|
572
633
|
# command is active. VICI uses this mechanism to stream potentially large
|
@@ -574,7 +635,7 @@ module Vici
|
|
574
635
|
# event messages.
|
575
636
|
def call_with_event(command, request, event, &block)
|
576
637
|
self.class.instance_eval do
|
577
|
-
define_method(:call_event) do |
|
638
|
+
define_method(:call_event) do |_label, message|
|
578
639
|
block.call(message.root)
|
579
640
|
end
|
580
641
|
end
|
@@ -584,7 +645,7 @@ module Vici
|
|
584
645
|
ensure
|
585
646
|
@transp.unregister(event, method(:call_event))
|
586
647
|
end
|
587
|
-
reply
|
648
|
+
check_success(reply)
|
588
649
|
end
|
589
650
|
|
590
651
|
##
|
@@ -592,9 +653,10 @@ module Vici
|
|
592
653
|
# CommandExecError exception
|
593
654
|
def check_success(reply)
|
594
655
|
root = reply.root
|
595
|
-
if root["success"] != "yes"
|
656
|
+
if root.key?("success") && root["success"] != "yes"
|
596
657
|
raise CommandExecError, root["errmsg"]
|
597
658
|
end
|
659
|
+
|
598
660
|
root
|
599
661
|
end
|
600
662
|
end
|
metadata
CHANGED
@@ -1,21 +1,21 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: vici
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.
|
4
|
+
version: 5.8.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- strongSwan Project
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2019-05-20 00:00:00.000000000 Z
|
12
12
|
dependencies: []
|
13
13
|
description: "\n The strongSwan VICI protocol allows external application to monitor,\n
|
14
|
-
\ configure and control the IKE daemon charon. This
|
14
|
+
\ configure and control the IKE daemon charon. This Ruby Gem provides a\n native
|
15
15
|
client side implementation of the VICI protocol, well suited to\n script automated
|
16
16
|
tasks in a relaible way.\n "
|
17
17
|
email:
|
18
|
-
-
|
18
|
+
- info@strongswan.org
|
19
19
|
executables: []
|
20
20
|
extensions: []
|
21
21
|
extra_rdoc_files: []
|
@@ -41,8 +41,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
41
41
|
version: '0'
|
42
42
|
requirements: []
|
43
43
|
rubyforge_project:
|
44
|
-
rubygems_version: 2.
|
44
|
+
rubygems_version: 2.7.6
|
45
45
|
signing_key:
|
46
46
|
specification_version: 4
|
47
|
-
summary: Native
|
47
|
+
summary: Native Ruby interface for strongSwan VICI
|
48
48
|
test_files: []
|