Return to key_debug.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / libipsec |
1.1 ! misho 1: /* $NetBSD: key_debug.c,v 1.9 2008/12/05 06:02:20 tteras Exp $ */ ! 2: ! 3: /* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */ ! 4: ! 5: /* ! 6: * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. ! 7: * All rights reserved. ! 8: * ! 9: * Redistribution and use in source and binary forms, with or without ! 10: * modification, are permitted provided that the following conditions ! 11: * are met: ! 12: * 1. Redistributions of source code must retain the above copyright ! 13: * notice, this list of conditions and the following disclaimer. ! 14: * 2. Redistributions in binary form must reproduce the above copyright ! 15: * notice, this list of conditions and the following disclaimer in the ! 16: * documentation and/or other materials provided with the distribution. ! 17: * 3. Neither the name of the project nor the names of its contributors ! 18: * may be used to endorse or promote products derived from this software ! 19: * without specific prior written permission. ! 20: * ! 21: * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND ! 22: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ! 23: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ! 24: * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE ! 25: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ! 26: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ! 27: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ! 28: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ! 29: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ! 30: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ! 31: * SUCH DAMAGE. ! 32: */ ! 33: ! 34: #ifdef HAVE_CONFIG_H ! 35: #include "config.h" ! 36: #endif ! 37: ! 38: #ifdef _KERNEL ! 39: #if defined(__FreeBSD__) && __FreeBSD__ >= 3 ! 40: #include "opt_inet.h" ! 41: #include "opt_inet6.h" ! 42: #include "opt_ipsec.h" ! 43: #endif ! 44: #ifdef __NetBSD__ ! 45: #include "opt_inet.h" ! 46: #endif ! 47: #endif ! 48: ! 49: #if HAVE_STDINT_H ! 50: #include <stdint.h> ! 51: #endif ! 52: ! 53: #include <sys/types.h> ! 54: #include <sys/param.h> ! 55: #ifdef _KERNEL ! 56: #include <sys/systm.h> ! 57: #include <sys/mbuf.h> ! 58: #include <sys/queue.h> ! 59: #endif ! 60: #include <sys/socket.h> ! 61: ! 62: #include <netinet/in.h> ! 63: #include PATH_IPSEC_H ! 64: ! 65: #ifndef _KERNEL ! 66: #include <ctype.h> ! 67: #include <stdio.h> ! 68: #include <stdlib.h> ! 69: #endif /* !_KERNEL */ ! 70: ! 71: #include "config.h" ! 72: #include "libpfkey.h" ! 73: ! 74: static void kdebug_sadb_prop __P((struct sadb_ext *)); ! 75: static void kdebug_sadb_identity __P((struct sadb_ext *)); ! 76: static void kdebug_sadb_supported __P((struct sadb_ext *)); ! 77: static void kdebug_sadb_lifetime __P((struct sadb_ext *)); ! 78: static void kdebug_sadb_sa __P((struct sadb_ext *)); ! 79: static void kdebug_sadb_address __P((struct sadb_ext *)); ! 80: static void kdebug_sadb_key __P((struct sadb_ext *)); ! 81: static void kdebug_sadb_x_sa2 __P((struct sadb_ext *)); ! 82: static void kdebug_sadb_x_policy __P((struct sadb_ext *ext)); ! 83: static void kdebug_sockaddr __P((struct sockaddr *addr)); ! 84: ! 85: #ifdef SADB_X_EXT_NAT_T_TYPE ! 86: static void kdebug_sadb_x_nat_t_type __P((struct sadb_ext *ext)); ! 87: static void kdebug_sadb_x_nat_t_port __P((struct sadb_ext *ext)); ! 88: #endif ! 89: ! 90: #ifdef SADB_X_EXT_PACKET ! 91: static void kdebug_sadb_x_packet __P((struct sadb_ext *)); ! 92: #endif ! 93: ! 94: #ifdef SADB_X_EXT_KMADDRESS ! 95: static void kdebug_sadb_x_kmaddress __P((struct sadb_ext *)); ! 96: #endif ! 97: ! 98: #ifdef _KERNEL ! 99: static void kdebug_secreplay __P((struct secreplay *)); ! 100: #endif ! 101: ! 102: #ifndef _KERNEL ! 103: #define panic(param) { printf(param); exit(1); } ! 104: #endif ! 105: ! 106: #include "libpfkey.h" ! 107: /* NOTE: host byte order */ ! 108: ! 109: /* %%%: about struct sadb_msg */ ! 110: void ! 111: kdebug_sadb(base) ! 112: struct sadb_msg *base; ! 113: { ! 114: struct sadb_ext *ext; ! 115: int tlen, extlen; ! 116: ! 117: /* sanity check */ ! 118: if (base == NULL) ! 119: panic("kdebug_sadb: NULL pointer was passed.\n"); ! 120: ! 121: printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n", ! 122: base->sadb_msg_version, base->sadb_msg_type, ! 123: base->sadb_msg_errno, base->sadb_msg_satype); ! 124: printf(" len=%u reserved=%u seq=%u pid=%u\n", ! 125: base->sadb_msg_len, base->sadb_msg_reserved, ! 126: base->sadb_msg_seq, base->sadb_msg_pid); ! 127: ! 128: tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg); ! 129: ext = (void *)((caddr_t)(void *)base + sizeof(struct sadb_msg)); ! 130: ! 131: while (tlen > 0) { ! 132: printf("sadb_ext{ len=%u type=%u }\n", ! 133: ext->sadb_ext_len, ext->sadb_ext_type); ! 134: ! 135: if (ext->sadb_ext_len == 0) { ! 136: printf("kdebug_sadb: invalid ext_len=0 was passed.\n"); ! 137: return; ! 138: } ! 139: if (ext->sadb_ext_len > tlen) { ! 140: printf("kdebug_sadb: ext_len exceeds end of buffer.\n"); ! 141: return; ! 142: } ! 143: ! 144: switch (ext->sadb_ext_type) { ! 145: case SADB_EXT_SA: ! 146: kdebug_sadb_sa(ext); ! 147: break; ! 148: case SADB_EXT_LIFETIME_CURRENT: ! 149: case SADB_EXT_LIFETIME_HARD: ! 150: case SADB_EXT_LIFETIME_SOFT: ! 151: kdebug_sadb_lifetime(ext); ! 152: break; ! 153: case SADB_EXT_ADDRESS_SRC: ! 154: case SADB_EXT_ADDRESS_DST: ! 155: case SADB_EXT_ADDRESS_PROXY: ! 156: kdebug_sadb_address(ext); ! 157: break; ! 158: case SADB_EXT_KEY_AUTH: ! 159: case SADB_EXT_KEY_ENCRYPT: ! 160: kdebug_sadb_key(ext); ! 161: break; ! 162: case SADB_EXT_IDENTITY_SRC: ! 163: case SADB_EXT_IDENTITY_DST: ! 164: kdebug_sadb_identity(ext); ! 165: break; ! 166: case SADB_EXT_SENSITIVITY: ! 167: break; ! 168: case SADB_EXT_PROPOSAL: ! 169: kdebug_sadb_prop(ext); ! 170: break; ! 171: case SADB_EXT_SUPPORTED_AUTH: ! 172: case SADB_EXT_SUPPORTED_ENCRYPT: ! 173: kdebug_sadb_supported(ext); ! 174: break; ! 175: case SADB_EXT_SPIRANGE: ! 176: case SADB_X_EXT_KMPRIVATE: ! 177: break; ! 178: case SADB_X_EXT_POLICY: ! 179: kdebug_sadb_x_policy(ext); ! 180: break; ! 181: case SADB_X_EXT_SA2: ! 182: kdebug_sadb_x_sa2(ext); ! 183: break; ! 184: #ifdef SADB_X_EXT_NAT_T_TYPE ! 185: case SADB_X_EXT_NAT_T_TYPE: ! 186: kdebug_sadb_x_nat_t_type(ext); ! 187: break; ! 188: case SADB_X_EXT_NAT_T_SPORT: ! 189: case SADB_X_EXT_NAT_T_DPORT: ! 190: kdebug_sadb_x_nat_t_port(ext); ! 191: break; ! 192: case SADB_X_EXT_NAT_T_OA: ! 193: kdebug_sadb_address(ext); ! 194: break; ! 195: #endif ! 196: #ifdef SADB_X_EXT_PACKET ! 197: case SADB_X_EXT_PACKET: ! 198: kdebug_sadb_x_packet(ext); ! 199: break; ! 200: #endif ! 201: #ifdef SADB_X_EXT_KMADDRESS ! 202: case SADB_X_EXT_KMADDRESS: ! 203: kdebug_sadb_x_kmaddress(ext); ! 204: break; ! 205: #endif ! 206: default: ! 207: printf("kdebug_sadb: invalid ext_type %u was passed.\n", ! 208: ext->sadb_ext_type); ! 209: return; ! 210: } ! 211: ! 212: extlen = PFKEY_UNUNIT64(ext->sadb_ext_len); ! 213: tlen -= extlen; ! 214: ext = (void *)((caddr_t)(void *)ext + extlen); ! 215: } ! 216: ! 217: return; ! 218: } ! 219: ! 220: static void ! 221: kdebug_sadb_prop(ext) ! 222: struct sadb_ext *ext; ! 223: { ! 224: struct sadb_prop *prop = (void *)ext; ! 225: struct sadb_comb *comb; ! 226: int len; ! 227: ! 228: /* sanity check */ ! 229: if (ext == NULL) ! 230: panic("kdebug_sadb_prop: NULL pointer was passed.\n"); ! 231: ! 232: len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop)) ! 233: / sizeof(*comb); ! 234: comb = (void *)(prop + 1); ! 235: printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay); ! 236: ! 237: while (len--) { ! 238: printf("sadb_comb{ auth=%u encrypt=%u " ! 239: "flags=0x%04x reserved=0x%08x\n", ! 240: comb->sadb_comb_auth, comb->sadb_comb_encrypt, ! 241: comb->sadb_comb_flags, comb->sadb_comb_reserved); ! 242: ! 243: printf(" auth_minbits=%u auth_maxbits=%u " ! 244: "encrypt_minbits=%u encrypt_maxbits=%u\n", ! 245: comb->sadb_comb_auth_minbits, ! 246: comb->sadb_comb_auth_maxbits, ! 247: comb->sadb_comb_encrypt_minbits, ! 248: comb->sadb_comb_encrypt_maxbits); ! 249: ! 250: printf(" soft_alloc=%u hard_alloc=%u " ! 251: "soft_bytes=%lu hard_bytes=%lu\n", ! 252: comb->sadb_comb_soft_allocations, ! 253: comb->sadb_comb_hard_allocations, ! 254: (unsigned long)comb->sadb_comb_soft_bytes, ! 255: (unsigned long)comb->sadb_comb_hard_bytes); ! 256: ! 257: printf(" soft_alloc=%lu hard_alloc=%lu " ! 258: "soft_bytes=%lu hard_bytes=%lu }\n", ! 259: (unsigned long)comb->sadb_comb_soft_addtime, ! 260: (unsigned long)comb->sadb_comb_hard_addtime, ! 261: (unsigned long)comb->sadb_comb_soft_usetime, ! 262: (unsigned long)comb->sadb_comb_hard_usetime); ! 263: comb++; ! 264: } ! 265: printf("}\n"); ! 266: ! 267: return; ! 268: } ! 269: ! 270: static void ! 271: kdebug_sadb_identity(ext) ! 272: struct sadb_ext *ext; ! 273: { ! 274: struct sadb_ident *id = (void *)ext; ! 275: int len; ! 276: ! 277: /* sanity check */ ! 278: if (ext == NULL) ! 279: panic("kdebug_sadb_identity: NULL pointer was passed.\n"); ! 280: ! 281: len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id); ! 282: printf("sadb_ident_%s{", ! 283: id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst"); ! 284: switch (id->sadb_ident_type) { ! 285: default: ! 286: printf(" type=%d id=%lu", ! 287: id->sadb_ident_type, (u_long)id->sadb_ident_id); ! 288: if (len) { ! 289: #ifdef _KERNEL ! 290: ipsec_hexdump((caddr_t)(id + 1), len); /*XXX cast ?*/ ! 291: #else ! 292: char *p, *ep; ! 293: printf("\n str=\""); ! 294: p = (void *)(id + 1); ! 295: ep = p + len; ! 296: for (/*nothing*/; *p && p < ep; p++) { ! 297: if (isprint((int)*p)) ! 298: printf("%c", *p & 0xff); ! 299: else ! 300: printf("\\%03o", *p & 0xff); ! 301: } ! 302: #endif ! 303: printf("\""); ! 304: } ! 305: break; ! 306: } ! 307: ! 308: printf(" }\n"); ! 309: ! 310: return; ! 311: } ! 312: ! 313: static void ! 314: kdebug_sadb_supported(ext) ! 315: struct sadb_ext *ext; ! 316: { ! 317: struct sadb_supported *sup = (void *)ext; ! 318: struct sadb_alg *alg; ! 319: int len; ! 320: ! 321: /* sanity check */ ! 322: if (ext == NULL) ! 323: panic("kdebug_sadb_supported: NULL pointer was passed.\n"); ! 324: ! 325: len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup)) ! 326: / sizeof(*alg); ! 327: alg = (void *)(sup + 1); ! 328: printf("sadb_sup{\n"); ! 329: while (len--) { ! 330: printf(" { id=%d ivlen=%d min=%d max=%d }\n", ! 331: alg->sadb_alg_id, alg->sadb_alg_ivlen, ! 332: alg->sadb_alg_minbits, alg->sadb_alg_maxbits); ! 333: alg++; ! 334: } ! 335: printf("}\n"); ! 336: ! 337: return; ! 338: } ! 339: ! 340: static void ! 341: kdebug_sadb_lifetime(ext) ! 342: struct sadb_ext *ext; ! 343: { ! 344: struct sadb_lifetime *lft = (void *)ext; ! 345: ! 346: /* sanity check */ ! 347: if (ext == NULL) ! 348: printf("kdebug_sadb_lifetime: NULL pointer was passed.\n"); ! 349: ! 350: printf("sadb_lifetime{ alloc=%u, bytes=%u\n", ! 351: lft->sadb_lifetime_allocations, ! 352: (u_int32_t)lft->sadb_lifetime_bytes); ! 353: printf(" addtime=%u, usetime=%u }\n", ! 354: (u_int32_t)lft->sadb_lifetime_addtime, ! 355: (u_int32_t)lft->sadb_lifetime_usetime); ! 356: ! 357: return; ! 358: } ! 359: ! 360: static void ! 361: kdebug_sadb_sa(ext) ! 362: struct sadb_ext *ext; ! 363: { ! 364: struct sadb_sa *sa = (void *)ext; ! 365: ! 366: /* sanity check */ ! 367: if (ext == NULL) ! 368: panic("kdebug_sadb_sa: NULL pointer was passed.\n"); ! 369: ! 370: printf("sadb_sa{ spi=%u replay=%u state=%u\n", ! 371: (u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay, ! 372: sa->sadb_sa_state); ! 373: printf(" auth=%u encrypt=%u flags=0x%08x }\n", ! 374: sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags); ! 375: ! 376: return; ! 377: } ! 378: ! 379: static void ! 380: kdebug_sadb_address(ext) ! 381: struct sadb_ext *ext; ! 382: { ! 383: struct sadb_address *addr = (void *)ext; ! 384: ! 385: /* sanity check */ ! 386: if (ext == NULL) ! 387: panic("kdebug_sadb_address: NULL pointer was passed.\n"); ! 388: ! 389: printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n", ! 390: addr->sadb_address_proto, addr->sadb_address_prefixlen, ! 391: ((u_char *)(void *)&addr->sadb_address_reserved)[0], ! 392: ((u_char *)(void *)&addr->sadb_address_reserved)[1]); ! 393: ! 394: kdebug_sockaddr((void *)((caddr_t)(void *)ext + sizeof(*addr))); ! 395: ! 396: return; ! 397: } ! 398: ! 399: static void ! 400: kdebug_sadb_key(ext) ! 401: struct sadb_ext *ext; ! 402: { ! 403: struct sadb_key *key = (void *)ext; ! 404: ! 405: /* sanity check */ ! 406: if (ext == NULL) ! 407: panic("kdebug_sadb_key: NULL pointer was passed.\n"); ! 408: ! 409: printf("sadb_key{ bits=%u reserved=%u\n", ! 410: key->sadb_key_bits, key->sadb_key_reserved); ! 411: printf(" key="); ! 412: ! 413: /* sanity check 2 */ ! 414: if (((uint32_t)key->sadb_key_bits >> 3) > ! 415: (PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) { ! 416: printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n", ! 417: (uint32_t)key->sadb_key_bits >> 3, ! 418: (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key)); ! 419: } ! 420: ! 421: ipsec_hexdump(key + sizeof(struct sadb_key), ! 422: (int)((uint32_t)key->sadb_key_bits >> 3)); ! 423: printf(" }\n"); ! 424: return; ! 425: } ! 426: ! 427: static void ! 428: kdebug_sadb_x_sa2(ext) ! 429: struct sadb_ext *ext; ! 430: { ! 431: struct sadb_x_sa2 *sa2 = (void *)ext; ! 432: ! 433: /* sanity check */ ! 434: if (ext == NULL) ! 435: panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n"); ! 436: ! 437: printf("sadb_x_sa2{ mode=%u reqid=%u\n", ! 438: sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid); ! 439: printf(" reserved1=%u reserved2=%u sequence=%u }\n", ! 440: sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2, ! 441: sa2->sadb_x_sa2_sequence); ! 442: ! 443: return; ! 444: } ! 445: ! 446: void ! 447: kdebug_sadb_x_policy(ext) ! 448: struct sadb_ext *ext; ! 449: { ! 450: struct sadb_x_policy *xpl = (void *)ext; ! 451: struct sockaddr *addr; ! 452: ! 453: /* sanity check */ ! 454: if (ext == NULL) ! 455: panic("kdebug_sadb_x_policy: NULL pointer was passed.\n"); ! 456: ! 457: #ifdef HAVE_PFKEY_POLICY_PRIORITY ! 458: printf("sadb_x_policy{ type=%u dir=%u id=%x priority=%u }\n", ! 459: #else ! 460: printf("sadb_x_policy{ type=%u dir=%u id=%x }\n", ! 461: #endif ! 462: xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir, ! 463: #ifdef HAVE_PFKEY_POLICY_PRIORITY ! 464: xpl->sadb_x_policy_id, xpl->sadb_x_policy_priority); ! 465: #else ! 466: xpl->sadb_x_policy_id); ! 467: #endif ! 468: ! 469: if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) { ! 470: int tlen; ! 471: struct sadb_x_ipsecrequest *xisr; ! 472: ! 473: tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl); ! 474: xisr = (void *)(xpl + 1); ! 475: ! 476: while (tlen > 0) { ! 477: printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n", ! 478: xisr->sadb_x_ipsecrequest_len, ! 479: xisr->sadb_x_ipsecrequest_proto, ! 480: xisr->sadb_x_ipsecrequest_mode, ! 481: xisr->sadb_x_ipsecrequest_level, ! 482: xisr->sadb_x_ipsecrequest_reqid); ! 483: ! 484: if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { ! 485: addr = (void *)(xisr + 1); ! 486: kdebug_sockaddr(addr); ! 487: addr = (void *)((caddr_t)(void *)addr ! 488: + sysdep_sa_len(addr)); ! 489: kdebug_sockaddr(addr); ! 490: } ! 491: ! 492: printf(" }\n"); ! 493: ! 494: /* prevent infinite loop */ ! 495: if (xisr->sadb_x_ipsecrequest_len == 0) { ! 496: printf("kdebug_sadb_x_policy: wrong policy struct.\n"); ! 497: return; ! 498: } ! 499: /* prevent overflow */ ! 500: if (xisr->sadb_x_ipsecrequest_len > tlen) { ! 501: printf("invalid ipsec policy length\n"); ! 502: return; ! 503: } ! 504: ! 505: tlen -= xisr->sadb_x_ipsecrequest_len; ! 506: ! 507: xisr = (void *)((caddr_t)(void *)xisr ! 508: + xisr->sadb_x_ipsecrequest_len); ! 509: } ! 510: ! 511: if (tlen != 0) ! 512: panic("kdebug_sadb_x_policy: wrong policy struct.\n"); ! 513: } ! 514: ! 515: return; ! 516: } ! 517: ! 518: #ifdef SADB_X_EXT_NAT_T_TYPE ! 519: static void ! 520: kdebug_sadb_x_nat_t_type(struct sadb_ext *ext) ! 521: { ! 522: struct sadb_x_nat_t_type *ntt = (void *)ext; ! 523: ! 524: /* sanity check */ ! 525: if (ext == NULL) ! 526: panic("kdebug_sadb_x_nat_t_type: NULL pointer was passed.\n"); ! 527: ! 528: printf("sadb_x_nat_t_type{ type=%u }\n", ntt->sadb_x_nat_t_type_type); ! 529: ! 530: return; ! 531: } ! 532: ! 533: static void ! 534: kdebug_sadb_x_nat_t_port(struct sadb_ext *ext) ! 535: { ! 536: struct sadb_x_nat_t_port *ntp = (void *)ext; ! 537: ! 538: /* sanity check */ ! 539: if (ext == NULL) ! 540: panic("kdebug_sadb_x_nat_t_port: NULL pointer was passed.\n"); ! 541: ! 542: printf("sadb_x_nat_t_port{ port=%u }\n", ntohs(ntp->sadb_x_nat_t_port_port)); ! 543: ! 544: return; ! 545: } ! 546: #endif ! 547: ! 548: #ifdef SADB_X_EXT_PACKET ! 549: static void ! 550: kdebug_sadb_x_packet(ext) ! 551: struct sadb_ext *ext; ! 552: { ! 553: struct sadb_x_packet *pkt = (struct sadb_x_packet *)ext; ! 554: ! 555: /* sanity check */ ! 556: if (ext == NULL) ! 557: panic("kdebug_sadb_x_packet: NULL pointer was passed.\n"); ! 558: ! 559: printf("sadb_x_packet{ copylen=%u\n", pkt->sadb_x_packet_copylen); ! 560: printf(" packet="); ! 561: ipsec_hexdump((caddr_t)pkt + sizeof(struct sadb_x_packet), ! 562: pkt->sadb_x_packet_copylen); ! 563: printf(" }\n"); ! 564: return; ! 565: } ! 566: #endif ! 567: ! 568: #ifdef SADB_X_EXT_KMADDRESS ! 569: static void ! 570: kdebug_sadb_x_kmaddress(ext) ! 571: struct sadb_ext *ext; ! 572: { ! 573: struct sadb_x_kmaddress *kma = (struct sadb_x_kmaddress *)ext; ! 574: struct sockaddr * sa; ! 575: sa_family_t family; ! 576: int len, sa_len; ! 577: ! 578: /* sanity check */ ! 579: if (ext == NULL) ! 580: panic("kdebug_sadb_x_kmaddress: NULL pointer was passed.\n"); ! 581: ! 582: len = (PFKEY_UNUNIT64(kma->sadb_x_kmaddress_len) - sizeof(*kma)); ! 583: ! 584: printf("sadb_x_kmaddress{ reserved=0x%02x%02x%02x%02x }\n", ! 585: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[0], ! 586: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[1], ! 587: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[2], ! 588: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[3]); ! 589: ! 590: sa = (struct sockaddr *)(kma + 1); ! 591: if (len < sizeof(struct sockaddr) || (sa_len = sysdep_sa_len(sa)) > len) ! 592: panic("kdebug_sadb_x_kmaddress: not enough data to read" ! 593: " first sockaddr.\n"); ! 594: kdebug_sockaddr((void *)sa); /* local address */ ! 595: family = sa->sa_family; ! 596: ! 597: len -= sa_len; ! 598: sa = (struct sockaddr *)((char *)sa + sa_len); ! 599: if (len < sizeof(struct sockaddr) || sysdep_sa_len(sa) > len) ! 600: panic("kdebug_sadb_x_kmaddress: not enough data to read" ! 601: " second sockaddr.\n"); ! 602: kdebug_sockaddr((void *)sa); /* remote address */ ! 603: ! 604: if (family != sa->sa_family) ! 605: printf("kdebug_sadb_x_kmaddress: !!!! Please, note the " ! 606: "unexpected mismatch in address family.\n"); ! 607: } ! 608: #endif ! 609: ! 610: ! 611: #ifdef _KERNEL ! 612: /* %%%: about SPD and SAD */ ! 613: void ! 614: kdebug_secpolicy(sp) ! 615: struct secpolicy *sp; ! 616: { ! 617: /* sanity check */ ! 618: if (sp == NULL) ! 619: panic("kdebug_secpolicy: NULL pointer was passed.\n"); ! 620: ! 621: printf("secpolicy{ refcnt=%u state=%u policy=%u\n", ! 622: sp->refcnt, sp->state, sp->policy); ! 623: ! 624: kdebug_secpolicyindex(&sp->spidx); ! 625: ! 626: switch (sp->policy) { ! 627: case IPSEC_POLICY_DISCARD: ! 628: printf(" type=discard }\n"); ! 629: break; ! 630: case IPSEC_POLICY_NONE: ! 631: printf(" type=none }\n"); ! 632: break; ! 633: case IPSEC_POLICY_IPSEC: ! 634: { ! 635: struct ipsecrequest *isr; ! 636: for (isr = sp->req; isr != NULL; isr = isr->next) { ! 637: ! 638: printf(" level=%u\n", isr->level); ! 639: kdebug_secasindex(&isr->saidx); ! 640: ! 641: if (isr->sav != NULL) ! 642: kdebug_secasv(isr->sav); ! 643: } ! 644: printf(" }\n"); ! 645: } ! 646: break; ! 647: case IPSEC_POLICY_BYPASS: ! 648: printf(" type=bypass }\n"); ! 649: break; ! 650: case IPSEC_POLICY_ENTRUST: ! 651: printf(" type=entrust }\n"); ! 652: break; ! 653: default: ! 654: printf("kdebug_secpolicy: Invalid policy found. %d\n", ! 655: sp->policy); ! 656: break; ! 657: } ! 658: ! 659: return; ! 660: } ! 661: ! 662: void ! 663: kdebug_secpolicyindex(spidx) ! 664: struct secpolicyindex *spidx; ! 665: { ! 666: /* sanity check */ ! 667: if (spidx == NULL) ! 668: panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); ! 669: ! 670: printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n", ! 671: spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto); ! 672: ! 673: ipsec_hexdump((caddr_t)&spidx->src, ! 674: sysdep_sa_len((struct sockaddr *)&spidx->src)); ! 675: printf("\n"); ! 676: ipsec_hexdump((caddr_t)&spidx->dst, ! 677: sysdep_sa_len((struct sockaddr *)&spidx->dst)); ! 678: printf("}\n"); ! 679: ! 680: return; ! 681: } ! 682: ! 683: void ! 684: kdebug_secasindex(saidx) ! 685: struct secasindex *saidx; ! 686: { ! 687: /* sanity check */ ! 688: if (saidx == NULL) ! 689: panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); ! 690: ! 691: printf("secasindex{ mode=%u proto=%u\n", ! 692: saidx->mode, saidx->proto); ! 693: ! 694: ipsec_hexdump((caddr_t)&saidx->src, ! 695: sysdep_sa_len((struct sockaddr *)&saidx->src)); ! 696: printf("\n"); ! 697: ipsec_hexdump((caddr_t)&saidx->dst, ! 698: sysdep_sa_len((struct sockaddr *)&saidx->dst)); ! 699: printf("\n"); ! 700: ! 701: return; ! 702: } ! 703: ! 704: void ! 705: kdebug_secasv(sav) ! 706: struct secasvar *sav; ! 707: { ! 708: /* sanity check */ ! 709: if (sav == NULL) ! 710: panic("kdebug_secasv: NULL pointer was passed.\n"); ! 711: ! 712: printf("secas{"); ! 713: kdebug_secasindex(&sav->sah->saidx); ! 714: ! 715: printf(" refcnt=%u state=%u auth=%u enc=%u\n", ! 716: sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc); ! 717: printf(" spi=%u flags=%u\n", ! 718: (u_int32_t)ntohl(sav->spi), sav->flags); ! 719: ! 720: if (sav->key_auth != NULL) ! 721: kdebug_sadb_key((struct sadb_ext *)sav->key_auth); ! 722: if (sav->key_enc != NULL) ! 723: kdebug_sadb_key((struct sadb_ext *)sav->key_enc); ! 724: if (sav->iv != NULL) { ! 725: printf(" iv="); ! 726: ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8); ! 727: printf("\n"); ! 728: } ! 729: ! 730: if (sav->replay != NULL) ! 731: kdebug_secreplay(sav->replay); ! 732: if (sav->lft_c != NULL) ! 733: kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c); ! 734: if (sav->lft_h != NULL) ! 735: kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h); ! 736: if (sav->lft_s != NULL) ! 737: kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s); ! 738: ! 739: #if notyet ! 740: /* XXX: misc[123] ? */ ! 741: #endif ! 742: ! 743: return; ! 744: } ! 745: ! 746: static void ! 747: kdebug_secreplay(rpl) ! 748: struct secreplay *rpl; ! 749: { ! 750: int len, l; ! 751: ! 752: /* sanity check */ ! 753: if (rpl == NULL) ! 754: panic("kdebug_secreplay: NULL pointer was passed.\n"); ! 755: ! 756: printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u", ! 757: rpl->count, rpl->wsize, rpl->seq, rpl->lastseq); ! 758: ! 759: if (rpl->bitmap == NULL) { ! 760: printf(" }\n"); ! 761: return; ! 762: } ! 763: ! 764: printf("\n bitmap { "); ! 765: ! 766: for (len = 0; len < rpl->wsize; len++) { ! 767: for (l = 7; l >= 0; l--) ! 768: printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0); ! 769: } ! 770: printf(" }\n"); ! 771: ! 772: return; ! 773: } ! 774: ! 775: void ! 776: kdebug_mbufhdr(m) ! 777: struct mbuf *m; ! 778: { ! 779: /* sanity check */ ! 780: if (m == NULL) ! 781: return; ! 782: ! 783: printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p " ! 784: "m_len:%d m_type:0x%02x m_flags:0x%02x }\n", ! 785: m, m->m_next, m->m_nextpkt, m->m_data, ! 786: m->m_len, m->m_type, m->m_flags); ! 787: ! 788: if (m->m_flags & M_PKTHDR) { ! 789: printf(" m_pkthdr{ len:%d rcvif:%p }\n", ! 790: m->m_pkthdr.len, m->m_pkthdr.rcvif); ! 791: } ! 792: ! 793: #ifdef __FreeBSD__ ! 794: if (m->m_flags & M_EXT) { ! 795: printf(" m_ext{ ext_buf:%p ext_free:%p " ! 796: "ext_size:%u ext_ref:%p }\n", ! 797: m->m_ext.ext_buf, m->m_ext.ext_free, ! 798: m->m_ext.ext_size, m->m_ext.ext_ref); ! 799: } ! 800: #endif ! 801: ! 802: return; ! 803: } ! 804: ! 805: void ! 806: kdebug_mbuf(m0) ! 807: struct mbuf *m0; ! 808: { ! 809: struct mbuf *m = m0; ! 810: int i, j; ! 811: ! 812: for (j = 0; m; m = m->m_next) { ! 813: kdebug_mbufhdr(m); ! 814: printf(" m_data:\n"); ! 815: for (i = 0; i < m->m_len; i++) { ! 816: if (i && i % 32 == 0) ! 817: printf("\n"); ! 818: if (i % 4 == 0) ! 819: printf(" "); ! 820: printf("%02x", mtod(m, u_char *)[i]); ! 821: j++; ! 822: } ! 823: printf("\n"); ! 824: } ! 825: ! 826: return; ! 827: } ! 828: #endif /* _KERNEL */ ! 829: ! 830: static void ! 831: kdebug_sockaddr(addr) ! 832: struct sockaddr *addr; ! 833: { ! 834: struct sockaddr_in *sin4; ! 835: #ifdef INET6 ! 836: struct sockaddr_in6 *sin6; ! 837: #endif ! 838: ! 839: /* sanity check */ ! 840: if (addr == NULL) ! 841: panic("kdebug_sockaddr: NULL pointer was passed.\n"); ! 842: ! 843: /* NOTE: We deal with port number as host byte order. */ ! 844: printf("sockaddr{ len=%u family=%u", sysdep_sa_len(addr), addr->sa_family); ! 845: ! 846: switch (addr->sa_family) { ! 847: case AF_INET: ! 848: sin4 = (void *)addr; ! 849: printf(" port=%u\n", ntohs(sin4->sin_port)); ! 850: ipsec_hexdump(&sin4->sin_addr, sizeof(sin4->sin_addr)); ! 851: break; ! 852: #ifdef INET6 ! 853: case AF_INET6: ! 854: sin6 = (void *)addr; ! 855: printf(" port=%u\n", ntohs(sin6->sin6_port)); ! 856: printf(" flowinfo=0x%08x, scope_id=0x%08x\n", ! 857: sin6->sin6_flowinfo, sin6->sin6_scope_id); ! 858: ipsec_hexdump(&sin6->sin6_addr, sizeof(sin6->sin6_addr)); ! 859: break; ! 860: #endif ! 861: } ! 862: ! 863: printf(" }\n"); ! 864: ! 865: return; ! 866: } ! 867: ! 868: void ! 869: ipsec_bindump(buf, len) ! 870: caddr_t buf; ! 871: int len; ! 872: { ! 873: int i; ! 874: ! 875: for (i = 0; i < len; i++) ! 876: printf("%c", (unsigned char)buf[i]); ! 877: ! 878: return; ! 879: } ! 880: ! 881: ! 882: void ! 883: ipsec_hexdump(buf, len) ! 884: const void *buf; ! 885: int len; ! 886: { ! 887: int i; ! 888: ! 889: for (i = 0; i < len; i++) { ! 890: if (i != 0 && i % 32 == 0) printf("\n"); ! 891: if (i % 4 == 0) printf(" "); ! 892: printf("%02x", ((const unsigned char *)buf)[i]); ! 893: } ! 894: #if 0 ! 895: if (i % 32 != 0) printf("\n"); ! 896: #endif ! 897: ! 898: return; ! 899: }