1/* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */ 2 3/* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32#ifdef HAVE_CONFIG_H 33#include "config.h" 34#endif 35 36#ifdef _KERNEL 37#if defined(__FreeBSD__) && __FreeBSD__ >= 3 38#include "opt_inet.h" 39#include "opt_inet6.h" 40#include "opt_ipsec.h" 41#endif 42#ifdef __NetBSD__ 43#include "opt_inet.h" 44#endif 45#endif 46 47#include <sys/types.h> 48#include <sys/param.h> 49#ifdef _KERNEL 50#include <sys/systm.h> 51#include <sys/mbuf.h> 52#include <sys/queue.h> 53#endif 54#include <sys/socket.h> 55 56#include <netinet/in.h> 57#ifdef HAVE_NETINET6_IPSEC 58# include <netinet6/ipsec.h> 59#else 60# include <netinet/ipsec.h> 61#endif 62 63#ifndef _KERNEL 64#include <ctype.h> 65#include <stdio.h> 66#include <stdlib.h> 67#endif /* !_KERNEL */ 68 69#include "config.h" 70#include "var.h" 71#include "libpfkey.h" 72 73static void kdebug_sadb_prop (struct sadb_ext *); 74static void kdebug_sadb_identity (struct sadb_ext *); 75static void kdebug_sadb_supported (struct sadb_ext *); 76static void kdebug_sadb_lifetime (struct sadb_ext *); 77static void kdebug_sadb_sa (struct sadb_ext *); 78static void kdebug_sadb_address (struct sadb_ext *); 79static void kdebug_sadb_key (struct sadb_ext *); 80static void kdebug_sadb_x_sa2 (struct sadb_ext *); 81static void kdebug_sadb_session_id (struct sadb_ext *); 82static void kdebug_sadb_sastat (struct sadb_ext *); 83static void kdebug_sadb_x_policy (struct sadb_ext *ext); 84static void kdebug_sockaddr (struct sockaddr_storage *addr); 85 86#ifdef SADB_X_EXT_NAT_T_TYPE 87static void kdebug_sadb_x_nat_t_type (struct sadb_ext *ext); 88static void kdebug_sadb_x_nat_t_port (struct sadb_ext *ext); 89#endif 90 91#ifdef _KERNEL 92static void kdebug_secreplay (struct secreplay *); 93#endif 94 95#ifndef _KERNEL 96#define panic(param) { printf(param); exit(1); } 97#endif 98 99#include "libpfkey.h" 100/* NOTE: host byte order */ 101 102/* %%%: about struct sadb_msg */ 103void 104kdebug_sadb(base) 105 struct sadb_msg *base; 106{ 107 struct sadb_ext *ext; 108 int tlen, extlen; 109 110 /* sanity check */ 111 if (base == NULL) 112 panic("kdebug_sadb: NULL pointer was passed.\n"); 113 114 printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n", 115 base->sadb_msg_version, base->sadb_msg_type, 116 base->sadb_msg_errno, base->sadb_msg_satype); 117 printf(" len=%u reserved=%u seq=%u pid=%u\n", 118 base->sadb_msg_len, base->sadb_msg_reserved, 119 base->sadb_msg_seq, base->sadb_msg_pid); 120 121 tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg); 122 ext = (void *)((caddr_t)(void *)base + sizeof(struct sadb_msg)); 123 124 while (tlen > 0) { 125 printf("sadb_ext{ len=%u type=%u }\n", 126 ext->sadb_ext_len, ext->sadb_ext_type); 127 128 if (ext->sadb_ext_len == 0) { 129 printf("kdebug_sadb: invalid ext_len=0 was passed.\n"); 130 return; 131 } 132 if (ext->sadb_ext_len > tlen) { 133 printf("kdebug_sadb: ext_len exceeds end of buffer.\n"); 134 return; 135 } 136 137 switch (ext->sadb_ext_type) { 138 case SADB_EXT_SA: 139 kdebug_sadb_sa(ext); 140 break; 141 case SADB_EXT_LIFETIME_CURRENT: 142 case SADB_EXT_LIFETIME_HARD: 143 case SADB_EXT_LIFETIME_SOFT: 144 kdebug_sadb_lifetime(ext); 145 break; 146 case SADB_EXT_ADDRESS_SRC: 147 case SADB_EXT_ADDRESS_DST: 148 case SADB_EXT_ADDRESS_PROXY: 149 case SADB_X_EXT_ADDR_RANGE_SRC_START: 150 case SADB_X_EXT_ADDR_RANGE_SRC_END: 151 case SADB_X_EXT_ADDR_RANGE_DST_START: 152 case SADB_X_EXT_ADDR_RANGE_DST_END: 153 kdebug_sadb_address(ext); 154 break; 155 case SADB_EXT_KEY_AUTH: 156 case SADB_EXT_KEY_ENCRYPT: 157 kdebug_sadb_key(ext); 158 break; 159 case SADB_EXT_IDENTITY_SRC: 160 case SADB_EXT_IDENTITY_DST: 161 kdebug_sadb_identity(ext); 162 break; 163 case SADB_EXT_SENSITIVITY: 164 break; 165 case SADB_EXT_PROPOSAL: 166 kdebug_sadb_prop(ext); 167 break; 168 case SADB_EXT_SUPPORTED_AUTH: 169 case SADB_EXT_SUPPORTED_ENCRYPT: 170 kdebug_sadb_supported(ext); 171 break; 172 case SADB_EXT_SPIRANGE: 173 case SADB_X_EXT_KMPRIVATE: 174 break; 175 case SADB_X_EXT_POLICY: 176 kdebug_sadb_x_policy(ext); 177 break; 178 case SADB_X_EXT_SA2: 179 kdebug_sadb_x_sa2(ext); 180 break; 181 case SADB_EXT_SESSION_ID: 182 kdebug_sadb_session_id(ext); 183 break; 184 case SADB_EXT_SASTAT: 185 kdebug_sadb_sastat(ext); 186 break; 187 case SADB_X_EXT_IPSECIF: 188 break; 189#ifdef SADB_X_EXT_NAT_T_TYPE 190 case SADB_X_EXT_NAT_T_TYPE: 191 kdebug_sadb_x_nat_t_type(ext); 192 break; 193 case SADB_X_EXT_NAT_T_SPORT: 194 case SADB_X_EXT_NAT_T_DPORT: 195 kdebug_sadb_x_nat_t_port(ext); 196 break; 197 case SADB_X_EXT_NAT_T_OA: 198 kdebug_sadb_address(ext); 199 break; 200#endif 201 default: 202 printf("kdebug_sadb: invalid ext_type %u was passed.\n", 203 ext->sadb_ext_type); 204 return; 205 } 206 207 extlen = PFKEY_UNUNIT64(ext->sadb_ext_len); 208 tlen -= extlen; 209 ext = (void *)((caddr_t)(void *)ext + extlen); 210 } 211 212 return; 213} 214 215static void 216kdebug_sadb_prop(ext) 217 struct sadb_ext *ext; 218{ 219 struct sadb_prop *prop = (void *)ext; 220 struct sadb_comb *comb; 221 int len; 222 223 /* sanity check */ 224 if (ext == NULL) 225 panic("kdebug_sadb_prop: NULL pointer was passed.\n"); 226 227 len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop)) 228 / sizeof(*comb); 229 comb = (void *)(prop + 1); 230 printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay); 231 232 while (len--) { 233 printf("sadb_comb{ auth=%u encrypt=%u " 234 "flags=0x%04x reserved=0x%08x\n", 235 comb->sadb_comb_auth, comb->sadb_comb_encrypt, 236 comb->sadb_comb_flags, comb->sadb_comb_reserved); 237 238 printf(" auth_minbits=%u auth_maxbits=%u " 239 "encrypt_minbits=%u encrypt_maxbits=%u\n", 240 comb->sadb_comb_auth_minbits, 241 comb->sadb_comb_auth_maxbits, 242 comb->sadb_comb_encrypt_minbits, 243 comb->sadb_comb_encrypt_maxbits); 244 245 printf(" soft_alloc=%u hard_alloc=%u " 246 "soft_bytes=%lu hard_bytes=%lu\n", 247 comb->sadb_comb_soft_allocations, 248 comb->sadb_comb_hard_allocations, 249 (unsigned long)comb->sadb_comb_soft_bytes, 250 (unsigned long)comb->sadb_comb_hard_bytes); 251 252 printf(" soft_alloc=%lu hard_alloc=%lu " 253 "soft_bytes=%lu hard_bytes=%lu }\n", 254 (unsigned long)comb->sadb_comb_soft_addtime, 255 (unsigned long)comb->sadb_comb_hard_addtime, 256 (unsigned long)comb->sadb_comb_soft_usetime, 257 (unsigned long)comb->sadb_comb_hard_usetime); 258 comb++; 259 } 260 printf("}\n"); 261 262 return; 263} 264 265static void 266kdebug_sadb_identity(ext) 267 struct sadb_ext *ext; 268{ 269 struct sadb_ident *id = (void *)ext; 270 int len; 271 272 /* sanity check */ 273 if (ext == NULL) 274 panic("kdebug_sadb_identity: NULL pointer was passed.\n"); 275 276 len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id); 277 printf("sadb_ident_%s{", 278 id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst"); 279 switch (id->sadb_ident_type) { 280 default: 281 printf(" type=%d id=%lu", 282 id->sadb_ident_type, (u_long)id->sadb_ident_id); 283 if (len) { 284#ifdef _KERNEL 285 ipsec_hexdump((caddr_t)(id + 1), len); /*XXX cast ?*/ 286#else 287 char *p, *ep; 288 printf("\n str=\""); 289 p = (void *)(id + 1); 290 ep = p + len; 291 for (/*nothing*/; *p && p < ep; p++) { 292 if (isprint((int)*p)) 293 printf("%c", *p & 0xff); 294 else 295 printf("\\%03o", *p & 0xff); 296 } 297#endif 298 printf("\""); 299 } 300 break; 301 } 302 303 printf(" }\n"); 304 305 return; 306} 307 308static void 309kdebug_sadb_supported(ext) 310 struct sadb_ext *ext; 311{ 312 struct sadb_supported *sup = (void *)ext; 313 struct sadb_alg *alg; 314 int len; 315 316 /* sanity check */ 317 if (ext == NULL) 318 panic("kdebug_sadb_supported: NULL pointer was passed.\n"); 319 320 len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup)) 321 / sizeof(*alg); 322 alg = (void *)(sup + 1); 323 printf("sadb_sup{\n"); 324 while (len--) { 325 printf(" { id=%d ivlen=%d min=%d max=%d }\n", 326 alg->sadb_alg_id, alg->sadb_alg_ivlen, 327 alg->sadb_alg_minbits, alg->sadb_alg_maxbits); 328 alg++; 329 } 330 printf("}\n"); 331 332 return; 333} 334 335static void 336kdebug_sadb_lifetime(ext) 337 struct sadb_ext *ext; 338{ 339 struct sadb_lifetime *lft = (void *)ext; 340 341 /* sanity check */ 342 if (ext == NULL) 343 printf("kdebug_sadb_lifetime: NULL pointer was passed.\n"); 344 345 printf("sadb_lifetime{ alloc=%u, bytes=%u\n", 346 lft->sadb_lifetime_allocations, 347 (u_int32_t)lft->sadb_lifetime_bytes); 348 printf(" addtime=%u, usetime=%u }\n", 349 (u_int32_t)lft->sadb_lifetime_addtime, 350 (u_int32_t)lft->sadb_lifetime_usetime); 351 352 return; 353} 354 355static void 356kdebug_sadb_sa(ext) 357 struct sadb_ext *ext; 358{ 359 struct sadb_sa *sa = (void *)ext; 360 361 /* sanity check */ 362 if (ext == NULL) 363 panic("kdebug_sadb_sa: NULL pointer was passed.\n"); 364 365 printf("sadb_sa{ spi=%u replay=%u state=%u\n", 366 (u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay, 367 sa->sadb_sa_state); 368 printf(" auth=%u encrypt=%u flags=0x%08x }\n", 369 sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags); 370 371 return; 372} 373 374static void 375kdebug_sadb_address(ext) 376 struct sadb_ext *ext; 377{ 378 struct sadb_address *addr = (void *)ext; 379 380 /* sanity check */ 381 if (ext == NULL) 382 panic("kdebug_sadb_address: NULL pointer was passed.\n"); 383 384 printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n", 385 addr->sadb_address_proto, addr->sadb_address_prefixlen, 386 ((u_char *)(void *)&addr->sadb_address_reserved)[0], 387 ((u_char *)(void *)&addr->sadb_address_reserved)[1]); 388 389 kdebug_sockaddr((void *)((caddr_t)(void *)ext + sizeof(*addr))); 390 391 return; 392} 393 394static void 395kdebug_sadb_key(ext) 396 struct sadb_ext *ext; 397{ 398 struct sadb_key *key = (void *)ext; 399 400 /* sanity check */ 401 if (ext == NULL) 402 panic("kdebug_sadb_key: NULL pointer was passed.\n"); 403 404 printf("sadb_key{ bits=%u reserved=%u\n", 405 key->sadb_key_bits, key->sadb_key_reserved); 406 printf(" key="); 407 408 /* sanity check 2 */ 409 if (((uint32_t)key->sadb_key_bits >> 3) > 410 (PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) { 411 printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n", 412 (uint32_t)key->sadb_key_bits >> 3, 413 (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key)); 414 } 415 416 ipsec_hexdump(key + sizeof(struct sadb_key), 417 (int)((uint32_t)key->sadb_key_bits >> 3)); 418 printf(" }\n"); 419 return; 420} 421 422static void 423kdebug_sadb_x_sa2(ext) 424 struct sadb_ext *ext; 425{ 426 struct sadb_x_sa2 *sa2 = (void *)ext; 427 428 /* sanity check */ 429 if (ext == NULL) 430 panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n"); 431 432 printf("sadb_x_sa2{ mode=%u reqid=%u\n", 433 sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid); 434 printf(" reserved1=%u reserved2=%u sequence=%u }\n", 435 sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2, 436 sa2->sadb_x_sa2_sequence); 437 438 return; 439} 440 441static void 442kdebug_sadb_session_id(ext) 443struct sadb_ext *ext; 444{ 445 struct sadb_session_id *p = ALIGNED_CAST(__typeof__(p))ext; // Wcast-align fix (void*) - sadb structs come from and aligned buffer 446 447 /* sanity check */ 448 if (ext == NULL) { 449 printf("kdebug_sadb_session_id: NULL pointer was passed.\n"); 450 return; 451 } 452 453 printf("sadb_session_id{ id0=%llx, id1=%llx}\n", 454 p->sadb_session_id_v[0], 455 p->sadb_session_id_v[1]); 456} 457 458static void 459kdebug_sadb_sastat(ext) 460struct sadb_ext *ext; 461{ 462 struct sadb_sastat *p = ALIGNED_CAST(__typeof__(p))ext; // Wcast-align fix (void*) - sadb structs come from and aligned buffer 463 struct sastat *stats; 464 int i; 465 466 /* sanity check */ 467 if (ext == NULL) { 468 printf("kdebug_sadb_sastat: NULL pointer was passed.\n"); 469 return; 470 } 471 472 printf("sadb_sastat{ dir=%u num=%u\n", 473 p->sadb_sastat_dir, p->sadb_sastat_list_len); 474 stats = (__typeof__(stats))(p + 1); 475 for (i = 0; i < p->sadb_sastat_list_len; i++) { 476 printf(" spi=%x,\n", 477 stats[i].spi); 478 } 479 printf("}\n"); 480} 481 482void 483kdebug_sadb_x_policy(ext) 484 struct sadb_ext *ext; 485{ 486 struct sadb_x_policy *xpl = (void *)ext; 487 struct sockaddr_storage *addr; 488 489 /* sanity check */ 490 if (ext == NULL) 491 panic("kdebug_sadb_x_policy: NULL pointer was passed.\n"); 492 493#ifdef HAVE_PFKEY_POLICY_PRIORITY 494 printf("sadb_x_policy{ type=%u dir=%u id=%x priority=%u }\n", 495#else 496 printf("sadb_x_policy{ type=%u dir=%u id=%x }\n", 497#endif 498 xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir, 499#ifdef HAVE_PFKEY_POLICY_PRIORITY 500 xpl->sadb_x_policy_id, xpl->sadb_x_policy_priority); 501#else 502 xpl->sadb_x_policy_id); 503#endif 504 505 if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) { 506 int tlen; 507 struct sadb_x_ipsecrequest *xisr; 508 509 tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl); 510 xisr = (void *)(xpl + 1); 511 512 while (tlen > 0) { 513 printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n", 514 xisr->sadb_x_ipsecrequest_len, 515 xisr->sadb_x_ipsecrequest_proto, 516 xisr->sadb_x_ipsecrequest_mode, 517 xisr->sadb_x_ipsecrequest_level, 518 xisr->sadb_x_ipsecrequest_reqid); 519 520 if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { 521 addr = (void *)(xisr + 1); 522 kdebug_sockaddr(addr); 523 addr = (void *)((caddr_t)(void *)addr 524 + sysdep_sa_len((struct sockaddr *)addr)); 525 kdebug_sockaddr(addr); 526 } 527 528 printf(" }\n"); 529 530 /* prevent infinite loop */ 531 if (xisr->sadb_x_ipsecrequest_len == 0) { 532 printf("kdebug_sadb_x_policy: wrong policy struct.\n"); 533 return; 534 } 535 /* prevent overflow */ 536 if (xisr->sadb_x_ipsecrequest_len > tlen) { 537 printf("invalid ipsec policy length\n"); 538 return; 539 } 540 541 tlen -= xisr->sadb_x_ipsecrequest_len; 542 543 xisr = (void *)((caddr_t)(void *)xisr 544 + xisr->sadb_x_ipsecrequest_len); 545 } 546 547 if (tlen != 0) 548 panic("kdebug_sadb_x_policy: wrong policy struct.\n"); 549 } 550 551 return; 552} 553 554#ifdef SADB_X_EXT_NAT_T_TYPE 555static void 556kdebug_sadb_x_nat_t_type(struct sadb_ext *ext) 557{ 558 struct sadb_x_nat_t_type *ntt = (void *)ext; 559 560 /* sanity check */ 561 if (ext == NULL) 562 panic("kdebug_sadb_x_nat_t_type: NULL pointer was passed.\n"); 563 564 printf("sadb_x_nat_t_type{ type=%u }\n", ntt->sadb_x_nat_t_type_type); 565 566 return; 567} 568 569static void 570kdebug_sadb_x_nat_t_port(struct sadb_ext *ext) 571{ 572 struct sadb_x_nat_t_port *ntp = (void *)ext; 573 574 /* sanity check */ 575 if (ext == NULL) 576 panic("kdebug_sadb_x_nat_t_port: NULL pointer was passed.\n"); 577 578 printf("sadb_x_nat_t_port{ port=%u }\n", ntohs(ntp->sadb_x_nat_t_port_port)); 579 580 return; 581} 582#endif 583 584#ifdef _KERNEL 585/* %%%: about SPD and SAD */ 586void 587kdebug_secpolicy(sp) 588 struct secpolicy *sp; 589{ 590 /* sanity check */ 591 if (sp == NULL) 592 panic("kdebug_secpolicy: NULL pointer was passed.\n"); 593 594 printf("secpolicy{ refcnt=%u state=%u policy=%u\n", 595 sp->refcnt, sp->state, sp->policy); 596 597 kdebug_secpolicyindex(&sp->spidx); 598 599 switch (sp->policy) { 600 case IPSEC_POLICY_DISCARD: 601 printf(" type=discard }\n"); 602 break; 603 case IPSEC_POLICY_GENERATE: 604 printf(" type=generate }\n"); 605 break; 606 case IPSEC_POLICY_NONE: 607 printf(" type=none }\n"); 608 break; 609 case IPSEC_POLICY_IPSEC: 610 { 611 struct ipsecrequest *isr; 612 for (isr = sp->req; isr != NULL; isr = isr->next) { 613 614 printf(" level=%u\n", isr->level); 615 kdebug_secasindex(&isr->saidx); 616 617 if (isr->sav != NULL) 618 kdebug_secasv(isr->sav); 619 } 620 printf(" }\n"); 621 } 622 break; 623 case IPSEC_POLICY_BYPASS: 624 printf(" type=bypass }\n"); 625 break; 626 case IPSEC_POLICY_ENTRUST: 627 printf(" type=entrust }\n"); 628 break; 629 default: 630 printf("kdebug_secpolicy: Invalid policy found. %d\n", 631 sp->policy); 632 break; 633 } 634 635 return; 636} 637 638void 639kdebug_secpolicyindex(spidx) 640 struct secpolicyindex *spidx; 641{ 642 /* sanity check */ 643 if (spidx == NULL) 644 panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); 645 646 printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n", 647 spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto); 648 649 ipsec_hexdump((caddr_t)&spidx->src, 650 sysdep_sa_len((struct sockaddr *)&spidx->src)); 651 printf("\n"); 652 ipsec_hexdump((caddr_t)&spidx->dst, 653 sysdep_sa_len((struct sockaddr *)&spidx->dst)); 654 printf("}\n"); 655 656 return; 657} 658 659void 660kdebug_secasindex(saidx) 661 struct secasindex *saidx; 662{ 663 /* sanity check */ 664 if (saidx == NULL) 665 panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); 666 667 printf("secasindex{ mode=%u proto=%u\n", 668 saidx->mode, saidx->proto); 669 670 ipsec_hexdump((caddr_t)&saidx->src, 671 sysdep_sa_len((struct sockaddr *)&saidx->src)); 672 printf("\n"); 673 ipsec_hexdump((caddr_t)&saidx->dst, 674 sysdep_sa_len((struct sockaddr *)&saidx->dst)); 675 printf("\n"); 676 677 return; 678} 679 680void 681kdebug_secasv(sav) 682 struct secasvar *sav; 683{ 684 /* sanity check */ 685 if (sav == NULL) 686 panic("kdebug_secasv: NULL pointer was passed.\n"); 687 688 printf("secas{"); 689 kdebug_secasindex(&sav->sah->saidx); 690 691 printf(" refcnt=%u state=%u auth=%u enc=%u\n", 692 sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc); 693 printf(" spi=%u flags=%u\n", 694 (u_int32_t)ntohl(sav->spi), sav->flags); 695 696 if (sav->key_auth != NULL) 697 kdebug_sadb_key((struct sadb_ext *)sav->key_auth); 698 if (sav->key_enc != NULL) 699 kdebug_sadb_key((struct sadb_ext *)sav->key_enc); 700 if (sav->iv != NULL) { 701 printf(" iv="); 702 ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8); 703 printf("\n"); 704 } 705 706 if (sav->replay != NULL) 707 kdebug_secreplay(sav->replay); 708 if (sav->lft_c != NULL) 709 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c); 710 if (sav->lft_h != NULL) 711 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h); 712 if (sav->lft_s != NULL) 713 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s); 714 715#if notyet 716 /* XXX: misc[123] ? */ 717#endif 718 719 return; 720} 721 722static void 723kdebug_secreplay(rpl) 724 struct secreplay *rpl; 725{ 726 int len, l; 727 728 /* sanity check */ 729 if (rpl == NULL) 730 panic("kdebug_secreplay: NULL pointer was passed.\n"); 731 732 printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u", 733 rpl->count, rpl->wsize, rpl->seq, rpl->lastseq); 734 735 if (rpl->bitmap == NULL) { 736 printf(" }\n"); 737 return; 738 } 739 740 printf("\n bitmap { "); 741 742 for (len = 0; len < rpl->wsize; len++) { 743 for (l = 7; l >= 0; l--) 744 printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0); 745 } 746 printf(" }\n"); 747 748 return; 749} 750 751void 752kdebug_mbufhdr(m) 753 struct mbuf *m; 754{ 755 /* sanity check */ 756 if (m == NULL) 757 return; 758 759 printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p " 760 "m_len:%d m_type:0x%02x m_flags:0x%02x }\n", 761 m, m->m_next, m->m_nextpkt, m->m_data, 762 m->m_len, m->m_type, m->m_flags); 763 764 if (m->m_flags & M_PKTHDR) { 765 printf(" m_pkthdr{ len:%d rcvif:%p }\n", 766 m->m_pkthdr.len, m->m_pkthdr.rcvif); 767 } 768 769#ifdef __FreeBSD__ 770 if (m->m_flags & M_EXT) { 771 printf(" m_ext{ ext_buf:%p ext_free:%p " 772 "ext_size:%u ext_ref:%p }\n", 773 m->m_ext.ext_buf, m->m_ext.ext_free, 774 m->m_ext.ext_size, m->m_ext.ext_ref); 775 } 776#endif 777 778 return; 779} 780 781void 782kdebug_mbuf(m0) 783 struct mbuf *m0; 784{ 785 struct mbuf *m = m0; 786 int i, j; 787 788 for (j = 0; m; m = m->m_next) { 789 kdebug_mbufhdr(m); 790 printf(" m_data:\n"); 791 for (i = 0; i < m->m_len; i++) { 792 if (i && i % 32 == 0) 793 printf("\n"); 794 if (i % 4 == 0) 795 printf(" "); 796 printf("%02x", mtod(m, u_char *)[i]); 797 j++; 798 } 799 printf("\n"); 800 } 801 802 return; 803} 804#endif /* _KERNEL */ 805 806static void 807kdebug_sockaddr(addr) 808 struct sockaddr_storage *addr; 809{ 810 struct sockaddr_in *sin4; 811#ifdef INET6 812 struct sockaddr_in6 *sin6; 813#endif 814 815 /* sanity check */ 816 if (addr == NULL) 817 panic("kdebug_sockaddr: NULL pointer was passed.\n"); 818 819 /* NOTE: We deal with port number as host byte order. */ 820 printf("sockaddr_storage{ len=%u family=%u", sysdep_sa_len((struct sockaddr *)addr), addr->ss_family); 821 822 switch (addr->ss_family) { 823 case AF_INET: 824 sin4 = (void *)addr; 825 printf(" port=%u\n", ntohs(sin4->sin_port)); 826 ipsec_hexdump(&sin4->sin_addr, sizeof(sin4->sin_addr)); 827 break; 828#ifdef INET6 829 case AF_INET6: 830 sin6 = (void *)addr; 831 printf(" port=%u\n", ntohs(sin6->sin6_port)); 832 printf(" flowinfo=0x%08x, scope_id=0x%08x\n", 833 sin6->sin6_flowinfo, sin6->sin6_scope_id); 834 ipsec_hexdump(&sin6->sin6_addr, sizeof(sin6->sin6_addr)); 835 break; 836#endif 837 } 838 839 printf(" }\n"); 840 841 return; 842} 843 844void 845ipsec_bindump(buf, len) 846 caddr_t buf; 847 int len; 848{ 849 int i; 850 851 for (i = 0; i < len; i++) 852 printf("%c", (unsigned char)buf[i]); 853 854 return; 855} 856 857 858void 859ipsec_hexdump(buf, len) 860 const void *buf; 861 int len; 862{ 863 int i; 864 865 for (i = 0; i < len; i++) { 866 if (i != 0 && i % 32 == 0) printf("\n"); 867 if (i % 4 == 0) printf(" "); 868 printf("%02x", ((const unsigned char *)buf)[i]); 869 } 870#if 0 871 if (i % 32 != 0) printf("\n"); 872#endif 873 874 return; 875} 876