key_debug.c revision 105197
1105197Ssam/* $FreeBSD: head/sys/netipsec/key_debug.c 105197 2002-10-16 02:10:08Z sam $ */ 2105197Ssam/* $KAME: key_debug.c,v 1.26 2001/06/27 10:46:50 sakane Exp $ */ 3105197Ssam 4105197Ssam/* 5105197Ssam * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 6105197Ssam * All rights reserved. 7105197Ssam * 8105197Ssam * Redistribution and use in source and binary forms, with or without 9105197Ssam * modification, are permitted provided that the following conditions 10105197Ssam * are met: 11105197Ssam * 1. Redistributions of source code must retain the above copyright 12105197Ssam * notice, this list of conditions and the following disclaimer. 13105197Ssam * 2. Redistributions in binary form must reproduce the above copyright 14105197Ssam * notice, this list of conditions and the following disclaimer in the 15105197Ssam * documentation and/or other materials provided with the distribution. 16105197Ssam * 3. Neither the name of the project nor the names of its contributors 17105197Ssam * may be used to endorse or promote products derived from this software 18105197Ssam * without specific prior written permission. 19105197Ssam * 20105197Ssam * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 21105197Ssam * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22105197Ssam * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23105197Ssam * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 24105197Ssam * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25105197Ssam * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26105197Ssam * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27105197Ssam * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28105197Ssam * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29105197Ssam * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30105197Ssam * SUCH DAMAGE. 31105197Ssam */ 32105197Ssam 33105197Ssam#ifdef _KERNEL 34105197Ssam#include "opt_inet.h" 35105197Ssam#include "opt_inet6.h" 36105197Ssam#include "opt_ipsec.h" 37105197Ssam#endif 38105197Ssam 39105197Ssam#include <sys/types.h> 40105197Ssam#include <sys/param.h> 41105197Ssam#ifdef _KERNEL 42105197Ssam#include <sys/systm.h> 43105197Ssam#include <sys/mbuf.h> 44105197Ssam#include <sys/queue.h> 45105197Ssam#endif 46105197Ssam#include <sys/socket.h> 47105197Ssam 48105197Ssam#include <net/route.h> 49105197Ssam 50105197Ssam#include <netipsec/key_var.h> 51105197Ssam#include <netipsec/key_debug.h> 52105197Ssam 53105197Ssam#include <netinet/in.h> 54105197Ssam#include <netipsec/ipsec.h> 55105197Ssam 56105197Ssam#ifndef _KERNEL 57105197Ssam#include <ctype.h> 58105197Ssam#include <stdio.h> 59105197Ssam#include <stdlib.h> 60105197Ssam#endif /* !_KERNEL */ 61105197Ssam 62105197Ssamstatic void kdebug_sadb_prop __P((struct sadb_ext *)); 63105197Ssamstatic void kdebug_sadb_identity __P((struct sadb_ext *)); 64105197Ssamstatic void kdebug_sadb_supported __P((struct sadb_ext *)); 65105197Ssamstatic void kdebug_sadb_lifetime __P((struct sadb_ext *)); 66105197Ssamstatic void kdebug_sadb_sa __P((struct sadb_ext *)); 67105197Ssamstatic void kdebug_sadb_address __P((struct sadb_ext *)); 68105197Ssamstatic void kdebug_sadb_key __P((struct sadb_ext *)); 69105197Ssamstatic void kdebug_sadb_x_sa2 __P((struct sadb_ext *)); 70105197Ssam 71105197Ssam#ifdef _KERNEL 72105197Ssamstatic void kdebug_secreplay __P((struct secreplay *)); 73105197Ssam#endif 74105197Ssam 75105197Ssam#ifndef _KERNEL 76105197Ssam#define panic(param) { printf(param); exit(-1); } 77105197Ssam#endif 78105197Ssam 79105197Ssam/* NOTE: host byte order */ 80105197Ssam 81105197Ssam/* %%%: about struct sadb_msg */ 82105197Ssamvoid 83105197Ssamkdebug_sadb(base) 84105197Ssam struct sadb_msg *base; 85105197Ssam{ 86105197Ssam struct sadb_ext *ext; 87105197Ssam int tlen, extlen; 88105197Ssam 89105197Ssam /* sanity check */ 90105197Ssam if (base == NULL) 91105197Ssam panic("kdebug_sadb: NULL pointer was passed.\n"); 92105197Ssam 93105197Ssam printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n", 94105197Ssam base->sadb_msg_version, base->sadb_msg_type, 95105197Ssam base->sadb_msg_errno, base->sadb_msg_satype); 96105197Ssam printf(" len=%u reserved=%u seq=%u pid=%u\n", 97105197Ssam base->sadb_msg_len, base->sadb_msg_reserved, 98105197Ssam base->sadb_msg_seq, base->sadb_msg_pid); 99105197Ssam 100105197Ssam tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg); 101105197Ssam ext = (struct sadb_ext *)((caddr_t)base + sizeof(struct sadb_msg)); 102105197Ssam 103105197Ssam while (tlen > 0) { 104105197Ssam printf("sadb_ext{ len=%u type=%u }\n", 105105197Ssam ext->sadb_ext_len, ext->sadb_ext_type); 106105197Ssam 107105197Ssam if (ext->sadb_ext_len == 0) { 108105197Ssam printf("kdebug_sadb: invalid ext_len=0 was passed.\n"); 109105197Ssam return; 110105197Ssam } 111105197Ssam if (ext->sadb_ext_len > tlen) { 112105197Ssam printf("kdebug_sadb: ext_len exceeds end of buffer.\n"); 113105197Ssam return; 114105197Ssam } 115105197Ssam 116105197Ssam switch (ext->sadb_ext_type) { 117105197Ssam case SADB_EXT_SA: 118105197Ssam kdebug_sadb_sa(ext); 119105197Ssam break; 120105197Ssam case SADB_EXT_LIFETIME_CURRENT: 121105197Ssam case SADB_EXT_LIFETIME_HARD: 122105197Ssam case SADB_EXT_LIFETIME_SOFT: 123105197Ssam kdebug_sadb_lifetime(ext); 124105197Ssam break; 125105197Ssam case SADB_EXT_ADDRESS_SRC: 126105197Ssam case SADB_EXT_ADDRESS_DST: 127105197Ssam case SADB_EXT_ADDRESS_PROXY: 128105197Ssam kdebug_sadb_address(ext); 129105197Ssam break; 130105197Ssam case SADB_EXT_KEY_AUTH: 131105197Ssam case SADB_EXT_KEY_ENCRYPT: 132105197Ssam kdebug_sadb_key(ext); 133105197Ssam break; 134105197Ssam case SADB_EXT_IDENTITY_SRC: 135105197Ssam case SADB_EXT_IDENTITY_DST: 136105197Ssam kdebug_sadb_identity(ext); 137105197Ssam break; 138105197Ssam case SADB_EXT_SENSITIVITY: 139105197Ssam break; 140105197Ssam case SADB_EXT_PROPOSAL: 141105197Ssam kdebug_sadb_prop(ext); 142105197Ssam break; 143105197Ssam case SADB_EXT_SUPPORTED_AUTH: 144105197Ssam case SADB_EXT_SUPPORTED_ENCRYPT: 145105197Ssam kdebug_sadb_supported(ext); 146105197Ssam break; 147105197Ssam case SADB_EXT_SPIRANGE: 148105197Ssam case SADB_X_EXT_KMPRIVATE: 149105197Ssam break; 150105197Ssam case SADB_X_EXT_POLICY: 151105197Ssam kdebug_sadb_x_policy(ext); 152105197Ssam break; 153105197Ssam case SADB_X_EXT_SA2: 154105197Ssam kdebug_sadb_x_sa2(ext); 155105197Ssam break; 156105197Ssam default: 157105197Ssam printf("kdebug_sadb: invalid ext_type %u was passed.\n", 158105197Ssam ext->sadb_ext_type); 159105197Ssam return; 160105197Ssam } 161105197Ssam 162105197Ssam extlen = PFKEY_UNUNIT64(ext->sadb_ext_len); 163105197Ssam tlen -= extlen; 164105197Ssam ext = (struct sadb_ext *)((caddr_t)ext + extlen); 165105197Ssam } 166105197Ssam 167105197Ssam return; 168105197Ssam} 169105197Ssam 170105197Ssamstatic void 171105197Ssamkdebug_sadb_prop(ext) 172105197Ssam struct sadb_ext *ext; 173105197Ssam{ 174105197Ssam struct sadb_prop *prop = (struct sadb_prop *)ext; 175105197Ssam struct sadb_comb *comb; 176105197Ssam int len; 177105197Ssam 178105197Ssam /* sanity check */ 179105197Ssam if (ext == NULL) 180105197Ssam panic("kdebug_sadb_prop: NULL pointer was passed.\n"); 181105197Ssam 182105197Ssam len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop)) 183105197Ssam / sizeof(*comb); 184105197Ssam comb = (struct sadb_comb *)(prop + 1); 185105197Ssam printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay); 186105197Ssam 187105197Ssam while (len--) { 188105197Ssam printf("sadb_comb{ auth=%u encrypt=%u " 189105197Ssam "flags=0x%04x reserved=0x%08x\n", 190105197Ssam comb->sadb_comb_auth, comb->sadb_comb_encrypt, 191105197Ssam comb->sadb_comb_flags, comb->sadb_comb_reserved); 192105197Ssam 193105197Ssam printf(" auth_minbits=%u auth_maxbits=%u " 194105197Ssam "encrypt_minbits=%u encrypt_maxbits=%u\n", 195105197Ssam comb->sadb_comb_auth_minbits, 196105197Ssam comb->sadb_comb_auth_maxbits, 197105197Ssam comb->sadb_comb_encrypt_minbits, 198105197Ssam comb->sadb_comb_encrypt_maxbits); 199105197Ssam 200105197Ssam printf(" soft_alloc=%u hard_alloc=%u " 201105197Ssam "soft_bytes=%lu hard_bytes=%lu\n", 202105197Ssam comb->sadb_comb_soft_allocations, 203105197Ssam comb->sadb_comb_hard_allocations, 204105197Ssam (unsigned long)comb->sadb_comb_soft_bytes, 205105197Ssam (unsigned long)comb->sadb_comb_hard_bytes); 206105197Ssam 207105197Ssam printf(" soft_alloc=%lu hard_alloc=%lu " 208105197Ssam "soft_bytes=%lu hard_bytes=%lu }\n", 209105197Ssam (unsigned long)comb->sadb_comb_soft_addtime, 210105197Ssam (unsigned long)comb->sadb_comb_hard_addtime, 211105197Ssam (unsigned long)comb->sadb_comb_soft_usetime, 212105197Ssam (unsigned long)comb->sadb_comb_hard_usetime); 213105197Ssam comb++; 214105197Ssam } 215105197Ssam printf("}\n"); 216105197Ssam 217105197Ssam return; 218105197Ssam} 219105197Ssam 220105197Ssamstatic void 221105197Ssamkdebug_sadb_identity(ext) 222105197Ssam struct sadb_ext *ext; 223105197Ssam{ 224105197Ssam struct sadb_ident *id = (struct sadb_ident *)ext; 225105197Ssam int len; 226105197Ssam 227105197Ssam /* sanity check */ 228105197Ssam if (ext == NULL) 229105197Ssam panic("kdebug_sadb_identity: NULL pointer was passed.\n"); 230105197Ssam 231105197Ssam len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id); 232105197Ssam printf("sadb_ident_%s{", 233105197Ssam id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst"); 234105197Ssam switch (id->sadb_ident_type) { 235105197Ssam default: 236105197Ssam printf(" type=%d id=%lu", 237105197Ssam id->sadb_ident_type, (u_long)id->sadb_ident_id); 238105197Ssam if (len) { 239105197Ssam#ifdef _KERNEL 240105197Ssam ipsec_hexdump((caddr_t)(id + 1), len); /*XXX cast ?*/ 241105197Ssam#else 242105197Ssam char *p, *ep; 243105197Ssam printf("\n str=\""); 244105197Ssam p = (char *)(id + 1); 245105197Ssam ep = p + len; 246105197Ssam for (/*nothing*/; *p && p < ep; p++) { 247105197Ssam if (isprint(*p)) 248105197Ssam printf("%c", *p & 0xff); 249105197Ssam else 250105197Ssam printf("\\%03o", *p & 0xff); 251105197Ssam } 252105197Ssam#endif 253105197Ssam printf("\""); 254105197Ssam } 255105197Ssam break; 256105197Ssam } 257105197Ssam 258105197Ssam printf(" }\n"); 259105197Ssam 260105197Ssam return; 261105197Ssam} 262105197Ssam 263105197Ssamstatic void 264105197Ssamkdebug_sadb_supported(ext) 265105197Ssam struct sadb_ext *ext; 266105197Ssam{ 267105197Ssam struct sadb_supported *sup = (struct sadb_supported *)ext; 268105197Ssam struct sadb_alg *alg; 269105197Ssam int len; 270105197Ssam 271105197Ssam /* sanity check */ 272105197Ssam if (ext == NULL) 273105197Ssam panic("kdebug_sadb_supported: NULL pointer was passed.\n"); 274105197Ssam 275105197Ssam len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup)) 276105197Ssam / sizeof(*alg); 277105197Ssam alg = (struct sadb_alg *)(sup + 1); 278105197Ssam printf("sadb_sup{\n"); 279105197Ssam while (len--) { 280105197Ssam printf(" { id=%d ivlen=%d min=%d max=%d }\n", 281105197Ssam alg->sadb_alg_id, alg->sadb_alg_ivlen, 282105197Ssam alg->sadb_alg_minbits, alg->sadb_alg_maxbits); 283105197Ssam alg++; 284105197Ssam } 285105197Ssam printf("}\n"); 286105197Ssam 287105197Ssam return; 288105197Ssam} 289105197Ssam 290105197Ssamstatic void 291105197Ssamkdebug_sadb_lifetime(ext) 292105197Ssam struct sadb_ext *ext; 293105197Ssam{ 294105197Ssam struct sadb_lifetime *lft = (struct sadb_lifetime *)ext; 295105197Ssam 296105197Ssam /* sanity check */ 297105197Ssam if (ext == NULL) 298105197Ssam printf("kdebug_sadb_lifetime: NULL pointer was passed.\n"); 299105197Ssam 300105197Ssam printf("sadb_lifetime{ alloc=%u, bytes=%u\n", 301105197Ssam lft->sadb_lifetime_allocations, 302105197Ssam (u_int32_t)lft->sadb_lifetime_bytes); 303105197Ssam printf(" addtime=%u, usetime=%u }\n", 304105197Ssam (u_int32_t)lft->sadb_lifetime_addtime, 305105197Ssam (u_int32_t)lft->sadb_lifetime_usetime); 306105197Ssam 307105197Ssam return; 308105197Ssam} 309105197Ssam 310105197Ssamstatic void 311105197Ssamkdebug_sadb_sa(ext) 312105197Ssam struct sadb_ext *ext; 313105197Ssam{ 314105197Ssam struct sadb_sa *sa = (struct sadb_sa *)ext; 315105197Ssam 316105197Ssam /* sanity check */ 317105197Ssam if (ext == NULL) 318105197Ssam panic("kdebug_sadb_sa: NULL pointer was passed.\n"); 319105197Ssam 320105197Ssam printf("sadb_sa{ spi=%u replay=%u state=%u\n", 321105197Ssam (u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay, 322105197Ssam sa->sadb_sa_state); 323105197Ssam printf(" auth=%u encrypt=%u flags=0x%08x }\n", 324105197Ssam sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags); 325105197Ssam 326105197Ssam return; 327105197Ssam} 328105197Ssam 329105197Ssamstatic void 330105197Ssamkdebug_sadb_address(ext) 331105197Ssam struct sadb_ext *ext; 332105197Ssam{ 333105197Ssam struct sadb_address *addr = (struct sadb_address *)ext; 334105197Ssam 335105197Ssam /* sanity check */ 336105197Ssam if (ext == NULL) 337105197Ssam panic("kdebug_sadb_address: NULL pointer was passed.\n"); 338105197Ssam 339105197Ssam printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n", 340105197Ssam addr->sadb_address_proto, addr->sadb_address_prefixlen, 341105197Ssam ((u_char *)&addr->sadb_address_reserved)[0], 342105197Ssam ((u_char *)&addr->sadb_address_reserved)[1]); 343105197Ssam 344105197Ssam kdebug_sockaddr((struct sockaddr *)((caddr_t)ext + sizeof(*addr))); 345105197Ssam 346105197Ssam return; 347105197Ssam} 348105197Ssam 349105197Ssamstatic void 350105197Ssamkdebug_sadb_key(ext) 351105197Ssam struct sadb_ext *ext; 352105197Ssam{ 353105197Ssam struct sadb_key *key = (struct sadb_key *)ext; 354105197Ssam 355105197Ssam /* sanity check */ 356105197Ssam if (ext == NULL) 357105197Ssam panic("kdebug_sadb_key: NULL pointer was passed.\n"); 358105197Ssam 359105197Ssam printf("sadb_key{ bits=%u reserved=%u\n", 360105197Ssam key->sadb_key_bits, key->sadb_key_reserved); 361105197Ssam printf(" key="); 362105197Ssam 363105197Ssam /* sanity check 2 */ 364105197Ssam if ((key->sadb_key_bits >> 3) > 365105197Ssam (PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) { 366105197Ssam printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n", 367105197Ssam key->sadb_key_bits >> 3, 368105197Ssam (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key)); 369105197Ssam } 370105197Ssam 371105197Ssam ipsec_hexdump((caddr_t)key + sizeof(struct sadb_key), 372105197Ssam key->sadb_key_bits >> 3); 373105197Ssam printf(" }\n"); 374105197Ssam return; 375105197Ssam} 376105197Ssam 377105197Ssamstatic void 378105197Ssamkdebug_sadb_x_sa2(ext) 379105197Ssam struct sadb_ext *ext; 380105197Ssam{ 381105197Ssam struct sadb_x_sa2 *sa2 = (struct sadb_x_sa2 *)ext; 382105197Ssam 383105197Ssam /* sanity check */ 384105197Ssam if (ext == NULL) 385105197Ssam panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n"); 386105197Ssam 387105197Ssam printf("sadb_x_sa2{ mode=%u reqid=%u\n", 388105197Ssam sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid); 389105197Ssam printf(" reserved1=%u reserved2=%u sequence=%u }\n", 390105197Ssam sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2, 391105197Ssam sa2->sadb_x_sa2_sequence); 392105197Ssam 393105197Ssam return; 394105197Ssam} 395105197Ssam 396105197Ssamvoid 397105197Ssamkdebug_sadb_x_policy(ext) 398105197Ssam struct sadb_ext *ext; 399105197Ssam{ 400105197Ssam struct sadb_x_policy *xpl = (struct sadb_x_policy *)ext; 401105197Ssam struct sockaddr *addr; 402105197Ssam 403105197Ssam /* sanity check */ 404105197Ssam if (ext == NULL) 405105197Ssam panic("kdebug_sadb_x_policy: NULL pointer was passed.\n"); 406105197Ssam 407105197Ssam printf("sadb_x_policy{ type=%u dir=%u id=%x }\n", 408105197Ssam xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir, 409105197Ssam xpl->sadb_x_policy_id); 410105197Ssam 411105197Ssam if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) { 412105197Ssam int tlen; 413105197Ssam struct sadb_x_ipsecrequest *xisr; 414105197Ssam 415105197Ssam tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl); 416105197Ssam xisr = (struct sadb_x_ipsecrequest *)(xpl + 1); 417105197Ssam 418105197Ssam while (tlen > 0) { 419105197Ssam printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n", 420105197Ssam xisr->sadb_x_ipsecrequest_len, 421105197Ssam xisr->sadb_x_ipsecrequest_proto, 422105197Ssam xisr->sadb_x_ipsecrequest_mode, 423105197Ssam xisr->sadb_x_ipsecrequest_level, 424105197Ssam xisr->sadb_x_ipsecrequest_reqid); 425105197Ssam 426105197Ssam if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { 427105197Ssam addr = (struct sockaddr *)(xisr + 1); 428105197Ssam kdebug_sockaddr(addr); 429105197Ssam addr = (struct sockaddr *)((caddr_t)addr 430105197Ssam + addr->sa_len); 431105197Ssam kdebug_sockaddr(addr); 432105197Ssam } 433105197Ssam 434105197Ssam printf(" }\n"); 435105197Ssam 436105197Ssam /* prevent infinite loop */ 437105197Ssam if (xisr->sadb_x_ipsecrequest_len <= 0) { 438105197Ssam printf("kdebug_sadb_x_policy: wrong policy struct.\n"); 439105197Ssam return; 440105197Ssam } 441105197Ssam /* prevent overflow */ 442105197Ssam if (xisr->sadb_x_ipsecrequest_len > tlen) { 443105197Ssam printf("invalid ipsec policy length\n"); 444105197Ssam return; 445105197Ssam } 446105197Ssam 447105197Ssam tlen -= xisr->sadb_x_ipsecrequest_len; 448105197Ssam 449105197Ssam xisr = (struct sadb_x_ipsecrequest *)((caddr_t)xisr 450105197Ssam + xisr->sadb_x_ipsecrequest_len); 451105197Ssam } 452105197Ssam 453105197Ssam if (tlen != 0) 454105197Ssam panic("kdebug_sadb_x_policy: wrong policy struct.\n"); 455105197Ssam } 456105197Ssam 457105197Ssam return; 458105197Ssam} 459105197Ssam 460105197Ssam#ifdef _KERNEL 461105197Ssam/* %%%: about SPD and SAD */ 462105197Ssamvoid 463105197Ssamkdebug_secpolicy(sp) 464105197Ssam struct secpolicy *sp; 465105197Ssam{ 466105197Ssam /* sanity check */ 467105197Ssam if (sp == NULL) 468105197Ssam panic("kdebug_secpolicy: NULL pointer was passed.\n"); 469105197Ssam 470105197Ssam printf("secpolicy{ refcnt=%u state=%u policy=%u\n", 471105197Ssam sp->refcnt, sp->state, sp->policy); 472105197Ssam 473105197Ssam kdebug_secpolicyindex(&sp->spidx); 474105197Ssam 475105197Ssam switch (sp->policy) { 476105197Ssam case IPSEC_POLICY_DISCARD: 477105197Ssam printf(" type=discard }\n"); 478105197Ssam break; 479105197Ssam case IPSEC_POLICY_NONE: 480105197Ssam printf(" type=none }\n"); 481105197Ssam break; 482105197Ssam case IPSEC_POLICY_IPSEC: 483105197Ssam { 484105197Ssam struct ipsecrequest *isr; 485105197Ssam for (isr = sp->req; isr != NULL; isr = isr->next) { 486105197Ssam 487105197Ssam printf(" level=%u\n", isr->level); 488105197Ssam kdebug_secasindex(&isr->saidx); 489105197Ssam 490105197Ssam if (isr->sav != NULL) 491105197Ssam kdebug_secasv(isr->sav); 492105197Ssam } 493105197Ssam printf(" }\n"); 494105197Ssam } 495105197Ssam break; 496105197Ssam case IPSEC_POLICY_BYPASS: 497105197Ssam printf(" type=bypass }\n"); 498105197Ssam break; 499105197Ssam case IPSEC_POLICY_ENTRUST: 500105197Ssam printf(" type=entrust }\n"); 501105197Ssam break; 502105197Ssam default: 503105197Ssam printf("kdebug_secpolicy: Invalid policy found. %d\n", 504105197Ssam sp->policy); 505105197Ssam break; 506105197Ssam } 507105197Ssam 508105197Ssam return; 509105197Ssam} 510105197Ssam 511105197Ssamvoid 512105197Ssamkdebug_secpolicyindex(spidx) 513105197Ssam struct secpolicyindex *spidx; 514105197Ssam{ 515105197Ssam /* sanity check */ 516105197Ssam if (spidx == NULL) 517105197Ssam panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); 518105197Ssam 519105197Ssam printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n", 520105197Ssam spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto); 521105197Ssam 522105197Ssam ipsec_hexdump((caddr_t)&spidx->src, 523105197Ssam ((struct sockaddr *)&spidx->src)->sa_len); 524105197Ssam printf("\n"); 525105197Ssam ipsec_hexdump((caddr_t)&spidx->dst, 526105197Ssam ((struct sockaddr *)&spidx->dst)->sa_len); 527105197Ssam printf("}\n"); 528105197Ssam 529105197Ssam return; 530105197Ssam} 531105197Ssam 532105197Ssamvoid 533105197Ssamkdebug_secasindex(saidx) 534105197Ssam struct secasindex *saidx; 535105197Ssam{ 536105197Ssam /* sanity check */ 537105197Ssam if (saidx == NULL) 538105197Ssam panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); 539105197Ssam 540105197Ssam printf("secasindex{ mode=%u proto=%u\n", 541105197Ssam saidx->mode, saidx->proto); 542105197Ssam 543105197Ssam ipsec_hexdump((caddr_t)&saidx->src, 544105197Ssam ((struct sockaddr *)&saidx->src)->sa_len); 545105197Ssam printf("\n"); 546105197Ssam ipsec_hexdump((caddr_t)&saidx->dst, 547105197Ssam ((struct sockaddr *)&saidx->dst)->sa_len); 548105197Ssam printf("\n"); 549105197Ssam 550105197Ssam return; 551105197Ssam} 552105197Ssam 553105197Ssamvoid 554105197Ssamkdebug_secasv(sav) 555105197Ssam struct secasvar *sav; 556105197Ssam{ 557105197Ssam /* sanity check */ 558105197Ssam if (sav == NULL) 559105197Ssam panic("kdebug_secasv: NULL pointer was passed.\n"); 560105197Ssam 561105197Ssam printf("secas{"); 562105197Ssam kdebug_secasindex(&sav->sah->saidx); 563105197Ssam 564105197Ssam printf(" refcnt=%u state=%u auth=%u enc=%u\n", 565105197Ssam sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc); 566105197Ssam printf(" spi=%u flags=%u\n", 567105197Ssam (u_int32_t)ntohl(sav->spi), sav->flags); 568105197Ssam 569105197Ssam if (sav->key_auth != NULL) 570105197Ssam kdebug_sadb_key((struct sadb_ext *)sav->key_auth); 571105197Ssam if (sav->key_enc != NULL) 572105197Ssam kdebug_sadb_key((struct sadb_ext *)sav->key_enc); 573105197Ssam if (sav->iv != NULL) { 574105197Ssam printf(" iv="); 575105197Ssam ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8); 576105197Ssam printf("\n"); 577105197Ssam } 578105197Ssam 579105197Ssam if (sav->replay != NULL) 580105197Ssam kdebug_secreplay(sav->replay); 581105197Ssam if (sav->lft_c != NULL) 582105197Ssam kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c); 583105197Ssam if (sav->lft_h != NULL) 584105197Ssam kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h); 585105197Ssam if (sav->lft_s != NULL) 586105197Ssam kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s); 587105197Ssam 588105197Ssam#if notyet 589105197Ssam /* XXX: misc[123] ? */ 590105197Ssam#endif 591105197Ssam 592105197Ssam return; 593105197Ssam} 594105197Ssam 595105197Ssamstatic void 596105197Ssamkdebug_secreplay(rpl) 597105197Ssam struct secreplay *rpl; 598105197Ssam{ 599105197Ssam int len, l; 600105197Ssam 601105197Ssam /* sanity check */ 602105197Ssam if (rpl == NULL) 603105197Ssam panic("kdebug_secreplay: NULL pointer was passed.\n"); 604105197Ssam 605105197Ssam printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u", 606105197Ssam rpl->count, rpl->wsize, rpl->seq, rpl->lastseq); 607105197Ssam 608105197Ssam if (rpl->bitmap == NULL) { 609105197Ssam printf(" }\n"); 610105197Ssam return; 611105197Ssam } 612105197Ssam 613105197Ssam printf("\n bitmap { "); 614105197Ssam 615105197Ssam for (len = 0; len < rpl->wsize; len++) { 616105197Ssam for (l = 7; l >= 0; l--) 617105197Ssam printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0); 618105197Ssam } 619105197Ssam printf(" }\n"); 620105197Ssam 621105197Ssam return; 622105197Ssam} 623105197Ssam 624105197Ssamvoid 625105197Ssamkdebug_mbufhdr(m) 626105197Ssam struct mbuf *m; 627105197Ssam{ 628105197Ssam /* sanity check */ 629105197Ssam if (m == NULL) 630105197Ssam return; 631105197Ssam 632105197Ssam printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p " 633105197Ssam "m_len:%d m_type:0x%02x m_flags:0x%02x }\n", 634105197Ssam m, m->m_next, m->m_nextpkt, m->m_data, 635105197Ssam m->m_len, m->m_type, m->m_flags); 636105197Ssam 637105197Ssam if (m->m_flags & M_PKTHDR) { 638105197Ssam printf(" m_pkthdr{ len:%d rcvif:%p }\n", 639105197Ssam m->m_pkthdr.len, m->m_pkthdr.rcvif); 640105197Ssam } 641105197Ssam 642105197Ssam if (m->m_flags & M_EXT) { 643105197Ssam printf(" m_ext{ ext_buf:%p ext_free:%p " 644105197Ssam "ext_size:%u ref_cnt:%p }\n", 645105197Ssam m->m_ext.ext_buf, m->m_ext.ext_free, 646105197Ssam m->m_ext.ext_size, m->m_ext.ref_cnt); 647105197Ssam } 648105197Ssam 649105197Ssam return; 650105197Ssam} 651105197Ssam 652105197Ssamvoid 653105197Ssamkdebug_mbuf(m0) 654105197Ssam struct mbuf *m0; 655105197Ssam{ 656105197Ssam struct mbuf *m = m0; 657105197Ssam int i, j; 658105197Ssam 659105197Ssam for (j = 0; m; m = m->m_next) { 660105197Ssam kdebug_mbufhdr(m); 661105197Ssam printf(" m_data:\n"); 662105197Ssam for (i = 0; i < m->m_len; i++) { 663105197Ssam if (i && i % 32 == 0) 664105197Ssam printf("\n"); 665105197Ssam if (i % 4 == 0) 666105197Ssam printf(" "); 667105197Ssam printf("%02x", mtod(m, u_char *)[i]); 668105197Ssam j++; 669105197Ssam } 670105197Ssam printf("\n"); 671105197Ssam } 672105197Ssam 673105197Ssam return; 674105197Ssam} 675105197Ssam#endif /* _KERNEL */ 676105197Ssam 677105197Ssamvoid 678105197Ssamkdebug_sockaddr(addr) 679105197Ssam struct sockaddr *addr; 680105197Ssam{ 681105197Ssam struct sockaddr_in *sin4; 682105197Ssam#ifdef INET6 683105197Ssam struct sockaddr_in6 *sin6; 684105197Ssam#endif 685105197Ssam 686105197Ssam /* sanity check */ 687105197Ssam if (addr == NULL) 688105197Ssam panic("kdebug_sockaddr: NULL pointer was passed.\n"); 689105197Ssam 690105197Ssam /* NOTE: We deal with port number as host byte order. */ 691105197Ssam printf("sockaddr{ len=%u family=%u", addr->sa_len, addr->sa_family); 692105197Ssam 693105197Ssam switch (addr->sa_family) { 694105197Ssam case AF_INET: 695105197Ssam sin4 = (struct sockaddr_in *)addr; 696105197Ssam printf(" port=%u\n", ntohs(sin4->sin_port)); 697105197Ssam ipsec_hexdump((caddr_t)&sin4->sin_addr, sizeof(sin4->sin_addr)); 698105197Ssam break; 699105197Ssam#ifdef INET6 700105197Ssam case AF_INET6: 701105197Ssam sin6 = (struct sockaddr_in6 *)addr; 702105197Ssam printf(" port=%u\n", ntohs(sin6->sin6_port)); 703105197Ssam printf(" flowinfo=0x%08x, scope_id=0x%08x\n", 704105197Ssam sin6->sin6_flowinfo, sin6->sin6_scope_id); 705105197Ssam ipsec_hexdump((caddr_t)&sin6->sin6_addr, 706105197Ssam sizeof(sin6->sin6_addr)); 707105197Ssam break; 708105197Ssam#endif 709105197Ssam } 710105197Ssam 711105197Ssam printf(" }\n"); 712105197Ssam 713105197Ssam return; 714105197Ssam} 715105197Ssam 716105197Ssamvoid 717105197Ssamipsec_bindump(buf, len) 718105197Ssam caddr_t buf; 719105197Ssam int len; 720105197Ssam{ 721105197Ssam int i; 722105197Ssam 723105197Ssam for (i = 0; i < len; i++) 724105197Ssam printf("%c", (unsigned char)buf[i]); 725105197Ssam 726105197Ssam return; 727105197Ssam} 728105197Ssam 729105197Ssam 730105197Ssamvoid 731105197Ssamipsec_hexdump(buf, len) 732105197Ssam caddr_t buf; 733105197Ssam int len; 734105197Ssam{ 735105197Ssam int i; 736105197Ssam 737105197Ssam for (i = 0; i < len; i++) { 738105197Ssam if (i != 0 && i % 32 == 0) printf("\n"); 739105197Ssam if (i % 4 == 0) printf(" "); 740105197Ssam printf("%02x", (unsigned char)buf[i]); 741105197Ssam } 742105197Ssam#if 0 743105197Ssam if (i % 32 != 0) printf("\n"); 744105197Ssam#endif 745105197Ssam 746105197Ssam return; 747105197Ssam} 748