diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2006-06-06 05:41:21 +0000 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2006-06-06 05:41:21 +0000 |
| commit | fc0afb681070a0cb2ad1b5d4d4d7d6bc83b50ebe (patch) | |
| tree | 8d004acd6e43592a6e5707096c9f3e4c4b1c181b | |
| parent | 32b6500fbfe063f3efb5589facd027f4c6cf08ed (diff) | |
| download | strongswan-fc0afb681070a0cb2ad1b5d4d4d7d6bc83b50ebe.tar.bz2 strongswan-fc0afb681070a0cb2ad1b5d4d4d7d6bc83b50ebe.tar.xz | |
created IPv6 environment
49 files changed, 225 insertions, 148 deletions
diff --git a/src/charon/network/socket.c b/src/charon/network/socket.c index ba01702cb..c42c9cd10 100644 --- a/src/charon/network/socket.c +++ b/src/charon/network/socket.c @@ -308,9 +308,9 @@ static status_t build_interface_list(private_socket_t *this, u_int16_t port) int skt; interface_t *interface; - if (current->sin_family != AF_INET) + if (current->sin_family != AF_INET && current->sin_family != AF_INET6) { - /* ignore all but AF_INET interfaces */ + /* ignore all but IPv4 and IPv6 interfaces */ continue; } @@ -334,7 +334,7 @@ static status_t build_interface_list(private_socket_t *this, u_int16_t port) } /* set up interface socket */ - skt = socket(AF_INET, SOCK_RAW, IPPROTO_UDP); + skt = socket(current->sin_family, SOCK_RAW, IPPROTO_UDP); if (socket < 0) { this->logger->log(this->logger, ERROR, "unable to open interface socket!"); @@ -347,7 +347,7 @@ static status_t build_interface_list(private_socket_t *this, u_int16_t port) continue; } current->sin_port = htons(port); - current->sin_family = AF_INET; + if (bind(skt, (struct sockaddr*)current, sizeof(struct sockaddr_in)) < 0) { this->logger->log(this->logger, ERROR, "unable to bind interface socket!"); diff --git a/src/starter/confread.c b/src/starter/confread.c index cd7a6f29d..e9912f8b8 100644 --- a/src/starter/confread.c +++ b/src/starter/confread.c @@ -31,13 +31,15 @@ #include "args.h" #include "interfaces.h" +/* strings containing a colon are interpreted as an IPv6 address */ +#define ip_version(string) (strchr(string, ':') != NULL)? AF_INET6 : AF_INET; + static const char ike_defaults[] = "3des-sha, 3des-md5"; static const char esp_defaults[] = "3des-sha1, 3des-md5"; static const char firewall_defaults[] = "ipsec _updown iptables"; -static void -default_values(starter_config_t *cfg) +static void default_values(starter_config_t *cfg) { if (cfg == NULL) return; @@ -167,22 +169,18 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token goto err; } } - else if (streq(value,"%any")) + else if (streq(value, "%any")) { anyaddr(conn->addr_family, &end->addr); } - else if (value[0] == '%') + else if (streq(value, "%any6")) { - if (end->iface) - pfree(end->iface); - end->iface = clone_str(value+1, "iface"); - if (starter_iface_find(end->iface, conn->addr_family, &end->addr, &end->nexthop) == -1) - { - conn->state = STATE_INVALID; - } + conn->addr_family = AF_INET6; + anyaddr(conn->addr_family, &end->addr); } else { + conn->addr_family = ip_version(value); ugh = ttoaddr(value, 0, conn->addr_family, &end->addr); if (ugh != NULL) { @@ -203,10 +201,14 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token } } else if (streq(value, "%direct")) + { ugh = anyaddr(conn->addr_family, &end->nexthop); + } else + { + conn->addr_family = ip_version(value); ugh = ttoaddr(value, 0, conn->addr_family, &end->nexthop); - + } if (ugh != NULL) { plog("# bad addr: %s=%s [%s]", name, value, ugh); @@ -222,6 +224,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token else { end->has_client = TRUE; + conn->tunnel_addr_family = ip_version(value); ugh = ttosubnet(value, 0, conn->tunnel_addr_family, &end->subnet); if (ugh != NULL) { @@ -233,6 +236,7 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token case KW_SUBNETWITHIN: end->has_client = TRUE; end->has_client_wildcard = TRUE; + conn->tunnel_addr_family = ip_version(value); ugh = ttosubnet(value, 0, conn->tunnel_addr_family, &end->subnet); break; case KW_PROTOPORT: @@ -246,7 +250,8 @@ kw_end(starter_conn_t *conn, starter_end_t *end, kw_token_t token } else { - ugh = ttoaddr(value, 0, conn->addr_family, &end->srcip); + conn->tunnel_addr_family = ip_version(value); + ugh = ttoaddr(value, 0, conn->tunnel_addr_family, &end->srcip); if (ugh != NULL) { plog("# bad addr: %s=%s [%s]", name, value, ugh); diff --git a/src/starter/starterwhack.c b/src/starter/starterwhack.c index 862c01766..0b37ab742 100644 --- a/src/starter/starterwhack.c +++ b/src/starter/starterwhack.c @@ -157,13 +157,13 @@ set_whack_end(whack_end_t *w, starter_end_t *end) w->host_addr = end->addr; w->host_nexthop = end->nexthop; w->host_srcip = end->srcip; + w->has_client = end->has_client; - if (end->has_client) - w->client = end->subnet; + if (w->has_client) + w->client = end->subnet; else - w->client.addr.u.v4.sin_family = AF_INET; + w->client.addr.u.v4.sin_family = addrtypeof(&w->host_addr); - w->has_client = end->has_client; w->has_client_wildcard = end->has_client_wildcard; w->has_port_wildcard = end->has_port_wildcard; w->has_srcip = end->has_srcip; diff --git a/testing/do-tests b/testing/do-tests index c4c624ea9..8c0c12aac 100755 --- a/testing/do-tests +++ b/testing/do-tests @@ -68,39 +68,56 @@ cp -rfp $DEFAULTTESTSDIR/* $TESTSDIR for host in $STRONGSWANHOSTS do - eval ip_${host}="`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $1 }' | awk '{ print $1 }'`" + eval ipv4_${host}="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $1 }' | awk '{ print $1 }'`" + eval ipv6_${host}="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $1 }' | awk '{ print $1 }'`" case $host in moon) - eval ip1_${host}="`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $2 }' | awk '{ print $1 }'`" - searchandreplace PH_IP_MOON $ip_moon $TESTSDIR - searchandreplace PH_IP1_MOON $ip1_moon $TESTSDIR + eval ipv4_moon1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP_MOON1 $ipv4_moon1 $TESTSDIR + searchandreplace PH_IP_MOON $ipv4_moon $TESTSDIR + eval ipv6_moon1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP6_MOON1 $ipv6_moon1 $TESTSDIR + searchandreplace PH_IP6_MOON $ipv6_moon $TESTSDIR ;; sun) - eval ip1_${host}="`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $2 }' | awk '{ print $1 }'`" - searchandreplace PH_IP_SUN $ip_sun $TESTSDIR - searchandreplace PH_IP1_SUN $ip1_sun $TESTSDIR + eval ipv4_sun1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP_SUN1 $ipv4_sun1 $TESTSDIR + searchandreplace PH_IP_SUN $ipv4_sun $TESTSDIR + eval ipv6_sun1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP6_SUN1 $ipv6_sun1 $TESTSDIR + searchandreplace PH_IP6_SUN $ipv6_sun $TESTSDIR ;; alice) - searchandreplace PH_IP_ALICE $ip_alice $TESTSDIR + searchandreplace PH_IP_ALICE $ipv4_alice $TESTSDIR + searchandreplace PH_IP6_ALICE $ipv6_alice $TESTSDIR ;; venus) - searchandreplace PH_IP_VENUS $ip_venus $TESTSDIR + searchandreplace PH_IP_VENUS $ipv4_venus $TESTSDIR + searchandreplace PH_IP6_VENUS $ipv6_venus $TESTSDIR ;; bob) - searchandreplace PH_IP_BOB $ip_bob $TESTSDIR + searchandreplace PH_IP_BOB $ipv4_bob $TESTSDIR + searchandreplace PH_IPV6_BOB $ipv6_bob $TESTSDIR ;; carol) - eval ip1_${host}="`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $2 }' | awk '{ print $1 }'`" - searchandreplace PH_IP_CAROL $ip_carol $TESTSDIR - searchandreplace PH_IP1_CAROL $ip1_carol $TESTSDIR + eval ipv4_carol1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP_CAROL1 $ipv4_carol1 $TESTSDIR + searchandreplace PH_IP_CAROL $ipv4_carol $TESTSDIR + eval ipv6_carol1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP6_CAROL1 $ipv6_carol1 $TESTSDIR + searchandreplace PH_IP6_CAROL $ipv6_carol $TESTSDIR ;; dave) - eval ip1_${host}="`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $2 }' | awk '{ print $1 }'`" - searchandreplace PH_IP_DAVE $ip_dave $TESTSDIR - searchandreplace PH_IP1_DAVE $ip1_dave $TESTSDIR + eval ipv4_dave1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP_DAVE1 $ipv4_dave1 $TESTSDIR + searchandreplace PH_IP_DAVE $ipv4_dave $TESTSDIR + eval ipv6_dave1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP6_DAVE1 $ipv6_dave1 $TESTSDIR + searchandreplace PH_IP6_DAVE $ipv6_dave $TESTSDIR ;; winnetou) - searchandreplace PH_IP_WINNETOU $ip_winnetou $TESTSDIR + searchandreplace PH_IP_WINNETOU $ipv4_winnetou $TESTSDIR + searchandreplace PH_IP6_WINNETOU $ipv6_winnetou $TESTSDIR ;; esac done @@ -198,7 +215,7 @@ do iface=`echo $host_iface | awk -F ":" '{if ($2 != "") { print $2 } else { printf("eth0") }}'` tcpdump_cmd="tcpdump -i $iface not port ssh and not port domain and not arp > /tmp/tcpdump.log 2>&1 &" echo "${host}# $tcpdump_cmd" >> $CONSOLE_LOG - ssh root@`eval echo \\\$ip_$host '$tcpdump_cmd'` + ssh root@`eval echo \\\$ipv4_$host '$tcpdump_cmd'` eval TDUP_${host}="true" done fi @@ -214,7 +231,7 @@ do if ($2 != "") { printf("echo \"%s# %s\"; ", $1, $2) - printf("ssh root@\044ip_%s \"%s\"; ", $1, $2) + printf("ssh root@\044ipv4_%s \"%s\"; ", $1, $2) printf("echo;\n") } }' $TESTSDIR/${testname}/pretest.dat` >> $CONSOLE_LOG 2>&1 @@ -226,7 +243,7 @@ do function stop_tcpdump { echo "${1}# killall tcpdump" >> $CONSOLE_LOG - eval ssh root@\$ip_${1} killall tcpdump + eval ssh root@\$ipv4_${1} killall tcpdump eval TDUP_${1}="false" echo "" } @@ -252,12 +269,12 @@ do { printf("if [ \044TDUP_%s == \"true\" ]; then stop_tcpdump %s; fi; \n", host, host) printf("echo \"%s# cat /tmp/tcpdump.log | grep \047%s\047 [%s]\"; ", host, pattern, hit) - printf("ssh root@\044ip_%s cat /tmp/tcpdump.log | grep \"%s\"; ", host, pattern) + printf("ssh root@\044ipv4_%s cat /tmp/tcpdump.log | grep \"%s\"; ", host, pattern) } else { printf("echo \"%s# %s | grep \047%s\047 [%s]\"; ", host, command, pattern, hit) - printf("ssh root@\044ip_%s %s | grep \"%s\"; ", host, command, pattern) + printf("ssh root@\044ipv4_%s %s | grep \"%s\"; ", host, command, pattern) } printf("cmd_exit=\044?; ") printf("echo; ") @@ -310,7 +327,7 @@ do for host in $IPSECHOSTS do - eval HOSTLOGIN=root@\$ip_${host} + eval HOSTLOGIN=root@\$ipv4_${host} for command in statusall listall do @@ -359,7 +376,7 @@ do if ($2 != "") { printf("echo \"%s# %s\"; ", $1, $2) - printf("ssh root@\044ip_%s \"%s\"; ", $1, $2) + printf("ssh root@\044ipv4_%s \"%s\"; ", $1, $2) printf("echo;\n") } }' $TESTSDIR/${testname}/posttest.dat` >> $CONSOLE_LOG 2>&1 @@ -371,7 +388,7 @@ do for host in $IPSECHOSTS do - eval HOSTLOGIN=root@\$ip_${host} + eval HOSTLOGIN=root@\$ipv4_${host} ssh $HOSTLOGIN grep pluto /var/log/auth.log \ > $TESTRESULTDIR/${host}.auth.log echo >> $TESTRESULTDIR/${host}.auth.log @@ -389,7 +406,7 @@ do if [ "`eval echo \\\$TDUP_${host}`" = "true" ] then echo "${host}# killall tcpdump" >> $CONSOLE_LOG - eval ssh root@\$ip_$host killall tcpdump + eval ssh root@\$ipv4_$host killall tcpdump eval TDUP_${host}="false" fi done @@ -452,10 +469,10 @@ cecho "" HTDOCS="/var/www/localhost/htdocs" cecho-n "Copying test results to winnetou.." -ssh root@${ip_winnetou} mkdir -p $HTDOCS/testresults > /dev/null 2>&1 -scp -r $TODAYDIR root@${ip_winnetou}:$HTDOCS/testresults > /dev/null 2>&1 -ssh root@${ip_winnetou} ln -s $HTDOCS/images $HTDOCS/testresults/$TESTDATE/images > /dev/null 2>&1 +ssh root@${ipv4_winnetou} mkdir -p $HTDOCS/testresults > /dev/null 2>&1 +scp -r $TODAYDIR root@${ipv4_winnetou}:$HTDOCS/testresults > /dev/null 2>&1 +ssh root@${ipv4_winnetou} ln -s $HTDOCS/images $HTDOCS/testresults/$TESTDATE/images > /dev/null 2>&1 cecho "done" cecho "" cecho "The results are available in $TODAYDIR" -cecho "or via the link http://$ip_winnetou/testresults/$TESTDATE" +cecho "or via the link http://$ipv4_winnetou/testresults/$TESTDATE" diff --git a/testing/hosts/alice/etc/conf.d/net b/testing/hosts/alice/etc/conf.d/net index 3070a46b1..089dc5fc8 100644 --- a/testing/hosts/alice/etc/conf.d/net +++ b/testing/hosts/alice/etc/conf.d/net @@ -3,9 +3,9 @@ # This is basically the ifconfig argument without the ifconfig $iface # iface_lo="127.0.0.1 netmask 255.0.0.0" -iface_eth0="PH_IP_ALICE broadcast 10.1.255.255 netmask 255.255.0.0" +iface_eth0="PH_IP_ALICE broadcast 10.1.255.255 netmask 255.255.0.0 add PH_IP6_ALICE/16" # For setting the default gateway # -gateway="eth0/PH_IP1_MOON" +gateway="eth0/PH_IP_MOON1" diff --git a/testing/hosts/bob/etc/conf.d/net b/testing/hosts/bob/etc/conf.d/net index 09133acad..977889fd2 100644 --- a/testing/hosts/bob/etc/conf.d/net +++ b/testing/hosts/bob/etc/conf.d/net @@ -3,8 +3,8 @@ # This is basically the ifconfig argument without the ifconfig $iface # iface_lo="127.0.0.1 netmask 255.0.0.0" -iface_eth0="PH_IP_BOB broadcast 10.2.255.255 netmask 255.255.0.0" +iface_eth0="PH_IP_BOB broadcast 10.2.255.255 netmask 255.255.0.0 add PH_IP6_BOB/16" # For setting the default gateway # -gateway="eth0/PH_IP1_SUN" +gateway="eth0/PH_IP_SUN1" diff --git a/testing/hosts/carol/etc/conf.d/net b/testing/hosts/carol/etc/conf.d/net index 39470ad14..afd322cb8 100644 --- a/testing/hosts/carol/etc/conf.d/net +++ b/testing/hosts/carol/etc/conf.d/net @@ -3,7 +3,7 @@ # This is basically the ifconfig argument without the ifconfig $iface # iface_lo="127.0.0.1 netmask 255.0.0.0" -iface_eth0="PH_IP_CAROL broadcast 192.168.0.255 netmask 255.255.255.0" +iface_eth0="PH_IP_CAROL broadcast 192.168.0.255 netmask 255.255.255.0 add PH_IP6_CAROL/16" # For setting the default gateway # diff --git a/testing/hosts/dave/etc/conf.d/net b/testing/hosts/dave/etc/conf.d/net index db3753fb0..f89dc5eed 100644 --- a/testing/hosts/dave/etc/conf.d/net +++ b/testing/hosts/dave/etc/conf.d/net @@ -3,7 +3,7 @@ # This is basically the ifconfig argument without the ifconfig $iface # iface_lo="127.0.0.1 netmask 255.0.0.0" -iface_eth0="PH_IP_DAVE broadcast 192.168.0.255 netmask 255.255.255.0" +iface_eth0="PH_IP_DAVE broadcast 192.168.0.255 netmask 255.255.255.0 add PH_IP6_DAVE/16" # For setting the default gateway # diff --git a/testing/hosts/default/etc/hosts b/testing/hosts/default/etc/hosts index b8bc8da66..d0bfe3a76 100644 --- a/testing/hosts/default/etc/hosts +++ b/testing/hosts/default/etc/hosts @@ -14,15 +14,15 @@ PH_IP_ALICE alice.strongswan.org alice PH_IP_VENUS venus.strongswan.org venus -PH_IP1_MOON moon1.strongswan.org moon1 +PH_IP_MOON1 moon1.strongswan.org moon1 PH_IP_MOON moon.strongswan.org moon PH_IP_CAROL carol.strongswan.org carol -PH_IP1_CAROL carol1.strongswan.org carol1 +PH_IP_CAROL1 carol1.strongswan.org carol1 PH_IP_WINNETOU winnetou.strongswan.org winnetou crl.strongswan.org ocsp.strongswan.org ldap.strongswan.org PH_IP_DAVE dave.strongswan.org dave -PH_IP1_DAVE dave1.strongswan.org dave1 +PH_IP_DAVE1 dave1.strongswan.org dave1 PH_IP_SUN sun.strongswan.org sun -PH_IP1_SUN sun1.strongswan.org sun1 +PH_IP_SUN1 sun1.strongswan.org sun1 PH_IP_BOB bob.strongswan.org bob # IPV6 versions of localhost and co @@ -32,3 +32,17 @@ ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts + +PH_IP6_ALICE ip6-alice.strongswan.org ip6-alice +PH_IP6_VENUS ip6-venus.strongswan.org ip6-venus +PH_IP6_MOON1 ip6-moon1.strongswan.org ip6-moon1 +PH_IP6_MOON ip6-moon.strongswan.org ip6-moon +PH_IP6_CAROL ip6-carol.strongswan.org ip6-carol +PH_IP6_CAROL1 ip6-carol1.strongswan.org ip6-carol1 +PH_IP6_WINNETOU ip6-winnetou.strongswan.org ip6-winnetou +PH_IP6_DAVE ip6-dave.strongswan.org ip6-dave +PH_IP6_DAVE1 ip6-dave1.strongswan.org ip6-dave1 +PH_IP6_SUN ip6-sun.strongswan.org ip6-sun +PH_IP6_SUN1 ip6-sun1.strongswan.org ip6-sun1 +PH_IP6_BOB ip6-bob.strongswan.org ip6-bob + diff --git a/testing/hosts/moon/etc/conf.d/net b/testing/hosts/moon/etc/conf.d/net index 7dec60ba5..1e74a9964 100644 --- a/testing/hosts/moon/etc/conf.d/net +++ b/testing/hosts/moon/etc/conf.d/net @@ -3,8 +3,8 @@ # This is basically the ifconfig argument without the ifconfig $iface # iface_lo="127.0.0.1 netmask 255.0.0.0" -iface_eth0="PH_IP_MOON broadcast 192.168.0.255 netmask 255.255.255.0" -iface_eth1="PH_IP1_MOON broadcast 10.1.255.255 netmask 255.255.0.0" +iface_eth0="PH_IP_MOON broadcast 192.168.0.255 netmask 255.255.255.0 add PH_IP6_MOON/16" +iface_eth1="PH_IP_MOON1 broadcast 10.1.255.255 netmask 255.255.0.0 add PH_IP6_MOON1/16" # For setting the default gateway # diff --git a/testing/hosts/sun/etc/conf.d/net b/testing/hosts/sun/etc/conf.d/net index 0f8dc57b1..d3154db65 100644 --- a/testing/hosts/sun/etc/conf.d/net +++ b/testing/hosts/sun/etc/conf.d/net @@ -3,8 +3,8 @@ # This is basically the ifconfig argument without the ifconfig $iface # iface_lo="127.0.0.1 netmask 255.0.0.0" -iface_eth0="PH_IP_SUN broadcast 192.168.0.255 netmask 255.255.255.0" -iface_eth1="PH_IP1_SUN broadcast 10.2.255.255 netmask 255.255.0.0" +iface_eth0="PH_IP_SUN broadcast 192.168.0.255 netmask 255.255.255.0 add PH_IP6_SUN/16" +iface_eth1="PH_IP_SUN1 broadcast 10.2.255.255 netmask 255.255.0.0 add PH_IP6_SUN1/16" # For setting the default gateway # diff --git a/testing/hosts/venus/etc/conf.d/net b/testing/hosts/venus/etc/conf.d/net index 2c55c2c20..9f93275f8 100644 --- a/testing/hosts/venus/etc/conf.d/net +++ b/testing/hosts/venus/etc/conf.d/net @@ -3,9 +3,9 @@ # This is basically the ifconfig argument without the ifconfig $iface # iface_lo="127.0.0.1 netmask 255.0.0.0" -iface_eth0="PH_IP_VENUS broadcast 10.1.255.255 netmask 255.255.0.0" +iface_eth0="PH_IP_VENUS broadcast 10.1.255.255 netmask 255.255.0.0 add PH_IP6_VENUS/16" # For setting the default gateway # -gateway="eth0/PH_IP1_MOON" +gateway="eth0/PH_IP_MOON1" diff --git a/testing/hosts/winnetou/etc/conf.d/net b/testing/hosts/winnetou/etc/conf.d/net index 1a32153f3..6a1ad6406 100644 --- a/testing/hosts/winnetou/etc/conf.d/net +++ b/testing/hosts/winnetou/etc/conf.d/net @@ -3,7 +3,7 @@ # This is basically the ifconfig argument without the ifconfig $iface # iface_lo="127.0.0.1 netmask 255.0.0.0" -iface_eth0="PH_IP_WINNETOU broadcast 192.168.0.255 netmask 255.255.255.0" +iface_eth0="PH_IP_WINNETOU broadcast 192.168.0.255 netmask 255.255.255.0 add PH_IP6_WINNETOU/16" # For setting the default gateway # diff --git a/testing/scripts/build-hostconfig b/testing/scripts/build-hostconfig index 0df8861c8..1dd268719 100755 --- a/testing/scripts/build-hostconfig +++ b/testing/scripts/build-hostconfig @@ -58,44 +58,61 @@ HOSTIP=`ifconfig eth0 |grep inet |sed -e "s/.*inet addr://" -e "s/ Bcast.*//"` for host in $STRONGSWANHOSTS do cecho-n "${host}.." - eval ip_${host}="`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $1 }' | awk '{ print $1 }'`" + eval ipv4_${host}="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $1 }' | awk '{ print $1 }'`" + eval ipv6_${host}="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $1 }' | awk '{ print $1 }'`" - [ "`eval echo \\\$ip_${host}`" != "$HOSTIP" ] || die "$host has the same IP as eth0 (Host)! Please change that." + [ "`eval echo \\\$ipv4_${host}`" != "$HOSTIP" ] || die "$host has the same IP as eth0 (Host)! Please change that." case $host in moon) - eval ip1_${host}="`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $2 }' | awk '{ print $1 }'`" - [ "`eval echo \\\$ip1_${host}`" != "$HOSTIP" ] || die "eth1 of $host has the same IP as eth0 (Host)! Please change that." - searchandreplace PH_IP_MOON $ip_moon $HOSTCONFIGDIR - searchandreplace PH_IP1_MOON $ip1_moon $HOSTCONFIGDIR + eval ipv4_moon1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + [ "`eval echo \\\$ipv4_moon1`" != "$HOSTIP" ] || die "eth1 of $host has the same IP as eth0 (Host)! Please change that." + searchandreplace PH_IP_MOON1 $ipv4_moon1 $HOSTCONFIGDIR + searchandreplace PH_IP_MOON $ipv4_moon $HOSTCONFIGDIR + eval ipv6_moon1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP6_MOON1 $ipv6_moon1 $HOSTCONFIGDIR + searchandreplace PH_IP6_MOON $ipv6_moon $HOSTCONFIGDIR ;; sun) - eval ip1_${host}="`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $2 }' | awk '{ print $1 }'`" - [ "`eval echo \\\$ip1_${host}`" != "$HOSTIP" ] || die "eth1 of $host has the same IP as eth0 (Host)! Please change that." - searchandreplace PH_IP_SUN $ip_sun $HOSTCONFIGDIR - searchandreplace PH_IP1_SUN $ip1_sun $HOSTCONFIGDIR + eval ipv4_sun1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + [ "`eval echo \\\$ipv4_sun1`" != "$HOSTIP" ] || die "eth1 of $host has the same IP as eth0 (Host)! Please change that." + searchandreplace PH_IP_SUN1 $ipv4_sun1 $HOSTCONFIGDIR + searchandreplace PH_IP_SUN $ipv4_sun $HOSTCONFIGDIR + eval ipv6_sun1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP6_SUN1 $ipv6_sun1 $HOSTCONFIGDIR + searchandreplace PH_IP6_SUN $ipv6_sun $HOSTCONFIGDIR ;; alice) - searchandreplace PH_IP_ALICE $ip_alice $HOSTCONFIGDIR + searchandreplace PH_IP_ALICE $ipv4_alice $HOSTCONFIGDIR + searchandreplace PH_IP6_ALICE $ipv6_alice $HOSTCONFIGDIR ;; venus) - searchandreplace PH_IP_VENUS $ip_venus $HOSTCONFIGDIR + searchandreplace PH_IP_VENUS $ipv4_venus $HOSTCONFIGDIR + searchandreplace PH_IP6_VENUS $ipv6_venus $HOSTCONFIGDIR ;; bob) - searchandreplace PH_IP_BOB $ip_bob $HOSTCONFIGDIR + searchandreplace PH_IP_BOB $ipv4_bob $HOSTCONFIGDIR + searchandreplace PH_IP6_BOB $ipv6_bob $HOSTCONFIGDIR ;; carol) - eval ip1_${host}="`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $2 }' | awk '{ print $1 }'`" - searchandreplace PH_IP_CAROL $ip_carol $HOSTCONFIGDIR - searchandreplace PH_IP1_CAROL $ip1_carol $HOSTCONFIGDIR + eval ipv4_carol1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP_CAROL1 $ipv4_carol1 $HOSTCONFIGDIR + searchandreplace PH_IP_CAROL $ipv4_carol $HOSTCONFIGDIR + eval ipv6_carol1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP6_CAROL1 $ipv6_carol1 $HOSTCONFIGDIR + searchandreplace PH_IP6_CAROL $ipv6_carol $HOSTCONFIGDIR ;; dave) - eval ip1_${host}="`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $2 }' | awk '{ print $1 }'`" - searchandreplace PH_IP_DAVE $ip_dave $HOSTCONFIGDIR - searchandreplace PH_IP1_DAVE $ip1_dave $HOSTCONFIGDIR + eval ipv4_dave1="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP_DAVE1 $ipv4_dave1 $HOSTCONFIGDIR + searchandreplace PH_IP_DAVE $ipv4_dave $HOSTCONFIGDIR + eval ipv6_dave1="`echo $HOSTNAMEIPV6 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $2 }' | awk '{ print $1 }'`" + searchandreplace PH_IP6_DAVE1 $ipv6_dave1 $HOSTCONFIGDIR + searchandreplace PH_IP6_DAVE $ipv6_dave $HOSTCONFIGDIR ;; winnetou) - searchandreplace PH_IP_WINNETOU $ip_winnetou $HOSTCONFIGDIR + searchandreplace PH_IP_WINNETOU $ipv4_winnetou $HOSTCONFIGDIR + searchandreplace PH_IP6_WINNETOU $ipv6_winnetou $HOSTCONFIGDIR ;; esac done diff --git a/testing/scripts/build-sshkeys b/testing/scripts/build-sshkeys index f4d584d6b..23f62e005 100755 --- a/testing/scripts/build-sshkeys +++ b/testing/scripts/build-sshkeys @@ -58,10 +58,10 @@ else cecho "done" fi -for host in $HOSTNAMEIPS +for host in $HOSTNAMEIPV4 do - HOSTNAME=`echo $host | awk -F : '{ print $1 }'` - IP=`echo $host | awk -F : '{ print $2 }'` + HOSTNAME=`echo $host | awk -F, '{ print $1 }'` + IP=`echo $host | awk -F, '{ print $2 }'` if [ `grep "$IP " ~/.ssh/known_hosts | wc -l` != "0" ] then cecho "!! Warning: An entry exists for the following IP address: $IP" diff --git a/testing/scripts/build-umlrootfs b/testing/scripts/build-umlrootfs index 0dd41c04f..afc40b12b 100755 --- a/testing/scripts/build-umlrootfs +++ b/testing/scripts/build-umlrootfs @@ -152,7 +152,7 @@ cp $LOOPDIR/etc/ssh/ssh_host_rsa_key $LOOPDIR/root/.ssh/id_rsa for host in $STRONGSWANHOSTS do - eval ip="`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $1 }' | awk '{ print $1 }'`" + eval ip="`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F- '{ print $1 }' | awk '{ print $1 }'`" echo "$host,$ip `cat $HOSTCONFIGDIR/ssh_host_rsa_key.pub`" >> $LOOPDIR/root/.ssh/known_hosts echo "`cat $HOSTCONFIGDIR/ssh_host_rsa_key.pub` root@$host" >> $LOOPDIR/root/.ssh/authorized_keys done diff --git a/testing/scripts/load-testconfig b/testing/scripts/load-testconfig index 89da17e72..0363f4ec1 100755 --- a/testing/scripts/load-testconfig +++ b/testing/scripts/load-testconfig @@ -46,7 +46,7 @@ if [ -d $TESTSDIR/$testname/hosts ] then for host in `ls $TESTSDIR/$testname/hosts` do - eval HOSTLOGIN="root@`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $1 }' | awk '{ print $1 }'`" + eval HOSTLOGIN="root@`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $1 }' | awk '{ print $1 }'`" scp -rp $TESTSDIR/$testname/hosts/$host/etc $HOSTLOGIN:/ > /dev/null 2>&1 done fi @@ -58,7 +58,7 @@ fi for host in $IPSECHOSTS do - eval HOSTLOGIN="root@`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $1 }' | awk '{ print $1 }'`" + eval HOSTLOGIN="root@`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $1 }' | awk '{ print $1 }'`" ssh $HOSTLOGIN 'rm -f /var/log/auth.log; \ kill -SIGHUP `cat /var/run/syslogd.pid`' > /dev/null 2>&1 done diff --git a/testing/scripts/restore-defaults b/testing/scripts/restore-defaults index 129e46f56..b1dae1ea2 100755 --- a/testing/scripts/restore-defaults +++ b/testing/scripts/restore-defaults @@ -47,7 +47,7 @@ if [ -d $TESTSDIR/${testname}/hosts ] then for host in `ls $TESTSDIR/${testname}/hosts` do - eval HOSTLOGIN="root@`echo $HOSTNAMEIPS | sed -n -e "s/^.*${host}://gp" | awk -F : '{ print $1 }' | awk '{ print $1 }'`" + eval HOSTLOGIN="root@`echo $HOSTNAMEIPV4 | sed -n -e "s/^.*${host},//gp" | awk -F, '{ print $1 }' | awk '{ print $1 }'`" scp -rp $HOSTCONFIGDIR/${host}/etc $HOSTLOGIN:/ > /dev/null 2>&1 done fi diff --git a/testing/testing.conf b/testing/testing.conf index d3ed1129a..2551bbc7f 100755 --- a/testing/testing.conf +++ b/testing/testing.conf @@ -21,7 +21,7 @@ UMLTESTDIR=~/strongswan-testing # Bzipped kernel sources # (file extension .tar.bz2 required) -KERNEL=$UMLTESTDIR/linux-2.6.16.16.tar.bz2 +KERNEL=$UMLTESTDIR/linux-2.6.16.19.tar.bz2 # Extract kernel version KERNELVERSION=`basename $KERNEL .tar.bz2 | sed -e 's/linux-//'` @@ -98,20 +98,30 @@ SELECTEDTESTSONLY="no" SELECTEDTESTS="net2net-cert" ############################################################## -# hostname and according IP(s) -# You may change the IPs but keep them in the same net, +# hostname and corresponding IPv4 and IPv6 addresses +# You may change the IPs but keep them in the same subnet, # this means retain the netmasks! # Also don't use IPs ending with 254, they are reserved! # -HOSTNAMEIPS="\ -alice:10.1.0.10 \ -venus:10.1.0.20 \ -moon:192.168.0.1:10.1.0.1 \ -carol:192.168.0.100:10.3.0.1 \ -winnetou:192.168.0.150 \ -dave:192.168.0.200:10.3.0.2 \ -sun:192.168.0.2:10.2.0.1 \ -bob:10.2.0.10" +HOSTNAMEIPV4="\ +alice,10.1.0.10 \ +venus,10.1.0.20 \ +moon,192.168.0.1,10.1.0.1 \ +carol,192.168.0.100,10.3.0.1 \ +winnetou,192.168.0.150 \ +dave,192.168.0.200,10.3.0.2 \ +sun,192.168.0.2,10.2.0.1 \ +bob,10.2.0.10" + +HOSTNAMEIPV6="\ +alice,fec1::10 \ +venus,fec1::20 \ +moon,fec0::1,fec1::1 \ +carol,fec0::10,fec3::1 \ +winnetou,fec0::15 \ +dave,fec0::20,fec3::2 \ +sun,fec0::2,fec2::1 \ +bob,fec2::10" ############################################################## # VPN gateways / clients diff --git a/testing/tests/double-nat-net/evaltest.dat b/testing/tests/double-nat-net/evaltest.dat index 41eba6501..d00613c07 100644 --- a/testing/tests/double-nat-net/evaltest.dat +++ b/testing/tests/double-nat-net/evaltest.dat @@ -1,5 +1,5 @@ alice::ipsec status::nat-t.*STATE_QUICK_I2.*IPsec SA established::YES bob::ipsec status::nat-t.*STATE_QUICK_R2.*IPsec SA established::YES -alice::ping -c 1 PH_IP1_SUN::64 bytes from PH_IP1_SUN: icmp_seq=1::YES +alice::ping -c 1 PH_IP_SUN1::64 bytes from PH_IP_SUN1: icmp_seq=1::YES moon::tcpdump::IP moon.strongswan.org.* > sun.strongswan.org.ipsec-nat-t: UDP::YES moon::tcpdump::IP sun.strongswan.org.ipsec-nat-t > moon.strongswan.org.*: UDP::YES diff --git a/testing/tests/ikev2-host2host/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2-host2host/hosts/moon/etc/ipsec.conf index 20ed31f5a..73cbfa50f 100644 --- a/testing/tests/ikev2-host2host/hosts/moon/etc/ipsec.conf +++ b/testing/tests/ikev2-host2host/hosts/moon/etc/ipsec.conf @@ -6,9 +6,11 @@ config setup plutostart=no conn host-host - left=PH_IP_SUN - leftcert=sunCert.pem - right=PH_IP_MOON - rightcert=moonCert.pem + left=PH_IP_MOON + leftcert=moonCert.pem + leftid=@moon.strongswan.org + right=PH_IP_SUN + rightcert=sunCert.pem + rightid=@sun.strongswan.org keyexchange=ikev2 auto=add diff --git a/testing/tests/ikev2-host2host/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2-host2host/hosts/sun/etc/ipsec.conf index e759c8b18..ca8e2a7f4 100644 --- a/testing/tests/ikev2-host2host/hosts/sun/etc/ipsec.conf +++ b/testing/tests/ikev2-host2host/hosts/sun/etc/ipsec.conf @@ -6,9 +6,11 @@ config setup plutostart=no conn host-host - left=PH_IP_MOON - leftcert=moonCert.pem - right=PH_IP_SUN - rightcert=sunCert.pem + left=PH_IP_SUN + leftcert=sunCert.pem + leftid=@sun.strongswan.org + right=PH_IP_MOON + rightcert=moonCert.pem + rightid=@moon.strongswan.org keyexchange=ikev2 auto=add diff --git a/testing/tests/ikev2-ikev1-mixed/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2-ikev1-mixed/hosts/moon/etc/ipsec.conf index dae4cf516..ecdbd329d 100644 --- a/testing/tests/ikev2-ikev1-mixed/hosts/moon/etc/ipsec.conf +++ b/testing/tests/ikev2-ikev1-mixed/hosts/moon/etc/ipsec.conf @@ -2,8 +2,15 @@ version 2.0 # conforms to second version of ipsec.conf specification +config setup + plutodebug=control + crlcheckinterval=180 + conn %default + ikelifetime=60m + keylife=20m left=PH_IP_MOON + leftnexthop=%direct leftcert=moonCert.pem leftid=@moon.strongswan.org leftsubnet=10.1.0.0/16 diff --git a/testing/tests/mode-config-swapped/hosts/moon/etc/ipsec.conf b/testing/tests/mode-config-swapped/hosts/moon/etc/ipsec.conf index a449130cd..eab435d53 100755 --- a/testing/tests/mode-config-swapped/hosts/moon/etc/ipsec.conf +++ b/testing/tests/mode-config-swapped/hosts/moon/etc/ipsec.conf @@ -15,7 +15,7 @@ conn %default keyingtries=1 right=PH_IP_MOON rightsubnet=10.1.0.0/16 - rightsourceip=PH_IP1_MOON + rightsourceip=PH_IP_MOON1 rightnexthop=%direct rightcert=moonCert.pem rightid=@moon.strongswan.org @@ -24,11 +24,11 @@ conn %default conn rw-carol left=%any leftid=carol@strongswan.org - leftsourceip=PH_IP1_CAROL + leftsourceip=PH_IP_CAROL1 auto=add conn rw-dave left=%any leftid=dave@strongswan.org - leftsourceip=PH_IP1_DAVE + leftsourceip=PH_IP_DAVE1 auto=add diff --git a/testing/tests/mode-config-swapped/posttest.dat b/testing/tests/mode-config-swapped/posttest.dat index 932b319a7..f5fa1f375 100644 --- a/testing/tests/mode-config-swapped/posttest.dat +++ b/testing/tests/mode-config-swapped/posttest.dat @@ -7,5 +7,5 @@ dave::ipsec stop moon::/etc/init.d/iptables stop 2> /dev/null carol::/etc/init.d/iptables stop 2> /dev/null dave::/etc/init.d/iptables stop 2> /dev/null -carol::ip addr del PH_IP1_CAROL/32 dev eth0 -dave::ip addr del PH_IP1_DAVE/32 dev eth0 +carol::ip addr del PH_IP_CAROL1/32 dev eth0 +dave::ip addr del PH_IP_DAVE1/32 dev eth0 diff --git a/testing/tests/mode-config/hosts/moon/etc/ipsec.conf b/testing/tests/mode-config/hosts/moon/etc/ipsec.conf index d83b2d976..b7e864f02 100755 --- a/testing/tests/mode-config/hosts/moon/etc/ipsec.conf +++ b/testing/tests/mode-config/hosts/moon/etc/ipsec.conf @@ -15,7 +15,7 @@ conn %default keyingtries=1 left=PH_IP_MOON leftsubnet=10.1.0.0/16 - leftsourceip=PH_IP1_MOON + leftsourceip=PH_IP_MOON1 leftnexthop=%direct leftcert=moonCert.pem leftid=@moon.strongswan.org @@ -24,11 +24,11 @@ conn %default conn rw-carol right=%any rightid=carol@strongswan.org - rightsourceip=PH_IP1_CAROL + rightsourceip=PH_IP_CAROL1 auto=add conn rw-dave right=%any rightid=dave@strongswan.org - rightsourceip=PH_IP1_DAVE + rightsourceip=PH_IP_DAVE1 auto=add diff --git a/testing/tests/mode-config/posttest.dat b/testing/tests/mode-config/posttest.dat index 932b319a7..f5fa1f375 100644 --- a/testing/tests/mode-config/posttest.dat +++ b/testing/tests/mode-config/posttest.dat @@ -7,5 +7,5 @@ dave::ipsec stop moon::/etc/init.d/iptables stop 2> /dev/null carol::/etc/init.d/iptables stop 2> /dev/null dave::/etc/init.d/iptables stop 2> /dev/null -carol::ip addr del PH_IP1_CAROL/32 dev eth0 -dave::ip addr del PH_IP1_DAVE/32 dev eth0 +carol::ip addr del PH_IP_CAROL1/32 dev eth0 +dave::ip addr del PH_IP_DAVE1/32 dev eth0 diff --git a/testing/tests/mode-config/pretest.dat b/testing/tests/mode-config/pretest.dat index 1e45f00fd..bb222992e 100644 --- a/testing/tests/mode-config/pretest.dat +++ b/testing/tests/mode-config/pretest.dat @@ -7,3 +7,4 @@ moon::ipsec start carol::sleep 2 carol::ipsec up home dave::ipsec up home +carol::sleep 1 diff --git a/testing/tests/protoport-dual/evaltest.dat b/testing/tests/protoport-dual/evaltest.dat index 625c8c54c..11c34929f 100644 --- a/testing/tests/protoport-dual/evaltest.dat +++ b/testing/tests/protoport-dual/evaltest.dat @@ -1,7 +1,7 @@ carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES -carol::ping -c 1 PH_IP1_MOON::64 bytes from PH_IP1_MOON: icmp_seq=1::YES +carol::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES carol::ssh -o ConnectTimeout=5 PH_IP_ALICE hostname::alice::YES moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES diff --git a/testing/tests/protoport-pass/evaltest.dat b/testing/tests/protoport-pass/evaltest.dat index 625c8c54c..11c34929f 100644 --- a/testing/tests/protoport-pass/evaltest.dat +++ b/testing/tests/protoport-pass/evaltest.dat @@ -1,7 +1,7 @@ carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES -carol::ping -c 1 PH_IP1_MOON::64 bytes from PH_IP1_MOON: icmp_seq=1::YES +carol::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES carol::ssh -o ConnectTimeout=5 PH_IP_ALICE hostname::alice::YES moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES diff --git a/testing/tests/protoport-route/evaltest.dat b/testing/tests/protoport-route/evaltest.dat index 8f3eb208f..759295675 100644 --- a/testing/tests/protoport-route/evaltest.dat +++ b/testing/tests/protoport-route/evaltest.dat @@ -1,5 +1,5 @@ carol::ping -c 2 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq::YES -carol::ping -c 2 PH_IP1_MOON::64 bytes from PH_IP1_MOON: icmp_seq::YES +carol::ping -c 2 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq::YES carol::ssh PH_IP_ALICE hostname::alice::YES carol::cat /var/log/auth.log::initiate on demand::YES carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES diff --git a/testing/tests/starter-includes/hosts/moon/etc/ipsec.host b/testing/tests/starter-includes/hosts/moon/etc/ipsec.host index e84e5cdc6..acf753cc0 100755 --- a/testing/tests/starter-includes/hosts/moon/etc/ipsec.host +++ b/testing/tests/starter-includes/hosts/moon/etc/ipsec.host @@ -3,7 +3,7 @@ conn %default left=PH_IP_MOON leftsubnet=10.1.0.0/16 - leftsourceip=PH_IP1_MOON + leftsourceip=PH_IP_MOON1 leftnexthop=%direct leftcert=moonCert.pem leftid=@moon.strongswan.org diff --git a/testing/tests/starter-includes/hosts/moon/etc/ipsec.peers/ipsec.carol b/testing/tests/starter-includes/hosts/moon/etc/ipsec.peers/ipsec.carol index 9212a9e96..84bedfef6 100644 --- a/testing/tests/starter-includes/hosts/moon/etc/ipsec.peers/ipsec.carol +++ b/testing/tests/starter-includes/hosts/moon/etc/ipsec.peers/ipsec.carol @@ -3,6 +3,6 @@ conn rw-carol right=%any rightid=carol@strongswan.org - rightsourceip=PH_IP1_CAROL + rightsourceip=PH_IP_CAROL1 auto=add diff --git a/testing/tests/starter-includes/hosts/moon/etc/ipsec.peers/ipsec.dave b/testing/tests/starter-includes/hosts/moon/etc/ipsec.peers/ipsec.dave index 482d15a21..ee021c9be 100644 --- a/testing/tests/starter-includes/hosts/moon/etc/ipsec.peers/ipsec.dave +++ b/testing/tests/starter-includes/hosts/moon/etc/ipsec.peers/ipsec.dave @@ -3,6 +3,6 @@ conn rw-dave right=%any rightid=dave@strongswan.org - rightsourceip=PH_IP1_DAVE + rightsourceip=PH_IP_DAVE1 auto=add diff --git a/testing/tests/starter-includes/posttest.dat b/testing/tests/starter-includes/posttest.dat index 121aa8aea..a646f5c5f 100644 --- a/testing/tests/starter-includes/posttest.dat +++ b/testing/tests/starter-includes/posttest.dat @@ -7,7 +7,7 @@ dave::ipsec stop moon::/etc/init.d/iptables stop 2> /dev/null carol::/etc/init.d/iptables stop 2> /dev/null dave::/etc/init.d/iptables stop 2> /dev/null -carol::ip addr del PH_IP1_CAROL/32 dev eth0 -dave::ip addr del PH_IP1_DAVE/32 dev eth0 +carol::ip addr del PH_IP_CAROL1/32 dev eth0 +dave::ip addr del PH_IP_DAVE1/32 dev eth0 moon::rm /etc/ipsec.connections /etc/ipsec.host moon::rm -r /etc/ipsec.peers diff --git a/testing/tests/starter-includes/pretest.dat b/testing/tests/starter-includes/pretest.dat index 0af79a6d2..b034a0c03 100644 --- a/testing/tests/starter-includes/pretest.dat +++ b/testing/tests/starter-includes/pretest.dat @@ -8,3 +8,4 @@ moon::ipsec start --debug-all carol::sleep 2 carol::ipsec up home dave::ipsec up home +carol::sleep 1 diff --git a/testing/tests/virtual-ip-swapped/evaltest.dat b/testing/tests/virtual-ip-swapped/evaltest.dat index 5160a340f..1e2f9e136 100644 --- a/testing/tests/virtual-ip-swapped/evaltest.dat +++ b/testing/tests/virtual-ip-swapped/evaltest.dat @@ -1,8 +1,8 @@ carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES -carol::ping -c 1 PH_IP1_MOON::64 bytes from PH_IP1_MOON: icmp_seq=1::YES -moon::ping -c 1 PH_IP1_CAROL::64 bytes from PH_IP1_CAROL: icmp_seq=1::YES +carol::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES +moon::ping -c 1 PH_IP_CAROL1::64 bytes from PH_IP_CAROL1: icmp_seq=1::YES moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES alice::tcpdump::IP carol1.strongswan.org > alice.strongswan.org: icmp::YES diff --git a/testing/tests/virtual-ip-swapped/hosts/carol/etc/ipsec.conf b/testing/tests/virtual-ip-swapped/hosts/carol/etc/ipsec.conf index 980552d36..a1a72e3c7 100755 --- a/testing/tests/virtual-ip-swapped/hosts/carol/etc/ipsec.conf +++ b/testing/tests/virtual-ip-swapped/hosts/carol/etc/ipsec.conf @@ -16,7 +16,7 @@ conn %default conn home right=PH_IP_CAROL - rightsourceip=PH_IP1_CAROL + rightsourceip=PH_IP_CAROL1 rightnexthop=%direct rightcert=carolCert.pem rightid=carol@strongswan.org diff --git a/testing/tests/virtual-ip-swapped/hosts/moon/etc/ipsec.conf b/testing/tests/virtual-ip-swapped/hosts/moon/etc/ipsec.conf index 253c2989e..ec4672c59 100755 --- a/testing/tests/virtual-ip-swapped/hosts/moon/etc/ipsec.conf +++ b/testing/tests/virtual-ip-swapped/hosts/moon/etc/ipsec.conf @@ -16,7 +16,7 @@ conn %default conn rw right=PH_IP_MOON - rightsourceip=PH_IP1_MOON + rightsourceip=PH_IP_MOON1 rightnexthop=%direct rightcert=moonCert.pem rightid=@moon.strongswan.org diff --git a/testing/tests/virtual-ip-swapped/posttest.dat b/testing/tests/virtual-ip-swapped/posttest.dat index ac5c7dd82..f6db698b0 100644 --- a/testing/tests/virtual-ip-swapped/posttest.dat +++ b/testing/tests/virtual-ip-swapped/posttest.dat @@ -4,4 +4,4 @@ moon::ipsec stop carol::ipsec stop moon::/etc/init.d/iptables stop 2> /dev/null carol::/etc/init.d/iptables stop 2> /dev/null -carol::ip addr del PH_IP1_CAROL/32 dev eth0 +carol::ip addr del PH_IP_CAROL1/32 dev eth0 diff --git a/testing/tests/virtual-ip/evaltest.dat b/testing/tests/virtual-ip/evaltest.dat index 5160a340f..1e2f9e136 100644 --- a/testing/tests/virtual-ip/evaltest.dat +++ b/testing/tests/virtual-ip/evaltest.dat @@ -1,8 +1,8 @@ carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES -carol::ping -c 1 PH_IP1_MOON::64 bytes from PH_IP1_MOON: icmp_seq=1::YES -moon::ping -c 1 PH_IP1_CAROL::64 bytes from PH_IP1_CAROL: icmp_seq=1::YES +carol::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES +moon::ping -c 1 PH_IP_CAROL1::64 bytes from PH_IP_CAROL1: icmp_seq=1::YES moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES alice::tcpdump::IP carol1.strongswan.org > alice.strongswan.org: icmp::YES diff --git a/testing/tests/virtual-ip/hosts/carol/etc/ipsec.conf b/testing/tests/virtual-ip/hosts/carol/etc/ipsec.conf index 73f2189b0..3a15a5a89 100755 --- a/testing/tests/virtual-ip/hosts/carol/etc/ipsec.conf +++ b/testing/tests/virtual-ip/hosts/carol/etc/ipsec.conf @@ -16,7 +16,7 @@ conn %default conn home left=PH_IP_CAROL - leftsourceip=PH_IP1_CAROL + leftsourceip=PH_IP_CAROL1 leftnexthop=%direct leftcert=carolCert.pem leftid=carol@strongswan.org diff --git a/testing/tests/virtual-ip/hosts/moon/etc/ipsec.conf b/testing/tests/virtual-ip/hosts/moon/etc/ipsec.conf index 5cdd21530..c7a3d4160 100755 --- a/testing/tests/virtual-ip/hosts/moon/etc/ipsec.conf +++ b/testing/tests/virtual-ip/hosts/moon/etc/ipsec.conf @@ -16,7 +16,7 @@ conn %default conn rw left=PH_IP_MOON - leftsourceip=PH_IP1_MOON + leftsourceip=PH_IP_MOON1 leftnexthop=%direct leftcert=moonCert.pem leftid=@moon.strongswan.org diff --git a/testing/tests/virtual-ip/posttest.dat b/testing/tests/virtual-ip/posttest.dat index ac5c7dd82..f6db698b0 100644 --- a/testing/tests/virtual-ip/posttest.dat +++ b/testing/tests/virtual-ip/posttest.dat @@ -4,4 +4,4 @@ moon::ipsec stop carol::ipsec stop moon::/etc/init.d/iptables stop 2> /dev/null carol::/etc/init.d/iptables stop 2> /dev/null -carol::ip addr del PH_IP1_CAROL/32 dev eth0 +carol::ip addr del PH_IP_CAROL1/32 dev eth0 diff --git a/testing/tests/virtual-ip/pretest.dat b/testing/tests/virtual-ip/pretest.dat index 4fe0ee90b..0b2ae8d2b 100644 --- a/testing/tests/virtual-ip/pretest.dat +++ b/testing/tests/virtual-ip/pretest.dat @@ -4,3 +4,4 @@ carol::ipsec start moon::ipsec start carol::sleep 2 carol::ipsec up home +carol::sleep 1 diff --git a/testing/tests/wlan/evaltest.dat b/testing/tests/wlan/evaltest.dat index ccf5d0c8a..06d4a688a 100644 --- a/testing/tests/wlan/evaltest.dat +++ b/testing/tests/wlan/evaltest.dat @@ -3,7 +3,7 @@ venus::ipsec status::wlan.*STATE_QUICK_I2.*IPsec SA established::YES moon::ipsec status::alice.*STATE_QUICK_R2.*IPsec SA established::YES moon::ipsec status::venus.*STATE_QUICK_R2.*IPsec SA established::YES alice::ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES -alice::ping -c 1 PH_IP1_MOON::64 bytes from PH_IP1_MOON: icmp_seq=1::YES +alice::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES alice::ping -c 1 PH_IP_MOON::64 bytes from PH_IP_MOON: icmp_seq=1::YES alice::ping -c 1 PH_IP_SUN::64 bytes from PH_IP_SUN: icmp_seq=1::YES venus::ping -c 1 PH_IP_SUN::64 bytes from PH_IP_SUN: icmp_seq=1::YES diff --git a/testing/tests/wlan/hosts/alice/etc/ipsec.conf b/testing/tests/wlan/hosts/alice/etc/ipsec.conf index 9c3003f43..8d349a42e 100755 --- a/testing/tests/wlan/hosts/alice/etc/ipsec.conf +++ b/testing/tests/wlan/hosts/alice/etc/ipsec.conf @@ -31,7 +31,7 @@ conn wlan leftcert=aliceCert.pem leftid=alice@strongswan.org leftfirewall=yes - right=PH_IP1_MOON + right=PH_IP_MOON1 rightid=@moon.strongswan.org rightsubnet=0.0.0.0/0 auto=add diff --git a/testing/tests/wlan/hosts/moon/etc/ipsec.conf b/testing/tests/wlan/hosts/moon/etc/ipsec.conf index 0a6c491b1..4c189c647 100755 --- a/testing/tests/wlan/hosts/moon/etc/ipsec.conf +++ b/testing/tests/wlan/hosts/moon/etc/ipsec.conf @@ -28,7 +28,7 @@ conn venus auto=add conn wlan - left=PH_IP1_MOON + left=PH_IP_MOON1 leftnexthop=%direct leftsubnet=0.0.0.0/0 leftcert=moonCert.pem diff --git a/testing/tests/wlan/hosts/venus/etc/ipsec.conf b/testing/tests/wlan/hosts/venus/etc/ipsec.conf index bf0f423c6..1c52e5b98 100755 --- a/testing/tests/wlan/hosts/venus/etc/ipsec.conf +++ b/testing/tests/wlan/hosts/venus/etc/ipsec.conf @@ -31,7 +31,7 @@ conn wlan leftcert=venusCert.pem leftid=@venus.strongswan.org leftfirewall=yes - right=PH_IP1_MOON + right=PH_IP_MOON1 rightid=@moon.strongswan.org rightsubnet=0.0.0.0/0 auto=add |