Annotation of embedaddon/ipsec-tools/src/libipsec/key_debug.c, revision 1.1
1.1 ! misho 1: /* $NetBSD: key_debug.c,v 1.9 2008/12/05 06:02:20 tteras Exp $ */
! 2:
! 3: /* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */
! 4:
! 5: /*
! 6: * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
! 7: * All rights reserved.
! 8: *
! 9: * Redistribution and use in source and binary forms, with or without
! 10: * modification, are permitted provided that the following conditions
! 11: * are met:
! 12: * 1. Redistributions of source code must retain the above copyright
! 13: * notice, this list of conditions and the following disclaimer.
! 14: * 2. Redistributions in binary form must reproduce the above copyright
! 15: * notice, this list of conditions and the following disclaimer in the
! 16: * documentation and/or other materials provided with the distribution.
! 17: * 3. Neither the name of the project nor the names of its contributors
! 18: * may be used to endorse or promote products derived from this software
! 19: * without specific prior written permission.
! 20: *
! 21: * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
! 22: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
! 23: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
! 24: * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
! 25: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
! 26: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
! 27: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
! 28: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
! 29: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
! 30: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
! 31: * SUCH DAMAGE.
! 32: */
! 33:
! 34: #ifdef HAVE_CONFIG_H
! 35: #include "config.h"
! 36: #endif
! 37:
! 38: #ifdef _KERNEL
! 39: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
! 40: #include "opt_inet.h"
! 41: #include "opt_inet6.h"
! 42: #include "opt_ipsec.h"
! 43: #endif
! 44: #ifdef __NetBSD__
! 45: #include "opt_inet.h"
! 46: #endif
! 47: #endif
! 48:
! 49: #if HAVE_STDINT_H
! 50: #include <stdint.h>
! 51: #endif
! 52:
! 53: #include <sys/types.h>
! 54: #include <sys/param.h>
! 55: #ifdef _KERNEL
! 56: #include <sys/systm.h>
! 57: #include <sys/mbuf.h>
! 58: #include <sys/queue.h>
! 59: #endif
! 60: #include <sys/socket.h>
! 61:
! 62: #include <netinet/in.h>
! 63: #include PATH_IPSEC_H
! 64:
! 65: #ifndef _KERNEL
! 66: #include <ctype.h>
! 67: #include <stdio.h>
! 68: #include <stdlib.h>
! 69: #endif /* !_KERNEL */
! 70:
! 71: #include "config.h"
! 72: #include "libpfkey.h"
! 73:
! 74: static void kdebug_sadb_prop __P((struct sadb_ext *));
! 75: static void kdebug_sadb_identity __P((struct sadb_ext *));
! 76: static void kdebug_sadb_supported __P((struct sadb_ext *));
! 77: static void kdebug_sadb_lifetime __P((struct sadb_ext *));
! 78: static void kdebug_sadb_sa __P((struct sadb_ext *));
! 79: static void kdebug_sadb_address __P((struct sadb_ext *));
! 80: static void kdebug_sadb_key __P((struct sadb_ext *));
! 81: static void kdebug_sadb_x_sa2 __P((struct sadb_ext *));
! 82: static void kdebug_sadb_x_policy __P((struct sadb_ext *ext));
! 83: static void kdebug_sockaddr __P((struct sockaddr *addr));
! 84:
! 85: #ifdef SADB_X_EXT_NAT_T_TYPE
! 86: static void kdebug_sadb_x_nat_t_type __P((struct sadb_ext *ext));
! 87: static void kdebug_sadb_x_nat_t_port __P((struct sadb_ext *ext));
! 88: #endif
! 89:
! 90: #ifdef SADB_X_EXT_PACKET
! 91: static void kdebug_sadb_x_packet __P((struct sadb_ext *));
! 92: #endif
! 93:
! 94: #ifdef SADB_X_EXT_KMADDRESS
! 95: static void kdebug_sadb_x_kmaddress __P((struct sadb_ext *));
! 96: #endif
! 97:
! 98: #ifdef _KERNEL
! 99: static void kdebug_secreplay __P((struct secreplay *));
! 100: #endif
! 101:
! 102: #ifndef _KERNEL
! 103: #define panic(param) { printf(param); exit(1); }
! 104: #endif
! 105:
! 106: #include "libpfkey.h"
! 107: /* NOTE: host byte order */
! 108:
! 109: /* %%%: about struct sadb_msg */
! 110: void
! 111: kdebug_sadb(base)
! 112: struct sadb_msg *base;
! 113: {
! 114: struct sadb_ext *ext;
! 115: int tlen, extlen;
! 116:
! 117: /* sanity check */
! 118: if (base == NULL)
! 119: panic("kdebug_sadb: NULL pointer was passed.\n");
! 120:
! 121: printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n",
! 122: base->sadb_msg_version, base->sadb_msg_type,
! 123: base->sadb_msg_errno, base->sadb_msg_satype);
! 124: printf(" len=%u reserved=%u seq=%u pid=%u\n",
! 125: base->sadb_msg_len, base->sadb_msg_reserved,
! 126: base->sadb_msg_seq, base->sadb_msg_pid);
! 127:
! 128: tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg);
! 129: ext = (void *)((caddr_t)(void *)base + sizeof(struct sadb_msg));
! 130:
! 131: while (tlen > 0) {
! 132: printf("sadb_ext{ len=%u type=%u }\n",
! 133: ext->sadb_ext_len, ext->sadb_ext_type);
! 134:
! 135: if (ext->sadb_ext_len == 0) {
! 136: printf("kdebug_sadb: invalid ext_len=0 was passed.\n");
! 137: return;
! 138: }
! 139: if (ext->sadb_ext_len > tlen) {
! 140: printf("kdebug_sadb: ext_len exceeds end of buffer.\n");
! 141: return;
! 142: }
! 143:
! 144: switch (ext->sadb_ext_type) {
! 145: case SADB_EXT_SA:
! 146: kdebug_sadb_sa(ext);
! 147: break;
! 148: case SADB_EXT_LIFETIME_CURRENT:
! 149: case SADB_EXT_LIFETIME_HARD:
! 150: case SADB_EXT_LIFETIME_SOFT:
! 151: kdebug_sadb_lifetime(ext);
! 152: break;
! 153: case SADB_EXT_ADDRESS_SRC:
! 154: case SADB_EXT_ADDRESS_DST:
! 155: case SADB_EXT_ADDRESS_PROXY:
! 156: kdebug_sadb_address(ext);
! 157: break;
! 158: case SADB_EXT_KEY_AUTH:
! 159: case SADB_EXT_KEY_ENCRYPT:
! 160: kdebug_sadb_key(ext);
! 161: break;
! 162: case SADB_EXT_IDENTITY_SRC:
! 163: case SADB_EXT_IDENTITY_DST:
! 164: kdebug_sadb_identity(ext);
! 165: break;
! 166: case SADB_EXT_SENSITIVITY:
! 167: break;
! 168: case SADB_EXT_PROPOSAL:
! 169: kdebug_sadb_prop(ext);
! 170: break;
! 171: case SADB_EXT_SUPPORTED_AUTH:
! 172: case SADB_EXT_SUPPORTED_ENCRYPT:
! 173: kdebug_sadb_supported(ext);
! 174: break;
! 175: case SADB_EXT_SPIRANGE:
! 176: case SADB_X_EXT_KMPRIVATE:
! 177: break;
! 178: case SADB_X_EXT_POLICY:
! 179: kdebug_sadb_x_policy(ext);
! 180: break;
! 181: case SADB_X_EXT_SA2:
! 182: kdebug_sadb_x_sa2(ext);
! 183: break;
! 184: #ifdef SADB_X_EXT_NAT_T_TYPE
! 185: case SADB_X_EXT_NAT_T_TYPE:
! 186: kdebug_sadb_x_nat_t_type(ext);
! 187: break;
! 188: case SADB_X_EXT_NAT_T_SPORT:
! 189: case SADB_X_EXT_NAT_T_DPORT:
! 190: kdebug_sadb_x_nat_t_port(ext);
! 191: break;
! 192: case SADB_X_EXT_NAT_T_OA:
! 193: kdebug_sadb_address(ext);
! 194: break;
! 195: #endif
! 196: #ifdef SADB_X_EXT_PACKET
! 197: case SADB_X_EXT_PACKET:
! 198: kdebug_sadb_x_packet(ext);
! 199: break;
! 200: #endif
! 201: #ifdef SADB_X_EXT_KMADDRESS
! 202: case SADB_X_EXT_KMADDRESS:
! 203: kdebug_sadb_x_kmaddress(ext);
! 204: break;
! 205: #endif
! 206: default:
! 207: printf("kdebug_sadb: invalid ext_type %u was passed.\n",
! 208: ext->sadb_ext_type);
! 209: return;
! 210: }
! 211:
! 212: extlen = PFKEY_UNUNIT64(ext->sadb_ext_len);
! 213: tlen -= extlen;
! 214: ext = (void *)((caddr_t)(void *)ext + extlen);
! 215: }
! 216:
! 217: return;
! 218: }
! 219:
! 220: static void
! 221: kdebug_sadb_prop(ext)
! 222: struct sadb_ext *ext;
! 223: {
! 224: struct sadb_prop *prop = (void *)ext;
! 225: struct sadb_comb *comb;
! 226: int len;
! 227:
! 228: /* sanity check */
! 229: if (ext == NULL)
! 230: panic("kdebug_sadb_prop: NULL pointer was passed.\n");
! 231:
! 232: len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop))
! 233: / sizeof(*comb);
! 234: comb = (void *)(prop + 1);
! 235: printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay);
! 236:
! 237: while (len--) {
! 238: printf("sadb_comb{ auth=%u encrypt=%u "
! 239: "flags=0x%04x reserved=0x%08x\n",
! 240: comb->sadb_comb_auth, comb->sadb_comb_encrypt,
! 241: comb->sadb_comb_flags, comb->sadb_comb_reserved);
! 242:
! 243: printf(" auth_minbits=%u auth_maxbits=%u "
! 244: "encrypt_minbits=%u encrypt_maxbits=%u\n",
! 245: comb->sadb_comb_auth_minbits,
! 246: comb->sadb_comb_auth_maxbits,
! 247: comb->sadb_comb_encrypt_minbits,
! 248: comb->sadb_comb_encrypt_maxbits);
! 249:
! 250: printf(" soft_alloc=%u hard_alloc=%u "
! 251: "soft_bytes=%lu hard_bytes=%lu\n",
! 252: comb->sadb_comb_soft_allocations,
! 253: comb->sadb_comb_hard_allocations,
! 254: (unsigned long)comb->sadb_comb_soft_bytes,
! 255: (unsigned long)comb->sadb_comb_hard_bytes);
! 256:
! 257: printf(" soft_alloc=%lu hard_alloc=%lu "
! 258: "soft_bytes=%lu hard_bytes=%lu }\n",
! 259: (unsigned long)comb->sadb_comb_soft_addtime,
! 260: (unsigned long)comb->sadb_comb_hard_addtime,
! 261: (unsigned long)comb->sadb_comb_soft_usetime,
! 262: (unsigned long)comb->sadb_comb_hard_usetime);
! 263: comb++;
! 264: }
! 265: printf("}\n");
! 266:
! 267: return;
! 268: }
! 269:
! 270: static void
! 271: kdebug_sadb_identity(ext)
! 272: struct sadb_ext *ext;
! 273: {
! 274: struct sadb_ident *id = (void *)ext;
! 275: int len;
! 276:
! 277: /* sanity check */
! 278: if (ext == NULL)
! 279: panic("kdebug_sadb_identity: NULL pointer was passed.\n");
! 280:
! 281: len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id);
! 282: printf("sadb_ident_%s{",
! 283: id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst");
! 284: switch (id->sadb_ident_type) {
! 285: default:
! 286: printf(" type=%d id=%lu",
! 287: id->sadb_ident_type, (u_long)id->sadb_ident_id);
! 288: if (len) {
! 289: #ifdef _KERNEL
! 290: ipsec_hexdump((caddr_t)(id + 1), len); /*XXX cast ?*/
! 291: #else
! 292: char *p, *ep;
! 293: printf("\n str=\"");
! 294: p = (void *)(id + 1);
! 295: ep = p + len;
! 296: for (/*nothing*/; *p && p < ep; p++) {
! 297: if (isprint((int)*p))
! 298: printf("%c", *p & 0xff);
! 299: else
! 300: printf("\\%03o", *p & 0xff);
! 301: }
! 302: #endif
! 303: printf("\"");
! 304: }
! 305: break;
! 306: }
! 307:
! 308: printf(" }\n");
! 309:
! 310: return;
! 311: }
! 312:
! 313: static void
! 314: kdebug_sadb_supported(ext)
! 315: struct sadb_ext *ext;
! 316: {
! 317: struct sadb_supported *sup = (void *)ext;
! 318: struct sadb_alg *alg;
! 319: int len;
! 320:
! 321: /* sanity check */
! 322: if (ext == NULL)
! 323: panic("kdebug_sadb_supported: NULL pointer was passed.\n");
! 324:
! 325: len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup))
! 326: / sizeof(*alg);
! 327: alg = (void *)(sup + 1);
! 328: printf("sadb_sup{\n");
! 329: while (len--) {
! 330: printf(" { id=%d ivlen=%d min=%d max=%d }\n",
! 331: alg->sadb_alg_id, alg->sadb_alg_ivlen,
! 332: alg->sadb_alg_minbits, alg->sadb_alg_maxbits);
! 333: alg++;
! 334: }
! 335: printf("}\n");
! 336:
! 337: return;
! 338: }
! 339:
! 340: static void
! 341: kdebug_sadb_lifetime(ext)
! 342: struct sadb_ext *ext;
! 343: {
! 344: struct sadb_lifetime *lft = (void *)ext;
! 345:
! 346: /* sanity check */
! 347: if (ext == NULL)
! 348: printf("kdebug_sadb_lifetime: NULL pointer was passed.\n");
! 349:
! 350: printf("sadb_lifetime{ alloc=%u, bytes=%u\n",
! 351: lft->sadb_lifetime_allocations,
! 352: (u_int32_t)lft->sadb_lifetime_bytes);
! 353: printf(" addtime=%u, usetime=%u }\n",
! 354: (u_int32_t)lft->sadb_lifetime_addtime,
! 355: (u_int32_t)lft->sadb_lifetime_usetime);
! 356:
! 357: return;
! 358: }
! 359:
! 360: static void
! 361: kdebug_sadb_sa(ext)
! 362: struct sadb_ext *ext;
! 363: {
! 364: struct sadb_sa *sa = (void *)ext;
! 365:
! 366: /* sanity check */
! 367: if (ext == NULL)
! 368: panic("kdebug_sadb_sa: NULL pointer was passed.\n");
! 369:
! 370: printf("sadb_sa{ spi=%u replay=%u state=%u\n",
! 371: (u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay,
! 372: sa->sadb_sa_state);
! 373: printf(" auth=%u encrypt=%u flags=0x%08x }\n",
! 374: sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags);
! 375:
! 376: return;
! 377: }
! 378:
! 379: static void
! 380: kdebug_sadb_address(ext)
! 381: struct sadb_ext *ext;
! 382: {
! 383: struct sadb_address *addr = (void *)ext;
! 384:
! 385: /* sanity check */
! 386: if (ext == NULL)
! 387: panic("kdebug_sadb_address: NULL pointer was passed.\n");
! 388:
! 389: printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n",
! 390: addr->sadb_address_proto, addr->sadb_address_prefixlen,
! 391: ((u_char *)(void *)&addr->sadb_address_reserved)[0],
! 392: ((u_char *)(void *)&addr->sadb_address_reserved)[1]);
! 393:
! 394: kdebug_sockaddr((void *)((caddr_t)(void *)ext + sizeof(*addr)));
! 395:
! 396: return;
! 397: }
! 398:
! 399: static void
! 400: kdebug_sadb_key(ext)
! 401: struct sadb_ext *ext;
! 402: {
! 403: struct sadb_key *key = (void *)ext;
! 404:
! 405: /* sanity check */
! 406: if (ext == NULL)
! 407: panic("kdebug_sadb_key: NULL pointer was passed.\n");
! 408:
! 409: printf("sadb_key{ bits=%u reserved=%u\n",
! 410: key->sadb_key_bits, key->sadb_key_reserved);
! 411: printf(" key=");
! 412:
! 413: /* sanity check 2 */
! 414: if (((uint32_t)key->sadb_key_bits >> 3) >
! 415: (PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) {
! 416: printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n",
! 417: (uint32_t)key->sadb_key_bits >> 3,
! 418: (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key));
! 419: }
! 420:
! 421: ipsec_hexdump(key + sizeof(struct sadb_key),
! 422: (int)((uint32_t)key->sadb_key_bits >> 3));
! 423: printf(" }\n");
! 424: return;
! 425: }
! 426:
! 427: static void
! 428: kdebug_sadb_x_sa2(ext)
! 429: struct sadb_ext *ext;
! 430: {
! 431: struct sadb_x_sa2 *sa2 = (void *)ext;
! 432:
! 433: /* sanity check */
! 434: if (ext == NULL)
! 435: panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n");
! 436:
! 437: printf("sadb_x_sa2{ mode=%u reqid=%u\n",
! 438: sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid);
! 439: printf(" reserved1=%u reserved2=%u sequence=%u }\n",
! 440: sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2,
! 441: sa2->sadb_x_sa2_sequence);
! 442:
! 443: return;
! 444: }
! 445:
! 446: void
! 447: kdebug_sadb_x_policy(ext)
! 448: struct sadb_ext *ext;
! 449: {
! 450: struct sadb_x_policy *xpl = (void *)ext;
! 451: struct sockaddr *addr;
! 452:
! 453: /* sanity check */
! 454: if (ext == NULL)
! 455: panic("kdebug_sadb_x_policy: NULL pointer was passed.\n");
! 456:
! 457: #ifdef HAVE_PFKEY_POLICY_PRIORITY
! 458: printf("sadb_x_policy{ type=%u dir=%u id=%x priority=%u }\n",
! 459: #else
! 460: printf("sadb_x_policy{ type=%u dir=%u id=%x }\n",
! 461: #endif
! 462: xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir,
! 463: #ifdef HAVE_PFKEY_POLICY_PRIORITY
! 464: xpl->sadb_x_policy_id, xpl->sadb_x_policy_priority);
! 465: #else
! 466: xpl->sadb_x_policy_id);
! 467: #endif
! 468:
! 469: if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) {
! 470: int tlen;
! 471: struct sadb_x_ipsecrequest *xisr;
! 472:
! 473: tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl);
! 474: xisr = (void *)(xpl + 1);
! 475:
! 476: while (tlen > 0) {
! 477: printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n",
! 478: xisr->sadb_x_ipsecrequest_len,
! 479: xisr->sadb_x_ipsecrequest_proto,
! 480: xisr->sadb_x_ipsecrequest_mode,
! 481: xisr->sadb_x_ipsecrequest_level,
! 482: xisr->sadb_x_ipsecrequest_reqid);
! 483:
! 484: if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
! 485: addr = (void *)(xisr + 1);
! 486: kdebug_sockaddr(addr);
! 487: addr = (void *)((caddr_t)(void *)addr
! 488: + sysdep_sa_len(addr));
! 489: kdebug_sockaddr(addr);
! 490: }
! 491:
! 492: printf(" }\n");
! 493:
! 494: /* prevent infinite loop */
! 495: if (xisr->sadb_x_ipsecrequest_len == 0) {
! 496: printf("kdebug_sadb_x_policy: wrong policy struct.\n");
! 497: return;
! 498: }
! 499: /* prevent overflow */
! 500: if (xisr->sadb_x_ipsecrequest_len > tlen) {
! 501: printf("invalid ipsec policy length\n");
! 502: return;
! 503: }
! 504:
! 505: tlen -= xisr->sadb_x_ipsecrequest_len;
! 506:
! 507: xisr = (void *)((caddr_t)(void *)xisr
! 508: + xisr->sadb_x_ipsecrequest_len);
! 509: }
! 510:
! 511: if (tlen != 0)
! 512: panic("kdebug_sadb_x_policy: wrong policy struct.\n");
! 513: }
! 514:
! 515: return;
! 516: }
! 517:
! 518: #ifdef SADB_X_EXT_NAT_T_TYPE
! 519: static void
! 520: kdebug_sadb_x_nat_t_type(struct sadb_ext *ext)
! 521: {
! 522: struct sadb_x_nat_t_type *ntt = (void *)ext;
! 523:
! 524: /* sanity check */
! 525: if (ext == NULL)
! 526: panic("kdebug_sadb_x_nat_t_type: NULL pointer was passed.\n");
! 527:
! 528: printf("sadb_x_nat_t_type{ type=%u }\n", ntt->sadb_x_nat_t_type_type);
! 529:
! 530: return;
! 531: }
! 532:
! 533: static void
! 534: kdebug_sadb_x_nat_t_port(struct sadb_ext *ext)
! 535: {
! 536: struct sadb_x_nat_t_port *ntp = (void *)ext;
! 537:
! 538: /* sanity check */
! 539: if (ext == NULL)
! 540: panic("kdebug_sadb_x_nat_t_port: NULL pointer was passed.\n");
! 541:
! 542: printf("sadb_x_nat_t_port{ port=%u }\n", ntohs(ntp->sadb_x_nat_t_port_port));
! 543:
! 544: return;
! 545: }
! 546: #endif
! 547:
! 548: #ifdef SADB_X_EXT_PACKET
! 549: static void
! 550: kdebug_sadb_x_packet(ext)
! 551: struct sadb_ext *ext;
! 552: {
! 553: struct sadb_x_packet *pkt = (struct sadb_x_packet *)ext;
! 554:
! 555: /* sanity check */
! 556: if (ext == NULL)
! 557: panic("kdebug_sadb_x_packet: NULL pointer was passed.\n");
! 558:
! 559: printf("sadb_x_packet{ copylen=%u\n", pkt->sadb_x_packet_copylen);
! 560: printf(" packet=");
! 561: ipsec_hexdump((caddr_t)pkt + sizeof(struct sadb_x_packet),
! 562: pkt->sadb_x_packet_copylen);
! 563: printf(" }\n");
! 564: return;
! 565: }
! 566: #endif
! 567:
! 568: #ifdef SADB_X_EXT_KMADDRESS
! 569: static void
! 570: kdebug_sadb_x_kmaddress(ext)
! 571: struct sadb_ext *ext;
! 572: {
! 573: struct sadb_x_kmaddress *kma = (struct sadb_x_kmaddress *)ext;
! 574: struct sockaddr * sa;
! 575: sa_family_t family;
! 576: int len, sa_len;
! 577:
! 578: /* sanity check */
! 579: if (ext == NULL)
! 580: panic("kdebug_sadb_x_kmaddress: NULL pointer was passed.\n");
! 581:
! 582: len = (PFKEY_UNUNIT64(kma->sadb_x_kmaddress_len) - sizeof(*kma));
! 583:
! 584: printf("sadb_x_kmaddress{ reserved=0x%02x%02x%02x%02x }\n",
! 585: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[0],
! 586: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[1],
! 587: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[2],
! 588: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[3]);
! 589:
! 590: sa = (struct sockaddr *)(kma + 1);
! 591: if (len < sizeof(struct sockaddr) || (sa_len = sysdep_sa_len(sa)) > len)
! 592: panic("kdebug_sadb_x_kmaddress: not enough data to read"
! 593: " first sockaddr.\n");
! 594: kdebug_sockaddr((void *)sa); /* local address */
! 595: family = sa->sa_family;
! 596:
! 597: len -= sa_len;
! 598: sa = (struct sockaddr *)((char *)sa + sa_len);
! 599: if (len < sizeof(struct sockaddr) || sysdep_sa_len(sa) > len)
! 600: panic("kdebug_sadb_x_kmaddress: not enough data to read"
! 601: " second sockaddr.\n");
! 602: kdebug_sockaddr((void *)sa); /* remote address */
! 603:
! 604: if (family != sa->sa_family)
! 605: printf("kdebug_sadb_x_kmaddress: !!!! Please, note the "
! 606: "unexpected mismatch in address family.\n");
! 607: }
! 608: #endif
! 609:
! 610:
! 611: #ifdef _KERNEL
! 612: /* %%%: about SPD and SAD */
! 613: void
! 614: kdebug_secpolicy(sp)
! 615: struct secpolicy *sp;
! 616: {
! 617: /* sanity check */
! 618: if (sp == NULL)
! 619: panic("kdebug_secpolicy: NULL pointer was passed.\n");
! 620:
! 621: printf("secpolicy{ refcnt=%u state=%u policy=%u\n",
! 622: sp->refcnt, sp->state, sp->policy);
! 623:
! 624: kdebug_secpolicyindex(&sp->spidx);
! 625:
! 626: switch (sp->policy) {
! 627: case IPSEC_POLICY_DISCARD:
! 628: printf(" type=discard }\n");
! 629: break;
! 630: case IPSEC_POLICY_NONE:
! 631: printf(" type=none }\n");
! 632: break;
! 633: case IPSEC_POLICY_IPSEC:
! 634: {
! 635: struct ipsecrequest *isr;
! 636: for (isr = sp->req; isr != NULL; isr = isr->next) {
! 637:
! 638: printf(" level=%u\n", isr->level);
! 639: kdebug_secasindex(&isr->saidx);
! 640:
! 641: if (isr->sav != NULL)
! 642: kdebug_secasv(isr->sav);
! 643: }
! 644: printf(" }\n");
! 645: }
! 646: break;
! 647: case IPSEC_POLICY_BYPASS:
! 648: printf(" type=bypass }\n");
! 649: break;
! 650: case IPSEC_POLICY_ENTRUST:
! 651: printf(" type=entrust }\n");
! 652: break;
! 653: default:
! 654: printf("kdebug_secpolicy: Invalid policy found. %d\n",
! 655: sp->policy);
! 656: break;
! 657: }
! 658:
! 659: return;
! 660: }
! 661:
! 662: void
! 663: kdebug_secpolicyindex(spidx)
! 664: struct secpolicyindex *spidx;
! 665: {
! 666: /* sanity check */
! 667: if (spidx == NULL)
! 668: panic("kdebug_secpolicyindex: NULL pointer was passed.\n");
! 669:
! 670: printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n",
! 671: spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto);
! 672:
! 673: ipsec_hexdump((caddr_t)&spidx->src,
! 674: sysdep_sa_len((struct sockaddr *)&spidx->src));
! 675: printf("\n");
! 676: ipsec_hexdump((caddr_t)&spidx->dst,
! 677: sysdep_sa_len((struct sockaddr *)&spidx->dst));
! 678: printf("}\n");
! 679:
! 680: return;
! 681: }
! 682:
! 683: void
! 684: kdebug_secasindex(saidx)
! 685: struct secasindex *saidx;
! 686: {
! 687: /* sanity check */
! 688: if (saidx == NULL)
! 689: panic("kdebug_secpolicyindex: NULL pointer was passed.\n");
! 690:
! 691: printf("secasindex{ mode=%u proto=%u\n",
! 692: saidx->mode, saidx->proto);
! 693:
! 694: ipsec_hexdump((caddr_t)&saidx->src,
! 695: sysdep_sa_len((struct sockaddr *)&saidx->src));
! 696: printf("\n");
! 697: ipsec_hexdump((caddr_t)&saidx->dst,
! 698: sysdep_sa_len((struct sockaddr *)&saidx->dst));
! 699: printf("\n");
! 700:
! 701: return;
! 702: }
! 703:
! 704: void
! 705: kdebug_secasv(sav)
! 706: struct secasvar *sav;
! 707: {
! 708: /* sanity check */
! 709: if (sav == NULL)
! 710: panic("kdebug_secasv: NULL pointer was passed.\n");
! 711:
! 712: printf("secas{");
! 713: kdebug_secasindex(&sav->sah->saidx);
! 714:
! 715: printf(" refcnt=%u state=%u auth=%u enc=%u\n",
! 716: sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc);
! 717: printf(" spi=%u flags=%u\n",
! 718: (u_int32_t)ntohl(sav->spi), sav->flags);
! 719:
! 720: if (sav->key_auth != NULL)
! 721: kdebug_sadb_key((struct sadb_ext *)sav->key_auth);
! 722: if (sav->key_enc != NULL)
! 723: kdebug_sadb_key((struct sadb_ext *)sav->key_enc);
! 724: if (sav->iv != NULL) {
! 725: printf(" iv=");
! 726: ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8);
! 727: printf("\n");
! 728: }
! 729:
! 730: if (sav->replay != NULL)
! 731: kdebug_secreplay(sav->replay);
! 732: if (sav->lft_c != NULL)
! 733: kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c);
! 734: if (sav->lft_h != NULL)
! 735: kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h);
! 736: if (sav->lft_s != NULL)
! 737: kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s);
! 738:
! 739: #if notyet
! 740: /* XXX: misc[123] ? */
! 741: #endif
! 742:
! 743: return;
! 744: }
! 745:
! 746: static void
! 747: kdebug_secreplay(rpl)
! 748: struct secreplay *rpl;
! 749: {
! 750: int len, l;
! 751:
! 752: /* sanity check */
! 753: if (rpl == NULL)
! 754: panic("kdebug_secreplay: NULL pointer was passed.\n");
! 755:
! 756: printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u",
! 757: rpl->count, rpl->wsize, rpl->seq, rpl->lastseq);
! 758:
! 759: if (rpl->bitmap == NULL) {
! 760: printf(" }\n");
! 761: return;
! 762: }
! 763:
! 764: printf("\n bitmap { ");
! 765:
! 766: for (len = 0; len < rpl->wsize; len++) {
! 767: for (l = 7; l >= 0; l--)
! 768: printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0);
! 769: }
! 770: printf(" }\n");
! 771:
! 772: return;
! 773: }
! 774:
! 775: void
! 776: kdebug_mbufhdr(m)
! 777: struct mbuf *m;
! 778: {
! 779: /* sanity check */
! 780: if (m == NULL)
! 781: return;
! 782:
! 783: printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p "
! 784: "m_len:%d m_type:0x%02x m_flags:0x%02x }\n",
! 785: m, m->m_next, m->m_nextpkt, m->m_data,
! 786: m->m_len, m->m_type, m->m_flags);
! 787:
! 788: if (m->m_flags & M_PKTHDR) {
! 789: printf(" m_pkthdr{ len:%d rcvif:%p }\n",
! 790: m->m_pkthdr.len, m->m_pkthdr.rcvif);
! 791: }
! 792:
! 793: #ifdef __FreeBSD__
! 794: if (m->m_flags & M_EXT) {
! 795: printf(" m_ext{ ext_buf:%p ext_free:%p "
! 796: "ext_size:%u ext_ref:%p }\n",
! 797: m->m_ext.ext_buf, m->m_ext.ext_free,
! 798: m->m_ext.ext_size, m->m_ext.ext_ref);
! 799: }
! 800: #endif
! 801:
! 802: return;
! 803: }
! 804:
! 805: void
! 806: kdebug_mbuf(m0)
! 807: struct mbuf *m0;
! 808: {
! 809: struct mbuf *m = m0;
! 810: int i, j;
! 811:
! 812: for (j = 0; m; m = m->m_next) {
! 813: kdebug_mbufhdr(m);
! 814: printf(" m_data:\n");
! 815: for (i = 0; i < m->m_len; i++) {
! 816: if (i && i % 32 == 0)
! 817: printf("\n");
! 818: if (i % 4 == 0)
! 819: printf(" ");
! 820: printf("%02x", mtod(m, u_char *)[i]);
! 821: j++;
! 822: }
! 823: printf("\n");
! 824: }
! 825:
! 826: return;
! 827: }
! 828: #endif /* _KERNEL */
! 829:
! 830: static void
! 831: kdebug_sockaddr(addr)
! 832: struct sockaddr *addr;
! 833: {
! 834: struct sockaddr_in *sin4;
! 835: #ifdef INET6
! 836: struct sockaddr_in6 *sin6;
! 837: #endif
! 838:
! 839: /* sanity check */
! 840: if (addr == NULL)
! 841: panic("kdebug_sockaddr: NULL pointer was passed.\n");
! 842:
! 843: /* NOTE: We deal with port number as host byte order. */
! 844: printf("sockaddr{ len=%u family=%u", sysdep_sa_len(addr), addr->sa_family);
! 845:
! 846: switch (addr->sa_family) {
! 847: case AF_INET:
! 848: sin4 = (void *)addr;
! 849: printf(" port=%u\n", ntohs(sin4->sin_port));
! 850: ipsec_hexdump(&sin4->sin_addr, sizeof(sin4->sin_addr));
! 851: break;
! 852: #ifdef INET6
! 853: case AF_INET6:
! 854: sin6 = (void *)addr;
! 855: printf(" port=%u\n", ntohs(sin6->sin6_port));
! 856: printf(" flowinfo=0x%08x, scope_id=0x%08x\n",
! 857: sin6->sin6_flowinfo, sin6->sin6_scope_id);
! 858: ipsec_hexdump(&sin6->sin6_addr, sizeof(sin6->sin6_addr));
! 859: break;
! 860: #endif
! 861: }
! 862:
! 863: printf(" }\n");
! 864:
! 865: return;
! 866: }
! 867:
! 868: void
! 869: ipsec_bindump(buf, len)
! 870: caddr_t buf;
! 871: int len;
! 872: {
! 873: int i;
! 874:
! 875: for (i = 0; i < len; i++)
! 876: printf("%c", (unsigned char)buf[i]);
! 877:
! 878: return;
! 879: }
! 880:
! 881:
! 882: void
! 883: ipsec_hexdump(buf, len)
! 884: const void *buf;
! 885: int len;
! 886: {
! 887: int i;
! 888:
! 889: for (i = 0; i < len; i++) {
! 890: if (i != 0 && i % 32 == 0) printf("\n");
! 891: if (i % 4 == 0) printf(" ");
! 892: printf("%02x", ((const unsigned char *)buf)[i]);
! 893: }
! 894: #if 0
! 895: if (i % 32 != 0) printf("\n");
! 896: #endif
! 897:
! 898: return;
! 899: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to key_debug.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / libipsec