diff options
author | Ermal LUÇI <eri@pfsense.org> | 2014-11-27 16:09:43 +0100 |
---|---|---|
committer | Ermal LUÇI <eri@pfsense.org> | 2014-11-27 16:09:43 +0100 |
commit | 648661c57bfdd75e4916be6bdb537bff378d9f0d (patch) | |
tree | 357eed2a6216844387ddac168b98003477b7d4e2 /etc/inc/ipsec.inc | |
parent | 4ce77a6caddbe1cb76f58709deba20ba06903165 (diff) | |
download | pfsense-648661c57bfdd75e4916be6bdb537bff378d9f0d.zip pfsense-648661c57bfdd75e4916be6bdb537bff378d9f0d.tar.gz |
Make the parsing of setkey -d(SAs) more reliable. Fixes #4043
Diffstat (limited to 'etc/inc/ipsec.inc')
-rw-r--r-- | etc/inc/ipsec.inc | 37 |
1 files changed, 19 insertions, 18 deletions
diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc index 959aead..7d3dd81 100644 --- a/etc/inc/ipsec.inc +++ b/etc/inc/ipsec.inc @@ -506,7 +506,8 @@ function ipsec_dump_spd() $cursp['dstid'] = substr($linea[1], 0, strpos($linea[1], "[")); $i = 0; } else if (is_array($cursp)) { - $linea = explode(" ", trim($line)); + $line = trim($line, "\t\r\n "); + $linea = explode(" ", $line); switch($i) { case 1: @@ -553,31 +554,31 @@ function ipsec_dump_sad() $sad[] = $cursa; $cursa = array(); list($cursa['src'],$cursa['dst']) = explode(" ", $line); - $i = 0; } else { - $linea = explode(" ", trim($line)); - switch ($i) { - case 1: - $cursa['proto'] = $linea[0]; - $cursa['spi'] = substr($linea[2], strpos($linea[2], "x")+1, -1); - $reqid = substr($linea[3], strpos($linea[3], "=")+1); - $cursa['reqid'] = substr($reqid, 0, strcspn($reqid,"(")); - break; - case 2: - $cursa['ealgo'] = $linea[1]; + $line = trim($line, "\t\n\r "); + $linea = explode(" ", $line); + foreach ($linea as $idx => $linee) { + if ($linee == 'esp' || $linee == 'ah' || $linee[0] == '#') + $cursa['proto'] = $linee; + else if (substr($linee, 0, 3) == 'spi') + $cursa['spi'] = substr($linee, strpos($linee, 'x') + 1, -1); + else if (substr($linee, 0, 5) == 'reqid') + $cursa['reqid'] = substr($linee, strpos($linee, 'x') + 1, -1); + else if (substr($linee, 0, 2) == 'E:') { + $cursa['ealgo'] = $linea[$idx + 1]; break; - case 3: - $cursa['aalgo'] = $linea[1]; + } else if (substr($linee, 0, 2) == 'A:') { + $cursa['aalgo'] = $linea[$idx + 1]; break; - case 8: - $sadata = explode("(", $linea[1]); - $cursa['data'] = $sadata[0] . " B"; + } else if (substr($linee, 0, 8) == 'current:') { + $cursa['data'] = substr($linea[$idx + 1], 0, strpos($linea[$idx + 1], 'bytes') - 1) . ' B'; break; + } + } } - $i++; } if (is_array($cursa) && count($cursa)) $sad[] = $cursa; |