return str;
}
-const char *strxf_mask8(__u8 mask)
+static const char *strxf_mask8(__u8 mask)
{
static char str[16];
const int sn = sizeof(mask) * 8 - 1;
return str;
}
-const char *strxf_share(__u8 share)
+static const char *strxf_share(__u8 share)
{
static char str[32];
return str;
}
-void xfrm_id_info_print(xfrm_address_t *saddr, struct xfrm_id *id,
+static void xfrm_id_info_print(xfrm_address_t *saddr, struct xfrm_id *id,
__u8 mode, __u32 reqid, __u16 family, int force_spi,
FILE *fp, const char *prefix, const char *title)
{
return str;
}
-void xfrm_stats_print(struct xfrm_stats *s, FILE *fp, const char *prefix)
+static void xfrm_stats_print(struct xfrm_stats *s, FILE *fp,
+ const char *prefix)
{
if (prefix)
fputs(prefix, fp);
return str;
}
-void xfrm_lifetime_print(struct xfrm_lifetime_cfg *cfg,
+static void xfrm_lifetime_print(struct xfrm_lifetime_cfg *cfg,
struct xfrm_lifetime_cur *cur,
FILE *fp, const char *prefix)
{
}
static void __xfrm_algo_print(struct xfrm_algo *algo, int type, int len,
- FILE *fp, const char *prefix, int newline)
+ FILE *fp, const char *prefix, int newline,
+ bool nokeys)
{
int keylen;
int i;
goto fin;
}
- if (keylen > 0) {
+ if (nokeys)
+ fprintf(fp, "<<Keys hidden>>");
+ else if (keylen > 0) {
fprintf(fp, "0x");
for (i = 0; i < keylen; i++)
fprintf(fp, "%.2x", (unsigned char)algo->alg_key[i]);
}
static inline void xfrm_algo_print(struct xfrm_algo *algo, int type, int len,
- FILE *fp, const char *prefix)
+ FILE *fp, const char *prefix, bool nokeys)
{
- return __xfrm_algo_print(algo, type, len, fp, prefix, 1);
+ return __xfrm_algo_print(algo, type, len, fp, prefix, 1, nokeys);
}
static void xfrm_aead_print(struct xfrm_algo_aead *algo, int len,
- FILE *fp, const char *prefix)
+ FILE *fp, const char *prefix, bool nokeys)
{
struct xfrm_algo *base_algo = alloca(sizeof(*base_algo) + algo->alg_key_len / 8);
base_algo->alg_key_len = algo->alg_key_len;
memcpy(base_algo->alg_key, algo->alg_key, algo->alg_key_len / 8);
- __xfrm_algo_print(base_algo, XFRMA_ALG_AEAD, len, fp, prefix, 0);
+ __xfrm_algo_print(base_algo, XFRMA_ALG_AEAD, len, fp, prefix, 0,
+ nokeys);
fprintf(fp, " %d", algo->alg_icv_len);
}
static void xfrm_auth_trunc_print(struct xfrm_algo_auth *algo, int len,
- FILE *fp, const char *prefix)
+ FILE *fp, const char *prefix, bool nokeys)
{
struct xfrm_algo *base_algo = alloca(sizeof(*base_algo) + algo->alg_key_len / 8);
base_algo->alg_key_len = algo->alg_key_len;
memcpy(base_algo->alg_key, algo->alg_key, algo->alg_key_len / 8);
- __xfrm_algo_print(base_algo, XFRMA_ALG_AUTH_TRUNC, len, fp, prefix, 0);
+ __xfrm_algo_print(base_algo, XFRMA_ALG_AUTH_TRUNC, len, fp, prefix, 0,
+ nokeys);
fprintf(fp, " %d", algo->alg_trunc_len);
}
void xfrm_xfrma_print(struct rtattr *tb[], __u16 family,
- FILE *fp, const char *prefix)
+ FILE *fp, const char *prefix, bool nokeys)
{
if (tb[XFRMA_MARK]) {
struct rtattr *rta = tb[XFRMA_MARK];
if (tb[XFRMA_ALG_AUTH] && !tb[XFRMA_ALG_AUTH_TRUNC]) {
struct rtattr *rta = tb[XFRMA_ALG_AUTH];
- xfrm_algo_print(RTA_DATA(rta),
- XFRMA_ALG_AUTH, RTA_PAYLOAD(rta), fp, prefix);
+ xfrm_algo_print(RTA_DATA(rta), XFRMA_ALG_AUTH, RTA_PAYLOAD(rta),
+ fp, prefix, nokeys);
}
if (tb[XFRMA_ALG_AUTH_TRUNC]) {
struct rtattr *rta = tb[XFRMA_ALG_AUTH_TRUNC];
- xfrm_auth_trunc_print(RTA_DATA(rta),
- RTA_PAYLOAD(rta), fp, prefix);
+ xfrm_auth_trunc_print(RTA_DATA(rta), RTA_PAYLOAD(rta), fp,
+ prefix, nokeys);
}
if (tb[XFRMA_ALG_AEAD]) {
struct rtattr *rta = tb[XFRMA_ALG_AEAD];
- xfrm_aead_print(RTA_DATA(rta),
- RTA_PAYLOAD(rta), fp, prefix);
+ xfrm_aead_print(RTA_DATA(rta), RTA_PAYLOAD(rta), fp, prefix,
+ nokeys);
}
if (tb[XFRMA_ALG_CRYPT]) {
struct rtattr *rta = tb[XFRMA_ALG_CRYPT];
- xfrm_algo_print(RTA_DATA(rta),
- XFRMA_ALG_CRYPT, RTA_PAYLOAD(rta), fp, prefix);
+ xfrm_algo_print(RTA_DATA(rta), XFRMA_ALG_CRYPT,
+ RTA_PAYLOAD(rta), fp, prefix, nokeys);
}
if (tb[XFRMA_ALG_COMP]) {
struct rtattr *rta = tb[XFRMA_ALG_COMP];
- xfrm_algo_print(RTA_DATA(rta),
- XFRMA_ALG_COMP, RTA_PAYLOAD(rta), fp, prefix);
+ xfrm_algo_print(RTA_DATA(rta), XFRMA_ALG_COMP, RTA_PAYLOAD(rta),
+ fp, prefix, nokeys);
}
if (tb[XFRMA_ENCAP]) {
void xfrm_state_info_print(struct xfrm_usersa_info *xsinfo,
struct rtattr *tb[], FILE *fp, const char *prefix,
- const char *title)
+ const char *title, bool nokeys)
{
char buf[STRBUF_SIZE] = {};
int force_spi = xfrm_xfrmproto_is_ipsec(xsinfo->id.proto);
fprintf(fp, " (0x%s)", strxf_mask8(xsinfo->flags));
fprintf(fp, "%s", _SL_);
- xfrm_xfrma_print(tb, xsinfo->family, fp, buf);
+ xfrm_xfrma_print(tb, xsinfo->family, fp, buf, nokeys);
if (!xfrm_selector_iszero(&xsinfo->sel)) {
char sbuf[STRBUF_SIZE];
if (show_stats > 0)
xfrm_lifetime_print(&xpinfo->lft, &xpinfo->curlft, fp, buf);
- xfrm_xfrma_print(tb, xpinfo->sel.family, fp, buf);
+ xfrm_xfrma_print(tb, xpinfo->sel.family, fp, buf, false);
}
int xfrm_id_parse(xfrm_address_t *saddr, struct xfrm_id *id, __u16 *family,