5 files changed, 0 insertions, 598 deletions
diff --git a/programs/pf_key/.cvsignore b/programs/pf_key/.cvsignore
deleted file mode 100644
index 323068235..000000000
--- a/programs/pf_key/.cvsignore
+++ /dev/null
@@ -1 +0,0 @@
-pf_key
diff --git a/programs/pf_key/Makefile b/programs/pf_key/Makefile
deleted file mode 100644
index 6af45c8d1..000000000
--- a/programs/pf_key/Makefile
+++ /dev/null
@@ -1,49 +0,0 @@
-# Makefile for the KLIPS interface utilities
-# Copyright (C) 1998, 1999  Henry Spencer.
-# Copyright (C) 1999, 2000, 2001  Richard Guy Briggs
-# 
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
-# 
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-# for more details.
-#
-# RCSID $Id: Makefile,v 1.1 2004/03/15 20:35:28 as Exp $
-
-FREESWANSRCDIR=../..
-include ${FREESWANSRCDIR}/Makefile.inc
-
-PROGRAM:=pf_key
-EXTRA5MAN=${PROGRAM}.5
-
-LIBS:=${FREESWANLIB}
-
-include ../Makefile.program
-
-#
-# $Log: Makefile,v $
-# Revision 1.1  2004/03/15 20:35:28  as
-# added files from freeswan-2.04-x509-1.5.3
-#
-# Revision 1.3  2002/06/02 22:02:14  mcr
-# 	changed TOPDIR->FREESWANSRCDIR in all Makefiles.
-# 	(note that linux/net/ipsec/Makefile uses TOPDIR because this is the
-# 	kernel sense.)
-#
-# Revision 1.2  2002/04/26 01:21:26  mcr
-# 	while tracking down a missing (not installed) /etc/ipsec.conf,
-# 	MCR has decided that it is not okay for each program subdir to have
-# 	some subset (determined with -f) of possible files.
-# 	Each subdir that defines $PROGRAM, MUST have a PROGRAM.8 file as well as a PROGRAM file.
-# 	Optional PROGRAM.5 files have been added to the makefiles.
-#
-# Revision 1.1  2002/04/24 07:55:32  mcr
-# 	#include patches and Makefiles for post-reorg compilation.
-#
-#
-#
-
diff --git a/programs/pf_key/pf_key.5 b/programs/pf_key/pf_key.5
deleted file mode 100644
index f5eab9a96..000000000
--- a/programs/pf_key/pf_key.5
+++ /dev/null
@@ -1,122 +0,0 @@
-.TH IPSEC_PF_KEY 5 "29 Jun 2000"
-.\"
-.\" RCSID $Id: pf_key.5,v 1.1 2004/03/15 20:35:28 as Exp $
-.\"
-.SH NAME
-ipsec_pf_key \- lists PF_KEY sockets registered with KLIPS
-.SH SYNOPSIS
-.B cat
-.B /proc/net/pf_key
-.SH DESCRIPTION
-.I /proc/net/pf_key
-is a read-only file which lists the presently open PF_KEY sockets on the
-local system and their parameters.
-.PP
-Each line lists one PF_KEY socket.
-A table entry consists of:
-.IP + 3
-sock pointer (sock)
-.IP +
-PID of the socket owner (pid)
-.IP +
-flag to indicate if the socket is dead (d)
-.IP +
-socket wait queue (sleep)
-.IP +
-socket pointer (socket)
-.IP +
-next socket in chain (next)
-.IP +
-previous socket in chain (prev)
-.IP +
-last socket error (e)
-.IP +
-pointer to destruct routine (destruct)
-.IP +
-is this a reused socket (r)
-.IP +
-has this socket been zapped (z)
-.IP +
-socket family to which this socket belongs (fa)
-.IP +
-local port number (n)
-.IP +
-protocol version number (p)
-.IP +
-Receive queue bytes committed (r)
-.IP +
-Transmit queue bytes committed (w)
-.IP +
-option memory allocations (o)
-.IP +
-size of send buffer in bytes (sndbf)
-.IP +
-timestamp in seconds (stamp)
-.IP +
-socket flags (Flags)
-.IP +
-socket type (Type)
-.IP +
-connection state (St)
-.BR 
-.SH EXAMPLES
-.TP
-.\".B "sock     pid  d sleep    socket   next     prev     e destruct r z fa n p r w o sndbf stamp    Flags    Type     St"
-.TP
-.B c3b8c140 3553 0 c0599818 c05997fc        0        0 0        0 1 0 15 0 2 0 0 0 65535 0.103232 00000000 00000003 01
-.LP
-shows that there is one pf_key socket set up that starts at
-.BR c3b8c140 ,
-whose owning process has PID
-.BR 3553 ,
-the socket is not dead, its wait queue is at
-.BR c0599818 ,
-whose owning socket is at
-.BR c05997fc ,
-with no other sockets in the chain, no errors, no destructor, it is a
-reused socket which has not been zapped, from protocol family
-.BR 15
-(PF_KEY), local port number
-.BR 0 ,
-protocol socket version
-.BR 2 ,
-no memory allocated to transmit, receive or option queues, a send buffer
-of almost
-.BR 64kB ,
-a timestamp of
-.BR 0.103232 ,
-no flags set, type
-.BR 3 ,
-in state
-.BR 1 .
-.SH "FILES"
-/proc/net/pf_key
-.SH "SEE ALSO"
-ipsec(8), ipsec_manual(8), ipsec_eroute(5), ipsec_spi(5),
-ipsec_spigrp(5), ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5)
-.SH HISTORY
-Written for the Linux FreeS/WAN project
-<http://www.freeswan.org/>
-by Richard Guy Briggs.
-.\"
-.\" $Log: pf_key.5,v $
-.\" Revision 1.1  2004/03/15 20:35:28  as
-.\" added files from freeswan-2.04-x509-1.5.3
-.\"
-.\" Revision 1.4  2002/04/24 07:35:39  mcr
-.\" Moved from ./klips/utils/pf_key.5,v
-.\"
-.\" Revision 1.3  2001/01/23 23:51:49  rgb
-.\" Fix outdated references to /proc/net/ipsec_pf_key.
-.\"
-.\" Revision 1.2  2000/06/30 18:21:55  rgb
-.\" Update SEE ALSO sections to include ipsec_version(5) and ipsec_pf_key(5)
-.\" and correct FILES sections to no longer refer to /dev/ipsec which has
-.\" been removed since PF_KEY does not use it.
-.\"
-.\" Revision 1.1  2000/06/30 06:19:27  rgb
-.\" manpages for the last two /proc/net/ipsec* files that don't have a
-.\" corresponding utility.
-.\"
-.\"
-.\"
diff --git a/programs/pf_key/pf_key.8 b/programs/pf_key/pf_key.8
deleted file mode 100644
index dd42bf541..000000000
--- a/programs/pf_key/pf_key.8
+++ /dev/null
@@ -1,73 +0,0 @@
-.TH IPSEC_PF_KEY 8 "17 Oct 2001"
-.\"
-.\" RCSID $Id: pf_key.8,v 1.2 2005/07/07 19:07:43 as Exp $
-.\"
-.SH NAME
-pf_key \- shows pfkey messages emitted by the kernel
-.SH SYNOPSIS
-.B pf_key
-.B \-\-ah
-.B \-\-esp
-.B \-\-ipip
-.B \-\-ipcomp
-.B \-\-daemon 
-.I file
-.BR hmac-md5-96 | hmac-sha1-96
-.SH DESCRIPTION
-.B pf_key
-is a program to open a PF_KEY socket and print all messages that are received
-from it. With no options, it will register itself to receive key requests for
-AH, ESP, IPIP and IPCOMP security associations. If given more specific
-options, then it will listen only to those protocols which are listed.
-.PP
-If the messages are recognized, the messages will be decoded.
-.PP
-If the option 
-.B \-\-daemon
-is provided, then after doing the registrations, the program will fork
-into the background. The provided file will be opened and the process ID of
-the background process will be written to it. This option is present to
-present race conditions in regression testing.
-.SH EXAMPLES
-.TP
-.\".B "pfkey v.2 msg. type 3 seq=20 len=2 errno=22 satype=3"
-.SH "FILES"
-/proc/net/pf_key
-.SH "SEE ALSO"
-pf_key(5), ipsec(8), ipsec_manual(8), ipsec_eroute(5), ipsec_spi(5),
-ipsec_spigrp(5), ipsec_klipsdebug(5), ipsec_tncfg(8), ipsec_version(5)
-.SH HISTORY
-Written for the Linux FreeS/WAN project
-<http://www.freeswan.org/>
-by Michael Richardson <mcr@freeswan.org>
-.\"
-.\" $Log: pf_key.8,v $
-.\" Revision 1.2  2005/07/07 19:07:43  as
-.\" fixed man page type
-.\"
-.\" Revision 1.1  2004/03/15 20:35:28  as
-.\" added files from freeswan-2.04-x509-1.5.3
-.\"
-.\" Revision 1.4  2002/07/16 02:53:42  mcr
-.\" 	added --daemon <pidfile> to "ipsec pf_key" command.
-.\" 	this is used in *-trap-* tests to avoid race conditions between
-.\" 	registration of PF_KEY listeners and arrival of first test packet.
-.\"
-.\" Revision 1.3  2002/04/24 07:35:39  mcr
-.\" Moved from ./klips/utils/pf_key.8,v
-.\"
-.\" Revision 1.2  2001/11/23 07:23:14  mcr
-.\" 	pulled up klips2 Makefile and pf_key code.
-.\"
-.\" Revision 1.1.2.1  2001/10/23 18:49:12  mcr
-.\" 	renamed man page to section 8.
-.\" 	added --ah, --esp, --ipcomp and --ipip to control which
-.\" 	protocols are printed.
-.\" 	incomplete messages which include at least an sadb header are printed.
-.\"
-.\" Revision 1.1.2.1  2001/10/17 23:25:37  mcr
-.\" 	added "pk_key" program to dump raw kernel pf messages.
-.\" 	(program is still skeletal)
-.\"
-.\"
-.\"
diff --git a/programs/pf_key/pf_key.c b/programs/pf_key/pf_key.c
deleted file mode 100644
index af7365d65..000000000
--- a/programs/pf_key/pf_key.c
+++ /dev/null
@@ -1,353 +0,0 @@
-/*
- * @(#) pfkey socket manipulator/observer
- *
- * Copyright (C) 2001  Richard Guy Briggs  <rgb@freeswan.org>
- *                 and Michael Richardson  <mcr@freeswan.org>
- * 
- * This program is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by the
- * Free Software Foundation; either version 2 of the License, or (at your
- * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
- * 
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * for more details.
- *
- * RCSID $Id: pf_key.c,v 1.2 2004/04/20 21:23:25 as Exp $
- *
- */
-
-/* 
- * This program opens a pfkey socket and prints all messages that it sees.
- *
- * This can be used to diagnose problems.
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <getopt.h>
-#include <errno.h>
-#include <setjmp.h>
-#include <signal.h>
-
-#include <sys/socket.h>
-
-#include <sys/types.h>
-#include <stdint.h>
-#include <freeswan.h>
-#include <pfkeyv2.h>
-#include <pfkey.h>
-
-char *progname;
-uint32_t pfkey_seq = 0;
-int pfkey_sock;
-
-static void
-Usage(char *progname)
-{
-	fprintf(stderr, "%s: Usage: %s [--help]\n"
-		"\tby default listens for AH, ESP, IPIP and IPCOMP\n"
-		"\t--daemon <file>  fork before printing, stuffing the PID in the file\n"
-		"\t--ah       listen for AH messages\n"
-		"\t--esp      listen for ESP messages\n"
-		"\t--ipip     listen for IPIP messages\n"
-		"\t--ipcomp   listen for IPCOMP messages\n",
-		progname, progname);
-	exit(1);
-}
-
-void
-pfkey_register(uint8_t satype) {
-	/* for registering SA types that can be negotiated */
-	int error = 0;
-	struct sadb_ext *extensions[SADB_EXT_MAX + 1];
-	struct sadb_msg *pfkey_msg;
-
-	pfkey_extensions_init(extensions);
-	if((error = pfkey_msg_hdr_build(&extensions[0],
-					SADB_REGISTER,
-					satype,
-					0,
-					++pfkey_seq,
-					getpid()))) {
-		fprintf(stderr, "%s: Trouble building message header, error=%d.\n",
-			progname, error);
-		pfkey_extensions_free(extensions);
-		exit(1);
-	}
-	if((error = pfkey_msg_build(&pfkey_msg, extensions, EXT_BITS_IN))) {
-		fprintf(stderr, "%s: Trouble building pfkey message, error=%d.\n",
-			progname, error);
-		pfkey_extensions_free(extensions);
-		pfkey_msg_free(&pfkey_msg);
-		exit(1);
-	}
-	if(write(pfkey_sock, pfkey_msg,
-		 pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN) !=
-	   (ssize_t)(pfkey_msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN)) {
-		/* cleanup code here */
-		fprintf(stderr, "%s: Trouble writing to channel PF_KEY.\n", progname);
-		pfkey_extensions_free(extensions);
-		pfkey_msg_free(&pfkey_msg);
-		exit(1);
-	}
-	pfkey_extensions_free(extensions);
-	pfkey_msg_free(&pfkey_msg);
-}
-
-int dienow;
-
-void controlC(int foo)
-{
-	fflush(stdout);
-	printf("%s: Exiting on signal 15\n", progname);
-	fflush(stderr);
-	exit(0);
-}
-
-int
-main(int argc, char *argv[])
-{
-	int opt;
-	ssize_t readlen;
-	unsigned char pfkey_buf[256];
-	struct sadb_msg *msg;
-	int fork_after_register;
-	char *pidfilename;
-
-	static int ah_register;
-	static int esp_register;
-	static int ipip_register;
-	static int ipcomp_register;
-
-	static struct option long_options[] =
-	{
-		{"help",        no_argument, 0, 'h'},
-		{"daemon",      required_argument, 0, 'f'},
-		{"ah",          no_argument, &ah_register, 1},
-		{"esp",         no_argument, &esp_register, 1},
-		{"ipip",        no_argument, &ipip_register, 1},
-		{"ipcomp",      no_argument, &ipcomp_register, 1},
-	};
-
-	ah_register   = 0;
-	esp_register  = 0;
-	ipip_register = 0;
-	ipcomp_register=0;
-	dienow = 0;
-	fork_after_register=0;
-	pidfilename=NULL;
-	
-	progname = argv[0];
-	if(strrchr(progname, '/')) {
-		progname=strrchr(progname, '/')+1;
-	}
-	
-	while((opt = getopt_long(argc, argv, "hf:",
-				 long_options, NULL)) !=  EOF) {
-		switch(opt) {
-		case 'f':
-			pidfilename=optarg;
-			fork_after_register=1;
-			break;
-		case 'h':
-			Usage(progname);
-			break;
-		case '0':
-			/* it was a long option with a flag */
-			break;
-		}
-	}
-	
-	if((pfkey_sock = socket(PF_KEY, SOCK_RAW, PF_KEY_V2) ) < 0) {
-		fprintf(stderr, "%s: failed to open PF_KEY family socket: %s\n",
-			progname, strerror(errno));
-		exit(1);
-	}
-
-	if(ah_register == 0 &&
-	   esp_register== 0 &&
-	   ipip_register==0 &&
-	   ipcomp_register==0) {
-		ah_register=1;
-		esp_register=1;
-		ipip_register=1;
-		ipcomp_register=1;
-	}
-
-	if(ah_register) {
-		pfkey_register(SADB_SATYPE_AH);
-	}
-	if(esp_register) {
-		pfkey_register(SADB_SATYPE_ESP);
-	}
-	if(ipip_register) {
-		pfkey_register(SADB_X_SATYPE_IPIP);
-	}
-	if(ipcomp_register) {
-		pfkey_register(SADB_X_SATYPE_COMP);
-	}
-
-	if(fork_after_register) {
-		/*
-		 * to aid in regression testing, we offer to register 
-		 * everything first, and then we fork. As part of this
-		 * we write the PID of the new process to a file
-		 * provided.
-		 */
-		int pid;
-		FILE *pidfile;
-		
-		fflush(stdout);
-		fflush(stderr);
-
-		pid=fork();
-		if(pid!=0) {
-			/* in parent! */
-			exit(0);
-		}
-		
-		if((pidfile=fopen(pidfilename, "w"))==NULL) {
-			perror(pidfilename);
-		} else {
-			fprintf(pidfile, "%d", getpid());
-			fclose(pidfile);
-		}
-	}
-			
-	signal(SIGINT,  controlC);
-	signal(SIGTERM, controlC);
-
-	while((readlen = read(pfkey_sock, pfkey_buf, sizeof(pfkey_buf))) > 0) {
-		struct sadb_ext *extensions[SADB_EXT_MAX + 1];
-		msg = (struct sadb_msg *)pfkey_buf;
-		
-		/* first, see if we got enough for an sadb_msg */
-		if((size_t)readlen < sizeof(struct sadb_msg)) {
-			printf("%s: runt packet of size: %d (<%lu)\n",
-			       progname, (int)readlen, (unsigned long)sizeof(struct sadb_msg));
-			continue;
-		}
-		
-		/* okay, we got enough for a message, print it out */
-		printf("\npfkey v%d msg. type=%d(%s) seq=%d len=%d pid=%d errno=%d satype=%d(%s)\n",
-		       msg->sadb_msg_version,
-		       msg->sadb_msg_type,
-		       pfkey_v2_sadb_type_string(msg->sadb_msg_type),
-		       msg->sadb_msg_seq,
-		       msg->sadb_msg_len,
-		       msg->sadb_msg_pid,
-		       msg->sadb_msg_errno,
-		       msg->sadb_msg_satype,
-		       satype2name(msg->sadb_msg_satype));
-		
-		if((size_t)readlen != msg->sadb_msg_len * IPSEC_PFKEYv2_ALIGN)
-		{
-			printf("%s: packet size read from socket=%d doesn't equal sadb_msg_len %d * %u; message not decoded\n",
-			       progname,
-			       (int)readlen,
-			       msg->sadb_msg_len,
-			       (int) IPSEC_PFKEYv2_ALIGN);
-			continue;
-		}
-		
-		pfkey_lib_debug = PF_KEY_DEBUG_PARSE_STRUCT;
-		if (pfkey_msg_parse(msg, NULL, extensions, EXT_BITS_OUT)) {
-			printf("%s: unparseable PF_KEY message.\n",
-			       progname);
-		} else {
-			printf("%s: parseable PF_KEY message.\n",
-			       progname);
-		}
-	}
-	printf("%s: exited normally\n", progname);
-	exit(0);
-}
-	
-/*
- * $Log: pf_key.c,v $
- * Revision 1.2  2004/04/20 21:23:25  as
- * int cast fix for 64 bit platforms
- *
- * Revision 1.1  2004/03/15 20:35:28  as
- * added files from freeswan-2.04-x509-1.5.3
- *
- * Revision 1.15  2003/09/10 00:01:30  mcr
- * 	fixes for gcc 3.3 from Matthias Bethke <Matthias.Bethke@gmx.net>
- *
- * Revision 1.14  2002/10/09 03:12:05  dhr
- *
- * [kenb+dhr] 64-bit fixes
- *
- * Revision 1.13  2002/09/20 05:02:15  rgb
- * Cleaned up pfkey_lib_debug usage.
- *
- * Revision 1.12  2002/09/13 23:02:23  rgb
- * Type fiddling to tame ia64 compiler.
- * Added text labels to elucidate numeric values presented.
- *
- * Revision 1.11  2002/08/26 03:05:25  mcr
- * 	duh, pf_key much catch SIGTERM as well as SIGINT...
- *
- * Revision 1.10  2002/08/13 19:01:27  mcr
- * 	patches from kenb to permit compilation of FreeSWAN on ia64.
- * 	des library patched to use proper DES_LONG type for ia64.
- *
- * Revision 1.9  2002/07/16 02:53:42  mcr
- * 	added --daemon <pidfile> to "ipsec pf_key" command.
- * 	this is used in *-trap-* tests to avoid race conditions between
- * 	registration of PF_KEY listeners and arrival of first test packet.
- *
- * Revision 1.8  2002/06/17 04:32:55  mcr
- * 	exit nicely from pf_key when SIGINT (^C) is sent.
- * 	This is needed so that the stdout will flush properly.
- *
- * Revision 1.7  2002/04/24 07:55:32  mcr
- * 	#include patches and Makefiles for post-reorg compilation.
- *
- * Revision 1.6  2002/04/24 07:35:39  mcr
- * Moved from ./klips/utils/pf_key.c,v
- *
- * Revision 1.5  2002/03/08 21:44:04  rgb
- * Update for all GNU-compliant --version strings.
- *
- * Revision 1.4  2001/11/27 05:19:06  mcr
- * 	added extra newline between packets.
- * 	set pfkey_lib_debug to enum rather than just to "1".
- *
- * Revision 1.3  2001/11/27 03:35:29  rgb
- * Added stdlib *again*.
- *
- * Revision 1.2  2001/11/23 07:23:14  mcr
- * 	pulled up klips2 Makefile and pf_key code.
- *
- * Revision 1.1.2.5  2001/10/23 18:49:12  mcr
- * 	renamed man page to section 8.
- * 	added --ah, --esp, --ipcomp and --ipip to control which
- * 	protocols are printed.
- * 	incomplete messages which include at least an sadb header are printed.
- *
- * Revision 1.1.2.4  2001/10/22 21:50:51  rgb
- * Added pfkey register for AH, ESP, IPIP and COMP.
- *
- * Revision 1.1.2.3  2001/10/21 21:51:06  rgb
- * Bug fixes to get working.
- *
- * Revision 1.1.2.2  2001/10/20 22:45:31  rgb
- * Added check for exact length and a call to message parser to get some
- * idea of the contents of each extension.
- *
- * Revision 1.1.2.1  2001/10/17 23:25:37  mcr
- * 	added "pk_key" program to dump raw kernel pf messages.
- * 	(program is still skeletal)
- *
- *
- * Local variables:
- * c-file-style: "linux"
- * End:
- *
- */