fixed debug output of ah transforms

2025-10-16 00:00:37 -04:00 · 2009-05-19 13:32:10 +02:00 · 2009-05-19 13:32:10 +02:00 · e3891754e6
commit e3891754e6
parent ef56ba51d4
2 changed files with 54 additions and 66 deletions
--- a/src/pluto/constants.c
+++ b/src/pluto/constants.c
@ -356,15 +356,15 @@ enum_names isakmp_transformid_names =
 /* IPsec AH transform values */
 static const char *const ah_transform_name[] = {
-	"AH_MD5",
+	"HMAC_MD5",
-	"AH_SHA",
+	"HMAC_SHA1",
-	"AH_DES",
+	"DES_MAC",
-	"AH_SHA2_256",
+	"HMAC_SHA2_256",
-	"AH_SHA2_384",
+	"HMAC_SHA2_384",
-	"AH_SHA2_512",
+	"HMAC_SHA2_512",
-	"AH_RIPEMD",
+	"HMAC_RIPEMD",
-	"AH_AES_XCBC_MAC",
+	"AES_XCBC_MAC",
-	"AH_RSA"
+	"SIG_RSA"
 };
 enum_names ah_transformid_names =
--- a/src/pluto/kernel_alg.c
+++ b/src/pluto/kernel_alg.c
@ -55,8 +55,8 @@ static int esp_aalg_num = 0;
 		for (algo=SADB_AALG_MAX; algo >0 ; algo--) \
 				if (ESP_AALG_PRESENT(algo))
-static struct sadb_alg*
+static struct sadb_alg* sadb_alg_ptr (int satype, int exttype, int alg_id,
-sadb_alg_ptr (int satype, int exttype, int alg_id, int rw)
+									  int rw)
 {
 	struct sadb_alg *alg_p = NULL;
@ -94,8 +94,8 @@ sadb_alg_ptr (int satype, int exttype, int alg_id, int rw)
 	return alg_p;
 }
-const struct sadb_alg *
+const struct sadb_alg* kernel_alg_sadb_alg_get(int satype, int exttype,
-kernel_alg_sadb_alg_get(int satype, int exttype, int alg_id)
+											   int alg_id)
 {
 	return sadb_alg_ptr(satype, exttype, alg_id, 0);
 }
@ -103,8 +103,7 @@ kernel_alg_sadb_alg_get(int satype, int exttype, int alg_id)
 /*
 *      Forget previous registration
 */
-static void 
+static void kernel_alg_init(void)
 kernel_alg_init(void)
 {
 	DBG(DBG_KLIPS,
 		DBG_log("alg_init(): memset(%p, 0, %d) memset(%p, 0, %d)",
@ -116,8 +115,8 @@ kernel_alg_init(void)
 	esp_ealg_num=esp_aalg_num = 0;
 }
-static int
+static int kernel_alg_add(int satype, int exttype,
-kernel_alg_add(int satype, int exttype, const struct sadb_alg *sadb_alg)
+						  const struct sadb_alg *sadb_alg)
 {
 	struct sadb_alg *alg_p = NULL;
 	int alg_id = sadb_alg->sadb_alg_id;
@ -143,9 +142,8 @@ kernel_alg_add(int satype, int exttype, const struct sadb_alg *sadb_alg)
 	return 1;
 }
-bool
+bool kernel_alg_esp_enc_ok(u_int alg_id, u_int key_len,
-kernel_alg_esp_enc_ok(u_int alg_id, u_int key_len,
+					struct alg_info_esp *alg_info __attribute__((unused)))
 				struct alg_info_esp *alg_info __attribute__((unused)))
 {
 	struct sadb_alg *alg_p = NULL;
@ -200,9 +198,8 @@ out:
 /* 
 * ML: make F_STRICT logic consider enc,auth algorithms 
 */
-#ifndef NO_PLUTO
+bool kernel_alg_esp_ok_final(u_int ealg, u_int key_len, u_int aalg,
-bool
+							 struct alg_info_esp *alg_info)
 kernel_alg_esp_ok_final(u_int ealg, u_int key_len, u_int aalg, struct alg_info_esp *alg_info)
 {
 	int ealg_insecure;
@ -254,14 +251,11 @@ kernel_alg_esp_ok_final(u_int ealg, u_int key_len, u_int aalg, struct alg_info_e
 	}
 	return TRUE;
 }
 #endif /* NO_PLUTO */
-/*      
+/**      
- *      Load kernel_alg arrays from /proc
+ * Load kernel_alg arrays from /proc used in manual mode from klips/utils/spi.c
 *      used in manual mode from klips/utils/spi.c
 */
-int
+int kernel_alg_proc_read(void)
 kernel_alg_proc_read(void)
 {
 	int satype;
 	int supp_exttype;
@ -318,13 +312,10 @@ kernel_alg_proc_read(void)
 	return 0;
 }
-/*      
+/**     
- *      Load kernel_alg arrays pluto's SADB_REGISTER    
+ * Load kernel_alg arrays pluto's SADB_REGISTER user by pluto/kernel.c
 *      user by pluto/kernel.c
 */
-
+void kernel_alg_register_pfkey(const struct sadb_msg *msg_buf, int buflen)
 void
 kernel_alg_register_pfkey(const struct sadb_msg *msg_buf, int buflen)
 {
 	/* Trick: one 'type-mangle-able' pointer to ease offset/assign */
 	union {
@ -392,8 +383,7 @@ kernel_alg_register_pfkey(const struct sadb_msg *msg_buf, int buflen)
 	}
 }
-u_int
+u_int kernel_alg_esp_enc_keylen(u_int alg_id)
 kernel_alg_esp_enc_keylen(u_int alg_id)
 {
 	u_int keylen = 0;
@ -424,8 +414,7 @@ none:
 	return keylen;
 }
-struct sadb_alg *
+struct sadb_alg* kernel_alg_esp_sadb_alg(u_int alg_id)
 kernel_alg_esp_sadb_alg(u_int alg_id)
 {
 	struct sadb_alg *sadb_alg = (ESP_EALG_PRESENT(alg_id))
 				? &esp_ealg[alg_id] : NULL;
@ -437,7 +426,6 @@ kernel_alg_esp_sadb_alg(u_int alg_id)
 	return sadb_alg;
 }
 #ifndef NO_PLUTO
 void kernel_alg_list(void)
 {
 	u_int sadb_id;
@ -483,21 +471,27 @@ void kernel_alg_list(void)
 	}
 }
-void
+void kernel_alg_show_connection(struct connection *c, const char *instance)
 kernel_alg_show_connection(struct connection *c, const char *instance)
 {
 	struct state *st = state_with_serialno(c->newest_ipsec_sa);
 	if (st && st->st_esp.present)
 	{
-		whack_log(RC_COMMENT
+		const char *aalg_name;
-				, "\"%s\"%s:   ESP proposal: %s_%d/%s/%s"
+
-				, c->name
+		aalg_name = (st->st_ah.present) ?
-				, instance
+					enum_show(&ah_transformid_names, st->st_ah.attrs.transid):
-				, enum_show(&esp_transformid_names, st->st_esp.attrs.transid)
+					enum_show(&auth_alg_names, st->st_esp.attrs.transid);
-				, st->st_esp.attrs.key_len
+
-				, enum_show(&auth_alg_names, st->st_esp.attrs.auth)
+		whack_log(RC_COMMENT,
-				, c->policy & POLICY_PFS ?
+				"\"%s\"%s:   ESP%s proposal: %s_%d/%s/%s",
 				c->name,
 				instance,
 				(st->st_ah.present) ? "/AH" : "",
 				enum_show(&esp_transformid_names, st->st_esp.attrs.transid),
 				st->st_esp.attrs.key_len,
 				aalg_name,
 				c->policy & POLICY_PFS ?
 						c->alg_info_esp->esp_pfsgroup ?
 								enum_show(&oakley_group_names, 
 										  c->alg_info_esp->esp_pfsgroup)
@ -506,17 +500,14 @@ kernel_alg_show_connection(struct connection *c, const char *instance)
 		);
 	}
 }
 #endif /* NO_PLUTO */
-bool
+bool kernel_alg_esp_auth_ok(u_int auth,
-kernel_alg_esp_auth_ok(u_int auth,
+					struct alg_info_esp *alg_info __attribute__((unused)))
 				struct alg_info_esp *alg_info __attribute__((unused)))
 {
 	return ESP_AALG_PRESENT(alg_info_esp_aa2sadb(auth));
 }
-u_int
+u_int kernel_alg_esp_auth_keylen(u_int auth)
 kernel_alg_esp_auth_keylen(u_int auth)
 {
 	u_int sadb_aalg = alg_info_esp_aa2sadb(auth);
@ -531,8 +522,7 @@ kernel_alg_esp_auth_keylen(u_int auth)
 	return a_keylen;
 }
-struct esp_info *
+struct esp_info* kernel_alg_esp_info(int transid, int auth)
 kernel_alg_esp_info(int transid, int auth)
 {
 	int sadb_aalg, sadb_ealg;
 	static struct esp_info ei_buf;
@ -577,9 +567,7 @@ none:
 	return NULL;
 }
-#ifndef NO_PLUTO
+static void kernel_alg_policy_algorithms(struct esp_info *esp_info)
 static void
 kernel_alg_policy_algorithms(struct esp_info *esp_info)
 {
 	u_int ealg_id = esp_info->esp_ealg_id;
@ -605,8 +593,8 @@ kernel_alg_policy_algorithms(struct esp_info *esp_info)
 	}
 }
-static bool 
+static bool kernel_alg_db_add(struct db_context *db_ctx,
-kernel_alg_db_add(struct db_context *db_ctx, struct esp_info *esp_info, lset_t policy)
+							  struct esp_info *esp_info, lset_t policy)
 {
 	u_int ealg_id, aalg_id;
@ -654,8 +642,8 @@ kernel_alg_db_add(struct db_context *db_ctx, struct esp_info *esp_info, lset_t p
 *      for now this function does free() previous returned
 *      malloced pointer (this quirk allows easier spdb.c change)
 */
-struct db_context * 
+struct db_context* kernel_alg_db_new(struct alg_info_esp *alg_info,
-kernel_alg_db_new(struct alg_info_esp *alg_info, lset_t policy )
+									 lset_t policy )
 {
 	const struct esp_info *esp_info;
 	struct esp_info tmp_esp_info;
@ -737,4 +725,4 @@ kernel_alg_db_new(struct alg_info_esp *alg_info, lset_t policy )
 	}
 	return ctx_new;
 }
-#endif /* NO_PLUTO */
+