added -y/--side-by-side option
[dfdiff.git] / usr.sbin / setkey / test-pfkey.c
blobc868e30bc8efb6e2ad4152b8cce2d4fa8af63bd9
1 /* $FreeBSD: src/usr.sbin/setkey/test-pfkey.c,v 1.1.2.1 2000/07/15 07:37:04 kris Exp $ */
2 /* $DragonFly: src/usr.sbin/setkey/test-pfkey.c,v 1.5 2004/12/18 22:48:14 swildner Exp $ */
3 /* $KAME: test-pfkey.c,v 1.4 2000/06/07 00:29:14 itojun Exp $ */
5 /*
6 * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project.
7 * All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the project nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
34 #include <sys/types.h>
35 #include <sys/param.h>
36 #include <sys/socket.h>
37 #include <net/route.h>
38 #include <net/pfkeyv2.h>
39 #include <netinet/in.h>
40 #include <netkey/keydb.h>
41 #include <netkey/key_var.h>
42 #include <netkey/key_debug.h>
44 #include <stdio.h>
45 #include <stdlib.h>
46 #include <limits.h>
47 #include <string.h>
48 #include <ctype.h>
49 #include <unistd.h>
50 #include <errno.h>
51 #include <netdb.h>
53 u_char m_buf[BUFSIZ];
54 u_int m_len;
55 char *pname;
57 void Usage(void);
58 int sendkeymsg(void);
59 void key_setsadbmsg(u_int);
60 void key_setsadbsens(void);
61 void key_setsadbprop(void);
62 void key_setsadbid(u_int, caddr_t);
63 void key_setsadblft(u_int, u_int);
64 void key_setspirange(void);
65 void key_setsadbkey(u_int, caddr_t);
66 void key_setsadbsa(void);
67 void key_setsadbaddr(u_int, u_int, caddr_t);
68 void key_setsadbextbuf(caddr_t, int, caddr_t, int, caddr_t, int);
70 void
71 Usage(void)
73 printf("Usage:\t%s number\n", pname);
74 exit(0);
77 int
78 main(int argv, char **argv)
80 pname = *argv;
82 if (argc == 1) Usage();
84 key_setsadbmsg(atoi(*(argv+1)));
85 sendkeymsg();
87 exit(0);
90 /* %%% */
91 int
92 sendkeymsg(void)
94 u_char rbuf[1024 * 32]; /* XXX: Enough ? Should I do MSG_PEEK ? */
95 int so, len;
97 if ((so = socket(PF_KEY, SOCK_RAW, PF_KEY_V2)) < 0) {
98 perror("socket(PF_KEY)");
99 goto end;
101 #if 0
103 #include <sys/time.h>
104 struct timeval tv;
105 tv.tv_sec = 1;
106 tv.tv_usec = 0;
107 if (setsockopt(so, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv)) < 0) {
108 perror("setsockopt");
109 goto end;
112 #endif
114 pfkey_sadump((struct sadb_msg *)m_buf);
116 if ((len = send(so, m_buf, m_len, 0)) < 0) {
117 perror("send");
118 goto end;
121 if ((len = recv(so, rbuf, sizeof(rbuf), 0)) < 0) {
122 perror("recv");
123 goto end;
126 pfkey_sadump((struct sadb_msg *)rbuf);
128 end:
129 close(so);
130 return(0);
133 void
134 key_setsadbmsg(u_int type)
136 struct sadb_msg m_msg;
138 memset(&m_msg, 0, sizeof(m_msg));
139 m_msg.sadb_msg_version = PF_KEY_V2;
140 m_msg.sadb_msg_type = type;
141 m_msg.sadb_msg_errno = 0;
142 m_msg.sadb_msg_satype = SADB_SATYPE_ESP;
143 #if 0
144 m_msg.sadb_msg_reserved = 0;
145 #endif
146 m_msg.sadb_msg_seq = 0;
147 m_msg.sadb_msg_pid = getpid();
149 m_len = sizeof(struct sadb_msg);
150 memcpy(m_buf, &m_msg, m_len);
152 switch (type) {
153 case SADB_GETSPI:
154 /*<base, address(SD), SPI range>*/
155 key_setsadbaddr(SADB_EXT_ADDRESS_SRC, AF_INET, "10.0.3.4");
156 key_setsadbaddr(SADB_EXT_ADDRESS_DST, AF_INET, "127.0.0.1");
157 key_setspirange();
158 /*<base, SA(*), address(SD)>*/
159 break;
161 case SADB_ADD:
162 /* <base, SA, (lifetime(HSC),) address(SD), (address(P),)
163 key(AE), (identity(SD),) (sensitivity)> */
164 key_setsadbaddr(SADB_EXT_ADDRESS_PROXY, AF_INET6, "3ffe::1");
165 case SADB_UPDATE:
166 key_setsadbsa();
167 key_setsadblft(SADB_EXT_LIFETIME_HARD, 10);
168 key_setsadblft(SADB_EXT_LIFETIME_SOFT, 5);
169 key_setsadbaddr(SADB_EXT_ADDRESS_SRC, AF_INET, "192.168.1.1");
170 key_setsadbaddr(SADB_EXT_ADDRESS_DST, AF_INET, "10.0.3.4");
171 /* XXX key_setsadbkey(SADB_EXT_KEY_AUTH, "abcde"); */
172 key_setsadbkey(SADB_EXT_KEY_AUTH, "1234567812345678");
173 key_setsadbkey(SADB_EXT_KEY_ENCRYPT, "12345678");
174 key_setsadbid(SADB_EXT_IDENTITY_SRC, "hoge1234@hoge.com");
175 key_setsadbid(SADB_EXT_IDENTITY_DST, "hage5678@hage.net");
176 key_setsadbsens();
177 /* <base, SA, (lifetime(HSC),) address(SD), (address(P),)
178 (identity(SD),) (sensitivity)> */
179 break;
181 case SADB_DELETE:
182 /* <base, SA(*), address(SDP)> */
183 key_setsadbsa();
184 key_setsadbaddr(SADB_EXT_ADDRESS_SRC, AF_INET, "192.168.1.1");
185 key_setsadbaddr(SADB_EXT_ADDRESS_DST, AF_INET, "10.0.3.4");
186 key_setsadbaddr(SADB_EXT_ADDRESS_PROXY, AF_INET6, "3ffe::1");
187 /* <base, SA(*), address(SDP)> */
188 break;
190 case SADB_GET:
191 /* <base, SA(*), address(SDP)> */
192 key_setsadbsa();
193 key_setsadbaddr(SADB_EXT_ADDRESS_SRC, AF_INET, "192.168.1.1");
194 key_setsadbaddr(SADB_EXT_ADDRESS_DST, AF_INET, "10.0.3.4");
195 key_setsadbaddr(SADB_EXT_ADDRESS_PROXY, AF_INET6, "3ffe::1");
196 /* <base, SA, (lifetime(HSC),) address(SD), (address(P),)
197 key(AE), (identity(SD),) (sensitivity)> */
198 break;
200 case SADB_ACQUIRE:
201 /* <base, address(SD), (address(P),) (identity(SD),)
202 (sensitivity,) proposal> */
203 key_setsadbaddr(SADB_EXT_ADDRESS_SRC, AF_INET, "192.168.1.1");
204 key_setsadbaddr(SADB_EXT_ADDRESS_DST, AF_INET, "10.0.3.4");
205 key_setsadbaddr(SADB_EXT_ADDRESS_PROXY, AF_INET6, "3ffe::1");
206 key_setsadbid(SADB_EXT_IDENTITY_SRC, "hoge1234@hoge.com");
207 key_setsadbid(SADB_EXT_IDENTITY_DST, "hage5678@hage.net");
208 key_setsadbsens();
209 key_setsadbprop();
210 /* <base, address(SD), (address(P),) (identity(SD),)
211 (sensitivity,) proposal> */
212 break;
214 case SADB_REGISTER:
215 /* <base> */
216 /* <base, supported> */
217 break;
219 case SADB_EXPIRE:
220 case SADB_FLUSH:
221 break;
223 case SADB_DUMP:
224 break;
226 case SADB_X_PROMISC:
227 /* <base> */
228 /* <base, base(, others)> */
229 break;
231 case SADB_X_PCHANGE:
232 break;
234 /* for SPD management */
235 case SADB_X_SPDFLUSH:
236 case SADB_X_SPDDUMP:
237 break;
239 case SADB_X_SPDADD:
240 #if 0
242 struct sadb_x_policy m_policy;
244 m_policy.sadb_x_policy_len = PFKEY_UNIT64(sizeof(m_policy));
245 m_policy.sadb_x_policy_exttype = SADB_X_EXT_POLICY;
246 m_policy.sadb_x_policy_type = SADB_X_PL_IPSEC;
247 m_policy.sadb_x_policy_esp_trans = 1;
248 m_policy.sadb_x_policy_ah_trans = 2;
249 m_policy.sadb_x_policy_esp_network = 3;
250 m_policy.sadb_x_policy_ah_network = 4;
251 m_policy.sadb_x_policy_reserved = 0;
253 memcpy(m_buf + m_len, &m_policy, sizeof(struct sadb_x_policy));
254 m_len += sizeof(struct sadb_x_policy);
256 #endif
258 case SADB_X_SPDDELETE:
259 key_setsadbaddr(SADB_EXT_ADDRESS_SRC, AF_INET, "192.168.1.1");
260 key_setsadbaddr(SADB_EXT_ADDRESS_DST, AF_INET, "10.0.3.4");
261 break;
264 ((struct sadb_msg *)m_buf)->sadb_msg_len = PFKEY_UNIT64(m_len);
267 void
268 key_setsadbsens(void)
270 struct sadb_sens m_sens;
271 u_char buf[64];
272 u_int s, i, slen, ilen, len;
274 /* make sens & integ */
275 s = htonl(0x01234567);
276 i = htonl(0x89abcdef);
277 slen = sizeof(s);
278 ilen = sizeof(i);
279 memcpy(buf, &s, slen);
280 memcpy(buf + slen, &i, ilen);
282 len = sizeof(m_sens) + PFKEY_ALIGN8(slen) + PFKEY_ALIGN8(ilen);
283 m_sens.sadb_sens_len = PFKEY_UNIT64(len);
284 m_sens.sadb_sens_exttype = SADB_EXT_SENSITIVITY;
285 m_sens.sadb_sens_dpd = 1;
286 m_sens.sadb_sens_sens_level = 2;
287 m_sens.sadb_sens_sens_len = PFKEY_ALIGN8(slen);
288 m_sens.sadb_sens_integ_level = 3;
289 m_sens.sadb_sens_integ_len = PFKEY_ALIGN8(ilen);
290 m_sens.sadb_sens_reserved = 0;
292 key_setsadbextbuf(m_buf, m_len,
293 (caddr_t)&m_sens, sizeof(struct sadb_sens),
294 buf, slen + ilen);
295 m_len += len;
298 void
299 key_setsadbprop(void)
301 struct sadb_prop m_prop;
302 struct sadb_comb *m_comb;
303 u_char buf[256];
304 u_int len = sizeof(m_prop) + sizeof(m_comb) * 2;
306 /* make prop & comb */
307 m_prop.sadb_prop_len = PFKEY_UNIT64(len);
308 m_prop.sadb_prop_exttype = SADB_EXT_PROPOSAL;
309 m_prop.sadb_prop_replay = 0;
310 m_prop.sadb_prop_reserved[0] = 0;
311 m_prop.sadb_prop_reserved[1] = 0;
312 m_prop.sadb_prop_reserved[2] = 0;
314 /* the 1st is ESP DES-CBC HMAC-MD5 */
315 m_comb = (struct sadb_comb *)buf;
316 m_comb->sadb_comb_auth = SADB_AALG_MD5HMAC;
317 m_comb->sadb_comb_encrypt = SADB_EALG_DESCBC;
318 m_comb->sadb_comb_flags = 0;
319 m_comb->sadb_comb_auth_minbits = 8;
320 m_comb->sadb_comb_auth_maxbits = 96;
321 m_comb->sadb_comb_encrypt_minbits = 64;
322 m_comb->sadb_comb_encrypt_maxbits = 64;
323 m_comb->sadb_comb_reserved = 0;
324 m_comb->sadb_comb_soft_allocations = 0;
325 m_comb->sadb_comb_hard_allocations = 0;
326 m_comb->sadb_comb_soft_bytes = 0;
327 m_comb->sadb_comb_hard_bytes = 0;
328 m_comb->sadb_comb_soft_addtime = 0;
329 m_comb->sadb_comb_hard_addtime = 0;
330 m_comb->sadb_comb_soft_usetime = 0;
331 m_comb->sadb_comb_hard_usetime = 0;
333 /* the 2st is ESP 3DES-CBC and AH HMAC-SHA1 */
334 m_comb = (struct sadb_comb *)(buf + sizeof(*m_comb));
335 m_comb->sadb_comb_auth = SADB_AALG_SHA1HMAC;
336 m_comb->sadb_comb_encrypt = SADB_EALG_3DESCBC;
337 m_comb->sadb_comb_flags = 0;
338 m_comb->sadb_comb_auth_minbits = 8;
339 m_comb->sadb_comb_auth_maxbits = 96;
340 m_comb->sadb_comb_encrypt_minbits = 64;
341 m_comb->sadb_comb_encrypt_maxbits = 64;
342 m_comb->sadb_comb_reserved = 0;
343 m_comb->sadb_comb_soft_allocations = 0;
344 m_comb->sadb_comb_hard_allocations = 0;
345 m_comb->sadb_comb_soft_bytes = 0;
346 m_comb->sadb_comb_hard_bytes = 0;
347 m_comb->sadb_comb_soft_addtime = 0;
348 m_comb->sadb_comb_hard_addtime = 0;
349 m_comb->sadb_comb_soft_usetime = 0;
350 m_comb->sadb_comb_hard_usetime = 0;
352 key_setsadbextbuf(m_buf, m_len,
353 (caddr_t)&m_prop, sizeof(struct sadb_prop),
354 buf, sizeof(*m_comb) * 2);
355 m_len += len;
358 void
359 key_setsadbid(u_int ext, caddr_t str)
361 struct sadb_ident m_id;
362 u_int idlen = strlen(str), len;
364 len = sizeof(m_id) + PFKEY_ALIGN8(idlen);
365 m_id.sadb_ident_len = PFKEY_UNIT64(len);
366 m_id.sadb_ident_exttype = ext;
367 m_id.sadb_ident_type = SADB_IDENTTYPE_USERFQDN;
368 m_id.sadb_ident_reserved = 0;
369 m_id.sadb_ident_id = getpid();
371 key_setsadbextbuf(m_buf, m_len,
372 (caddr_t)&m_id, sizeof(struct sadb_ident),
373 str, idlen);
374 m_len += len;
377 void
378 key_setsadblft(u_int ext, u_int time)
380 struct sadb_lifetime m_lft;
382 m_lft.sadb_lifetime_len = PFKEY_UNIT64(sizeof(m_lft));
383 m_lft.sadb_lifetime_exttype = ext;
384 m_lft.sadb_lifetime_allocations = 0x2;
385 m_lft.sadb_lifetime_bytes = 0x1000;
386 m_lft.sadb_lifetime_addtime = time;
387 m_lft.sadb_lifetime_usetime = 0x0020;
389 memcpy(m_buf + m_len, &m_lft, sizeof(struct sadb_lifetime));
390 m_len += sizeof(struct sadb_lifetime);
393 void
394 key_setspirange(void)
396 struct sadb_spirange m_spi;
398 m_spi.sadb_spirange_len = PFKEY_UNIT64(sizeof(m_spi));
399 m_spi.sadb_spirange_exttype = SADB_EXT_SPIRANGE;
400 m_spi.sadb_spirange_min = 0x00001000;
401 m_spi.sadb_spirange_max = 0x00002000;
402 m_spi.sadb_spirange_reserved = 0;
404 memcpy(m_buf + m_len, &m_spi, sizeof(struct sadb_spirange));
405 m_len += sizeof(struct sadb_spirange);
408 void
409 key_setsadbkey(u_int ext, caddr_t str)
411 struct sadb_key m_key;
412 u_int keylen = strlen(str);
413 u_int len;
415 len = sizeof(struct sadb_key) + PFKEY_ALIGN8(keylen);
416 m_key.sadb_key_len = PFKEY_UNIT64(len);
417 m_key.sadb_key_exttype = ext;
418 m_key.sadb_key_bits = keylen * 8;
419 m_key.sadb_key_reserved = 0;
421 key_setsadbextbuf(m_buf, m_len,
422 (caddr_t)&m_key, sizeof(struct sadb_key),
423 str, keylen);
424 m_len += len;
427 void
428 key_setsadbsa(void)
430 struct sadb_sa m_sa;
432 m_sa.sadb_sa_len = PFKEY_UNIT64(sizeof(struct sadb_sa));
433 m_sa.sadb_sa_exttype = SADB_EXT_SA;
434 m_sa.sadb_sa_spi = htonl(0x12345678);
435 m_sa.sadb_sa_replay = 4;
436 m_sa.sadb_sa_state = 0;
437 m_sa.sadb_sa_auth = SADB_AALG_MD5HMAC;
438 m_sa.sadb_sa_encrypt = SADB_EALG_DESCBC;
439 m_sa.sadb_sa_flags = 0;
441 memcpy(m_buf + m_len, &m_sa, sizeof(struct sadb_sa));
442 m_len += sizeof(struct sadb_sa);
445 void
446 key_setsadbaddr(u_int ext, u_int af, caddr_t str)
448 struct sadb_address m_addr;
449 u_int len;
450 struct addrinfo hints, *res;
451 const char *serv;
452 int plen;
454 switch (af) {
455 case AF_INET:
456 plen = sizeof(struct in_addr) << 3;
457 break;
458 case AF_INET6:
459 plen = sizeof(struct in6_addr) << 3;
460 break;
461 default:
462 /* XXX bark */
463 exit(1);
466 /* make sockaddr buffer */
467 memset(&hints, 0, sizeof(hints));
468 hints.ai_family = af;
469 hints.ai_socktype = SOCK_DGRAM; /*dummy*/
470 hints.ai_flags = AI_NUMERICHOST;
471 serv = (ext == SADB_EXT_ADDRESS_PROXY ? "0" : "4660"); /*0x1234*/
472 if (getaddrinfo(str, serv, &hints, &res) != 0 || res->ai_next) {
473 /* XXX bark */
474 exit(1);
477 len = sizeof(struct sadb_address) + PFKEY_ALIGN8(res->ai_addrlen);
478 m_addr.sadb_address_len = PFKEY_UNIT64(len);
479 m_addr.sadb_address_exttype = ext;
480 m_addr.sadb_address_proto =
481 (ext == SADB_EXT_ADDRESS_PROXY ? 0 : IPPROTO_TCP);
482 m_addr.sadb_address_prefixlen = plen;
483 m_addr.sadb_address_reserved = 0;
485 key_setsadbextbuf(m_buf, m_len,
486 (caddr_t)&m_addr, sizeof(struct sadb_address),
487 (caddr_t)res->ai_addr, res->ai_addrlen);
488 m_len += len;
490 freeaddrinfo(res);
493 void
494 key_setsadbextbuf(caddr_t dst, int off, caddr_t ebuf, int elen,
495 caddr_t vbuf, int vlen)
497 memset(dst + off, 0, elen + vlen);
498 memcpy(dst + off, (caddr_t)ebuf, elen);
499 memcpy(dst + off + elen, vbuf, vlen);