1 /* $NetBSD: strnames.c,v 1.13 2025/03/08 16:39:08 christos Exp $ */ 2 3 /* $KAME: strnames.c,v 1.25 2003/11/13 10:53:26 itojun Exp $ */ 4 5 /* 6 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 3. Neither the name of the project nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #include "config.h" 35 36 #include <sys/types.h> 37 #include <sys/param.h> 38 #include <sys/socket.h> 39 40 #include <netinet/in.h> 41 #include PATH_IPSEC_H 42 #include <netinet/in.h> 43 44 #include <stdio.h> 45 #include <stdlib.h> 46 #ifdef ENABLE_HYBRID 47 #include <resolv.h> 48 #endif 49 50 #include "var.h" 51 #include "misc.h" 52 #include "vmbuf.h" 53 #include "plog.h" 54 55 #include "isakmp_var.h" 56 #include "isakmp.h" 57 #ifdef ENABLE_HYBRID 58 # include "isakmp_xauth.h" 59 # include "isakmp_unity.h" 60 # include "isakmp_cfg.h" 61 #endif 62 #include "ipsec_doi.h" 63 #include "oakley.h" 64 #include "handler.h" 65 #include "pfkey.h" 66 #include "strnames.h" 67 #include "algorithm.h" 68 69 struct ksmap { 70 int key; 71 const char *str; 72 const char *(*f)(int); 73 }; 74 75 const char * 76 num2str(int n) 77 { 78 static char buf[20]; 79 80 snprintf(buf, sizeof(buf), "%d", n); 81 82 return buf; 83 } 84 85 /* isakmp.h */ 86 const char * 87 s_isakmp_state(int t, int d, int s) 88 { 89 switch (t) { 90 case ISAKMP_ETYPE_AGG: 91 switch (d) { 92 case INITIATOR: 93 switch (s) { 94 case PHASE1ST_MSG1SENT: 95 return "agg I msg1"; 96 case PHASE1ST_ESTABLISHED: 97 return "agg I msg2"; 98 default: 99 break; 100 } 101 break; 102 case RESPONDER: 103 switch (s) { 104 case PHASE1ST_MSG1SENT: 105 return "agg R msg1"; 106 default: 107 break; 108 } 109 break; 110 } 111 break; 112 case ISAKMP_ETYPE_BASE: 113 switch (d) { 114 case INITIATOR: 115 switch (s) { 116 case PHASE1ST_MSG1SENT: 117 return "base I msg1"; 118 case PHASE1ST_MSG2SENT: 119 return "base I msg2"; 120 default: 121 break; 122 } 123 break; 124 case RESPONDER: 125 switch (s) { 126 case PHASE1ST_MSG1SENT: 127 return "base R msg1"; 128 case PHASE1ST_ESTABLISHED: 129 return "base R msg2"; 130 default: 131 break; 132 } 133 break; 134 } 135 break; 136 case ISAKMP_ETYPE_IDENT: 137 switch (d) { 138 case INITIATOR: 139 switch (s) { 140 case PHASE1ST_MSG1SENT: 141 return "ident I msg1"; 142 case PHASE1ST_MSG2SENT: 143 return "ident I msg2"; 144 case PHASE1ST_MSG3SENT: 145 return "ident I msg3"; 146 default: 147 break; 148 } 149 break; 150 case RESPONDER: 151 switch (s) { 152 case PHASE1ST_MSG1SENT: 153 return "ident R msg1"; 154 case PHASE1ST_MSG2SENT: 155 return "ident R msg2"; 156 case PHASE1ST_ESTABLISHED: 157 return "ident R msg3"; 158 default: 159 break; 160 } 161 } 162 break; 163 case ISAKMP_ETYPE_QUICK: 164 switch (d) { 165 case INITIATOR: 166 switch (s) { 167 case PHASE2ST_MSG1SENT: 168 return "quick I msg1"; 169 case PHASE2ST_ADDSA: 170 return "quick I msg2"; 171 default: 172 break; 173 } 174 break; 175 case RESPONDER: 176 switch (s) { 177 case PHASE2ST_MSG1SENT: 178 return "quick R msg1"; 179 case PHASE2ST_COMMIT: 180 return "quick R msg2"; 181 default: 182 break; 183 } 184 break; 185 } 186 break; 187 default: 188 case ISAKMP_ETYPE_NONE: 189 case ISAKMP_ETYPE_AUTH: 190 case ISAKMP_ETYPE_INFO: 191 case ISAKMP_ETYPE_NEWGRP: 192 case ISAKMP_ETYPE_ACKINFO: 193 break; 194 } 195 /*NOTREACHED*/ 196 197 return "???"; 198 } 199 200 static struct ksmap name_isakmp_certtype[] = { 201 { ISAKMP_CERT_NONE, "NONE", NULL }, 202 { ISAKMP_CERT_PKCS7, "PKCS #7 wrapped X.509 certificate", NULL }, 203 { ISAKMP_CERT_PGP, "PGP Certificate", NULL }, 204 { ISAKMP_CERT_DNS, "DNS Signed Key", NULL }, 205 { ISAKMP_CERT_X509SIGN, "X.509 Certificate Signature", NULL }, 206 { ISAKMP_CERT_X509KE, "X.509 Certificate Key Exchange", NULL }, 207 { ISAKMP_CERT_KERBEROS, "Kerberos Tokens", NULL }, 208 { ISAKMP_CERT_CRL, "Certificate Revocation List (CRL)", NULL }, 209 { ISAKMP_CERT_ARL, "Authority Revocation List (ARL)", NULL }, 210 { ISAKMP_CERT_SPKI, "SPKI Certificate", NULL }, 211 { ISAKMP_CERT_X509ATTR, "X.509 Certificate Attribute", NULL }, 212 }; 213 214 const char * 215 s_isakmp_certtype(int k) 216 { 217 int i; 218 for (i = 0; i < ARRAYLEN(name_isakmp_certtype); i++) 219 if (name_isakmp_certtype[i].key == k) 220 return name_isakmp_certtype[i].str; 221 return num2str(k); 222 } 223 224 static struct ksmap name_isakmp_etype[] = { 225 { ISAKMP_ETYPE_NONE, "None", NULL }, 226 { ISAKMP_ETYPE_BASE, "Base", NULL }, 227 { ISAKMP_ETYPE_IDENT, "Identity Protection", NULL }, 228 { ISAKMP_ETYPE_AUTH, "Authentication Only", NULL }, 229 { ISAKMP_ETYPE_AGG, "Aggressive", NULL }, 230 { ISAKMP_ETYPE_INFO, "Informational", NULL }, 231 { ISAKMP_ETYPE_CFG, "Mode config", NULL }, 232 { ISAKMP_ETYPE_QUICK, "Quick", NULL }, 233 { ISAKMP_ETYPE_NEWGRP, "New Group", NULL }, 234 { ISAKMP_ETYPE_ACKINFO, "Acknowledged Informational", NULL }, 235 }; 236 237 const char * 238 s_isakmp_etype(int k) 239 { 240 int i; 241 for (i = 0; i < ARRAYLEN(name_isakmp_etype); i++) 242 if (name_isakmp_etype[i].key == k) 243 return name_isakmp_etype[i].str; 244 return num2str(k); 245 } 246 247 static struct ksmap name_isakmp_notify_msg[] = { 248 { ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE, "INVALID-PAYLOAD-TYPE", NULL }, 249 { ISAKMP_NTYPE_DOI_NOT_SUPPORTED, "DOI-NOT-SUPPORTED", NULL }, 250 { ISAKMP_NTYPE_SITUATION_NOT_SUPPORTED, "SITUATION-NOT-SUPPORTED", NULL }, 251 { ISAKMP_NTYPE_INVALID_COOKIE, "INVALID-COOKIE", NULL }, 252 { ISAKMP_NTYPE_INVALID_MAJOR_VERSION, "INVALID-MAJOR-VERSION", NULL }, 253 { ISAKMP_NTYPE_INVALID_MINOR_VERSION, "INVALID-MINOR-VERSION", NULL }, 254 { ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE, "INVALID-EXCHANGE-TYPE", NULL }, 255 { ISAKMP_NTYPE_INVALID_FLAGS, "INVALID-FLAGS", NULL }, 256 { ISAKMP_NTYPE_INVALID_MESSAGE_ID, "INVALID-MESSAGE-ID", NULL }, 257 { ISAKMP_NTYPE_INVALID_PROTOCOL_ID, "INVALID-PROTOCOL-ID", NULL }, 258 { ISAKMP_NTYPE_INVALID_SPI, "INVALID-SPI", NULL }, 259 { ISAKMP_NTYPE_INVALID_TRANSFORM_ID, "INVALID-TRANSFORM-ID", NULL }, 260 { ISAKMP_NTYPE_ATTRIBUTES_NOT_SUPPORTED, "ATTRIBUTES-NOT-SUPPORTED", NULL }, 261 { ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN, "NO-PROPOSAL-CHOSEN", NULL }, 262 { ISAKMP_NTYPE_BAD_PROPOSAL_SYNTAX, "BAD-PROPOSAL-SYNTAX", NULL }, 263 { ISAKMP_NTYPE_PAYLOAD_MALFORMED, "PAYLOAD-MALFORMED", NULL }, 264 { ISAKMP_NTYPE_INVALID_KEY_INFORMATION, "INVALID-KEY-INFORMATION", NULL }, 265 { ISAKMP_NTYPE_INVALID_ID_INFORMATION, "INVALID-ID-INFORMATION", NULL }, 266 { ISAKMP_NTYPE_INVALID_CERT_ENCODING, "INVALID-CERT-ENCODING", NULL }, 267 { ISAKMP_NTYPE_INVALID_CERTIFICATE, "INVALID-CERTIFICATE", NULL }, 268 { ISAKMP_NTYPE_BAD_CERT_REQUEST_SYNTAX, "BAD-CERT-REQUEST-SYNTAX", NULL }, 269 { ISAKMP_NTYPE_INVALID_CERT_AUTHORITY, "INVALID-CERT-AUTHORITY", NULL }, 270 { ISAKMP_NTYPE_INVALID_HASH_INFORMATION, "INVALID-HASH-INFORMATION", NULL }, 271 { ISAKMP_NTYPE_AUTHENTICATION_FAILED, "AUTHENTICATION-FAILED", NULL }, 272 { ISAKMP_NTYPE_INVALID_SIGNATURE, "INVALID-SIGNATURE", NULL }, 273 { ISAKMP_NTYPE_ADDRESS_NOTIFICATION, "ADDRESS-NOTIFICATION", NULL }, 274 { ISAKMP_NTYPE_NOTIFY_SA_LIFETIME, "NOTIFY-SA-LIFETIME", NULL }, 275 { ISAKMP_NTYPE_CERTIFICATE_UNAVAILABLE, "CERTIFICATE-UNAVAILABLE", NULL }, 276 { ISAKMP_NTYPE_UNSUPPORTED_EXCHANGE_TYPE, "UNSUPPORTED-EXCHANGE-TYPE", NULL }, 277 { ISAKMP_NTYPE_UNEQUAL_PAYLOAD_LENGTHS, "UNEQUAL-PAYLOAD-LENGTHS", NULL }, 278 { ISAKMP_NTYPE_CONNECTED, "CONNECTED", NULL }, 279 { ISAKMP_NTYPE_RESPONDER_LIFETIME, "RESPONDER-LIFETIME", NULL }, 280 { ISAKMP_NTYPE_REPLAY_STATUS, "REPLAY-STATUS", NULL }, 281 { ISAKMP_NTYPE_INITIAL_CONTACT, "INITIAL-CONTACT", NULL }, 282 { ISAKMP_NTYPE_R_U_THERE, "R-U-THERE", NULL }, 283 { ISAKMP_NTYPE_R_U_THERE_ACK, "R-U-THERE-ACK", NULL }, 284 #ifdef ENABLE_HYBRID 285 { ISAKMP_NTYPE_UNITY_HEARTBEAT, "HEARTBEAT (Unity)", NULL }, 286 #endif 287 { ISAKMP_LOG_RETRY_LIMIT_REACHED, "RETRY-LIMIT-REACHED", NULL }, 288 }; 289 290 const char * 291 s_isakmp_notify_msg(int k) 292 { 293 int i; 294 for (i = 0; i < ARRAYLEN(name_isakmp_notify_msg); i++) 295 if (name_isakmp_notify_msg[i].key == k) 296 return name_isakmp_notify_msg[i].str; 297 298 return num2str(k); 299 } 300 301 static struct ksmap name_isakmp_nptype[] = { 302 { ISAKMP_NPTYPE_NONE, "none", NULL }, 303 { ISAKMP_NPTYPE_SA, "sa", NULL }, 304 { ISAKMP_NPTYPE_P, "prop", NULL }, 305 { ISAKMP_NPTYPE_T, "trns", NULL }, 306 { ISAKMP_NPTYPE_KE, "ke", NULL }, 307 { ISAKMP_NPTYPE_ID, "id", NULL }, 308 { ISAKMP_NPTYPE_CERT, "cert", NULL }, 309 { ISAKMP_NPTYPE_CR, "cr", NULL }, 310 { ISAKMP_NPTYPE_HASH, "hash", NULL }, 311 { ISAKMP_NPTYPE_SIG, "sig", NULL }, 312 { ISAKMP_NPTYPE_NONCE, "nonce", NULL }, 313 { ISAKMP_NPTYPE_N, "notify", NULL }, 314 { ISAKMP_NPTYPE_D, "delete", NULL }, 315 { ISAKMP_NPTYPE_VID, "vid", NULL }, 316 { ISAKMP_NPTYPE_ATTR, "attr", NULL }, 317 { ISAKMP_NPTYPE_GSS, "gss id", NULL }, 318 { ISAKMP_NPTYPE_NATD_RFC, "nat-d", NULL }, 319 { ISAKMP_NPTYPE_NATOA_RFC, "nat-oa", NULL }, 320 { ISAKMP_NPTYPE_NATD_DRAFT, "nat-d", NULL }, 321 { ISAKMP_NPTYPE_NATOA_DRAFT, "nat-oa", NULL }, 322 { ISAKMP_NPTYPE_FRAG, "ike frag", NULL }, 323 }; 324 325 const char * 326 s_isakmp_nptype(int k) 327 { 328 int i; 329 for (i = 0; i < ARRAYLEN(name_isakmp_nptype); i++) 330 if (name_isakmp_nptype[i].key == k) 331 return name_isakmp_nptype[i].str; 332 return num2str(k); 333 } 334 335 #ifdef ENABLE_HYBRID 336 /* isakmp_cfg.h / isakmp_unity.h / isakmp_xauth.h */ 337 static struct ksmap name_isakmp_cfg_type[] = { 338 { INTERNAL_IP4_ADDRESS, "INTERNAL_IP4_ADDRESS", NULL }, 339 { INTERNAL_IP4_NETMASK, "INTERNAL_IP4_NETMASK", NULL }, 340 { INTERNAL_IP4_DNS, "INTERNAL_IP4_DNS", NULL }, 341 { INTERNAL_IP4_NBNS, "INTERNAL_IP4_NBNS", NULL }, 342 { INTERNAL_ADDRESS_EXPIRY, "INTERNAL_ADDRESS_EXPIRY", NULL }, 343 { INTERNAL_IP4_DHCP, "INTERNAL_IP4_DHCP", NULL }, 344 { APPLICATION_VERSION, "APPLICATION_VERSION", NULL }, 345 { INTERNAL_IP6_ADDRESS, "INTERNAL_IP6_ADDRESS", NULL }, 346 { INTERNAL_IP6_NETMASK, "INTERNAL_IP6_NETMASK", NULL }, 347 { INTERNAL_IP6_DNS, "INTERNAL_IP6_DNS", NULL }, 348 { INTERNAL_IP6_NBNS, "INTERNAL_IP6_NBNS", NULL }, 349 { INTERNAL_IP6_DHCP, "INTERNAL_IP6_DHCP", NULL }, 350 { INTERNAL_IP4_SUBNET, "INTERNAL_IP4_SUBNET", NULL }, 351 { SUPPORTED_ATTRIBUTES, "SUPPORTED_ATTRIBUTES", NULL }, 352 { INTERNAL_IP6_SUBNET, "INTERNAL_IP6_SUBNET", NULL }, 353 { XAUTH_TYPE, "XAUTH_TYPE", NULL }, 354 { XAUTH_USER_NAME, "XAUTH_USER_NAME", NULL }, 355 { XAUTH_USER_PASSWORD, "XAUTH_USER_PASSWORD", NULL }, 356 { XAUTH_PASSCODE, "XAUTH_PASSCODE", NULL }, 357 { XAUTH_MESSAGE, "XAUTH_MESSAGE", NULL }, 358 { XAUTH_CHALLENGE, "XAUTH_CHALLENGE", NULL }, 359 { XAUTH_DOMAIN, "XAUTH_DOMAIN", NULL }, 360 { XAUTH_STATUS, "XAUTH_STATUS", NULL }, 361 { XAUTH_NEXT_PIN, "XAUTH_NEXT_PIN", NULL }, 362 { XAUTH_ANSWER, "XAUTH_ANSWER", NULL }, 363 { UNITY_BANNER, "UNITY_BANNER", NULL }, 364 { UNITY_SAVE_PASSWD, "UNITY_SAVE_PASSWD", NULL }, 365 { UNITY_DEF_DOMAIN, "UNITY_DEF_DOMAIN", NULL }, 366 { UNITY_SPLITDNS_NAME, "UNITY_SPLITDNS_NAME", NULL }, 367 { UNITY_SPLIT_INCLUDE, "UNITY_SPLIT_INCLUDE", NULL }, 368 { UNITY_NATT_PORT, "UNITY_NATT_PORT", NULL }, 369 { UNITY_LOCAL_LAN, "UNITY_LOCAL_LAN", NULL }, 370 { UNITY_PFS, "UNITY_PFS", NULL }, 371 { UNITY_FW_TYPE, "UNITY_FW_TYPE", NULL }, 372 { UNITY_BACKUP_SERVERS, "UNITY_BACKUP_SERVERS", NULL }, 373 { UNITY_DDNS_HOSTNAME, "UNITY_DDNS_HOSTNAME", NULL }, 374 }; 375 376 const char * 377 s_isakmp_cfg_type(int k) 378 { 379 int i; 380 for (i = 0; i < ARRAYLEN(name_isakmp_cfg_type); i++) 381 if (name_isakmp_cfg_type[i].key == k) 382 return name_isakmp_cfg_type[i].str; 383 return num2str(k); 384 } 385 386 /* isakmp_cfg.h / isakmp_unity.h / isakmp_xauth.h */ 387 static struct ksmap name_isakmp_cfg_ptype[] = { 388 { ISAKMP_CFG_ACK, "mode config ACK", NULL }, 389 { ISAKMP_CFG_SET, "mode config SET", NULL }, 390 { ISAKMP_CFG_REQUEST, "mode config REQUEST", NULL }, 391 { ISAKMP_CFG_REPLY, "mode config REPLY", NULL }, 392 }; 393 394 const char * 395 s_isakmp_cfg_ptype(int k) 396 { 397 int i; 398 for (i = 0; i < ARRAYLEN(name_isakmp_cfg_ptype); i++) 399 if (name_isakmp_cfg_ptype[i].key == k) 400 return name_isakmp_cfg_ptype[i].str; 401 return num2str(k); 402 } 403 404 #endif 405 406 /* ipsec_doi.h */ 407 static struct ksmap name_ipsecdoi_proto[] = { 408 { IPSECDOI_PROTO_ISAKMP, "ISAKMP", s_ipsecdoi_trns_isakmp }, 409 { IPSECDOI_PROTO_IPSEC_AH, "AH", s_ipsecdoi_trns_ah }, 410 { IPSECDOI_PROTO_IPSEC_ESP, "ESP", s_ipsecdoi_trns_esp }, 411 { IPSECDOI_PROTO_IPCOMP, "IPCOMP", s_ipsecdoi_trns_ipcomp }, 412 }; 413 414 const char * 415 s_ipsecdoi_proto(int k) 416 { 417 int i; 418 for (i = 0; i < ARRAYLEN(name_ipsecdoi_proto); i++) 419 if (name_ipsecdoi_proto[i].key == k) 420 return name_ipsecdoi_proto[i].str; 421 return num2str(k); 422 } 423 424 static struct ksmap name_ipsecdoi_trns_isakmp[] = { 425 { IPSECDOI_KEY_IKE, "IKE", NULL }, 426 }; 427 428 const char * 429 s_ipsecdoi_trns_isakmp(int k) 430 { 431 int i; 432 for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_isakmp); i++) 433 if (name_ipsecdoi_trns_isakmp[i].key == k) 434 return name_ipsecdoi_trns_isakmp[i].str; 435 return num2str(k); 436 } 437 438 static struct ksmap name_ipsecdoi_trns_ah[] = { 439 { IPSECDOI_AH_MD5, "MD5", NULL }, 440 { IPSECDOI_AH_SHA, "SHA", NULL }, 441 { IPSECDOI_AH_DES, "DES", NULL }, 442 { IPSECDOI_AH_SHA256, "SHA256", NULL }, 443 { IPSECDOI_AH_SHA384, "SHA384", NULL }, 444 { IPSECDOI_AH_SHA512, "SHA512", NULL }, 445 }; 446 447 const char * 448 s_ipsecdoi_trns_ah(int k) 449 { 450 int i; 451 for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_ah); i++) 452 if (name_ipsecdoi_trns_ah[i].key == k) 453 return name_ipsecdoi_trns_ah[i].str; 454 return num2str(k); 455 } 456 457 static struct ksmap name_ipsecdoi_trns_esp[] = { 458 { IPSECDOI_ESP_DES_IV64, "DES_IV64", NULL }, 459 { IPSECDOI_ESP_DES, "DES", NULL }, 460 { IPSECDOI_ESP_3DES, "3DES", NULL }, 461 { IPSECDOI_ESP_RC5, "RC5", NULL }, 462 { IPSECDOI_ESP_IDEA, "IDEA", NULL }, 463 { IPSECDOI_ESP_CAST, "CAST", NULL }, 464 { IPSECDOI_ESP_BLOWFISH, "BLOWFISH", NULL }, 465 { IPSECDOI_ESP_3IDEA, "3IDEA", NULL }, 466 { IPSECDOI_ESP_DES_IV32, "DES_IV32", NULL }, 467 { IPSECDOI_ESP_RC4, "RC4", NULL }, 468 { IPSECDOI_ESP_NULL, "NULL", NULL }, 469 { IPSECDOI_ESP_AES, "AES", NULL }, 470 { IPSECDOI_ESP_AESGCM16, "AES_GCM_16", NULL }, 471 { IPSECDOI_ESP_TWOFISH, "TWOFISH", NULL }, 472 { IPSECDOI_ESP_CAMELLIA, "CAMELLIA", NULL }, 473 }; 474 475 const char * 476 s_ipsecdoi_trns_esp(int k) 477 { 478 int i; 479 for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_esp); i++) 480 if (name_ipsecdoi_trns_esp[i].key == k) 481 return name_ipsecdoi_trns_esp[i].str; 482 return num2str(k); 483 } 484 485 static struct ksmap name_ipsecdoi_trns_ipcomp[] = { 486 { IPSECDOI_IPCOMP_OUI, "OUI", NULL}, 487 { IPSECDOI_IPCOMP_DEFLATE, "DEFLATE", NULL}, 488 { IPSECDOI_IPCOMP_LZS, "LZS", NULL}, 489 }; 490 491 const char * 492 s_ipsecdoi_trns_ipcomp(int k) 493 { 494 int i; 495 for (i = 0; i < ARRAYLEN(name_ipsecdoi_trns_ipcomp); i++) 496 if (name_ipsecdoi_trns_ipcomp[i].key == k) 497 return name_ipsecdoi_trns_ipcomp[i].str; 498 return num2str(k); 499 } 500 501 const char * 502 s_ipsecdoi_trns(int proto, int trns) 503 { 504 int i; 505 for (i = 0; i < ARRAYLEN(name_ipsecdoi_proto); i++) 506 if (name_ipsecdoi_proto[i].key == proto 507 && name_ipsecdoi_proto[i].f) 508 return (name_ipsecdoi_proto[i].f)(trns); 509 return num2str(trns); 510 } 511 512 static struct ksmap name_attr_ipsec[] = { 513 { IPSECDOI_ATTR_SA_LD_TYPE, "SA Life Type", s_ipsecdoi_ltype }, 514 { IPSECDOI_ATTR_SA_LD, "SA Life Duration", NULL }, 515 { IPSECDOI_ATTR_GRP_DESC, "Group Description", NULL }, 516 { IPSECDOI_ATTR_ENC_MODE, "Encryption Mode", s_ipsecdoi_encmode }, 517 { IPSECDOI_ATTR_AUTH, "Authentication Algorithm", s_ipsecdoi_auth }, 518 { IPSECDOI_ATTR_KEY_LENGTH, "Key Length", NULL }, 519 { IPSECDOI_ATTR_KEY_ROUNDS, "Key Rounds", NULL }, 520 { IPSECDOI_ATTR_COMP_DICT_SIZE, "Compression Dictionary Size", NULL }, 521 { IPSECDOI_ATTR_COMP_PRIVALG, "Compression Private Algorithm", NULL }, 522 }; 523 524 const char * 525 s_ipsecdoi_attr(int k) 526 { 527 int i; 528 for (i = 0; i < ARRAYLEN(name_attr_ipsec); i++) 529 if (name_attr_ipsec[i].key == k) 530 return name_attr_ipsec[i].str; 531 return num2str(k); 532 } 533 534 static struct ksmap name_attr_ipsec_ltype[] = { 535 { IPSECDOI_ATTR_SA_LD_TYPE_SEC, "seconds", NULL }, 536 { IPSECDOI_ATTR_SA_LD_TYPE_KB, "kilobytes", NULL }, 537 }; 538 539 const char * 540 s_ipsecdoi_ltype(int k) 541 { 542 int i; 543 for (i = 0; i < ARRAYLEN(name_attr_ipsec_ltype); i++) 544 if (name_attr_ipsec_ltype[i].key == k) 545 return name_attr_ipsec_ltype[i].str; 546 return num2str(k); 547 } 548 549 static struct ksmap name_attr_ipsec_encmode[] = { 550 { IPSECDOI_ATTR_ENC_MODE_ANY, "Any", NULL }, 551 { IPSECDOI_ATTR_ENC_MODE_TUNNEL, "Tunnel", NULL }, 552 { IPSECDOI_ATTR_ENC_MODE_TRNS, "Transport", NULL }, 553 { IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_RFC, "UDP-Tunnel", NULL }, 554 { IPSECDOI_ATTR_ENC_MODE_UDPTRNS_RFC, "UDP-Transport", NULL }, 555 { IPSECDOI_ATTR_ENC_MODE_UDPTUNNEL_DRAFT, "UDP-Tunnel", NULL }, 556 { IPSECDOI_ATTR_ENC_MODE_UDPTRNS_DRAFT, "UDP-Transport", NULL }, 557 }; 558 559 const char * 560 s_ipsecdoi_encmode(int k) 561 { 562 int i; 563 for (i = 0; i < ARRAYLEN(name_attr_ipsec_encmode); i++) 564 if (name_attr_ipsec_encmode[i].key == k) 565 return name_attr_ipsec_encmode[i].str; 566 return num2str(k); 567 } 568 569 static struct ksmap name_attr_ipsec_auth[] = { 570 { IPSECDOI_ATTR_AUTH_HMAC_MD5, "hmac-md5", NULL }, 571 { IPSECDOI_ATTR_AUTH_HMAC_SHA1, "hmac-sha", NULL }, 572 { IPSECDOI_ATTR_AUTH_HMAC_SHA2_256, "hmac-sha256", NULL }, 573 { IPSECDOI_ATTR_AUTH_HMAC_SHA2_384, "hmac-sha384", NULL }, 574 { IPSECDOI_ATTR_AUTH_HMAC_SHA2_512, "hmac-sha512", NULL }, 575 { IPSECDOI_ATTR_AUTH_DES_MAC, "des-mac", NULL }, 576 { IPSECDOI_ATTR_AUTH_KPDK, "kpdk", NULL }, 577 { IPSECDOI_ATTR_AUTH_NONE, "non_auth", NULL }, 578 }; 579 580 const char * 581 s_ipsecdoi_auth(int k) 582 { 583 int i; 584 for (i = 0; i < ARRAYLEN(name_attr_ipsec_auth); i++) 585 if (name_attr_ipsec_auth[i].key == k) 586 return name_attr_ipsec_auth[i].str; 587 return num2str(k); 588 } 589 590 const char * 591 s_ipsecdoi_attr_v(int type, int val) 592 { 593 int i; 594 for (i = 0; i < ARRAYLEN(name_attr_ipsec); i++) 595 if (name_attr_ipsec[i].key == type 596 && name_attr_ipsec[i].f) 597 return (name_attr_ipsec[i].f)(val); 598 return num2str(val); 599 } 600 601 static struct ksmap name_ipsecdoi_ident[] = { 602 { IPSECDOI_ID_IPV4_ADDR, "IPv4_address", NULL }, 603 { IPSECDOI_ID_FQDN, "FQDN", NULL }, 604 { IPSECDOI_ID_USER_FQDN, "User_FQDN", NULL }, 605 { IPSECDOI_ID_IPV4_ADDR_SUBNET, "IPv4_subnet", NULL }, 606 { IPSECDOI_ID_IPV6_ADDR, "IPv6_address", NULL }, 607 { IPSECDOI_ID_IPV6_ADDR_SUBNET, "IPv6_subnet", NULL }, 608 { IPSECDOI_ID_IPV4_ADDR_RANGE, "IPv4_address_range", NULL }, 609 { IPSECDOI_ID_IPV6_ADDR_RANGE, "IPv6_address_range", NULL }, 610 { IPSECDOI_ID_DER_ASN1_DN, "DER_ASN1_DN", NULL }, 611 { IPSECDOI_ID_DER_ASN1_GN, "DER_ASN1_GN", NULL }, 612 { IPSECDOI_ID_KEY_ID, "KEY_ID", NULL }, 613 }; 614 615 const char * 616 s_ipsecdoi_ident(int k) 617 { 618 int i; 619 for (i = 0; i < ARRAYLEN(name_ipsecdoi_ident); i++) 620 if (name_ipsecdoi_ident[i].key == k) 621 return name_ipsecdoi_ident[i].str; 622 return num2str(k); 623 } 624 625 /* oakley.h */ 626 static struct ksmap name_oakley_attr[] = { 627 { OAKLEY_ATTR_ENC_ALG, "Encryption Algorithm", s_attr_isakmp_enc }, 628 { OAKLEY_ATTR_HASH_ALG, "Hash Algorithm", s_attr_isakmp_hash }, 629 { OAKLEY_ATTR_AUTH_METHOD, "Authentication Method", s_oakley_attr_method }, 630 { OAKLEY_ATTR_GRP_DESC, "Group Description", s_attr_isakmp_desc }, 631 { OAKLEY_ATTR_GRP_TYPE, "Group Type", s_attr_isakmp_group }, 632 { OAKLEY_ATTR_GRP_PI, "Group Prime/Irreducible Polynomial", NULL }, 633 { OAKLEY_ATTR_GRP_GEN_ONE, "Group Generator One", NULL }, 634 { OAKLEY_ATTR_GRP_GEN_TWO, "Group Generator Two", NULL }, 635 { OAKLEY_ATTR_GRP_CURVE_A, "Group Curve A", NULL }, 636 { OAKLEY_ATTR_GRP_CURVE_B, "Group Curve B", NULL }, 637 { OAKLEY_ATTR_SA_LD_TYPE, "Life Type", s_attr_isakmp_ltype }, 638 { OAKLEY_ATTR_SA_LD, "Life Duration", NULL }, 639 { OAKLEY_ATTR_PRF, "PRF", NULL }, 640 { OAKLEY_ATTR_KEY_LEN, "Key Length", NULL }, 641 { OAKLEY_ATTR_FIELD_SIZE, "Field Size", NULL }, 642 { OAKLEY_ATTR_GRP_ORDER, "Group Order", NULL }, 643 { OAKLEY_ATTR_BLOCK_SIZE, "Block Size", NULL }, 644 { OAKLEY_ATTR_GSS_ID, "GSS-API endpoint name",NULL }, 645 }; 646 647 const char * 648 s_oakley_attr(int k) 649 { 650 int i; 651 for (i = 0; i < ARRAYLEN(name_oakley_attr); i++) 652 if (name_oakley_attr[i].key == k) 653 return name_oakley_attr[i].str; 654 return num2str(k); 655 } 656 657 static struct ksmap name_attr_isakmp_enc[] = { 658 { OAKLEY_ATTR_ENC_ALG_DES, "DES-CBC", NULL }, 659 { OAKLEY_ATTR_ENC_ALG_IDEA, "IDEA-CBC", NULL }, 660 { OAKLEY_ATTR_ENC_ALG_BLOWFISH, "Blowfish-CBC", NULL }, 661 { OAKLEY_ATTR_ENC_ALG_RC5, "RC5-R16-B64-CBC", NULL }, 662 { OAKLEY_ATTR_ENC_ALG_3DES, "3DES-CBC", NULL }, 663 { OAKLEY_ATTR_ENC_ALG_CAST, "CAST-CBC", NULL }, 664 { OAKLEY_ATTR_ENC_ALG_AES, "AES-CBC", NULL }, 665 }; 666 667 const char * 668 s_attr_isakmp_enc(int k) 669 { 670 int i; 671 for (i = 0; i < ARRAYLEN(name_attr_isakmp_enc); i++) 672 if (name_attr_isakmp_enc[i].key == k) 673 return name_attr_isakmp_enc[i].str; 674 return num2str(k); 675 } 676 677 static struct ksmap name_attr_isakmp_hash[] = { 678 { OAKLEY_ATTR_HASH_ALG_MD5, "MD5", NULL }, 679 { OAKLEY_ATTR_HASH_ALG_SHA, "SHA", NULL }, 680 { OAKLEY_ATTR_HASH_ALG_TIGER, "Tiger", NULL }, 681 { OAKLEY_ATTR_HASH_ALG_SHA2_256,"SHA256", NULL }, 682 { OAKLEY_ATTR_HASH_ALG_SHA2_384,"SHA384", NULL }, 683 { OAKLEY_ATTR_HASH_ALG_SHA2_512,"SHA512", NULL }, 684 }; 685 686 const char * 687 s_attr_isakmp_hash(int k) 688 { 689 int i; 690 for (i = 0; i < ARRAYLEN(name_attr_isakmp_hash); i++) 691 if (name_attr_isakmp_hash[i].key == k) 692 return name_attr_isakmp_hash[i].str; 693 return num2str(k); 694 } 695 696 static struct ksmap name_attr_isakmp_method[] = { 697 { OAKLEY_ATTR_AUTH_METHOD_PSKEY, "pre-shared key", NULL }, 698 { OAKLEY_ATTR_AUTH_METHOD_DSSSIG, "DSS signatures", NULL }, 699 { OAKLEY_ATTR_AUTH_METHOD_RSASIG, "RSA signatures", NULL }, 700 { OAKLEY_ATTR_AUTH_METHOD_RSAENC, "Encryption with RSA", NULL }, 701 { OAKLEY_ATTR_AUTH_METHOD_RSAREV, "Revised encryption with RSA", NULL }, 702 { OAKLEY_ATTR_AUTH_METHOD_EGENC, "Encryption with El-Gamal", NULL }, 703 { OAKLEY_ATTR_AUTH_METHOD_EGREV, "Revised encryption with El-Gamal", NULL }, 704 #ifdef HAVE_GSSAPI 705 { OAKLEY_ATTR_AUTH_METHOD_GSSAPI_KRB, "GSS-API on Kerberos 5", NULL }, 706 #endif 707 #ifdef ENABLE_HYBRID 708 { OAKLEY_ATTR_AUTH_METHOD_HYBRID_DSS_R, "Hybrid DSS server", NULL }, 709 { OAKLEY_ATTR_AUTH_METHOD_HYBRID_RSA_R, "Hybrid RSA server", NULL }, 710 { OAKLEY_ATTR_AUTH_METHOD_HYBRID_DSS_I, "Hybrid DSS client", NULL }, 711 { OAKLEY_ATTR_AUTH_METHOD_HYBRID_RSA_I, "Hybrid RSA client", NULL }, 712 { OAKLEY_ATTR_AUTH_METHOD_XAUTH_PSKEY_I, "XAuth pskey client", NULL }, 713 { OAKLEY_ATTR_AUTH_METHOD_XAUTH_PSKEY_R, "XAuth pskey server", NULL }, 714 { OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSASIG_I, "XAuth RSASIG client", NULL }, 715 { OAKLEY_ATTR_AUTH_METHOD_XAUTH_RSASIG_R, "XAuth RSASIG server", NULL }, 716 #endif 717 }; 718 719 const char * 720 s_oakley_attr_method(int k) 721 { 722 int i; 723 for (i = 0; i < ARRAYLEN(name_attr_isakmp_method); i++) 724 if (name_attr_isakmp_method[i].key == k) 725 return name_attr_isakmp_method[i].str; 726 return num2str(k); 727 } 728 729 static struct ksmap name_attr_isakmp_desc[] = { 730 { OAKLEY_ATTR_GRP_DESC_MODP768, "768-bit MODP group", NULL }, 731 { OAKLEY_ATTR_GRP_DESC_MODP1024, "1024-bit MODP group", NULL }, 732 { OAKLEY_ATTR_GRP_DESC_EC2N155, "EC2N group on GP[2^155]", NULL }, 733 { OAKLEY_ATTR_GRP_DESC_EC2N185, "EC2N group on GP[2^185]", NULL }, 734 { OAKLEY_ATTR_GRP_DESC_MODP1536, "1536-bit MODP group", NULL }, 735 { OAKLEY_ATTR_GRP_DESC_MODP2048, "2048-bit MODP group", NULL }, 736 { OAKLEY_ATTR_GRP_DESC_MODP3072, "3072-bit MODP group", NULL }, 737 { OAKLEY_ATTR_GRP_DESC_MODP4096, "4096-bit MODP group", NULL }, 738 { OAKLEY_ATTR_GRP_DESC_MODP6144, "6144-bit MODP group", NULL }, 739 { OAKLEY_ATTR_GRP_DESC_MODP8192, "8192-bit MODP group", NULL }, 740 }; 741 742 const char * 743 s_attr_isakmp_desc(int k) 744 { 745 int i; 746 for (i = 0; i < ARRAYLEN(name_attr_isakmp_desc); i++) 747 if (name_attr_isakmp_desc[i].key == k) 748 return name_attr_isakmp_desc[i].str; 749 return num2str(k); 750 } 751 752 static struct ksmap name_attr_isakmp_group[] = { 753 { OAKLEY_ATTR_GRP_TYPE_MODP, "MODP", NULL }, 754 { OAKLEY_ATTR_GRP_TYPE_ECP, "ECP", NULL }, 755 { OAKLEY_ATTR_GRP_TYPE_EC2N, "EC2N", NULL }, 756 }; 757 758 const char * 759 s_attr_isakmp_group(int k) 760 { 761 int i; 762 for (i = 0; i < ARRAYLEN(name_attr_isakmp_group); i++) 763 if (name_attr_isakmp_group[i].key == k) 764 return name_attr_isakmp_group[i].str; 765 return num2str(k); 766 } 767 768 static struct ksmap name_attr_isakmp_ltype[] = { 769 { OAKLEY_ATTR_SA_LD_TYPE_SEC, "seconds", NULL }, 770 { OAKLEY_ATTR_SA_LD_TYPE_KB, "kilobytes", NULL }, 771 }; 772 773 const char * 774 s_attr_isakmp_ltype(int k) 775 { 776 int i; 777 for (i = 0; i < ARRAYLEN(name_attr_isakmp_ltype); i++) 778 if (name_attr_isakmp_ltype[i].key == k) 779 return name_attr_isakmp_ltype[i].str; 780 return num2str(k); 781 } 782 783 const char * 784 s_oakley_attr_v(int type, int val) 785 { 786 int i; 787 for (i = 0; i < ARRAYLEN(name_oakley_attr); i++) 788 if (name_oakley_attr[i].key == type 789 && name_oakley_attr[i].f) 790 return (name_oakley_attr[i].f)(val); 791 return num2str(val); 792 } 793 794 static struct ksmap name_ipsec_level[] = { 795 { IPSEC_LEVEL_USE, "use", NULL }, 796 { IPSEC_LEVEL_REQUIRE, "require", NULL }, 797 { IPSEC_LEVEL_UNIQUE, "unique", NULL }, 798 }; 799 800 const char * 801 s_ipsec_level(int k) 802 { 803 int i; 804 for (i = 0; i < ARRAYLEN(name_ipsec_level); i++) 805 if (name_ipsec_level[i].key == k) 806 return name_ipsec_level[i].str; 807 return num2str(k); 808 } 809 810 static struct ksmap name_algclass[] = { 811 { algclass_ipsec_enc, "ipsec enc", s_ipsecdoi_trns_esp }, 812 { algclass_ipsec_auth, "ipsec auth", s_ipsecdoi_trns_ah }, 813 { algclass_ipsec_comp, "ipsec comp", s_ipsecdoi_trns_ipcomp }, 814 { algclass_isakmp_enc, "isakmp enc", s_attr_isakmp_enc }, 815 { algclass_isakmp_hash, "isakmp hash", s_attr_isakmp_hash }, 816 { algclass_isakmp_dh, "isakmp dh", s_attr_isakmp_desc }, 817 { algclass_isakmp_ameth, "isakmp auth method", s_oakley_attr_method }, 818 }; 819 820 const char * 821 s_algclass(int k) 822 { 823 int i; 824 for (i = 0; i < ARRAYLEN(name_algclass); i++) 825 if (name_algclass[i].key == k) 826 return name_algclass[i].str; 827 return num2str(k); 828 } 829 830 const char * 831 s_algtype(int class, int n) 832 { 833 int i; 834 for (i = 0; i < ARRAYLEN(name_algclass); i++) 835 if (name_algclass[i].key == class 836 && name_algclass[i].f) 837 return (name_algclass[i].f)(n); 838 return num2str(n); 839 } 840 841 /* pfkey.h */ 842 static struct ksmap name_pfkey_type[] = { 843 { SADB_GETSPI, "GETSPI", NULL }, 844 { SADB_UPDATE, "UPDATE", NULL }, 845 { SADB_ADD, "ADD", NULL }, 846 { SADB_DELETE, "DELETE", NULL }, 847 { SADB_GET, "GET", NULL }, 848 { SADB_ACQUIRE, "ACQUIRE", NULL }, 849 { SADB_REGISTER, "REGISTER", NULL }, 850 { SADB_EXPIRE, "EXPIRE", NULL }, 851 { SADB_FLUSH, "FLUSH", NULL }, 852 { SADB_DUMP, "DUMP", NULL }, 853 { SADB_X_PROMISC, "X_PROMISC", NULL }, 854 { SADB_X_PCHANGE, "X_PCHANGE", NULL }, 855 { SADB_X_SPDUPDATE, "X_SPDUPDATE", NULL }, 856 { SADB_X_SPDADD, "X_SPDADD", NULL }, 857 { SADB_X_SPDDELETE, "X_SPDDELETE", NULL }, 858 { SADB_X_SPDGET, "X_SPDGET", NULL }, 859 { SADB_X_SPDACQUIRE, "X_SPDACQUIRE", NULL }, 860 { SADB_X_SPDDUMP, "X_SPDDUMP", NULL }, 861 { SADB_X_SPDFLUSH, "X_SPDFLUSH", NULL }, 862 { SADB_X_SPDSETIDX, "X_SPDSETIDX", NULL }, 863 { SADB_X_SPDEXPIRE, "X_SPDEXPIRE", NULL }, 864 { SADB_X_SPDDELETE2, "X_SPDDELETE2", NULL }, 865 #ifdef SADB_X_NAT_T_NEW_MAPPING 866 { SADB_X_NAT_T_NEW_MAPPING, "X_NAT_T_NEW_MAPPING", NULL }, 867 #endif 868 #ifdef SADB_X_MIGRATE 869 { SADB_X_MIGRATE, "X_MIGRATE", NULL }, 870 #endif 871 }; 872 873 const char * 874 s_pfkey_type(int k) 875 { 876 int i; 877 for (i = 0; i < ARRAYLEN(name_pfkey_type); i++) 878 if (name_pfkey_type[i].key == k) 879 return name_pfkey_type[i].str; 880 return num2str(k); 881 } 882 883 static struct ksmap name_pfkey_satype[] = { 884 { SADB_SATYPE_UNSPEC, "UNSPEC", NULL }, 885 { SADB_SATYPE_AH, "AH", NULL }, 886 { SADB_SATYPE_ESP, "ESP", NULL }, 887 { SADB_SATYPE_RSVP, "RSVP", NULL }, 888 { SADB_SATYPE_OSPFV2, "OSPFV2", NULL }, 889 { SADB_SATYPE_RIPV2, "RIPV2", NULL }, 890 { SADB_SATYPE_MIP, "MIP", NULL }, 891 { SADB_X_SATYPE_IPCOMP, "IPCOMP", NULL }, 892 }; 893 894 const char * 895 s_pfkey_satype(int k) 896 { 897 int i; 898 for (i = 0; i < ARRAYLEN(name_pfkey_satype); i++) 899 if (name_pfkey_satype[i].key == k) 900 return name_pfkey_satype[i].str; 901 return num2str(k); 902 } 903 904 static struct ksmap name_direction[] = { 905 { IPSEC_DIR_INBOUND, "in", NULL }, 906 { IPSEC_DIR_OUTBOUND, "out", NULL }, 907 #ifdef HAVE_POLICY_FWD 908 { IPSEC_DIR_FWD, "fwd", NULL }, 909 #endif 910 }; 911 912 const char * 913 s_direction(int k) 914 { 915 int i; 916 for (i = 0; i < ARRAYLEN(name_direction); i++) 917 if (name_direction[i].key == k) 918 return name_direction[i].str; 919 return num2str(k); 920 } 921 922 const char * 923 s_proto(int k) 924 { 925 switch (k) { 926 case IPPROTO_ICMP: 927 return "icmp"; 928 case IPPROTO_TCP: 929 return "tcp"; 930 case IPPROTO_UDP: 931 return "udp"; 932 case IPPROTO_ICMPV6: 933 return "icmpv6"; 934 case IPSEC_ULPROTO_ANY: 935 return "any"; 936 } 937 938 return num2str(k); 939 } 940 941 const char * 942 s_doi(int k) 943 { 944 switch (k) { 945 case IPSEC_DOI: 946 return "ipsec_doi"; 947 default: 948 return num2str(k); 949 } 950 } 951 952 const char * 953 s_etype(int k) 954 { 955 switch (k) { 956 case ISAKMP_ETYPE_NONE: 957 return "_none"; 958 case ISAKMP_ETYPE_BASE: 959 return "base"; 960 case ISAKMP_ETYPE_IDENT: 961 return "main"; 962 case ISAKMP_ETYPE_AUTH: 963 return "_auth"; 964 case ISAKMP_ETYPE_AGG: 965 return "aggressive"; 966 case ISAKMP_ETYPE_INFO: 967 return "_info"; 968 case ISAKMP_ETYPE_QUICK: 969 return "_quick"; 970 case ISAKMP_ETYPE_NEWGRP: 971 return "_newgrp"; 972 case ISAKMP_ETYPE_ACKINFO: 973 return "_ackinfo"; 974 default: 975 return num2str(k); 976 } 977 } 978 979 const char * 980 s_idtype(int k) 981 { 982 switch (k) { 983 case IDTYPE_FQDN: 984 return "fqdn"; 985 case IDTYPE_USERFQDN: 986 return "user_fqdn"; 987 case IDTYPE_KEYID: 988 return "keyid"; 989 case IDTYPE_ADDRESS: 990 return "address"; 991 case IDTYPE_ASN1DN: 992 return "asn1dn"; 993 default: 994 return num2str(k); 995 } 996 } 997 998 const char * 999 s_switch(int k) 1000 { 1001 switch (k) { 1002 case FALSE: 1003 return "off"; 1004 case TRUE: 1005 return "on"; 1006 default: 1007 return num2str(k); 1008 } 1009 } 1010
Indexes created Tue May 26 00:24:38 UTC 2026