1/* $NetBSD: key_debug.c,v 1.10 2012/01/09 15:25:13 drochner Exp $ */ 2 3/* $KAME: key_debug.c,v 1.29 2001/08/16 14:25:41 itojun Exp $ */ 4 5/* 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#ifdef HAVE_CONFIG_H 35#include "config.h" 36#endif 37 38#ifdef _KERNEL 39#if defined(__FreeBSD__) && __FreeBSD__ >= 3 40#include "opt_inet.h" 41#include "opt_inet6.h" 42#include "opt_ipsec.h" 43#endif 44#ifdef __NetBSD__ 45#include "opt_inet.h" 46#endif 47#endif 48 49#if HAVE_STDINT_H 50#include <stdint.h> 51#endif 52 53#include <sys/types.h> 54#include <sys/param.h> 55#ifdef _KERNEL 56#include <sys/systm.h> 57#include <sys/mbuf.h> 58#include <sys/queue.h> 59#endif 60#include <sys/socket.h> 61 62#include <netinet/in.h> 63#include PATH_IPSEC_H 64 65#ifndef _KERNEL 66#include <ctype.h> 67#include <stdio.h> 68#include <stdlib.h> 69#endif /* !_KERNEL */ 70 71#include "config.h" 72#include "libpfkey.h" 73 74static void kdebug_sadb_prop __P((struct sadb_ext *)); 75static void kdebug_sadb_identity __P((struct sadb_ext *)); 76static void kdebug_sadb_supported __P((struct sadb_ext *)); 77static void kdebug_sadb_lifetime __P((struct sadb_ext *)); 78static void kdebug_sadb_sa __P((struct sadb_ext *)); 79static void kdebug_sadb_address __P((struct sadb_ext *)); 80static void kdebug_sadb_key __P((struct sadb_ext *)); 81static void kdebug_sadb_x_sa2 __P((struct sadb_ext *)); 82static void kdebug_sadb_x_policy __P((struct sadb_ext *ext)); 83static void kdebug_sockaddr __P((struct sockaddr *addr)); 84 85#ifdef SADB_X_EXT_NAT_T_TYPE 86static void kdebug_sadb_x_nat_t_type __P((struct sadb_ext *ext)); 87static void kdebug_sadb_x_nat_t_port __P((struct sadb_ext *ext)); 88#ifdef SADB_X_EXT_NAT_T_FRAG 89static void kdebug_sadb_x_nat_t_frag __P((struct sadb_ext *ext)); 90#endif 91#endif 92 93#ifdef SADB_X_EXT_PACKET 94static void kdebug_sadb_x_packet __P((struct sadb_ext *)); 95#endif 96 97#ifdef SADB_X_EXT_KMADDRESS 98static void kdebug_sadb_x_kmaddress __P((struct sadb_ext *)); 99#endif 100 101#ifdef _KERNEL 102static void kdebug_secreplay __P((struct secreplay *)); 103#endif 104 105#ifndef _KERNEL 106#define panic(param) { printf(param); exit(1); } 107#endif 108 109#include "libpfkey.h" 110/* NOTE: host byte order */ 111 112/* %%%: about struct sadb_msg */ 113void 114kdebug_sadb(base) 115 struct sadb_msg *base; 116{ 117 struct sadb_ext *ext; 118 int tlen, extlen; 119 120 /* sanity check */ 121 if (base == NULL) 122 panic("kdebug_sadb: NULL pointer was passed.\n"); 123 124 printf("sadb_msg{ version=%u type=%u errno=%u satype=%u\n", 125 base->sadb_msg_version, base->sadb_msg_type, 126 base->sadb_msg_errno, base->sadb_msg_satype); 127 printf(" len=%u reserved=%u seq=%u pid=%u\n", 128 base->sadb_msg_len, base->sadb_msg_reserved, 129 base->sadb_msg_seq, base->sadb_msg_pid); 130 131 tlen = PFKEY_UNUNIT64(base->sadb_msg_len) - sizeof(struct sadb_msg); 132 ext = (void *)((caddr_t)(void *)base + sizeof(struct sadb_msg)); 133 134 while (tlen > 0) { 135 printf("sadb_ext{ len=%u type=%u }\n", 136 ext->sadb_ext_len, ext->sadb_ext_type); 137 138 if (ext->sadb_ext_len == 0) { 139 printf("kdebug_sadb: invalid ext_len=0 was passed.\n"); 140 return; 141 } 142 if (ext->sadb_ext_len > tlen) { 143 printf("kdebug_sadb: ext_len exceeds end of buffer.\n"); 144 return; 145 } 146 147 switch (ext->sadb_ext_type) { 148 case SADB_EXT_SA: 149 kdebug_sadb_sa(ext); 150 break; 151 case SADB_EXT_LIFETIME_CURRENT: 152 case SADB_EXT_LIFETIME_HARD: 153 case SADB_EXT_LIFETIME_SOFT: 154 kdebug_sadb_lifetime(ext); 155 break; 156 case SADB_EXT_ADDRESS_SRC: 157 case SADB_EXT_ADDRESS_DST: 158 case SADB_EXT_ADDRESS_PROXY: 159 kdebug_sadb_address(ext); 160 break; 161 case SADB_EXT_KEY_AUTH: 162 case SADB_EXT_KEY_ENCRYPT: 163 kdebug_sadb_key(ext); 164 break; 165 case SADB_EXT_IDENTITY_SRC: 166 case SADB_EXT_IDENTITY_DST: 167 kdebug_sadb_identity(ext); 168 break; 169 case SADB_EXT_SENSITIVITY: 170 break; 171 case SADB_EXT_PROPOSAL: 172 kdebug_sadb_prop(ext); 173 break; 174 case SADB_EXT_SUPPORTED_AUTH: 175 case SADB_EXT_SUPPORTED_ENCRYPT: 176 kdebug_sadb_supported(ext); 177 break; 178 case SADB_EXT_SPIRANGE: 179 case SADB_X_EXT_KMPRIVATE: 180 break; 181 case SADB_X_EXT_POLICY: 182 kdebug_sadb_x_policy(ext); 183 break; 184 case SADB_X_EXT_SA2: 185 kdebug_sadb_x_sa2(ext); 186 break; 187#ifdef SADB_X_EXT_NAT_T_TYPE 188 case SADB_X_EXT_NAT_T_TYPE: 189 kdebug_sadb_x_nat_t_type(ext); 190 break; 191 case SADB_X_EXT_NAT_T_SPORT: 192 case SADB_X_EXT_NAT_T_DPORT: 193 kdebug_sadb_x_nat_t_port(ext); 194 break; 195 case SADB_X_EXT_NAT_T_OA: 196 kdebug_sadb_address(ext); 197 break; 198#ifdef SADB_X_EXT_NAT_T_FRAG 199 case SADB_X_EXT_NAT_T_FRAG: 200 kdebug_sadb_x_nat_t_frag(ext); 201 break; 202#endif 203#endif 204#ifdef SADB_X_EXT_PACKET 205 case SADB_X_EXT_PACKET: 206 kdebug_sadb_x_packet(ext); 207 break; 208#endif 209#ifdef SADB_X_EXT_KMADDRESS 210 case SADB_X_EXT_KMADDRESS: 211 kdebug_sadb_x_kmaddress(ext); 212 break; 213#endif 214 default: 215 printf("kdebug_sadb: invalid ext_type %u was passed.\n", 216 ext->sadb_ext_type); 217 return; 218 } 219 220 extlen = PFKEY_UNUNIT64(ext->sadb_ext_len); 221 tlen -= extlen; 222 ext = (void *)((caddr_t)(void *)ext + extlen); 223 } 224 225 return; 226} 227 228static void 229kdebug_sadb_prop(ext) 230 struct sadb_ext *ext; 231{ 232 struct sadb_prop *prop = (void *)ext; 233 struct sadb_comb *comb; 234 int len; 235 236 /* sanity check */ 237 if (ext == NULL) 238 panic("kdebug_sadb_prop: NULL pointer was passed.\n"); 239 240 len = (PFKEY_UNUNIT64(prop->sadb_prop_len) - sizeof(*prop)) 241 / sizeof(*comb); 242 comb = (void *)(prop + 1); 243 printf("sadb_prop{ replay=%u\n", prop->sadb_prop_replay); 244 245 while (len--) { 246 printf("sadb_comb{ auth=%u encrypt=%u " 247 "flags=0x%04x reserved=0x%08x\n", 248 comb->sadb_comb_auth, comb->sadb_comb_encrypt, 249 comb->sadb_comb_flags, comb->sadb_comb_reserved); 250 251 printf(" auth_minbits=%u auth_maxbits=%u " 252 "encrypt_minbits=%u encrypt_maxbits=%u\n", 253 comb->sadb_comb_auth_minbits, 254 comb->sadb_comb_auth_maxbits, 255 comb->sadb_comb_encrypt_minbits, 256 comb->sadb_comb_encrypt_maxbits); 257 258 printf(" soft_alloc=%u hard_alloc=%u " 259 "soft_bytes=%lu hard_bytes=%lu\n", 260 comb->sadb_comb_soft_allocations, 261 comb->sadb_comb_hard_allocations, 262 (unsigned long)comb->sadb_comb_soft_bytes, 263 (unsigned long)comb->sadb_comb_hard_bytes); 264 265 printf(" soft_alloc=%lu hard_alloc=%lu " 266 "soft_bytes=%lu hard_bytes=%lu }\n", 267 (unsigned long)comb->sadb_comb_soft_addtime, 268 (unsigned long)comb->sadb_comb_hard_addtime, 269 (unsigned long)comb->sadb_comb_soft_usetime, 270 (unsigned long)comb->sadb_comb_hard_usetime); 271 comb++; 272 } 273 printf("}\n"); 274 275 return; 276} 277 278static void 279kdebug_sadb_identity(ext) 280 struct sadb_ext *ext; 281{ 282 struct sadb_ident *id = (void *)ext; 283 int len; 284 285 /* sanity check */ 286 if (ext == NULL) 287 panic("kdebug_sadb_identity: NULL pointer was passed.\n"); 288 289 len = PFKEY_UNUNIT64(id->sadb_ident_len) - sizeof(*id); 290 printf("sadb_ident_%s{", 291 id->sadb_ident_exttype == SADB_EXT_IDENTITY_SRC ? "src" : "dst"); 292 switch (id->sadb_ident_type) { 293 default: 294 printf(" type=%d id=%lu", 295 id->sadb_ident_type, (u_long)id->sadb_ident_id); 296 if (len) { 297#ifdef _KERNEL 298 ipsec_hexdump((caddr_t)(id + 1), len); /*XXX cast ?*/ 299#else 300 char *p, *ep; 301 printf("\n str=\""); 302 p = (void *)(id + 1); 303 ep = p + len; 304 for (/*nothing*/; *p && p < ep; p++) { 305 if (isprint((int)*p)) 306 printf("%c", *p & 0xff); 307 else 308 printf("\\%03o", *p & 0xff); 309 } 310#endif 311 printf("\""); 312 } 313 break; 314 } 315 316 printf(" }\n"); 317 318 return; 319} 320 321static void 322kdebug_sadb_supported(ext) 323 struct sadb_ext *ext; 324{ 325 struct sadb_supported *sup = (void *)ext; 326 struct sadb_alg *alg; 327 int len; 328 329 /* sanity check */ 330 if (ext == NULL) 331 panic("kdebug_sadb_supported: NULL pointer was passed.\n"); 332 333 len = (PFKEY_UNUNIT64(sup->sadb_supported_len) - sizeof(*sup)) 334 / sizeof(*alg); 335 alg = (void *)(sup + 1); 336 printf("sadb_sup{\n"); 337 while (len--) { 338 printf(" { id=%d ivlen=%d min=%d max=%d }\n", 339 alg->sadb_alg_id, alg->sadb_alg_ivlen, 340 alg->sadb_alg_minbits, alg->sadb_alg_maxbits); 341 alg++; 342 } 343 printf("}\n"); 344 345 return; 346} 347 348static void 349kdebug_sadb_lifetime(ext) 350 struct sadb_ext *ext; 351{ 352 struct sadb_lifetime *lft = (void *)ext; 353 354 /* sanity check */ 355 if (ext == NULL) 356 printf("kdebug_sadb_lifetime: NULL pointer was passed.\n"); 357 358 printf("sadb_lifetime{ alloc=%u, bytes=%u\n", 359 lft->sadb_lifetime_allocations, 360 (u_int32_t)lft->sadb_lifetime_bytes); 361 printf(" addtime=%u, usetime=%u }\n", 362 (u_int32_t)lft->sadb_lifetime_addtime, 363 (u_int32_t)lft->sadb_lifetime_usetime); 364 365 return; 366} 367 368static void 369kdebug_sadb_sa(ext) 370 struct sadb_ext *ext; 371{ 372 struct sadb_sa *sa = (void *)ext; 373 374 /* sanity check */ 375 if (ext == NULL) 376 panic("kdebug_sadb_sa: NULL pointer was passed.\n"); 377 378 printf("sadb_sa{ spi=%u replay=%u state=%u\n", 379 (u_int32_t)ntohl(sa->sadb_sa_spi), sa->sadb_sa_replay, 380 sa->sadb_sa_state); 381 printf(" auth=%u encrypt=%u flags=0x%08x }\n", 382 sa->sadb_sa_auth, sa->sadb_sa_encrypt, sa->sadb_sa_flags); 383 384 return; 385} 386 387static void 388kdebug_sadb_address(ext) 389 struct sadb_ext *ext; 390{ 391 struct sadb_address *addr = (void *)ext; 392 393 /* sanity check */ 394 if (ext == NULL) 395 panic("kdebug_sadb_address: NULL pointer was passed.\n"); 396 397 printf("sadb_address{ proto=%u prefixlen=%u reserved=0x%02x%02x }\n", 398 addr->sadb_address_proto, addr->sadb_address_prefixlen, 399 ((u_char *)(void *)&addr->sadb_address_reserved)[0], 400 ((u_char *)(void *)&addr->sadb_address_reserved)[1]); 401 402 kdebug_sockaddr((void *)((caddr_t)(void *)ext + sizeof(*addr))); 403 404 return; 405} 406 407static void 408kdebug_sadb_key(ext) 409 struct sadb_ext *ext; 410{ 411 struct sadb_key *key = (void *)ext; 412 413 /* sanity check */ 414 if (ext == NULL) 415 panic("kdebug_sadb_key: NULL pointer was passed.\n"); 416 417 printf("sadb_key{ bits=%u reserved=%u\n", 418 key->sadb_key_bits, key->sadb_key_reserved); 419 printf(" key="); 420 421 /* sanity check 2 */ 422 if (((uint32_t)key->sadb_key_bits >> 3) > 423 (PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key))) { 424 printf("kdebug_sadb_key: key length mismatch, bit:%d len:%ld.\n", 425 (uint32_t)key->sadb_key_bits >> 3, 426 (long)PFKEY_UNUNIT64(key->sadb_key_len) - sizeof(struct sadb_key)); 427 } 428 429 ipsec_hexdump(key + sizeof(struct sadb_key), 430 (int)((uint32_t)key->sadb_key_bits >> 3)); 431 printf(" }\n"); 432 return; 433} 434 435static void 436kdebug_sadb_x_sa2(ext) 437 struct sadb_ext *ext; 438{ 439 struct sadb_x_sa2 *sa2 = (void *)ext; 440 441 /* sanity check */ 442 if (ext == NULL) 443 panic("kdebug_sadb_x_sa2: NULL pointer was passed.\n"); 444 445 printf("sadb_x_sa2{ mode=%u reqid=%u\n", 446 sa2->sadb_x_sa2_mode, sa2->sadb_x_sa2_reqid); 447 printf(" reserved1=%u reserved2=%u sequence=%u }\n", 448 sa2->sadb_x_sa2_reserved1, sa2->sadb_x_sa2_reserved2, 449 sa2->sadb_x_sa2_sequence); 450 451 return; 452} 453 454void 455kdebug_sadb_x_policy(ext) 456 struct sadb_ext *ext; 457{ 458 struct sadb_x_policy *xpl = (void *)ext; 459 struct sockaddr *addr; 460 461 /* sanity check */ 462 if (ext == NULL) 463 panic("kdebug_sadb_x_policy: NULL pointer was passed.\n"); 464 465#ifdef HAVE_PFKEY_POLICY_PRIORITY 466 printf("sadb_x_policy{ type=%u dir=%u id=%x priority=%u }\n", 467#else 468 printf("sadb_x_policy{ type=%u dir=%u id=%x }\n", 469#endif 470 xpl->sadb_x_policy_type, xpl->sadb_x_policy_dir, 471#ifdef HAVE_PFKEY_POLICY_PRIORITY 472 xpl->sadb_x_policy_id, xpl->sadb_x_policy_priority); 473#else 474 xpl->sadb_x_policy_id); 475#endif 476 477 if (xpl->sadb_x_policy_type == IPSEC_POLICY_IPSEC) { 478 int tlen; 479 struct sadb_x_ipsecrequest *xisr; 480 481 tlen = PFKEY_UNUNIT64(xpl->sadb_x_policy_len) - sizeof(*xpl); 482 xisr = (void *)(xpl + 1); 483 484 while (tlen > 0) { 485 printf(" { len=%u proto=%u mode=%u level=%u reqid=%u\n", 486 xisr->sadb_x_ipsecrequest_len, 487 xisr->sadb_x_ipsecrequest_proto, 488 xisr->sadb_x_ipsecrequest_mode, 489 xisr->sadb_x_ipsecrequest_level, 490 xisr->sadb_x_ipsecrequest_reqid); 491 492 if (xisr->sadb_x_ipsecrequest_len > sizeof(*xisr)) { 493 addr = (void *)(xisr + 1); 494 kdebug_sockaddr(addr); 495 addr = (void *)((caddr_t)(void *)addr 496 + sysdep_sa_len(addr)); 497 kdebug_sockaddr(addr); 498 } 499 500 printf(" }\n"); 501 502 /* prevent infinite loop */ 503 if (xisr->sadb_x_ipsecrequest_len == 0) { 504 printf("kdebug_sadb_x_policy: wrong policy struct.\n"); 505 return; 506 } 507 /* prevent overflow */ 508 if (xisr->sadb_x_ipsecrequest_len > tlen) { 509 printf("invalid ipsec policy length\n"); 510 return; 511 } 512 513 tlen -= xisr->sadb_x_ipsecrequest_len; 514 515 xisr = (void *)((caddr_t)(void *)xisr 516 + xisr->sadb_x_ipsecrequest_len); 517 } 518 519 if (tlen != 0) 520 panic("kdebug_sadb_x_policy: wrong policy struct.\n"); 521 } 522 523 return; 524} 525 526#ifdef SADB_X_EXT_NAT_T_TYPE 527static void 528kdebug_sadb_x_nat_t_type(struct sadb_ext *ext) 529{ 530 struct sadb_x_nat_t_type *ntt = (void *)ext; 531 532 /* sanity check */ 533 if (ext == NULL) 534 panic("kdebug_sadb_x_nat_t_type: NULL pointer was passed.\n"); 535 536 printf("sadb_x_nat_t_type{ type=%u }\n", ntt->sadb_x_nat_t_type_type); 537 538 return; 539} 540 541static void 542kdebug_sadb_x_nat_t_port(struct sadb_ext *ext) 543{ 544 struct sadb_x_nat_t_port *ntp = (void *)ext; 545 546 /* sanity check */ 547 if (ext == NULL) 548 panic("kdebug_sadb_x_nat_t_port: NULL pointer was passed.\n"); 549 550 printf("sadb_x_nat_t_port{ port=%u }\n", ntohs(ntp->sadb_x_nat_t_port_port)); 551 552 return; 553} 554#ifdef SADB_X_EXT_NAT_T_FRAG 555static void kdebug_sadb_x_nat_t_frag (struct sadb_ext *ext) 556{ 557 struct sadb_x_nat_t_frag *esp_frag = (void *)ext; 558 559 /* sanity check */ 560 if (ext == NULL) 561 panic("kdebug_sadb_x_nat_t_frag: NULL pointer was passed.\n"); 562 563 printf("sadb_x_nat_t_frag{ esp_frag=%u }\n", esp_frag->sadb_x_nat_t_frag_fraglen); 564 565 return; 566} 567#endif 568#endif 569 570#ifdef SADB_X_EXT_PACKET 571static void 572kdebug_sadb_x_packet(ext) 573 struct sadb_ext *ext; 574{ 575 struct sadb_x_packet *pkt = (struct sadb_x_packet *)ext; 576 577 /* sanity check */ 578 if (ext == NULL) 579 panic("kdebug_sadb_x_packet: NULL pointer was passed.\n"); 580 581 printf("sadb_x_packet{ copylen=%u\n", pkt->sadb_x_packet_copylen); 582 printf(" packet="); 583 ipsec_hexdump((caddr_t)pkt + sizeof(struct sadb_x_packet), 584 pkt->sadb_x_packet_copylen); 585 printf(" }\n"); 586 return; 587} 588#endif 589 590#ifdef SADB_X_EXT_KMADDRESS 591static void 592kdebug_sadb_x_kmaddress(ext) 593 struct sadb_ext *ext; 594{ 595 struct sadb_x_kmaddress *kma = (struct sadb_x_kmaddress *)ext; 596 struct sockaddr * sa; 597 sa_family_t family; 598 int len, sa_len; 599 600 /* sanity check */ 601 if (ext == NULL) 602 panic("kdebug_sadb_x_kmaddress: NULL pointer was passed.\n"); 603 604 len = (PFKEY_UNUNIT64(kma->sadb_x_kmaddress_len) - sizeof(*kma)); 605 606 printf("sadb_x_kmaddress{ reserved=0x%02x%02x%02x%02x }\n", 607 ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[0], 608 ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[1], 609 ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[2], 610 ((u_char *)(void *)&kma->sadb_x_kmaddress_reserved)[3]); 611 612 sa = (struct sockaddr *)(kma + 1); 613 if (len < sizeof(struct sockaddr) || (sa_len = sysdep_sa_len(sa)) > len) 614 panic("kdebug_sadb_x_kmaddress: not enough data to read" 615 " first sockaddr.\n"); 616 kdebug_sockaddr((void *)sa); /* local address */ 617 family = sa->sa_family; 618 619 len -= sa_len; 620 sa = (struct sockaddr *)((char *)sa + sa_len); 621 if (len < sizeof(struct sockaddr) || sysdep_sa_len(sa) > len) 622 panic("kdebug_sadb_x_kmaddress: not enough data to read" 623 " second sockaddr.\n"); 624 kdebug_sockaddr((void *)sa); /* remote address */ 625 626 if (family != sa->sa_family) 627 printf("kdebug_sadb_x_kmaddress: !!!! Please, note the " 628 "unexpected mismatch in address family.\n"); 629} 630#endif 631 632 633#ifdef _KERNEL 634/* %%%: about SPD and SAD */ 635void 636kdebug_secpolicy(sp) 637 struct secpolicy *sp; 638{ 639 /* sanity check */ 640 if (sp == NULL) 641 panic("kdebug_secpolicy: NULL pointer was passed.\n"); 642 643 printf("secpolicy{ refcnt=%u state=%u policy=%u\n", 644 sp->refcnt, sp->state, sp->policy); 645 646 kdebug_secpolicyindex(&sp->spidx); 647 648 switch (sp->policy) { 649 case IPSEC_POLICY_DISCARD: 650 printf(" type=discard }\n"); 651 break; 652 case IPSEC_POLICY_NONE: 653 printf(" type=none }\n"); 654 break; 655 case IPSEC_POLICY_IPSEC: 656 { 657 struct ipsecrequest *isr; 658 for (isr = sp->req; isr != NULL; isr = isr->next) { 659 660 printf(" level=%u\n", isr->level); 661 kdebug_secasindex(&isr->saidx); 662 663 if (isr->sav != NULL) 664 kdebug_secasv(isr->sav); 665 } 666 printf(" }\n"); 667 } 668 break; 669 case IPSEC_POLICY_BYPASS: 670 printf(" type=bypass }\n"); 671 break; 672 case IPSEC_POLICY_ENTRUST: 673 printf(" type=entrust }\n"); 674 break; 675 default: 676 printf("kdebug_secpolicy: Invalid policy found. %d\n", 677 sp->policy); 678 break; 679 } 680 681 return; 682} 683 684void 685kdebug_secpolicyindex(spidx) 686 struct secpolicyindex *spidx; 687{ 688 /* sanity check */ 689 if (spidx == NULL) 690 panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); 691 692 printf("secpolicyindex{ dir=%u prefs=%u prefd=%u ul_proto=%u\n", 693 spidx->dir, spidx->prefs, spidx->prefd, spidx->ul_proto); 694 695 ipsec_hexdump((caddr_t)&spidx->src, 696 sysdep_sa_len((struct sockaddr *)&spidx->src)); 697 printf("\n"); 698 ipsec_hexdump((caddr_t)&spidx->dst, 699 sysdep_sa_len((struct sockaddr *)&spidx->dst)); 700 printf("}\n"); 701 702 return; 703} 704 705void 706kdebug_secasindex(saidx) 707 struct secasindex *saidx; 708{ 709 /* sanity check */ 710 if (saidx == NULL) 711 panic("kdebug_secpolicyindex: NULL pointer was passed.\n"); 712 713 printf("secasindex{ mode=%u proto=%u\n", 714 saidx->mode, saidx->proto); 715 716 ipsec_hexdump((caddr_t)&saidx->src, 717 sysdep_sa_len((struct sockaddr *)&saidx->src)); 718 printf("\n"); 719 ipsec_hexdump((caddr_t)&saidx->dst, 720 sysdep_sa_len((struct sockaddr *)&saidx->dst)); 721 printf("\n"); 722 723 return; 724} 725 726void 727kdebug_secasv(sav) 728 struct secasvar *sav; 729{ 730 /* sanity check */ 731 if (sav == NULL) 732 panic("kdebug_secasv: NULL pointer was passed.\n"); 733 734 printf("secas{"); 735 kdebug_secasindex(&sav->sah->saidx); 736 737 printf(" refcnt=%u state=%u auth=%u enc=%u\n", 738 sav->refcnt, sav->state, sav->alg_auth, sav->alg_enc); 739 printf(" spi=%u flags=%u\n", 740 (u_int32_t)ntohl(sav->spi), sav->flags); 741 742 if (sav->key_auth != NULL) 743 kdebug_sadb_key((struct sadb_ext *)sav->key_auth); 744 if (sav->key_enc != NULL) 745 kdebug_sadb_key((struct sadb_ext *)sav->key_enc); 746 if (sav->iv != NULL) { 747 printf(" iv="); 748 ipsec_hexdump(sav->iv, sav->ivlen ? sav->ivlen : 8); 749 printf("\n"); 750 } 751 752 if (sav->replay != NULL) 753 kdebug_secreplay(sav->replay); 754 if (sav->lft_c != NULL) 755 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_c); 756 if (sav->lft_h != NULL) 757 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_h); 758 if (sav->lft_s != NULL) 759 kdebug_sadb_lifetime((struct sadb_ext *)sav->lft_s); 760 761#if notyet 762 /* XXX: misc[123] ? */ 763#endif 764 765 return; 766} 767 768static void 769kdebug_secreplay(rpl) 770 struct secreplay *rpl; 771{ 772 int len, l; 773 774 /* sanity check */ 775 if (rpl == NULL) 776 panic("kdebug_secreplay: NULL pointer was passed.\n"); 777 778 printf(" secreplay{ count=%u wsize=%u seq=%u lastseq=%u", 779 rpl->count, rpl->wsize, rpl->seq, rpl->lastseq); 780 781 if (rpl->bitmap == NULL) { 782 printf(" }\n"); 783 return; 784 } 785 786 printf("\n bitmap { "); 787 788 for (len = 0; len < rpl->wsize; len++) { 789 for (l = 7; l >= 0; l--) 790 printf("%u", (((rpl->bitmap)[len] >> l) & 1) ? 1 : 0); 791 } 792 printf(" }\n"); 793 794 return; 795} 796 797void 798kdebug_mbufhdr(m) 799 struct mbuf *m; 800{ 801 /* sanity check */ 802 if (m == NULL) 803 return; 804 805 printf("mbuf(%p){ m_next:%p m_nextpkt:%p m_data:%p " 806 "m_len:%d m_type:0x%02x m_flags:0x%02x }\n", 807 m, m->m_next, m->m_nextpkt, m->m_data, 808 m->m_len, m->m_type, m->m_flags); 809 810 if (m->m_flags & M_PKTHDR) { 811 printf(" m_pkthdr{ len:%d rcvif:%p }\n", 812 m->m_pkthdr.len, m->m_pkthdr.rcvif); 813 } 814 815#ifdef __FreeBSD__ 816 if (m->m_flags & M_EXT) { 817 printf(" m_ext{ ext_buf:%p ext_free:%p " 818 "ext_size:%u ext_ref:%p }\n", 819 m->m_ext.ext_buf, m->m_ext.ext_free, 820 m->m_ext.ext_size, m->m_ext.ext_ref); 821 } 822#endif 823 824 return; 825} 826 827void 828kdebug_mbuf(m0) 829 struct mbuf *m0; 830{ 831 struct mbuf *m = m0; 832 int i, j; 833 834 for (j = 0; m; m = m->m_next) { 835 kdebug_mbufhdr(m); 836 printf(" m_data:\n"); 837 for (i = 0; i < m->m_len; i++) { 838 if (i && i % 32 == 0) 839 printf("\n"); 840 if (i % 4 == 0) 841 printf(" "); 842 printf("%02x", mtod(m, u_char *)[i]); 843 j++; 844 } 845 printf("\n"); 846 } 847 848 return; 849} 850#endif /* _KERNEL */ 851 852static void 853kdebug_sockaddr(addr) 854 struct sockaddr *addr; 855{ 856 struct sockaddr_in *sin4; 857#ifdef INET6 858 struct sockaddr_in6 *sin6; 859#endif 860 861 /* sanity check */ 862 if (addr == NULL) 863 panic("kdebug_sockaddr: NULL pointer was passed.\n"); 864 865 /* NOTE: We deal with port number as host byte order. */ 866 printf("sockaddr{ len=%u family=%u", sysdep_sa_len(addr), addr->sa_family); 867 868 switch (addr->sa_family) { 869 case AF_INET: 870 sin4 = (void *)addr; 871 printf(" port=%u\n", ntohs(sin4->sin_port)); 872 ipsec_hexdump(&sin4->sin_addr, sizeof(sin4->sin_addr)); 873 break; 874#ifdef INET6 875 case AF_INET6: 876 sin6 = (void *)addr; 877 printf(" port=%u\n", ntohs(sin6->sin6_port)); 878 printf(" flowinfo=0x%08x, scope_id=0x%08x\n", 879 sin6->sin6_flowinfo, sin6->sin6_scope_id); 880 ipsec_hexdump(&sin6->sin6_addr, sizeof(sin6->sin6_addr)); 881 break; 882#endif 883 } 884 885 printf(" }\n"); 886 887 return; 888} 889 890void 891ipsec_bindump(buf, len) 892 caddr_t buf; 893 int len; 894{ 895 int i; 896 897 for (i = 0; i < len; i++) 898 printf("%c", (unsigned char)buf[i]); 899 900 return; 901} 902 903 904void 905ipsec_hexdump(buf, len) 906 const void *buf; 907 int len; 908{ 909 int i; 910 911 for (i = 0; i < len; i++) { 912 if (i != 0 && i % 32 == 0) printf("\n"); 913 if (i % 4 == 0) printf(" "); 914 printf("%02x", ((const unsigned char *)buf)[i]); 915 } 916#if 0 917 if (i % 32 != 0) printf("\n"); 918#endif 919 920 return; 921} 922