added %P printf handler for poposal_t

added some proposal selection debugging code

5 files changed, 174 insertions, 65 deletions

diff --git a/src/charon/config/child_cfg.c b/src/charon/config/child_cfg.c
index 33dd73c44..add831c34 100644
--- a/src/charon/config/child_cfg.c
+++ b/src/charon/config/child_cfg.c
@@ -193,6 +193,9 @@ static proposal_t* select_proposal(private_child_cfg_t*this,
 			selected = stored->select(stored, supplied);
 			if (selected)
 			{
+				DBG2(DBG_CFG, "received proposals: %#P", proposals);
+				DBG2(DBG_CFG, "configured proposals: %#P", this->proposals);
+				DBG2(DBG_CFG, "selected proposal: %P", selected);
 				break;
 			}
 		}
@@ -206,6 +209,11 @@ static proposal_t* select_proposal(private_child_cfg_t*this,
 	}
 	stored_enum->destroy(stored_enum);
 	supplied_enum->destroy(supplied_enum);
+	if (selected == NULL)
+	{
+		DBG1(DBG_CFG, "received proposals: %#P", proposals);
+		DBG1(DBG_CFG, "configured proposals: %#P", this->proposals);
+	}
 	return selected;
 }
 
diff --git a/src/charon/config/ike_cfg.c b/src/charon/config/ike_cfg.c
index 36f84147d..7a845754d 100644
--- a/src/charon/config/ike_cfg.c
+++ b/src/charon/config/ike_cfg.c
@@ -20,6 +20,8 @@
 
 #include <string.h>
 
+#include <daemon.h>
+
 
 typedef struct private_ike_cfg_t private_ike_cfg_t;
 
@@ -136,6 +138,7 @@ static proposal_t *select_proposal(private_ike_cfg_t *this,
 	stored_iter = this->proposals->create_iterator(this->proposals, TRUE);
 	supplied_iter = proposals->create_iterator(proposals, TRUE);
 	
+	
 	/* compare all stored proposals with all supplied. Stored ones are preferred.*/
 	while (stored_iter->iterate(stored_iter, (void**)&stored))
 	{
@@ -149,6 +152,9 @@ static proposal_t *select_proposal(private_ike_cfg_t *this,
 				/* they match, return */
 				stored_iter->destroy(stored_iter);
 				supplied_iter->destroy(supplied_iter);
+				DBG2(DBG_CFG, "received proposals: %#P", proposals);
+				DBG2(DBG_CFG, "configured proposals: %#P", this->proposals);
+				DBG2(DBG_CFG, "selected proposal: %P", selected);
 				return selected;
 			}
 		}
@@ -156,6 +162,8 @@ static proposal_t *select_proposal(private_ike_cfg_t *this,
 	/* no proposal match :-(, will result in a NO_PROPOSAL_CHOSEN... */
 	stored_iter->destroy(stored_iter);
 	supplied_iter->destroy(supplied_iter);
+	DBG1(DBG_CFG, "received proposals: %#P", proposals);
+	DBG1(DBG_CFG, "configured proposals: %#P", this->proposals);
 	
 	return NULL;
 }
diff --git a/src/charon/config/proposal.c b/src/charon/config/proposal.c
index d203f06a1..043bbba3c 100644
--- a/src/charon/config/proposal.c
+++ b/src/charon/config/proposal.c
@@ -47,8 +47,8 @@ ENUM_NEXT(transform_type_names, ENCRYPTION_ALGORITHM, EXTENDED_SEQUENCE_NUMBERS,
 ENUM_END(transform_type_names, EXTENDED_SEQUENCE_NUMBERS);
 
 ENUM(extended_sequence_numbers_names, NO_EXT_SEQ_NUMBERS, EXT_SEQ_NUMBERS,
-	"NO_EXT_SEQ_NUMBERS",
-	"EXT_SEQ_NUMBERS",
+	"NO_EXT_SEQ",
+	"EXT_SEQ",
 );
 
 typedef struct private_proposal_t private_proposal_t;
@@ -348,79 +348,57 @@ static proposal_t *select_proposal(private_proposal_t *this, private_proposal_t
 	selected = proposal_create(this->protocol);
 	
 	/* select encryption algorithm */
-	if (select_algo(this->encryption_algos, other->encryption_algos, &add, &algo, &key_size))
+	if (select_algo(this->encryption_algos, other->encryption_algos,
+					&add, &algo, &key_size))
 	{
 		if (add)
 		{
-			selected->add_algorithm(selected, ENCRYPTION_ALGORITHM, algo, key_size);
+			selected->add_algorithm(selected, ENCRYPTION_ALGORITHM,
+									algo, key_size);
 		}
 	}
 	else
 	{
-		enumerator_t *e;
-		algorithm_t *alg;
-
 		selected->destroy(selected);
-		DBG2(DBG_CFG, "  no acceptable ENCRYPTION_ALGORITHM found");
-		DBG2(DBG_CFG, "  list of received ENCRYPTION_ALGORITHM proposals:");
-		e = other->encryption_algos->create_enumerator(other->encryption_algos);
-		while (e->enumerate(e, &alg))
-		{
-			DBG2(DBG_CFG, "  %N-%d", encryption_algorithm_names,
-									 alg->algorithm, alg->key_size);
-		}
-		e->destroy(e);
+		DBG2(DBG_CFG, "  no acceptable %N found",
+			 transform_type_names, ENCRYPTION_ALGORITHM);
 		return NULL;
 	}
 	/* select integrity algorithm */
 	if (!is_authenticated_encryption(algo))
 	{
-		if (select_algo(this->integrity_algos, other->integrity_algos, &add, &algo, &key_size))
+		if (select_algo(this->integrity_algos, other->integrity_algos,	
+						&add, &algo, &key_size))
 		{
 			if (add)
 			{
-				selected->add_algorithm(selected, INTEGRITY_ALGORITHM, algo, key_size);
+				selected->add_algorithm(selected, INTEGRITY_ALGORITHM,
+										algo, key_size);
 			}
 		}
 		else
 		{
-			enumerator_t *e;
-			algorithm_t *alg;
-
 			selected->destroy(selected);
-			DBG2(DBG_CFG, "  no acceptable INTEGRITY_ALGORITHM found");
-			DBG2(DBG_CFG, "  list of received INTEGRITY_ALGORITHM proposals:");
-			e = other->integrity_algos->create_enumerator(other->integrity_algos);
-			while (e->enumerate(e, &alg))
-			{
-				DBG2(DBG_CFG, "  %N", integrity_algorithm_names, alg->algorithm);
-			}
-			e->destroy(e);
+			DBG2(DBG_CFG, "  no acceptable %N found",
+				 transform_type_names, INTEGRITY_ALGORITHM);
 			return NULL;
 		}
 	}
 	/* select prf algorithm */
-	if (select_algo(this->prf_algos, other->prf_algos, &add, &algo, &key_size))
+	if (select_algo(this->prf_algos, other->prf_algos,
+					&add, &algo, &key_size))
 	{
 		if (add)
 		{
-			selected->add_algorithm(selected, PSEUDO_RANDOM_FUNCTION, algo, key_size);
+			selected->add_algorithm(selected, PSEUDO_RANDOM_FUNCTION,
+									algo, key_size);
 		}
 	}
 	else
 	{
-		enumerator_t *e;
-		algorithm_t *alg;
-
 		selected->destroy(selected);
-		DBG2(DBG_CFG, "  no acceptable PSEUDO_RANDOM_FUNCTION found");
-		DBG2(DBG_CFG, "  list of received PSEUDO_RANDOM_FUNCTION proposals:");
-		e = other->prf_algos->create_enumerator(other->prf_algos);
-		while (e->enumerate(e, &alg))
-		{
-			DBG2(DBG_CFG, "  %N", pseudo_random_function_names, alg->algorithm);
-		}
-		e->destroy(e);
+		DBG2(DBG_CFG, "  no acceptable %N found",
+			 transform_type_names, PSEUDO_RANDOM_FUNCTION);
 		return NULL;
 	}
 	/* select a DH-group */
@@ -433,18 +411,9 @@ static proposal_t *select_proposal(private_proposal_t *this, private_proposal_t
 	}
 	else
 	{
-		enumerator_t *e;
-		algorithm_t *alg;
-
 		selected->destroy(selected);
-		DBG2(DBG_CFG, "  no acceptable DIFFIE_HELLMAN_GROUP found");
-		DBG2(DBG_CFG, "  list of received DIFFIE_HELLMAN_GROUP proposals:");
-		e = other->dh_groups->create_enumerator(other->dh_groups);
-		while (e->enumerate(e, &alg))
-		{
-			DBG2(DBG_CFG, "  %N", diffie_hellman_group_names, alg->algorithm);
-		}
-		e->destroy(e);
+		DBG2(DBG_CFG, "  no acceptable %N found",
+			 transform_type_names, DIFFIE_HELLMAN_GROUP);
 		return NULL;
 	}
 	/* select if we use ESNs */
@@ -458,7 +427,8 @@ static proposal_t *select_proposal(private_proposal_t *this, private_proposal_t
 	else
 	{
 		selected->destroy(selected);
-		DBG2(DBG_CFG, "  no acceptable EXTENDED_SEQUENCE_NUMBERS found");
+		DBG2(DBG_CFG, "  no acceptable %N found",
+			 transform_type_names, EXTENDED_SEQUENCE_NUMBERS);
 		return NULL;
 	}
 	DBG2(DBG_CFG, "  proposal matches");
@@ -605,7 +575,8 @@ static void check_proposal(private_proposal_t *this)
 	{
 		/* if all encryption algorithms in the proposal are authenticated encryption
 		 * algorithms we MUST NOT propose any integrity algorithms */
-		while (this->integrity_algos->remove_last(this->integrity_algos, (void**)&alg) == SUCCESS)
+		while (this->integrity_algos->remove_last(this->integrity_algos,
+												  (void**)&alg) == SUCCESS)
 		{
 			free(alg);
 		}
@@ -646,15 +617,18 @@ static status_t add_string_algo(private_proposal_t *this, chunk_t alg)
 				{
 					case   8: /* octets */
 					case  64: /* bits */
-						add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV8, key_size);
+						add_algorithm(this, ENCRYPTION_ALGORITHM,
+									  ENCR_AES_CCM_ICV8, key_size);
 						break;
 					case  12: /* octets */
 					case  96: /* bits */
-						add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV12, key_size);
+						add_algorithm(this, ENCRYPTION_ALGORITHM,
+									  ENCR_AES_CCM_ICV12, key_size);
 						break;
 					case  16: /* octets */
 					case 128: /* bits */
-						add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_CCM_ICV16, key_size);
+						add_algorithm(this, ENCRYPTION_ALGORITHM,
+									  ENCR_AES_CCM_ICV16, key_size);
 						break;
 					default:
 						/* invalid ICV size */
@@ -675,15 +649,18 @@ static status_t add_string_algo(private_proposal_t *this, chunk_t alg)
 				{
 					case   8: /* octets */
 					case  64: /* bits */
-						add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV8, key_size);
+						add_algorithm(this, ENCRYPTION_ALGORITHM,
+									  ENCR_AES_GCM_ICV8, key_size);
 						break;
 					case  12: /* octets */
 					case  96: /* bits */
-						add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV12, key_size);
+						add_algorithm(this, ENCRYPTION_ALGORITHM,
+									  ENCR_AES_GCM_ICV12, key_size);
 						break;
 					case  16: /* octets */
 					case 128: /* bits */
-						add_algorithm(this, ENCRYPTION_ALGORITHM, ENCR_AES_GCM_ICV16, key_size);
+						add_algorithm(this, ENCRYPTION_ALGORITHM,
+									  ENCR_AES_GCM_ICV16, key_size);
 						break;
 					default:
 						/* invalid ICV size */
@@ -814,6 +791,109 @@ static status_t add_string_algo(private_proposal_t *this, chunk_t alg)
 }
 
 /**
+ * print all algorithms of a kind to stream
+ */
+static int print_alg(private_proposal_t *this, FILE *stream, u_int kind,
+					 void *names, bool *first)
+{
+	enumerator_t *enumerator;
+	size_t written = 0;
+	u_int16_t alg, size;
+	
+	enumerator = create_enumerator(this, kind);
+	while (enumerator->enumerate(enumerator, &alg, &size))
+	{
+		if (*first)
+		{
+			written += fprintf(stream, "%N", names, alg);
+			*first = FALSE;
+		}
+		else
+		{
+			written += fprintf(stream, "/%N", names, alg);
+		}
+		if (size)
+		{
+			written += fprintf(stream, "-%d", size);
+		}
+	}
+	enumerator->destroy(enumerator);
+	return written;
+}
+
+/**
+ * output handler in printf()
+ */
+static int print(FILE *stream, const struct printf_info *info,
+				 const void *const *args)
+{
+	private_proposal_t *this = *((private_proposal_t**)(args[0]));
+	linked_list_t *list = *((linked_list_t**)(args[0]));
+	enumerator_t *enumerator;
+	size_t written = 0;
+	bool first = TRUE;
+	
+	if (this == NULL)
+	{
+		return fprintf(stream, "(null)");
+	}
+	
+	if (info->alt)
+	{
+		enumerator = list->create_enumerator(list);
+		while (enumerator->enumerate(enumerator, &this))
+		{	/* call recursivly */
+			if (first)
+			{
+				written += fprintf(stream, "%P", this);
+				first = FALSE;
+			}
+			else
+			{
+				written += fprintf(stream, ", %P", this);
+			}
+		}
+		enumerator->destroy(enumerator);
+		return written;
+	}
+	
+	written = fprintf(stream, "%N:", protocol_id_names, this->protocol);
+	written += print_alg(this, stream, ENCRYPTION_ALGORITHM,
+						 encryption_algorithm_names, &first);
+	written += print_alg(this, stream, INTEGRITY_ALGORITHM,
+						 integrity_algorithm_names, &first);
+	written += print_alg(this, stream, PSEUDO_RANDOM_FUNCTION,
+						 pseudo_random_function_names, &first);
+	written += print_alg(this, stream, DIFFIE_HELLMAN_GROUP,
+						 diffie_hellman_group_names, &first);
+	written += print_alg(this, stream, EXTENDED_SEQUENCE_NUMBERS,
+						 extended_sequence_numbers_names, &first);
+	return written;
+}
+
+/**
+ * arginfo handler for printf() proposal
+ */
+static int arginfo(const struct printf_info *info, size_t n, int *argtypes)
+{
+	if (n > 0)
+	{
+		argtypes[0] = PA_POINTER;
+	}
+	return 1;
+}
+
+/**
+ * return printf hook functions for a proposal
+ */
+printf_hook_functions_t proposal_get_printf_hooks()
+{
+	printf_hook_functions_t hooks = {print, arginfo};
+	
+	return hooks;
+}
+
+/**
  * Implements proposal_t.destroy.
  */
 static void destroy(private_proposal_t *this)
@@ -873,18 +953,18 @@ proposal_t *proposal_create_default(protocol_id_t protocol)
 			add_algorithm(this, ENCRYPTION_ALGORITHM,   ENCR_AES_CBC,         256);
 			add_algorithm(this, ENCRYPTION_ALGORITHM,   ENCR_3DES,              0);
 			add_algorithm(this, INTEGRITY_ALGORITHM,    AUTH_AES_XCBC_96,       0);
-			add_algorithm(this, INTEGRITY_ALGORITHM,    AUTH_HMAC_SHA2_256_128,	0);
+			add_algorithm(this, INTEGRITY_ALGORITHM,    AUTH_HMAC_SHA2_256_128, 0);
 			add_algorithm(this, INTEGRITY_ALGORITHM,    AUTH_HMAC_SHA1_96,      0);
 			add_algorithm(this, INTEGRITY_ALGORITHM,    AUTH_HMAC_MD5_96,       0);
-			add_algorithm(this, INTEGRITY_ALGORITHM,    AUTH_HMAC_SHA2_384_192,	0);
-			add_algorithm(this, INTEGRITY_ALGORITHM,    AUTH_HMAC_SHA2_512_256,	0);
+			add_algorithm(this, INTEGRITY_ALGORITHM,    AUTH_HMAC_SHA2_384_192, 0);
+			add_algorithm(this, INTEGRITY_ALGORITHM,    AUTH_HMAC_SHA2_512_256, 0);
 			add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_AES128_XCBC,        0);
 			add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_256,      0);
 			add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA1,          0);
 			add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_MD5,           0);
 			add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_384,      0);
 			add_algorithm(this, PSEUDO_RANDOM_FUNCTION, PRF_HMAC_SHA2_512,      0);
-			add_algorithm(this, DIFFIE_HELLMAN_GROUP,   MODP_2048_BIT, 		    0);
+			add_algorithm(this, DIFFIE_HELLMAN_GROUP,   MODP_2048_BIT,          0);
 			add_algorithm(this, DIFFIE_HELLMAN_GROUP,   MODP_1536_BIT,          0);
 			add_algorithm(this, DIFFIE_HELLMAN_GROUP,   MODP_1024_BIT,          0);
 			add_algorithm(this, DIFFIE_HELLMAN_GROUP,   MODP_4096_BIT,          0);
diff --git a/src/charon/config/proposal.h b/src/charon/config/proposal.h
index 8a05a0cfd..08e8b8c1b 100644
--- a/src/charon/config/proposal.h
+++ b/src/charon/config/proposal.h
@@ -232,4 +232,14 @@ proposal_t *proposal_create_default(protocol_id_t protocol);
  */
 proposal_t *proposal_create_from_string(protocol_id_t protocol, const char *algs);
 
+/**
+ * Get printf hooks for a proposal.
+ *
+ * Arguments are: 
+ *    proposal_t *proposal
+ * With the #-specifier, arguments are:
+ *    linked_list_t *list containing proposal_t*
+ */
+printf_hook_functions_t proposal_get_printf_hooks();
+
 #endif /* PROPOSAL_H_ @} */
diff --git a/src/charon/daemon.c b/src/charon/daemon.c
index ad46c2ec1..1ab88104a 100644
--- a/src/charon/daemon.c
+++ b/src/charon/daemon.c
@@ -43,6 +43,7 @@
 
 #include <library.h>
 #include <config/traffic_selector.h>
+#include <config/proposal.h>
 
 /* on some distros, a capset definition is missing */
 #ifdef NO_CAPSET_DEFINED
@@ -559,6 +560,8 @@ int main(int argc, char *argv[])
 	library_init(STRONGSWAN_CONF);
 	lib->printf_hook->add_handler(lib->printf_hook, 'R',
 								  traffic_selector_get_printf_hooks());
+	lib->printf_hook->add_handler(lib->printf_hook, 'P',
+								  proposal_get_printf_hooks());
 	private_charon = daemon_create();
 	charon = (daemon_t*)private_charon;