# set various configuration parameters
# Use  shell "." command to load these into the environment
set -u

# Where to find programs to test.
# These can be overridden by environment.
# Note: {WEST,EAST}PLUTO and {WEST,EAST,NORTH,SOUTH}WHACK
# allow more specific control
# Note: paths must be absolute because dopluto does a cd.

export PLUTO="${PLUTO:-`pwd`/../../programs/pluto/pluto}"
export WHACK="${WHACK:-`pwd`/../../programs/pluto/whack}"

if [ ! -x "$PLUTO" -a "$PLUTO" != "ipsec pluto" ] ; then
	echo "ERROR: Where is Pluto?  Not in \"$PLUTO\"; set \$PLUTO correctly." >&2
	exit 1
fi

if [ ! -x "$WHACK" -a "$WHACK" != "ipsec whack" ] ; then
	echo "ERROR: Where is whack?  Not in \"$WHACK\"; set \$WHACK correctly." >&2
	exit 1
fi

export LWDNSQOPTION=""
case "${USE_LWRES:-}" in
true)
	LWDNSQ=${LWDNSQ:-`pwd`/../../programs/lwdnsq/lwdnsq}
	if [ ! -x $LWDNSQ ] ; then
		if [ -x `dirname "$PLUTO"`/lwdnsq ] ; then
			LWDNSQ=`dirname "$PLUTO"`/lwdnsq
		else
			echo "ERROR: Where is lwdnsq?  Not in \"$LWDNSQ\"; set \$LWDNSQ correctly." >&2
			exit 1
		fi
	fi
	LWDNSQOPTION="--lwdnsq $LWDNSQ"
	;;
esac

export IKEPORT=8500
export DOMAIN=example

export ROUTER=127.95.7.254
export WESTIP=127.95.7.1
export EASTIP=127.95.7.2
export NORTHIP=127.95.7.3
export SOUTHIP=127.95.7.4

export WESTIF=lo:w
export EASTIF=lo:e
export NORTHIF=lo:n
export SOUTHIF=lo:s

export WESTSUBNET=127.95.7.8/30
export	VICTORIA=127.95.7.10
export	VANCOUVER=127.95.7.11
export	VANISHED=127.95.7.8	# missing, naturally
export WESTSUBNET2=127.95.7.12/30
export WESTSUBNET3=127.95.7.16/30

export EASTSUBNETNET=127.95.7.20
export EASTSUBNET=$EASTSUBNETNET/30
export EASTHALFSUBNET=$EASTSUBNETNET/31	# includes Truro
export	TRURO=127.95.7.21
export	ANTIGONISH=127.95.7.22
export	ATLANTIS=127.95.7.23	# missing, naturally
export EASTSUBNET2=127.95.7.24/30
export EASTSUBNET3=127.95.7.28/30

export NORTHSUBNET=127.95.7.32/30
export NORTHSUBNET2=127.95.7.36/30
export NORTHSUBNET3=127.95.7.40/30

export SOUTHSUBNET=127.95.7.44/30
export SOUTHSUBNET2=127.95.7.48/30
export SOUTHSUBNET3=127.95.7.52/30

# sometimes CMP=diff is useful
CMP=${CMP:-cmp}

DOPLUTO=dopluto
DOWHACK=dowhack

DFAIL=""
XFAIL=""
SFAIL=""
REFMISSING=""
CFAIL=""

WESTHOST="--host $WESTIP --ikeport $IKEPORT"
WESTNET="$WESTHOST --client $WESTSUBNET"

EASTHOST="--host $EASTIP --ikeport $IKEPORT"
EASTNET="$EASTHOST --client $EASTSUBNET"

ANYHOST="--host %any --ikeport $IKEPORT"
OPPO="--host %opportunistic --ikeport $IKEPORT"
OPPONARROW="$OPPO --client 127.0.0.0/8"
OPPOMISS="$OPPO --client 10.0.0.0/8"
GROUP="--host %group --ikeport $IKEPORT"
OPPOGROUP="--host %opportunisticgroup --ikeport $IKEPORT"

WHACKWEST="${WESTWHACK:-$WHACK} --ctlbase pluto/west/pluto.west"
WHACKEAST="${EASTWHACK:-$WHACK} --ctlbase pluto/east/pluto.east"

# run of the mill lifetimes
NORMALMARG=350
NORMALIKE=900
TIMES="--rekeymargin $NORMALMARG --ikelifetime $NORMALIKE --ipseclifetime 800"

# half size, to be shorter
SHORTMARG=175
SHORTIKE=450
SHORTIPSEC=400
SHORTTIMES="--rekeymargin $SHORTMARG --ikelifetime $SHORTIKE --ipseclifetime $SHORTIPSEC"

# really small so we're willing to sleep through a keying interval
TINYIPSECLIFETIME=40
TINYTIMES="--rekeymargin 17 --ikelifetime 45 --ipseclifetime $TINYIPSECLIFETIME"

TIMES0="$TIMES --keyingtries 0"
TIMES1="$TIMES --keyingtries 1"
TIMES2="$TIMES --keyingtries 2"

LIST="1 2 3 4 5"

# dumb boilerplate
TO="--updown silly --to --updown sally"

function whackwest() {
	$WHACKWEST "$@"
	}

function whackeast() {
	$WHACKEAST "$@"
	}

function perform() {
	echo "$@"
	"$@" || echo RC: $?
	}

function me() {
	perform whackwest "$@"
	}

function him() {
	perform whackeast "$@"
	}

function both() {
	perform whackwest "$@"
	perform whackeast "$@"
	}

function me_status() {
	me --status | canonicize_status
	}

function him_status() {
	him --status | canonicize_status
	}

function both_status() {
	both --status | canonicize_status
	}

# Grab the lifetime setting actually in states.
# Turn them into shell variable assignments suitable for eval ``.
function grab_lifetimes() {
	( me --status ; him --status ) | sed -n -e \
		'/STATE_/ {
			s/.*MAIN/ISAKMP/
			s/.*QUICK/IPsec/
			s/_I[0-4]/_I!/
			s/_R[0-4]/_R!/
			s/!.*EVENT_SA_\([^ ]*\)/_\1!/
			s/! in \([0-9]*\)s.*/=\1/
			p
			}'
	}

# Check if lifetime is close to predicted time
# Can't be more, but might be a bit less.
# A bit is 3 seconds, for now.
# Must not print variable values unless we have an error condition.
function notcloseto() {
	if expr '(' $1 ')' '>' '(' $2 ')' >/dev/null
	then
		echo bad $3: $1 '>' $2
		return 0
	elif expr '(' $1 ')' '<' '(' $2 ')' - 3 >/dev/null
	then
		echo bad $3: $1 '<' $2 - 3
		return 0
	else
		echo good $3: close to $2
		return 1
	fi
	}

function canonicize_status() {
	sed 	-e 's/ in [1-9][0-9]*s/ in ???s/' \
		-e 's/ esp\.[0-9a-f]*@/ esp.???@/g' \
		-e 's/ ah\.[0-9a-f]*@/ ah.???@/g' \
		-e 's/ comp\.[0-9a-f]*@/ comp.???@/g' \
		-e '/^000 my FQDN =/s/@.*/@FQDN/'
	}
