X-Git-Url: https://git.saurik.com/apple/ipsec.git/blobdiff_plain/52b7d2ce06d68d0a9160d16f6e7c08c21c149d0d..c8d8bee0bee0298e25cb827876f57e58cc0a938c:/ipsec-tools/setkey/setkey.c diff --git a/ipsec-tools/setkey/setkey.c b/ipsec-tools/setkey/setkey.c index 1c9445f..972416d 100644 --- a/ipsec-tools/setkey/setkey.c +++ b/ipsec-tools/setkey/setkey.c @@ -41,11 +41,7 @@ #include #include #include -#ifdef __APPLE__ -#include -#else #include -#endif #ifdef HAVE_NETINET6_IPSEC # include #else @@ -70,27 +66,29 @@ #endif #include "config.h" +#include "var.h" #include "libpfkey.h" //#include "package_version.h" #define extern /* so that variables in extern.h are not extern... */ #include "extern.h" - -#define strlcpy(d,s,l) (strncpy(d,s,l), (d)[(l)-1] = '\0') - -void usage __P((/*int*/)); -int main __P((int, char **)); -int get_supported __P((void)); -void sendkeyshort __P((u_int)); -void promisc __P((void)); -int postproc __P((struct sadb_msg *, int)); -int verifypriority __P((struct sadb_msg *m)); -int fileproc __P((const char *)); -const char *numstr __P((int)); -void shortdump_hdr __P((void)); -void shortdump __P((struct sadb_msg *)); -static void printdate __P((void)); -static int32_t gmt2local __P((time_t)); -void stdin_loop __P((void)); +#include "ipsecPolicyTracer.h" +#include "ipsecMessageTracer.h" + + +void usage (/*int*/); +int main (int, char **); +int get_supported (void); +void sendkeyshort (u_int); +void promisc (void); +int postproc (struct sadb_msg *, int); +int verifypriority (struct sadb_msg *m); +int fileproc (const char *); +const char *numstr (int); +void shortdump_hdr (void); +void shortdump (struct sadb_msg *); +static void printdate (void); +static int32_t gmt2local (time_t); +void stdin_loop (void); #define MODE_SCRIPT 1 #define MODE_CMDDUMP 2 @@ -154,7 +152,7 @@ main(argc, argv) int c; if (argc == 1) { - usage(0); + usage(); /* NOTREACHED */ } @@ -172,6 +170,10 @@ main(argc, argv) case 'f': f_mode = MODE_SCRIPT; if ((fp = fopen(optarg, "r")) == NULL) { + IPSECPOLICYTRACEREVENT(optarg, + IPSECPOLICYEVENTCODE_SETKEY_ERROR, + CONSTSTR("could not open policy file"), + CONSTSTR("setkey -f : fopen erred")); err(1, "fopen"); /*NOTREACHED*/ } @@ -225,7 +227,7 @@ main(argc, argv) #endif break; case 'V': - usage(1); + usage(); break; /*NOTREACHED*/ #ifndef __NetBSD__ @@ -233,7 +235,7 @@ main(argc, argv) #endif case '?': default: - usage(0); + usage(); /*NOTREACHED*/ } } @@ -244,6 +246,10 @@ main(argc, argv) if (argc > 0) { while (argc--) if (fileproc(*argv++) < 0) { + IPSECPOLICYTRACEREVENT(argv[-1], + IPSECPOLICYEVENTCODE_SETKEY_ERROR, + CONSTSTR("could not parse policy file"), + CONSTSTR("setkey: fileproc erred")); err(1, "%s", argv[-1]); /*NOTREACHED*/ } @@ -252,6 +258,10 @@ main(argc, argv) so = pfkey_open(); if (so < 0) { + IPSECPOLICYTRACEREVENT(argv[-1], + IPSECPOLICYEVENTCODE_SETKEY_ERROR, + CONSTSTR("couldn't open pfkey socket"), + CONSTSTR("setkey: pfkey_open erred")); perror("pfkey_open"); exit(1); } @@ -273,6 +283,10 @@ main(argc, argv) break; case MODE_STDIN: if (get_supported() < 0) { + IPSECPOLICYTRACEREVENT("STDIN", + IPSECPOLICYEVENTCODE_SETKEY_ERROR, + CONSTSTR(ipsec_strerror()), + CONSTSTR("setkey: get_supported erred")); errx(1, "%s", ipsec_strerror()); /*NOTREACHED*/ } @@ -282,7 +296,7 @@ main(argc, argv) promisc(); /*NOTREACHED*/ default: - usage(0); + usage(); /*NOTREACHED*/ } @@ -320,8 +334,7 @@ stdin_loop() #else char rbuf[1024]; rbuf[0] = '\0'; - fgets (rbuf, sizeof(rbuf), stdin); - if (!rbuf[0]) + if (fgets(rbuf, sizeof(rbuf), stdin) == NULL) break; if (rbuf[strlen(rbuf)-1] == '\n') rbuf[strlen(rbuf)-1] = '\0'; @@ -389,7 +402,10 @@ void promisc() { struct sadb_msg msg; - u_char rbuf[1024 * 32]; /* XXX: Enough ? Should I do MSG_PEEK ? */ + union { // Wcast-align fix - force alignment + u_int64_t force_align; + u_char rbuf[1024 * 32]; /* XXX: Enough ? Should I do MSG_PEEK ? */ + } u_buf; ssize_t l; msg.sadb_msg_version = PF_KEY_V2; @@ -409,7 +425,7 @@ promisc() while (1) { struct sadb_msg *base; - if ((l = recv(so, rbuf, sizeof(*base), MSG_PEEK)) < 0) { + if ((l = recv(so, u_buf.rbuf, sizeof(*base), MSG_PEEK)) < 0) { err(1, "recv"); /*NOTREACHED*/ } @@ -417,8 +433,8 @@ promisc() if (l != sizeof(*base)) continue; - base = (struct sadb_msg *)rbuf; - if ((l = recv(so, rbuf, PFKEY_UNUNIT64(base->sadb_msg_len), + base = (struct sadb_msg *)&u_buf; + if ((l = recv(so, u_buf.rbuf, PFKEY_UNUNIT64(base->sadb_msg_len), 0)) < 0) { err(1, "recv"); /*NOTREACHED*/ @@ -429,7 +445,7 @@ promisc() for (i = 0; i < l; i++) { if (i % 16 == 0) printf("%08x: ", i); - printf("%02x ", rbuf[i] & 0xff); + printf("%02x ", u_buf.rbuf[i] & 0xff); if (i % 16 == 15) printf("\n"); } @@ -456,7 +472,10 @@ sendkeymsg(buf, len) char *buf; size_t len; { - u_char rbuf[1024 * 32]; /* XXX: Enough ? Should I do MSG_PEEK ? */ + union { // Wcast-align fix - force alignment + u_int64_t force_align; + u_char rbuf[1024 * 32]; /* XXX: Enough ? Should I do MSG_PEEK ? */ + } u_buf; ssize_t l; struct sadb_msg *msg; @@ -478,7 +497,7 @@ sendkeymsg(buf, len) shortdump_hdr(); again: if (f_verbose) { - kdebug_sadb((struct sadb_msg *)buf); + kdebug_sadb(ALIGNED_CAST(struct sadb_msg *)buf); // Wcast-align fix - aligned message buffer printf("\n"); } if (f_hexdump) { @@ -499,9 +518,9 @@ again: goto end; } - msg = (struct sadb_msg *)rbuf; + msg = (struct sadb_msg *)&u_buf; do { - if ((l = recv(so, rbuf, sizeof(rbuf), 0)) < 0) { + if ((l = recv(so, u_buf.rbuf, sizeof(u_buf.rbuf), 0)) < 0) { perror("recv"); goto end; } @@ -512,7 +531,7 @@ again: } if (f_verbose) { - kdebug_sadb((struct sadb_msg *)rbuf); + kdebug_sadb((struct sadb_msg *)&u_buf); printf("\n"); } if (postproc(msg, l) < 0) @@ -585,7 +604,7 @@ postproc(msg, len) struct sadb_sa *sa; pfkey_align(msg, mhp); pfkey_check(mhp); - if ((sa = (struct sadb_sa *)mhp[SADB_EXT_SA]) != NULL) { + if ((sa = ALIGNED_CAST(struct sadb_sa *)mhp[SADB_EXT_SA]) != NULL) { // Wcast-align (void*) - buffer of pointers to aligned structs in malloc'd buffer if (sa->sadb_sa_state == SADB_SASTATE_DEAD) break; } @@ -599,8 +618,8 @@ postproc(msg, len) else pfkey_sadump(msg); } - msg = (struct sadb_msg *)((caddr_t)msg + - PFKEY_UNUNIT64(msg->sadb_msg_len)); + msg = ALIGNED_CAST(struct sadb_msg *)((caddr_t)msg + + PFKEY_UNUNIT64(msg->sadb_msg_len)); // Wcast-align fix (void*) - aligned msg buffer passed into function if (f_verbose) { kdebug_sadb((struct sadb_msg *)msg); printf("\n"); @@ -620,7 +639,7 @@ postproc(msg, len) else pfkey_spdump(msg); if (msg->sadb_msg_seq == 0) break; - msg = (struct sadb_msg *)((caddr_t)msg + + msg = ALIGNED_CAST(struct sadb_msg *)((caddr_t)msg + // Wcast-align fix (void*) - aligned msg buffer passed into function PFKEY_UNUNIT64(msg->sadb_msg_len)); if (f_verbose) { kdebug_sadb((struct sadb_msg *)msg); @@ -711,12 +730,12 @@ fileproc(filename) ep = rbuf + l; while (p < ep) { - msg = (struct sadb_msg *)p; + msg = ALIGNED_CAST(struct sadb_msg *)p; len = PFKEY_UNUNIT64(msg->sadb_msg_len); postproc(msg, len); p += len; } - + return (0); } @@ -783,15 +802,15 @@ shortdump(msg) printf(" %-3s", STR_OR_ID(msg->sadb_msg_satype, satype)); - if ((sa = (struct sadb_sa *)mhp[SADB_EXT_SA]) != NULL) { + if ((sa = ALIGNED_CAST(struct sadb_sa *)mhp[SADB_EXT_SA]) != NULL) { printf(" %-1s", STR_OR_ID(sa->sadb_sa_state, sastate)); printf(" %08x", (u_int32_t)ntohl(sa->sadb_sa_spi)); } else printf("%-1s %-8s", "?", "?"); - lts = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_SOFT]; - lth = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD]; - ltc = (struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_CURRENT]; + lts = ALIGNED_CAST(struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_SOFT]; + lth = ALIGNED_CAST(struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_HARD]; + ltc = ALIGNED_CAST(struct sadb_lifetime *)mhp[SADB_EXT_LIFETIME_CURRENT]; if (lts && lth && ltc) { if (ltc->sadb_lifetime_addtime == 0) t = (u_long)0; @@ -814,11 +833,11 @@ shortdump(msg) printf(" "); - if ((saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]) != NULL) { + if ((saddr = ALIGNED_CAST(struct sadb_address *)mhp[SADB_EXT_ADDRESS_SRC]) != NULL) { if (saddr->sadb_address_proto) printf("%s ", STR_OR_ID(saddr->sadb_address_proto, ipproto)); - s = (struct sockaddr *)(saddr + 1); - getnameinfo(s, sysdep_sa_len(s), buf, sizeof(buf), + s = (struct sockaddr *)(saddr + 1); + getnameinfo(s, sysdep_sa_len((struct sockaddr *)s), buf, sizeof(buf), pbuf, sizeof(pbuf), NI_NUMERICHOST|NI_NUMERICSERV); if (strcmp(pbuf, "0") != 0) printf("%s[%s]", buf, pbuf); @@ -829,7 +848,7 @@ shortdump(msg) printf(" -> "); - if ((saddr = (struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]) != NULL) { + if ((saddr = ALIGNED_CAST(struct sadb_address *)mhp[SADB_EXT_ADDRESS_DST]) != NULL) { if (saddr->sadb_address_proto) printf("%s ", STR_OR_ID(saddr->sadb_address_proto, ipproto));