int main(int argc, char *argv[])
{
struct state st1;
progname = argv[0];
cur_debugging = DBG_CRYPT | DBG_KERNEL | DBG_PARSING;
memset(&st1, 0, sizeof(st1));
pluto_shared_secrets_file = "../../baseconfigs/east/etc/ipsec.secrets";
lsw_init_ipsecdir("../../baseconfigs/east/etc/ipsec.d");
lsw_init_rootdir("../../baseconfigs/east");
/* initialize list of moduli */
init_crypto();
load_lswcrypto();
init_seam_kernelalgs();
/* now derive the keys for the CHILD_SA */
{
struct ipsec_proto_info *ipi;
setchunk(st1.st_skey_d, tc3_results_skey_d,
sizeof(tc3_results_skey_d));
ipi = &st1.st_esp;
ipi->attrs.transattrs.encrypt = IKEv2_ENCR_AES_CBC;
ipi->attrs.transattrs.enckeylen = 128;
ipi->attrs.transattrs.integ_hash = alg_info_esp_v2tov1aa(
IKEv2_AUTH_HMAC_SHA1_96);
ikev2_derive_child_keys(&st1);
DBG_dump("our keymat: ",
ipi->our_keymat,
ipi->keymat_len);
DBG_dump("peer keymat: ",
ipi->peer_keymat,
ipi->keymat_len);
}
exit(0);
}
main(int argc, char *argv[]){
int len;
char *infile;
char *conn_name;
int lineno = 0;
struct connection *c1;
pcap_t *pt;
char eb1[256];
struct state *st;
EF_PROTECT_FREE = 1;
EF_FREE_WIPES = 1;
progname = argv[0];
printf("Started %s\n", progname);
leak_detective = 1;
pluto_shared_secrets_file =
"../../../baseconfigs/west/etc/ipsec.secrets";
lsw_init_ipsecdir("../../../baseconfigs/west/etc/ipsec.d");
lsw_init_rootdir("../../../baseconfigs/west");
init_crypto();
init_seam_kernelalgs();
load_authcerts("CA cert",
"../../../baseconfigs/west/etc/ipsec.d/cacerts",
AUTH_CA);
if (argc != 4) {
fprintf(stderr,
"Usage: %s <whackrecord> <conn-name> <pcapin>\n",
progname);
exit(10);
}
/* argv[1] == "-r" */
tool_init_log();
init_fake_vendorid();
infile = argv[1];
conn_name = argv[2];
load_preshared_secrets(NULL_FD);
readwhackmsg(infile);
send_packet_setup_pcap("parentI2x509.pcap");
pt = pcap_open_offline(argv[3], eb1);
if (!pt) {
perror(argv[3]);
exit(50);
}
c1 = con_by_name(conn_name, TRUE);
show_one_connection(c1);
/* now, send the I1 packet, really just so that we are in the right
* state to receive the R1 packet and process it.
*/
st = sendI1(c1, 0);
cur_debugging = DBG_EMITTING | DBG_CONTROL | DBG_CONTROLMORE |
DBG_PARSING | DBG_PRIVATE | DBG_CRYPT;
pcap_dispatch(pt, 1, recv_pcap_packet1, NULL);
{
struct state *st;
/* find st involved */
st = state_with_serialno(1);
delete_state(st);
/* find st involved */
st = state_with_serialno(2);
if (st)
delete_state(st);
}
report_leaks();
tool_close_log();
exit(0);
}
main(int argc, char *argv[]){
int len;
char *infile;
char *conn_name;
int lineno = 0;
struct connection *c1;
pcap_t *pt;
char eb1[256];
EF_PROTECT_BELOW = 1;
EF_PROTECT_FREE = 1;
EF_FREE_WIPES = 1;
progname = argv[0];
printf("Started %s\n", progname);
leak_detective = 1;
init_crypto();
init_seam_kernelalgs();
if (argc != 4) {
fprintf(stderr,
"Usage: %s <whackrecord> <conn-name> <pcapin>\n",
progname);
exit(10);
}
/* argv[1] == "-r" */
tool_init_log();
init_fake_vendorid();
infile = argv[1];
conn_name = argv[2];
readwhackmsg(infile);
send_packet_setup_pcap("parentR2.pcap");
pt = pcap_open_offline(argv[3], eb1);
if (!pt) {
perror(argv[3]);
exit(50);
}
c1 = con_by_name(conn_name, TRUE);
show_one_connection(c1);
pt = pcap_open_offline(argv[3], eb1);
cur_debugging = DBG_EMITTING | DBG_CONTROL | DBG_CONTROLMORE;
/* process first packet */
pcap_dispatch(pt, 1, recv_pcap_packet1, NULL);
/* process second packet */
pcap_dispatch(pt, 1, recv_pcap_packet2twice, NULL);
pcap_close(pt);
{
struct state *st;
/* find st involved */
st = state_with_serialno(1);
delete_state(st);
}
report_leaks();
tool_close_log();
exit(0);
}
main(int argc, char *argv[])
{
int len;
char *infile;
char *conn_name;
char *pcap1in;
char *pcap2in;
char *pcap_out;
int lineno=0;
int regression;
struct connection *c1;
struct state *st;
EF_PROTECT_FREE=1;
progname = argv[0];
leak_detective = 1;
/* skip argv0 */
argc--; argv++;
if(strcmp(argv[0], "-r")==0) {
regression = 1;
argc--; argv++;
}
if(argc != 5) {
fprintf(stderr, "Usage: %s <whackrecord> <conn-name> <pcapin1> <pcapin2> <pcapout>\n", progname);
exit(10);
}
tool_init_log();
init_crypto();
load_oswcrypto();
init_fake_vendorid();
init_jamesjohnson_interface();
init_seam_kernelalgs();
infile = argv[0];
conn_name = argv[1];
pcap1in = argv[2];
pcap2in = argv[3];
pcap_out = argv[4];
cur_debugging = DBG_CONTROL|DBG_CONTROLMORE;
if(readwhackmsg(infile) == 0) exit(10);
c1 = con_by_name(conn_name, TRUE);
assert(c1 != NULL);
assert(orient(c1, 500));
show_one_connection(c1);
/* omit the R1 reply */
send_packet_setup_pcap("/dev/null");
/* setup to process the I1 packet */
recv_pcap_setup(pcap1in);
/* process first I1 packet */
cur_debugging = DBG_EMITTING|DBG_CONTROL|DBG_CONTROLMORE;
pcap_dispatch(pt, 1, recv_pcap_packet, NULL);
/* set up output file */
send_packet_setup_pcap(pcap_out);
pcap_close(pt);
/* now process the I2 packet */
recv_pcap_setup(pcap2in);
cur_debugging = DBG_EMITTING|DBG_CONTROL|DBG_CONTROLMORE;
pcap_dispatch(pt, 1, recv_pcap_packet2, NULL);
/* clean up so that we can see any leaks */
st = state_with_serialno(1);
if(st!=NULL) {
free_state(st);
}
report_leaks();
tool_close_log();
exit(0);
}
