diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2013-03-03 10:47:17 +0100 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2013-03-03 10:47:17 +0100 |
| commit | 81419b9748e20706963a98f4a86a98a1dc13f578 (patch) | |
| tree | 571808f721217b3355d7f82cf49365c14df40864 | |
| parent | c9418d4fd3cda35a632c648a89f99bd6f8d1fe90 (diff) | |
| download | strongswan-81419b9748e20706963a98f4a86a98a1dc13f578.tar.bz2 strongswan-81419b9748e20706963a98f4a86a98a1dc13f578.tar.xz | |
use DNs in tnc/tnccs-20-tls scenario
4 files changed, 3 insertions, 5 deletions
diff --git a/testing/tests/tnc/tnccs-20-tls/evaltest.dat b/testing/tests/tnc/tnccs-20-tls/evaltest.dat index bac7294b2..40d5e24d5 100644 --- a/testing/tests/tnc/tnccs-20-tls/evaltest.dat +++ b/testing/tests/tnc/tnccs-20-tls/evaltest.dat @@ -7,9 +7,9 @@ dave:: cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established:: dave:: cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES dave:: cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.200/32 === 10.1.0.16/28::YES moon:: cat /var/log/daemon.log::added group membership 'allow'::YES -moon:: cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES +moon:: cat /var/log/daemon.log::authentication of 'C=CH, O=Linux strongSwan, OU=Research, CN=carol@strongswan.org' with EAP successful::YES moon:: cat /var/log/daemon.log::added group membership 'isolate'::YES -moon:: cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with EAP successful::YES +moon:: cat /var/log/daemon.log::authentication of 'C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org' with EAP successful::YES moon:: ipsec statusall 2> /dev/null::rw-allow.*10.1.0.0/28 === 192.168.0.100/32::YES moon:: ipsec statusall 2> /dev/null::rw-isolate.*10.1.0.16/28 === 192.168.0.200/32::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_req=1::YES diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf index e9b78bc01..eece9f294 100644 --- a/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf +++ b/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf @@ -13,7 +13,6 @@ conn %default conn home left=PH_IP_CAROL leftcert=carolCert.pem - leftid=carol@strongswan.org leftauth=eap leftfirewall=yes right=PH_IP_MOON diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf index 75d84e25a..362042656 100644 --- a/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf +++ b/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf @@ -13,7 +13,6 @@ conn %default conn home left=PH_IP_DAVE leftcert=daveCert.pem - leftid=dave@strongswan.org leftauth=eap leftfirewall=yes right=PH_IP_MOON diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf index 2ffc7e9ae..0ec930286 100644 --- a/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf +++ b/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf @@ -29,6 +29,6 @@ conn rw-eap leftauth=eap-ttls leftfirewall=yes rightauth=eap-ttls - rightid=*@strongswan.org + rightid="C=CH, O=Linux strongSwan, OU=*, CN=*" rightsendcert=never right=%any |