From 648661c57bfdd75e4916be6bdb537bff378d9f0d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ermal=20LU=C3=87I?= <eri@pfsense.org>
Date: Thu, 27 Nov 2014 16:09:43 +0100
Subject: Make the parsing of setkey -d(SAs) more reliable. Fixes #4043

---
 etc/inc/ipsec.inc | 37 +++++++++++++++++++------------------
 1 file changed, 19 insertions(+), 18 deletions(-)

(limited to 'etc/inc/ipsec.inc')

diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc
index 959aead..7d3dd81 100644
--- a/etc/inc/ipsec.inc
+++ b/etc/inc/ipsec.inc
@@ -506,7 +506,8 @@ function ipsec_dump_spd()
 				$cursp['dstid'] = substr($linea[1], 0, strpos($linea[1], "["));
 				$i = 0;
 			} else if (is_array($cursp)) {
-				$linea = explode(" ", trim($line));
+				$line = trim($line, "\t\r\n ");
+				$linea = explode(" ", $line);
 				switch($i)
 				{
 					case 1:
@@ -553,31 +554,31 @@ function ipsec_dump_sad()
 					$sad[] = $cursa;
 				$cursa = array();
 				list($cursa['src'],$cursa['dst']) = explode(" ", $line);
-				$i = 0;
 			}
 			else
 			{
-				$linea = explode(" ", trim($line));
-				switch ($i) {
-					case 1:
-						$cursa['proto'] = $linea[0];
-						$cursa['spi'] = substr($linea[2], strpos($linea[2], "x")+1, -1);
-						$reqid = substr($linea[3], strpos($linea[3], "=")+1);
-						$cursa['reqid'] = substr($reqid, 0, strcspn($reqid,"("));
-						break;
-					case 2:
-						$cursa['ealgo'] = $linea[1];
+				$line = trim($line, "\t\n\r ");
+				$linea = explode(" ", $line);
+				foreach ($linea as $idx => $linee) {
+					if ($linee == 'esp' || $linee == 'ah' || $linee[0] == '#')
+						$cursa['proto'] = $linee;
+					else if (substr($linee, 0, 3) == 'spi')
+						$cursa['spi'] = substr($linee, strpos($linee, 'x') + 1, -1);
+					else if (substr($linee, 0, 5) == 'reqid')
+						$cursa['reqid'] = substr($linee, strpos($linee, 'x') + 1, -1);
+					else if (substr($linee, 0, 2) == 'E:') {
+						$cursa['ealgo'] = $linea[$idx + 1];
 						break;
-					case 3:
-						$cursa['aalgo'] = $linea[1];
+					} else if (substr($linee, 0, 2) == 'A:') {
+						$cursa['aalgo'] = $linea[$idx + 1];
 						break;
-					case 8:
-						$sadata = explode("(", $linea[1]);
-						$cursa['data'] = $sadata[0] . " B";
+					} else if (substr($linee, 0, 8) == 'current:') {
+						$cursa['data'] = substr($linea[$idx + 1], 0, strpos($linea[$idx + 1], 'bytes') - 1) . ' B';
 						break;
+					}
+						
 				}
 			}
-			$i++;
 		}
 		if (is_array($cursa) && count($cursa))
 			$sad[] = $cursa;
-- 
cgit v1.1