On Fri, Jul 28, 2023 at 12:06:54PM +0200, Claudio Jeker wrote:
> As suggested by tb@ add print_hexbuf() to hexdump an ibuf.
> Use this in place where a full ibuf is dumped. In some cases
> print_hex() is still used because the length is not the full
> ibuf or an offset is used.
>
> --
> :wq Claudio
ok tobhe@
>
> Index: iked.h
> ===================================================================
> RCS file: /cvs/src/sbin/iked/iked.h,v
> retrieving revision 1.222
> diff -u -p -r1.222 iked.h
> --- iked.h 18 Jul 2023 15:07:41 -0000 1.222
> +++ iked.h 28 Jul 2023 09:59:30 -0000
> @@ -1242,6 +1242,7 @@ const char *
> void lc_idtype(char *);
> void print_hex(const uint8_t *, off_t, size_t);
> void print_hexval(const uint8_t *, off_t, size_t);
> +void print_hexbuf(struct ibuf *);
> const char *
> print_bits(unsigned short, unsigned char *);
> int sockaddr_cmp(struct sockaddr *, struct sockaddr *, int);
> Index: ikev2.c
> ===================================================================
> RCS file: /cvs/src/sbin/iked/ikev2.c,v
> retrieving revision 1.375
> diff -u -p -r1.375 ikev2.c
> --- ikev2.c 28 Jul 2023 07:31:38 -0000 1.375
> +++ ikev2.c 28 Jul 2023 10:00:48 -0000
> @@ -1443,7 +1443,7 @@ ikev2_init_ike_sa_peer(struct iked *env,
>
> log_debug("%s: added cookie, len %zu", __func__,
> ibuf_size(cookie));
> - print_hex(ibuf_data(cookie), 0, ibuf_size(cookie));
> + print_hexbuf(cookie);
>
> if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_SA) == -1)
> goto done;
> @@ -5738,7 +5738,7 @@ ikev2_sa_keys(struct iked *env, struct i
>
> log_debug("%s: DHSECRET with %zu bytes", SPI_SA(sa, __func__),
> ibuf_length(dhsecret));
> - print_hex(ibuf_data(dhsecret), 0, ibuf_length(dhsecret));
> + print_hexbuf(dhsecret);
>
> if (!key) {
> /*
> @@ -5810,7 +5810,7 @@ ikev2_sa_keys(struct iked *env, struct i
> }
>
> log_debug("%s: S with %zu bytes", SPI_SA(sa, __func__), ibuf_length(s));
> - print_hex(ibuf_data(s), 0, ibuf_length(s));
> + print_hexbuf(s);
>
> /*
> * Get the size of the key material we need and the number
> @@ -5850,31 +5850,27 @@ ikev2_sa_keys(struct iked *env, struct i
>
> log_debug("%s: SK_d with %zu bytes", __func__,
> ibuf_length(sa->sa_key_d));
> - print_hex(ibuf_data(sa->sa_key_d), 0, ibuf_length(sa->sa_key_d));
> + print_hexbuf(sa->sa_key_d);
> if (!isaead) {
> log_debug("%s: SK_ai with %zu bytes", __func__,
> ibuf_length(sa->sa_key_iauth));
> - print_hex(ibuf_data(sa->sa_key_iauth), 0,
> - ibuf_length(sa->sa_key_iauth));
> + print_hexbuf(sa->sa_key_iauth);
> log_debug("%s: SK_ar with %zu bytes", __func__,
> ibuf_length(sa->sa_key_rauth));
> - print_hex(ibuf_data(sa->sa_key_rauth), 0,
> - ibuf_length(sa->sa_key_rauth));
> + print_hexbuf(sa->sa_key_rauth);
> }
> log_debug("%s: SK_ei with %zu bytes", __func__,
> ibuf_length(sa->sa_key_iencr));
> - print_hex(ibuf_data(sa->sa_key_iencr), 0,
> - ibuf_length(sa->sa_key_iencr));
> + print_hexbuf(sa->sa_key_iencr);
> log_debug("%s: SK_er with %zu bytes", __func__,
> ibuf_length(sa->sa_key_rencr));
> - print_hex(ibuf_data(sa->sa_key_rencr), 0,
> - ibuf_length(sa->sa_key_rencr));
> + print_hexbuf(sa->sa_key_rencr);
> log_debug("%s: SK_pi with %zu bytes", __func__,
> ibuf_length(sa->sa_key_iprf));
> - print_hex(ibuf_data(sa->sa_key_iprf), 0, ibuf_length(sa->sa_key_iprf));
> + print_hexbuf(sa->sa_key_iprf);
> log_debug("%s: SK_pr with %zu bytes", __func__,
> ibuf_length(sa->sa_key_rprf));
> - print_hex(ibuf_data(sa->sa_key_rprf), 0, ibuf_length(sa->sa_key_rprf));
> + print_hexbuf(sa->sa_key_rprf);
>
> ret = 0;
>
> @@ -5954,11 +5950,11 @@ ikev2_prfplus(struct iked_hash *prf, str
>
> log_debug("%s: T%d with %zu bytes", __func__,
> pad, ibuf_length(t1));
> - print_hex(ibuf_data(t1), 0, ibuf_length(t1));
> + print_hexbuf(t1);
> }
>
> log_debug("%s: Tn with %zu bytes", __func__, ibuf_length(t));
> - print_hex(ibuf_data(t), 0, ibuf_length(t));
> + print_hexbuf(t);
>
> ibuf_free(t1);
>
> Index: ikev2_msg.c
> ===================================================================
> RCS file: /cvs/src/sbin/iked/ikev2_msg.c,v
> retrieving revision 1.98
> diff -u -p -r1.98 ikev2_msg.c
> --- ikev2_msg.c 28 Jul 2023 07:31:38 -0000 1.98
> +++ ikev2_msg.c 28 Jul 2023 10:01:22 -0000
> @@ -446,7 +446,7 @@ ikev2_msg_encrypt(struct iked *env, stru
> goto done;
>
> log_debug("%s: padded length %zu", __func__, ibuf_size(src));
> - print_hex(ibuf_data(src), 0, ibuf_size(src));
> + print_hexbuf(src);
>
> cipher_setkey(sa->sa_encr, ibuf_data(encr), ibuf_length(encr));
> cipher_setiv(sa->sa_encr, NULL, 0); /* XXX ivlen */
> @@ -489,7 +489,7 @@ ikev2_msg_encrypt(struct iked *env, stru
>
> log_debug("%s: length %zu, padding %d, output length %zu",
> __func__, len + sizeof(pad), pad, ibuf_size(dst));
> - print_hex(ibuf_data(dst), 0, ibuf_size(dst));
> + print_hexbuf(dst);
>
> ibuf_free(src);
> ibuf_free(out);
> @@ -510,7 +510,7 @@ ikev2_msg_integr(struct iked *env, struc
> uint8_t *ptr;
>
> log_debug("%s: message length %zu", __func__, ibuf_size(src));
> - print_hex(ibuf_data(src), 0, ibuf_size(src));
> + print_hexbuf(src);
>
> if (sa == NULL ||
> sa->sa_encr == NULL ||
> @@ -557,7 +557,7 @@ ikev2_msg_integr(struct iked *env, struc
> goto done;
> memcpy(ptr, ibuf_data(tmp), integrlen);
>
> - print_hex(ibuf_data(tmp), 0, ibuf_size(tmp));
> + print_hexbuf(tmp);
>
> ret = 0;
> done:
> @@ -580,7 +580,7 @@ ikev2_msg_decrypt(struct iked *env, stru
> sa->sa_encr == NULL ||
> sa->sa_integr == NULL) {
> log_debug("%s: invalid SA", __func__);
> - print_hex(ibuf_data(src), 0, ibuf_size(src));
> + print_hexbuf(src);
> goto done;
> }
>
> @@ -699,7 +699,7 @@ ikev2_msg_decrypt(struct iked *env, stru
>
> log_debug("%s: decrypted payload length %zd/%zd padding %d",
> __func__, outlen, encrlen, pad);
> - print_hex(ibuf_data(out), 0, ibuf_size(out));
> + print_hexbuf(out);
>
> /* Strip padding and padding length */
> if (ibuf_setsize(out, outlen - pad - 1) != 0)
> @@ -900,7 +900,7 @@ ikev2_send_encrypted_fragments(struct ik
> log_debug("%s: Fragment %zu of %zu has size of %zu bytes.",
> __func__, frag_num, frag_total,
> ibuf_size(buf) - sizeof(*hdr));
> - print_hex(ibuf_data(buf), 0, ibuf_size(buf));
> + print_hexbuf(buf);
>
> resp.msg_data = buf;
> resp.msg_sa = sa;
> @@ -986,7 +986,7 @@ ikev2_msg_auth(struct iked *env, struct
> log_debug("%s: %s auth data length %zu",
> __func__, response ? "responder" : "initiator",
> ibuf_size(authmsg));
> - print_hex(ibuf_data(authmsg), 0, ibuf_size(authmsg));
> + print_hexbuf(authmsg);
>
> return (authmsg);
>
> Index: util.c
> ===================================================================
> RCS file: /cvs/src/sbin/iked/util.c,v
> retrieving revision 1.42
> diff -u -p -r1.42 util.c
> --- util.c 16 Jun 2023 10:28:43 -0000 1.42
> +++ util.c 28 Jul 2023 09:59:12 -0000
> @@ -499,6 +499,12 @@ print_hexval(const uint8_t *buf, off_t o
> print_debug("\n");
> }
>
> +void
> +print_hexbuf(struct ibuf *ibuf)
> +{
> + print_hex(ibuf_data(ibuf), 0, ibuf_size(ibuf));
> +}
> +
> const char *
> print_bits(unsigned short v, unsigned char *bits)
> {
>
