19713f5c1SHajimu UMEMOTO /* $KAME: test-policy.c,v 1.16 2003/08/26 03:24:08 itojun Exp $ */ 23c62e87aSJun-ichiro itojun Hagino 39a4365d0SYoshinobu Inoue /* 49a4365d0SYoshinobu Inoue * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. 59a4365d0SYoshinobu Inoue * All rights reserved. 69a4365d0SYoshinobu Inoue * 79a4365d0SYoshinobu Inoue * Redistribution and use in source and binary forms, with or without 89a4365d0SYoshinobu Inoue * modification, are permitted provided that the following conditions 99a4365d0SYoshinobu Inoue * are met: 109a4365d0SYoshinobu Inoue * 1. Redistributions of source code must retain the above copyright 119a4365d0SYoshinobu Inoue * notice, this list of conditions and the following disclaimer. 129a4365d0SYoshinobu Inoue * 2. Redistributions in binary form must reproduce the above copyright 139a4365d0SYoshinobu Inoue * notice, this list of conditions and the following disclaimer in the 149a4365d0SYoshinobu Inoue * documentation and/or other materials provided with the distribution. 159a4365d0SYoshinobu Inoue * 3. Neither the name of the project nor the names of its contributors 169a4365d0SYoshinobu Inoue * may be used to endorse or promote products derived from this software 179a4365d0SYoshinobu Inoue * without specific prior written permission. 189a4365d0SYoshinobu Inoue * 199a4365d0SYoshinobu Inoue * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 209a4365d0SYoshinobu Inoue * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 219a4365d0SYoshinobu Inoue * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 229a4365d0SYoshinobu Inoue * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 239a4365d0SYoshinobu Inoue * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 249a4365d0SYoshinobu Inoue * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 259a4365d0SYoshinobu Inoue * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 269a4365d0SYoshinobu Inoue * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 279a4365d0SYoshinobu Inoue * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 289a4365d0SYoshinobu Inoue * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 299a4365d0SYoshinobu Inoue * SUCH DAMAGE. 309a4365d0SYoshinobu Inoue */ 319a4365d0SYoshinobu Inoue 3246a50f4eSMatthew Dillon #include <sys/cdefs.h> 3346a50f4eSMatthew Dillon __FBSDID("$FreeBSD$"); 3446a50f4eSMatthew Dillon 359a4365d0SYoshinobu Inoue #include <sys/types.h> 369a4365d0SYoshinobu Inoue #include <sys/param.h> 379a4365d0SYoshinobu Inoue #include <sys/socket.h> 389a4365d0SYoshinobu Inoue 399a4365d0SYoshinobu Inoue #include <netinet/in.h> 40f63e7634SYoshinobu Inoue #include <net/pfkeyv2.h> 418409aedfSGeorge V. Neville-Neil #include <netipsec/key_debug.h> 428409aedfSGeorge V. Neville-Neil #include <netipsec/ipsec.h> 439a4365d0SYoshinobu Inoue 449a4365d0SYoshinobu Inoue #include <stdio.h> 459a4365d0SYoshinobu Inoue #include <stdlib.h> 469a4365d0SYoshinobu Inoue #include <unistd.h> 479a4365d0SYoshinobu Inoue #include <string.h> 483c62e87aSJun-ichiro itojun Hagino #include <errno.h> 499a4365d0SYoshinobu Inoue #include <err.h> 509a4365d0SYoshinobu Inoue 5133841545SHajimu UMEMOTO #include "libpfkey.h" 5233841545SHajimu UMEMOTO 533c62e87aSJun-ichiro itojun Hagino struct req_t { 543c62e87aSJun-ichiro itojun Hagino int result; /* expected result; 0:ok 1:ng */ 553c62e87aSJun-ichiro itojun Hagino char *str; 563c62e87aSJun-ichiro itojun Hagino } reqs[] = { 573c62e87aSJun-ichiro itojun Hagino { 0, "out ipsec" }, 583c62e87aSJun-ichiro itojun Hagino { 1, "must_error" }, 593c62e87aSJun-ichiro itojun Hagino { 1, "in ipsec must_error" }, 603c62e87aSJun-ichiro itojun Hagino { 1, "out ipsec esp/must_error" }, 613c62e87aSJun-ichiro itojun Hagino { 1, "out discard" }, 623c62e87aSJun-ichiro itojun Hagino { 1, "out none" }, 633c62e87aSJun-ichiro itojun Hagino { 0, "in entrust" }, 643c62e87aSJun-ichiro itojun Hagino { 0, "out entrust" }, 653c62e87aSJun-ichiro itojun Hagino { 1, "out ipsec esp" }, 663c62e87aSJun-ichiro itojun Hagino { 0, "in ipsec ah/transport" }, 673c62e87aSJun-ichiro itojun Hagino { 1, "in ipsec ah/tunnel" }, 683c62e87aSJun-ichiro itojun Hagino { 0, "out ipsec ah/transport/" }, 693c62e87aSJun-ichiro itojun Hagino { 1, "out ipsec ah/tunnel/" }, 703c62e87aSJun-ichiro itojun Hagino { 0, "in ipsec esp / transport / 10.0.0.1-10.0.0.2" }, 713c62e87aSJun-ichiro itojun Hagino { 0, "in ipsec esp/tunnel/::1-::2" }, 723c62e87aSJun-ichiro itojun Hagino { 1, "in ipsec esp/tunnel/10.0.0.1-::2" }, 733c62e87aSJun-ichiro itojun Hagino { 0, "in ipsec esp/tunnel/::1-::2/require" }, 743c62e87aSJun-ichiro itojun Hagino { 0, "out ipsec ah/transport//use" }, 753c62e87aSJun-ichiro itojun Hagino { 1, "out ipsec ah/transport esp/use" }, 763c62e87aSJun-ichiro itojun Hagino { 1, "in ipsec ah/transport esp/tunnel" }, 773c62e87aSJun-ichiro itojun Hagino { 0, "in ipsec ah/transport esp/tunnel/::1-::1" }, 78*83ad5a86SGleb Smirnoff { 0, "in ipsec\n" 79*83ad5a86SGleb Smirnoff "ah / transport\n" 80*83ad5a86SGleb Smirnoff "esp / tunnel / ::1-::2" }, 81*83ad5a86SGleb Smirnoff { 0, "out ipsec\n" 82*83ad5a86SGleb Smirnoff "ah/transport/::1-::2 esp/tunnel/::3-::4/use ah/transport/::5-::6/require\n" 83*83ad5a86SGleb Smirnoff "ah/transport/::1-::2 esp/tunnel/::3-::4/use ah/transport/::5-::6/require\n" 84*83ad5a86SGleb Smirnoff "ah/transport/::1-::2 esp/tunnel/::3-::4/use ah/transport/::5-::6/require\n" }, 853c62e87aSJun-ichiro itojun Hagino { 0, "out ipsec esp/transport/fec0::10-fec0::11/use" }, 869a4365d0SYoshinobu Inoue }; 879a4365d0SYoshinobu Inoue 8869160b1eSDavid E. O'Brien int test1(void); 8969160b1eSDavid E. O'Brien int test1sub1(struct req_t *); 9069160b1eSDavid E. O'Brien int test1sub2(char *, int); 9169160b1eSDavid E. O'Brien int test2(void); 9269160b1eSDavid E. O'Brien int test2sub(int); 939a4365d0SYoshinobu Inoue 949a4365d0SYoshinobu Inoue int 959a4365d0SYoshinobu Inoue main(ac, av) 969a4365d0SYoshinobu Inoue int ac; 979a4365d0SYoshinobu Inoue char **av; 989a4365d0SYoshinobu Inoue { 993c62e87aSJun-ichiro itojun Hagino test1(); 1003c62e87aSJun-ichiro itojun Hagino test2(); 1013c62e87aSJun-ichiro itojun Hagino 1023c62e87aSJun-ichiro itojun Hagino exit(0); 1033c62e87aSJun-ichiro itojun Hagino } 1043c62e87aSJun-ichiro itojun Hagino 1053c62e87aSJun-ichiro itojun Hagino int 1063c62e87aSJun-ichiro itojun Hagino test1() 1073c62e87aSJun-ichiro itojun Hagino { 1089a4365d0SYoshinobu Inoue int i; 1093c62e87aSJun-ichiro itojun Hagino int result; 1109a4365d0SYoshinobu Inoue 1113c62e87aSJun-ichiro itojun Hagino printf("TEST1\n"); 1123c62e87aSJun-ichiro itojun Hagino for (i = 0; i < sizeof(reqs)/sizeof(reqs[0]); i++) { 1133c62e87aSJun-ichiro itojun Hagino printf("#%d [%s]\n", i + 1, reqs[i].str); 1149a4365d0SYoshinobu Inoue 1153c62e87aSJun-ichiro itojun Hagino result = test1sub1(&reqs[i]); 1163c62e87aSJun-ichiro itojun Hagino if (result == 0 && reqs[i].result == 1) { 1179713f5c1SHajimu UMEMOTO warnx("ERROR: expecting failure."); 1183c62e87aSJun-ichiro itojun Hagino } else if (result == 1 && reqs[i].result == 0) { 1199713f5c1SHajimu UMEMOTO warnx("ERROR: expecting success."); 1209a4365d0SYoshinobu Inoue } 1219a4365d0SYoshinobu Inoue } 1229a4365d0SYoshinobu Inoue 1239a4365d0SYoshinobu Inoue return 0; 1249a4365d0SYoshinobu Inoue } 1259a4365d0SYoshinobu Inoue 1269a4365d0SYoshinobu Inoue int 1273c62e87aSJun-ichiro itojun Hagino test1sub1(req) 1283c62e87aSJun-ichiro itojun Hagino struct req_t *req; 1293c62e87aSJun-ichiro itojun Hagino { 1303c62e87aSJun-ichiro itojun Hagino char *buf; 1313c62e87aSJun-ichiro itojun Hagino 1323c62e87aSJun-ichiro itojun Hagino buf = ipsec_set_policy(req->str, strlen(req->str)); 1333c62e87aSJun-ichiro itojun Hagino if (buf == NULL) { 1343c62e87aSJun-ichiro itojun Hagino printf("ipsec_set_policy: %s\n", ipsec_strerror()); 1353c62e87aSJun-ichiro itojun Hagino return 1; 1363c62e87aSJun-ichiro itojun Hagino } 1373c62e87aSJun-ichiro itojun Hagino 1383c62e87aSJun-ichiro itojun Hagino if (test1sub2(buf, PF_INET) != 0 1393c62e87aSJun-ichiro itojun Hagino || test1sub2(buf, PF_INET6) != 0) { 1403c62e87aSJun-ichiro itojun Hagino free(buf); 1413c62e87aSJun-ichiro itojun Hagino return 1; 1423c62e87aSJun-ichiro itojun Hagino } 1433c62e87aSJun-ichiro itojun Hagino #if 0 1443c62e87aSJun-ichiro itojun Hagino kdebug_sadb_x_policy((struct sadb_ext *)buf); 1453c62e87aSJun-ichiro itojun Hagino #endif 1463c62e87aSJun-ichiro itojun Hagino 1473c62e87aSJun-ichiro itojun Hagino free(buf); 1483c62e87aSJun-ichiro itojun Hagino return 0; 1493c62e87aSJun-ichiro itojun Hagino } 1503c62e87aSJun-ichiro itojun Hagino 1513c62e87aSJun-ichiro itojun Hagino int 1523c62e87aSJun-ichiro itojun Hagino test1sub2(policy, family) 1539a4365d0SYoshinobu Inoue char *policy; 1549a4365d0SYoshinobu Inoue int family; 1559a4365d0SYoshinobu Inoue { 1563c62e87aSJun-ichiro itojun Hagino int so; 1573c62e87aSJun-ichiro itojun Hagino int proto = 0, optname = 0; 1589a4365d0SYoshinobu Inoue int len; 1599a4365d0SYoshinobu Inoue char getbuf[1024]; 1609a4365d0SYoshinobu Inoue 1619a4365d0SYoshinobu Inoue switch (family) { 1629a4365d0SYoshinobu Inoue case PF_INET: 1639a4365d0SYoshinobu Inoue proto = IPPROTO_IP; 1649a4365d0SYoshinobu Inoue optname = IP_IPSEC_POLICY; 1659a4365d0SYoshinobu Inoue break; 1669a4365d0SYoshinobu Inoue case PF_INET6: 1679a4365d0SYoshinobu Inoue proto = IPPROTO_IPV6; 1689a4365d0SYoshinobu Inoue optname = IPV6_IPSEC_POLICY; 1699a4365d0SYoshinobu Inoue break; 1709a4365d0SYoshinobu Inoue } 1719a4365d0SYoshinobu Inoue 1729a4365d0SYoshinobu Inoue if ((so = socket(family, SOCK_DGRAM, 0)) < 0) 1739a4365d0SYoshinobu Inoue err(1, "socket"); 1749a4365d0SYoshinobu Inoue 1759a4365d0SYoshinobu Inoue len = ipsec_get_policylen(policy); 1763c62e87aSJun-ichiro itojun Hagino #if 0 1773c62e87aSJun-ichiro itojun Hagino printf("\tsetlen:%d\n", len); 1783c62e87aSJun-ichiro itojun Hagino #endif 1793c62e87aSJun-ichiro itojun Hagino 1809a4365d0SYoshinobu Inoue if (setsockopt(so, proto, optname, policy, len) < 0) { 1813c62e87aSJun-ichiro itojun Hagino printf("fail to set sockopt; %s\n", strerror(errno)); 1823c62e87aSJun-ichiro itojun Hagino close(so); 1833c62e87aSJun-ichiro itojun Hagino return 1; 1849a4365d0SYoshinobu Inoue } 1859a4365d0SYoshinobu Inoue 1869a4365d0SYoshinobu Inoue memset(getbuf, 0, sizeof(getbuf)); 1873c62e87aSJun-ichiro itojun Hagino memcpy(getbuf, policy, sizeof(struct sadb_x_policy)); 1889a4365d0SYoshinobu Inoue if (getsockopt(so, proto, optname, getbuf, &len) < 0) { 1893c62e87aSJun-ichiro itojun Hagino printf("fail to get sockopt; %s\n", strerror(errno)); 1903c62e87aSJun-ichiro itojun Hagino close(so); 1913c62e87aSJun-ichiro itojun Hagino return 1; 1929a4365d0SYoshinobu Inoue } 1939a4365d0SYoshinobu Inoue 1949a4365d0SYoshinobu Inoue { 1959a4365d0SYoshinobu Inoue char *buf = NULL; 1969a4365d0SYoshinobu Inoue 1973c62e87aSJun-ichiro itojun Hagino #if 0 1989a4365d0SYoshinobu Inoue printf("\tgetlen:%d\n", len); 1993c62e87aSJun-ichiro itojun Hagino #endif 2009a4365d0SYoshinobu Inoue 2019a4365d0SYoshinobu Inoue if ((buf = ipsec_dump_policy(getbuf, NULL)) == NULL) { 2029a4365d0SYoshinobu Inoue printf("%s\n", ipsec_strerror()); 2033c62e87aSJun-ichiro itojun Hagino close(so); 2043c62e87aSJun-ichiro itojun Hagino return 1; 2053c62e87aSJun-ichiro itojun Hagino } 2063c62e87aSJun-ichiro itojun Hagino #if 0 2079a4365d0SYoshinobu Inoue printf("\t[%s]\n", buf); 2083c62e87aSJun-ichiro itojun Hagino #endif 2099a4365d0SYoshinobu Inoue free(buf); 2109a4365d0SYoshinobu Inoue } 2113c62e87aSJun-ichiro itojun Hagino 2123c62e87aSJun-ichiro itojun Hagino close (so); 2133c62e87aSJun-ichiro itojun Hagino return 0; 2149a4365d0SYoshinobu Inoue } 2159a4365d0SYoshinobu Inoue 2163c62e87aSJun-ichiro itojun Hagino char addr[] = { 2173c62e87aSJun-ichiro itojun Hagino 28, 28, 0, 0, 2183c62e87aSJun-ichiro itojun Hagino 0, 0, 0, 0, 2193c62e87aSJun-ichiro itojun Hagino 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 2203c62e87aSJun-ichiro itojun Hagino 0, 0, 0, 0, 2213c62e87aSJun-ichiro itojun Hagino }; 2223c62e87aSJun-ichiro itojun Hagino 2233c62e87aSJun-ichiro itojun Hagino int 2243c62e87aSJun-ichiro itojun Hagino test2() 2253c62e87aSJun-ichiro itojun Hagino { 2263c62e87aSJun-ichiro itojun Hagino int so; 2273c62e87aSJun-ichiro itojun Hagino char *pol1 = "out ipsec"; 2283c62e87aSJun-ichiro itojun Hagino char *pol2 = "out ipsec ah/transport//use"; 2293c62e87aSJun-ichiro itojun Hagino char *sp1, *sp2; 2303c62e87aSJun-ichiro itojun Hagino int splen1, splen2; 2313c62e87aSJun-ichiro itojun Hagino int spid; 2323c62e87aSJun-ichiro itojun Hagino struct sadb_msg *m; 2333c62e87aSJun-ichiro itojun Hagino 2343c62e87aSJun-ichiro itojun Hagino printf("TEST2\n"); 2353c62e87aSJun-ichiro itojun Hagino if (getuid() != 0) 2369713f5c1SHajimu UMEMOTO errx(1, "root privilege required."); 2373c62e87aSJun-ichiro itojun Hagino 2383c62e87aSJun-ichiro itojun Hagino sp1 = ipsec_set_policy(pol1, strlen(pol1)); 2393c62e87aSJun-ichiro itojun Hagino splen1 = ipsec_get_policylen(sp1); 2403c62e87aSJun-ichiro itojun Hagino sp2 = ipsec_set_policy(pol2, strlen(pol2)); 2413c62e87aSJun-ichiro itojun Hagino splen2 = ipsec_get_policylen(sp2); 2423c62e87aSJun-ichiro itojun Hagino 2433c62e87aSJun-ichiro itojun Hagino if ((so = pfkey_open()) < 0) 2449713f5c1SHajimu UMEMOTO errx(1, "ERROR: %s", ipsec_strerror()); 2453c62e87aSJun-ichiro itojun Hagino 2463c62e87aSJun-ichiro itojun Hagino printf("spdflush()\n"); 2473c62e87aSJun-ichiro itojun Hagino if (pfkey_send_spdflush(so) < 0) 2489713f5c1SHajimu UMEMOTO errx(1, "ERROR: %s", ipsec_strerror()); 2493c62e87aSJun-ichiro itojun Hagino m = pfkey_recv(so); 2503c62e87aSJun-ichiro itojun Hagino free(m); 2513c62e87aSJun-ichiro itojun Hagino 2523c62e87aSJun-ichiro itojun Hagino printf("spdsetidx()\n"); 2533c62e87aSJun-ichiro itojun Hagino if (pfkey_send_spdsetidx(so, (struct sockaddr *)addr, 128, 2543c62e87aSJun-ichiro itojun Hagino (struct sockaddr *)addr, 128, 2553c62e87aSJun-ichiro itojun Hagino 255, sp1, splen1, 0) < 0) 2569713f5c1SHajimu UMEMOTO errx(1, "ERROR: %s", ipsec_strerror()); 2573c62e87aSJun-ichiro itojun Hagino m = pfkey_recv(so); 2583c62e87aSJun-ichiro itojun Hagino free(m); 2593c62e87aSJun-ichiro itojun Hagino 2603c62e87aSJun-ichiro itojun Hagino printf("spdupdate()\n"); 2613c62e87aSJun-ichiro itojun Hagino if (pfkey_send_spdupdate(so, (struct sockaddr *)addr, 128, 2623c62e87aSJun-ichiro itojun Hagino (struct sockaddr *)addr, 128, 2633c62e87aSJun-ichiro itojun Hagino 255, sp2, splen2, 0) < 0) 2649713f5c1SHajimu UMEMOTO errx(1, "ERROR: %s", ipsec_strerror()); 2653c62e87aSJun-ichiro itojun Hagino m = pfkey_recv(so); 2663c62e87aSJun-ichiro itojun Hagino free(m); 2673c62e87aSJun-ichiro itojun Hagino 2689713f5c1SHajimu UMEMOTO printf("sleep(4)\n"); 26933841545SHajimu UMEMOTO sleep(4); 27033841545SHajimu UMEMOTO 2713c62e87aSJun-ichiro itojun Hagino printf("spddelete()\n"); 2723c62e87aSJun-ichiro itojun Hagino if (pfkey_send_spddelete(so, (struct sockaddr *)addr, 128, 2733c62e87aSJun-ichiro itojun Hagino (struct sockaddr *)addr, 128, 2743c62e87aSJun-ichiro itojun Hagino 255, sp1, splen1, 0) < 0) 2759713f5c1SHajimu UMEMOTO errx(1, "ERROR: %s", ipsec_strerror()); 2763c62e87aSJun-ichiro itojun Hagino m = pfkey_recv(so); 2773c62e87aSJun-ichiro itojun Hagino free(m); 2783c62e87aSJun-ichiro itojun Hagino 2793c62e87aSJun-ichiro itojun Hagino printf("spdadd()\n"); 2803c62e87aSJun-ichiro itojun Hagino if (pfkey_send_spdadd(so, (struct sockaddr *)addr, 128, 2813c62e87aSJun-ichiro itojun Hagino (struct sockaddr *)addr, 128, 2823c62e87aSJun-ichiro itojun Hagino 255, sp2, splen2, 0) < 0) 2839713f5c1SHajimu UMEMOTO errx(1, "ERROR: %s", ipsec_strerror()); 2843c62e87aSJun-ichiro itojun Hagino spid = test2sub(so); 2853c62e87aSJun-ichiro itojun Hagino 2863c62e87aSJun-ichiro itojun Hagino printf("spdget(%u)\n", spid); 2873c62e87aSJun-ichiro itojun Hagino if (pfkey_send_spdget(so, spid) < 0) 2889713f5c1SHajimu UMEMOTO errx(1, "ERROR: %s", ipsec_strerror()); 2893c62e87aSJun-ichiro itojun Hagino m = pfkey_recv(so); 2903c62e87aSJun-ichiro itojun Hagino free(m); 2913c62e87aSJun-ichiro itojun Hagino 2929713f5c1SHajimu UMEMOTO printf("sleep(4)\n"); 29333841545SHajimu UMEMOTO sleep(4); 29433841545SHajimu UMEMOTO 2953c62e87aSJun-ichiro itojun Hagino printf("spddelete2()\n"); 2963c62e87aSJun-ichiro itojun Hagino if (pfkey_send_spddelete2(so, spid) < 0) 2979713f5c1SHajimu UMEMOTO errx(1, "ERROR: %s", ipsec_strerror()); 2983c62e87aSJun-ichiro itojun Hagino m = pfkey_recv(so); 2993c62e87aSJun-ichiro itojun Hagino free(m); 3003c62e87aSJun-ichiro itojun Hagino 30133841545SHajimu UMEMOTO printf("spdadd() with lifetime's 10(s)\n"); 30233841545SHajimu UMEMOTO if (pfkey_send_spdadd2(so, (struct sockaddr *)addr, 128, 30333841545SHajimu UMEMOTO (struct sockaddr *)addr, 128, 30433841545SHajimu UMEMOTO 255, 0, 10, sp2, splen2, 0) < 0) 3059713f5c1SHajimu UMEMOTO errx(1, "ERROR: %s", ipsec_strerror()); 30633841545SHajimu UMEMOTO spid = test2sub(so); 30733841545SHajimu UMEMOTO 3083c62e87aSJun-ichiro itojun Hagino /* expecting failure */ 3093c62e87aSJun-ichiro itojun Hagino printf("spdupdate()\n"); 3103c62e87aSJun-ichiro itojun Hagino if (pfkey_send_spdupdate(so, (struct sockaddr *)addr, 128, 3113c62e87aSJun-ichiro itojun Hagino (struct sockaddr *)addr, 128, 3123c62e87aSJun-ichiro itojun Hagino 255, sp2, splen2, 0) == 0) { 3139713f5c1SHajimu UMEMOTO warnx("ERROR: expecting failure."); 3143c62e87aSJun-ichiro itojun Hagino } 3159a4365d0SYoshinobu Inoue 3169a4365d0SYoshinobu Inoue return 0; 3179a4365d0SYoshinobu Inoue } 3189a4365d0SYoshinobu Inoue 3193c62e87aSJun-ichiro itojun Hagino int 3203c62e87aSJun-ichiro itojun Hagino test2sub(so) 3213c62e87aSJun-ichiro itojun Hagino int so; 3223c62e87aSJun-ichiro itojun Hagino { 3233c62e87aSJun-ichiro itojun Hagino struct sadb_msg *msg; 3243c62e87aSJun-ichiro itojun Hagino caddr_t mhp[SADB_EXT_MAX + 1]; 3253c62e87aSJun-ichiro itojun Hagino 3263c62e87aSJun-ichiro itojun Hagino if ((msg = pfkey_recv(so)) == NULL) 3279713f5c1SHajimu UMEMOTO errx(1, "ERROR: pfkey_recv failure."); 3283c62e87aSJun-ichiro itojun Hagino if (pfkey_align(msg, mhp) < 0) 3299713f5c1SHajimu UMEMOTO errx(1, "ERROR: pfkey_align failure."); 3303c62e87aSJun-ichiro itojun Hagino 3313c62e87aSJun-ichiro itojun Hagino return ((struct sadb_x_policy *)mhp[SADB_X_EXT_POLICY])->sadb_x_policy_id; 3323c62e87aSJun-ichiro itojun Hagino } 3333c62e87aSJun-ichiro itojun Hagino 334