/* ipsec_logger_util.c - ipsec logger utility routines. *//*  * Copyright (c) 2004-2006 Wind River Systems, Inc.  *  * The right to copy, distribute, modify or otherwise make use  * of this software may be licensed only pursuant to the terms  * of an applicable Wind River license agreement.  *//*modification history--------------------01l,12jan06,djp  removed rwos dependencies01k,28nov05,djp  replace WRN_INET with WRSEC_INET01j,25oct05,djp  Added TRAFFIC_INFO_PROTOCOL_GET macro01i,12may05,djp  Added NULL ptr checks where needed01h,07apr05,djp  Incorporated VxWorks 6.x capabilities01g,08Mar05,djp  Reworked SA bundle to deal with NULL addresses in SA_BUNDLEs01f,08sep04,djp  Reworked SA Bundle log to ensure valid content01e,19aug04,ps  dont blindly follow p_reflected_address pointer.01d,19aug04,ps  merge from fbs; pointer checks01c,15jun04,rlm  Added #include <limits.h> -- required with new CCI libs.01b,27may04,jfb  Renamed IPSEC_LOGGER_ENABLE to INCLUDE_LOGGING_IPSEC01a,26may04,jfb Initial version*//*DESCRIPTION*/#include <vxWorks.h>#include <stdio.h>#include <socket.h>#include <limits.h>#include <netinet/in.h>#include <wrn/ipsec/ipsecLogger.h>#include "../common/wrSecInetAddr.h"#include "../sadb/sadbP.h"#include "../sadb/sadb_if.h"#include "ipsecP.h"#include "ipsec_logger.h"#include "ipsec_logger_util.h"#include "ipsec_print_routines.h"#ifdef INCLUDE_LOGGING_IPSEC/***********************************************************************************/void ipsecEventLogFromNetworkTrafficInfo    (    VI_NETWORK_TRAFFIC_INFO* pTrafficInfo,    void* pEventData,    IPSEC_LOG_EVENT_ID eventId,    IPSEC_LOG_REASON reasonId    )    {    u_char saFamily;      /* one of AF_INET or AF_INET6 (for IPv4 or IPv6 respectively) */    UCHAR *pSrcIPAddr;     /* source IP address byte array */    UCHAR *pDstIPAddr;     /* dest IP address byte array */    unsigned int srcPort; /* source port number associated with the event */    unsigned int dstPort; /* dest port number associated with the event */    int protocol;         /* protocol associated with the event */    int spi; /* security parameter index associated with the event.  This is included to comply with                IPSec/IKE Internet Draft and RFC recommendations regarding auditable events */    /* Ensure the provided traffic info is valid and return if not. */    if (pTrafficInfo == NULL)        {        ipsec_printf(IPSEC_WARNING_PRINTF,                     "IPSEC Warning: %s(): NULL trafficInfo attempting to log network traffic event\n",                     __FUNCTION__);        return;        }    protocol = TRAFFIC_INFO_PROTOCOL_GET(pTrafficInfo);#if (STACK_NAME == STACK_NAME_V4_V6) && defined (INET6)    if (pTrafficInfo->type == WRSEC_PF_INET6)        {        saFamily = AF_INET6;        pSrcIPAddr = ((V6_NETWORK_TRAFFIC_INFO *)pTrafficInfo)->selector.source_address.data._ba16;        pDstIPAddr = ((V6_NETWORK_TRAFFIC_INFO *)pTrafficInfo)->selector.destination_address.data._ba16;        srcPort = ((V6_NETWORK_TRAFFIC_INFO *)pTrafficInfo)->selector.vi_data.proto_info.port.source;        dstPort = ((V6_NETWORK_TRAFFIC_INFO *)pTrafficInfo)->selector.vi_data.proto_info.port.destination;        spi = ((V6_NETWORK_TRAFFIC_INFO *)pTrafficInfo)->selector.vi_data.proto_info.spi;        }    else    #endif        {        saFamily = AF_INET;        pSrcIPAddr = ((V4_NETWORK_TRAFFIC_INFO *)pTrafficInfo)->selector.source_address.data._ba4;        pDstIPAddr = ((V4_NETWORK_TRAFFIC_INFO *)pTrafficInfo)->selector.destination_address.data._ba4;        srcPort = ((V4_NETWORK_TRAFFIC_INFO *)pTrafficInfo)->selector.vi_data.proto_info.port.source;        dstPort = ((V4_NETWORK_TRAFFIC_INFO *)pTrafficInfo)->selector.vi_data.proto_info.port.destination;        spi = ((V4_NETWORK_TRAFFIC_INFO *)pTrafficInfo)->selector.vi_data.proto_info.spi;        }    ipsecLoggerInvokeCallback(saFamily, pSrcIPAddr, pDstIPAddr, srcPort,                               dstPort, protocol, spi, pEventData, eventId,                               reasonId);    }/***********************************************************************************/void ipsecEventLogFromSABundle    (    SA_BUNDLE *pBundle,    void *pEventData,    IPSEC_LOG_EVENT_ID eventId,    SA_SPEC_RET_TYPES saSpecType    )    {    u_char saFamily = AF_INET;        /* one of AF_INET or AF_INET6 (for IPv4 or IPv6 respectively) */    UCHAR *pSrcIPAddr = NULL;          /* source IP address byte array */    UCHAR *pDstIPAddr = NULL;          /* dest IP address byte array */    unsigned int srcPort;   /* source port number associated with the event */    unsigned int dstPort;   /* dest port number associated with the event */    int protocol;           /* protocol associated with the event */    int spi;                /* security parameter index associated with the event.  This is included to comply with                               IPSec/IKE Internet Draft and RFC recommendations regarding auditable events */    IPSEC_LOG_REASON reasonId;    /* Ensure the provided bundle is valid and return if not. */    if (pBundle == NULL)        {        ipsec_printf(IPSEC_WARNING_PRINTF,                     "IPSEC Warning: %s(): NULL bundle attempting to log SA Bundle event\n",                     __FUNCTION__);        return;        }    if (pBundle->p_reflected_address != NULL)        {        /* SA Family */#if (STACK_NAME == STACK_NAME_V4_V6) && defined (INET6)        if (pBundle->p_reflected_address->type == WRSEC_AF_INET6)            {            saFamily = AF_INET6;            }        /* IP addresses */        if (saFamily == AF_INET6)            {            pSrcIPAddr = ((WRSEC_INET6_ADDR *)pBundle->p_reflected_address)->data._ba16;                        if (pBundle->p_destination_address != NULL)                {                pDstIPAddr = ((WRSEC_INET6_ADDR *)pBundle->p_destination_address)->data._ba16;                }            }        else#endif            {            pSrcIPAddr = ((WRSEC_INET4_ADDR *)pBundle->p_reflected_address)->data._ba4;            if (pBundle->p_destination_address != NULL)                {                pDstIPAddr = ((WRSEC_INET4_ADDR *)pBundle->p_destination_address)->data._ba4;                }            }        }    /* No ports available */    srcPort = UNDEFINED_PORT;    dstPort = UNDEFINED_PORT;    /* Protocol */    protocol = (int)pBundle->reflected_sa_protocol; /* enum of IP_TRANSPORT_PROTOCOL */    /* SPI */    spi = pBundle->reflected_sa_handle_spi;    /* Reason  (Convert from SA_SPEC_RET_TYPES to IPSEC_LOG_REASON) */    switch (saSpecType)        {        case ESP_DECRYPTION_ERROR:            reasonId = DECRYPTION_ERROR;            break;        case AH_AUTHENTICATION_ERROR:        case ESP_AUTHENTICATION_ERROR:            reasonId = AUTHENTICATION_ERROR;            break;        case AH_SEQUENCE_ERROR:        case ESP_SEQUENCE_ERROR:            reasonId = REPLAY_ERROR;            break;        default:            reasonId = UNDEFINED_REASON;            break;        }    ipsecLoggerInvokeCallback(saFamily, pSrcIPAddr, pDstIPAddr, srcPort,                               dstPort, protocol, spi, pEventData, eventId,                              reasonId);    }/***********************************************************************************/void ipsecEventLogFromIPMessage    (    IP_VI_MESSAGE *pIPmessage,    void *pEventData,    IPSEC_LOG_EVENT_ID eventId,    IPSEC_LOG_REASON reasonId    )    {    u_char saFamily;      /* one of AF_INET or AF_INET6 (for IPv4 or IPv6 respectively) */    UCHAR *pSrcIPAddr;     /* source IP address byte array */    UCHAR *pDstIPAddr;     /* dest IP address byte array */    unsigned int srcPort; /* source port number associated with the event */    unsigned int dstPort; /* dest port number associated with the event */    int protocol;         /* protocol associated with the event */    int spi; /* security parameter index associated with the event.  This is included to comply with                IPSec/IKE Internet Draft and RFC recommendations regarding auditable events */    /* Ensure the provided msg is valid and return if not. */    if (pIPmessage == NULL)        {        ipsec_printf(IPSEC_WARNING_PRINTF,                     "IPSEC Warning: %s(): NULL IP message attempting to log IP message event\n",                     __FUNCTION__);        return;        }    #if (STACK_NAME == STACK_NAME_V4_V6) && defined (INET6)    if (pIPmessage->version == IP_V6)        {        saFamily = AF_INET6;        pSrcIPAddr = ((IP_V6_MESSAGE *)pIPmessage)->source_address.data._ba16;        pDstIPAddr = ((IP_V6_MESSAGE *)pIPmessage)->destination_address.data._ba16;        /* No ports available */        srcPort = UNDEFINED_PORT;        dstPort = UNDEFINED_PORT;        protocol = ((IP_V6_MESSAGE *)pIPmessage)->transport_protocol; /* enum of IP_TRANSPORT_PROTOCOL */        /* No SPI available */        spi = UNDEFINED_SPI;        }    else    #endif        {        saFamily = AF_INET;        pSrcIPAddr = ((IP_V4_MESSAGE *)pIPmessage)->source_address.data._ba4;        pDstIPAddr = ((IP_V4_MESSAGE *)pIPmessage)->destination_address.data._ba4;        /* No ports available */        srcPort = UNDEFINED_PORT;        dstPort = UNDEFINED_PORT;        protocol = ((IP_V4_MESSAGE *)pIPmessage)->transport_protocol; /* enum of IP_TRANSPORT_PROTOCOL */        /* No SPI available */        spi = UNDEFINED_SPI;        }    ipsecLoggerInvokeCallback(saFamily, pSrcIPAddr, pDstIPAddr, srcPort,                               dstPort, protocol, spi, pEventData, eventId,                              reasonId);    }#endif /* INCLUDE_LOGGING_IPSEC */