]> git.saurik.com Git - apple/network_cmds.git/blob - racoon.tproj/strnames.c
projects / apple / network_cmds.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
network_cmds-245.19.tar.gz
[apple/network_cmds.git] / racoon.tproj / strnames.c
1 /* $KAME: strnames.c,v 1.23 2001/12/12 18:23:42 sakane Exp $ */
2
3 /*
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #include <sys/types.h>
33 #include <sys/param.h>
34 #include <sys/socket.h>
35
36 #include <netinet6/ipsec.h>
37 #include <netinet/in.h>
38
39 #include <stdio.h>
40
41 #include "var.h"
42 #include "misc.h"
43 #include "vmbuf.h"
44
45 #include "isakmp_var.h"
46 #include "isakmp.h"
47 #include "ipsec_doi.h"
48 #include "oakley.h"
49 #include "handler.h"
50 #include "pfkey.h"
51 #include "strnames.h"
52 #include "algorithm.h"
53
54 struct ksmap {
55 int key;
56 char *str;
57 char *(*f) __P((int));
58 };
59
60 static char *num2str __P((int n));
61
62 static char *
63 num2str(n)
64 int n;
65 {
66 static char buf[20];
67
68 snprintf(buf, sizeof(buf), "%d", n);
69
70 return buf;
71 }
72
73 /* isakmp.h */
74 char *
75 s_isakmp_state(t, d, s)
76 int t, d, s;
77 {
78 switch (t) {
79 case ISAKMP_ETYPE_AGG:
80 switch (d) {
81 case INITIATOR:
82 switch (s) {
83 case PHASE1ST_MSG1SENT:
84 return "agg I msg1";
85 case PHASE1ST_ESTABLISHED:
86 return "agg I msg2";
87 default:
88 break;
89 }
90 case RESPONDER:
91 switch (s) {
92 case PHASE1ST_MSG1SENT:
93 return "agg R msg1";
94 default:
95 break;
96 }
97 }
98 break;
99 case ISAKMP_ETYPE_BASE:
100 switch (d) {
101 case INITIATOR:
102 switch (s) {
103 case PHASE1ST_MSG1SENT:
104 return "base I msg1";
105 case PHASE1ST_MSG2SENT:
106 return "base I msg2";
107 default:
108 break;
109 }
110 case RESPONDER:
111 switch (s) {
112 case PHASE1ST_MSG1SENT:
113 return "base R msg1";
114 case PHASE1ST_ESTABLISHED:
115 return "base R msg2";
116 default:
117 break;
118 }
119 }
120 break;
121 case ISAKMP_ETYPE_IDENT:
122 switch (d) {
123 case INITIATOR:
124 switch (s) {
125 case PHASE1ST_MSG1SENT:
126 return "ident I msg1";
127 case PHASE1ST_MSG2SENT:
128 return "ident I msg2";
129 case PHASE1ST_MSG3SENT:
130 return "ident I msg3";
131 default:
132 break;
133 }
134 case RESPONDER:
135 switch (s) {
136 case PHASE1ST_MSG1SENT:
137 return "ident R msg1";
138 case PHASE1ST_MSG2SENT:
139 return "ident R msg2";
140 case PHASE1ST_ESTABLISHED:
141 return "ident R msg3";
142 default:
143 break;
144 }
145 }
146 break;
147 case ISAKMP_ETYPE_QUICK:
148 switch (d) {
149 case INITIATOR:
150 switch (s) {
151 case PHASE2ST_MSG1SENT:
152 return "quick I msg1";
153 case PHASE2ST_ADDSA:
154 return "quick I msg2";
155 default:
156 break;
157 }
158 case RESPONDER:
159 switch (s) {
160 case PHASE2ST_MSG1SENT:
161 return "quick R msg1";
162 case PHASE2ST_COMMIT:
163 return "quick R msg2";
164 default:
165 break;
166 }
167 }
168 break;
169 default:
170 case ISAKMP_ETYPE_NONE:
171 case ISAKMP_ETYPE_AUTH:
172 case ISAKMP_ETYPE_INFO:
173 case ISAKMP_ETYPE_NEWGRP:
174 case ISAKMP_ETYPE_ACKINFO:
175 break;
176 }
177 /*NOTREACHED*/
178
179 return "???";
180 }
181
182 static struct ksmap name_isakmp_certtype[] = {
183 { ISAKMP_CERT_NONE, "NONE", NULL },
184 { ISAKMP_CERT_PKCS7, "PKCS #7 wrapped X.509 certificate", NULL },
185 { ISAKMP_CERT_PGP, "PGP Certificate", NULL },
186 { ISAKMP_CERT_DNS, "DNS Signed Key", NULL },
187 { ISAKMP_CERT_X509SIGN, "X.509 Certificate Signature", NULL },
188 { ISAKMP_CERT_X509KE, "X.509 Certificate Key Exchange", NULL },
189 { ISAKMP_CERT_KERBEROS, "Kerberos Tokens", NULL },
190 { ISAKMP_CERT_CRL, "Certificate Revocation List (CRL)", NULL },
191 { ISAKMP_CERT_ARL, "Authority Revocation List (ARL)", NULL },
192 { ISAKMP_CERT_SPKI, "SPKI Certificate", NULL },
193 { ISAKMP_CERT_X509ATTR, "X.509 Certificate Attribute", NULL },
194 };
195
196 char *
197 s_isakmp_certtype(k)
198 int k;
199 {
200 int i;
201 for (i = 0; i < ARRAYLEN(name_isakmp_certtype); i++)
202 if (name_isakmp_certtype[i].key == k)
203 return name_isakmp_certtype[i].str;
204 return num2str(k);
205 }
206
207 static struct ksmap name_isakmp_etype[] = {
208 { ISAKMP_ETYPE_NONE, "None", NULL },
209 { ISAKMP_ETYPE_BASE, "Base", NULL },
210 { ISAKMP_ETYPE_IDENT, "Identity Protection", NULL },
211 { ISAKMP_ETYPE_AUTH, "Authentication Only", NULL },
212 { ISAKMP_ETYPE_AGG, "Aggressive", NULL },
213 { ISAKMP_ETYPE_INFO, "Informational", NULL },
214 { ISAKMP_ETYPE_QUICK, "Quick", NULL },
215 { ISAKMP_ETYPE_NEWGRP, "New Group", NULL },
216 { ISAKMP_ETYPE_ACKINFO, "Acknowledged Informational", NULL },
217 };
218
219 char *
220 s_isakmp_etype(k)
221 int k;
222 {
223 int i;
224 for (i = 0; i < ARRAYLEN(name_isakmp_etype); i++)
225 if (name_isakmp_etype[i].key == k)
226 return name_isakmp_etype[i].str;
227 return num2str(k);
228 }
229
230 static struct ksmap name_isakmp_notify_msg[] = {
231 { ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE, "INVALID-PAYLOAD-TYPE", NULL },
232 { ISAKMP_NTYPE_DOI_NOT_SUPPORTED, "DOI-NOT-SUPPORTED", NULL },
233 { ISAKMP_NTYPE_SITUATION_NOT_SUPPORTED, "SITUATION-NOT-SUPPORTED", NULL },
234 { ISAKMP_NTYPE_INVALID_COOKIE, "INVALID-COOKIE", NULL },
235 { ISAKMP_NTYPE_INVALID_MAJOR_VERSION, "INVALID-MAJOR-VERSION", NULL },
236 { ISAKMP_NTYPE_INVALID_MINOR_VERSION, "INVALID-MINOR-VERSION", NULL },
237 { ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE, "INVALID-EXCHANGE-TYPE", NULL },
238 { ISAKMP_NTYPE_INVALID_FLAGS, "INVALID-FLAGS", NULL },
239 { ISAKMP_NTYPE_INVALID_MESSAGE_ID, "INVALID-MESSAGE-ID", NULL },
240 { ISAKMP_NTYPE_INVALID_PROTOCOL_ID, "INVALID-PROTOCOL-ID", NULL },
241 { ISAKMP_NTYPE_INVALID_SPI, "INVALID-SPI", NULL },
242 { ISAKMP_NTYPE_INVALID_TRANSFORM_ID, "INVALID-TRANSFORM-ID", NULL },
243 { ISAKMP_NTYPE_ATTRIBUTES_NOT_SUPPORTED, "ATTRIBUTES-NOT-SUPPORTED", NULL },
244 { ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN, "NO-PROPOSAL-CHOSEN", NULL },
245 { ISAKMP_NTYPE_BAD_PROPOSAL_SYNTAX, "BAD-PROPOSAL-SYNTAX", NULL },
246 { ISAKMP_NTYPE_PAYLOAD_MALFORMED, "PAYLOAD-MALFORMED", NULL },
247 { ISAKMP_NTYPE_INVALID_KEY_INFORMATION, "INVALID-KEY-INFORMATION", NULL },
248 { ISAKMP_NTYPE_INVALID_ID_INFORMATION, "INVALID-ID-INFORMATION", NULL },
249 { ISAKMP_NTYPE_INVALID_CERT_ENCODING, "INVALID-CERT-ENCODING", NULL },
250 { ISAKMP_NTYPE_INVALID_CERTIFICATE, "INVALID-CERTIFICATE", NULL },
251 { ISAKMP_NTYPE_BAD_CERT_REQUEST_SYNTAX, "BAD-CERT-REQUEST-SYNTAX", NULL },
252 { ISAKMP_NTYPE_INVALID_CERT_AUTHORITY, "INVALID-CERT-AUTHORITY", NULL },
253 { ISAKMP_NTYPE_INVALID_HASH_INFORMATION, "INVALID-HASH-INFORMATION", NULL },
254 { ISAKMP_NTYPE_AUTHENTICATION_FAILED, "AUTHENTICATION-FAILED", NULL },
255 { ISAKMP_NTYPE_INVALID_SIGNATURE, "INVALID-SIGNATURE", NULL },
256 { ISAKMP_NTYPE_ADDRESS_NOTIFICATION, "ADDRESS-NOTIFICATION", NULL },
257 { ISAKMP_NTYPE_NOTIFY_SA_LIFETIME, "NOTIFY-SA-LIFETIME", NULL },
258 { ISAKMP_NTYPE_CERTIFICATE_UNAVAILABLE, "CERTIFICATE-UNAVAILABLE", NULL },
259 { ISAKMP_NTYPE_UNSUPPORTED_EXCHANGE_TYPE, "UNSUPPORTED-EXCHANGE-TYPE", NULL },
260 { ISAKMP_NTYPE_UNEQUAL_PAYLOAD_LENGTHS, "UNEQUAL-PAYLOAD-LENGTHS", NULL },
261 { ISAKMP_NTYPE_CONNECTED, "CONNECTED", NULL },
262 { ISAKMP_NTYPE_RESPONDER_LIFETIME, "RESPONDER-LIFETIME", NULL },
263 { ISAKMP_NTYPE_REPLAY_STATUS, "REPLAY-STATUS", NULL },
264 { ISAKMP_NTYPE_INITIAL_CONTACT, "INITIAL-CONTACT", NULL },
265 { ISAKMP_LOG_RETRY_LIMIT_REACHED, "RETRY-LIMIT-REACHED", NULL },
266 };
267
268 char *
269 s_isakmp_notify_msg(k)
270 int k;
271 {
272 int i;
273 for (i = 0; i < ARRAYLEN(name_isakmp_notify_msg); i++)
274 if (name_isakmp_notify_msg[i].key == k)
275 return name_isakmp_notify_msg[i].str;
276
277 return num2str(k);
278 }
279
280 static struct ksmap name_isakmp_nptype[] = {
281 { ISAKMP_NPTYPE_NONE, "none", NULL },
282 { ISAKMP_NPTYPE_SA, "sa", NULL },
283 { ISAKMP_NPTYPE_P, "prop", NULL },
284 { ISAKMP_NPTYPE_T, "trns", NULL },
285 { ISAKMP_NPTYPE_KE, "ke", NULL },
286 { ISAKMP_NPTYPE_ID, "id", NULL },
287 { ISAKMP_NPTYPE_CERT, "cert", NULL },
288 { ISAKMP_NPTYPE_CR, "cr", NULL },
289 { ISAKMP_NPTYPE_HASH, "hash", NULL },
290 { ISAKMP_NPTYPE_SIG, "sig", NULL },
291 { ISAKMP_NPTYPE_NONCE, "nonce", NULL },
292 { ISAKMP_NPTYPE_N, "notify", NULL },
293 { ISAKMP_NPTYPE_D, "delete", NULL },
294 { ISAKMP_NPTYPE_VID, "vid", NULL },
295 { ISAKMP_NPTYPE_GSS, "gss id", NULL },
296 { 0, "", NULL },
297 { ISAKMP_NPTYPE_NATD_RFC, "natd", NULL },
298 { ISAKMP_NPTYPE_NATOA_RFC, "nat-oa", NULL },
299 { ISAKMP_NPTYPE_NATD_DRAFT, "natd (draft)", NULL },
300 { ISAKMP_NPTYPE_NATOA_DRAFT, "nat-oa (draft)", NULL },
301 { ISAKMP_NPTYPE_NATD_BADDRAFT, "natd (bad draft)", NULL },
302 { ISAKMP_NPTYPE_NATOA_BADDRAFT, "nat-oa (bad draft)", NULL }
303 };
304
305 char *
306 s_isakmp_nptype(k)
307 int k;
308 {
309 int i;
310 for (i = 0; i < ARRAYLEN(name_isakmp_nptype); i++)
311 if (name_isakmp_nptype[i].key == k)
312 return name_isakmp_nptype[i].str;
313 return num2str(k);
314 }
315
316 /* ipsec_doi.h */
317 static struct ksmap name_ipsecdoi_proto[] = {
318 { IPSECDOI_PROTO_ISAKMP, "ISAKMP", s_ipsecdoi_trns_isakmp },
319 { IPSECDOI_PROTO_IPSEC_AH, "AH", s_ipsecdoi_trns_ah },
320 { IPSECDOI_PROTO_IPSEC_ESP, "ESP", s_ipsecdoi_trns_esp },
321 { IPSECDOI_PROTO_IPCOMP, "IPCOMP", s_ipsecdoi_trns_ipcomp },
322 };
323
324 char *
325 s_ipsecdoi_proto(k)
326 int k;
327 {
328 int i;
329 for (i = 0; i < ARRAYLEN(name_ipsecdoi_proto); i++)
330 if (name_ipsecdoi_proto[i].key == k)
331 return name_ipsecdoi_proto[i].str;
332 return num2str(k);
333 }
334
335 static struct ksmap name_ipsecdoi_trns_isakmp[] = {
336 { IPSECDOI_KEY_IKE, "IKE", NULL },
337 };
338
339 char *
340 s_ipsecdoi_trns_isakmp(k)
341 int k;
342 {
343 int i;
344 for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_isakmp); i++)
345 if (name_ipsecdoi_trns_isakmp[i].key == k)
346 return name_ipsecdoi_trns_isakmp[i].str;
347 return num2str(k);
348 }
349
350 static struct ksmap name_ipsecdoi_trns_ah[] = {
351 { IPSECDOI_AH_MD5, "MD5", NULL },
352 { IPSECDOI_AH_SHA, "SHA", NULL },
353 { IPSECDOI_AH_DES, "DES", NULL },
354 };
355
356 char *
357 s_ipsecdoi_trns_ah(k)
358 int k;
359 {
360 int i;
361 for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_ah); i++)
362 if (name_ipsecdoi_trns_ah[i].key == k)
363 return name_ipsecdoi_trns_ah[i].str;
364 return num2str(k);
365 }
366
367 static struct ksmap name_ipsecdoi_trns_esp[] = {
368 { IPSECDOI_ESP_DES_IV64, "DES_IV64", NULL },
369 { IPSECDOI_ESP_DES, "DES", NULL },
370 { IPSECDOI_ESP_3DES, "3DES", NULL },
371 { IPSECDOI_ESP_RC5, "RC5", NULL },
372 { IPSECDOI_ESP_IDEA, "IDEA", NULL },
373 { IPSECDOI_ESP_CAST, "CAST", NULL },
374 { IPSECDOI_ESP_BLOWFISH, "BLOWFISH", NULL },
375 { IPSECDOI_ESP_3IDEA, "3IDEA", NULL },
376 { IPSECDOI_ESP_DES_IV32, "DES_IV32", NULL },
377 { IPSECDOI_ESP_RC4, "RC4", NULL },
378 { IPSECDOI_ESP_NULL, "NULL", NULL },
379 { IPSECDOI_ESP_RIJNDAEL, "RIJNDAEL", NULL },
380 { IPSECDOI_ESP_TWOFISH, "TWOFISH", NULL },
381 };
382
383 char *
384 s_ipsecdoi_trns_esp(k)
385 int k;
386 {
387 int i;
388 for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_esp); i++)
389 if (name_ipsecdoi_trns_esp[i].key == k)
390 return name_ipsecdoi_trns_esp[i].str;
391 return num2str(k);
392 }
393
394 static struct ksmap name_ipsecdoi_trns_ipcomp[] = {
395 { IPSECDOI_IPCOMP_OUI, "OUI", NULL},
396 { IPSECDOI_IPCOMP_DEFLATE, "DEFLATE", NULL},
397 { IPSECDOI_IPCOMP_LZS, "LZS", NULL},
398 };
399
400 char *
401 s_ipsecdoi_trns_ipcomp(k)
402 int k;
403 {
404 int i;
405 for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_ipcomp); i++)
406 if (name_ipsecdoi_trns_ipcomp[i].key == k)
407 return name_ipsecdoi_trns_ipcomp[i].str;
408 return num2str(k);
409 }
410
411 char *
412 s_ipsecdoi_trns(proto, trns)
413 int proto, trns;
414 {
415 int i;
416 for (i = 0; i < ARRAYLEN(name_ipsecdoi_proto); i++)
417 if (name_ipsecdoi_proto[i].key == proto
418 && name_ipsecdoi_proto[i].f)
419 return (name_ipsecdoi_proto[i].f)(trns);
420 return num2str(trns);
421 }
422
423 static struct ksmap name_attr_ipsec[] = {
424 { IPSECDOI_ATTR_SA_LD_TYPE, "SA Life Type", s_ipsecdoi_ltype },
425 { IPSECDOI_ATTR_SA_LD, "SA Life Duration", NULL },
426 { IPSECDOI_ATTR_GRP_DESC, "Group Description", NULL },
427 { IPSECDOI_ATTR_ENC_MODE, "Encription Mode", s_ipsecdoi_encmode },
428 { IPSECDOI_ATTR_AUTH, "Authentication Algorithm", s_ipsecdoi_auth },
429 { IPSECDOI_ATTR_KEY_LENGTH, "Key Length", NULL },
430 { IPSECDOI_ATTR_KEY_ROUNDS, "Key Rounds", NULL },
431 { IPSECDOI_ATTR_COMP_DICT_SIZE, "Compression Dictionary Size", NULL },
432 { IPSECDOI_ATTR_COMP_PRIVALG, "Compression Private Algorithm", NULL },
433 };
434
435 char *
436 s_ipsecdoi_attr(k)
437 int k;
438 {
439 int i;
440 for (i = 0; i < ARRAYLEN(name_attr_ipsec); i++)
441 if (name_attr_ipsec[i].key == k)
442 return name_attr_ipsec[i].str;
443 return num2str(k);
444 }
445
446 static struct ksmap name_attr_ipsec_ltype[] = {
447 { IPSECDOI_ATTR_SA_LD_TYPE_SEC, "seconds", NULL },
448 { IPSECDOI_ATTR_SA_LD_TYPE_KB, "kilobytes", NULL },
449 };
450
451 char *
452 s_ipsecdoi_ltype(k)
453 int k;
454 {
455 int i;
456 for (i = 0; i < ARRAYLEN(name_attr_ipsec_ltype); i++)
457 if (name_attr_ipsec_ltype[i].key == k)
458 return name_attr_ipsec_ltype[i].str;
459 return num2str(k);
460 }
461
462 static struct ksmap name_attr_ipsec_encmode[] = {
463 { IPSECDOI_ATTR_ENC_MODE_ANY, "Any", NULL },
464 { IPSECDOI_ATTR_ENC_MODE_TUNNEL, "Tunnel", NULL },
465 { IPSECDOI_ATTR_ENC_MODE_TRNS, "Transport", NULL },
466 { IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC, "UDP Encapsulated Tunnel", NULL },
467 { IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC, "UDP Encapsulated Transport", NULL },
468 { IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT, "UDP Encapsulated Tunnel (NATT DRAFT)", NULL },
469 { IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT, "UDP Encapsulated Transport (NATT DRAFT)", NULL },
470 };
471
472 char *
473 s_ipsecdoi_encmode(k)
474 int k;
475 {
476 int i;
477 for (i = 0; i < ARRAYLEN(name_attr_ipsec_encmode); i++)
478 if (name_attr_ipsec_encmode[i].key == k)
479 return name_attr_ipsec_encmode[i].str;
480 return num2str(k);
481 }
482
483 static struct ksmap name_attr_ipsec_auth[] = {
484 { IPSECDOI_ATTR_AUTH_HMAC_MD5, "hmac-md5", NULL },
485 { IPSECDOI_ATTR_AUTH_HMAC_SHA1, "hmac-sha", NULL },
486 { IPSECDOI_ATTR_AUTH_DES_MAC, "des-mac", NULL },
487 { IPSECDOI_ATTR_AUTH_KPDK, "kpdk", NULL },
488 };
489
490 char *
491 s_ipsecdoi_auth(k)
492 int k;
493 {
494 int i;
495 for (i = 0; i < ARRAYLEN(name_attr_ipsec_auth); i++)
496 if (name_attr_ipsec_auth[i].key == k)
497 return name_attr_ipsec_auth[i].str;
498 return num2str(k);
499 }
500
501 char *
502 s_ipsecdoi_attr_v(type, val)
503 int type, val;
504 {
505 int i;
506 for (i = 0; i < ARRAYLEN(name_ipsecdoi_proto); i++)
507 if (name_attr_ipsec[i].key == type
508 && name_attr_ipsec[i].f)
509 return (name_attr_ipsec[i].f)(val);
510 return num2str(val);
511 }
512
513 static struct ksmap name_ipsecdoi_ident[] = {
514 { IPSECDOI_ID_IPV4_ADDR, "IPv4_address", NULL },
515 { IPSECDOI_ID_FQDN, "FQDN", NULL },
516 { IPSECDOI_ID_USER_FQDN, "User_FQDN", NULL },
517 { IPSECDOI_ID_IPV4_ADDR_SUBNET, "IPv4_subnet", NULL },
518 { IPSECDOI_ID_IPV6_ADDR, "IPv6_address", NULL },
519 { IPSECDOI_ID_IPV6_ADDR_SUBNET, "IPv6_subnet", NULL },
520 { IPSECDOI_ID_IPV4_ADDR_RANGE, "IPv4_address_range", NULL },
521 { IPSECDOI_ID_IPV6_ADDR_RANGE, "IPv6_address_range", NULL },
522 { IPSECDOI_ID_DER_ASN1_DN, "DER_ASN1_DN", NULL },
523 { IPSECDOI_ID_DER_ASN1_GN, "DER_ASN1_GN", NULL },
524 { IPSECDOI_ID_KEY_ID, "KEY_ID", NULL },
525 };
526
527 char *
528 s_ipsecdoi_ident(k)
529 int k;
530 {
531 int i;
532 for (i = 0; i < ARRAYLEN(name_ipsecdoi_ident); i++)
533 if (name_ipsecdoi_ident[i].key == k)
534 return name_ipsecdoi_ident[i].str;
535 return num2str(k);
536 }
537
538 /* oakley.h */
539 static struct ksmap name_oakley_attr[] = {
540 { OAKLEY_ATTR_ENC_ALG, "Encryption Algorithm", s_attr_isakmp_enc },
541 { OAKLEY_ATTR_HASH_ALG, "Hash Algorithm", s_attr_isakmp_hash },
542 { OAKLEY_ATTR_AUTH_METHOD, "Authentication Method", s_oakley_attr_method },
543 { OAKLEY_ATTR_GRP_DESC, "Group Description", s_attr_isakmp_desc },
544 { OAKLEY_ATTR_GRP_TYPE, "Group Type", s_attr_isakmp_group },
545 { OAKLEY_ATTR_GRP_PI, "Group Prime/Irreducible Polynomial", NULL },
546 { OAKLEY_ATTR_GRP_GEN_ONE, "Group Generator One", NULL },
547 { OAKLEY_ATTR_GRP_GEN_TWO, "Group Generator Two", NULL },
548 { OAKLEY_ATTR_GRP_CURVE_A, "Group Curve A", NULL },
549 { OAKLEY_ATTR_GRP_CURVE_B, "Group Curve B", NULL },
550 { OAKLEY_ATTR_SA_LD_TYPE, "Life Type", s_attr_isakmp_ltype },
551 { OAKLEY_ATTR_SA_LD, "Life Duration", NULL },
552 { OAKLEY_ATTR_PRF, "PRF", NULL },
553 { OAKLEY_ATTR_KEY_LEN, "Key Length", NULL },
554 { OAKLEY_ATTR_FIELD_SIZE, "Field Size", NULL },
555 { OAKLEY_ATTR_GRP_ORDER, "Group Order", NULL },
556 { OAKLEY_ATTR_BLOCK_SIZE, "Block Size", NULL },
557 { OAKLEY_ATTR_GSS_ID, "GSS-API endpoint name",NULL },
558 };
559
560 char *
561 s_oakley_attr(k)
562 int k;
563 {
564 int i;
565 for (i = 0; i < ARRAYLEN(name_oakley_attr); i++)
566 if (name_oakley_attr[i].key == k)
567 return name_oakley_attr[i].str;
568 return num2str(k);
569 }
570
571 static struct ksmap name_attr_isakmp_enc[] = {
572 { OAKLEY_ATTR_ENC_ALG_DES, "DES-CBC", NULL },
573 { OAKLEY_ATTR_ENC_ALG_IDEA, "IDEA-CBC", NULL },
574 { OAKLEY_ATTR_ENC_ALG_BLOWFISH, "Blowfish-CBC", NULL },
575 { OAKLEY_ATTR_ENC_ALG_RC5, "RC5-R16-B64-CBC", NULL },
576 { OAKLEY_ATTR_ENC_ALG_3DES, "3DES-CBC", NULL },
577 { OAKLEY_ATTR_ENC_ALG_CAST, "CAST-CBC", NULL },
578 };
579
580 char *
581 s_attr_isakmp_enc(k)
582 int k;
583 {
584 int i;
585 for (i = 0; i < ARRAYLEN(name_attr_isakmp_enc); i++)
586 if (name_attr_isakmp_enc[i].key == k)
587 return name_attr_isakmp_enc[i].str;
588 return num2str(k);
589 }
590
591 static struct ksmap name_attr_isakmp_hash[] = {
592 { OAKLEY_ATTR_HASH_ALG_MD5, "MD5", NULL },
593 { OAKLEY_ATTR_HASH_ALG_SHA, "SHA", NULL },
594 { OAKLEY_ATTR_HASH_ALG_TIGER, "Tiger", NULL },
595 };
596
597 char *
598 s_attr_isakmp_hash(k)
599 int k;
600 {
601 int i;
602 for (i = 0; i < ARRAYLEN(name_attr_isakmp_hash); i++)
603 if (name_attr_isakmp_hash[i].key == k)
604 return name_attr_isakmp_hash[i].str;
605 return num2str(k);
606 }
607
608 static struct ksmap name_attr_isakmp_method[] = {
609 { OAKLEY_ATTR_AUTH_METHOD_PSKEY, "pre-shared key", NULL },
610 { OAKLEY_ATTR_AUTH_METHOD_DSSSIG, "DSS signatures", NULL },
611 { OAKLEY_ATTR_AUTH_METHOD_RSASIG, "RSA signatures", NULL },
612 { OAKLEY_ATTR_AUTH_METHOD_RSAENC, "Encryption with RSA", NULL },
613 { OAKLEY_ATTR_AUTH_METHOD_RSAREV, "Revised encryption with RSA", NULL },
614 { OAKLEY_ATTR_AUTH_METHOD_EGENC, "Encryption with El-Gamal", NULL },
615 { OAKLEY_ATTR_AUTH_METHOD_EGREV, "Revised encryption with El-Gamal", NULL },
616 { OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB, "GSS-API on Kerberos 5", NULL },
617 };
618
619 char *
620 s_oakley_attr_method(k)
621 int k;
622 {
623 int i;
624 for (i = 0; i < ARRAYLEN(name_attr_isakmp_method); i++)
625 if (name_attr_isakmp_method[i].key == k)
626 return name_attr_isakmp_method[i].str;
627 return num2str(k);
628 }
629
630 static struct ksmap name_attr_isakmp_desc[] = {
631 { OAKLEY_ATTR_GRP_DESC_MODP768, "768-bit MODP group", NULL },
632 { OAKLEY_ATTR_GRP_DESC_MODP1024, "1024-bit MODP group", NULL },
633 { OAKLEY_ATTR_GRP_DESC_EC2N155, "EC2N group on GP[2^155]", NULL },
634 { OAKLEY_ATTR_GRP_DESC_EC2N185, "EC2N group on GP[2^185]", NULL },
635 { OAKLEY_ATTR_GRP_DESC_MODP1536, "1536-bit MODP group", NULL },
636 { OAKLEY_ATTR_GRP_DESC_MODP2048, "2048-bit MODP group", NULL },
637 { OAKLEY_ATTR_GRP_DESC_MODP3072, "3072-bit MODP group", NULL },
638 { OAKLEY_ATTR_GRP_DESC_MODP4096, "4096-bit MODP group", NULL },
639 { OAKLEY_ATTR_GRP_DESC_MODP6144, "6144-bit MODP group", NULL },
640 { OAKLEY_ATTR_GRP_DESC_MODP8192, "8192-bit MODP group", NULL },
641 };
642
643 char *
644 s_attr_isakmp_desc(k)
645 int k;
646 {
647 int i;
648 for (i = 0; i < ARRAYLEN(name_attr_isakmp_desc); i++)
649 if (name_attr_isakmp_desc[i].key == k)
650 return name_attr_isakmp_desc[i].str;
651 return num2str(k);
652 }
653
654 static struct ksmap name_attr_isakmp_group[] = {
655 { OAKLEY_ATTR_GRP_TYPE_MODP, "MODP", NULL },
656 { OAKLEY_ATTR_GRP_TYPE_ECP, "ECP", NULL },
657 { OAKLEY_ATTR_GRP_TYPE_EC2N, "EC2N", NULL },
658 };
659
660 char *
661 s_attr_isakmp_group(k)
662 int k;
663 {
664 int i;
665 for (i = 0; i < ARRAYLEN(name_attr_isakmp_group); i++)
666 if (name_attr_isakmp_group[i].key == k)
667 return name_attr_isakmp_group[i].str;
668 return num2str(k);
669 }
670
671 static struct ksmap name_attr_isakmp_ltype[] = {
672 { OAKLEY_ATTR_SA_LD_TYPE_SEC, "seconds", NULL },
673 { OAKLEY_ATTR_SA_LD_TYPE_KB, "kilobytes", NULL },
674 };
675
676 char *
677 s_attr_isakmp_ltype(k)
678 int k;
679 {
680 int i;
681 for (i = 0; i < ARRAYLEN(name_attr_isakmp_ltype); i++)
682 if (name_attr_isakmp_ltype[i].key == k)
683 return name_attr_isakmp_ltype[i].str;
684 return num2str(k);
685 }
686
687 char *
688 s_oakley_attr_v(type, val)
689 int type, val;
690 {
691 int i;
692 for (i = 0; i < ARRAYLEN(name_oakley_attr); i++)
693 if (name_oakley_attr[i].key == type
694 && name_oakley_attr[i].f)
695 return (name_oakley_attr[i].f)(val);
696 return num2str(val);
697 }
698
699 /* netinet6/ipsec.h */
700 static struct ksmap name_ipsec_level[] = {
701 { IPSEC_LEVEL_USE, "use", NULL },
702 { IPSEC_LEVEL_REQUIRE, "require", NULL },
703 { IPSEC_LEVEL_UNIQUE, "unique", NULL },
704 };
705
706 char *
707 s_ipsec_level(k)
708 int k;
709 {
710 int i;
711 for (i = 0; i < ARRAYLEN(name_ipsec_level); i++)
712 if (name_ipsec_level[i].key == k)
713 return name_ipsec_level[i].str;
714 return num2str(k);
715 }
716
717 static struct ksmap name_algclass[] = {
718 { algclass_ipsec_enc, "ipsec enc", s_ipsecdoi_trns_esp },
719 { algclass_ipsec_auth, "ipsec auth", s_ipsecdoi_trns_ah },
720 { algclass_ipsec_comp, "ipsec comp", s_ipsecdoi_trns_ipcomp },
721 { algclass_isakmp_enc, "isakmp enc", s_attr_isakmp_enc },
722 { algclass_isakmp_hash, "isakmp hash", s_attr_isakmp_hash },
723 { algclass_isakmp_dh, "isakmp dh", s_attr_isakmp_desc },
724 { algclass_isakmp_ameth, "isakmp auth method", s_oakley_attr_method },
725 };
726
727 char *
728 s_algclass(k)
729 int k;
730 {
731 int i;
732 for (i = 0; i < ARRAYLEN(name_algclass); i++)
733 if (name_algclass[i].key == k)
734 return name_algclass[i].str;
735 return num2str(k);
736 }
737
738 char *
739 s_algtype(class, n)
740 int class, n;
741 {
742 int i;
743 for (i = 0; i < ARRAYLEN(name_algclass); i++)
744 if (name_algclass[i].key == class
745 && name_algclass[i].f)
746 return (name_algclass[i].f)(n);
747 return num2str(n);
748 }
749
750 /* pfkey.h */
751 static struct ksmap name_pfkey_type[] = {
752 { SADB_GETSPI, "GETSPI", NULL },
753 { SADB_UPDATE, "UPDATE", NULL },
754 { SADB_ADD, "ADD", NULL },
755 { SADB_DELETE, "DELETE", NULL },
756 { SADB_GET, "GET", NULL },
757 { SADB_ACQUIRE, "ACQUIRE", NULL },
758 { SADB_REGISTER, "REGISTER", NULL },
759 { SADB_EXPIRE, "EXPIRE", NULL },
760 { SADB_FLUSH, "FLUSH", NULL },
761 { SADB_DUMP, "DUMP", NULL },
762 { SADB_X_PROMISC, "X_PRIMISC", NULL },
763 { SADB_X_PCHANGE, "X_PCHANGE", NULL },
764 { SADB_X_SPDUPDATE, "X_SPDUPDATE", NULL },
765 { SADB_X_SPDADD, "X_SPDADD", NULL },
766 { SADB_X_SPDDELETE, "X_SPDDELETE", NULL },
767 { SADB_X_SPDGET, "X_SPDGET", NULL },
768 { SADB_X_SPDACQUIRE, "X_SPDACQUIRE", NULL },
769 { SADB_X_SPDDUMP, "X_SPDDUMP", NULL },
770 { SADB_X_SPDFLUSH, "X_SPDFLUSH", NULL },
771 { SADB_X_SPDSETIDX, "X_SPDSETIDX", NULL },
772 { SADB_X_SPDEXPIRE, "X_SPDEXPIRE", NULL },
773 { SADB_X_SPDDELETE2, "X_SPDDELETE2", NULL },
774 };
775
776 char *
777 s_pfkey_type(k)
778 int k;
779 {
780 int i;
781 for (i = 0; i < ARRAYLEN(name_pfkey_type); i++)
782 if (name_pfkey_type[i].key == k)
783 return name_pfkey_type[i].str;
784 return num2str(k);
785 }
786
787 static struct ksmap name_pfkey_satype[] = {
788 { SADB_SATYPE_UNSPEC, "UNSPEC", NULL },
789 { SADB_SATYPE_AH, "AH", NULL },
790 { SADB_SATYPE_ESP, "ESP", NULL },
791 { SADB_SATYPE_RSVP, "RSVP", NULL },
792 { SADB_SATYPE_OSPFV2, "OSPFV2", NULL },
793 { SADB_SATYPE_RIPV2, "RIPV2", NULL },
794 { SADB_SATYPE_MIP, "MIP", NULL },
795 { SADB_X_SATYPE_IPCOMP, "IPCOMP", NULL },
796 };
797
798 char *
799 s_pfkey_satype(k)
800 int k;
801 {
802 int i;
803 for (i = 0; i < ARRAYLEN(name_pfkey_satype); i++)
804 if (name_pfkey_satype[i].key == k)
805 return name_pfkey_satype[i].str;
806 return num2str(k);
807 }
808
809 static struct ksmap name_direction[] = {
810 { IPSEC_DIR_INBOUND, "in", NULL },
811 { IPSEC_DIR_OUTBOUND, "out", NULL },
812 };
813
814 char *
815 s_direction(k)
816 int k;
817 {
818 int i;
819 for (i = 0; i < ARRAYLEN(name_direction); i++)
820 if (name_direction[i].key == k)
821 return name_direction[i].str;
822 return num2str(k);
823 }
824
825 char *
826 s_proto(k)
827 int k;
828 {
829 switch (k) {
830 case IPPROTO_ICMP:
831 return "icmp";
832 case IPPROTO_TCP:
833 return "tcp";
834 case IPPROTO_UDP:
835 return "udp";
836 case IPPROTO_ICMPV6:
837 return "icmpv6";
838 case IPSEC_ULPROTO_ANY:
839 return "any";
840 }
841
842 return num2str(k);
843 }
mirror of network_cmds