1/* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */ 2 3/* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32#ifdef HAVE_CONFIG_H 33#include "config.h" 34#endif 35 36#ifdef _KERNEL 37#if defined(__FreeBSD__) && __FreeBSD__ >= 3 38#include "opt_inet.h" 39#include "opt_inet6.h" 40#include "opt_ipsec.h" 41#endif 42#ifdef __NetBSD__ 43#include "opt_inet.h" 44#endif 45#endif 46 47#include <sys/types.h> 48#include <sys/param.h> 49#ifdef _KERNEL 50#include <sys/systm.h> 51#include <sys/mbuf.h> 52#include <sys/queue.h> 53#endif 54#include <sys/socket.h> 55 56#include <netinet/in.h> 57#ifdef HAVE_NETINET6_IPSEC 58# include <netinet6/ipsec.h> 59#else 60# include <netinet/ipsec.h> 61#endif 62 63#ifndef _KERNEL 64#include <ctype.h> 65#include <stdio.h> 66#include <stdlib.h> 67#endif /* !_KERNEL */ 68 69#include "config.h" 70#include "var.h" 71#include "libpfkey.h" 72 73static void kdebug_sadb_prop (struct sadb_ext *); 74static void kdebug_sadb_identity (struct sadb_ext *); 75static void kdebug_sadb_supported (struct sadb_ext *); 76static void kdebug_sadb_lifetime (struct sadb_ext *); 77static void kdebug_sadb_sa (struct sadb_ext *); 78static void kdebug_sadb_address (struct sadb_ext *); 79static void kdebug_sadb_key (struct sadb_ext *); 80static void kdebug_sadb_x_sa2 (struct sadb_ext *); 81static void kdebug_sadb_session_id (struct sadb_ext *); 82static void kdebug_sadb_sastat (struct sadb_ext *); 83static void kdebug_sadb_x_policy (struct sadb_ext *ext); 84static void kdebug_sockaddr (struct sockaddr_storage *addr); 85static void kdebug_sadb_x_ipsecif (struct sadb_ext *ext); 86#ifdef SADB_X_EXT_NAT_T_TYPE 87static void kdebug_sadb_x_nat_t_type (struct sadb_ext *ext); 88static void kdebug_sadb_x_nat_t_port (struct sadb_ext *ext); 89#endif 90 91#ifdef _KERNEL 92static void kdebug_secreplay (struct secreplay *); 93#endif 94 95#ifndef _KERNEL 96#define panic(param) { printf(param); exit(1); } 97#endif 98 99#include "libpfkey.h" 100/* NOTE: host byte order */ 101 102/* %%%: about struct sadb_msg */ 103void 104kdebug_sadb(base) 105 struct sadb_msg *base; 106{ 107 struct sadb_ext *ext; 108 int tlen, extlen; 109 110 /* sanity check */ 111 if (base == NULL) 112 panic("kdebug_sadb: NULL pointer was passed.\n"); 113 114 printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n", 115 base->sadb_msg_version, base->sadb_msg_type, 116 base->sadb_msg_errno, base->sadb_msg_satype); 117 printf(" len=%u reserved=%u seq=%u pid=%u\n", 118 base->sadb_msg_len, base->sadb_msg_reserved, 119 base->sadb_msg_seq, base->sadb_msg_pid); 120 121 tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg); 122 ext = (void *)((caddr_t)(void *)base + sizeof(struct sadb_msg)); 123 124 while (tlen > 0) { 125 printf("sadb_ext{ len=%u type=%u }\n", 126 ext->sadb_ext_len, ext->sadb_ext_type); 127 128 if (ext->sadb_ext_len == 0) { 129 printf("kdebug_sadb: invalid ext_len=0 was passed.\n"); 130 return; 131 } 132 if (ext->sadb_ext_len > tlen) { 133 printf("kdebug_sadb: ext_len exceeds end of buffer.\n"); 134 return; 135 } 136 137 switch (ext->sadb_ext_type) { 138 case SADB_EXT_SA: 139 kdebug_sadb_sa(ext); 140 break; 141 case SADB_EXT_LIFETIME_CURRENT: 142 case SADB_EXT_LIFETIME_HARD: 143 case SADB_EXT_LIFETIME_SOFT: 144 kdebug_sadb_lifetime(ext); 145 break; 146 case SADB_EXT_ADDRESS_SRC: 147 case SADB_EXT_ADDRESS_DST: 148 case SADB_EXT_ADDRESS_PROXY: 149 case SADB_X_EXT_ADDR_RANGE_SRC_START: 150 case SADB_X_EXT_ADDR_RANGE_SRC_END: 151 case SADB_X_EXT_ADDR_RANGE_DST_START: 152 case SADB_X_EXT_ADDR_RANGE_DST_END: 153 kdebug_sadb_address(ext); 154 break; 155 case SADB_EXT_KEY_AUTH: 156 case SADB_EXT_KEY_ENCRYPT: 157 kdebug_sadb_key(ext); 158 break; 159 case SADB_EXT_IDENTITY_SRC: 160 case SADB_EXT_IDENTITY_DST: 161 kdebug_sadb_identity(ext); 162 break; 163 case SADB_EXT_SENSITIVITY: 164 break; 165 case SADB_EXT_PROPOSAL: 166 kdebug_sadb_prop(ext); 167 break; 168 case SADB_EXT_SUPPORTED_AUTH: 169 case SADB_EXT_SUPPORTED_ENCRYPT: 170 kdebug_sadb_supported(ext); 171 break; 172 case SADB_EXT_SPIRANGE: 173 case SADB_X_EXT_KMPRIVATE: 174 break; 175 case SADB_X_EXT_POLICY: 176 kdebug_sadb_x_policy(ext); 177 break; 178 case SADB_X_EXT_SA2: 179 kdebug_sadb_x_sa2(ext); 180 break; 181 case SADB_EXT_SESSION_ID: 182 kdebug_sadb_session_id(ext); 183 break; 184 case SADB_EXT_SASTAT: 185 kdebug_sadb_sastat(ext); 186 break; 187 case SADB_X_EXT_IPSECIF: 188 kdebug_sadb_x_ipsecif(ext); 189 break; 190#ifdef SADB_X_EXT_NAT_T_TYPE 191 case SADB_X_EXT_NAT_T_TYPE: 192 kdebug_sadb_x_nat_t_type(ext); 193 break; 194 case SADB_X_EXT_NAT_T_SPORT: 195 case SADB_X_EXT_NAT_T_DPORT: 196 kdebug_sadb_x_nat_t_port(ext); 197 break; 198 case SADB_X_EXT_NAT_T_OA: 199 kdebug_sadb_address(ext); 200 break; 201#endif 202 default: 203 printf("kdebug_sadb: invalid ext_type %u was passed.\n", 204 ext->sadb_ext_type); 205 return; 206 } 207 208 extlen = PFKEY_UNUNIT64(ext->sadb_ext_len); 209 tlen -= extlen; 210 ext = (void *)((caddr_t)(void *)ext + extlen); 211 } 212 213 return; 214} 215 216static void 217kdebug_sadb_prop(ext) 218 struct sadb_ext *ext; 219{ 220 struct sadb_prop *prop = (void *)ext; 221 struct sadb_comb *comb; 222 int len; 223 224 /* sanity check */ 225 if (ext == NULL) 226 panic("kdebug_sadb_prop: NULL pointer was passed.\n"); 227 228 len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop)) 229 / sizeof(*comb); 230 comb = (void *)(prop + 1); 231 printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay); 232 233 while (len--) { 234 printf("sadb_comb{ auth=%u encrypt=%u " 235 "flags=0x%04x reserved=0x%08x\n", 236 comb->sadb_comb_auth, comb->sadb_comb_encrypt, 237 comb->sadb_comb_flags, comb->sadb_comb_reserved); 238 239 printf(" auth_minbits=%u auth_maxbits=%u " 240 "encrypt_minbits=%u encrypt_maxbits=%u\n", 241 comb->sadb_comb_auth_minbits, 242 comb->sadb_comb_auth_maxbits, 243 comb->sadb_comb_encrypt_minbits, 244 comb->sadb_comb_encrypt_maxbits); 245 246 printf(" soft_alloc=%u hard_alloc=%u " 247 "soft_bytes=%lu hard_bytes=%lu\n", 248 comb->sadb_comb_soft_allocations, 249 comb->sadb_comb_hard_allocations, 250 (unsigned long)comb->sadb_comb_soft_bytes, 251 (unsigned long)comb->sadb_comb_hard_bytes); 252 253 printf(" soft_alloc=%lu hard_alloc=%lu " 254 "soft_bytes=%lu hard_bytes=%lu }\n", 255 (unsigned long)comb->sadb_comb_soft_addtime, 256 (unsigned long)comb->sadb_comb_hard_addtime, 257 (unsigned long)comb->sadb_comb_soft_usetime, 258 (unsigned long)comb->sadb_comb_hard_usetime); 259 comb++; 260 } 261 printf("}\n"); 262 263 return; 264} 265 266static void 267kdebug_sadb_identity(ext) 268 struct sadb_ext *ext; 269{ 270 struct sadb_ident *id = (void *)ext; 271 int len; 272 273 /* sanity check */ 274 if (ext == NULL) 275 panic("kdebug_sadb_identity: NULL pointer was passed.\n"); 276 277 len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id); 278 printf("sadb_ident_%s{", 279 id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst"); 280 switch (id->sadb_ident_type) { 281 default: 282 printf(" type=%d id=%lu", 283 id->sadb_ident_type, (u_long)id->sadb_ident_id); 284 if (len) { 285#ifdef _KERNEL 286 ipsec_hexdump((caddr_t)(id + 1), len); /*XXX cast ?*/ 287#else 288 char *p, *ep; 289 printf("\n str=\""); 290 p = (void *)(id + 1); 291 ep = p + len; 292 for (/*nothing*/; *p && p < ep; p++) { 293 if (isprint((int)*p)) 294 printf("%c", *p & 0xff); 295 else 296 printf("\\%03o", *p & 0xff); 297 } 298#endif 299 printf("\""); 300 } 301 break; 302 } 303 304 printf(" }\n"); 305 306 return; 307} 308 309static void 310kdebug_sadb_supported(ext) 311 struct sadb_ext *ext; 312{ 313 struct sadb_supported *sup = (void *)ext; 314 struct sadb_alg *alg; 315 int len; 316 317 /* sanity check */ 318 if (ext == NULL) 319 panic("kdebug_sadb_supported: NULL pointer was passed.\n"); 320 321 len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup)) 322 / sizeof(*alg); 323 alg = (void *)(sup + 1); 324 printf("sadb_sup{\n"); 325 while (len--) { 326 printf(" { id=%d ivlen=%d min=%d max=%d }\n", 327 alg->sadb_alg_id, alg->sadb_alg_ivlen, 328 alg->sadb_alg_minbits, alg->sadb_alg_maxbits); 329 alg++; 330 } 331 printf("}\n"); 332 333 return; 334} 335 336static void 337kdebug_sadb_lifetime(ext) 338 struct sadb_ext *ext; 339{ 340 struct sadb_lifetime *lft = (void *)ext; 341 342 /* sanity check */ 343 if (ext == NULL) 344 printf("kdebug_sadb_lifetime: NULL pointer was passed.\n"); 345 346 printf("sadb_lifetime{ alloc=%u, bytes=%u\n", 347 lft->sadb_lifetime_allocations, 348 (u_int32_t)lft->sadb_lifetime_bytes); 349 printf(" addtime=%u, usetime=%u }\n", 350 (u_int32_t)lft->sadb_lifetime_addtime, 351 (u_int32_t)lft->sadb_lifetime_usetime); 352 353 return; 354} 355 356static void 357kdebug_sadb_sa(ext) 358 struct sadb_ext *ext; 359{ 360 struct sadb_sa *sa = (void *)ext; 361 362 /* sanity check */ 363 if (ext == NULL) 364 panic("kdebug_sadb_sa: NULL pointer was passed.\n"); 365 366 printf("sadb_sa{ spi=%u replay=%u state=%u\n", 367 (u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay, 368 sa->sadb_sa_state); 369 printf(" auth=%u encrypt=%u flags=0x%08x }\n", 370 sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags); 371 372 return; 373} 374 375static void 376kdebug_sadb_address(ext) 377 struct sadb_ext *ext; 378{ 379 struct sadb_address *addr = (void *)ext; 380 381 /* sanity check */ 382 if (ext == NULL) 383 panic("kdebug_sadb_address: NULL pointer was passed.\n"); 384 385 printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n", 386 addr->sadb_address_proto, addr->sadb_address_prefixlen, 387 ((u_char *)(void *)&addr->sadb_address_reserved)[0], 388 ((u_char *)(void *)&addr->sadb_address_reserved)[1]); 389 390 kdebug_sockaddr((void *)((caddr_t)(void *)ext + sizeof(*addr))); 391 392 return; 393} 394 395static void 396kdebug_sadb_key(ext) 397 struct sadb_ext *ext; 398{ 399 struct sadb_key *key = (void *)ext; 400 401 /* sanity check */ 402 if (ext == NULL) 403 panic("kdebug_sadb_key: NULL pointer was passed.\n"); 404 405 printf("sadb_key{ bits=%u reserved=%u\n", 406 key->sadb_key_bits, key->sadb_key_reserved); 407 printf(" key="); 408 409 /* sanity check 2 */ 410 if (((uint32_t)key->sadb_key_bits >> 3) > 411 (PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) { 412 printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n", 413 (uint32_t)key->sadb_key_bits >> 3, 414 (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key)); 415 } 416 417 ipsec_hexdump(key + sizeof(struct sadb_key), 418 (int)((uint32_t)key->sadb_key_bits >> 3)); 419 printf(" }\n"); 420 return; 421} 422 423static void 424kdebug_sadb_x_sa2(ext) 425 struct sadb_ext *ext; 426{ 427 struct sadb_x_sa2 *sa2 = (void *)ext; 428 429 /* sanity check */ 430 if (ext == NULL) 431 panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n"); 432 433 printf("sadb_x_sa2{ mode=%u reqid=%u\n", 434 sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid); 435 printf(" reserved1=%u reserved2=%u sequence=%u }\n", 436 sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2, 437 sa2->sadb_x_sa2_sequence); 438 439 return; 440} 441 442static void 443kdebug_sadb_session_id(ext) 444struct sadb_ext *ext; 445{ 446 struct sadb_session_id *p = ALIGNED_CAST(__typeof__(p))ext; // Wcast-align fix (void*) - sadb structs come from and aligned buffer 447 448 /* sanity check */ 449 if (ext == NULL) { 450 printf("kdebug_sadb_session_id: NULL pointer was passed.\n"); 451 return; 452 } 453 454 printf("sadb_session_id{ id0=%llx, id1=%llx}\n", 455 p->sadb_session_id_v[0], 456 p->sadb_session_id_v[1]); 457} 458 459static void 460kdebug_sadb_x_ipsecif(struct sadb_ext *ext) 461{ 462 struct sadb_x_ipsecif *p = ALIGNED_CAST(__typeof__(p))ext; 463 464 if (ext == NULL) { 465 printf("sadb_x_ipsecif: NULL pointer was passed.\n"); 466 return; 467 } 468 469 printf("sadb_x_ipsec_if{ ipsecif=%s outgoing=%s\n", p->sadb_x_ipsecif_ipsec_if, p->sadb_x_ipsecif_outgoing_if); 470 printf(" internal=%s disabled=%d }\n", p->sadb_x_ipsecif_internal_if, p->sadb_x_ipsecif_init_disabled); 471} 472 473static void 474kdebug_sadb_sastat(ext) 475struct sadb_ext *ext; 476{ 477 struct sadb_sastat *p = ALIGNED_CAST(__typeof__(p))ext; // Wcast-align fix (void*) - sadb structs come from and aligned buffer 478 struct sastat *stats; 479 int i; 480 481 /* sanity check */ 482 if (ext == NULL) { 483 printf("kdebug_sadb_sastat: NULL pointer was passed.\n"); 484 return; 485 } 486 487 printf("sadb_sastat{ dir=%u num=%u\n", 488 p->sadb_sastat_dir, p->sadb_sastat_list_len); 489 stats = (__typeof__(stats))(p + 1); 490 for (i = 0; i < p->sadb_sastat_list_len; i++) { 491 printf(" spi=%x,\n", 492 stats[i].spi); 493 } 494 printf("}\n"); 495} 496 497void 498kdebug_sadb_x_policy(ext) 499 struct sadb_ext *ext; 500{ 501 struct sadb_x_policy *xpl = (void *)ext; 502 struct sockaddr_storage *addr; 503 504 /* sanity check */ 505 if (ext == NULL) 506 panic("kdebug_sadb_x_policy: NULL pointer was passed.\n"); 507 508#ifdef HAVE_PFKEY_POLICY_PRIORITY 509 printf("sadb_x_policy{ type=%u dir=%u id=%x priority=%u }\n", 510#else 511 printf("sadb_x_policy{ type=%u dir=%u id=%x }\n", 512#endif 513 xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir, 514#ifdef HAVE_PFKEY_POLICY_PRIORITY 515 xpl->sadb_x_policy_id, xpl->sadb_x_policy_priority); 516#else 517 xpl->sadb_x_policy_id); 518#endif 519 520 if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) { 521 int tlen; 522 struct sadb_x_ipsecrequest *xisr; 523 524 tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl); 525 xisr = (void *)(xpl + 1); 526 527 while (tlen > 0) { 528 printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n", 529 xisr->sadb_x_ipsecrequest_len, 530 xisr->sadb_x_ipsecrequest_proto, 531 xisr->sadb_x_ipsecrequest_mode, 532 xisr->sadb_x_ipsecrequest_level, 533 xisr->sadb_x_ipsecrequest_reqid); 534 535 if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { 536 addr = (void *)(xisr + 1); 537 kdebug_sockaddr(addr); 538 addr = (void *)((caddr_t)(void *)addr 539 + sysdep_sa_len((struct sockaddr *)addr)); 540 kdebug_sockaddr(addr); 541 } 542 543 printf(" }\n"); 544 545 /* prevent infinite loop */ 546 if (xisr->sadb_x_ipsecrequest_len == 0) { 547 printf("kdebug_sadb_x_policy: wrong policy struct.\n"); 548 return; 549 } 550 /* prevent overflow */ 551 if (xisr->sadb_x_ipsecrequest_len > tlen) { 552 printf("invalid ipsec policy length\n"); 553 return; 554 } 555 556 tlen -= xisr->sadb_x_ipsecrequest_len; 557 558 xisr = (void *)((caddr_t)(void *)xisr 559 + xisr->sadb_x_ipsecrequest_len); 560 } 561 562 if (tlen != 0) 563 panic("kdebug_sadb_x_policy: wrong policy struct.\n"); 564 } 565 566 return; 567} 568 569#ifdef SADB_X_EXT_NAT_T_TYPE 570static void 571kdebug_sadb_x_nat_t_type(struct sadb_ext *ext) 572{ 573 struct sadb_x_nat_t_type *ntt = (void *)ext; 574 575 /* sanity check */ 576 if (ext == NULL) 577 panic("kdebug_sadb_x_nat_t_type: NULL pointer was passed.\n"); 578 579 printf("sadb_x_nat_t_type{ type=%u }\n", ntt->sadb_x_nat_t_type_type); 580 581 return; 582} 583 584static void 585kdebug_sadb_x_nat_t_port(struct sadb_ext *ext) 586{ 587 struct sadb_x_nat_t_port *ntp = (void *)ext; 588 589 /* sanity check */ 590 if (ext == NULL) 591 panic("kdebug_sadb_x_nat_t_port: NULL pointer was passed.\n"); 592 593 printf("sadb_x_nat_t_port{ port=%u }\n", ntohs(ntp->sadb_x_nat_t_port_port)); 594 595 return; 596} 597#endif 598 599#ifdef _KERNEL 600/* %%%: about SPD and SAD */ 601void 602kdebug_secpolicy(sp) 603 struct secpolicy *sp; 604{ 605 /* sanity check */ 606 if (sp == NULL) 607 panic("kdebug_secpolicy: NULL pointer was passed.\n"); 608 609 printf("secpolicy{ refcnt=%u state=%u policy=%u\n", 610 sp->refcnt, sp->state, sp->policy); 611 612 kdebug_secpolicyindex(&sp->spidx); 613 614 switch (sp->policy) { 615 case IPSEC_POLICY_DISCARD: 616 printf(" type=discard }\n"); 617 break; 618 case IPSEC_POLICY_GENERATE: 619 printf(" type=generate }\n"); 620 break; 621 case IPSEC_POLICY_NONE: 622 printf(" type=none }\n"); 623 break; 624 case IPSEC_POLICY_IPSEC: 625 { 626 struct ipsecrequest *isr; 627 for (isr = sp->req; isr != NULL; isr = isr->next) { 628 629 printf(" level=%u\n", isr->level); 630 kdebug_secasindex(&isr->saidx); 631 632 if (isr->sav != NULL) 633 kdebug_secasv(isr->sav); 634 } 635 printf(" }\n"); 636 } 637 break; 638 case IPSEC_POLICY_BYPASS: 639 printf(" type=bypass }\n"); 640 break; 641 case IPSEC_POLICY_ENTRUST: 642 printf(" type=entrust }\n"); 643 break; 644 default: 645 printf("kdebug_secpolicy: Invalid policy found. %d\n", 646 sp->policy); 647 break; 648 } 649 650 return; 651} 652 653void 654kdebug_secpolicyindex(spidx) 655 struct secpolicyindex *spidx; 656{ 657 /* sanity check */ 658 if (spidx == NULL) 659 panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); 660 661 printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n", 662 spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto); 663 664 ipsec_hexdump((caddr_t)&spidx->src, 665 sysdep_sa_len((struct sockaddr *)&spidx->src)); 666 printf("\n"); 667 ipsec_hexdump((caddr_t)&spidx->dst, 668 sysdep_sa_len((struct sockaddr *)&spidx->dst)); 669 printf("}\n"); 670 671 return; 672} 673 674void 675kdebug_secasindex(saidx) 676 struct secasindex *saidx; 677{ 678 /* sanity check */ 679 if (saidx == NULL) 680 panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); 681 682 printf("secasindex{ mode=%u proto=%u\n", 683 saidx->mode, saidx->proto); 684 685 ipsec_hexdump((caddr_t)&saidx->src, 686 sysdep_sa_len((struct sockaddr *)&saidx->src)); 687 printf("\n"); 688 ipsec_hexdump((caddr_t)&saidx->dst, 689 sysdep_sa_len((struct sockaddr *)&saidx->dst)); 690 printf("\n"); 691 692 return; 693} 694 695void 696kdebug_secasv(sav) 697 struct secasvar *sav; 698{ 699 /* sanity check */ 700 if (sav == NULL) 701 panic("kdebug_secasv: NULL pointer was passed.\n"); 702 703 printf("secas{"); 704 kdebug_secasindex(&sav->sah->saidx); 705 706 printf(" refcnt=%u state=%u auth=%u enc=%u\n", 707 sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc); 708 printf(" spi=%u flags=%u\n", 709 (u_int32_t)ntohl(sav->spi), sav->flags); 710 711 if (sav->key_auth != NULL) 712 kdebug_sadb_key((struct sadb_ext *)sav->key_auth); 713 if (sav->key_enc != NULL) 714 kdebug_sadb_key((struct sadb_ext *)sav->key_enc); 715 if (sav->iv != NULL) { 716 printf(" iv="); 717 ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8); 718 printf("\n"); 719 } 720 721 if (sav->replay != NULL) 722 kdebug_secreplay(sav->replay); 723 if (sav->lft_c != NULL) 724 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c); 725 if (sav->lft_h != NULL) 726 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h); 727 if (sav->lft_s != NULL) 728 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s); 729 730#if notyet 731 /* XXX: misc[123] ? */ 732#endif 733 734 return; 735} 736 737static void 738kdebug_secreplay(rpl) 739 struct secreplay *rpl; 740{ 741 int len, l; 742 743 /* sanity check */ 744 if (rpl == NULL) 745 panic("kdebug_secreplay: NULL pointer was passed.\n"); 746 747 printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u", 748 rpl->count, rpl->wsize, rpl->seq, rpl->lastseq); 749 750 if (rpl->bitmap == NULL) { 751 printf(" }\n"); 752 return; 753 } 754 755 printf("\n bitmap { "); 756 757 for (len = 0; len < rpl->wsize; len++) { 758 for (l = 7; l >= 0; l--) 759 printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0); 760 } 761 printf(" }\n"); 762 763 return; 764} 765 766void 767kdebug_mbufhdr(m) 768 struct mbuf *m; 769{ 770 /* sanity check */ 771 if (m == NULL) 772 return; 773 774 printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p " 775 "m_len:%d m_type:0x%02x m_flags:0x%02x }\n", 776 m, m->m_next, m->m_nextpkt, m->m_data, 777 m->m_len, m->m_type, m->m_flags); 778 779 if (m->m_flags & M_PKTHDR) { 780 printf(" m_pkthdr{ len:%d rcvif:%p }\n", 781 m->m_pkthdr.len, m->m_pkthdr.rcvif); 782 } 783 784#ifdef __FreeBSD__ 785 if (m->m_flags & M_EXT) { 786 printf(" m_ext{ ext_buf:%p ext_free:%p " 787 "ext_size:%u ext_ref:%p }\n", 788 m->m_ext.ext_buf, m->m_ext.ext_free, 789 m->m_ext.ext_size, m->m_ext.ext_ref); 790 } 791#endif 792 793 return; 794} 795 796void 797kdebug_mbuf(m0) 798 struct mbuf *m0; 799{ 800 struct mbuf *m = m0; 801 int i, j; 802 803 for (j = 0; m; m = m->m_next) { 804 kdebug_mbufhdr(m); 805 printf(" m_data:\n"); 806 for (i = 0; i < m->m_len; i++) { 807 if (i && i % 32 == 0) 808 printf("\n"); 809 if (i % 4 == 0) 810 printf(" "); 811 printf("%02x", mtod(m, u_char *)[i]); 812 j++; 813 } 814 printf("\n"); 815 } 816 817 return; 818} 819#endif /* _KERNEL */ 820 821static void 822kdebug_sockaddr(addr) 823 struct sockaddr_storage *addr; 824{ 825 struct sockaddr_in *sin4; 826#ifdef INET6 827 struct sockaddr_in6 *sin6; 828#endif 829 830 /* sanity check */ 831 if (addr == NULL) 832 panic("kdebug_sockaddr: NULL pointer was passed.\n"); 833 834 /* NOTE: We deal with port number as host byte order. */ 835 printf("sockaddr_storage{ len=%u family=%u", sysdep_sa_len((struct sockaddr *)addr), addr->ss_family); 836 837 switch (addr->ss_family) { 838 case AF_INET: 839 sin4 = (void *)addr; 840 printf(" port=%u\n", ntohs(sin4->sin_port)); 841 ipsec_hexdump(&sin4->sin_addr, sizeof(sin4->sin_addr)); 842 break; 843#ifdef INET6 844 case AF_INET6: 845 sin6 = (void *)addr; 846 printf(" port=%u\n", ntohs(sin6->sin6_port)); 847 printf(" flowinfo=0x%08x, scope_id=0x%08x\n", 848 sin6->sin6_flowinfo, sin6->sin6_scope_id); 849 ipsec_hexdump(&sin6->sin6_addr, sizeof(sin6->sin6_addr)); 850 break; 851#endif 852 } 853 854 printf(" }\n"); 855 856 return; 857} 858 859void 860ipsec_bindump(buf, len) 861 caddr_t buf; 862 int len; 863{ 864 int i; 865 866 for (i = 0; i < len; i++) 867 printf("%c", (unsigned char)buf[i]); 868 869 return; 870} 871 872 873void 874ipsec_hexdump(buf, len) 875 const void *buf; 876 int len; 877{ 878 int i; 879 880 for (i = 0; i < len; i++) { 881 if (i != 0 && i % 32 == 0) printf("\n"); 882 if (i % 4 == 0) printf(" "); 883 printf("%02x", ((const unsigned char *)buf)[i]); 884 } 885#if 0 886 if (i % 32 != 0) printf("\n"); 887#endif 888 889 return; 890} 891