Context Navigation

key_debug.c @ ff36f5e

55-freebsd-126-freebsd-12

Last change on this file since ff36f5e was ff36f5e, checked in by Christian Mauderer <christian.mauderer@…>, on 05/30/18 at 12:27:35

Import ipsec-tools 0.8.2.

Import unchanged ipsec-tools sources in the release version 0.8.2. The
homepage of ipsec-tools is http://ipsec-tools.sourceforge.net/. The
sources can be obtained from there.

Property mode set to 100644

File size: 21.2 KB

Line
1	/* $NetBSD: key_debug.c,v 1.9 2008/12/05 06:02:20 tteras Exp $ */
2
3	/* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */
4
5	/*
6	* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7	* All rights reserved.
8	*
9	* Redistribution and use in source and binary forms, with or without
10	* modification, are permitted provided that the following conditions
11	* are met:
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	* 2. Redistributions in binary form must reproduce the above copyright
15	* notice, this list of conditions and the following disclaimer in the
16	* documentation and/or other materials provided with the distribution.
17	* 3. Neither the name of the project nor the names of its contributors
18	* may be used to endorse or promote products derived from this software
19	* without specific prior written permission.
20	*
21	* THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24	* ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31	* SUCH DAMAGE.
32	*/
33
34	#ifdef HAVE_CONFIG_H
35	#include "config.h"
36	#endif
37
38	#ifdef _KERNEL
39	#if defined(__FreeBSD__) && __FreeBSD__ >= 3
40	#include "opt_inet.h"
41	#include "opt_inet6.h"
42	#include "opt_ipsec.h"
43	#endif
44	#ifdef __NetBSD__
45	#include "opt_inet.h"
46	#endif
47	#endif
48
49	#if HAVE_STDINT_H
50	#include <stdint.h>
51	#endif
52
53	#include <sys/types.h>
54	#include <sys/param.h>
55	#ifdef _KERNEL
56	#include <sys/systm.h>
57	#include <sys/mbuf.h>
58	#include <sys/queue.h>
59	#endif
60	#include <sys/socket.h>
61
62	#include <netinet/in.h>
63	#include PATH_IPSEC_H
64
65	#ifndef _KERNEL
66	#include <ctype.h>
67	#include <stdio.h>
68	#include <stdlib.h>
69	#endif /* !_KERNEL */
70
71	#include "config.h"
72	#include "libpfkey.h"
73
74	static void kdebug_sadb_prop __P((struct sadb_ext *));
75	static void kdebug_sadb_identity __P((struct sadb_ext *));
76	static void kdebug_sadb_supported __P((struct sadb_ext *));
77	static void kdebug_sadb_lifetime __P((struct sadb_ext *));
78	static void kdebug_sadb_sa __P((struct sadb_ext *));
79	static void kdebug_sadb_address __P((struct sadb_ext *));
80	static void kdebug_sadb_key __P((struct sadb_ext *));
81	static void kdebug_sadb_x_sa2 __P((struct sadb_ext *));
82	static void kdebug_sadb_x_policy __P((struct sadb_ext *ext));
83	static void kdebug_sockaddr __P((struct sockaddr *addr));
84
85	#ifdef SADB_X_EXT_NAT_T_TYPE
86	static void kdebug_sadb_x_nat_t_type __P((struct sadb_ext *ext));
87	static void kdebug_sadb_x_nat_t_port __P((struct sadb_ext *ext));
88	#endif
89
90	#ifdef SADB_X_EXT_PACKET
91	static void kdebug_sadb_x_packet __P((struct sadb_ext *));
92	#endif
93
94	#ifdef SADB_X_EXT_KMADDRESS
95	static void kdebug_sadb_x_kmaddress __P((struct sadb_ext *));
96	#endif
97
98	#ifdef _KERNEL
99	static void kdebug_secreplay __P((struct secreplay *));
100	#endif
101
102	#ifndef _KERNEL
103	#define panic(param) { printf(param); exit(1); }
104	#endif
105
106	#include "libpfkey.h"
107	/* NOTE: host byte order */
108
109	/* %%%: about struct sadb_msg */
110	void
111	kdebug_sadb(base)
112	struct sadb_msg *base;
113	{
114	struct sadb_ext *ext;
115	int tlen, extlen;
116
117	/* sanity check */
118	if (base == NULL)
119	panic("kdebug_sadb: NULL pointer was passed.\n");
120
121	printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n",
122	base->sadb_msg_version, base->sadb_msg_type,
123	base->sadb_msg_errno, base->sadb_msg_satype);
124	printf(" len=%u reserved=%u seq=%u pid=%u\n",
125	base->sadb_msg_len, base->sadb_msg_reserved,
126	base->sadb_msg_seq, base->sadb_msg_pid);
127
128	tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg);
129	ext = (void )((caddr_t)(void )base + sizeof(struct sadb_msg));
130
131	while (tlen > 0) {
132	printf("sadb_ext{ len=%u type=%u }\n",
133	ext->sadb_ext_len, ext->sadb_ext_type);
134
135	if (ext->sadb_ext_len == 0) {
136	printf("kdebug_sadb: invalid ext_len=0 was passed.\n");
137	return;
138	}
139	if (ext->sadb_ext_len > tlen) {
140	printf("kdebug_sadb: ext_len exceeds end of buffer.\n");
141	return;
142	}
143
144	switch (ext->sadb_ext_type) {
145	case SADB_EXT_SA:
146	kdebug_sadb_sa(ext);
147	break;
148	case SADB_EXT_LIFETIME_CURRENT:
149	case SADB_EXT_LIFETIME_HARD:
150	case SADB_EXT_LIFETIME_SOFT:
151	kdebug_sadb_lifetime(ext);
152	break;
153	case SADB_EXT_ADDRESS_SRC:
154	case SADB_EXT_ADDRESS_DST:
155	case SADB_EXT_ADDRESS_PROXY:
156	kdebug_sadb_address(ext);
157	break;
158	case SADB_EXT_KEY_AUTH:
159	case SADB_EXT_KEY_ENCRYPT:
160	kdebug_sadb_key(ext);
161	break;
162	case SADB_EXT_IDENTITY_SRC:
163	case SADB_EXT_IDENTITY_DST:
164	kdebug_sadb_identity(ext);
165	break;
166	case SADB_EXT_SENSITIVITY:
167	break;
168	case SADB_EXT_PROPOSAL:
169	kdebug_sadb_prop(ext);
170	break;
171	case SADB_EXT_SUPPORTED_AUTH:
172	case SADB_EXT_SUPPORTED_ENCRYPT:
173	kdebug_sadb_supported(ext);
174	break;
175	case SADB_EXT_SPIRANGE:
176	case SADB_X_EXT_KMPRIVATE:
177	break;
178	case SADB_X_EXT_POLICY:
179	kdebug_sadb_x_policy(ext);
180	break;
181	case SADB_X_EXT_SA2:
182	kdebug_sadb_x_sa2(ext);
183	break;
184	#ifdef SADB_X_EXT_NAT_T_TYPE
185	case SADB_X_EXT_NAT_T_TYPE:
186	kdebug_sadb_x_nat_t_type(ext);
187	break;
188	case SADB_X_EXT_NAT_T_SPORT:
189	case SADB_X_EXT_NAT_T_DPORT:
190	kdebug_sadb_x_nat_t_port(ext);
191	break;
192	case SADB_X_EXT_NAT_T_OA:
193	kdebug_sadb_address(ext);
194	break;
195	#endif
196	#ifdef SADB_X_EXT_PACKET
197	case SADB_X_EXT_PACKET:
198	kdebug_sadb_x_packet(ext);
199	break;
200	#endif
201	#ifdef SADB_X_EXT_KMADDRESS
202	case SADB_X_EXT_KMADDRESS:
203	kdebug_sadb_x_kmaddress(ext);
204	break;
205	#endif
206	default:
207	printf("kdebug_sadb: invalid ext_type %u was passed.\n",
208	ext->sadb_ext_type);
209	return;
210	}
211
212	extlen = PFKEY_UNUNIT64(ext->sadb_ext_len);
213	tlen -= extlen;
214	ext = (void )((caddr_t)(void )ext + extlen);
215	}
216
217	return;
218	}
219
220	static void
221	kdebug_sadb_prop(ext)
222	struct sadb_ext *ext;
223	{
224	struct sadb_prop prop = (void )ext;
225	struct sadb_comb *comb;
226	int len;
227
228	/* sanity check */
229	if (ext == NULL)
230	panic("kdebug_sadb_prop: NULL pointer was passed.\n");
231
232	len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop))
233	/ sizeof(*comb);
234	comb = (void *)(prop + 1);
235	printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay);
236
237	while (len--) {
238	printf("sadb_comb{ auth=%u encrypt=%u "
239	"flags=0x%04x reserved=0x%08x\n",
240	comb->sadb_comb_auth, comb->sadb_comb_encrypt,
241	comb->sadb_comb_flags, comb->sadb_comb_reserved);
242
243	printf(" auth_minbits=%u auth_maxbits=%u "
244	"encrypt_minbits=%u encrypt_maxbits=%u\n",
245	comb->sadb_comb_auth_minbits,
246	comb->sadb_comb_auth_maxbits,
247	comb->sadb_comb_encrypt_minbits,
248	comb->sadb_comb_encrypt_maxbits);
249
250	printf(" soft_alloc=%u hard_alloc=%u "
251	"soft_bytes=%lu hard_bytes=%lu\n",
252	comb->sadb_comb_soft_allocations,
253	comb->sadb_comb_hard_allocations,
254	(unsigned long)comb->sadb_comb_soft_bytes,
255	(unsigned long)comb->sadb_comb_hard_bytes);
256
257	printf(" soft_alloc=%lu hard_alloc=%lu "
258	"soft_bytes=%lu hard_bytes=%lu }\n",
259	(unsigned long)comb->sadb_comb_soft_addtime,
260	(unsigned long)comb->sadb_comb_hard_addtime,
261	(unsigned long)comb->sadb_comb_soft_usetime,
262	(unsigned long)comb->sadb_comb_hard_usetime);
263	comb++;
264	}
265	printf("}\n");
266
267	return;
268	}
269
270	static void
271	kdebug_sadb_identity(ext)
272	struct sadb_ext *ext;
273	{
274	struct sadb_ident id = (void )ext;
275	int len;
276
277	/* sanity check */
278	if (ext == NULL)
279	panic("kdebug_sadb_identity: NULL pointer was passed.\n");
280
281	len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id);
282	printf("sadb_ident_%s{",
283	id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst");
284	switch (id->sadb_ident_type) {
285	default:
286	printf(" type=%d id=%lu",
287	id->sadb_ident_type, (u_long)id->sadb_ident_id);
288	if (len) {
289	#ifdef _KERNEL
290	ipsec_hexdump((caddr_t)(id + 1), len); /XXX cast ?/
291	#else
292	char p, ep;
293	printf("\n str=\"");
294	p = (void *)(id + 1);
295	ep = p + len;
296	for (/nothing/; *p && p < ep; p++) {
297	if (isprint((int)*p))
298	printf("%c", *p & 0xff);
299	else
300	printf("\\%03o", *p & 0xff);
301	}
302	#endif
303	printf("\"");
304	}
305	break;
306	}
307
308	printf(" }\n");
309
310	return;
311	}
312
313	static void
314	kdebug_sadb_supported(ext)
315	struct sadb_ext *ext;
316	{
317	struct sadb_supported sup = (void )ext;
318	struct sadb_alg *alg;
319	int len;
320
321	/* sanity check */
322	if (ext == NULL)
323	panic("kdebug_sadb_supported: NULL pointer was passed.\n");
324
325	len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup))
326	/ sizeof(*alg);
327	alg = (void *)(sup + 1);
328	printf("sadb_sup{\n");
329	while (len--) {
330	printf(" { id=%d ivlen=%d min=%d max=%d }\n",
331	alg->sadb_alg_id, alg->sadb_alg_ivlen,
332	alg->sadb_alg_minbits, alg->sadb_alg_maxbits);
333	alg++;
334	}
335	printf("}\n");
336
337	return;
338	}
339
340	static void
341	kdebug_sadb_lifetime(ext)
342	struct sadb_ext *ext;
343	{
344	struct sadb_lifetime lft = (void )ext;
345
346	/* sanity check */
347	if (ext == NULL)
348	printf("kdebug_sadb_lifetime: NULL pointer was passed.\n");
349
350	printf("sadb_lifetime{ alloc=%u, bytes=%u\n",
351	lft->sadb_lifetime_allocations,
352	(u_int32_t)lft->sadb_lifetime_bytes);
353	printf(" addtime=%u, usetime=%u }\n",
354	(u_int32_t)lft->sadb_lifetime_addtime,
355	(u_int32_t)lft->sadb_lifetime_usetime);
356
357	return;
358	}
359
360	static void
361	kdebug_sadb_sa(ext)
362	struct sadb_ext *ext;
363	{
364	struct sadb_sa sa = (void )ext;
365
366	/* sanity check */
367	if (ext == NULL)
368	panic("kdebug_sadb_sa: NULL pointer was passed.\n");
369
370	printf("sadb_sa{ spi=%u replay=%u state=%u\n",
371	(u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay,
372	sa->sadb_sa_state);
373	printf(" auth=%u encrypt=%u flags=0x%08x }\n",
374	sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags);
375
376	return;
377	}
378
379	static void
380	kdebug_sadb_address(ext)
381	struct sadb_ext *ext;
382	{
383	struct sadb_address addr = (void )ext;
384
385	/* sanity check */
386	if (ext == NULL)
387	panic("kdebug_sadb_address: NULL pointer was passed.\n");
388
389	printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n",
390	addr->sadb_address_proto, addr->sadb_address_prefixlen,
391	((u_char )(void )&addr->sadb_address_reserved)[0],
392	((u_char )(void )&addr->sadb_address_reserved)[1]);
393
394	kdebug_sockaddr((void )((caddr_t)(void )ext + sizeof(*addr)));
395
396	return;
397	}
398
399	static void
400	kdebug_sadb_key(ext)
401	struct sadb_ext *ext;
402	{
403	struct sadb_key key = (void )ext;
404
405	/* sanity check */
406	if (ext == NULL)
407	panic("kdebug_sadb_key: NULL pointer was passed.\n");
408
409	printf("sadb_key{ bits=%u reserved=%u\n",
410	key->sadb_key_bits, key->sadb_key_reserved);
411	printf(" key=");
412
413	/* sanity check 2 */
414	if (((uint32_t)key->sadb_key_bits >> 3) >
415	(PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) {
416	printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n",
417	(uint32_t)key->sadb_key_bits >> 3,
418	(long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key));
419	}
420
421	ipsec_hexdump(key + sizeof(struct sadb_key),
422	(int)((uint32_t)key->sadb_key_bits >> 3));
423	printf(" }\n");
424	return;
425	}
426
427	static void
428	kdebug_sadb_x_sa2(ext)
429	struct sadb_ext *ext;
430	{
431	struct sadb_x_sa2 sa2 = (void )ext;
432
433	/* sanity check */
434	if (ext == NULL)
435	panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n");
436
437	printf("sadb_x_sa2{ mode=%u reqid=%u\n",
438	sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid);
439	printf(" reserved1=%u reserved2=%u sequence=%u }\n",
440	sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2,
441	sa2->sadb_x_sa2_sequence);
442
443	return;
444	}
445
446	void
447	kdebug_sadb_x_policy(ext)
448	struct sadb_ext *ext;
449	{
450	struct sadb_x_policy xpl = (void )ext;
451	struct sockaddr *addr;
452
453	/* sanity check */
454	if (ext == NULL)
455	panic("kdebug_sadb_x_policy: NULL pointer was passed.\n");
456
457	#ifdef HAVE_PFKEY_POLICY_PRIORITY
458	printf("sadb_x_policy{ type=%u dir=%u id=%x priority=%u }\n",
459	#else
460	printf("sadb_x_policy{ type=%u dir=%u id=%x }\n",
461	#endif
462	xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir,
463	#ifdef HAVE_PFKEY_POLICY_PRIORITY
464	xpl->sadb_x_policy_id, xpl->sadb_x_policy_priority);
465	#else
466	xpl->sadb_x_policy_id);
467	#endif
468
469	if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) {
470	int tlen;
471	struct sadb_x_ipsecrequest *xisr;
472
473	tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl);
474	xisr = (void *)(xpl + 1);
475
476	while (tlen > 0) {
477	printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n",
478	xisr->sadb_x_ipsecrequest_len,
479	xisr->sadb_x_ipsecrequest_proto,
480	xisr->sadb_x_ipsecrequest_mode,
481	xisr->sadb_x_ipsecrequest_level,
482	xisr->sadb_x_ipsecrequest_reqid);
483
484	if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
485	addr = (void *)(xisr + 1);
486	kdebug_sockaddr(addr);
487	addr = (void )((caddr_t)(void )addr
488	+ sysdep_sa_len(addr));
489	kdebug_sockaddr(addr);
490	}
491
492	printf(" }\n");
493
494	/* prevent infinite loop */
495	if (xisr->sadb_x_ipsecrequest_len == 0) {
496	printf("kdebug_sadb_x_policy: wrong policy struct.\n");
497	return;
498	}
499	/* prevent overflow */
500	if (xisr->sadb_x_ipsecrequest_len > tlen) {
501	printf("invalid ipsec policy length\n");
502	return;
503	}
504
505	tlen -= xisr->sadb_x_ipsecrequest_len;
506
507	xisr = (void )((caddr_t)(void )xisr
508	+ xisr->sadb_x_ipsecrequest_len);
509	}
510
511	if (tlen != 0)
512	panic("kdebug_sadb_x_policy: wrong policy struct.\n");
513	}
514
515	return;
516	}
517
518	#ifdef SADB_X_EXT_NAT_T_TYPE
519	static void
520	kdebug_sadb_x_nat_t_type(struct sadb_ext *ext)
521	{
522	struct sadb_x_nat_t_type ntt = (void )ext;
523
524	/* sanity check */
525	if (ext == NULL)
526	panic("kdebug_sadb_x_nat_t_type: NULL pointer was passed.\n");
527
528	printf("sadb_x_nat_t_type{ type=%u }\n", ntt->sadb_x_nat_t_type_type);
529
530	return;
531	}
532
533	static void
534	kdebug_sadb_x_nat_t_port(struct sadb_ext *ext)
535	{
536	struct sadb_x_nat_t_port ntp = (void )ext;
537
538	/* sanity check */
539	if (ext == NULL)
540	panic("kdebug_sadb_x_nat_t_port: NULL pointer was passed.\n");
541
542	printf("sadb_x_nat_t_port{ port=%u }\n", ntohs(ntp->sadb_x_nat_t_port_port));
543
544	return;
545	}
546	#endif
547
548	#ifdef SADB_X_EXT_PACKET
549	static void
550	kdebug_sadb_x_packet(ext)
551	struct sadb_ext *ext;
552	{
553	struct sadb_x_packet pkt = (struct sadb_x_packet )ext;
554
555	/* sanity check */
556	if (ext == NULL)
557	panic("kdebug_sadb_x_packet: NULL pointer was passed.\n");
558
559	printf("sadb_x_packet{ copylen=%u\n", pkt->sadb_x_packet_copylen);
560	printf(" packet=");
561	ipsec_hexdump((caddr_t)pkt + sizeof(struct sadb_x_packet),
562	pkt->sadb_x_packet_copylen);
563	printf(" }\n");
564	return;
565	}
566	#endif
567
568	#ifdef SADB_X_EXT_KMADDRESS
569	static void
570	kdebug_sadb_x_kmaddress(ext)
571	struct sadb_ext *ext;
572	{
573	struct sadb_x_kmaddress kma = (struct sadb_x_kmaddress )ext;
574	struct sockaddr * sa;
575	sa_family_t family;
576	int len, sa_len;
577
578	/* sanity check */
579	if (ext == NULL)
580	panic("kdebug_sadb_x_kmaddress: NULL pointer was passed.\n");
581
582	len = (PFKEY_UNUNIT64(kma->sadb_x_kmaddress_len) - sizeof(*kma));
583
584	printf("sadb_x_kmaddress{ reserved=0x%02x%02x%02x%02x }\n",
585	((u_char )(void )&kma->sadb_x_kmaddress_reserved)[0],
586	((u_char )(void )&kma->sadb_x_kmaddress_reserved)[1],
587	((u_char )(void )&kma->sadb_x_kmaddress_reserved)[2],
588	((u_char )(void )&kma->sadb_x_kmaddress_reserved)[3]);
589
590	sa = (struct sockaddr *)(kma + 1);
591	if (len < sizeof(struct sockaddr) \|\| (sa_len = sysdep_sa_len(sa)) > len)
592	panic("kdebug_sadb_x_kmaddress: not enough data to read"
593	" first sockaddr.\n");
594	kdebug_sockaddr((void )sa); / local address */
595	family = sa->sa_family;
596
597	len -= sa_len;
598	sa = (struct sockaddr )((char )sa + sa_len);
599	if (len < sizeof(struct sockaddr) \|\| sysdep_sa_len(sa) > len)
600	panic("kdebug_sadb_x_kmaddress: not enough data to read"
601	" second sockaddr.\n");
602	kdebug_sockaddr((void )sa); / remote address */
603
604	if (family != sa->sa_family)
605	printf("kdebug_sadb_x_kmaddress: !!!! Please, note the "
606	"unexpected mismatch in address family.\n");
607	}
608	#endif
609
610
611	#ifdef _KERNEL
612	/* %%%: about SPD and SAD */
613	void
614	kdebug_secpolicy(sp)
615	struct secpolicy *sp;
616	{
617	/* sanity check */
618	if (sp == NULL)
619	panic("kdebug_secpolicy: NULL pointer was passed.\n");
620
621	printf("secpolicy{ refcnt=%u state=%u policy=%u\n",
622	sp->refcnt, sp->state, sp->policy);
623
624	kdebug_secpolicyindex(&sp->spidx);
625
626	switch (sp->policy) {
627	case IPSEC_POLICY_DISCARD:
628	printf(" type=discard }\n");
629	break;
630	case IPSEC_POLICY_NONE:
631	printf(" type=none }\n");
632	break;
633	case IPSEC_POLICY_IPSEC:
634	{
635	struct ipsecrequest *isr;
636	for (isr = sp->req; isr != NULL; isr = isr->next) {
637
638	printf(" level=%u\n", isr->level);
639	kdebug_secasindex(&isr->saidx);
640
641	if (isr->sav != NULL)
642	kdebug_secasv(isr->sav);
643	}
644	printf(" }\n");
645	}
646	break;
647	case IPSEC_POLICY_BYPASS:
648	printf(" type=bypass }\n");
649	break;
650	case IPSEC_POLICY_ENTRUST:
651	printf(" type=entrust }\n");
652	break;
653	default:
654	printf("kdebug_secpolicy: Invalid policy found. %d\n",
655	sp->policy);
656	break;
657	}
658
659	return;
660	}
661
662	void
663	kdebug_secpolicyindex(spidx)
664	struct secpolicyindex *spidx;
665	{
666	/* sanity check */
667	if (spidx == NULL)
668	panic("kdebug_secpolicyindex: NULL pointer was passed.\n");
669
670	printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n",
671	spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto);
672
673	ipsec_hexdump((caddr_t)&spidx->src,
674	sysdep_sa_len((struct sockaddr *)&spidx->src));
675	printf("\n");
676	ipsec_hexdump((caddr_t)&spidx->dst,
677	sysdep_sa_len((struct sockaddr *)&spidx->dst));
678	printf("}\n");
679
680	return;
681	}
682
683	void
684	kdebug_secasindex(saidx)
685	struct secasindex *saidx;
686	{
687	/* sanity check */
688	if (saidx == NULL)
689	panic("kdebug_secpolicyindex: NULL pointer was passed.\n");
690
691	printf("secasindex{ mode=%u proto=%u\n",
692	saidx->mode, saidx->proto);
693
694	ipsec_hexdump((caddr_t)&saidx->src,
695	sysdep_sa_len((struct sockaddr *)&saidx->src));
696	printf("\n");
697	ipsec_hexdump((caddr_t)&saidx->dst,
698	sysdep_sa_len((struct sockaddr *)&saidx->dst));
699	printf("\n");
700
701	return;
702	}
703
704	void
705	kdebug_secasv(sav)
706	struct secasvar *sav;
707	{
708	/* sanity check */
709	if (sav == NULL)
710	panic("kdebug_secasv: NULL pointer was passed.\n");
711
712	printf("secas{");
713	kdebug_secasindex(&sav->sah->saidx);
714
715	printf(" refcnt=%u state=%u auth=%u enc=%u\n",
716	sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc);
717	printf(" spi=%u flags=%u\n",
718	(u_int32_t)ntohl(sav->spi), sav->flags);
719
720	if (sav->key_auth != NULL)
721	kdebug_sadb_key((struct sadb_ext *)sav->key_auth);
722	if (sav->key_enc != NULL)
723	kdebug_sadb_key((struct sadb_ext *)sav->key_enc);
724	if (sav->iv != NULL) {
725	printf(" iv=");
726	ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8);
727	printf("\n");
728	}
729
730	if (sav->replay != NULL)
731	kdebug_secreplay(sav->replay);
732	if (sav->lft_c != NULL)
733	kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c);
734	if (sav->lft_h != NULL)
735	kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h);
736	if (sav->lft_s != NULL)
737	kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s);
738
739	#if notyet
740	/* XXX: misc[123] ? */
741	#endif
742
743	return;
744	}
745
746	static void
747	kdebug_secreplay(rpl)
748	struct secreplay *rpl;
749	{
750	int len, l;
751
752	/* sanity check */
753	if (rpl == NULL)
754	panic("kdebug_secreplay: NULL pointer was passed.\n");
755
756	printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u",
757	rpl->count, rpl->wsize, rpl->seq, rpl->lastseq);
758
759	if (rpl->bitmap == NULL) {
760	printf(" }\n");
761	return;
762	}
763
764	printf("\n bitmap { ");
765
766	for (len = 0; len < rpl->wsize; len++) {
767	for (l = 7; l >= 0; l--)
768	printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0);
769	}
770	printf(" }\n");
771
772	return;
773	}
774
775	void
776	kdebug_mbufhdr(m)
777	struct mbuf *m;
778	{
779	/* sanity check */
780	if (m == NULL)
781	return;
782
783	printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p "
784	"m_len:%d m_type:0x%02x m_flags:0x%02x }\n",
785	m, m->m_next, m->m_nextpkt, m->m_data,
786	m->m_len, m->m_type, m->m_flags);
787
788	if (m->m_flags & M_PKTHDR) {
789	printf(" m_pkthdr{ len:%d rcvif:%p }\n",
790	m->m_pkthdr.len, m->m_pkthdr.rcvif);
791	}
792
793	#ifdef __FreeBSD__
794	if (m->m_flags & M_EXT) {
795	printf(" m_ext{ ext_buf:%p ext_free:%p "
796	"ext_size:%u ext_ref:%p }\n",
797	m->m_ext.ext_buf, m->m_ext.ext_free,
798	m->m_ext.ext_size, m->m_ext.ext_ref);
799	}
800	#endif
801
802	return;
803	}
804
805	void
806	kdebug_mbuf(m0)
807	struct mbuf *m0;
808	{
809	struct mbuf *m = m0;
810	int i, j;
811
812	for (j = 0; m; m = m->m_next) {
813	kdebug_mbufhdr(m);
814	printf(" m_data:\n");
815	for (i = 0; i < m->m_len; i++) {
816	if (i && i % 32 == 0)
817	printf("\n");
818	if (i % 4 == 0)
819	printf(" ");
820	printf("%02x", mtod(m, u_char *)[i]);
821	j++;
822	}
823	printf("\n");
824	}
825
826	return;
827	}
828	#endif /* _KERNEL */
829
830	static void
831	kdebug_sockaddr(addr)
832	struct sockaddr *addr;
833	{
834	struct sockaddr_in *sin4;
835	#ifdef INET6
836	struct sockaddr_in6 *sin6;
837	#endif
838
839	/* sanity check */
840	if (addr == NULL)
841	panic("kdebug_sockaddr: NULL pointer was passed.\n");
842
843	/* NOTE: We deal with port number as host byte order. */
844	printf("sockaddr{ len=%u family=%u", sysdep_sa_len(addr), addr->sa_family);
845
846	switch (addr->sa_family) {
847	case AF_INET:
848	sin4 = (void *)addr;
849	printf(" port=%u\n", ntohs(sin4->sin_port));
850	ipsec_hexdump(&sin4->sin_addr, sizeof(sin4->sin_addr));
851	break;
852	#ifdef INET6
853	case AF_INET6:
854	sin6 = (void *)addr;
855	printf(" port=%u\n", ntohs(sin6->sin6_port));
856	printf(" flowinfo=0x%08x, scope_id=0x%08x\n",
857	sin6->sin6_flowinfo, sin6->sin6_scope_id);
858	ipsec_hexdump(&sin6->sin6_addr, sizeof(sin6->sin6_addr));
859	break;
860	#endif
861	}
862
863	printf(" }\n");
864
865	return;
866	}
867
868	void
869	ipsec_bindump(buf, len)
870	caddr_t buf;
871	int len;
872	{
873	int i;
874
875	for (i = 0; i < len; i++)
876	printf("%c", (unsigned char)buf[i]);
877
878	return;
879	}
880
881
882	void
883	ipsec_hexdump(buf, len)
884	const void *buf;
885	int len;
886	{
887	int i;
888
889	for (i = 0; i < len; i++) {
890	if (i != 0 && i % 32 == 0) printf("\n");
891	if (i % 4 == 0) printf(" ");
892	printf("%02x", ((const unsigned char *)buf)[i]);
893	}
894	#if 0
895	if (i % 32 != 0) printf("\n");
896	#endif
897
898	return;
899	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: rtems-libbsd/ipsec-tools/src/libipsec/key_debug.c @ ff36f5e

Download in other formats: