diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2017-10-10 20:51:27 +0200 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2017-11-10 11:49:39 +0100 |
commit | 9375c9c9dbb63056769948cc42284ddcf9730b58 (patch) | |
tree | 1ac8445501440e4e2f3b0aba58588150d5a70b4e /testing/tests/libipsec/net2net-null/hosts/moon/etc | |
parent | 86d1b7a14d87e3ea2efadc18c73d83d69ce15d80 (diff) | |
download | strongswan-9375c9c9dbb63056769948cc42284ddcf9730b58.tar.bz2 strongswan-9375c9c9dbb63056769948cc42284ddcf9730b58.tar.xz |
testing: Converted libipsec/net2net-null to swanctl
Diffstat (limited to 'testing/tests/libipsec/net2net-null/hosts/moon/etc')
3 files changed, 44 insertions, 26 deletions
diff --git a/testing/tests/libipsec/net2net-null/hosts/moon/etc/ipsec.conf b/testing/tests/libipsec/net2net-null/hosts/moon/etc/ipsec.conf deleted file mode 100644 index f206a16fb..000000000 --- a/testing/tests/libipsec/net2net-null/hosts/moon/etc/ipsec.conf +++ /dev/null @@ -1,24 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev2 - ike=null-sha256-modp3072! - esp=null-sha256-modp3072! - mobike=no - -conn net-net - left=PH_IP_MOON - leftcert=moonCert.pem - leftid=@moon.strongswan.org - leftsubnet=10.1.0.0/16 - leftupdown=/etc/updown - right=PH_IP_SUN - rightid=@sun.strongswan.org - rightsubnet=10.2.0.0/16 - auto=add diff --git a/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf index 2beff1b76..3024563e9 100644 --- a/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf +++ b/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf @@ -1,6 +1,19 @@ # /etc/strongswan.conf - strongSwan configuration file -charon { - load = random nonce pem pkcs1 revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown +swanctl { + load = pem pkcs1 x509 revocation constraints pubkey openssl random +} + +charon-systemd { + load = random nonce pem pkcs1 revocation openssl curl vici kernel-libipsec kernel-netlink socket-default updown + + syslog { + daemon { + default = 1 + } + auth { + default = 0 + } + } multiple_authentication = no } diff --git a/testing/tests/libipsec/net2net-null/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/libipsec/net2net-null/hosts/moon/etc/swanctl/swanctl.conf new file mode 100755 index 000000000..15b978249 --- /dev/null +++ b/testing/tests/libipsec/net2net-null/hosts/moon/etc/swanctl/swanctl.conf @@ -0,0 +1,29 @@ +connections { + + gw-gw { + local_addrs = 192.168.0.1 + remote_addrs = 192.168.0.2 + + local { + auth = pubkey + certs = moonCert.pem + id = moon.strongswan.org + } + remote { + auth = pubkey + id = sun.strongswan.org + } + children { + net-net { + local_ts = 10.1.0.0/16 + remote_ts = 10.2.0.0/16 + + updown = /etc/updown + esp_proposals = null-sha256-modp3072 + } + } + version = 2 + mobike = no + proposals = null-sha256-modp3072 + } +} |