XAUTH support
[strongswan.git] / src / pluto / constants.c
1 /* tables of names for values defined in constants.h
2 * Copyright (C) 1998-2002 D. Hugh Redelmeier.
3 *
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms of the GNU General Public License as published by the
6 * Free Software Foundation; either version 2 of the License, or (at your
7 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
11 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
12 * for more details.
13 *
14 * RCSID $Id: constants.c,v 1.21 2006/03/27 07:38:59 as Exp $
15 */
16
17 /*
18 * Note that the array sizes are all specified; this is to enable range
19 * checking by code that only includes constants.h.
20 */
21
22 #include <stddef.h>
23 #include <string.h>
24 #include <stdio.h>
25 #include <netinet/in.h>
26
27 #include <freeswan.h>
28 #include <ipsec_policy.h>
29
30 #include "constants.h"
31 #include "defs.h"
32 #include "log.h"
33 #include "packet.h"
34
35 /* string naming compile-time options that have interop implications */
36
37 const char compile_time_interop_options[] = ""
38 #ifdef THREADS
39 " THREADS"
40 #endif
41 #ifdef LIBCURL
42 " LIBCURL"
43 #endif
44 #ifdef LDAP_VER
45 #if LDAP_VER == 2
46 " LDAP_V2"
47 #else
48 " LDAP_V3"
49 #endif
50 #endif
51 #ifdef SMARTCARD
52 " SMARTCARD"
53 #endif
54 #ifdef VENDORID
55 " VENDORID"
56 #endif
57 #ifdef XAUTH_VID
58 " XAUTH_VID"
59 #endif
60 #ifdef USE_KEYRR
61 " KEYRR"
62 #endif
63 ;
64
65 /* version */
66
67 static const char *const version_name[] = {
68 "ISAKMP Version 1.0",
69 };
70
71 enum_names version_names =
72 { ISAKMP_MAJOR_VERSION<<ISA_MAJ_SHIFT | ISAKMP_MINOR_VERSION,
73 ISAKMP_MAJOR_VERSION<<ISA_MAJ_SHIFT | ISAKMP_MINOR_VERSION,
74 version_name, NULL };
75
76 /* RFC 2459 CRL reason codes */
77
78 static const char *const crl_reason_name[] = {
79 "unspecified",
80 "key compromise",
81 "ca compromise",
82 "affiliation changed",
83 "superseded",
84 "cessation of operation",
85 "certificate hold",
86 "reason #7",
87 "remove from crl"
88 };
89
90 enum_names crl_reason_names =
91 { REASON_UNSPECIFIED, REASON_REMOVE_FROM_CRL, crl_reason_name, NULL};
92
93 /* RFC 3706 Dead Peer Detection */
94
95 static const char *const dpd_action_name[] = {
96 "none",
97 "clear",
98 "hold",
99 "restart"
100 };
101
102 enum_names dpd_action_names =
103 { DPD_ACTION_NONE, DPD_ACTION_RESTART, dpd_action_name, NULL};
104
105 /* Timer events */
106
107 static const char *const timer_event_name[] = {
108 "EVENT_NULL",
109 "EVENT_REINIT_SECRET",
110 "EVENT_SHUNT_SCAN",
111 "EVENT_SO_DISCARD",
112 "EVENT_RETRANSMIT",
113 "EVENT_SA_REPLACE",
114 "EVENT_SA_REPLACE_IF_USED",
115 "EVENT_SA_EXPIRE",
116 "EVENT_NAT_T_KEEPALIVE",
117 "EVENT_DPD",
118 "EVENT_DPD_TIMEOUT",
119 "EVENT_LOG_DAILY"
120 };
121
122 enum_names timer_event_names =
123 { EVENT_NULL, EVENT_LOG_DAILY, timer_event_name, NULL };
124
125 /* Domain of Interpretation */
126
127 static const char *const doi_name[] = {
128 "ISAKMP_DOI_ISAKMP",
129 "ISAKMP_DOI_IPSEC",
130 };
131
132 enum_names doi_names = { ISAKMP_DOI_ISAKMP, ISAKMP_DOI_IPSEC, doi_name, NULL };
133
134 /* debugging settings: a set of selections for reporting
135 * These would be more naturally situated in log.h,
136 * but they are shared with whack.
137 * It turns out that "debug-" is clutter in all contexts this is used,
138 * so we leave it off.
139 */
140 #ifdef DEBUG
141 const char *const debug_bit_names[] = {
142 "raw",
143 "crypt",
144 "parsing",
145 "emitting",
146 "control",
147 "lifecycle",
148 "klips",
149 "dns",
150 "natt",
151 "oppo",
152 "controlmore",
153
154 "private",
155
156 "impair-delay-adns-key-answer",
157 "impair-delay-adns-txt-answer",
158 "impair-bust-mi2",
159 "impair-bust-mr2",
160
161 NULL
162 };
163 #endif
164
165 /* State of exchanges */
166
167 static const char *const state_name[] = {
168 "STATE_MAIN_R0",
169 "STATE_MAIN_I1",
170 "STATE_MAIN_R1",
171 "STATE_MAIN_I2",
172 "STATE_MAIN_R2",
173 "STATE_MAIN_I3",
174 "STATE_MAIN_R3",
175 "STATE_MAIN_I4",
176
177 "STATE_QUICK_R0",
178 "STATE_QUICK_I1",
179 "STATE_QUICK_R1",
180 "STATE_QUICK_I2",
181 "STATE_QUICK_R2",
182
183 "STATE_INFO",
184 "STATE_INFO_PROTECTED",
185
186 "STATE_XAUTH_R0",
187 "STATE_XAUTH_R1",
188
189 "STATE_MODE_CFG_R0",
190 "STATE_MODE_CFG_R1",
191 "STATE_MODE_CFG_R2",
192 "STATE_MODE_CFG_I1",
193 "STATE_MODE_CFG_I2",
194 "STATE_MODE_CFG_I3",
195
196 "STATE_IKE_ROOF"
197 };
198
199 enum_names state_names =
200 { STATE_MAIN_R0, STATE_IKE_ROOF-1, state_name, NULL };
201
202 /* story for state */
203
204 const char *const state_story[] = {
205 "expecting MI1", /* STATE_MAIN_R0 */
206 "sent MI1, expecting MR1", /* STATE_MAIN_I1 */
207 "sent MR1, expecting MI2", /* STATE_MAIN_R1 */
208 "sent MI2, expecting MR2", /* STATE_MAIN_I2 */
209 "sent MR2, expecting MI3", /* STATE_MAIN_R2 */
210 "sent MI3, expecting MR3", /* STATE_MAIN_I3 */
211 "sent MR3, ISAKMP SA established", /* STATE_MAIN_R3 */
212 "ISAKMP SA established", /* STATE_MAIN_I4 */
213
214 "expecting QI1", /* STATE_QUICK_R0 */
215 "sent QI1, expecting QR1", /* STATE_QUICK_I1 */
216 "sent QR1, inbound IPsec SA installed, expecting QI2", /* STATE_QUICK_R1 */
217 "sent QI2, IPsec SA established", /* STATE_QUICK_I2 */
218 "IPsec SA established", /* STATE_QUICK_R2 */
219
220 "got Informational Message in clear", /* STATE_INFO */
221 "got encrypted Informational Message", /* STATE_INFO_PROTECTED */
222
223 "sent XAUTH request, expecting reply", /* STATE_XAUTH_R0 */
224 "sent XAUTH status, expecting ack", /* STATE_XAUTH_R1 */
225
226 "sent ModeCfg reply", /* STATE_MODE_CFG_R0 */
227 "sent ModeCfg reply", /* STATE_MODE_CFG_R1 */
228 "received ModeCfg ack", /* STATE_MODE_CFG_R2 */
229 "sent ModeCfg request, expecting reply", /* STATE_MODE_CFG_I1 */
230 "received ModeCfg reply", /* STATE_MODE_CFG_I2 */
231 "received ModeCfg set, sent ack", /* STATE_MODE_CFG_I3 */
232 };
233
234 /* kind of struct connection */
235
236 static const char *const connection_kind_name[] = {
237 "CK_GROUP", /* policy group: instantiates to template */
238 "CK_TEMPLATE", /* abstract connection, with wildcard */
239 "CK_PERMANENT", /* normal connection */
240 "CK_INSTANCE", /* instance of template, created for a particular attempt */
241 "CK_GOING_AWAY" /* instance being deleted -- don't delete again */
242 };
243
244 enum_names connection_kind_names =
245 { CK_GROUP, CK_GOING_AWAY, connection_kind_name, NULL };
246
247 /* routing status names */
248
249 static const char *const routing_story_strings[] = {
250 "unrouted", /* RT_UNROUTED: unrouted */
251 "unrouted HOLD", /* RT_UNROUTED_HOLD: unrouted, but HOLD shunt installed */
252 "eroute eclipsed", /* RT_ROUTED_ECLIPSED: RT_ROUTED_PROSPECTIVE except bare HOLD or instance has eroute */
253 "prospective erouted", /* RT_ROUTED_PROSPECTIVE: routed, and prospective shunt installed */
254 "erouted HOLD", /* RT_ROUTED_HOLD: routed, and HOLD shunt installed */
255 "fail erouted", /* RT_ROUTED_FAILURE: routed, and failure-context shunt eroute installed */
256 "erouted", /* RT_ROUTED_TUNNEL: routed, and erouted to an IPSEC SA group */
257 "keyed, unrouted", /* RT_UNROUTED_KEYED: was routed+keyed, but it got turned into an outer policy */
258 };
259
260 enum_names routing_story =
261 { RT_UNROUTED, RT_ROUTED_TUNNEL, routing_story_strings, NULL};
262
263 /* Payload types (RFC 2408 "ISAKMP" section 3.1) */
264
265 const char *const payload_name[] = {
266 "ISAKMP_NEXT_NONE",
267 "ISAKMP_NEXT_SA",
268 "ISAKMP_NEXT_P",
269 "ISAKMP_NEXT_T",
270 "ISAKMP_NEXT_KE",
271 "ISAKMP_NEXT_ID",
272 "ISAKMP_NEXT_CERT",
273 "ISAKMP_NEXT_CR",
274 "ISAKMP_NEXT_HASH",
275 "ISAKMP_NEXT_SIG",
276 "ISAKMP_NEXT_NONCE",
277 "ISAKMP_NEXT_N",
278 "ISAKMP_NEXT_D",
279 "ISAKMP_NEXT_VID",
280 "ISAKMP_NEXT_MODECFG",
281 "ISAKMP_NEXT_15",
282 "ISAKMP_NEXT_16",
283 "ISAKMP_NEXT_17",
284 "ISAKMP_NEXT_18",
285 "ISAKMP_NEXT_19",
286 "ISAKMP_NEXT_NAT-D",
287 "ISAKMP_NEXT_NAT-OA",
288 NULL
289 };
290
291 const char *const payload_name_nat_d[] = { "ISAKMP_NEXT_NAT-D",
292 "ISAKMP_NEXT_NAT-OA", NULL };
293
294 static enum_names payload_names_nat_d =
295 { ISAKMP_NEXT_NATD_DRAFTS, ISAKMP_NEXT_NATOA_DRAFTS, payload_name_nat_d, NULL };
296
297 enum_names payload_names =
298 { ISAKMP_NEXT_NONE, ISAKMP_NEXT_NATOA_RFC, payload_name, &payload_names_nat_d };
299
300 /* Exchange types (note: two discontinuous ranges) */
301
302 static const char *const exchange_name[] = {
303 "ISAKMP_XCHG_NONE",
304 "ISAKMP_XCHG_BASE",
305 "ISAKMP_XCHG_IDPROT",
306 "ISAKMP_XCHG_AO",
307 "ISAKMP_XCHG_AGGR",
308 "ISAKMP_XCHG_INFO",
309 "ISAKMP_XCHG_MODE_CFG",
310 };
311
312 static const char *const exchange_name2[] = {
313 "ISAKMP_XCHG_QUICK",
314 "ISAKMP_XCHG_NGRP",
315 "ISAKMP_XCHG_ACK_INFO",
316 };
317
318 static enum_names exchange_desc2 =
319 { ISAKMP_XCHG_QUICK, ISAKMP_XCHG_ACK_INFO, exchange_name2, NULL };
320
321 enum_names exchange_names =
322 { ISAKMP_XCHG_NONE, ISAKMP_XCHG_MODE_CFG, exchange_name, &exchange_desc2 };
323
324 /* Flag BITS */
325 const char *const flag_bit_names[] = {
326 "ISAKMP_FLAG_ENCRYPTION",
327 "ISAKMP_FLAG_COMMIT",
328 NULL
329 };
330
331 /* Situation BITS definition for IPsec DOI */
332
333 const char *const sit_bit_names[] = {
334 "SIT_IDENTITY_ONLY",
335 "SIT_SECRECY",
336 "SIT_INTEGRITY",
337 NULL
338 };
339
340 /* Protocol IDs (RFC 2407 "IPsec DOI" section 4.4.1) */
341
342 static const char *const protocol_name[] = {
343 "PROTO_ISAKMP",
344 "PROTO_IPSEC_AH",
345 "PROTO_IPSEC_ESP",
346 "PROTO_IPCOMP",
347 };
348
349 enum_names protocol_names =
350 { PROTO_ISAKMP, PROTO_IPCOMP, protocol_name, NULL };
351
352 /* IPsec ISAKMP transform values */
353
354 static const char *const isakmp_transform_name[] = {
355 "KEY_IKE",
356 };
357
358 enum_names isakmp_transformid_names =
359 { KEY_IKE, KEY_IKE, isakmp_transform_name, NULL };
360
361 /* IPsec AH transform values */
362
363 static const char *const ah_transform_name[] = {
364 "AH_MD5",
365 "AH_SHA",
366 "AH_DES",
367 "AH_SHA2_256",
368 "AH_SHA2_384",
369 "AH_SHA2_512",
370 "AH_RIPEMD"
371 };
372
373 enum_names ah_transformid_names =
374 { AH_MD5, AH_RIPEMD, ah_transform_name, NULL };
375
376 /* IPsec ESP transform values */
377
378 static const char *const esp_transform_name[] = {
379 "ESP_DES_IV64",
380 "ESP_DES",
381 "ESP_3DES",
382 "ESP_RC5",
383 "ESP_IDEA",
384 "ESP_CAST",
385 "ESP_BLOWFISH",
386 "ESP_3IDEA",
387 "ESP_DES_IV32",
388 "ESP_RC4",
389 "ESP_NULL",
390 "ESP_AES",
391 "ESP_AES-CTR",
392 "ESP_AES-CCM_8",
393 "ESP_AES-CCM_12",
394 "ESP_AES-CCM_16"
395 };
396
397 /*
398 * ipsec drafts suggest "high" ESP ids values for testing,
399 * assign generic ESP_ID<num> if not officially defined
400 */
401 static const char *const esp_transform_name_high[] = {
402 "ESP_SERPENT",
403 "ESP_TWOFISH"
404 };
405
406 enum_names esp_transformid_names_high =
407 { ESP_SERPENT, ESP_TWOFISH, esp_transform_name_high, NULL };
408
409 enum_names esp_transformid_names =
410 { ESP_DES_IV64, ESP_AES_CCM_16, esp_transform_name, &esp_transformid_names_high };
411
412 /* IPCOMP transform values */
413
414 static const char *const ipcomp_transform_name[] = {
415 "IPCOMP_OUI",
416 "IPCOMP_DEFLAT",
417 "IPCOMP_LZS",
418 "IPCOMP_LZJH",
419 };
420
421 enum_names ipcomp_transformid_names =
422 { IPCOMP_OUI, IPCOMP_LZJH, ipcomp_transform_name, NULL };
423
424 /* Identification type values */
425
426 static const char *const ident_name[] = {
427 "ID_IPV4_ADDR",
428 "ID_FQDN",
429 "ID_USER_FQDN",
430 "ID_IPV4_ADDR_SUBNET",
431 "ID_IPV6_ADDR",
432 "ID_IPV6_ADDR_SUBNET",
433 "ID_IPV4_ADDR_RANGE",
434 "ID_IPV6_ADDR_RANGE",
435 "ID_DER_ASN1_DN",
436 "ID_DER_ASN1_GN",
437 "ID_KEY_ID",
438 };
439
440 enum_names ident_names =
441 { ID_IPV4_ADDR, ID_KEY_ID, ident_name, NULL };
442
443 /* Certificate type values */
444
445 static const char *const cert_type_name[] = {
446 "CERT_NONE",
447 "CERT_PKCS7_WRAPPED_X509",
448 "CERT_PGP",
449 "CERT_DNS_SIGNED_KEY",
450 "CERT_X509_SIGNATURE",
451 "CERT_X509_KEY_EXCHANGE",
452 "CERT_KERBEROS_TOKENS",
453 "CERT_CRL",
454 "CERT_ARL",
455 "CERT_SPKI",
456 "CERT_X509_ATTRIBUTE",
457 };
458
459 enum_names cert_type_names =
460 { CERT_NONE, CERT_X509_ATTRIBUTE, cert_type_name, NULL };
461
462 /* Certificate policy names */
463
464 static const char *const cert_policy_name[] = {
465 "ALWAYS_SEND",
466 "SEND_IF_ASKED",
467 "NEVER_SEND",
468 };
469
470 enum_names cert_policy_names =
471 { CERT_ALWAYS_SEND, CERT_NEVER_SEND, cert_policy_name, NULL };
472
473 /* Goal BITs for establishing an SA
474 * Note: we drop the POLICY_ prefix so that logs are more concise.
475 */
476
477 const char *const sa_policy_bit_names[] = {
478 "PSK",
479 "RSASIG",
480 "ENCRYPT",
481 "AUTHENTICATE",
482 "COMPRESS",
483 "TUNNEL",
484 "PFS",
485 "DISABLEARRIVALCHECK",
486 "SHUNT0",
487 "SHUNT1",
488 "FAILSHUNT0",
489 "FAILSHUNT1",
490 "DONTREKEY",
491 "OPPORTUNISTIC",
492 "GROUP",
493 "GROUTED",
494 "UP",
495 "MODECFGPUSH",
496 "XAUTHPSK",
497 "XAUTHRSASIG",
498 "XAUTHSERVER",
499 NULL
500 };
501
502 const char *const policy_shunt_names[4] = {
503 "TRAP",
504 "PASS",
505 "DROP",
506 "REJECT",
507 };
508
509 const char *const policy_fail_names[4] = {
510 "NONE",
511 "PASS",
512 "DROP",
513 "REJECT",
514 };
515
516 /* Oakley transform attributes
517 * oakley_attr_bit_names does double duty: it is used for enum names
518 * and bit names.
519 */
520
521 const char *const oakley_attr_bit_names[] = {
522 "OAKLEY_ENCRYPTION_ALGORITHM",
523 "OAKLEY_HASH_ALGORITHM",
524 "OAKLEY_AUTHENTICATION_METHOD",
525 "OAKLEY_GROUP_DESCRIPTION",
526 "OAKLEY_GROUP_TYPE",
527 "OAKLEY_GROUP_PRIME",
528 "OAKLEY_GROUP_GENERATOR_ONE",
529 "OAKLEY_GROUP_GENERATOR_TWO",
530 "OAKLEY_GROUP_CURVE_A",
531 "OAKLEY_GROUP_CURVE_B",
532 "OAKLEY_LIFE_TYPE",
533 "OAKLEY_LIFE_DURATION",
534 "OAKLEY_PRF",
535 "OAKLEY_KEY_LENGTH",
536 "OAKLEY_FIELD_SIZE",
537 "OAKLEY_GROUP_ORDER",
538 "OAKLEY_BLOCK_SIZE",
539 NULL
540 };
541
542 static const char *const oakley_var_attr_name[] = {
543 "OAKLEY_GROUP_PRIME (variable length)",
544 "OAKLEY_GROUP_GENERATOR_ONE (variable length)",
545 "OAKLEY_GROUP_GENERATOR_TWO (variable length)",
546 "OAKLEY_GROUP_CURVE_A (variable length)",
547 "OAKLEY_GROUP_CURVE_B (variable length)",
548 NULL,
549 "OAKLEY_LIFE_DURATION (variable length)",
550 NULL,
551 NULL,
552 NULL,
553 "OAKLEY_GROUP_ORDER (variable length)",
554 };
555
556 static enum_names oakley_attr_desc_tv = {
557 OAKLEY_ENCRYPTION_ALGORITHM + ISAKMP_ATTR_AF_TV,
558 OAKLEY_GROUP_ORDER + ISAKMP_ATTR_AF_TV, oakley_attr_bit_names, NULL };
559
560 enum_names oakley_attr_names = {
561 OAKLEY_GROUP_PRIME, OAKLEY_GROUP_ORDER,
562 oakley_var_attr_name, &oakley_attr_desc_tv };
563
564 /* for each Oakley attribute, which enum_names describes its values? */
565 enum_names *oakley_attr_val_descs[] = {
566 NULL, /* (none) */
567 &oakley_enc_names, /* OAKLEY_ENCRYPTION_ALGORITHM */
568 &oakley_hash_names, /* OAKLEY_HASH_ALGORITHM */
569 &oakley_auth_names, /* OAKLEY_AUTHENTICATION_METHOD */
570 &oakley_group_names, /* OAKLEY_GROUP_DESCRIPTION */
571 &oakley_group_type_names,/* OAKLEY_GROUP_TYPE */
572 NULL, /* OAKLEY_GROUP_PRIME */
573 NULL, /* OAKLEY_GROUP_GENERATOR_ONE */
574 NULL, /* OAKLEY_GROUP_GENERATOR_TWO */
575 NULL, /* OAKLEY_GROUP_CURVE_A */
576 NULL, /* OAKLEY_GROUP_CURVE_B */
577 &oakley_lifetime_names, /* OAKLEY_LIFE_TYPE */
578 NULL, /* OAKLEY_LIFE_DURATION */
579 &oakley_prf_names, /* OAKLEY_PRF */
580 NULL, /* OAKLEY_KEY_LENGTH */
581 NULL, /* OAKLEY_FIELD_SIZE */
582 NULL, /* OAKLEY_GROUP_ORDER */
583 };
584
585 /* IPsec DOI attributes (RFC 2407 "IPsec DOI" section 4.5) */
586
587 static const char *const ipsec_attr_name[] = {
588 "SA_LIFE_TYPE",
589 "SA_LIFE_DURATION",
590 "GROUP_DESCRIPTION",
591 "ENCAPSULATION_MODE",
592 "AUTH_ALGORITHM",
593 "KEY_LENGTH",
594 "KEY_ROUNDS",
595 "COMPRESS_DICT_SIZE",
596 "COMPRESS_PRIVATE_ALG",
597 };
598
599 static const char *const ipsec_var_attr_name[] = {
600 "SA_LIFE_DURATION (variable length)",
601 NULL,
602 NULL,
603 NULL,
604 NULL,
605 NULL,
606 NULL,
607 "COMPRESS_PRIVATE_ALG (variable length)",
608 };
609
610 static enum_names ipsec_attr_desc_tv = {
611 SA_LIFE_TYPE + ISAKMP_ATTR_AF_TV,
612 COMPRESS_PRIVATE_ALG + ISAKMP_ATTR_AF_TV,
613 ipsec_attr_name, NULL };
614
615 enum_names ipsec_attr_names = {
616 SA_LIFE_DURATION, COMPRESS_PRIVATE_ALG,
617 ipsec_var_attr_name, &ipsec_attr_desc_tv };
618
619 /* for each IPsec attribute, which enum_names describes its values? */
620 enum_names *ipsec_attr_val_descs[] = {
621 NULL, /* (none) */
622 &sa_lifetime_names, /* SA_LIFE_TYPE */
623 NULL, /* SA_LIFE_DURATION */
624 &oakley_group_names, /* GROUP_DESCRIPTION */
625 &enc_mode_names, /* ENCAPSULATION_MODE */
626 &auth_alg_names, /* AUTH_ALGORITHM */
627 NULL, /* KEY_LENGTH */
628 NULL, /* KEY_ROUNDS */
629 NULL, /* COMPRESS_DICT_SIZE */
630 NULL, /* COMPRESS_PRIVATE_ALG */
631 };
632
633 /* SA Lifetime Type attribute */
634
635 static const char *const sa_lifetime_name[] = {
636 "SA_LIFE_TYPE_SECONDS",
637 "SA_LIFE_TYPE_KBYTES",
638 };
639
640 enum_names sa_lifetime_names =
641 { SA_LIFE_TYPE_SECONDS, SA_LIFE_TYPE_KBYTES, sa_lifetime_name, NULL };
642
643 /* Encapsulation Mode attribute */
644
645 static const char *const enc_mode_name[] = {
646 "ENCAPSULATION_MODE_TUNNEL",
647 "ENCAPSULATION_MODE_TRANSPORT",
648 "ENCAPSULATION_MODE_UDP_TUNNEL",
649 "ENCAPSULATION_MODE_UDP_TRANSPORT",
650 };
651
652 static const char *const enc_udp_mode_name[] = {
653 "ENCAPSULATION_MODE_UDP_TUNNEL",
654 "ENCAPSULATION_MODE_UDP_TRANSPORT",
655 };
656
657 static enum_names enc_udp_mode_names =
658 { ENCAPSULATION_MODE_UDP_TUNNEL_DRAFTS, ENCAPSULATION_MODE_UDP_TRANSPORT_DRAFTS, enc_udp_mode_name, NULL };
659
660 enum_names enc_mode_names =
661 { ENCAPSULATION_MODE_TUNNEL, ENCAPSULATION_MODE_UDP_TRANSPORT_RFC, enc_mode_name, &enc_udp_mode_names };
662
663 /* Auth Algorithm attribute */
664
665 static const char *const auth_alg_name[] = {
666 "AUTH_ALGORITHM_HMAC_MD5",
667 "AUTH_ALGORITHM_HMAC_SHA1",
668 "AUTH_ALGORITHM_DES_MAC",
669 "AUTH_ALGORITHM_KPDK",
670 "AUTH_ALGORITHM_HMAC_SHA2_256",
671 "AUTH_ALGORITHM_HMAC_SHA2_384",
672 "AUTH_ALGORITHM_HMAC_SHA2_512",
673 "AUTH_ALGORITHM_HMAC_RIPEMD",
674 };
675
676 static const char *const extended_auth_alg_name[] = {
677 "AUTH_ALGORITHM_NULL"
678 };
679
680 enum_names extended_auth_alg_names =
681 { AUTH_ALGORITHM_NULL, AUTH_ALGORITHM_NULL, extended_auth_alg_name, NULL };
682
683 enum_names auth_alg_names =
684 { AUTH_ALGORITHM_HMAC_MD5, AUTH_ALGORITHM_HMAC_RIPEMD, auth_alg_name
685 , &extended_auth_alg_names };
686
687 /* From draft-beaulieu-ike-xauth */
688 static const char *const xauth_type_name[] = {
689 "Generic",
690 "RADIUS-CHAP",
691 "OTP",
692 "S/KEY",
693 };
694
695 enum_names xauth_type_names =
696 { XAUTH_TYPE_GENERIC, XAUTH_TYPE_SKEY, xauth_type_name, NULL};
697
698 /* From draft-beaulieu-ike-xauth */
699 static const char *const xauth_attr_tv_name[] = {
700 "XAUTH_TYPE",
701 NULL,
702 NULL,
703 NULL,
704 NULL,
705 NULL,
706 NULL,
707 "XAUTH_STATUS",
708 };
709
710 enum_names xauth_attr_tv_names = {
711 XAUTH_TYPE + ISAKMP_ATTR_AF_TV,
712 XAUTH_STATUS + ISAKMP_ATTR_AF_TV, xauth_attr_tv_name, NULL };
713
714 static const char *const xauth_attr_name[] = {
715 "XAUTH_USER_NAME",
716 "XAUTH_USER_PASSWORD",
717 "XAUTH_PASSCODE",
718 "XAUTH_MESSAGE",
719 "XAUTH_CHALLENGE",
720 "XAUTH_DOMAIN",
721 "XAUTH_STATUS (wrong TLV syntax, should be TV)",
722 "XAUTH_NEXT_PIN",
723 "XAUTH_ANSWER",
724 };
725
726 enum_names xauth_attr_names =
727 { XAUTH_USER_NAME , XAUTH_ANSWER, xauth_attr_name , &xauth_attr_tv_names };
728
729 static const char *const modecfg_attr_name[] = {
730 "INTERNAL_IP4_ADDRESS",
731 "INTERNAL_IP4_NETMASK",
732 "INTERNAL_IP4_DNS",
733 "INTERNAL_IP4_NBNS",
734 "INTERNAL_ADDRESS_EXPIRY",
735 "INTERNAL_IP4_DHCP",
736 "APPLICATION_VERSION",
737 "INTERNAL_IP6_ADDRESS",
738 "INTERNAL_IP6_NETMASK",
739 "INTERNAL_IP6_DNS",
740 "INTERNAL_IP6_NBNS",
741 "INTERNAL_IP6_DHCP",
742 "INTERNAL_IP4_SUBNET",
743 "SUPPORTED_ATTRIBUTES",
744 "INTERNAL_IP6_SUBNET",
745 NULL
746 };
747
748 enum_names modecfg_attr_names =
749 { INTERNAL_IP4_ADDRESS, INTERNAL_IP6_SUBNET, modecfg_attr_name , &xauth_attr_names };
750
751 /* Oakley Lifetime Type attribute */
752
753 static const char *const oakley_lifetime_name[] = {
754 "OAKLEY_LIFE_SECONDS",
755 "OAKLEY_LIFE_KILOBYTES",
756 };
757
758 enum_names oakley_lifetime_names =
759 { OAKLEY_LIFE_SECONDS, OAKLEY_LIFE_KILOBYTES, oakley_lifetime_name, NULL };
760
761 /* Oakley PRF attribute (none defined) */
762
763 enum_names oakley_prf_names =
764 { 1, 0, NULL, NULL };
765
766 /* Oakley Encryption Algorithm attribute */
767
768 static const char *const oakley_enc_name[] = {
769 "OAKLEY_DES_CBC",
770 "OAKLEY_IDEA_CBC",
771 "OAKLEY_BLOWFISH_CBC",
772 "OAKLEY_RC5_R16_B64_CBC",
773 "OAKLEY_3DES_CBC",
774 "OAKLEY_CAST_CBC",
775 "OAKLEY_AES_CBC",
776 };
777
778 #ifdef NO_EXTRA_IKE
779 enum_names oakley_enc_names =
780 { OAKLEY_DES_CBC, OAKLEY_AES_CBC, oakley_enc_name, NULL };
781 #else
782 static const char *const oakley_enc_name_draft_aes_cbc_02[] = {
783 "OAKLEY_MARS_CBC" /* 65001 */,
784 "OAKLEY_RC6_CBC" /* 65002 */,
785 "OAKLEY_ID_65003" /* 65003 */,
786 "OAKLEY_SERPENT_CBC" /* 65004 */,
787 "OAKLEY_TWOFISH_CBC" /* 65005 */,
788 };
789 static const char *const oakley_enc_name_ssh[] = {
790 "OAKLEY_TWOFISH_CBC_SSH",
791 };
792 enum_names oakley_enc_names_ssh =
793 { OAKLEY_TWOFISH_CBC_SSH, OAKLEY_TWOFISH_CBC_SSH, oakley_enc_name_ssh
794 , NULL };
795
796 enum_names oakley_enc_names_draft_aes_cbc_02 =
797 { OAKLEY_MARS_CBC, OAKLEY_TWOFISH_CBC, oakley_enc_name_draft_aes_cbc_02
798 , &oakley_enc_names_ssh };
799
800 enum_names oakley_enc_names =
801 { OAKLEY_DES_CBC, OAKLEY_AES_CBC, oakley_enc_name
802 , &oakley_enc_names_draft_aes_cbc_02 };
803 #endif
804
805 /* Oakley Hash Algorithm attribute */
806
807 static const char *const oakley_hash_name[] = {
808 "OAKLEY_MD5",
809 "OAKLEY_SHA",
810 "OAKLEY_TIGER",
811 "OAKLEY_SHA2_256",
812 "OAKLEY_SHA2_384",
813 "OAKLEY_SHA2_512",
814 };
815
816 enum_names oakley_hash_names =
817 { OAKLEY_MD5, OAKLEY_SHA2_512, oakley_hash_name, NULL };
818
819 /* Oakley Authentication Method attribute */
820
821 static const char *const oakley_auth_name1[] = {
822 "OAKLEY_PRESHARED_KEY",
823 "OAKLEY_DSS_SIG",
824 "OAKLEY_RSA_SIG",
825 "OAKLEY_RSA_ENC",
826 "OAKLEY_RSA_ENC_REV",
827 "OAKLEY_ELGAMAL_ENC",
828 "OAKLEY_ELGAMAL_ENC_REV",
829 };
830
831 static const char *const oakley_auth_name2[] = {
832 "HybridInitRSA",
833 "HybridRespRSA",
834 "HybridInitDSS",
835 "HybridRespDSS",
836 };
837
838 static const char *const oakley_auth_name3[] = {
839 "XAUTHInitPreShared",
840 "XAUTHRespPreShared",
841 "XAUTHInitDSS",
842 "XAUTHRespDSS",
843 "XAUTHInitRSA",
844 "XAUTHRespRSA",
845 "XAUTHInitRSAEncryption",
846 "XAUTHRespRSAEncryption",
847 "XAUTHInitRSARevisedEncryption",
848 "XAUTHRespRSARevisedEncryption",
849 };
850
851 static enum_names oakley_auth_names1 =
852 { OAKLEY_PRESHARED_KEY, OAKLEY_ELGAMAL_ENC_REV
853 , oakley_auth_name1, NULL };
854
855 static enum_names oakley_auth_names2 =
856 { HybridInitRSA, HybridRespDSS
857 , oakley_auth_name2, &oakley_auth_names1 };
858
859 enum_names oakley_auth_names =
860 { XAUTHInitPreShared, XAUTHRespRSARevisedEncryption
861 , oakley_auth_name3, &oakley_auth_names2 };
862
863 /* Oakley Group Description attribute */
864
865 static const char *const oakley_group_name[] = {
866 "OAKLEY_GROUP_MODP768",
867 "OAKLEY_GROUP_MODP1024",
868 "OAKLEY_GROUP_GP155",
869 "OAKLEY_GROUP_GP185",
870 "OAKLEY_GROUP_MODP1536",
871 };
872
873 static const char *const oakley_group_name_rfc3526[] = {
874 "OAKLEY_GROUP_MODP2048",
875 "OAKLEY_GROUP_MODP3072",
876 "OAKLEY_GROUP_MODP4096",
877 "OAKLEY_GROUP_MODP6144",
878 "OAKLEY_GROUP_MODP8192"
879 };
880 enum_names oakley_group_names_rfc3526 =
881 { OAKLEY_GROUP_MODP2048, OAKLEY_GROUP_MODP8192,
882 oakley_group_name_rfc3526, NULL };
883
884 enum_names oakley_group_names =
885 { OAKLEY_GROUP_MODP768, OAKLEY_GROUP_MODP1536,
886 oakley_group_name, &oakley_group_names_rfc3526 };
887
888 /* Oakley Group Type attribute */
889
890 static const char *const oakley_group_type_name[] = {
891 "OAKLEY_GROUP_TYPE_MODP",
892 "OAKLEY_GROUP_TYPE_ECP",
893 "OAKLEY_GROUP_TYPE_EC2N",
894 };
895
896 enum_names oakley_group_type_names =
897 { OAKLEY_GROUP_TYPE_MODP, OAKLEY_GROUP_TYPE_EC2N, oakley_group_type_name, NULL };
898
899 /* Notify messages -- error types */
900
901 static const char *const notification_name[] = {
902 "INVALID_PAYLOAD_TYPE",
903 "DOI_NOT_SUPPORTED",
904 "SITUATION_NOT_SUPPORTED",
905 "INVALID_COOKIE",
906 "INVALID_MAJOR_VERSION",
907 "INVALID_MINOR_VERSION",
908 "INVALID_EXCHANGE_TYPE",
909 "INVALID_FLAGS",
910 "INVALID_MESSAGE_ID",
911 "INVALID_PROTOCOL_ID",
912 "INVALID_SPI",
913 "INVALID_TRANSFORM_ID",
914 "ATTRIBUTES_NOT_SUPPORTED",
915 "NO_PROPOSAL_CHOSEN",
916 "BAD_PROPOSAL_SYNTAX",
917 "PAYLOAD_MALFORMED",
918 "INVALID_KEY_INFORMATION",
919 "INVALID_ID_INFORMATION",
920 "INVALID_CERT_ENCODING",
921 "INVALID_CERTIFICATE",
922 "CERT_TYPE_UNSUPPORTED",
923 "INVALID_CERT_AUTHORITY",
924 "INVALID_HASH_INFORMATION",
925 "AUTHENTICATION_FAILED",
926 "INVALID_SIGNATURE",
927 "ADDRESS_NOTIFICATION",
928 "NOTIFY_SA_LIFETIME",
929 "CERTIFICATE_UNAVAILABLE",
930 "UNSUPPORTED_EXCHANGE_TYPE",
931 "UNEQUAL_PAYLOAD_LENGTHS",
932 };
933
934 static const char *const notification_status_name[] = {
935 "CONNECTED",
936 };
937
938 static const char *const ipsec_notification_name[] = {
939 "IPSEC_RESPONDER_LIFETIME",
940 "IPSEC_REPLAY_STATUS",
941 "IPSEC_INITIAL_CONTACT",
942 };
943
944 static const char *const notification_dpd_name[] = {
945 "R_U_THERE",
946 "R_U_THERE_ACK",
947 };
948
949 enum_names notification_dpd_names =
950 { R_U_THERE, R_U_THERE_ACK,
951 notification_dpd_name, NULL };
952
953 enum_names ipsec_notification_names =
954 { IPSEC_RESPONDER_LIFETIME, IPSEC_INITIAL_CONTACT,
955 ipsec_notification_name, &notification_dpd_names };
956
957 enum_names notification_status_names =
958 { CONNECTED, CONNECTED,
959 notification_status_name, &ipsec_notification_names };
960
961 enum_names notification_names =
962 { INVALID_PAYLOAD_TYPE, UNEQUAL_PAYLOAD_LENGTHS,
963 notification_name, &notification_status_names };
964
965 /* MODECFG
966 * From draft-dukes-ike-mode-cfg
967 */
968 const char *const attr_msg_type_name[] = {
969 "ISAKMP_CFG_RESERVED",
970 "ISAKMP_CFG_REQUEST",
971 "ISAKMP_CFG_REPLY",
972 "ISAKMP_CFG_SET",
973 "ISAKMP_CFG_ACK",
974 NULL
975 };
976
977 enum_names attr_msg_type_names =
978 { 0 , ISAKMP_CFG_ACK, attr_msg_type_name , NULL };
979
980 /* socket address family info */
981
982 static const char *const af_inet_name[] = {
983 "AF_INET",
984 };
985
986 static const char *const af_inet6_name[] = {
987 "AF_INET6",
988 };
989
990 static enum_names af_names6 = { AF_INET6, AF_INET6, af_inet6_name, NULL };
991
992 enum_names af_names = { AF_INET, AF_INET, af_inet_name, &af_names6 };
993
994 static ip_address ipv4_any, ipv6_any;
995 static ip_subnet ipv4_wildcard, ipv6_wildcard;
996 static ip_subnet ipv4_all, ipv6_all;
997
998 const struct af_info af_inet4_info = {
999 AF_INET,
1000 "AF_INET",
1001 sizeof(struct in_addr),
1002 sizeof(struct sockaddr_in),
1003 32,
1004 ID_IPV4_ADDR, ID_IPV4_ADDR_SUBNET, ID_IPV4_ADDR_RANGE,
1005 &ipv4_any, &ipv4_wildcard, &ipv4_all,
1006 };
1007
1008 const struct af_info af_inet6_info = {
1009 AF_INET6,
1010 "AF_INET6",
1011 sizeof(struct in6_addr),
1012 sizeof(struct sockaddr_in6),
1013 128,
1014 ID_IPV6_ADDR, ID_IPV6_ADDR_SUBNET, ID_IPV6_ADDR_RANGE,
1015 &ipv6_any, &ipv6_wildcard, &ipv6_all,
1016 };
1017
1018 const struct af_info *
1019 aftoinfo(int af)
1020 {
1021 switch (af)
1022 {
1023 case AF_INET:
1024 return &af_inet4_info;
1025 case AF_INET6:
1026 return &af_inet6_info;
1027 default:
1028 return NULL;
1029 }
1030 }
1031
1032 bool
1033 subnetisnone(const ip_subnet *sn)
1034 {
1035 ip_address base;
1036
1037 networkof(sn, &base);
1038 return isanyaddr(&base) && subnetishost(sn);
1039 }
1040
1041 /* BIND enumerated types */
1042
1043 #include <arpa/nameser.h>
1044
1045 static const char *const rr_type_name[] = {
1046 "T_A", /* 1 host address */
1047 "T_NS", /* 2 authoritative server */
1048 "T_MD", /* 3 mail destination */
1049 "T_MF", /* 4 mail forwarder */
1050 "T_CNAME", /* 5 canonical name */
1051 "T_SOA", /* 6 start of authority zone */
1052 "T_MB", /* 7 mailbox domain name */
1053 "T_MG", /* 8 mail group member */
1054 "T_MR", /* 9 mail rename name */
1055 "T_NULL", /* 10 null resource record */
1056 "T_WKS", /* 11 well known service */
1057 "T_PTR", /* 12 domain name pointer */
1058 "T_HINFO", /* 13 host information */
1059 "T_MINFO", /* 14 mailbox information */
1060 "T_MX", /* 15 mail routing information */
1061 "T_TXT", /* 16 text strings */
1062 "T_RP", /* 17 responsible person */
1063 "T_AFSDB", /* 18 AFS cell database */
1064 "T_X25", /* 19 X_25 calling address */
1065 "T_ISDN", /* 20 ISDN calling address */
1066 "T_RT", /* 21 router */
1067 "T_NSAP", /* 22 NSAP address */
1068 "T_NSAP_PTR", /* 23 reverse NSAP lookup (deprecated) */
1069 "T_SIG", /* 24 security signature */
1070 "T_KEY", /* 25 security key */
1071 "T_PX", /* 26 X.400 mail mapping */
1072 "T_GPOS", /* 27 geographical position (withdrawn) */
1073 "T_AAAA", /* 28 IP6 Address */
1074 "T_LOC", /* 29 Location Information */
1075 "T_NXT", /* 30 Next Valid Name in Zone */
1076 "T_EID", /* 31 Endpoint identifier */
1077 "T_NIMLOC", /* 32 Nimrod locator */
1078 "T_SRV", /* 33 Server selection */
1079 "T_ATMA", /* 34 ATM Address */
1080 "T_NAPTR", /* 35 Naming Authority PoinTeR */
1081 NULL
1082 };
1083
1084 enum_names rr_type_names = { T_A, T_NAPTR, rr_type_name, NULL };
1085
1086 /* Query type values which do not appear in resource records */
1087 static const char *const rr_qtype_name[] = {
1088 "T_IXFR", /* 251 incremental zone transfer */
1089 "T_AXFR", /* 252 transfer zone of authority */
1090 "T_MAILB", /* 253 transfer mailbox records */
1091 "T_MAILA", /* 254 transfer mail agent records */
1092 "T_ANY", /* 255 wildcard match */
1093 NULL
1094 };
1095
1096 enum_names rr_qtype_names = { T_IXFR, T_ANY, rr_qtype_name, &rr_type_names };
1097
1098 static const char *const rr_class_name[] = {
1099 "C_IN", /* 1 the arpa internet */
1100 NULL
1101 };
1102
1103 enum_names rr_class_names = { C_IN, C_IN, rr_class_name, NULL };
1104
1105 /*
1106 * NAT-Traversal defines for nat_traveral type from nat_traversal.h
1107 *
1108 */
1109 const char *const natt_type_bitnames[] = {
1110 "draft-ietf-ipsec-nat-t-ike-00/01", /* 0 */
1111 "draft-ietf-ipsec-nat-t-ike-02/03",
1112 "RFC 3947",
1113 "3", /* 3 */
1114 "4", "5", "6", "7",
1115 "8", "9", "10", "11",
1116 "12", "13", "14", "15",
1117 "16", "17", "18", "19",
1118 "20", "21", "22", "23",
1119 "24", "25", "26", "27",
1120 "28", "29",
1121 "nat is behind me",
1122 "nat is behind peer"
1123 };
1124
1125 /* look up enum names in an enum_names */
1126
1127 const char *
1128 enum_name(enum_names *ed, unsigned long val)
1129 {
1130 enum_names *p;
1131
1132 for (p = ed; p != NULL; p = p->en_next_range)
1133 {
1134 if (p->en_first <= val && val <= p->en_last)
1135 return p->en_names[val - p->en_first];
1136 }
1137 return NULL;
1138 }
1139
1140 /* find or construct a string to describe an enum value
1141 * Result may be in STATIC buffer!
1142 */
1143 const char *
1144 enum_show(enum_names *ed, unsigned long val)
1145 {
1146 const char *p = enum_name(ed, val);
1147
1148 if (p == NULL)
1149 {
1150 static char buf[12]; /* only one! I hope that it is big enough */
1151
1152 snprintf(buf, sizeof(buf), "%lu??", val);
1153 p = buf;
1154 }
1155 return p;
1156 }
1157
1158
1159 static char bitnamesbuf[200]; /* only one! I hope that it is big enough! */
1160
1161 int
1162 enum_search(enum_names *ed, const char *str)
1163 {
1164 enum_names *p;
1165 const char *ptr;
1166 unsigned en;
1167
1168 for (p = ed; p != NULL; p = p->en_next_range)
1169 for (en = p->en_first; en <= p->en_last ;en++)
1170 {
1171 ptr = p->en_names[en - p->en_first];
1172 if (ptr == 0) continue;
1173 /* if (strncmp(ptr, str, strlen(ptr))==0) */
1174 if (strcmp(ptr, str) == 0)
1175 return en;
1176 }
1177 return -1;
1178 }
1179
1180 /* construct a string to name the bits on in a set
1181 * Result may be in STATIC buffer!
1182 * Note: prettypolicy depends on internal details.
1183 */
1184 const char *
1185 bitnamesof(const char *const table[], lset_t val)
1186 {
1187 char *p = bitnamesbuf;
1188 lset_t bit;
1189 const char *const *tp;
1190
1191 if (val == 0)
1192 return "none";
1193
1194 for (tp = table, bit = 01; val != 0; bit <<= 1)
1195 {
1196 if (val & bit)
1197 {
1198 const char *n = *tp;
1199 size_t nl;
1200
1201 if (n == NULL || *n == '\0')
1202 {
1203 /* no name for this bit, so use hex */
1204 static char flagbuf[sizeof("0x80000000")];
1205
1206 snprintf(flagbuf, sizeof(flagbuf), "0x%llx", bit);
1207 n = flagbuf;
1208 }
1209
1210 nl = strlen(n);
1211
1212 if (p != bitnamesbuf && p < bitnamesbuf+sizeof(bitnamesbuf) - 1)
1213 *p++ = '+';
1214
1215 if (bitnamesbuf+sizeof(bitnamesbuf) - p > (ptrdiff_t)nl)
1216 {
1217 strcpy(p, n);
1218 p += nl;
1219 }
1220 val -= bit;
1221 }
1222 if (*tp != NULL)
1223 tp++; /* move on, but not past end */
1224 }
1225 *p = '\0';
1226 return bitnamesbuf;
1227 }
1228
1229 /* print a policy: like bitnamesof, but it also does the non-bitfields.
1230 * Suppress the shunt and fail fields if 0.
1231 */
1232 const char *
1233 prettypolicy(lset_t policy)
1234 {
1235 const char *bn = bitnamesof(sa_policy_bit_names
1236 , policy & ~(POLICY_SHUNT_MASK | POLICY_FAIL_MASK));
1237 size_t len;
1238 lset_t shunt = (policy & POLICY_SHUNT_MASK) >> POLICY_SHUNT_SHIFT;
1239 lset_t fail = (policy & POLICY_FAIL_MASK) >> POLICY_FAIL_SHIFT;
1240
1241 if (bn != bitnamesbuf)
1242 bitnamesbuf[0] = '\0';
1243 len = strlen(bitnamesbuf);
1244 if (shunt != 0)
1245 {
1246 snprintf(bitnamesbuf + len, sizeof(bitnamesbuf) - len, "+%s"
1247 , policy_shunt_names[shunt]);
1248 len += strlen(bitnamesbuf + len);
1249 }
1250 if (fail != 0)
1251 {
1252 snprintf(bitnamesbuf + len, sizeof(bitnamesbuf) - len, "+failure%s"
1253 , policy_fail_names[fail]);
1254 len += strlen(bitnamesbuf + len);
1255 }
1256 if (NEVER_NEGOTIATE(policy))
1257 {
1258 snprintf(bitnamesbuf + len, sizeof(bitnamesbuf) - len, "+NEVER_NEGOTIATE");
1259 len += strlen(bitnamesbuf + len);
1260 }
1261 return bitnamesbuf;
1262 }
1263
1264 /* test a set by seeing if all bits have names */
1265
1266 bool
1267 testset(const char *const table[], lset_t val)
1268 {
1269 lset_t bit;
1270 const char *const *tp;
1271
1272 for (tp = table, bit = 01; val != 0; bit <<= 1, tp++)
1273 {
1274 const char *n = *tp;
1275
1276 if (n == NULL || ((val & bit) && *n == '\0'))
1277 return FALSE;
1278 val &= ~bit;
1279 }
1280 return TRUE;
1281 }
1282
1283
1284 const char sparse_end[] = "end of sparse names";
1285
1286 /* look up enum names in a sparse_names */
1287 const char *sparse_name(sparse_names sd, unsigned long val)
1288 {
1289 const struct sparse_name *p;
1290
1291 for (p = sd; p->name != sparse_end; p++)
1292 if (p->val == val)
1293 return p->name;
1294 return NULL;
1295 }
1296
1297 /* find or construct a string to describe an sparse value
1298 * Result may be in STATIC buffer!
1299 */
1300 const char *
1301 sparse_val_show(sparse_names sd, unsigned long val)
1302 {
1303 const char *p = sparse_name(sd, val);
1304
1305 if (p == NULL)
1306 {
1307 static char buf[12]; /* only one! I hope that it is big enough */
1308
1309 snprintf(buf, sizeof(buf), "%lu??", val);
1310 p = buf;
1311 }
1312 return p;
1313 }
1314
1315 void init_constants(void)
1316 {
1317 happy(anyaddr(AF_INET, &ipv4_any));
1318 happy(anyaddr(AF_INET6, &ipv6_any));
1319
1320 happy(addrtosubnet(&ipv4_any, &ipv4_wildcard));
1321 happy(addrtosubnet(&ipv6_any, &ipv6_wildcard));
1322
1323 happy(initsubnet(&ipv4_any, 0, '0', &ipv4_all));
1324 happy(initsubnet(&ipv6_any, 0, '0', &ipv6_all));
1325 }