int main(int argc, char *argv[])
{
struct state st1;
progname = argv[0];
cur_debugging = DBG_CRYPT | DBG_KERNEL | DBG_PARSING;
memset(&st1, 0, sizeof(st1));
pluto_shared_secrets_file = "../../baseconfigs/east/etc/ipsec.secrets";
lsw_init_ipsecdir("../../baseconfigs/east/etc/ipsec.d");
lsw_init_rootdir("../../baseconfigs/east");
/* initialize list of moduli */
init_crypto();
load_lswcrypto();
init_seam_kernelalgs();
/* now derive the keys for the CHILD_SA */
{
struct ipsec_proto_info *ipi;
setchunk(st1.st_skey_d, tc3_results_skey_d,
sizeof(tc3_results_skey_d));
ipi = &st1.st_esp;
ipi->attrs.transattrs.encrypt = IKEv2_ENCR_AES_CBC;
ipi->attrs.transattrs.enckeylen = 128;
ipi->attrs.transattrs.integ_hash = alg_info_esp_v2tov1aa(
IKEv2_AUTH_HMAC_SHA1_96);
ikev2_derive_child_keys(&st1);
DBG_dump("our keymat: ",
ipi->our_keymat,
ipi->keymat_len);
DBG_dump("peer keymat: ",
ipi->peer_keymat,
ipi->keymat_len);
}
exit(0);
}
main(int argc, char *argv[]){
int len;
char *infile;
char *conn_name;
int lineno = 0;
struct connection *c1;
pcap_t *pt;
char eb1[256];
struct state *st;
EF_PROTECT_FREE = 1;
EF_FREE_WIPES = 1;
progname = argv[0];
printf("Started %s\n", progname);
leak_detective = 1;
pluto_shared_secrets_file =
"../../../baseconfigs/west/etc/ipsec.secrets";
lsw_init_ipsecdir("../../../baseconfigs/west/etc/ipsec.d");
lsw_init_rootdir("../../../baseconfigs/west");
init_crypto();
init_seam_kernelalgs();
load_authcerts("CA cert",
"../../../baseconfigs/west/etc/ipsec.d/cacerts",
AUTH_CA);
if (argc != 4) {
fprintf(stderr,
"Usage: %s <whackrecord> <conn-name> <pcapin>\n",
progname);
exit(10);
}
/* argv[1] == "-r" */
tool_init_log();
init_fake_vendorid();
infile = argv[1];
conn_name = argv[2];
load_preshared_secrets(NULL_FD);
readwhackmsg(infile);
send_packet_setup_pcap("parentI2x509.pcap");
pt = pcap_open_offline(argv[3], eb1);
if (!pt) {
perror(argv[3]);
exit(50);
}
c1 = con_by_name(conn_name, TRUE);
show_one_connection(c1);
/* now, send the I1 packet, really just so that we are in the right
* state to receive the R1 packet and process it.
*/
st = sendI1(c1, 0);
cur_debugging = DBG_EMITTING | DBG_CONTROL | DBG_CONTROLMORE |
DBG_PARSING | DBG_PRIVATE | DBG_CRYPT;
pcap_dispatch(pt, 1, recv_pcap_packet1, NULL);
{
struct state *st;
/* find st involved */
st = state_with_serialno(1);
delete_state(st);
/* find st involved */
st = state_with_serialno(2);
if (st)
delete_state(st);
}
report_leaks();
tool_close_log();
exit(0);
}
main(int argc, char *argv[]){
int len;
char *infile;
FILE *idfile;
char idbuf[256];
int lineno = 0;
EF_PROTECT_FREE = 1;
EF_FREE_WIPES = 1;
lsw_init_rootdir("../../../baseconfigs/all");
progname = argv[0];
leak_detective = 1;
if (argc != 3 ) {
fprintf(stderr, "Usage: %s <whackrecord> <idfile>\n",
progname);
exit(10);
}
/* argv[1] == "-r" */
tool_init_log();
infile = argv[1];
readwhackmsg(infile);
idfile = fopen(argv[2], "r");
if (!idfile) {
perror(argv[2]);
exit(11);
}
cur_debugging = DBG_CONTROL | DBG_CONTROLMORE;
while (fgets(idbuf, sizeof(idbuf), idfile) != NULL) {
struct state *st1;
struct connection *nc;
struct id peer_id;
int aggrmode, initiate;
char id1[256];
/* ignore comments */
if (idbuf[0] == '#')
continue;
st1 = new_state();
sscanf(idbuf, "%s %u %u", id1, &initiate, &aggrmode);
/* set it to the first connection, there may be only one?? */
st1->st_connection = connections; /* safe: from new_state */
st1->st_oakley.auth = OAKLEY_RSA_SIG;
passert(connections != NULL);
atoid(id1, &peer_id, TRUE);
nc = refine_host_connection(st1, &peer_id, initiate, aggrmode);
printf("%u: %s -> conn: %s\n", ++lineno, id1,
nc ? nc->name : "<none>");
}
report_leaks();
tool_close_log();
exit(0);
}
