Including a set of dummy keys, and dummy IP addresses in 172.18.232.0/28.
Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
debian/secnet.substvars
*.xcodeproj
/build
+
+test-example/*.key
+test-example/sites.conf
--- /dev/null
+all: sites.conf inside.key outside.key
+
+%.key: %.key.b64
+ base64 -d <$< >$@.new && mv -f $@.new $@
+
+sites.conf: ../make-secnet-sites sites Makefile
+ ../make-secnet-sites sites sites.conf
--- /dev/null
+This directory contains some files useful for ad-hoc tests.
+With these it is possible to run a test of secnet on a Linux host
+even if that Linux host does not have another working network connection.
+
+The keys here are (obviously) public. They were generated like this:
+ ssh-keygen -C inside@example.com -f test-example/inside.key -t rsa1 -b 1024
+ ssh-keygen -C outside@example.com -f test-example/outside.key -t rsa1 -b 1024
+ # edit sites to paste {inside,outside}.key.pub into pubkey lines
+ base64 <inside.key >inside.key.b64
+ base64 <outside.key >outside.key.b64
+
+To run the test:
+ Run the makefile:
+ make -C test-example/
+ In one window, as root
+ ./secnet -dvnc test-example/inside.conf
+ And in another
+ ./secnet -dvnc test-example/outside.conf
+ Then in a third
+ ping -I secnet-test-i 172.18.232.2
+
--- /dev/null
+log logfile {
+ filename "/dev/tty";
+ class "info","notice","warning","error","security","fatal";
+};
+system {
+};
+resolver adns {
+};
+log-events "setup-init","setup-timeout","activate-key","timeout-key","errors",
+ "security";
+random randomfile("/dev/urandom",no);
+transform serpent256-cbc {
+ max-sequence-skew 10;
+};
+include test-example/sites.conf
+sites map(site,vpn/test-example/all-sites);
--- /dev/null
+netlink tun {
+ name "netlink-tun"; # Printed in log messages from this netlink
+ local-address "172.18.232.9";
+ secnet-address "172.18.232.10";
+ remote-networks "172.18.232.0/28";
+ mtu 500;
+ buffer sysbuffer(2048);
+ interface "secnet-test-i";
+};
+comm udp {
+ port 16097;
+ buffer sysbuffer(4096);
+};
+local-name "test-example/inside/inside";
+local-key rsa-private("test-example/inside.key");
+include test-example/common.conf
--- /dev/null
+U1NIIFBSSVZBVEUgS0VZIEZJTEUgRk9STUFUIDEuMQoAAAAAAAAAAAQABAC5N9rmU46hhdLO1FVh
+Efkc9cq+x/UdC/a+nt0yM4HswxfChfJpcHq008Hkd4KOqRZORG7N5Q8fKPpkrnt3T3qSDX4P5HOW
+5Q+2Qc82h1hO4mDbHo2xqmp4hv/88fHgPQTW9MffriDFs24HTt7uOqvx5LNtdmrw5ws6cXuyLwan
+lQARAQABAAAAEmluc2lkZUBleGFtcGxlLmNvbe8z7zMD/1/rgT3PAAq+V1ItvJmsySoqUHlE7LfC
+PmKxuzQIYLzQvDlNTSE10xZapAtBqSdggeC+p/ORMKeefS4u/lnnmz2tW9TlbtwWfj5Bwm/ftUZR
+8BhelZQn5+/vTv1jLZ9dibLhemd20XxpMRIoOg+1w4xfbh1DoJbqs8OCCPPnNVJxAf9h3Hq0x84a
+P0JOgyFFNatWcRKVJxapseeZPnpIAnkaDZ0KirE1RZFkHbfL4HFL3kI3MI657rE7rSC2yakvJtX9
+AgDD98/vGKw19bSdM8dHbocQQdDmn3SG5U9psbkvNQh06seKNL9QOeH2iHqjzBXmwTjPiWphdsVP
+dFOBy1VE52YPAgDx9QU0xrSytFrjcqlP/FICaBiuJ9g0t4RbYBcm2iZaXLwXLDTX91arNJJrzblX
+9yMkHDBDw9j1nKXnig+8dtwbAAAAAA==
--- /dev/null
+1024 65537 130064631890186713927887504218626486455931306300999583387009075747001546036643522074275473238061323169592347601185592753550279410171535737146240085267000508853176463710554801101055212967131924064664249613912656320653505750073021702169423354903540699008756137338575553686987244488914481168225136440872431691669 inside@example.com
--- /dev/null
+netlink tun {
+ name "netlink-tun"; # Printed in log messages from this netlink
+ local-address "172.18.232.1";
+ secnet-address "172.18.232.2";
+ remote-networks "172.18.232.0/28";
+ mtu 500;
+ buffer sysbuffer(2048);
+ interface "secnet-test-o";
+};
+comm udp {
+ port 16096;
+ buffer sysbuffer(4096);
+};
+local-name "test-example/outside/outside";
+local-key rsa-private("test-example/outside.key");
+include test-example/common.conf
--- /dev/null
+U1NIIFBSSVZBVEUgS0VZIEZJTEUgRk9STUFUIDEuMQoAAAAAAAAAAAQABAC4D2q3B/nZUjsGMX72
+5FrgEB1y0uYS732QF/NXOEs9FA8/xmM68NF8JRfCctlCm9kQ9t/0xW+wOQTNg0BFIdgbZjXIwXLy
+K9rreM1G1BsTjROtiz1UyjZMpo3Z89SWjtYCVN/UldRhakw/o0vrEKkZDTxiryhhYCGDUkONNsa5
+1QARAQABAAAAE291dHNpZGVAZXhhbXBsZS5jb23IlsiWA/9AO6kbPN5VmBvfGnDbim+oWBde1fjS
+zN895Q3X915Sb2iu8fX5QMdqkqtLAbeORkMnZ3BaxHgowI1Lhy1rstbuiUcd3WWB6xUDcQll85Cy
++2IFfvFDKH7HsrzxgWx9M23WewlTje2NmVF0Y3xR39w2jUCLuEcyaWdPPQiLTucCgQH/axUYwPI5
+6QEKPiONve88GpehGCjereP5EjWTJomjQI+brOhnPckiWLwXXtWZoa894jpbVT8BtHNdDUg2gPFV
+pwIA0FQowUgwxCnCoNZe/v/K5zwP3ar8OPoBV2c8rnEuZ2sR0AdLcBpaCpOQf7LKk9p+GUOHlMJy
+hkrz7tAitvXEdQIA4i2dOA/PVYD6ZCZrwY5SToBmVtOzt2TVdhLbB/XDJ91ydl0uDdyN0Sn/Dyx+
+I55YwyhLA8zNV8mL4ZQS8OLz4QAAAAA=
--- /dev/null
+1024 65537 129251483458784900555621175262818292872587807329014927540074484804119474262261383244074013537736576331652560727149001626325243856012659665194546933097292703586821422085819615124517093786704646988649444946154384037948502112302285511195679291084694375811092516151263088200304199780052361048758446082354317801941 outside@example.com
--- /dev/null
+vpn test-example
+contact devnull@example.com
+dh 8db5f2c15ac96d9f3382d1ef4688fba14dc7908ae7dfd71a9cfe7f479a75d506dc53f159aeaf488bde073fe544bc91c099f101fcf60074f30c06e36263c03ca9e07931ce3fc235fe1171dc6d9316fb097bd4362891e2c36e234e7c16b038fd97b1f165c710e90537de66ee4f54001f5712b050d4e07de3fba07607b19b64f6c3 2
+hash sha1
+key-lifetime 72000000
+restrict-nets 172.18.232.0/28
+setup-timeout 2000
+setup-retries 5
+
+location inside root
+site inside
+ networks 172.18.232.8/29
+ peer 172.18.232.9
+ address [127.0.0.1] 16097
+ pubkey 1024 65537 130064631890186713927887504218626486455931306300999583387009075747001546036643522074275473238061323169592347601185592753550279410171535737146240085267000508853176463710554801101055212967131924064664249613912656320653505750073021702169423354903540699008756137338575553686987244488914481168225136440872431691669 inside@example.com
+
+location outside root
+site outside
+ networks 172.18.232.0/29
+ peer 172.18.232.1
+ address [127.0.0.1] 16096
+ pubkey 1024 65537 129251483458784900555621175262818292872587807329014927540074484804119474262261383244074013537736576331652560727149001626325243856012659665194546933097292703586821422085819615124517093786704646988649444946154384037948502112302285511195679291084694375811092516151263088200304199780052361048758446082354317801941 outside@example.com
+
+
+