main(int argc, char *argv[]) { int len; char *infile; EF_PROTECT_FREE=1; EF_FREE_WIPES =1; progname = argv[0]; leak_detective = 1; if(argc > 2 ) { fprintf(stderr, "Usage: %s <whackrecord>\n", progname); exit(10); } /* argv[1] == "-r" */ tool_init_log(); infile = argv[1]; readwhackmsg(infile); report_leaks(); tool_close_log(); exit(0); }
/* leave pluto, with status. * Once child is launched, parent must not exit this way because * the lock would be released. * * 0 OK * 1 general discomfort * 10 lock file exists */ void exit_pluto(int status) { reset_globals(); /* needed because we may be called in odd state */ free_preshared_secrets(); free_remembered_public_keys(); delete_every_connection(); /* free memory allocated by initialization routines. Please don't forget to do this. */ #ifdef HAVE_THREADS free_crl_fetch(); /* free chain of crl fetch requests */ #endif #ifdef HAVE_OCSP free_ocsp_fetch(); /* free chain of ocsp fetch requests */ #endif free_authcerts(); /* free chain of X.509 authority certificates */ free_crls(); /* free chain of X.509 CRLs */ free_acerts(); /* free chain of X.509 attribute certificates */ free_ocsp(); /* free ocsp cache */ free_ifaces(); /* free interface list from memory */ stop_adns(); /* Stop async DNS process (if running) */ free_md_pool(); /* free the md pool */ delete_lock(); /* delete any lock files */ #ifdef LEAK_DETECTIVE report_leaks(); /* report memory leaks now, after all free()s */ #endif /* LEAK_DETECTIVE */ close_log(); /* close the logfiles */ exit(status); /* exit, with our error code */ }
main(int argc, char *argv[]){ int i; struct db_sa *sa1 = NULL; progname = argv[0]; leak_detective = 1; tool_init_log(); for (i = 0; i < elemsof(oakley_sadb); i++) { /* make sure that leak reports and EFence reports get * placed in the right order. */ fflush(stdout); fflush(stderr); printf("\nmain mode oakley: %u\n", i); sa_print(&oakley_sadb[i]); sa1 = sa_copy_sa_first(&oakley_sadb[i]); sa_print(sa1); free_sa(sa1); fflush(stdout); report_leaks(); } tool_close_log(); exit(0); }
main(int argc, char *argv[]) { progname = argv[0]; tool_init_log(); /* our enum names */ do_test(&connection_kind_names, 256); do_test(&certpolicy_type_names, 256); /* IETF registry based enum names */ do_test(&version_names, 256); do_test(&doi_names, 256); do_test(&ikev1_payload_names, 256); do_test(&ikev2_payload_names, 256); do_test(&payload_names_ikev1orv2, 256); do_test(&ikev1_exchange_names, 256); do_test(&ikev2_exchange_names, 256); do_test(&exchange_names_ikev1orv2, 256); do_test(&protocol_names, 256); /* why not ikev1_protocol_names ? */ do_test(&ikev2_protocol_names, 256); do_test(&isakmp_transformid_names, 256); do_test(&ah_transformid_names, 256); do_test(&esp_transformid_names, 256); do_test(&ipcomp_transformid_names, 256); do_test(&oakley_attr_names, 256); do_test(&ipsec_attr_names, 256); do_test(&sa_lifetime_names, 256); do_test(&oakley_lifetime_names, 256); do_test(&oakley_auth_names, 256); do_test(&oakley_enc_names, 256); do_test(&oakley_hash_names, 256); do_test(&oakley_group_names, 256); do_test(&ikev1_notify_names, 16384); do_test(&ikev2_notify_names, 16384); do_test(&ikev2_ts_type_names, 256); do_test(&enc_mode_names, 256); do_test(&auth_alg_names, 256); do_test(&xauth_type_names, 256); do_test(&xauth_attr_names, 256); do_test(&attr_msg_type_names, 256); do_test(&ikev2_sec_proto_id_names, 256); do_test(&ikev2_auth_names, 256); do_test(&ikev2_trans_type_encr_names, 256); do_test(&ikev2_trans_type_prf_names, 256); do_test(&ikev2_trans_type_integ_names, 256); do_test(&ikev2_trans_type_esn_names, 256); do_test(&ikev2_trans_type_names, 256); do_test(&ike_cert_type_names, 256); do_test(&ikev2_cert_type_names, 256); do_test(&modecfg_attr_names, 256); do_test(&ike_idtype_names, 256); do_test(&ikev2_idtype_names, 256); report_leaks(); tool_close_log(); exit(0); }
int main(int argc, char *argv[]) { bool recalculate = FALSE; int len; err_t err = NULL; char *infile; char *conn_name; int lineno=0; struct connection *c1 = NULL; #ifdef HAVE_EFENCE EF_PROTECT_FREE=1; #endif progname = argv[0]; leak_detective = 1; if(argc != 3 && argc!=4) { fprintf(stderr, "Usage: %s [-r] <whackrecord> <conn-name>\n", progname); exit(10); } /* skip argv0 */ argc--; argv++; if(strcmp(argv[0], "-r")==0) { recalculate = 1; /* do all crypto */ argc--; argv++; } tool_init_log(); load_oswcrypto(); init_fake_vendorid(); init_fake_secrets(); init_local_interface(); infile = argv[0]; conn_name = argv[1]; cur_debugging = DBG_CONTROL|DBG_CONTROLMORE; if(readwhackmsg(infile) == 0) exit(11); send_packet_setup_pcap("OUTPUT/" TESTNAME ".pcap"); c1 = con_by_name(conn_name, TRUE); assert(c1 != NULL); //list_public_keys(FALSE, FALSE); assert(orient(c1, 500)); show_one_connection(c1, whack_log); kick_adns_connection_lookup(c1, &c1->spd.that, TRUE); report_leaks(); tool_close_log(); exit(0); }
main(int argc, char *argv[]) { int len; err_t err = NULL; char *infile; char *conn_name; int lineno=0; struct starter_config *cfg = NULL; struct starter_conn *conn = NULL; //EF_PROTECT_FREE=1; progname = argv[0]; leak_detective = 1; if(argc < 4) { fprintf(stderr, "Usage: %s <cfgrootdir> <cfgfile> <conn-name>.. \n", progname); exit(10); } /* argv[1] == "-r" */ tool_init_log(); //init_fake_vendorid(); rootdir[0]='\0'; strlcat(rootdir, argv[1], sizeof(rootdir)); starter_use_log(1, 1, 1); cfg = confread_load(argv[2], &err, FALSE, NULL,FALSE); argv+=3; argc-=3; /* load all conns marked as auto=add or better */ for(conn = cfg->conns.tqh_first; conn != NULL; conn = conn->link.tqe_next) { for(; argc>0; argc--, argv++) { conn_name = *argv; printf("processing conn: %s\n", conn_name); if(strcasecmp(conn->name, conn_name)==0) { struct whack_message msg1; if(starter_whack_build_basic_conn(cfg, &msg1, conn)==0) { add_connection(&msg1); } } } } confread_free(cfg); report_leaks(); tool_close_log(); exit(0); }
main(int argc, char *argv[]) { int len; char *infile; char *conn_name; int lineno=0; struct connection *c1; struct state *st; EF_PROTECT_FREE=1; EF_FREE_WIPES =1; progname = argv[0]; leak_detective = 1; if(argc != 3) { fprintf(stderr, "Usage: %s <whackrecord> <conn-name>\n", progname); exit(10); } /* argv[1] == "-r" */ tool_init_log(); init_fake_vendorid(); infile = argv[1]; conn_name = argv[2]; readwhackmsg(infile); send_packet_setup_pcap("parentI1.pcap"); c1 = con_by_name(conn_name, TRUE); show_one_connection(c1); st = sendI1(c1,DBG_EMITTING|DBG_CONTROL|DBG_CONTROLMORE); run_continuation(r); /* now invoke the timer event to cause a re-transmission */ handle_next_timer_event(); /* clean up so that we can see any leaks */ delete_state(st); report_leaks(); tool_close_log(); exit(0); }
int main(int argc, char *argv[]) { int i; struct db_sa *sa1 = NULL; struct db_sa *sa2 = NULL; progname = argv[0]; leak_detective=1; tool_init_log(); for(i=0; i < elemsof(oakley_sadb); i++) { printf("\nmain mode oakley: %u\n", i); sa_print(&oakley_sadb[i]); sa1 = sa_copy_sa(&oakley_sadb[i], 0); if(sa2 != NULL) { free_sa(sa2); } sa2 = sa_copy_sa(sa1, 0); free_sa(sa1); printf("copy 2\n"); sa_print(sa2); } for(i=0; i < elemsof(oakley_am_sadb); i++) { printf("\naggr mode oakley: %u\n", i); sa_print(&oakley_am_sadb[i]); sa1 = sa_copy_sa(&oakley_am_sadb[i], 0); if(sa2 != NULL) { free_sa(sa2); } sa2 = sa_copy_sa(sa1, 0); free_sa(sa1); printf("copy 2\n"); sa_print(sa2); } if(sa2 != NULL) free_sa(sa2); report_leaks(); tool_close_log(); exit(0); }
int main(int argc, char *argv[]) { int len; char *infile; char *conn_name; int lineno=0; int regression = 0; struct connection *c1; struct state *st; #ifdef HAVE_EFENCE EF_PROTECT_FREE=1; #endif progname = argv[0]; leak_detective = 1; if(argc != 3 && argc!=4) { fprintf(stderr, "Usage: %s [-r] <whackrecord>\n", progname); exit(10); } /* skip argv0 */ argc--; argv++; if(strcmp(argv[0], "-r")==0) { regression = 1; argc--; argv++; } tool_init_log(); load_oswcrypto(); init_fake_vendorid(); init_fake_secrets(); init_local_interface(); infile = argv[0]; cur_debugging = DBG_CONTROL|DBG_CONTROLMORE; if(readwhackmsg(infile) == 0) exit(11); hostpair_list(); report_leaks(); tool_close_log(); exit(0); }
int main(int argc, char *argv[]) { int i; struct id one; progname = argv[0]; tool_init_log(); t1(); t2(); t3(); t4(); t5(); t6(); report_leaks(); tool_close_log(); exit(0); }
/* leave pluto, with status. * Once child is launched, parent must not exit this way because * the lock would be released. * * 0 OK * 1 general discomfort * 10 lock file exists */ void exit_pluto(int status) { reset_globals(); /* needed because we may be called in odd state */ free_preshared_secrets(); free_remembered_public_keys(); delete_every_connection(); free_cacerts(); /* free chain of CA certificates */ free_crls(); /* free chain of CRLS */ free_mycert(); /* free default certificate (deprecated for X.509) */ free_ifaces(); stop_adns(); free_md_pool(); delete_lock(); #ifdef LEAK_DETECTIVE report_leaks(); #endif /* LEAK_DETECTIVE */ close_log(); exit(status); }
/* * leave pluto, with status. * Once child is launched, parent must not exit this way because * the lock would be released. * * 0 OK * 1 general discomfort * 10 lock file exists */ void exit_pluto(int status) { /* needed because we may be called in odd state */ reset_globals(); #ifdef USE_SYSTEMD_WATCHDOG pluto_sd(PLUTO_SD_STOPPING, status); #endif free_preshared_secrets(); free_remembered_public_keys(); delete_every_connection(); /* * free memory allocated by initialization routines. Please don't * forget to do this. */ #if defined(LIBCURL) || defined(LDAP_VER) free_crl_fetch(); /* free chain of crl fetch requests */ #endif lsw_conf_free_oco(); /* free global_oco containing path names */ free_myFQDN(); /* free myid FQDN */ free_ifaces(); /* free interface list from memory */ free_md_pool(); /* free the md pool */ lsw_nss_shutdown(); delete_lock(); /* delete any lock files */ free_virtual_ip(); /* virtual_private= */ free_kernelfd(); /* stop listening to kernel FD, remove event */ free_pluto_main(); /* our static chars */ /* report memory leaks now, after all free_* calls */ if (leak_detective) report_leaks(); close_log(); /* close the logfiles */ #ifdef USE_SYSTEMD_WATCHDOG pluto_sd(PLUTO_SD_EXIT,status); #endif exit(status); /* exit, with our error code */ }
main(int argc, char *argv[]){ int i; struct db_sa *gsp = NULL; struct db_sa *sa1 = NULL; struct db_sa *sa2 = NULL; progname = argv[0]; leak_detective = 1; tool_init_log(); for (i = 0; i < elemsof(oakley_sadb); i++) { gsp = sa_copy_sa(&oakley_empty, 0); printf("\nmain mode oakley: %u\n", i); //sa_print(&oakley_sadb[i]); sa1 = sa_copy_sa(&oakley_sadb[i], 0); sa2 = sa_merge_proposals(gsp, sa1); printf("sa1:\n"); sa_print(sa1); printf("gsp:\n"); sa_print(gsp); printf("sa2:\n"); sa_print(sa2); free_sa(sa1); free_sa(sa2); free_sa(gsp); report_leaks(); } tool_close_log(); exit(0); }
/* leave pluto, with status. * Once child is launched, parent must not exit this way because * the lock would be released. * * 0 OK * 1 general discomfort * 10 lock file exists */ void exit_pluto(int status) { reset_globals(); /* needed because we may be called in odd state */ free_preshared_secrets(); free_remembered_public_keys(); delete_every_connection(); /* free memory allocated by initialization routines. Please don't forget to do this. */ #ifdef TPM free_tpm(); #endif #if defined(LIBCURL) || defined(LDAP_VER) free_crl_fetch(); /* free chain of crl fetch requests */ #endif free_authcerts(); /* free chain of X.509 authority certificates */ free_crls(); /* free chain of X.509 CRLs */ free_acerts(); /* free chain of X.509 attribute certificates */ lsw_conf_free_oco(); /* free global_oco containing path names */ free_myFQDN(); /* free myid FQDN */ free_ifaces(); /* free interface list from memory */ stop_adns(); /* Stop async DNS process (if running) */ free_md_pool(); /* free the md pool */ NSS_Shutdown(); delete_lock(); /* delete any lock files */ #ifdef LEAK_DETECTIVE report_leaks(); /* report memory leaks now, after all free()s */ #endif /* LEAK_DETECTIVE */ close_log(); /* close the logfiles */ exit(status); /* exit, with our error code */ }
main(int argc, char *argv[]){ int len; char *infile; char *conn_name; int lineno = 0; struct connection *c1; pcap_t *pt; char eb1[256]; struct state *st; EF_PROTECT_FREE = 1; EF_FREE_WIPES = 1; progname = argv[0]; printf("Started %s\n", progname); leak_detective = 1; pluto_shared_secrets_file = "../../../baseconfigs/west/etc/ipsec.secrets"; lsw_init_ipsecdir("../../../baseconfigs/west/etc/ipsec.d"); lsw_init_rootdir("../../../baseconfigs/west"); init_crypto(); init_seam_kernelalgs(); load_authcerts("CA cert", "../../../baseconfigs/west/etc/ipsec.d/cacerts", AUTH_CA); if (argc != 4) { fprintf(stderr, "Usage: %s <whackrecord> <conn-name> <pcapin>\n", progname); exit(10); } /* argv[1] == "-r" */ tool_init_log(); init_fake_vendorid(); infile = argv[1]; conn_name = argv[2]; load_preshared_secrets(NULL_FD); readwhackmsg(infile); send_packet_setup_pcap("parentI2x509.pcap"); pt = pcap_open_offline(argv[3], eb1); if (!pt) { perror(argv[3]); exit(50); } c1 = con_by_name(conn_name, TRUE); show_one_connection(c1); /* now, send the I1 packet, really just so that we are in the right * state to receive the R1 packet and process it. */ st = sendI1(c1, 0); cur_debugging = DBG_EMITTING | DBG_CONTROL | DBG_CONTROLMORE | DBG_PARSING | DBG_PRIVATE | DBG_CRYPT; pcap_dispatch(pt, 1, recv_pcap_packet1, NULL); { struct state *st; /* find st involved */ st = state_with_serialno(1); delete_state(st); /* find st involved */ st = state_with_serialno(2); if (st) delete_state(st); } report_leaks(); tool_close_log(); exit(0); }
main(int argc, char *argv[]) { int i; chunk_t blob, crl_uri; err_t e; cert_t cacert,t1; time_t until; /* sadly, this is actually too late */ EF_DISABLE_BANNER = 1; progname = argv[0]; leak_detective=1; tool_init_log(); load_oswcrypto(); set_debugging(DBG_X509|DBG_PARSING|DBG_CONTROL); until =1421896274; set_fake_x509_time(until); /* Wed Jan 21 22:11:14 2015 */ #ifdef HAVE_LIBNSS { SECStatus nss_init_status= NSS_InitReadWrite("nss.d"); if (nss_init_status != SECSuccess) { fprintf(stderr, "NSS initialization failed (err %d)\n", PR_GetError()); exit(10); } else { printf("NSS Initialized\n"); PK11_SetPasswordFunc(getNSSPassword); } } #endif if(argc < 3) { fprintf(stderr, "Usage: nsscert CAcertfile.pem cert1.pem cert2.pem...\n"); exit(5); } /* skip argv0 */ argc--; argv++; /* load CAcert */ if(!load_cert(CERT_NONE, argv[0], TRUE, "cacert", &cacert)) { printf("could not load CA cert file: %s\n", argv[0]); exit(1); } add_authcert(cacert.u.x509, AUTH_CA); argc--; argv++; while(argc-- > 0) { char *file = *argv++; /* load target cert */ if(!load_cert(CERT_NONE, file, TRUE, "test1", &t1)) { printf("could not load cert file: %s\n", file); exit(1); } until += 86400; if(verify_x509cert(t1.u.x509, FALSE, &until) == FALSE) { printf("verify x509 failed\n"); exit(3); } printf("cert: %s is valid\n", file); free_x509cert(t1.u.x509); } free_x509cert(cacert.u.x509); report_leaks(); tool_close_log(); exit(0); }
int main(int argc, char *argv[]) { int len; char *infile, *pcapin, *pcapout; char *conn_name; int lineno=0; struct connection *c1; struct state *st; char eb1[256]; /* error buffer for pcap open */ #ifdef HAVE_EFENCE EF_PROTECT_FREE=1; #endif progname = argv[0]; leak_detective = 1; if(argc <= 4) { usage: fprintf(stderr, "Usage: %s <whackrecord> <conn-name> <pcapin> <pcapout>\n", progname); exit(10); } /* argv[1] == "-r" ?? */ tool_init_log(); init_crypto(); init_fake_vendorid(); init_fake_secrets(); init_jamesjohnson_interface(); infile = NULL; conn_name = NULL; pcapin = NULL; pcapout = NULL; argc--; argv++; if(argc > 0) { infile = argv[0]; argc--; argv++; } if(argc > 0) { conn_name = argv[0]; argc--; argv++; } if(argc > 0) { pcapin = argv[0]; argc--; argv++; } if(argc > 0) { pcapout = argv[0]; argc--; argv++; } if(conn_name == NULL || infile == NULL || pcapin == NULL || pcapout == NULL) { goto usage; } cur_debugging = DBG_CONTROL|DBG_CONTROLMORE; if(readwhackmsg(infile) == 0) exit(10); c1 = con_by_name(conn_name, TRUE); assert(c1 != NULL); assert(orient(c1, 500)); show_one_connection(c1, whack_log); send_packet_setup_pcap(pcapout); /* setup to process the I1 packet */ recv_pcap_setup(pcapin); cur_debugging = DBG_EMITTING|DBG_CONTROL|DBG_CONTROLMORE; pcap_dispatch(pt, 1, recv_pcap_packet, NULL); /* clean up so that we can see any leaks */ st = state_with_serialno(1); if(st!=NULL) { delete_state(st); free_state(st); } delete_connection(c1, TRUE); report_leaks(); tool_close_log(); exit(0); }
main(int argc, char *argv[]) { int len; char *infile; char *conn_name; char *pcap1in; char *pcap2in; char *pcap_out; int lineno=0; int regression; struct connection *c1; struct state *st; EF_PROTECT_FREE=1; progname = argv[0]; leak_detective = 1; /* skip argv0 */ argc--; argv++; if(strcmp(argv[0], "-r")==0) { regression = 1; argc--; argv++; } if(argc != 5) { fprintf(stderr, "Usage: %s <whackrecord> <conn-name> <pcapin1> <pcapin2> <pcapout>\n", progname); exit(10); } tool_init_log(); init_crypto(); load_oswcrypto(); init_fake_vendorid(); init_jamesjohnson_interface(); init_seam_kernelalgs(); infile = argv[0]; conn_name = argv[1]; pcap1in = argv[2]; pcap2in = argv[3]; pcap_out = argv[4]; cur_debugging = DBG_CONTROL|DBG_CONTROLMORE; if(readwhackmsg(infile) == 0) exit(10); c1 = con_by_name(conn_name, TRUE); assert(c1 != NULL); assert(orient(c1, 500)); show_one_connection(c1); /* omit the R1 reply */ send_packet_setup_pcap("/dev/null"); /* setup to process the I1 packet */ recv_pcap_setup(pcap1in); /* process first I1 packet */ cur_debugging = DBG_EMITTING|DBG_CONTROL|DBG_CONTROLMORE; pcap_dispatch(pt, 1, recv_pcap_packet, NULL); /* set up output file */ send_packet_setup_pcap(pcap_out); pcap_close(pt); /* now process the I2 packet */ recv_pcap_setup(pcap2in); cur_debugging = DBG_EMITTING|DBG_CONTROL|DBG_CONTROLMORE; pcap_dispatch(pt, 1, recv_pcap_packet2, NULL); /* clean up so that we can see any leaks */ st = state_with_serialno(1); if(st!=NULL) { free_state(st); } report_leaks(); tool_close_log(); exit(0); }
main(int argc, char *argv[]) { int len; char *infile; char *conn_name; int lineno=0; int regression = 0; struct connection *c1; struct state *st; #ifdef HAVE_EFENCE EF_PROTECT_FREE=1; #endif progname = argv[0]; leak_detective = 1; /* skip argv0 */ argc--; argv++; if(strcmp(argv[0], "-r")==0) { regression = 1; argc--; argv++; } if(argc != 4) { fprintf(stderr, "Usage: %s [-r] <whackrecord> <conn-name> <pcapfile> <pcapout>\n", progname); exit(10); } tool_init_log(); init_crypto(); load_oswcrypto(); init_fake_vendorid(); init_parker_interface(); infile = argv[0]; conn_name = argv[1]; cur_debugging = DBG_CONTROL|DBG_CONTROLMORE; if(readwhackmsg(infile) == 0) exit(10); /* input packets */ recv_pcap_setup(argv[2]); /* output first packets to /dev/null */ send_packet_setup_pcap("/dev/null"); c1 = con_by_name(conn_name, TRUE); assert(c1 != NULL); assert(orient(c1, 500)); show_one_connection(c1); st = sendI1(c1, DBG_CONTROL, regression == 0); /* now accept the reply packet */ cur_debugging = DBG_CONTROL|DBG_PARSING; /* now output interesting packet to capture file */ send_packet_setup_pcap(argv[3]); pcap_dispatch(pt, 1, recv_pcap_packet, NULL); pcap_close(pt); recv_pcap_setup(argv[2]); pcap_dispatch(pt, 1, recv_pcap_packet, NULL); /* dump the delete message that comes out */ send_packet_setup_pcap("/dev/null"); delete_connection(c1, TRUE); st = state_with_serialno(1); if(st!=NULL) { free_state(st); } report_leaks(); tool_close_log(); exit(0); }
main(int argc, char *argv[]){ int len; char *infile; FILE *idfile; char idbuf[256]; int lineno = 0; EF_PROTECT_FREE = 1; EF_FREE_WIPES = 1; lsw_init_rootdir("../../../baseconfigs/all"); progname = argv[0]; leak_detective = 1; if (argc != 3 ) { fprintf(stderr, "Usage: %s <whackrecord> <idfile>\n", progname); exit(10); } /* argv[1] == "-r" */ tool_init_log(); infile = argv[1]; readwhackmsg(infile); idfile = fopen(argv[2], "r"); if (!idfile) { perror(argv[2]); exit(11); } cur_debugging = DBG_CONTROL | DBG_CONTROLMORE; while (fgets(idbuf, sizeof(idbuf), idfile) != NULL) { struct state *st1; struct connection *nc; struct id peer_id; int aggrmode, initiate; char id1[256]; /* ignore comments */ if (idbuf[0] == '#') continue; st1 = new_state(); sscanf(idbuf, "%s %u %u", id1, &initiate, &aggrmode); /* set it to the first connection, there may be only one?? */ st1->st_connection = connections; /* safe: from new_state */ st1->st_oakley.auth = OAKLEY_RSA_SIG; passert(connections != NULL); atoid(id1, &peer_id, TRUE); nc = refine_host_connection(st1, &peer_id, initiate, aggrmode); printf("%u: %s -> conn: %s\n", ++lineno, id1, nc ? nc->name : "<none>"); } report_leaks(); tool_close_log(); exit(0); }
int main(int argc, char *argv[]) { err_t err = NULL; struct addrinfo hints, *result1, *result2; unsigned char buffer1[1024]; unsigned int buffer1_len = sizeof(buffer1); unsigned int serial_size; int i,s; #ifdef HAVE_EFENCE EF_PROTECT_FREE=1; #endif initproctitle(argc, argv); progname = argv[0]; leak_detective = 1; tool_init_log(); cur_debugging |= DBG_DNS; zero(&hints); hints.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */ hints.ai_socktype = SOCK_DGRAM; /* Datagram socket */ hints.ai_flags = AI_PASSIVE; /* For wildcard IP address */ hints.ai_protocol = 0; /* Any protocol */ hints.ai_canonname = NULL; hints.ai_addr = NULL; hints.ai_next = NULL; if(argc==1) { printf("usage: %s [name]...\n", progname); exit(10); } for(i=1; i < argc; i++) { DBG_log("looking up: %s\n", argv[i]); s = getaddrinfo(argv[i], NULL, &hints, &result1); if(s!=0) { printf("lookup: %s a/aaaa lookup error: %s\n" , argv[i], gai_strerror(s)); continue; } /* sort things so they come out consistently */ result1 = sort_addr_info(result1); dump_addr_info(result1); /* now serialize it into the buffer */ serial_size = serialize_addr_info(result1, buffer1, buffer1_len); freeaddrinfo(result1); DBG_log("serialized size=%u\n", serial_size); result2 = deserialize_addr_info(buffer1, serial_size); dump_addr_info(result2); osw_freeaddrinfo(result2); } report_leaks(); tool_close_log(); exit(0); }
main(int argc, char *argv[]){ int len; char *infile; char *conn_name; int lineno = 0; struct connection *c1; struct state *st; EF_PROTECT_FREE = 1; EF_FREE_WIPES = 1; progname = argv[0]; leak_detective = 1; if (argc != 3) { fprintf(stderr, "Usage: %s <whackrecord> <conn-name>\n", progname); exit(10); } /* argv[1] == "-r" */ tool_init_log(); init_fake_vendorid(); infile = argv[1]; conn_name = argv[2]; readwhackmsg(infile); send_packet_setup_pcap("parentI1.pcap"); c1 = con_by_name(conn_name, TRUE); c1->sa_keying_tries = 0; /* for this test case, make retries infinite */ maximum_retransmissions_initial = 2; show_one_connection(c1); st = sendI1(c1, DBG_EMITTING | DBG_CONTROL | DBG_CONTROLMORE | DBG_WHACKWATCH); run_continuation(r); /* after three-retransmits, we fallback to trying IKEv1, if necessary */ handle_next_timer_event(); run_continuation(r); handle_next_timer_event(); run_continuation(r); handle_next_timer_event(); run_continuation(r); handle_next_timer_event(); run_continuation(r); handle_next_timer_event(); run_continuation(r); handle_next_timer_event(); run_continuation(r); handle_next_timer_event(); run_continuation(r); handle_next_timer_event(); run_continuation(r); handle_next_timer_event(); run_continuation(r); /* after three more retransmits, we go back to IKEv2 */ handle_next_timer_event(); run_continuation(r); handle_next_timer_event(); run_continuation(r); handle_next_timer_event(); run_continuation(r); /* as the state will have been renewed, it's hard to clean up */ report_leaks(); tool_close_log(); exit(0); }
int main(int argc UNUSED, char *argv[]) { tool_init_log(argv[0]); /* * Need to ensure that NSS is initialized before calling * ike_alg_init(). Some sanity checks require a working NSS. */ lsw_nss_buf_t err; if (!lsw_nss_setup(NULL, 0, NULL, err)) { fprintf(stderr, "unexpected %s\n", err); exit(1); } ike_alg_init(); /* esp= */ fprintf(stdout, "\n---- ESP tests that should succeed ----\n"); do_test("aes_gcm_a-128-null", PROTO_IPSEC_ESP); do_test("3des-sha1;modp1024", PROTO_IPSEC_ESP); do_test("3des-sha1;modp1536", PROTO_IPSEC_ESP); do_test("3des-sha1;modp2048", PROTO_IPSEC_ESP); do_test("3des-sha1;dh22", PROTO_IPSEC_ESP); do_test("3des-sha1;dh23", PROTO_IPSEC_ESP); do_test("3des-sha1;dh24", PROTO_IPSEC_ESP); do_test("3des-sha1", PROTO_IPSEC_ESP); do_test("null-sha1", PROTO_IPSEC_ESP); do_test("aes", PROTO_IPSEC_ESP); do_test("aes_cbc", PROTO_IPSEC_ESP); do_test("aes-sha", PROTO_IPSEC_ESP); do_test("aes-sha1", PROTO_IPSEC_ESP); do_test("aes-sha2", PROTO_IPSEC_ESP); do_test("aes-sha256", PROTO_IPSEC_ESP); do_test("aes-sha384", PROTO_IPSEC_ESP); do_test("aes-sha512", PROTO_IPSEC_ESP); do_test("aes128-sha1", PROTO_IPSEC_ESP); do_test("aes128-aes_xcbc", PROTO_IPSEC_ESP); do_test("aes192-sha1", PROTO_IPSEC_ESP); do_test("aes256-sha1", PROTO_IPSEC_ESP); do_test("aes256-sha", PROTO_IPSEC_ESP); do_test("aes256-sha2", PROTO_IPSEC_ESP); do_test("aes256-sha2_256", PROTO_IPSEC_ESP); do_test("aes256-sha2_384", PROTO_IPSEC_ESP); do_test("aes256-sha2_512", PROTO_IPSEC_ESP); do_test("camellia", PROTO_IPSEC_ESP); do_test("camellia128", PROTO_IPSEC_ESP); do_test("camellia192", PROTO_IPSEC_ESP); do_test("camellia256", PROTO_IPSEC_ESP); do_test("aes_ccm_a-128-null", PROTO_IPSEC_ESP); do_test("aes_ccm_a-192-null", PROTO_IPSEC_ESP); do_test("aes_ccm_a-256-null", PROTO_IPSEC_ESP); do_test("aes_ccm_b-128-null", PROTO_IPSEC_ESP); do_test("aes_ccm_b-192-null", PROTO_IPSEC_ESP); do_test("aes_ccm_b-256-null", PROTO_IPSEC_ESP); do_test("aes_ccm_c-128-null", PROTO_IPSEC_ESP); do_test("aes_ccm_c-192-null", PROTO_IPSEC_ESP); do_test("aes_ccm_c-256-null", PROTO_IPSEC_ESP); do_test("aes_gcm_a-128-null", PROTO_IPSEC_ESP); do_test("aes_gcm_a-192-null", PROTO_IPSEC_ESP); do_test("aes_gcm_a-256-null", PROTO_IPSEC_ESP); do_test("aes_gcm_b-128-null", PROTO_IPSEC_ESP); do_test("aes_gcm_b-192-null", PROTO_IPSEC_ESP); do_test("aes_gcm_b-256-null", PROTO_IPSEC_ESP); do_test("aes_gcm_c-128-null", PROTO_IPSEC_ESP); do_test("aes_gcm_c-192-null", PROTO_IPSEC_ESP); do_test("aes_gcm_c-256-null", PROTO_IPSEC_ESP); do_test("aes_ccm-null", PROTO_IPSEC_ESP); do_test("aes_gcm-null", PROTO_IPSEC_ESP); do_test("aes_ccm-256-null", PROTO_IPSEC_ESP); do_test("aes_gcm-192-null", PROTO_IPSEC_ESP); #if 0 /* these are caught using "aliasing" and rewritten to the above syntax */ do_test("aes_ccm_8-128-null", PROTO_IPSEC_ESP); do_test("aes_ccm_8-192-null", PROTO_IPSEC_ESP); do_test("aes_ccm_8-256-null", PROTO_IPSEC_ESP); do_test("aes_ccm_12-128-null", PROTO_IPSEC_ESP); do_test("aes_ccm_12-192-null", PROTO_IPSEC_ESP); do_test("aes_ccm_12-256-null", PROTO_IPSEC_ESP); do_test("aes_ccm_16-128-null", PROTO_IPSEC_ESP); do_test("aes_ccm_16-192-null", PROTO_IPSEC_ESP); do_test("aes_ccm_16-256-null", PROTO_IPSEC_ESP); do_test("aes_gcm_8-128-null", PROTO_IPSEC_ESP); do_test("aes_gcm_8-192-null", PROTO_IPSEC_ESP); do_test("aes_gcm_8-256-null", PROTO_IPSEC_ESP); do_test("aes_gcm_12-128-null", PROTO_IPSEC_ESP); do_test("aes_gcm_12-192-null", PROTO_IPSEC_ESP); do_test("aes_gcm_12-256-null", PROTO_IPSEC_ESP); do_test("aes_gcm_16-128-null", PROTO_IPSEC_ESP); do_test("aes_gcm_16-192-null", PROTO_IPSEC_ESP); do_test("aes_gcm_16-256-null", PROTO_IPSEC_ESP); #endif /* other */ do_test("aes_ctr", PROTO_IPSEC_ESP); do_test("aesctr", PROTO_IPSEC_ESP); do_test("aes_ctr128", PROTO_IPSEC_ESP); do_test("aes_ctr192", PROTO_IPSEC_ESP); do_test("aes_ctr256", PROTO_IPSEC_ESP); do_test("serpent", PROTO_IPSEC_ESP); do_test("twofish", PROTO_IPSEC_ESP); do_test("mars", PROTO_IPSEC_ESP); /* * should this be supported - for now man page says not * do_test("modp1536", PROTO_IPSEC_ESP); */ fprintf(stdout, "\n---- ESP tests that should fail----\n"); do_test("3des168-sha1", PROTO_IPSEC_ESP); /* should get rejected */ do_test("3des-null", PROTO_IPSEC_ESP); /* should get rejected */ do_test("aes128-null", PROTO_IPSEC_ESP); /* should get rejected */ do_test("aes224-sha1", PROTO_IPSEC_ESP); /* should get rejected */ do_test("aes512-sha1", PROTO_IPSEC_ESP); /* should get rejected */ do_test("aes-sha1555", PROTO_IPSEC_ESP); /* should get rejected */ do_test("camellia666-sha1", PROTO_IPSEC_ESP); /* should get rejected */ do_test("blowfish", PROTO_IPSEC_ESP); /* obsoleted */ do_test("des-sha1", PROTO_IPSEC_ESP); /* obsoleted */ do_test("aes_ctr666", PROTO_IPSEC_ESP); /* bad key size */ do_test("aes128-sha2_128", PROTO_IPSEC_ESP); /* _128 does not exist */ do_test("aes256-sha2_256-4096", PROTO_IPSEC_ESP); /* double keysize */ do_test("aes256-sha2_256-128", PROTO_IPSEC_ESP); /* now what?? */ do_test("vanitycipher", PROTO_IPSEC_ESP); do_test("ase-sah", PROTO_IPSEC_ESP); /* should get rejected */ do_test("aes-sah1", PROTO_IPSEC_ESP); /* should get rejected */ do_test("id3", PROTO_IPSEC_ESP); /* should be rejected; idXXX removed */ do_test("aes-id3", PROTO_IPSEC_ESP); /* should be rejected; idXXX removed */ do_test("aes_gcm-md5", PROTO_IPSEC_ESP); /* AEAD must have auth null */ /* ah= */ fprintf(stdout, "\n---- AH tests that should succeed ----\n"); do_test("md5", PROTO_IPSEC_AH); do_test("sha", PROTO_IPSEC_AH); do_test("sha1", PROTO_IPSEC_AH); do_test("sha2", PROTO_IPSEC_AH); do_test("sha256", PROTO_IPSEC_AH); do_test("sha384", PROTO_IPSEC_AH); do_test("sha512", PROTO_IPSEC_AH); do_test("sha2_256", PROTO_IPSEC_AH); do_test("sha2_384", PROTO_IPSEC_AH); do_test("sha2_512", PROTO_IPSEC_AH); do_test("aes_xcbc", PROTO_IPSEC_AH); do_test("ripemd", PROTO_IPSEC_AH); fprintf(stdout, "\n---- AH tests that should fail ----\n"); do_test("aes-sha1", PROTO_IPSEC_AH); do_test("vanityhash1", PROTO_IPSEC_AH); do_test("aes_gcm_c-256", PROTO_IPSEC_AH); do_test("id3", PROTO_IPSEC_AH); /* should be rejected; idXXX removed */ do_test("3des", PROTO_IPSEC_AH); do_test("null", PROTO_IPSEC_AH); do_test("aes_gcm", PROTO_IPSEC_AH); do_test("aes_ccm", PROTO_IPSEC_AH); /* ike= */ fprintf(stdout, "\n---- IKE tests that should succeed ----\n"); do_test("3des-sha1", PROTO_ISAKMP); fprintf(stdout, "\n---- IKE tests that should fail ----\n"); do_test("id2", PROTO_ISAKMP); /* should be rejected; idXXX removed */ do_test("3des-id2", PROTO_ISAKMP); /* should be rejected; idXXX removed */ fflush(NULL); report_leaks(); lsw_nss_shutdown(); tool_close_log(); exit(0); }
main(int argc, char *argv[]) { int len; char *infile; char *conn_name; int lineno=0; int regression = 0; struct connection *c1; struct state *st; #ifdef HAVE_EFENCE EF_PROTECT_FREE=1; #endif progname = argv[0]; leak_detective = 1; if(argc != 3 && argc!=4) { fprintf(stderr, "Usage: %s [-r] <whackrecord> <conn-name>\n", progname); exit(10); } /* skip argv0 */ argc--; argv++; if(strcmp(argv[0], "-r")==0) { regression = 1; argc--; argv++; } tool_init_log(); load_oswcrypto(); init_fake_vendorid(); init_fake_secrets(); init_local_interface(); infile = argv[0]; conn_name = argv[1]; cur_debugging = DBG_CONTROL|DBG_CONTROLMORE; if(readwhackmsg(infile) == 0) exit(11); send_packet_setup_pcap("OUTPUT/" TESTNAME ".pcap"); c1 = con_by_name(conn_name, TRUE); assert(c1 != NULL); //list_public_keys(FALSE, FALSE); #ifndef SKIP_ORIENT_ASSERT assert(orient(c1, 500)); #endif show_one_connection(c1); #ifndef SKIP_INITIATE /* do calculation if not -r for regression */ st = sendI1(c1, DBG_EMITTING|DBG_CONTROL|DBG_CONTROLMORE, regression == 0); st = state_with_serialno(1); if(st!=NULL) { delete_state(st); free_state(st); } #endif delete_connection(c1, TRUE); report_leaks(); tool_close_log(); exit(0); }
int main(int argc, char *argv[]) { bool recalculate = FALSE; int len; err_t e; err_t err = NULL; char *infile; char *conn_name; int lineno=0; struct connection *c1 = NULL; struct id moon, cassidy; struct adns_continuation *cr1 = NULL; #ifdef HAVE_EFENCE EF_PROTECT_FREE=1; #endif initproctitle(argc, argv); progname = argv[0]; leak_detective = 1; if(argc != 3 && argc!=4) { fprintf(stderr, "Usage: %s [-r] <whackrecord> <conn-name>\n", progname); exit(10); } /* skip argv0 */ argc--; argv++; if(strcmp(argv[0], "-r")==0) { recalculate = 1; /* do all crypto */ argc--; argv++; } tool_init_log(); cur_debugging |= DBG_DNS; init_adns(); { int r; struct sigaction act; act.sa_handler = &childhandler; act.sa_flags = SA_RESTART; r = sigaction(SIGCHLD, &act, NULL); passert(r == 0); } reset_globals(); /* setup a query */ cr1 = alloc_thing(struct adns_continuation, "moon lookup"); moon.kind = ID_FQDN; strtochunk(moon.name, "moon.testing.openswan.org", "dns name"); e = start_adns_query(&moon, NULL, ns_t_key, moon_continue, cr1); freeanychunk(moon.name); process_dns_results(); #if 0 cr1 = alloc_thing(struct adns_continuation, "cassidy lookup"); cassidy.kind = ID_FQDN; strtochunk(cassidy.name, "cassidy.sandelman.ca", "dns name 2"); e = start_adns_query(&cassidy, NULL, ns_t_key, cassidy_continue, cr1); freeanychunk(cassidy.name); process_dns_results(); #endif /* re-use cassidy */ cr1 = alloc_thing(struct adns_continuation, "cassidy A lookup"); e = start_adns_hostname(AF_UNSPEC, "cassidy.sandelman.ca", cassidy_host_continue, cr1); process_dns_results(); stop_adns(); report_leaks(); tool_close_log(); exit(0); }
main(int argc, char *argv[]) { int len; char *infile; char *conn_name; int lineno = 0; struct connection *c1; pcap_t *pt; char eb1[256]; EF_PROTECT_BELOW = 1; EF_PROTECT_FREE = 1; EF_FREE_WIPES = 1; progname = argv[0]; leak_detective = 1; init_crypto(); if (argc != 4) { fprintf(stderr, "Usage: %s <whackrecord> <conn-name> <pcapin>\n", progname); exit(10); } /* argv[1] == "-r" */ tool_init_log(); init_fake_vendorid(); infile = argv[1]; conn_name = argv[2]; readwhackmsg(infile); send_packet_setup_pcap("parentR1.pcap"); c1 = con_by_name(conn_name, TRUE); show_one_connection(c1); pt = pcap_open_offline(argv[3], eb1); if (!pt) { perror(argv[3]); exit(50); } cur_debugging = DBG_EMITTING | DBG_CONTROL | DBG_CONTROLMORE; pcap_dispatch(pt, 1, recv_pcap_packet, NULL); { struct state *st; /* find st involved */ st = state_with_serialno(1); delete_state(st); } report_leaks(); tool_close_log(); exit(0); }
main(int argc, char *argv[]) { int len; char *infile; char *conn_name; int lineno=0; int regression = 0; struct connection *c1; struct state *st; EF_PROTECT_FREE=1; progname = argv[0]; leak_detective = 1; if(argc != 4 && argc != 5) { fprintf(stderr, "Usage: %s [-r] <whackrecord> <conn-name> <pcapfile>\n", progname); exit(10); } /* skip argv0 */ argc--; argv++; if(strcmp(argv[0], "-r")==0) { regression = 1; argc--; argv++; } tool_init_log(); load_oswcrypto(); init_fake_vendorid(); init_parker_interface(); infile = argv[0]; conn_name = argv[1]; cur_debugging = DBG_CONTROL|DBG_CONTROLMORE; if(readwhackmsg(infile) == 0) exit(10); /* input packets */ recv_pcap_setup(argv[2]); /* output packets */ send_packet_setup_pcap("OUTPUT/parentI2.pcap"); c1 = con_by_name(conn_name, TRUE); assert(c1 != NULL); assert(orient(c1, 500)); show_one_connection(c1); st = sendI1(c1, DBG_CONTROL, regression == 0); /* now accept the reply packet */ cur_debugging = DBG_CONTROL|DBG_PARSING; pcap_dispatch(pt, 1, recv_pcap_packet, NULL); st = state_with_serialno(1); if(st!=NULL) { delete_state(st); free_state(st); } report_leaks(); tool_close_log(); exit(0); }