/testing/guestbin/swan-prep --nokeys
Creating empty NSS database
west #
 echo "initdone"
initdone
west #
 sed -i "s/seedbits=.*$/seedbits=520/" /etc/ipsec.conf
west #
 ipsec start
Redirecting to: [initsystem]
west #
 ../../guestbin/wait-until-pluto-started
west #
 ipsec stop
Redirecting to: [initsystem]
west #
 grep -E "bits random|bytes from|seeded" /tmp/pluto.log
| need 520 bits random for extra seeding of the NSS PRNG
| read 65 bytes from /dev/random for NSS PRNG
seeded 65 bytes into the NSS PRNG
west #
 sed -i "s/seedbits=.*$/seedbits=1024/" /etc/ipsec.conf
west #
 ipsec start
Redirecting to: [initsystem]
west #
 ../../guestbin/wait-until-pluto-started
west #
 ipsec stop
Redirecting to: [initsystem]
west #
 grep -E "bits random|bytes from|seeded" /tmp/pluto.log
| need 1024 bits random for extra seeding of the NSS PRNG
| read 128 bytes from /dev/random for NSS PRNG
seeded 128 bytes into the NSS PRNG
west #
 sed -i "s/seedbits=.*$/seedbits=2048/" /etc/ipsec.conf
west #
 ipsec start
Redirecting to: [initsystem]
west #
 ../../guestbin/wait-until-pluto-started
west #
 sleep 10
west #
 # this ping should fail due to the type=block connection
west #
 ../../guestbin/ping-once.sh --error 192.1.2.23
connect: Operation not permitted
west #
 ipsec stop
Redirecting to: [initsystem]
west #
 grep -E "bits random|bytes from|seeded" /tmp/pluto.log
| need 2048 bits random for extra seeding of the NSS PRNG
| read 256 bytes from /dev/random for NSS PRNG
seeded 256 bytes into the NSS PRNG
west #
 test -f PATH/libexec/ipsec/pluto && PLUTOBIN="PATH/libexec/ipsec/pluto"
west #
 test -f PATH/libexec/ipsec/pluto && PLUTOBIN="PATH/libexec/ipsec/pluto"
west #
 /testing/guestbin/checksec.sh --file $PLUTOBIN
RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH      FILE
Full RELRO      Canary found      NX enabled    PIE enabled     No RPATH   No RUNPATH   PATH/libexec/ipsec/pluto
west #
