dowhack

openswan

#!/bin/sh

# A collection of whack sequences to test Pluto.
# Generally, we command the west Pluto to negotiate with east.
# Sometimes north and south come into play, but not as participants.
#
# Note: the name of a test affects processing by doauto
#  *-rsa|*-rsa-*: keys get loaded
#  *-dnsrsa*: keys are loaded via --dnskeyondemand
#  *-pl|*-pl-*: extracts of Pluto Logs are added to the whack log
#
# RCSID $Id: dowhack,v 1.27 2003/10/31 04:50:40 dhr Exp $

set -u

. CONFIG


# don't indent for: too much waste space
for i
do

case "$i" in
*-dnsrsa*)	RSADNS="--dnskeyondemand" ;;
*)	RSADNS="";;
esac

# more boilerplate
TO_RSA="$RSADNS $TO $RSADNS"
	
case "$i" in
listen)	both --listen
	;;
kall)	both --keyid 127.95.7.2 --pubkeyrsa 0sAQOeSJscIy2XZHfs+PODDqdgJR2FmdfRNqzURVL5q2fesMHmibMLPM5cTPx2HvYKBX3YyB+BdHoojmFNixV+RTrKyyN0Og4PYwhdw0FUApDvOg7KYe1CeLUeTAUzT5Pq7MdclRW5bYY84hXSfKgaPwPTwuiLKEnVdbhGgwxqwfQ6ow==
	both --keyid @east.example.com --pubkeyrsa 0sAQNWmttqbM8nIypsHEULynOagFyV1MQ+/1yF5sa32abxBb2fimah7NsHM9l/KpNo7RGtiP0L6triedsZ0xz1Maa4DPnZlrtexu5uIH+FH34SUr7Xe2RcHnLVOznHMzacgcjrOUvV/nA9OEGvm7vRsMAWm/VjNuNugogFreiYEpFMQQ==
	both --keyid 127.95.7.3 --pubkeyrsa 0sAQN4JFU9gRnG336z1n1cV2LA6ACi1TjXfv3pvl6DRqa6uqBFM9RO4oArPc6FsBkBwEmMr8cpeFn4mVaepVe63qnvmQbGXVcRwhx0a509M824HjnyM04Xpoh2UuP/Mhnkm1cynunRuyGqXaZhlj4s+GbcOxPXhopz94wer+Qs/qvGqw==
	both --keyid @north.example.com --pubkeyrsa 0sAQN4JFU9gRnG336z1n1cV2LA6ACi1TjXfv3pvl6DRqa6uqBFM9RO4oArPc6FsBkBwEmMr8cpeFn4mVaepVe63qnvmQbGXVcRwhx0a509M824HjnyM04Xpoh2UuP/Mhnkm1cynunRuyGqXaZhlj4s+GbcOxPXhopz94wer+Qs/qvGqw==
	both --keyid 127.95.7.4 --pubkeyrsa 0sAQOKe6+kbDtp4PB8NZshjCBw8z5wuGCAddokgSDATW47tNmQhUvzlnT1ia1ZsyiRFph1LJkz+A0bkbOhPr1vWUJHK6/s+Y8Rf7GSZC0Fi5Fr4DgpWwswzFaLl4baRfeu8z4k147dtSoG4K/6UfQ+IbqML5lwm92uRqONszbn/PDDPQ==
	both --keyid @south.example.com --pubkeyrsa 0sAQOKe6+kbDtp4PB8NZshjCBw8z5wuGCAddokgSDATW47tNmQhUvzlnT1ia1ZsyiRFph1LJkz+A0bkbOhPr1vWUJHK6/s+Y8Rf7GSZC0Fi5Fr4DgpWwswzFaLl4baRfeu8z4k147dtSoG4K/6UfQ+IbqML5lwm92uRqONszbn/PDDPQ==
	both --keyid 127.95.7.1 --pubkeyrsa 0sAQOOyFBeFFr9CWXgn1aOEvTr98HG4inSckTXlyYi5x85G+Q1+PZ/roqB3OtnRS2XbXFb3n92QjZMJ403wQUwMAt6uzXzXDle5VvFn7cVXq3ch0jqQUxIFcdIIFR2wtkxvAr20xSOHNF/ozmKVZLkrHLu4RvVCCbSNa5toqLXblkcOQ==
	both --keyid @west.example.com --pubkeyrsa 0sAQOFtqrs57eghHmYREoCu1iGn4kXd+a6yT7wCFUk54d9i08mR4h5uFKPhc9fq78XNqz1AhrBH3SRcWAfJ8DaeGvZ0ZvCrTQZn+RJzX1FQ4fjuGBO0eup2XUMsYDw01PFzQ9O4qlwly6niOcMTxvbWgGcl+3DYfRvHgxet8kNtfqzHQ==
	;;
shutdown)	both --shutdown
	;;
status)	both --status
	;;

# regression test for PR#254: can we load 4k key from DNS?
dk4096-dns)
	;;
xk4096-dns)
	me --keyid @k4096.example.com
	;;

# "isakmp": ISAKMP SA only; PSK or RSA

disakmp-psk) both --name isakmp-psk --psk $EASTHOST $TO $WESTHOST $TIMES2 ;;
xisakmp-psk) me --name isakmp-psk --initiate ;;

disakmp-rsa|disakmp-dnsrsa)
	both --name isakmp-rsa --rsa $EASTHOST $TO_RSA $WESTHOST $TIMES2 ;;
xisakmp-rsa|xisakmp-dnsrsa) me --name isakmp-rsa --initiate ;;

# Regression test: the two sides use different cases for the same ID
# This caused authentication failures until 2002 May 29
disakmp-rsa-case|disakmp-dnsrsa-case)
	me --name isakmp-rsa --rsa $EASTHOST \
		$TO_RSA --id=@west.example.com $WESTHOST $TIMES2
	him --name isakmp-rsa --rsa $EASTHOST \
		$TO_RSA --id=@WEST.example.com $WESTHOST $TIMES2
	;;
xisakmp-rsa-case|xisakmp-dnsrsa-case) me --name isakmp-rsa --initiate ;;

# Regression test: the two sides use different trailing dots for the same ID
# This caused authentication failures until 2003 May 5
disakmp-rsa-dot|disakmp-dnsrsa-dot)
	me --name isakmp-rsa --rsa $EASTHOST \
		$TO_RSA --id=@west.example.com $WESTHOST $TIMES2
	him --name isakmp-rsa --rsa $EASTHOST \
		$TO_RSA --id=@west.example.com.. $WESTHOST $TIMES2
	;;
xisakmp-rsa-dot|xisakmp-dnsrsa-dot) me --name isakmp-rsa --initiate ;;

# "ipsec": IPsec SA

dipsec-psk)
	both --name ipsec-psk --delete --psk \
		$EASTNET $TO $WESTNET \
		--authenticate --encrypt --pfs $TIMES2
	;;
xipsec-psk)
	me --name ipsec-psk --initiate
	;;

dipsec-rsa|dipsec-dnsrsa)
	both --name ipsec-rsa --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --pfs $TIMES2
	;;
xipsec-rsa|xipsec-dnsrsa)
	me --name ipsec-rsa --initiate
	;;

dipsec-rsa-delete|dipsec-dnsrsa-delete)
	both --name ipsec-rsa-delete --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --pfs $TIMES2
	;;
xipsec-rsa-delete|xipsec-dnsrsa-delete)
	me --name ipsec-rsa-delete --initiate
	me --name ipsec-rsa-delete --terminate
	;;

# Like xipsec-rsa EXCEPT we have the wrong public key for West.
# Failure takes time, so not automatically run.
dipsec-wk-rsa|dipsec-wk-dnsrsa)
	echo NOTE: failure is expected because we use the wrong key
	both --name ipsec-rsa --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --pfs $TIMES2
	;;
xipsec-wk-rsa|xipsec-wk-dnsrsa)
		# jam bad public key for east
	me --keyid 127.95.7.2 --pubkeyrsa 0sAQOKe6+kbDtp4PB8NZshjCBw8z5wuGCAddokgSDATW47tNmQhUvzlnT1ia1ZsyiRFph1LJkz+A0bkbOhPr1vWUJHK6/s+Y8Rf7GSZC0Fi5Fr4DgpWwswzFaLl4baRfeu8z4k147dtSoG4K/6UfQ+IbqML5lwm92uRqONszbn/PDDPQ==
	me --keyid @east.example.com --pubkeyrsa 0sAQOKe6+kbDtp4PB8NZshjCBw8z5wuGCAddokgSDATW47tNmQhUvzlnT1ia1ZsyiRFph1LJkz+A0bkbOhPr1vWUJHK6/s+Y8Rf7GSZC0Fi5Fr4DgpWwswzFaLl4baRfeu8z4k147dtSoG4K/6UfQ+IbqML5lwm92uRqONszbn/PDDPQ==
	me --name ipsec-rsa --initiate
	;;

# like dipsec-rsa, except compression is specified
dipsec-rsa-c|dipsec-dnsrsa-c)
	both --name ipsec-rsa-c --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --compress $TIMES2
	;;
xipsec-rsa-c|xipsec-dnsrsa-c)
	me --name ipsec-rsa-c --initiate
	;;

# like dipsec-rsa-c, except compression is offered but Responder isn't
# configured for it.  In 2000 October we decided this should fail.
# In 2003, we think it should succeed after all.
dipsec-rsa-co|dipsec-dnsrsa-co)
	me --name ipsec-rsa-c --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --compress $TIMES2
	him --name ipsec-rsa-c --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt $TIMES2
	;;
xipsec-rsa-co|xipsec-dnsrsa-co)
	me --name ipsec-rsa-c --initiate
	# check for compression
	me_status
	;;

# Like dipsec-rsa, except times are fiddled to see if Responder
# lifetimes reflect negotiation.
# Responder should use the shorter of the negotiated (dictated) and
# --*lifetime.
# ipsec-rsa-time-neg: him (Responder) uses negotiated lifetime -- values from Initiator
# ipsec-rsa-time-trunc: him truncates lifetime to match his connection
# we set rekeyfuzz to 0 to make resulting deadlines more deterministic

dipsec-rsa-time-neg)
	# Initiator lifetimess shorter: Responder must reflect these
	me --name ipsec-rsa --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --pfs $SHORTTIMES --keyingtries 2
	him --name ipsec-rsa --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --pfs $TIMES --keyingtries 2 \
		--rekeyfuzz 0
	;;
xipsec-rsa-time-neg)
	me --name ipsec-rsa --initiate

	# Check that the Responder's lifetimes are plausible.
	# They should be close to and no more than the amount specified
	# by the Initiator,
	# and a lot less than the amount specified in the connection.
	# We want:
	#	ISAKMP_R_REPLACE closeto SHORTIKE - NORMALMARG/2
	#	IPsec_R_REPLACE closeto SHORTIPSEC - NORMALMARG/2
	# Must not print variable values unless we have an error condition.

	eval `grab_lifetimes`

	if notcloseto ${ISAKMP_R_REPLACE-MISSING} "$SHORTIKE - $NORMALMARG / 2" ISAKMP_R_REPLACE
	then
		echo bad: Responder did not reduce ISAKMP lifetime to match Initiator
		both --status
	fi

	if notcloseto ${IPsec_R_REPLACE-MISSING} "$SHORTIPSEC - $NORMALMARG / 2" IPsec_R_REPLACE
	then
		echo bad: Responder did not reduce IPsec lifetime to match Initiator
		both --status
	fi
	;;

dipsec-rsa-time-trunc)
	# Responder lifetimess shorter: Responder must reflect these
	me --name ipsec-rsa --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --pfs $TIMES --keyingtries 2
	him --name ipsec-rsa --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --pfs $SHORTTIMES --keyingtries 2 \
		--rekeyfuzz 0
	;;
xipsec-rsa-time-trunc)
	me --name ipsec-rsa --initiate

	# Check that the Responder's lifetimes are plausible.
	# They should be close to and no more than the amount specified
	# in the connection,
	# and a lot less than the amount specified by the Initiator.
	# We want:
	#	ISAKMP_R_REPLACE closeto SHORTIKE - SHORTMARG/2
	#	IPsec_R_REPLACE closeto SHORTIPSEC - SHORTMARG/2
	# Must not print variable values unless we have an error condition.

	eval `grab_lifetimes`

	if notcloseto ${ISAKMP_R_REPLACE-MISSING} "$SHORTIKE - $SHORTMARG / 2" ISAKMP_R_REPLACE
	then
		echo bad: Responder did not reduce ISAKMP lifetime to match connection
		both --status
	fi

	if notcloseto ${IPsec_R_REPLACE-MISSING} "$SHORTIPSEC - $SHORTMARG / 2" IPsec_R_REPLACE
	then
		echo bad: Responder did not reduce IPsec lifetime to match connection
		both --status
	fi
	;;

# --dontrekey mixed with lifetime negotiation
# Much like ipsec-rsa-time-neg except we expect EXPIRE

dipsec-rsa-time-neg-dontrekey)
	# Initiator lifetimess shorter: Responder must reflect these
	me --name ipsec-rsa --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --pfs $SHORTTIMES --keyingtries 2
	him --name ipsec-rsa --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --pfs $TIMES --keyingtries 2 \
		--rekeyfuzz 0 --dontrekey
	;;
xipsec-rsa-time-neg-dontrekey)
	me --name ipsec-rsa --initiate

	# Check that the Responder's lifetimes are plausible.
	# They should be close to and no more than the amount specified
	# by the Initiator,
	# and a lot less than the amount specified in the connection.
	# We want:
	#	ISAKMP_R_EXPIRE closeto SHORTIKE
	#	IPsec_R_REPLACE_IF_USED closeto SHORTIPSEC
	# Must not print variable values unless we have an error condition.

	eval `grab_lifetimes`

	if notcloseto ${ISAKMP_R_EXPIRE-MISSING} "$SHORTIKE" ISAKMP_R_EXPIRE
	then
		echo bad: Responder did not reduce ISAKMP lifetime to match Initiator
		both --status
	fi

	if notcloseto ${IPsec_R_EXPIRE-MISSING} "$SHORTIPSEC" IPsec_R_EXPIRE
	then
		echo bad: Responder did not reduce IPsec lifetime to match Initiator
		both --status
	fi
	;;

# --dontrekey mixed with lifetime truncation.
# Even though we specify no rekeying, if the Responder has a shorter
# ipseclifetime it must rekey.  But not otherwise.
# Variant of ipsec-rsa-time-trunc

dipsec-rsa-time-trunc-dontrekey)
	# Responder lifetimes are shorter: Responder must reflect these AND the negotiated values!
	# For IKE, we accept the longer time and EXPIRE on it.
	# For IPsec, we use the shorter time but REPLACE on it, even though we are --dontrekey
	me --name ipsec-rsa --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --pfs $TIMES --keyingtries 2
	him --name ipsec-rsa --delete --rsa \
		$EASTNET $TO_RSA $WESTNET \
		--authenticate --encrypt --pfs $SHORTTIMES --keyingtries 2 \
		--rekeyfuzz 0 --dontrekey
	;;
xipsec-rsa-time-trunc-dontrekey)
	me --name ipsec-rsa --initiate

	# Check that the Responder's lifetimes are plausible.
	# ISAKMP lifetime should EXPIRE when Initiator says.
	# IPsec lifetime should REPLACE when Responder says.
	#
	# We want:
	#	ISAKMP_R_EXPIRE closeto NORMALIKE
	#	IPsec_R_REPLACE closeto SHORTIPSEC - SHORTMARG/2
	# Must not print variable values unless we have an error condition.

	eval `grab_lifetimes`

	if notcloseto ${ISAKMP_R_EXPIRE-MISSING} "$NORMALIKE" ISAKMP_R_EXPIRE
	then
		echo bad: Responder did not extend ISAKMP lifetime to match Initiator
		both --status
	fi

	if notcloseto ${IPsec_R_REPLACE-MISSING} "$SHORTIPSEC - $SHORTMARG / 2" IPsec_R_REPLACE
	then
		echo bad: Responder did not reduce IPsec lifetime to match connection
		both --status
	fi
	;;

# Road Warrior:

dipsec-psk-rw)
	me --name ipsec-psk-rw --delete --psk \
		$WESTNET $TO $EASTNET \
		--encrypt $TIMES2
	him --name ipsec-psk-rw --delete --psk \
		$ANYHOST --client $WESTSUBNET \
		$TO $EASTNET --nexthop %direct \
		--encrypt $TIMES2
	;;
xipsec-psk-rw)