]> git.proxmox.com Git - mirror_edk2.git/blob - NetworkPkg/Application/IpsecConfig/Dump.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add NetworkPkg (P.UDK2010.UP3.Network.P1)
[mirror_edk2.git] / NetworkPkg / Application / IpsecConfig / Dump.c
1 /** @file
2 The implementation of dump policy entry function in IpSecConfig application.
3
4 Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
5
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php.
10
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13
14 **/
15
16 #include "IpSecConfig.h"
17 #include "Dump.h"
18 #include "ForEach.h"
19 #include "Helper.h"
20
21 /**
22 Private function called to get the version infomation from an EFI_IP_ADDRESS_INFO structure.
23
24 @param[in] AddressInfo The pointer to the EFI_IP_ADDRESS_INFO structure.
25
26 @return the value of version.
27 **/
28 UINTN
29 GetVerFromAddrInfo (
30 IN EFI_IP_ADDRESS_INFO *AddressInfo
31 )
32 {
33 if((AddressInfo->PrefixLength <= 32) && (AddressInfo->Address.Addr[1] == 0) &&
34 (AddressInfo->Address.Addr[2] == 0) && (AddressInfo->Address.Addr[3] == 0)) {
35 return IP_VERSION_4;
36 } else {
37 return IP_VERSION_6;
38 }
39 }
40
41 /**
42 Private function called to get the version information from a EFI_IP_ADDRESS structure.
43
44 @param[in] Address The pointer to the EFI_IP_ADDRESS structure.
45
46 @return The value of the version.
47 **/
48 UINTN
49 GetVerFromIpAddr (
50 IN EFI_IP_ADDRESS *Address
51 )
52 {
53 if ((Address->Addr[1] == 0) && (Address->Addr[2] == 0) && (Address->Addr[3] == 0)) {
54 return IP_VERSION_4;
55 } else {
56 return IP_VERSION_6;
57 }
58 }
59
60 /**
61 Private function called to print an ASCII string in unicode char format.
62
63 @param[in] Str The pointer to the ASCII string.
64 @param[in] Length The value of the ASCII string length.
65 **/
66 VOID
67 DumpAsciiString (
68 IN CHAR8 *Str,
69 IN UINTN Length
70 )
71 {
72 UINTN Index;
73 for (Index = 0; Index < Length; Index++) {
74 Print (L"%c", (CHAR16) Str[Index]);
75 }
76 }
77
78 /**
79 Private function called to print EFI_IP_ADDRESS_INFO content.
80
81 @param[in] AddressInfo The pointer to the EFI_IP_ADDRESS_INFO structure.
82 **/
83 VOID
84 DumpAddressInfo (
85 IN EFI_IP_ADDRESS_INFO *AddressInfo
86 )
87 {
88 if (IP_VERSION_4 == GetVerFromAddrInfo (AddressInfo)) {
89 Print (
90 L"%d.%d.%d.%d",
91 (UINTN) AddressInfo->Address.v4.Addr[0],
92 (UINTN) AddressInfo->Address.v4.Addr[1],
93 (UINTN) AddressInfo->Address.v4.Addr[2],
94 (UINTN) AddressInfo->Address.v4.Addr[3]
95 );
96 if (AddressInfo->PrefixLength != 32) {
97 Print (L"/%d", (UINTN) AddressInfo->PrefixLength);
98 }
99 }
100
101 if (IP_VERSION_6 == GetVerFromAddrInfo (AddressInfo)) {
102 Print (
103 L"%x:%x:%x:%x:%x:%x:%x:%x",
104 (((UINT16) AddressInfo->Address.v6.Addr[0]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[1]),
105 (((UINT16) AddressInfo->Address.v6.Addr[2]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[3]),
106 (((UINT16) AddressInfo->Address.v6.Addr[4]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[5]),
107 (((UINT16) AddressInfo->Address.v6.Addr[6]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[7]),
108 (((UINT16) AddressInfo->Address.v6.Addr[8]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[9]),
109 (((UINT16) AddressInfo->Address.v6.Addr[10]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[11]),
110 (((UINT16) AddressInfo->Address.v6.Addr[12]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[13]),
111 (((UINT16) AddressInfo->Address.v6.Addr[14]) << 8) | ((UINT16) AddressInfo->Address.v6.Addr[15])
112 );
113 if (AddressInfo->PrefixLength != 128) {
114 Print (L"/%d", AddressInfo->PrefixLength);
115 }
116 }
117 }
118
119 /**
120 Private function called to print EFI_IP_ADDRESS content.
121
122 @param[in] IpAddress The pointer to the EFI_IP_ADDRESS structure.
123 **/
124 VOID
125 DumpIpAddress (
126 IN EFI_IP_ADDRESS *IpAddress
127 )
128 {
129 if (IP_VERSION_4 == GetVerFromIpAddr (IpAddress)) {
130 Print (
131 L"%d.%d.%d.%d",
132 (UINTN) IpAddress->v4.Addr[0],
133 (UINTN) IpAddress->v4.Addr[1],
134 (UINTN) IpAddress->v4.Addr[2],
135 (UINTN) IpAddress->v4.Addr[3]
136 );
137 }
138
139 if (IP_VERSION_6 == GetVerFromIpAddr (IpAddress)) {
140 Print (
141 L"%x:%x:%x:%x:%x:%x:%x:%x",
142 (((UINT16) IpAddress->v6.Addr[0]) << 8) | ((UINT16) IpAddress->v6.Addr[1]),
143 (((UINT16) IpAddress->v6.Addr[2]) << 8) | ((UINT16) IpAddress->v6.Addr[3]),
144 (((UINT16) IpAddress->v6.Addr[4]) << 8) | ((UINT16) IpAddress->v6.Addr[5]),
145 (((UINT16) IpAddress->v6.Addr[6]) << 8) | ((UINT16) IpAddress->v6.Addr[7]),
146 (((UINT16) IpAddress->v6.Addr[8]) << 8) | ((UINT16) IpAddress->v6.Addr[9]),
147 (((UINT16) IpAddress->v6.Addr[10]) << 8) | ((UINT16) IpAddress->v6.Addr[11]),
148 (((UINT16) IpAddress->v6.Addr[12]) << 8) | ((UINT16) IpAddress->v6.Addr[13]),
149 (((UINT16) IpAddress->v6.Addr[14]) << 8) | ((UINT16) IpAddress->v6.Addr[15])
150 );
151 }
152
153 }
154
155 /**
156 Private function called to print EFI_IPSEC_SPD_SELECTOR content.
157
158 @param[in] Selector The pointer to the EFI_IPSEC_SPD_SELECTOR structure.
159 **/
160 VOID
161 DumpSpdSelector (
162 IN EFI_IPSEC_SPD_SELECTOR *Selector
163 )
164 {
165 UINT32 Index;
166 CHAR16 *Str;
167
168 for (Index = 0; Index < Selector->LocalAddressCount; Index++) {
169 if (Index > 0) {
170 Print (L",");
171 }
172
173 DumpAddressInfo (&Selector->LocalAddress[Index]);
174 }
175
176 if (Index == 0) {
177 Print (L"localhost");
178 }
179
180 Print (L" -> ");
181
182 for (Index = 0; Index < Selector->RemoteAddressCount; Index++) {
183 if (Index > 0) {
184 Print (L",");
185 }
186
187 DumpAddressInfo (&Selector->RemoteAddress[Index]);
188 }
189
190 Str = MapIntegerToString (Selector->NextLayerProtocol, mMapIpProtocol);
191 if (Str != NULL) {
192 Print (L" %s", Str);
193 } else {
194 Print (L" proto:%d", (UINTN) Selector->NextLayerProtocol);
195 }
196
197 if ((Selector->NextLayerProtocol == EFI_IP4_PROTO_TCP) || (Selector->NextLayerProtocol == EFI_IP4_PROTO_UDP)) {
198 Print (L" port:");
199 if (Selector->LocalPort != EFI_IPSEC_ANY_PORT) {
200 Print (L"%d", Selector->LocalPort);
201 if (Selector->LocalPortRange != 0) {
202 Print (L"~%d", (UINTN) Selector->LocalPort + Selector->LocalPortRange);
203 }
204 } else {
205 Print (L"any");
206 }
207
208 Print (L" -> ");
209 if (Selector->RemotePort != EFI_IPSEC_ANY_PORT) {
210 Print (L"%d", Selector->RemotePort);
211 if (Selector->RemotePortRange != 0) {
212 Print (L"~%d", (UINTN) Selector->RemotePort + Selector->RemotePortRange);
213 }
214 } else {
215 Print (L"any");
216 }
217 } else if (Selector->NextLayerProtocol == EFI_IP4_PROTO_ICMP) {
218 Print (L" class/code:");
219 if (Selector->LocalPort != 0) {
220 Print (L"%d", (UINTN) (UINT8) Selector->LocalPort);
221 } else {
222 Print (L"any");
223 }
224
225 Print (L"/");
226 if (Selector->RemotePort != 0) {
227 Print (L"%d", (UINTN) (UINT8) Selector->RemotePort);
228 } else {
229 Print (L"any");
230 }
231 }
232 }
233
234 /**
235 Print EFI_IPSEC_SPD_SELECTOR and EFI_IPSEC_SPD_DATA content.
236
237 @param[in] Selector The pointer to the EFI_IPSEC_SPD_SELECTOR structure.
238 @param[in] Data The pointer to the EFI_IPSEC_SPD_DATA structure.
239 @param[in] EntryIndex The pointer to the Index in SPD Database.
240
241 @retval EFI_SUCCESS Dump SPD information successfully.
242 **/
243 EFI_STATUS
244 DumpSpdEntry (
245 IN EFI_IPSEC_SPD_SELECTOR *Selector,
246 IN EFI_IPSEC_SPD_DATA *Data,
247 IN UINTN *EntryIndex
248 )
249 {
250 BOOLEAN HasPre;
251 CHAR16 DataName[128];
252 CHAR16 *String1;
253 CHAR16 *String2;
254 CHAR16 *String3;
255 UINT8 Index;
256
257 Print (L"%d.", (*EntryIndex)++);
258
259 //
260 // xxx.xxx.xxx.xxx/yy -> xxx.xxx.xxx.xx/yy proto:23 port:100~300 -> 300~400
261 // Protect PF:0x34323423 Name:First Entry
262 // ext-sequence sequence-overflow fragcheck life:[B0,S1024,H3600]
263 // ESP algo1 algo2 Tunnel [xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx set]
264 //
265
266 DumpSpdSelector (Selector);
267 Print (L"\n ");
268
269 Print (L"%s ", MapIntegerToString (Data->Action, mMapIpSecAction));
270 Print (L"PF:%08x ", Data->PackageFlag);
271
272 Index = 0;
273 while (Data->Name[Index] != 0) {
274 DataName[Index] = (CHAR16) Data->Name[Index];
275 Index++;
276 ASSERT (Index < 128);
277 }
278 DataName[Index] = L'\0';
279
280 Print (L"Name:%s", DataName);
281
282 if (Data->Action == EfiIPsecActionProtect) {
283 Print (L"\n ");
284 if (Data->ProcessingPolicy->ExtSeqNum) {
285 Print (L"ext-sequence ");
286 }
287
288 if (Data->ProcessingPolicy->SeqOverflow) {
289 Print (L"sequence-overflow ");
290 }
291
292 if (Data->ProcessingPolicy->FragCheck) {
293 Print (L"fragment-check ");
294 }
295
296 HasPre = FALSE;
297 if (Data->ProcessingPolicy->SaLifetime.ByteCount != 0) {
298 Print (HasPre ? L"," : L"life:[");
299 Print (L"%lxB", Data->ProcessingPolicy->SaLifetime.ByteCount);
300 HasPre = TRUE;
301 }
302
303 if (Data->ProcessingPolicy->SaLifetime.SoftLifetime != 0) {
304 Print (HasPre ? L"," : L"life:[");
305 Print (L"%lxs", Data->ProcessingPolicy->SaLifetime.SoftLifetime);
306 HasPre = TRUE;
307 }
308
309 if (Data->ProcessingPolicy->SaLifetime.HardLifetime != 0) {
310 Print (HasPre ? L"," : L"life:[");
311 Print (L"%lxS", Data->ProcessingPolicy->SaLifetime.HardLifetime);
312 HasPre = TRUE;
313 }
314
315 if (HasPre) {
316 Print (L"]");
317 }
318
319 if (HasPre || Data->ProcessingPolicy->ExtSeqNum ||
320 Data->ProcessingPolicy->SeqOverflow || Data->ProcessingPolicy->FragCheck) {
321 Print (L"\n ");
322 }
323
324 String1 = MapIntegerToString (Data->ProcessingPolicy->Proto, mMapIpSecProtocol);
325 String2 = MapIntegerToString (Data->ProcessingPolicy->AuthAlgoId, mMapAuthAlgo);
326 String3 = MapIntegerToString (Data->ProcessingPolicy->EncAlgoId, mMapEncAlgo);
327 Print (
328 L"%s Auth:%s Encrypt:%s ",
329 String1,
330 String2,
331 String3
332 );
333
334 Print (L"%s ", MapIntegerToString (Data->ProcessingPolicy->Mode, mMapIpSecMode));
335 if (Data->ProcessingPolicy->Mode == EfiIPsecTunnel) {
336 Print (L"[");
337 DumpIpAddress (&Data->ProcessingPolicy->TunnelOption->LocalTunnelAddress);
338 Print (L" -> ");
339 DumpIpAddress (&Data->ProcessingPolicy->TunnelOption->RemoteTunnelAddress);
340 Print (L" %s]", MapIntegerToString (Data->ProcessingPolicy->TunnelOption->DF, mMapDfOption));
341 }
342 }
343
344 Print (L"\n");
345
346 return EFI_SUCCESS;
347 }
348
349 /**
350 Print EFI_IPSEC_SA_ID and EFI_IPSEC_SA_DATA content.
351
352 @param[in] SaId The pointer to the EFI_IPSEC_SA_ID structure.
353 @param[in] Data The pointer to the EFI_IPSEC_SA_DATA structure.
354 @param[in] EntryIndex The pointer to the Index in the SAD Database.
355
356 @retval EFI_SUCCESS Dump SAD information successfully.
357 **/
358 EFI_STATUS
359 DumpSadEntry (
360 IN EFI_IPSEC_SA_ID *SaId,
361 IN EFI_IPSEC_SA_DATA *Data,
362 IN UINTN *EntryIndex
363 )
364 {
365 BOOLEAN HasPre;
366 CHAR16 *String1;
367 CHAR16 *String2;
368
369 //
370 // SPI:1234 ESP Destination:xxx.xxx.xxx.xxx
371 // Mode:Transport SeqNum:134 AntiReplayWin:64 life:[0B,1023s,3400S] PathMTU:34
372 // Auth:xxxx/password Encrypt:yyyy/password
373 // xxx.xxx.xxx.xxx/yy -> xxx.xxx.xxx.xx/yy proto:23 port:100~300 -> 300~400
374 //
375
376 Print (L"%d.", (*EntryIndex)++);
377 Print (L"0x%x %s ", (UINTN) SaId->Spi, MapIntegerToString (SaId->Proto, mMapIpSecProtocol));
378 Print (L"Destination:");
379 DumpIpAddress (&SaId->DestAddress);
380 Print (L"\n");
381
382 Print (
383 L" Mode:%s SeqNum:%lx AntiReplayWin:%d ",
384 MapIntegerToString (Data->Mode, mMapIpSecMode),
385 Data->SNCount,
386 (UINTN) Data->AntiReplayWindows
387 );
388
389 HasPre = FALSE;
390 if (Data->SaLifetime.ByteCount != 0) {
391 Print (HasPre ? L"," : L"life:[");
392 Print (L"%lxB", Data->SaLifetime.ByteCount);
393 HasPre = TRUE;
394 }
395
396 if (Data->SaLifetime.SoftLifetime != 0) {
397 Print (HasPre ? L"," : L"life:[");
398 Print (L"%lxs", Data->SaLifetime.SoftLifetime);
399 HasPre = TRUE;
400 }
401
402 if (Data->SaLifetime.HardLifetime != 0) {
403 Print (HasPre ? L"," : L"life:[");
404 Print (L"%lxS", Data->SaLifetime.HardLifetime);
405 HasPre = TRUE;
406 }
407
408 if (HasPre) {
409 Print (L"] ");
410 }
411
412 Print (L"PathMTU:%d\n", (UINTN) Data->PathMTU);
413
414 if (SaId->Proto == EfiIPsecAH) {
415 Print (
416 L" Auth:%s/%s\n",
417 MapIntegerToString (Data->AlgoInfo.AhAlgoInfo.AuthAlgoId, mMapAuthAlgo),
418 Data->AlgoInfo.AhAlgoInfo.AuthKey
419 );
420 } else {
421 String1 = MapIntegerToString (Data->AlgoInfo.EspAlgoInfo.AuthAlgoId, mMapAuthAlgo);
422 String2 = MapIntegerToString (Data->AlgoInfo.EspAlgoInfo.EncAlgoId, mMapEncAlgo);
423 Print (
424 L" Auth:%s/%s Encrypt:%s/%s\n",
425 String1,
426 Data->AlgoInfo.EspAlgoInfo.AuthKey,
427 String2,
428 Data->AlgoInfo.EspAlgoInfo.EncKey
429 );
430 }
431
432 if (Data->SpdSelector != NULL) {
433 Print (L" ");
434 DumpSpdSelector (Data->SpdSelector);
435 Print (L"\n");
436 }
437
438 return EFI_SUCCESS;
439 }
440
441 /**
442 Print EFI_IPSEC_PAD_ID and EFI_IPSEC_PAD_DATA content.
443
444 @param[in] PadId The pointer to the EFI_IPSEC_PAD_ID structure.
445 @param[in] Data The pointer to the EFI_IPSEC_PAD_DATA structure.
446 @param[in] EntryIndex The pointer to the Index in the PAD Database.
447
448 @retval EFI_SUCCESS Dump PAD information successfully.
449 **/
450 EFI_STATUS
451 DumpPadEntry (
452 IN EFI_IPSEC_PAD_ID *PadId,
453 IN EFI_IPSEC_PAD_DATA *Data,
454 IN UINTN *EntryIndex
455 )
456 {
457 CHAR16 *String1;
458 CHAR16 *String2;
459
460 //
461 // ADDR:10.23.17.34/15
462 // IDEv1 PreSharedSecret IKE-ID
463 // password
464 //
465
466 Print (L"%d.", (*EntryIndex)++);
467
468 if (PadId->PeerIdValid) {
469 Print (L"ID:%s", PadId->Id.PeerId);
470 } else {
471 Print (L"ADDR:");
472 DumpAddressInfo (&PadId->Id.IpAddress);
473 }
474
475 Print (L"\n");
476
477 String1 = MapIntegerToString (Data->AuthProtocol, mMapAuthProto);
478 String2 = MapIntegerToString (Data->AuthMethod, mMapAuthMethod);
479 Print (
480 L" %s %s",
481 String1,
482 String2
483 );
484
485 if (Data->IkeIdFlag) {
486 Print (L"IKE-ID");
487 }
488
489 Print (L"\n");
490
491 if (Data->AuthData != NULL) {
492 DumpAsciiString (Data->AuthData, Data->AuthDataSize);
493 Print (L"\n");
494 }
495
496 if (Data->RevocationData != NULL) {
497 Print (L" %s\n", Data->RevocationData);
498 }
499
500 return EFI_SUCCESS;
501
502 }
503
504 VISIT_POLICY_ENTRY mDumpPolicyEntry[] = {
505 (VISIT_POLICY_ENTRY) DumpSpdEntry,
506 (VISIT_POLICY_ENTRY) DumpSadEntry,
507 (VISIT_POLICY_ENTRY) DumpPadEntry
508 };
509
510 /**
511 Print all entry information in the database according to datatype.
512
513 @param[in] DataType The value of EFI_IPSEC_CONFIG_DATA_TYPE.
514 @param[in] ParamPackage The pointer to the ParamPackage list.
515
516 @retval EFI_SUCCESS Dump all information successfully.
517 @retval Others Some mistaken case.
518 **/
519 EFI_STATUS
520 ListPolicyEntry (
521 IN EFI_IPSEC_CONFIG_DATA_TYPE DataType,
522 IN LIST_ENTRY *ParamPackage
523 )
524 {
525 UINTN EntryIndex;
526
527 EntryIndex = 0;
528 return ForeachPolicyEntry (DataType, mDumpPolicyEntry[DataType], &EntryIndex);
529 }
530
EFI Development Kit II mirror for PVE