]> git.saurik.com Git - apple/ipsec.git/blame - ipsec-tools/Common/key_debug.c
projects / apple / ipsec.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ipsec-317.220.1.tar.gz
[apple/ipsec.git] / ipsec-tools / Common / key_debug.c
CommitLineData
52b7d2ce
A		 1/* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */
2
3/*
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32#ifdef HAVE_CONFIG_H
33#include "config.h"
34#endif
35
36#ifdef _KERNEL
37#if defined(__FreeBSD__) && __FreeBSD__ >= 3
38#include "opt_inet.h"
39#include "opt_inet6.h"
40#include "opt_ipsec.h"
41#endif
42#ifdef __NetBSD__
43#include "opt_inet.h"
44#endif
45#endif
46
47#include <sys/types.h>
48#include <sys/param.h>
49#ifdef _KERNEL
50#include <sys/systm.h>
51#include <sys/mbuf.h>
52#include <sys/queue.h>
53#endif
54#include <sys/socket.h>
55
56#include <netinet/in.h>
57#ifdef HAVE_NETINET6_IPSEC
58# include <netinet6/ipsec.h>
59#else
60# include <netinet/ipsec.h>
61#endif
62
63#ifndef _KERNEL
64#include <ctype.h>
65#include <stdio.h>
66#include <stdlib.h>
67#endif /* !_KERNEL */
68
69#include "config.h"
85f41bec 70#include "var.h"
52b7d2ce
A		 71#include "libpfkey.h"
72
65c25746
A		 73static void kdebug_sadb_prop (struct sadb_ext *);
74static void kdebug_sadb_identity (struct sadb_ext *);
75static void kdebug_sadb_supported (struct sadb_ext *);
76static void kdebug_sadb_lifetime (struct sadb_ext *);
77static void kdebug_sadb_sa (struct sadb_ext *);
78static void kdebug_sadb_address (struct sadb_ext *);
79static void kdebug_sadb_key (struct sadb_ext *);
80static void kdebug_sadb_x_sa2 (struct sadb_ext *);
81static void kdebug_sadb_session_id (struct sadb_ext *);
82static void kdebug_sadb_sastat (struct sadb_ext *);
83static void kdebug_sadb_x_policy (struct sadb_ext *ext);
84static void kdebug_sockaddr (struct sockaddr_storage *addr);
d9c572c0 85static void kdebug_sadb_x_ipsecif (struct sadb_ext *ext);
52b7d2ce 86#ifdef SADB_X_EXT_NAT_T_TYPE
65c25746
A		 87static void kdebug_sadb_x_nat_t_type (struct sadb_ext *ext);
88static void kdebug_sadb_x_nat_t_port (struct sadb_ext *ext);
52b7d2ce
A		 89#endif
90
91#ifdef _KERNEL
65c25746 92static void kdebug_secreplay (struct secreplay *);
52b7d2ce
A		 93#endif
94
95#ifndef _KERNEL
96#define panic(param) { printf(param); exit(1); }
97#endif
98
99#include "libpfkey.h"
100/* NOTE: host byte order */
101
102/* %%%: about struct sadb_msg */
103void
104kdebug_sadb(base)
105 struct sadb_msg *base;
106{
107 struct sadb_ext *ext;
108 int tlen, extlen;
109
110 /* sanity check */
111 if (base == NULL)
112 panic("kdebug_sadb: NULL pointer was passed.\n");
113
114 printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n",
115 base->sadb_msg_version, base->sadb_msg_type,
116 base->sadb_msg_errno, base->sadb_msg_satype);
117 printf(" len=%u reserved=%u seq=%u pid=%u\n",
118 base->sadb_msg_len, base->sadb_msg_reserved,
119 base->sadb_msg_seq, base->sadb_msg_pid);
120
121 tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg);
122 ext = (void *)((caddr_t)(void *)base + sizeof(struct sadb_msg));
123
124 while (tlen > 0) {
125 printf("sadb_ext{ len=%u type=%u }\n",
126 ext->sadb_ext_len, ext->sadb_ext_type);
127
128 if (ext->sadb_ext_len == 0) {
129 printf("kdebug_sadb: invalid ext_len=0 was passed.\n");
130 return;
131 }
132 if (ext->sadb_ext_len > tlen) {
133 printf("kdebug_sadb: ext_len exceeds end of buffer.\n");
134 return;
135 }
136
137 switch (ext->sadb_ext_type) {
138 case SADB_EXT_SA:
139 kdebug_sadb_sa(ext);
140 break;
141 case SADB_EXT_LIFETIME_CURRENT:
142 case SADB_EXT_LIFETIME_HARD:
143 case SADB_EXT_LIFETIME_SOFT:
144 kdebug_sadb_lifetime(ext);
145 break;
146 case SADB_EXT_ADDRESS_SRC:
147 case SADB_EXT_ADDRESS_DST:
148 case SADB_EXT_ADDRESS_PROXY:
65c25746
A		 149 case SADB_X_EXT_ADDR_RANGE_SRC_START:
150 case SADB_X_EXT_ADDR_RANGE_SRC_END:
151 case SADB_X_EXT_ADDR_RANGE_DST_START:
152 case SADB_X_EXT_ADDR_RANGE_DST_END:
52b7d2ce
A		 153 kdebug_sadb_address(ext);
154 break;
155 case SADB_EXT_KEY_AUTH:
156 case SADB_EXT_KEY_ENCRYPT:
157 kdebug_sadb_key(ext);
158 break;
159 case SADB_EXT_IDENTITY_SRC:
160 case SADB_EXT_IDENTITY_DST:
161 kdebug_sadb_identity(ext);
162 break;
163 case SADB_EXT_SENSITIVITY:
164 break;
165 case SADB_EXT_PROPOSAL:
166 kdebug_sadb_prop(ext);
167 break;
168 case SADB_EXT_SUPPORTED_AUTH:
169 case SADB_EXT_SUPPORTED_ENCRYPT:
170 kdebug_sadb_supported(ext);
171 break;
172 case SADB_EXT_SPIRANGE:
173 case SADB_X_EXT_KMPRIVATE:
174 break;
175 case SADB_X_EXT_POLICY:
176 kdebug_sadb_x_policy(ext);
177 break;
178 case SADB_X_EXT_SA2:
179 kdebug_sadb_x_sa2(ext);
180 break;
d1e348cf
A		 181 case SADB_EXT_SESSION_ID:
182 kdebug_sadb_session_id(ext);
183 break;
184 case SADB_EXT_SASTAT:
185 kdebug_sadb_sastat(ext);
186 break;
65c25746 187 case SADB_X_EXT_IPSECIF:
d9c572c0 188 kdebug_sadb_x_ipsecif(ext);
65c25746 189 break;
52b7d2ce
A		 190#ifdef SADB_X_EXT_NAT_T_TYPE
191 case SADB_X_EXT_NAT_T_TYPE:
192 kdebug_sadb_x_nat_t_type(ext);
193 break;
194 case SADB_X_EXT_NAT_T_SPORT:
195 case SADB_X_EXT_NAT_T_DPORT:
196 kdebug_sadb_x_nat_t_port(ext);
197 break;
198 case SADB_X_EXT_NAT_T_OA:
199 kdebug_sadb_address(ext);
200 break;
201#endif
202 default:
203 printf("kdebug_sadb: invalid ext_type %u was passed.\n",
204 ext->sadb_ext_type);
205 return;
206 }
207
208 extlen = PFKEY_UNUNIT64(ext->sadb_ext_len);
209 tlen -= extlen;
210 ext = (void *)((caddr_t)(void *)ext + extlen);
211 }
212
213 return;
214}
215
216static void
217kdebug_sadb_prop(ext)
218 struct sadb_ext *ext;
219{
220 struct sadb_prop *prop = (void *)ext;
221 struct sadb_comb *comb;
222 int len;
223
224 /* sanity check */
225 if (ext == NULL)
226 panic("kdebug_sadb_prop: NULL pointer was passed.\n");
227
228 len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop))
229 / sizeof(*comb);
230 comb = (void *)(prop + 1);
231 printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay);
232
233 while (len--) {
234 printf("sadb_comb{ auth=%u encrypt=%u "
235 "flags=0x%04x reserved=0x%08x\n",
236 comb->sadb_comb_auth, comb->sadb_comb_encrypt,
237 comb->sadb_comb_flags, comb->sadb_comb_reserved);
238
239 printf(" auth_minbits=%u auth_maxbits=%u "
240 "encrypt_minbits=%u encrypt_maxbits=%u\n",
241 comb->sadb_comb_auth_minbits,
242 comb->sadb_comb_auth_maxbits,
243 comb->sadb_comb_encrypt_minbits,
244 comb->sadb_comb_encrypt_maxbits);
245
246 printf(" soft_alloc=%u hard_alloc=%u "
247 "soft_bytes=%lu hard_bytes=%lu\n",
248 comb->sadb_comb_soft_allocations,
249 comb->sadb_comb_hard_allocations,
250 (unsigned long)comb->sadb_comb_soft_bytes,
251 (unsigned long)comb->sadb_comb_hard_bytes);
252
253 printf(" soft_alloc=%lu hard_alloc=%lu "
254 "soft_bytes=%lu hard_bytes=%lu }\n",
255 (unsigned long)comb->sadb_comb_soft_addtime,
256 (unsigned long)comb->sadb_comb_hard_addtime,
257 (unsigned long)comb->sadb_comb_soft_usetime,
258 (unsigned long)comb->sadb_comb_hard_usetime);
259 comb++;
260 }
261 printf("}\n");
262
263 return;
264}
265
266static void
267kdebug_sadb_identity(ext)
268 struct sadb_ext *ext;
269{
270 struct sadb_ident *id = (void *)ext;
271 int len;
272
273 /* sanity check */
274 if (ext == NULL)
275 panic("kdebug_sadb_identity: NULL pointer was passed.\n");
276
277 len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id);
278 printf("sadb_ident_%s{",
279 id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst");
280 switch (id->sadb_ident_type) {
281 default:
282 printf(" type=%d id=%lu",
283 id->sadb_ident_type, (u_long)id->sadb_ident_id);
284 if (len) {
285#ifdef _KERNEL
286 ipsec_hexdump((caddr_t)(id + 1), len); /*XXX cast ?*/
287#else
288 char *p, *ep;
289 printf("\n str=\"");
290 p = (void *)(id + 1);
291 ep = p + len;
292 for (/*nothing*/; *p && p < ep; p++) {
293 if (isprint((int)*p))
294 printf("%c", *p & 0xff);
295 else
296 printf("\\%03o", *p & 0xff);
297 }
298#endif
299 printf("\"");
300 }
301 break;
302 }
303
304 printf(" }\n");
305
306 return;
307}
308
309static void
310kdebug_sadb_supported(ext)
311 struct sadb_ext *ext;
312{
313 struct sadb_supported *sup = (void *)ext;
314 struct sadb_alg *alg;
315 int len;
316
317 /* sanity check */
318 if (ext == NULL)
319 panic("kdebug_sadb_supported: NULL pointer was passed.\n");
320
321 len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup))
322 / sizeof(*alg);
323 alg = (void *)(sup + 1);
324 printf("sadb_sup{\n");
325 while (len--) {
326 printf(" { id=%d ivlen=%d min=%d max=%d }\n",
327 alg->sadb_alg_id, alg->sadb_alg_ivlen,
328 alg->sadb_alg_minbits, alg->sadb_alg_maxbits);
329 alg++;
330 }
331 printf("}\n");
332
333 return;
334}
335
336static void
337kdebug_sadb_lifetime(ext)
338 struct sadb_ext *ext;
339{
340 struct sadb_lifetime *lft = (void *)ext;
341
342 /* sanity check */
343 if (ext == NULL)
344 printf("kdebug_sadb_lifetime: NULL pointer was passed.\n");
345
346 printf("sadb_lifetime{ alloc=%u, bytes=%u\n",
347 lft->sadb_lifetime_allocations,
348 (u_int32_t)lft->sadb_lifetime_bytes);
349 printf(" addtime=%u, usetime=%u }\n",
350 (u_int32_t)lft->sadb_lifetime_addtime,
351 (u_int32_t)lft->sadb_lifetime_usetime);
352
353 return;
354}
355
356static void
357kdebug_sadb_sa(ext)
358 struct sadb_ext *ext;
359{
360 struct sadb_sa *sa = (void *)ext;
361
362 /* sanity check */
363 if (ext == NULL)
364 panic("kdebug_sadb_sa: NULL pointer was passed.\n");
365
366 printf("sadb_sa{ spi=%u replay=%u state=%u\n",
367 (u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay,
368 sa->sadb_sa_state);
369 printf(" auth=%u encrypt=%u flags=0x%08x }\n",
370 sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags);
371
372 return;
373}
374
375static void
376kdebug_sadb_address(ext)
377 struct sadb_ext *ext;
378{
379 struct sadb_address *addr = (void *)ext;
380
381 /* sanity check */
382 if (ext == NULL)
383 panic("kdebug_sadb_address: NULL pointer was passed.\n");
384
385 printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n",
386 addr->sadb_address_proto, addr->sadb_address_prefixlen,
387 ((u_char *)(void *)&addr->sadb_address_reserved)[0],
388 ((u_char *)(void *)&addr->sadb_address_reserved)[1]);
389
390 kdebug_sockaddr((void *)((caddr_t)(void *)ext + sizeof(*addr)));
391
392 return;
393}
394
395static void
396kdebug_sadb_key(ext)
397 struct sadb_ext *ext;
398{
399 struct sadb_key *key = (void *)ext;
400
401 /* sanity check */
402 if (ext == NULL)
403 panic("kdebug_sadb_key: NULL pointer was passed.\n");
404
405 printf("sadb_key{ bits=%u reserved=%u\n",
406 key->sadb_key_bits, key->sadb_key_reserved);
407 printf(" key=");
408
409 /* sanity check 2 */
410 if (((uint32_t)key->sadb_key_bits >> 3) >
411 (PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) {
412 printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n",
413 (uint32_t)key->sadb_key_bits >> 3,
414 (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key));
415 }
416
417 ipsec_hexdump(key + sizeof(struct sadb_key),
418 (int)((uint32_t)key->sadb_key_bits >> 3));
419 printf(" }\n");
420 return;
421}
422
423static void
424kdebug_sadb_x_sa2(ext)
425 struct sadb_ext *ext;
426{
427 struct sadb_x_sa2 *sa2 = (void *)ext;
428
429 /* sanity check */
430 if (ext == NULL)
431 panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n");
432
433 printf("sadb_x_sa2{ mode=%u reqid=%u\n",
434 sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid);
435 printf(" reserved1=%u reserved2=%u sequence=%u }\n",
436 sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2,
437 sa2->sadb_x_sa2_sequence);
438
439 return;
440}
441
d1e348cf
A		 442static void
443kdebug_sadb_session_id(ext)
444struct sadb_ext *ext;
445{
85f41bec 446 struct sadb_session_id *p = ALIGNED_CAST(__typeof__(p))ext; // Wcast-align fix (void*) - sadb structs come from and aligned buffer
d1e348cf
A		 447
448 /* sanity check */
449 if (ext == NULL) {
450 printf("kdebug_sadb_session_id: NULL pointer was passed.\n");
451 return;
452 }
453
454 printf("sadb_session_id{ id0=%llx, id1=%llx}\n",
455 p->sadb_session_id_v[0],
456 p->sadb_session_id_v[1]);
457}
458
d9c572c0
A		 459static void
460kdebug_sadb_x_ipsecif(struct sadb_ext *ext)
461{
462 struct sadb_x_ipsecif *p = ALIGNED_CAST(__typeof__(p))ext;
463
464 if (ext == NULL) {
465 printf("sadb_x_ipsecif: NULL pointer was passed.\n");
466 return;
467 }
468
469 printf("sadb_x_ipsec_if{ ipsecif=%s outgoing=%s\n", p->sadb_x_ipsecif_ipsec_if, p->sadb_x_ipsecif_outgoing_if);
470 printf(" internal=%s disabled=%d }\n", p->sadb_x_ipsecif_internal_if, p->sadb_x_ipsecif_init_disabled);
471}
472
d1e348cf
A		 473static void
474kdebug_sadb_sastat(ext)
475struct sadb_ext *ext;
476{
85f41bec 477 struct sadb_sastat *p = ALIGNED_CAST(__typeof__(p))ext; // Wcast-align fix (void*) - sadb structs come from and aligned buffer
d1e348cf
A		 478 struct sastat *stats;
479 int i;
480
481 /* sanity check */
482 if (ext == NULL) {
483 printf("kdebug_sadb_sastat: NULL pointer was passed.\n");
484 return;
485 }
486
487 printf("sadb_sastat{ dir=%u num=%u\n",
488 p->sadb_sastat_dir, p->sadb_sastat_list_len);
489 stats = (__typeof__(stats))(p + 1);
490 for (i = 0; i < p->sadb_sastat_list_len; i++) {
491 printf(" spi=%x,\n",
492 stats[i].spi);
493 }
494 printf("}\n");
495}
496
52b7d2ce
A		 497void
498kdebug_sadb_x_policy(ext)
499 struct sadb_ext *ext;
500{
501 struct sadb_x_policy *xpl = (void *)ext;
85f41bec 502 struct sockaddr_storage *addr;
52b7d2ce
A		 503
504 /* sanity check */
505 if (ext == NULL)
506 panic("kdebug_sadb_x_policy: NULL pointer was passed.\n");
507
508#ifdef HAVE_PFKEY_POLICY_PRIORITY
509 printf("sadb_x_policy{ type=%u dir=%u id=%x priority=%u }\n",
510#else
511 printf("sadb_x_policy{ type=%u dir=%u id=%x }\n",
512#endif
513 xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir,
514#ifdef HAVE_PFKEY_POLICY_PRIORITY
515 xpl->sadb_x_policy_id, xpl->sadb_x_policy_priority);
516#else
517 xpl->sadb_x_policy_id);
518#endif
519
520 if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) {
521 int tlen;
522 struct sadb_x_ipsecrequest *xisr;
523
524 tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl);
525 xisr = (void *)(xpl + 1);
526
527 while (tlen > 0) {
528 printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n",
529 xisr->sadb_x_ipsecrequest_len,
530 xisr->sadb_x_ipsecrequest_proto,
531 xisr->sadb_x_ipsecrequest_mode,
532 xisr->sadb_x_ipsecrequest_level,
533 xisr->sadb_x_ipsecrequest_reqid);
534
535 if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
536 addr = (void *)(xisr + 1);
537 kdebug_sockaddr(addr);
538 addr = (void *)((caddr_t)(void *)addr
85f41bec 539 + sysdep_sa_len((struct sockaddr *)addr));
52b7d2ce
A		 540 kdebug_sockaddr(addr);
541 }
542
543 printf(" }\n");
544
545 /* prevent infinite loop */
546 if (xisr->sadb_x_ipsecrequest_len == 0) {
547 printf("kdebug_sadb_x_policy: wrong policy struct.\n");
548 return;
549 }
550 /* prevent overflow */
551 if (xisr->sadb_x_ipsecrequest_len > tlen) {
552 printf("invalid ipsec policy length\n");
553 return;
554 }
555
556 tlen -= xisr->sadb_x_ipsecrequest_len;
557
558 xisr = (void *)((caddr_t)(void *)xisr
559 + xisr->sadb_x_ipsecrequest_len);
560 }
561
562 if (tlen != 0)
563 panic("kdebug_sadb_x_policy: wrong policy struct.\n");
564 }
565
566 return;
567}
568
569#ifdef SADB_X_EXT_NAT_T_TYPE
570static void
571kdebug_sadb_x_nat_t_type(struct sadb_ext *ext)
572{
573 struct sadb_x_nat_t_type *ntt = (void *)ext;
574
575 /* sanity check */
576 if (ext == NULL)
577 panic("kdebug_sadb_x_nat_t_type: NULL pointer was passed.\n");
578
579 printf("sadb_x_nat_t_type{ type=%u }\n", ntt->sadb_x_nat_t_type_type);
580
581 return;
582}
583
584static void
585kdebug_sadb_x_nat_t_port(struct sadb_ext *ext)
586{
587 struct sadb_x_nat_t_port *ntp = (void *)ext;
588
589 /* sanity check */
590 if (ext == NULL)
591 panic("kdebug_sadb_x_nat_t_port: NULL pointer was passed.\n");
592
593 printf("sadb_x_nat_t_port{ port=%u }\n", ntohs(ntp->sadb_x_nat_t_port_port));
594
595 return;
596}
597#endif
598
599#ifdef _KERNEL
600/* %%%: about SPD and SAD */
601void
602kdebug_secpolicy(sp)
603 struct secpolicy *sp;
604{
605 /* sanity check */
606 if (sp == NULL)
607 panic("kdebug_secpolicy: NULL pointer was passed.\n");
608
609 printf("secpolicy{ refcnt=%u state=%u policy=%u\n",
610 sp->refcnt, sp->state, sp->policy);
611
612 kdebug_secpolicyindex(&sp->spidx);
613
614 switch (sp->policy) {
615 case IPSEC_POLICY_DISCARD:
616 printf(" type=discard }\n");
617 break;
618 case IPSEC_POLICY_GENERATE:
619 printf(" type=generate }\n");
620 break;
621 case IPSEC_POLICY_NONE:
622 printf(" type=none }\n");
623 break;
624 case IPSEC_POLICY_IPSEC:
625 {
626 struct ipsecrequest *isr;
627 for (isr = sp->req; isr != NULL; isr = isr->next) {
628
629 printf(" level=%u\n", isr->level);
630 kdebug_secasindex(&isr->saidx);
631
632 if (isr->sav != NULL)
633 kdebug_secasv(isr->sav);
634 }
635 printf(" }\n");
636 }
637 break;
638 case IPSEC_POLICY_BYPASS:
639 printf(" type=bypass }\n");
640 break;
641 case IPSEC_POLICY_ENTRUST:
642 printf(" type=entrust }\n");
643 break;
644 default:
645 printf("kdebug_secpolicy: Invalid policy found. %d\n",
646 sp->policy);
647 break;
648 }
649
650 return;
651}
652
653void
654kdebug_secpolicyindex(spidx)
655 struct secpolicyindex *spidx;
656{
657 /* sanity check */
658 if (spidx == NULL)
659 panic("kdebug_secpolicyindex: NULL pointer was passed.\n");
660
661 printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n",
662 spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto);
663
664 ipsec_hexdump((caddr_t)&spidx->src,
665 sysdep_sa_len((struct sockaddr *)&spidx->src));
666 printf("\n");
667 ipsec_hexdump((caddr_t)&spidx->dst,
668 sysdep_sa_len((struct sockaddr *)&spidx->dst));
669 printf("}\n");
670
671 return;
672}
673
674void
675kdebug_secasindex(saidx)
676 struct secasindex *saidx;
677{
678 /* sanity check */
679 if (saidx == NULL)
680 panic("kdebug_secpolicyindex: NULL pointer was passed.\n");
681
682 printf("secasindex{ mode=%u proto=%u\n",
683 saidx->mode, saidx->proto);
684
685 ipsec_hexdump((caddr_t)&saidx->src,
686 sysdep_sa_len((struct sockaddr *)&saidx->src));
687 printf("\n");
688 ipsec_hexdump((caddr_t)&saidx->dst,
689 sysdep_sa_len((struct sockaddr *)&saidx->dst));
690 printf("\n");
691
692 return;
693}
694
695void
696kdebug_secasv(sav)
697 struct secasvar *sav;
698{
699 /* sanity check */
700 if (sav == NULL)
701 panic("kdebug_secasv: NULL pointer was passed.\n");
702
703 printf("secas{");
704 kdebug_secasindex(&sav->sah->saidx);
705
706 printf(" refcnt=%u state=%u auth=%u enc=%u\n",
707 sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc);
708 printf(" spi=%u flags=%u\n",
709 (u_int32_t)ntohl(sav->spi), sav->flags);
710
711 if (sav->key_auth != NULL)
712 kdebug_sadb_key((struct sadb_ext *)sav->key_auth);
713 if (sav->key_enc != NULL)
714 kdebug_sadb_key((struct sadb_ext *)sav->key_enc);
715 if (sav->iv != NULL) {
716 printf(" iv=");
717 ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8);
718 printf("\n");
719 }
720
721 if (sav->replay != NULL)
722 kdebug_secreplay(sav->replay);
723 if (sav->lft_c != NULL)
724 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c);
725 if (sav->lft_h != NULL)
726 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h);
727 if (sav->lft_s != NULL)
728 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s);
729
730#if notyet
731 /* XXX: misc[123] ? */
732#endif
733
734 return;
735}
736
737static void
738kdebug_secreplay(rpl)
739 struct secreplay *rpl;
740{
741 int len, l;
742
743 /* sanity check */
744 if (rpl == NULL)
745 panic("kdebug_secreplay: NULL pointer was passed.\n");
746
747 printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u",
748 rpl->count, rpl->wsize, rpl->seq, rpl->lastseq);
749
750 if (rpl->bitmap == NULL) {
751 printf(" }\n");
752 return;
753 }
754
755 printf("\n bitmap { ");
756
757 for (len = 0; len < rpl->wsize; len++) {
758 for (l = 7; l >= 0; l--)
759 printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0);
760 }
761 printf(" }\n");
762
763 return;
764}
765
766void
767kdebug_mbufhdr(m)
768 struct mbuf *m;
769{
770 /* sanity check */
771 if (m == NULL)
772 return;
773
774 printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p "
775 "m_len:%d m_type:0x%02x m_flags:0x%02x }\n",
776 m, m->m_next, m->m_nextpkt, m->m_data,
777 m->m_len, m->m_type, m->m_flags);
778
779 if (m->m_flags & M_PKTHDR) {
780 printf(" m_pkthdr{ len:%d rcvif:%p }\n",
781 m->m_pkthdr.len, m->m_pkthdr.rcvif);
782 }
783
784#ifdef __FreeBSD__
785 if (m->m_flags & M_EXT) {
786 printf(" m_ext{ ext_buf:%p ext_free:%p "
787 "ext_size:%u ext_ref:%p }\n",
788 m->m_ext.ext_buf, m->m_ext.ext_free,
789 m->m_ext.ext_size, m->m_ext.ext_ref);
790 }
791#endif
792
793 return;
794}
795
796void
797kdebug_mbuf(m0)
798 struct mbuf *m0;
799{
800 struct mbuf *m = m0;
801 int i, j;
802
803 for (j = 0; m; m = m->m_next) {
804 kdebug_mbufhdr(m);
805 printf(" m_data:\n");
806 for (i = 0; i < m->m_len; i++) {
807 if (i && i % 32 == 0)
808 printf("\n");
809 if (i % 4 == 0)
810 printf(" ");
811 printf("%02x", mtod(m, u_char *)[i]);
812 j++;
813 }
814 printf("\n");
815 }
816
817 return;
818}
819#endif /* _KERNEL */
820
821static void
822kdebug_sockaddr(addr)
85f41bec 823 struct sockaddr_storage *addr;
52b7d2ce
A		 824{
825 struct sockaddr_in *sin4;
826#ifdef INET6
827 struct sockaddr_in6 *sin6;
828#endif
829
830 /* sanity check */
831 if (addr == NULL)
832 panic("kdebug_sockaddr: NULL pointer was passed.\n");
833
834 /* NOTE: We deal with port number as host byte order. */
85f41bec 835 printf("sockaddr_storage{ len=%u family=%u", sysdep_sa_len((struct sockaddr *)addr), addr->ss_family);
52b7d2ce 836
85f41bec 837 switch (addr->ss_family) {
52b7d2ce
A		 838 case AF_INET:
839 sin4 = (void *)addr;
840 printf(" port=%u\n", ntohs(sin4->sin_port));
841 ipsec_hexdump(&sin4->sin_addr, sizeof(sin4->sin_addr));
842 break;
843#ifdef INET6
844 case AF_INET6:
845 sin6 = (void *)addr;
846 printf(" port=%u\n", ntohs(sin6->sin6_port));
847 printf(" flowinfo=0x%08x, scope_id=0x%08x\n",
848 sin6->sin6_flowinfo, sin6->sin6_scope_id);
849 ipsec_hexdump(&sin6->sin6_addr, sizeof(sin6->sin6_addr));
850 break;
851#endif
852 }
853
854 printf(" }\n");
855
856 return;
857}
858
859void
860ipsec_bindump(buf, len)
861 caddr_t buf;
862 int len;
863{
864 int i;
865
866 for (i = 0; i < len; i++)
867 printf("%c", (unsigned char)buf[i]);
868
869 return;
870}
871
872
873void
874ipsec_hexdump(buf, len)
875 const void *buf;
876 int len;
877{
878 int i;
879
880 for (i = 0; i < len; i++) {
881 if (i != 0 && i % 32 == 0) printf("\n");
882 if (i % 4 == 0) printf(" ");
883 printf("%02x", ((const unsigned char *)buf)[i]);
884 }
885#if 0
886 if (i % 32 != 0) printf("\n");
887#endif
888
889 return;
890}
mirror of ipsec