int main(int argc, char *argv[]) { struct state st1; progname = argv[0]; cur_debugging = DBG_CRYPT | DBG_KERNEL | DBG_PARSING; memset(&st1, 0, sizeof(st1)); pluto_shared_secrets_file = "../../baseconfigs/east/etc/ipsec.secrets"; lsw_init_ipsecdir("../../baseconfigs/east/etc/ipsec.d"); lsw_init_rootdir("../../baseconfigs/east"); /* initialize list of moduli */ init_crypto(); load_lswcrypto(); init_seam_kernelalgs(); /* now derive the keys for the CHILD_SA */ { struct ipsec_proto_info *ipi; setchunk(st1.st_skey_d, tc3_results_skey_d, sizeof(tc3_results_skey_d)); ipi = &st1.st_esp; ipi->attrs.transattrs.encrypt = IKEv2_ENCR_AES_CBC; ipi->attrs.transattrs.enckeylen = 128; ipi->attrs.transattrs.integ_hash = alg_info_esp_v2tov1aa( IKEv2_AUTH_HMAC_SHA1_96); ikev2_derive_child_keys(&st1); DBG_dump("our keymat: ", ipi->our_keymat, ipi->keymat_len); DBG_dump("peer keymat: ", ipi->peer_keymat, ipi->keymat_len); } exit(0); }
main(int argc, char *argv[]){ int len; char *infile; char *conn_name; int lineno = 0; struct connection *c1; pcap_t *pt; char eb1[256]; struct state *st; EF_PROTECT_FREE = 1; EF_FREE_WIPES = 1; progname = argv[0]; printf("Started %s\n", progname); leak_detective = 1; pluto_shared_secrets_file = "../../../baseconfigs/west/etc/ipsec.secrets"; lsw_init_ipsecdir("../../../baseconfigs/west/etc/ipsec.d"); lsw_init_rootdir("../../../baseconfigs/west"); init_crypto(); init_seam_kernelalgs(); load_authcerts("CA cert", "../../../baseconfigs/west/etc/ipsec.d/cacerts", AUTH_CA); if (argc != 4) { fprintf(stderr, "Usage: %s <whackrecord> <conn-name> <pcapin>\n", progname); exit(10); } /* argv[1] == "-r" */ tool_init_log(); init_fake_vendorid(); infile = argv[1]; conn_name = argv[2]; load_preshared_secrets(NULL_FD); readwhackmsg(infile); send_packet_setup_pcap("parentI2x509.pcap"); pt = pcap_open_offline(argv[3], eb1); if (!pt) { perror(argv[3]); exit(50); } c1 = con_by_name(conn_name, TRUE); show_one_connection(c1); /* now, send the I1 packet, really just so that we are in the right * state to receive the R1 packet and process it. */ st = sendI1(c1, 0); cur_debugging = DBG_EMITTING | DBG_CONTROL | DBG_CONTROLMORE | DBG_PARSING | DBG_PRIVATE | DBG_CRYPT; pcap_dispatch(pt, 1, recv_pcap_packet1, NULL); { struct state *st; /* find st involved */ st = state_with_serialno(1); delete_state(st); /* find st involved */ st = state_with_serialno(2); if (st) delete_state(st); } report_leaks(); tool_close_log(); exit(0); }
main(int argc, char *argv[]){ int len; char *infile; FILE *idfile; char idbuf[256]; int lineno = 0; EF_PROTECT_FREE = 1; EF_FREE_WIPES = 1; lsw_init_rootdir("../../../baseconfigs/all"); progname = argv[0]; leak_detective = 1; if (argc != 3 ) { fprintf(stderr, "Usage: %s <whackrecord> <idfile>\n", progname); exit(10); } /* argv[1] == "-r" */ tool_init_log(); infile = argv[1]; readwhackmsg(infile); idfile = fopen(argv[2], "r"); if (!idfile) { perror(argv[2]); exit(11); } cur_debugging = DBG_CONTROL | DBG_CONTROLMORE; while (fgets(idbuf, sizeof(idbuf), idfile) != NULL) { struct state *st1; struct connection *nc; struct id peer_id; int aggrmode, initiate; char id1[256]; /* ignore comments */ if (idbuf[0] == '#') continue; st1 = new_state(); sscanf(idbuf, "%s %u %u", id1, &initiate, &aggrmode); /* set it to the first connection, there may be only one?? */ st1->st_connection = connections; /* safe: from new_state */ st1->st_oakley.auth = OAKLEY_RSA_SIG; passert(connections != NULL); atoid(id1, &peer_id, TRUE); nc = refine_host_connection(st1, &peer_id, initiate, aggrmode); printf("%u: %s -> conn: %s\n", ++lineno, id1, nc ? nc->name : "<none>"); } report_leaks(); tool_close_log(); exit(0); }