- vlib_cli_output(vm, " SK_e i:%U\n r:%U",
- format_hex_bytes, child->sk_ei, vec_len(child->sk_ei),
- format_hex_bytes, child->sk_er, vec_len(child->sk_er));
- if (child->sk_ai)
- {
- vlib_cli_output(vm, " SK_a i:%U\n r:%U",
- format_hex_bytes, child->sk_ai, vec_len(child->sk_ai),
- format_hex_bytes, child->sk_ar, vec_len(child->sk_ar));
- vlib_cli_output(vm, " traffic selectors (i):");
- }
- vec_foreach(ts, child->tsi)
- {
- vlib_cli_output(vm, " %u type %u protocol_id %u addr "
- "%U - %U port %u - %u",
- ts - child->tsi,
- ts->ts_type, ts->protocol_id,
- format_ip4_address, &ts->start_addr,
- format_ip4_address, &ts->end_addr,
- clib_net_to_host_u16( ts->start_port),
- clib_net_to_host_u16( ts->end_port));
- }
- vlib_cli_output(vm, " traffic selectors (r):");
- vec_foreach(ts, child->tsr)
+ tr = ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
+ s = format (s, "%U ", format_ikev2_sa_transform, tr);
+
+ tr = ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_DH);
+ s = format (s, "%U", format_ikev2_sa_transform, tr);
+
+ s = format (s, "\n%U", format_white_space, indent);
+
+ s = format (s, "nonce i:%U\n%Ur:%U\n",
+ format_hex_bytes, sa->i_nonce, vec_len (sa->i_nonce),
+ format_white_space, indent + 6,
+ format_hex_bytes, sa->r_nonce, vec_len (sa->r_nonce));
+
+ s = format (s, "%USK_d %U\n", format_white_space, indent,
+ format_hex_bytes, sa->sk_d, vec_len (sa->sk_d));
+ if (sa->sk_ai)
+ {
+ s = format (s, "%USK_a i:%U\n%Ur:%U\n",
+ format_white_space, indent,
+ format_hex_bytes, sa->sk_ai, vec_len (sa->sk_ai),
+ format_white_space, indent + 6,
+ format_hex_bytes, sa->sk_ar, vec_len (sa->sk_ar));
+ }
+ s = format (s, "%USK_e i:%U\n%Ur:%U\n",
+ format_white_space, indent,
+ format_hex_bytes, sa->sk_ei, vec_len (sa->sk_ei),
+ format_white_space, indent + 6,
+ format_hex_bytes, sa->sk_er, vec_len (sa->sk_er));
+ s = format (s, "%USK_p i:%U\n%Ur:%U\n",
+ format_white_space, indent,
+ format_hex_bytes, sa->sk_pi, vec_len (sa->sk_pi),
+ format_white_space, indent + 6,
+ format_hex_bytes, sa->sk_pr, vec_len (sa->sk_pr));
+
+ s = format (s, "%Uidentifier (i) %U\n",
+ format_white_space, indent,
+ format_ikev2_id_type_and_data, &sa->i_id);
+ s = format (s, "%Uidentifier (r) %U\n",
+ format_white_space, indent,
+ format_ikev2_id_type_and_data, &sa->r_id);
+
+ vec_foreach (child, sa->childs)
+ {
+ s = format (s, "%U%U", format_white_space, indent + 2,
+ format_ikev2_child_sa, child, child - sa->childs);
+ }
+
+ return s;
+}
+
+static clib_error_t *
+show_ikev2_sa_command_fn (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ unformat_input_t _line_input, *line_input = &_line_input;
+ ikev2_main_t *km = &ikev2_main;
+ ikev2_main_per_thread_data_t *tkm;
+ ikev2_sa_t *sa;
+ u64 rspi;
+ u8 *s = 0;
+ int details = 0, show_one = 0;
+
+ if (unformat_user (input, unformat_line_input, line_input))
+ {
+ while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (line_input, "rspi %lx", &rspi))
+ {
+ show_one = 1;
+ }
+ else if (unformat (line_input, "details"))
+ details = 1;
+ else
+ break;
+ }
+ unformat_free (line_input);
+ }
+
+ vec_foreach (tkm, km->per_thread_data)
+ {
+ /* *INDENT-OFF* */
+ pool_foreach (sa, tkm->sas, ({
+ if (show_one)
+ {
+ if (sa->rspi == rspi)