# set various configuration parameters# Use  shell "." command to load these into the environment# Where to find programs to test.# These can be overridden by environment.# Note: {WEST,EAST}PLUTO and {WEST,EAST,NORTH,SOUTH}WHACK# allow more specific control# Note: paths must be absolute because dopluto does a cd.if [ -z "${TESTING:-}" ]then	if [ -d testing ]; then		TESTING=`pwd`/testing	elif [ -d ${MYBOX}/testing ]; then		TESTING=$MYBOX/testing	else		echo "Please set \$TESTING "	fifiexport PATH=$TESTING/pluto/bin:$PATH if [ -z "${PLUTO:-}" ]then	if [ -x ${MYBOX:-}/programs/pluto/pluto ]	then		PLUTO=$MYBOX/programs/pluto/pluto		WHACK=$MYBOX/programs/pluto/whack	elif [ -x programs/pluto/pluto ]	then		PLUTO=`pwd`/programs/pluto/pluto		WHACK=`pwd`/programs/pluto/whack	elif [ -x ../../../programs/pluto/pluto ]	then		PLUTO=`pwd`/../../../programs/pluto/pluto		WHACK=`pwd`/../../../programs/pluto/whack	fifiexport PLUTOexport WHACKif [ -z "${TESTING:-}" ]then	if [ -d ${MYBOX:-}/testing ]	then		TESTING=$MYBOX/testing	elif [ -d testing ]	then		TESTING=`pwd`/testing	fi	fiexport TESTINGif [ ! -x "$PLUTO" -a "$PLUTO" != "ipsec pluto" ] ; then	echo "ERROR: Where is Pluto?  Not in \"$PLUTO\"; set \$PLUTO correctly." >&2	#exit 1fiif [ ! -x "$WHACK" -a "$WHACK" != "ipsec whack" ] ; then	echo "ERROR: Where is whack?  Not in \"$WHACK\"; set \$WHACK correctly." >&2	#exit 1fiexport LWDNSQOPTION=""case "${USE_LWRES:-true}" intrue)	if [ -z "${LWDNSQ:-}" ]	then		if [ -x ${MYBOX:-}/programs/lwdnsq/lwdnsq ]		then			LWDNSQ=$MYBOX/programs/lwdnsq/lwdnsq		elif [ -x programs/lwdnsq/lwdnsq ]		then			LWDNSQ=`pwd`/programs/lwdnsq/lwdnsq		elif [ -x `pwd`/../../programs/lwdnsq/lwdnsq ]		then			LWDNSQ=`pwd`/../../programs/lwdnsq/lwdnsq		elif [ -x `dirname "$PLUTO"`/lwdnsq ] ; then			LWDNSQ=`dirname "$PLUTO"`/lwdnsq                elif [ "$PLUTO" = "ipsec pluto" ]; then			LWDNSQ=""		else			echo "ERROR: Where is lwdnsq?  Not in \"$LWDNSQ\"; set \$LWDNSQ correctly." >&2			exit 1		fi	fi	if [ -n "${LWDNSQ}" ];	then	   LWDNSQOPTION="--lwdnsq $LWDNSQ"	   export LWDNSQ LWDNSQOPTION        fi	;;esacset -uexport IKEPORT=8500export DOMAIN=exampleexport ROUTER=127.95.7.254export WESTIP=127.95.7.1export EASTIP=127.95.7.2export NORTHIP=127.95.7.3export SOUTHIP=127.95.7.4export WESTIF=lo:wexport EASTIF=lo:eexport NORTHIF=lo:nexport SOUTHIF=lo:sexport WESTSUBNET=127.95.7.8/30export	VICTORIA=127.95.7.10export	VANCOUVER=127.95.7.11export	VANISHED=127.95.7.8	# missing, naturallyexport WESTSUBNET2=127.95.7.12/30export WESTSUBNET3=127.95.7.16/30export EASTSUBNETNET=127.95.7.20export EASTSUBNET=$EASTSUBNETNET/30export EASTHALFSUBNET=$EASTSUBNETNET/31	# includes Truroexport	TRURO=127.95.7.21export	ANTIGONISH=127.95.7.22export	ATLANTIS=127.95.7.23	# missing, naturallyexport EASTSUBNET2=127.95.7.24/30export EASTSUBNET3=127.95.7.28/30export NORTHSUBNET=127.95.7.32/30export NORTHSUBNET2=127.95.7.36/30export NORTHSUBNET3=127.95.7.40/30export SOUTHSUBNET=127.95.7.44/30export SOUTHSUBNET2=127.95.7.48/30export SOUTHSUBNET3=127.95.7.52/30# sometimes CMP=diff is usefulCMP=${CMP:-cmp}DOPLUTO=doplutoDOWHACK=dowhackDFAIL=""XFAIL=""SFAIL=""REFMISSING=""CFAIL=""WESTHOST="--host $WESTIP --ikeport $IKEPORT"WESTNET="$WESTHOST --client $WESTSUBNET"EASTHOST="--host $EASTIP --ikeport $IKEPORT"EASTNET="$EASTHOST --client $EASTSUBNET"ANYHOST="--host %any --ikeport $IKEPORT"OPPO="--host %opportunistic --ikeport $IKEPORT"OPPONARROW="$OPPO --client 127.0.0.0/8"OPPOMISS="$OPPO --client 10.0.0.0/8"GROUP="--host %group --ikeport $IKEPORT"OPPOGROUP="--host %opportunisticgroup --ikeport $IKEPORT"WHACKWEST="${WESTWHACK:-$WHACK} --ctlbase pluto/west/pluto.west"WHACKEAST="${EASTWHACK:-$WHACK} --ctlbase pluto/east/pluto.east"# run of the mill lifetimesNORMALMARG=350NORMALIKE=900TIMES="--rekeymargin $NORMALMARG --ikelifetime $NORMALIKE --ipseclifetime 800"# half size, to be shorterSHORTMARG=175SHORTIKE=450SHORTIPSEC=400SHORTTIMES="--rekeymargin $SHORTMARG --ikelifetime $SHORTIKE --ipseclifetime $SHORTIPSEC"# really small so we're willing to sleep through a keying intervalTINYIPSECLIFETIME=40TINYTIMES="--rekeymargin 17 --ikelifetime 45 --ipseclifetime $TINYIPSECLIFETIME"TIMES0="$TIMES --keyingtries 0"TIMES1="$TIMES --keyingtries 1"TIMES2="$TIMES --keyingtries 2"LIST="1 2 3 4 5"# dumb boilerplateTO="--updown silly --to --updown sally"function whackwest() {	eval $WHACKWEST "$@"	}function whackeast() {	eval $WHACKEAST "$@"	}function perform() {	echo "$@"	"$@" || echo RC: $?	}function me() {	perform whackwest "$@"	}function him() {	perform whackeast "$@"	}function both() {	perform whackwest "$@"	perform whackeast "$@"	}function me_status() {	me --status | canonicize_status	}function him_status() {	him --status | canonicize_status	}function both_status() {	both --status | canonicize_status	}# Grab the lifetime setting actually in states.# Turn them into shell variable assignments suitable for eval ``.function grab_lifetimes() {	( me --status ; him --status ) | sed -n -e \		'/STATE_/ {			s/.*MAIN/ISAKMP/			s/.*QUICK/IPsec/			s/_I[0-4]/_I!/			s/_R[0-4]/_R!/			s/!.*EVENT_SA_\([^ ]*\)/_\1!/			s/! in \([0-9]*\)s.*/=\1/			p			}'	}ut() {	mount -o rw,remount /testing	for f 	do		cp log/$f/wi-log log.ref/$f/wi-log	done}# Check if lifetime is close to predicted time# Can't be more, but might be a bit less.# A bit is 3 seconds, for now.# Must not print variable values unless we have an error condition.function notcloseto() {	if expr '(' $1 ')' '>' '(' $2 ')' >/dev/null	then		echo bad $3: $1 '>' $2		return 0	elif expr '(' $1 ')' '<' '(' $2 ')' - 3 >/dev/null	then		echo bad $3: $1 '<' $2 - 3		return 0	else		echo good $3: close to $2		return 1	fi	}function canonicize_status() {	sed 	-e 's/ in [1-9][0-9]*s/ in ???s/' \		-e 's/ esp\.[0-9a-f]*@/ esp.???@/g' \		-e 's/ ah\.[0-9a-f]*@/ ah.???@/g' \		-e 's/ comp\.[0-9a-f]*@/ comp.???@/g' \		-e '/^000 my FQDN =/s/@.*/@FQDN/'	}