diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2017-11-11 16:42:38 +0100 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2017-11-11 16:42:38 +0100 |
| commit | 74f8ad7fd9565326045ae43949c2c0529c97b0dd (patch) | |
| tree | bd1de68f38d8560f7e10d2a6bbc1b008bb3cc18e /testing/tests/gcrypt-ikev1 | |
| parent | 0d632555130e4f8665c6aeb4de90d0428509a4b8 (diff) | |
| parent | 7df35af7ccc9a7cac683dd7a41313d419b784d78 (diff) | |
| download | strongswan-74f8ad7fd9565326045ae43949c2c0529c97b0dd.tar.bz2 strongswan-74f8ad7fd9565326045ae43949c2c0529c97b0dd.tar.xz | |
Merge branch 'swanctl-testing'
Diffstat (limited to 'testing/tests/gcrypt-ikev1')
10 files changed, 69 insertions, 37 deletions
diff --git a/testing/tests/gcrypt-ikev1/alg-serpent/description.txt b/testing/tests/gcrypt-ikev1/alg-serpent/description.txt index 982efa5ea..28c6adb4b 100644 --- a/testing/tests/gcrypt-ikev1/alg-serpent/description.txt +++ b/testing/tests/gcrypt-ikev1/alg-serpent/description.txt @@ -1,4 +1,4 @@ Roadwarrior <b>carol</b> proposes to gateway <b>moon</b> the strong cipher suite -<b>SERPENT_CBC_256 / HMAC_SHA2_512 / MODP_4096</b> for the IKE protocol and -<b>SERPENT_CBC_256 / HMAC_SHA2_512_256 </b> for ESP packets. A ping from <b>carol</b> to -<b>alice</b> successfully checks the established tunnel. +<b>serpent256-sha512-modp4096</b> for the IKE protocol and <b>serpent256-sha512</b> +for ESP packets. A ping from <b>carol</b> to <b>alice</b> successfully checks the +established tunnel. diff --git a/testing/tests/gcrypt-ikev1/alg-serpent/hosts/carol/etc/strongswan.conf b/testing/tests/gcrypt-ikev1/alg-serpent/hosts/carol/etc/strongswan.conf index 10c0ac6fb..b5ca668ac 100644 --- a/testing/tests/gcrypt-ikev1/alg-serpent/hosts/carol/etc/strongswan.conf +++ b/testing/tests/gcrypt-ikev1/alg-serpent/hosts/carol/etc/strongswan.conf @@ -1,11 +1,19 @@ # /etc/strongswan.conf - strongSwan configuration file -charon { +swanctl { + load = pem pkcs1 x509 revocation constraints pubkey openssl random +} + +charon-systemd { load = nonce pem pkcs1 gcrypt hmac x509 revocation curl vici kernel-netlink socket-default - start-scripts { - creds = /usr/local/sbin/swanctl --load-creds - conns = /usr/local/sbin/swanctl --load-conns - } + syslog { + daemon { + default = 1 + } + auth { + default = 0 + } + } send_vendor_id = yes } diff --git a/testing/tests/gcrypt-ikev1/alg-serpent/hosts/moon/etc/strongswan.conf b/testing/tests/gcrypt-ikev1/alg-serpent/hosts/moon/etc/strongswan.conf index 6c49b5e9b..41e98d7d7 100644 --- a/testing/tests/gcrypt-ikev1/alg-serpent/hosts/moon/etc/strongswan.conf +++ b/testing/tests/gcrypt-ikev1/alg-serpent/hosts/moon/etc/strongswan.conf @@ -1,11 +1,19 @@ # /etc/strongswan.conf - strongSwan configuration file -charon { +swanctl { + load = pem pkcs1 x509 revocation constraints pubkey openssl random +} + +charon-systemd { load = nonce pem pkcs1 gcrypt hmac x509 revocation vici kernel-netlink socket-default - start-scripts { - creds = /usr/local/sbin/swanctl --load-creds - conns = /usr/local/sbin/swanctl --load-conns + syslog { + daemon { + default = 1 + } + auth { + default = 0 + } } send_vendor_id = yes } diff --git a/testing/tests/gcrypt-ikev1/alg-serpent/posttest.dat b/testing/tests/gcrypt-ikev1/alg-serpent/posttest.dat index 6387dff4f..e9c83e483 100644 --- a/testing/tests/gcrypt-ikev1/alg-serpent/posttest.dat +++ b/testing/tests/gcrypt-ikev1/alg-serpent/posttest.dat @@ -1,2 +1,2 @@ -moon::service charon stop -carol::service charon stop +carol::systemctl stop strongswan-swanctl +moon::systemctl stop strongswan-swanctl
\ No newline at end of file diff --git a/testing/tests/gcrypt-ikev1/alg-serpent/pretest.dat b/testing/tests/gcrypt-ikev1/alg-serpent/pretest.dat index 0f615f4ac..8c6a3ba30 100644 --- a/testing/tests/gcrypt-ikev1/alg-serpent/pretest.dat +++ b/testing/tests/gcrypt-ikev1/alg-serpent/pretest.dat @@ -1,5 +1,5 @@ -moon::service charon start 2> /dev/null -carol::service charon start 2> /dev/null -moon::expect-connection rw -carol::expect-connection home -carol::swanctl --initiate --child home 2> /dev/null +moon::systemctl start strongswan-swanctl +carol::systemctl start strongswan-swanctl +moon::expect-connection rw +carol::expect-connection home +carol::swanctl --initiate --child home 2> /dev/null
\ No newline at end of file diff --git a/testing/tests/gcrypt-ikev1/alg-twofish/description.txt b/testing/tests/gcrypt-ikev1/alg-twofish/description.txt index e1a7403e3..bfef69b5c 100644 --- a/testing/tests/gcrypt-ikev1/alg-twofish/description.txt +++ b/testing/tests/gcrypt-ikev1/alg-twofish/description.txt @@ -1,4 +1,4 @@ Roadwarrior <b>carol</b> proposes to gateway <b>moon</b> the strong cipher suite -<b>TWOFISH_CBC_256 / HMAC_SHA2_512 / MODP_4096</b> for the IKE protocol and -<b>TWOFISH_CBC_256 / HMAC_SHA2_512_256 </b> for ESP packets. A ping from <b>carol</b> to -<b>alice</b> successfully checks the established tunnel. +<b>twofish256-sha512-modp4096</b> for the IKE protocol and <b>twofish256-sha512</b> +for ESP packets. A ping from <b>carol</b> to <b>alice</b> successfully checks the +established tunnel. diff --git a/testing/tests/gcrypt-ikev1/alg-twofish/hosts/carol/etc/strongswan.conf b/testing/tests/gcrypt-ikev1/alg-twofish/hosts/carol/etc/strongswan.conf index 10c0ac6fb..b5ca668ac 100644 --- a/testing/tests/gcrypt-ikev1/alg-twofish/hosts/carol/etc/strongswan.conf +++ b/testing/tests/gcrypt-ikev1/alg-twofish/hosts/carol/etc/strongswan.conf @@ -1,11 +1,19 @@ # /etc/strongswan.conf - strongSwan configuration file -charon { +swanctl { + load = pem pkcs1 x509 revocation constraints pubkey openssl random +} + +charon-systemd { load = nonce pem pkcs1 gcrypt hmac x509 revocation curl vici kernel-netlink socket-default - start-scripts { - creds = /usr/local/sbin/swanctl --load-creds - conns = /usr/local/sbin/swanctl --load-conns - } + syslog { + daemon { + default = 1 + } + auth { + default = 0 + } + } send_vendor_id = yes } diff --git a/testing/tests/gcrypt-ikev1/alg-twofish/hosts/moon/etc/strongswan.conf b/testing/tests/gcrypt-ikev1/alg-twofish/hosts/moon/etc/strongswan.conf index 6c49b5e9b..41e98d7d7 100644 --- a/testing/tests/gcrypt-ikev1/alg-twofish/hosts/moon/etc/strongswan.conf +++ b/testing/tests/gcrypt-ikev1/alg-twofish/hosts/moon/etc/strongswan.conf @@ -1,11 +1,19 @@ # /etc/strongswan.conf - strongSwan configuration file -charon { +swanctl { + load = pem pkcs1 x509 revocation constraints pubkey openssl random +} + +charon-systemd { load = nonce pem pkcs1 gcrypt hmac x509 revocation vici kernel-netlink socket-default - start-scripts { - creds = /usr/local/sbin/swanctl --load-creds - conns = /usr/local/sbin/swanctl --load-conns + syslog { + daemon { + default = 1 + } + auth { + default = 0 + } } send_vendor_id = yes } diff --git a/testing/tests/gcrypt-ikev1/alg-twofish/posttest.dat b/testing/tests/gcrypt-ikev1/alg-twofish/posttest.dat index 6387dff4f..e9c83e483 100644 --- a/testing/tests/gcrypt-ikev1/alg-twofish/posttest.dat +++ b/testing/tests/gcrypt-ikev1/alg-twofish/posttest.dat @@ -1,2 +1,2 @@ -moon::service charon stop -carol::service charon stop +carol::systemctl stop strongswan-swanctl +moon::systemctl stop strongswan-swanctl
\ No newline at end of file diff --git a/testing/tests/gcrypt-ikev1/alg-twofish/pretest.dat b/testing/tests/gcrypt-ikev1/alg-twofish/pretest.dat index 0f615f4ac..b9e2a8eee 100644 --- a/testing/tests/gcrypt-ikev1/alg-twofish/pretest.dat +++ b/testing/tests/gcrypt-ikev1/alg-twofish/pretest.dat @@ -1,5 +1,5 @@ -moon::service charon start 2> /dev/null -carol::service charon start 2> /dev/null -moon::expect-connection rw -carol::expect-connection home +moon::systemctl start strongswan-swanctl +carol::systemctl start strongswan-swanctl +moon::expect-connection rw +carol::expect-connection home carol::swanctl --initiate --child home 2> /dev/null |