1: /* $NetBSD: key_debug.c,v 1.9 2008/12/05 06:02:20 tteras Exp $ */
2:
3: /* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */
4:
5: /*
6: * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
7: * All rights reserved.
8: *
9: * Redistribution and use in source and binary forms, with or without
10: * modification, are permitted provided that the following conditions
11: * are met:
12: * 1. Redistributions of source code must retain the above copyright
13: * notice, this list of conditions and the following disclaimer.
14: * 2. Redistributions in binary form must reproduce the above copyright
15: * notice, this list of conditions and the following disclaimer in the
16: * documentation and/or other materials provided with the distribution.
17: * 3. Neither the name of the project nor the names of its contributors
18: * may be used to endorse or promote products derived from this software
19: * without specific prior written permission.
20: *
21: * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24: * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31: * SUCH DAMAGE.
32: */
33:
34: #ifdef HAVE_CONFIG_H
35: #include "config.h"
36: #endif
37:
38: #ifdef _KERNEL
39: #if defined(__FreeBSD__) && __FreeBSD__ >= 3
40: #include "opt_inet.h"
41: #include "opt_inet6.h"
42: #include "opt_ipsec.h"
43: #endif
44: #ifdef __NetBSD__
45: #include "opt_inet.h"
46: #endif
47: #endif
48:
49: #if HAVE_STDINT_H
50: #include <stdint.h>
51: #endif
52:
53: #include <sys/types.h>
54: #include <sys/param.h>
55: #ifdef _KERNEL
56: #include <sys/systm.h>
57: #include <sys/mbuf.h>
58: #include <sys/queue.h>
59: #endif
60: #include <sys/socket.h>
61:
62: #include <netinet/in.h>
63: #include PATH_IPSEC_H
64:
65: #ifndef _KERNEL
66: #include <ctype.h>
67: #include <stdio.h>
68: #include <stdlib.h>
69: #endif /* !_KERNEL */
70:
71: #include "config.h"
72: #include "libpfkey.h"
73:
74: static void kdebug_sadb_prop __P((struct sadb_ext *));
75: static void kdebug_sadb_identity __P((struct sadb_ext *));
76: static void kdebug_sadb_supported __P((struct sadb_ext *));
77: static void kdebug_sadb_lifetime __P((struct sadb_ext *));
78: static void kdebug_sadb_sa __P((struct sadb_ext *));
79: static void kdebug_sadb_address __P((struct sadb_ext *));
80: static void kdebug_sadb_key __P((struct sadb_ext *));
81: static void kdebug_sadb_x_sa2 __P((struct sadb_ext *));
82: static void kdebug_sadb_x_policy __P((struct sadb_ext *ext));
83: static void kdebug_sockaddr __P((struct sockaddr *addr));
84:
85: #ifdef SADB_X_EXT_NAT_T_TYPE
86: static void kdebug_sadb_x_nat_t_type __P((struct sadb_ext *ext));
87: static void kdebug_sadb_x_nat_t_port __P((struct sadb_ext *ext));
88: #endif
89:
90: #ifdef SADB_X_EXT_PACKET
91: static void kdebug_sadb_x_packet __P((struct sadb_ext *));
92: #endif
93:
94: #ifdef SADB_X_EXT_KMADDRESS
95: static void kdebug_sadb_x_kmaddress __P((struct sadb_ext *));
96: #endif
97:
98: #ifdef _KERNEL
99: static void kdebug_secreplay __P((struct secreplay *));
100: #endif
101:
102: #ifndef _KERNEL
103: #define panic(param) { printf(param); exit(1); }
104: #endif
105:
106: #include "libpfkey.h"
107: /* NOTE: host byte order */
108:
109: /* %%%: about struct sadb_msg */
110: void
111: kdebug_sadb(base)
112: struct sadb_msg *base;
113: {
114: struct sadb_ext *ext;
115: int tlen, extlen;
116:
117: /* sanity check */
118: if (base == NULL)
119: panic("kdebug_sadb: NULL pointer was passed.\n");
120:
121: printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n",
122: base->sadb_msg_version, base->sadb_msg_type,
123: base->sadb_msg_errno, base->sadb_msg_satype);
124: printf(" len=%u reserved=%u seq=%u pid=%u\n",
125: base->sadb_msg_len, base->sadb_msg_reserved,
126: base->sadb_msg_seq, base->sadb_msg_pid);
127:
128: tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg);
129: ext = (void *)((caddr_t)(void *)base + sizeof(struct sadb_msg));
130:
131: while (tlen > 0) {
132: printf("sadb_ext{ len=%u type=%u }\n",
133: ext->sadb_ext_len, ext->sadb_ext_type);
134:
135: if (ext->sadb_ext_len == 0) {
136: printf("kdebug_sadb: invalid ext_len=0 was passed.\n");
137: return;
138: }
139: if (ext->sadb_ext_len > tlen) {
140: printf("kdebug_sadb: ext_len exceeds end of buffer.\n");
141: return;
142: }
143:
144: switch (ext->sadb_ext_type) {
145: case SADB_EXT_SA:
146: kdebug_sadb_sa(ext);
147: break;
148: case SADB_EXT_LIFETIME_CURRENT:
149: case SADB_EXT_LIFETIME_HARD:
150: case SADB_EXT_LIFETIME_SOFT:
151: kdebug_sadb_lifetime(ext);
152: break;
153: case SADB_EXT_ADDRESS_SRC:
154: case SADB_EXT_ADDRESS_DST:
155: case SADB_EXT_ADDRESS_PROXY:
156: kdebug_sadb_address(ext);
157: break;
158: case SADB_EXT_KEY_AUTH:
159: case SADB_EXT_KEY_ENCRYPT:
160: kdebug_sadb_key(ext);
161: break;
162: case SADB_EXT_IDENTITY_SRC:
163: case SADB_EXT_IDENTITY_DST:
164: kdebug_sadb_identity(ext);
165: break;
166: case SADB_EXT_SENSITIVITY:
167: break;
168: case SADB_EXT_PROPOSAL:
169: kdebug_sadb_prop(ext);
170: break;
171: case SADB_EXT_SUPPORTED_AUTH:
172: case SADB_EXT_SUPPORTED_ENCRYPT:
173: kdebug_sadb_supported(ext);
174: break;
175: case SADB_EXT_SPIRANGE:
176: case SADB_X_EXT_KMPRIVATE:
177: break;
178: case SADB_X_EXT_POLICY:
179: kdebug_sadb_x_policy(ext);
180: break;
181: case SADB_X_EXT_SA2:
182: kdebug_sadb_x_sa2(ext);
183: break;
184: #ifdef SADB_X_EXT_NAT_T_TYPE
185: case SADB_X_EXT_NAT_T_TYPE:
186: kdebug_sadb_x_nat_t_type(ext);
187: break;
188: case SADB_X_EXT_NAT_T_SPORT:
189: case SADB_X_EXT_NAT_T_DPORT:
190: kdebug_sadb_x_nat_t_port(ext);
191: break;
192: case SADB_X_EXT_NAT_T_OA:
193: kdebug_sadb_address(ext);
194: break;
195: #endif
196: #ifdef SADB_X_EXT_PACKET
197: case SADB_X_EXT_PACKET:
198: kdebug_sadb_x_packet(ext);
199: break;
200: #endif
201: #ifdef SADB_X_EXT_KMADDRESS
202: case SADB_X_EXT_KMADDRESS:
203: kdebug_sadb_x_kmaddress(ext);
204: break;
205: #endif
206: default:
207: printf("kdebug_sadb: invalid ext_type %u was passed.\n",
208: ext->sadb_ext_type);
209: return;
210: }
211:
212: extlen = PFKEY_UNUNIT64(ext->sadb_ext_len);
213: tlen -= extlen;
214: ext = (void *)((caddr_t)(void *)ext + extlen);
215: }
216:
217: return;
218: }
219:
220: static void
221: kdebug_sadb_prop(ext)
222: struct sadb_ext *ext;
223: {
224: struct sadb_prop *prop = (void *)ext;
225: struct sadb_comb *comb;
226: int len;
227:
228: /* sanity check */
229: if (ext == NULL)
230: panic("kdebug_sadb_prop: NULL pointer was passed.\n");
231:
232: len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop))
233: / sizeof(*comb);
234: comb = (void *)(prop + 1);
235: printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay);
236:
237: while (len--) {
238: printf("sadb_comb{ auth=%u encrypt=%u "
239: "flags=0x%04x reserved=0x%08x\n",
240: comb->sadb_comb_auth, comb->sadb_comb_encrypt,
241: comb->sadb_comb_flags, comb->sadb_comb_reserved);
242:
243: printf(" auth_minbits=%u auth_maxbits=%u "
244: "encrypt_minbits=%u encrypt_maxbits=%u\n",
245: comb->sadb_comb_auth_minbits,
246: comb->sadb_comb_auth_maxbits,
247: comb->sadb_comb_encrypt_minbits,
248: comb->sadb_comb_encrypt_maxbits);
249:
250: printf(" soft_alloc=%u hard_alloc=%u "
251: "soft_bytes=%lu hard_bytes=%lu\n",
252: comb->sadb_comb_soft_allocations,
253: comb->sadb_comb_hard_allocations,
254: (unsigned long)comb->sadb_comb_soft_bytes,
255: (unsigned long)comb->sadb_comb_hard_bytes);
256:
257: printf(" soft_alloc=%lu hard_alloc=%lu "
258: "soft_bytes=%lu hard_bytes=%lu }\n",
259: (unsigned long)comb->sadb_comb_soft_addtime,
260: (unsigned long)comb->sadb_comb_hard_addtime,
261: (unsigned long)comb->sadb_comb_soft_usetime,
262: (unsigned long)comb->sadb_comb_hard_usetime);
263: comb++;
264: }
265: printf("}\n");
266:
267: return;
268: }
269:
270: static void
271: kdebug_sadb_identity(ext)
272: struct sadb_ext *ext;
273: {
274: struct sadb_ident *id = (void *)ext;
275: int len;
276:
277: /* sanity check */
278: if (ext == NULL)
279: panic("kdebug_sadb_identity: NULL pointer was passed.\n");
280:
281: len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id);
282: printf("sadb_ident_%s{",
283: id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst");
284: switch (id->sadb_ident_type) {
285: default:
286: printf(" type=%d id=%lu",
287: id->sadb_ident_type, (u_long)id->sadb_ident_id);
288: if (len) {
289: #ifdef _KERNEL
290: ipsec_hexdump((caddr_t)(id + 1), len); /*XXX cast ?*/
291: #else
292: char *p, *ep;
293: printf("\n str=\"");
294: p = (void *)(id + 1);
295: ep = p + len;
296: for (/*nothing*/; *p && p < ep; p++) {
297: if (isprint((int)*p))
298: printf("%c", *p & 0xff);
299: else
300: printf("\\%03o", *p & 0xff);
301: }
302: #endif
303: printf("\"");
304: }
305: break;
306: }
307:
308: printf(" }\n");
309:
310: return;
311: }
312:
313: static void
314: kdebug_sadb_supported(ext)
315: struct sadb_ext *ext;
316: {
317: struct sadb_supported *sup = (void *)ext;
318: struct sadb_alg *alg;
319: int len;
320:
321: /* sanity check */
322: if (ext == NULL)
323: panic("kdebug_sadb_supported: NULL pointer was passed.\n");
324:
325: len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup))
326: / sizeof(*alg);
327: alg = (void *)(sup + 1);
328: printf("sadb_sup{\n");
329: while (len--) {
330: printf(" { id=%d ivlen=%d min=%d max=%d }\n",
331: alg->sadb_alg_id, alg->sadb_alg_ivlen,
332: alg->sadb_alg_minbits, alg->sadb_alg_maxbits);
333: alg++;
334: }
335: printf("}\n");
336:
337: return;
338: }
339:
340: static void
341: kdebug_sadb_lifetime(ext)
342: struct sadb_ext *ext;
343: {
344: struct sadb_lifetime *lft = (void *)ext;
345:
346: /* sanity check */
347: if (ext == NULL)
348: printf("kdebug_sadb_lifetime: NULL pointer was passed.\n");
349:
350: printf("sadb_lifetime{ alloc=%u, bytes=%u\n",
351: lft->sadb_lifetime_allocations,
352: (u_int32_t)lft->sadb_lifetime_bytes);
353: printf(" addtime=%u, usetime=%u }\n",
354: (u_int32_t)lft->sadb_lifetime_addtime,
355: (u_int32_t)lft->sadb_lifetime_usetime);
356:
357: return;
358: }
359:
360: static void
361: kdebug_sadb_sa(ext)
362: struct sadb_ext *ext;
363: {
364: struct sadb_sa *sa = (void *)ext;
365:
366: /* sanity check */
367: if (ext == NULL)
368: panic("kdebug_sadb_sa: NULL pointer was passed.\n");
369:
370: printf("sadb_sa{ spi=%u replay=%u state=%u\n",
371: (u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay,
372: sa->sadb_sa_state);
373: printf(" auth=%u encrypt=%u flags=0x%08x }\n",
374: sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags);
375:
376: return;
377: }
378:
379: static void
380: kdebug_sadb_address(ext)
381: struct sadb_ext *ext;
382: {
383: struct sadb_address *addr = (void *)ext;
384:
385: /* sanity check */
386: if (ext == NULL)
387: panic("kdebug_sadb_address: NULL pointer was passed.\n");
388:
389: printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n",
390: addr->sadb_address_proto, addr->sadb_address_prefixlen,
391: ((u_char *)(void *)&addr->sadb_address_reserved)[0],
392: ((u_char *)(void *)&addr->sadb_address_reserved)[1]);
393:
394: kdebug_sockaddr((void *)((caddr_t)(void *)ext + sizeof(*addr)));
395:
396: return;
397: }
398:
399: static void
400: kdebug_sadb_key(ext)
401: struct sadb_ext *ext;
402: {
403: struct sadb_key *key = (void *)ext;
404:
405: /* sanity check */
406: if (ext == NULL)
407: panic("kdebug_sadb_key: NULL pointer was passed.\n");
408:
409: printf("sadb_key{ bits=%u reserved=%u\n",
410: key->sadb_key_bits, key->sadb_key_reserved);
411: printf(" key=");
412:
413: /* sanity check 2 */
414: if (((uint32_t)key->sadb_key_bits >> 3) >
415: (PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) {
416: printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n",
417: (uint32_t)key->sadb_key_bits >> 3,
418: (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key));
419: }
420:
421: ipsec_hexdump(key + sizeof(struct sadb_key),
422: (int)((uint32_t)key->sadb_key_bits >> 3));
423: printf(" }\n");
424: return;
425: }
426:
427: static void
428: kdebug_sadb_x_sa2(ext)
429: struct sadb_ext *ext;
430: {
431: struct sadb_x_sa2 *sa2 = (void *)ext;
432:
433: /* sanity check */
434: if (ext == NULL)
435: panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n");
436:
437: printf("sadb_x_sa2{ mode=%u reqid=%u\n",
438: sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid);
439: printf(" reserved1=%u reserved2=%u sequence=%u }\n",
440: sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2,
441: sa2->sadb_x_sa2_sequence);
442:
443: return;
444: }
445:
446: void
447: kdebug_sadb_x_policy(ext)
448: struct sadb_ext *ext;
449: {
450: struct sadb_x_policy *xpl = (void *)ext;
451: struct sockaddr *addr;
452:
453: /* sanity check */
454: if (ext == NULL)
455: panic("kdebug_sadb_x_policy: NULL pointer was passed.\n");
456:
457: #ifdef HAVE_PFKEY_POLICY_PRIORITY
458: printf("sadb_x_policy{ type=%u dir=%u id=%x priority=%u }\n",
459: #else
460: printf("sadb_x_policy{ type=%u dir=%u id=%x }\n",
461: #endif
462: xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir,
463: #ifdef HAVE_PFKEY_POLICY_PRIORITY
464: xpl->sadb_x_policy_id, xpl->sadb_x_policy_priority);
465: #else
466: xpl->sadb_x_policy_id);
467: #endif
468:
469: if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) {
470: int tlen;
471: struct sadb_x_ipsecrequest *xisr;
472:
473: tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl);
474: xisr = (void *)(xpl + 1);
475:
476: while (tlen > 0) {
477: printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n",
478: xisr->sadb_x_ipsecrequest_len,
479: xisr->sadb_x_ipsecrequest_proto,
480: xisr->sadb_x_ipsecrequest_mode,
481: xisr->sadb_x_ipsecrequest_level,
482: xisr->sadb_x_ipsecrequest_reqid);
483:
484: if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) {
485: addr = (void *)(xisr + 1);
486: kdebug_sockaddr(addr);
487: addr = (void *)((caddr_t)(void *)addr
488: + sysdep_sa_len(addr));
489: kdebug_sockaddr(addr);
490: }
491:
492: printf(" }\n");
493:
494: /* prevent infinite loop */
495: if (xisr->sadb_x_ipsecrequest_len == 0) {
496: printf("kdebug_sadb_x_policy: wrong policy struct.\n");
497: return;
498: }
499: /* prevent overflow */
500: if (xisr->sadb_x_ipsecrequest_len > tlen) {
501: printf("invalid ipsec policy length\n");
502: return;
503: }
504:
505: tlen -= xisr->sadb_x_ipsecrequest_len;
506:
507: xisr = (void *)((caddr_t)(void *)xisr
508: + xisr->sadb_x_ipsecrequest_len);
509: }
510:
511: if (tlen != 0)
512: panic("kdebug_sadb_x_policy: wrong policy struct.\n");
513: }
514:
515: return;
516: }
517:
518: #ifdef SADB_X_EXT_NAT_T_TYPE
519: static void
520: kdebug_sadb_x_nat_t_type(struct sadb_ext *ext)
521: {
522: struct sadb_x_nat_t_type *ntt = (void *)ext;
523:
524: /* sanity check */
525: if (ext == NULL)
526: panic("kdebug_sadb_x_nat_t_type: NULL pointer was passed.\n");
527:
528: printf("sadb_x_nat_t_type{ type=%u }\n", ntt->sadb_x_nat_t_type_type);
529:
530: return;
531: }
532:
533: static void
534: kdebug_sadb_x_nat_t_port(struct sadb_ext *ext)
535: {
536: struct sadb_x_nat_t_port *ntp = (void *)ext;
537:
538: /* sanity check */
539: if (ext == NULL)
540: panic("kdebug_sadb_x_nat_t_port: NULL pointer was passed.\n");
541:
542: printf("sadb_x_nat_t_port{ port=%u }\n", ntohs(ntp->sadb_x_nat_t_port_port));
543:
544: return;
545: }
546: #endif
547:
548: #ifdef SADB_X_EXT_PACKET
549: static void
550: kdebug_sadb_x_packet(ext)
551: struct sadb_ext *ext;
552: {
553: struct sadb_x_packet *pkt = (struct sadb_x_packet *)ext;
554:
555: /* sanity check */
556: if (ext == NULL)
557: panic("kdebug_sadb_x_packet: NULL pointer was passed.\n");
558:
559: printf("sadb_x_packet{ copylen=%u\n", pkt->sadb_x_packet_copylen);
560: printf(" packet=");
561: ipsec_hexdump((caddr_t)pkt + sizeof(struct sadb_x_packet),
562: pkt->sadb_x_packet_copylen);
563: printf(" }\n");
564: return;
565: }
566: #endif
567:
568: #ifdef SADB_X_EXT_KMADDRESS
569: static void
570: kdebug_sadb_x_kmaddress(ext)
571: struct sadb_ext *ext;
572: {
573: struct sadb_x_kmaddress *kma = (struct sadb_x_kmaddress *)ext;
574: struct sockaddr * sa;
575: sa_family_t family;
576: int len, sa_len;
577:
578: /* sanity check */
579: if (ext == NULL)
580: panic("kdebug_sadb_x_kmaddress: NULL pointer was passed.\n");
581:
582: len = (PFKEY_UNUNIT64(kma->sadb_x_kmaddress_len) - sizeof(*kma));
583:
584: printf("sadb_x_kmaddress{ reserved=0x%02x%02x%02x%02x }\n",
585: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[0],
586: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[1],
587: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[2],
588: ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[3]);
589:
590: sa = (struct sockaddr *)(kma + 1);
591: if (len < sizeof(struct sockaddr) || (sa_len = sysdep_sa_len(sa)) > len)
592: panic("kdebug_sadb_x_kmaddress: not enough data to read"
593: " first sockaddr.\n");
594: kdebug_sockaddr((void *)sa); /* local address */
595: family = sa->sa_family;
596:
597: len -= sa_len;
598: sa = (struct sockaddr *)((char *)sa + sa_len);
599: if (len < sizeof(struct sockaddr) || sysdep_sa_len(sa) > len)
600: panic("kdebug_sadb_x_kmaddress: not enough data to read"
601: " second sockaddr.\n");
602: kdebug_sockaddr((void *)sa); /* remote address */
603:
604: if (family != sa->sa_family)
605: printf("kdebug_sadb_x_kmaddress: !!!! Please, note the "
606: "unexpected mismatch in address family.\n");
607: }
608: #endif
609:
610:
611: #ifdef _KERNEL
612: /* %%%: about SPD and SAD */
613: void
614: kdebug_secpolicy(sp)
615: struct secpolicy *sp;
616: {
617: /* sanity check */
618: if (sp == NULL)
619: panic("kdebug_secpolicy: NULL pointer was passed.\n");
620:
621: printf("secpolicy{ refcnt=%u state=%u policy=%u\n",
622: sp->refcnt, sp->state, sp->policy);
623:
624: kdebug_secpolicyindex(&sp->spidx);
625:
626: switch (sp->policy) {
627: case IPSEC_POLICY_DISCARD:
628: printf(" type=discard }\n");
629: break;
630: case IPSEC_POLICY_NONE:
631: printf(" type=none }\n");
632: break;
633: case IPSEC_POLICY_IPSEC:
634: {
635: struct ipsecrequest *isr;
636: for (isr = sp->req; isr != NULL; isr = isr->next) {
637:
638: printf(" level=%u\n", isr->level);
639: kdebug_secasindex(&isr->saidx);
640:
641: if (isr->sav != NULL)
642: kdebug_secasv(isr->sav);
643: }
644: printf(" }\n");
645: }
646: break;
647: case IPSEC_POLICY_BYPASS:
648: printf(" type=bypass }\n");
649: break;
650: case IPSEC_POLICY_ENTRUST:
651: printf(" type=entrust }\n");
652: break;
653: default:
654: printf("kdebug_secpolicy: Invalid policy found. %d\n",
655: sp->policy);
656: break;
657: }
658:
659: return;
660: }
661:
662: void
663: kdebug_secpolicyindex(spidx)
664: struct secpolicyindex *spidx;
665: {
666: /* sanity check */
667: if (spidx == NULL)
668: panic("kdebug_secpolicyindex: NULL pointer was passed.\n");
669:
670: printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n",
671: spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto);
672:
673: ipsec_hexdump((caddr_t)&spidx->src,
674: sysdep_sa_len((struct sockaddr *)&spidx->src));
675: printf("\n");
676: ipsec_hexdump((caddr_t)&spidx->dst,
677: sysdep_sa_len((struct sockaddr *)&spidx->dst));
678: printf("}\n");
679:
680: return;
681: }
682:
683: void
684: kdebug_secasindex(saidx)
685: struct secasindex *saidx;
686: {
687: /* sanity check */
688: if (saidx == NULL)
689: panic("kdebug_secpolicyindex: NULL pointer was passed.\n");
690:
691: printf("secasindex{ mode=%u proto=%u\n",
692: saidx->mode, saidx->proto);
693:
694: ipsec_hexdump((caddr_t)&saidx->src,
695: sysdep_sa_len((struct sockaddr *)&saidx->src));
696: printf("\n");
697: ipsec_hexdump((caddr_t)&saidx->dst,
698: sysdep_sa_len((struct sockaddr *)&saidx->dst));
699: printf("\n");
700:
701: return;
702: }
703:
704: void
705: kdebug_secasv(sav)
706: struct secasvar *sav;
707: {
708: /* sanity check */
709: if (sav == NULL)
710: panic("kdebug_secasv: NULL pointer was passed.\n");
711:
712: printf("secas{");
713: kdebug_secasindex(&sav->sah->saidx);
714:
715: printf(" refcnt=%u state=%u auth=%u enc=%u\n",
716: sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc);
717: printf(" spi=%u flags=%u\n",
718: (u_int32_t)ntohl(sav->spi), sav->flags);
719:
720: if (sav->key_auth != NULL)
721: kdebug_sadb_key((struct sadb_ext *)sav->key_auth);
722: if (sav->key_enc != NULL)
723: kdebug_sadb_key((struct sadb_ext *)sav->key_enc);
724: if (sav->iv != NULL) {
725: printf(" iv=");
726: ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8);
727: printf("\n");
728: }
729:
730: if (sav->replay != NULL)
731: kdebug_secreplay(sav->replay);
732: if (sav->lft_c != NULL)
733: kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c);
734: if (sav->lft_h != NULL)
735: kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h);
736: if (sav->lft_s != NULL)
737: kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s);
738:
739: #if notyet
740: /* XXX: misc[123] ? */
741: #endif
742:
743: return;
744: }
745:
746: static void
747: kdebug_secreplay(rpl)
748: struct secreplay *rpl;
749: {
750: int len, l;
751:
752: /* sanity check */
753: if (rpl == NULL)
754: panic("kdebug_secreplay: NULL pointer was passed.\n");
755:
756: printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u",
757: rpl->count, rpl->wsize, rpl->seq, rpl->lastseq);
758:
759: if (rpl->bitmap == NULL) {
760: printf(" }\n");
761: return;
762: }
763:
764: printf("\n bitmap { ");
765:
766: for (len = 0; len < rpl->wsize; len++) {
767: for (l = 7; l >= 0; l--)
768: printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0);
769: }
770: printf(" }\n");
771:
772: return;
773: }
774:
775: void
776: kdebug_mbufhdr(m)
777: struct mbuf *m;
778: {
779: /* sanity check */
780: if (m == NULL)
781: return;
782:
783: printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p "
784: "m_len:%d m_type:0x%02x m_flags:0x%02x }\n",
785: m, m->m_next, m->m_nextpkt, m->m_data,
786: m->m_len, m->m_type, m->m_flags);
787:
788: if (m->m_flags & M_PKTHDR) {
789: printf(" m_pkthdr{ len:%d rcvif:%p }\n",
790: m->m_pkthdr.len, m->m_pkthdr.rcvif);
791: }
792:
793: #ifdef __FreeBSD__
794: if (m->m_flags & M_EXT) {
795: printf(" m_ext{ ext_buf:%p ext_free:%p "
796: "ext_size:%u ext_ref:%p }\n",
797: m->m_ext.ext_buf, m->m_ext.ext_free,
798: m->m_ext.ext_size, m->m_ext.ext_ref);
799: }
800: #endif
801:
802: return;
803: }
804:
805: void
806: kdebug_mbuf(m0)
807: struct mbuf *m0;
808: {
809: struct mbuf *m = m0;
810: int i, j;
811:
812: for (j = 0; m; m = m->m_next) {
813: kdebug_mbufhdr(m);
814: printf(" m_data:\n");
815: for (i = 0; i < m->m_len; i++) {
816: if (i && i % 32 == 0)
817: printf("\n");
818: if (i % 4 == 0)
819: printf(" ");
820: printf("%02x", mtod(m, u_char *)[i]);
821: j++;
822: }
823: printf("\n");
824: }
825:
826: return;
827: }
828: #endif /* _KERNEL */
829:
830: static void
831: kdebug_sockaddr(addr)
832: struct sockaddr *addr;
833: {
834: struct sockaddr_in *sin4;
835: #ifdef INET6
836: struct sockaddr_in6 *sin6;
837: #endif
838:
839: /* sanity check */
840: if (addr == NULL)
841: panic("kdebug_sockaddr: NULL pointer was passed.\n");
842:
843: /* NOTE: We deal with port number as host byte order. */
844: printf("sockaddr{ len=%u family=%u", sysdep_sa_len(addr), addr->sa_family);
845:
846: switch (addr->sa_family) {
847: case AF_INET:
848: sin4 = (void *)addr;
849: printf(" port=%u\n", ntohs(sin4->sin_port));
850: ipsec_hexdump(&sin4->sin_addr, sizeof(sin4->sin_addr));
851: break;
852: #ifdef INET6
853: case AF_INET6:
854: sin6 = (void *)addr;
855: printf(" port=%u\n", ntohs(sin6->sin6_port));
856: printf(" flowinfo=0x%08x, scope_id=0x%08x\n",
857: sin6->sin6_flowinfo, sin6->sin6_scope_id);
858: ipsec_hexdump(&sin6->sin6_addr, sizeof(sin6->sin6_addr));
859: break;
860: #endif
861: }
862:
863: printf(" }\n");
864:
865: return;
866: }
867:
868: void
869: ipsec_bindump(buf, len)
870: caddr_t buf;
871: int len;
872: {
873: int i;
874:
875: for (i = 0; i < len; i++)
876: printf("%c", (unsigned char)buf[i]);
877:
878: return;
879: }
880:
881:
882: void
883: ipsec_hexdump(buf, len)
884: const void *buf;
885: int len;
886: {
887: int i;
888:
889: for (i = 0; i < len; i++) {
890: if (i != 0 && i % 32 == 0) printf("\n");
891: if (i % 4 == 0) printf(" ");
892: printf("%02x", ((const unsigned char *)buf)[i]);
893: }
894: #if 0
895: if (i % 32 != 0) printf("\n");
896: #endif
897:
898: return;
899: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to key_debug.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / libipsec