diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-11-08 13:50:14 +0100 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-11-14 16:20:51 +0100 |
commit | 99c03e9a110d1adfeab83274b40a5c78f63b4c5f (patch) | |
tree | 27936f4dee37de65fca005437ab9d15edbfee137 /testing/tests/openssl-ikev2 | |
parent | 549b325d9d4504efe9a189328638225e9fcaad3a (diff) | |
download | strongswan-99c03e9a110d1adfeab83274b40a5c78f63b4c5f.tar.bz2 strongswan-99c03e9a110d1adfeab83274b40a5c78f63b4c5f.tar.xz |
testing: make curve25519 the default DH group
Diffstat (limited to 'testing/tests/openssl-ikev2')
12 files changed, 28 insertions, 2 deletions
diff --git a/testing/tests/openssl-ikev2/critical-extension/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev2/critical-extension/hosts/moon/etc/ipsec.conf index 3b065774f..24beedd82 100644 --- a/testing/tests/openssl-ikev2/critical-extension/hosts/moon/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/critical-extension/hosts/moon/etc/ipsec.conf @@ -8,6 +8,8 @@ conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 + ike=aes128-sha256-ecp256! + esp=aes128gcm16! mobike=no conn net-net diff --git a/testing/tests/openssl-ikev2/critical-extension/hosts/sun/etc/ipsec.conf b/testing/tests/openssl-ikev2/critical-extension/hosts/sun/etc/ipsec.conf index 2b4406d75..f176bcd92 100644 --- a/testing/tests/openssl-ikev2/critical-extension/hosts/sun/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/critical-extension/hosts/sun/etc/ipsec.conf @@ -8,6 +8,8 @@ conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 + ike=aes128-sha256-ecp256! + esp=aes128gcm16! mobike=no conn net-net diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.conf b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.conf index dd2ceea60..c562e359c 100644 --- a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.conf @@ -8,6 +8,8 @@ conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 + ike=aes128-sha256-ecp256! + esp=aes128gcm16! conn home left=PH_IP_CAROL diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.conf b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.conf index 4c6e11f16..62a62a463 100644 --- a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.conf @@ -8,6 +8,8 @@ conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 + ike=aes128-sha256-ecp256! + esp=aes128gcm16! conn home left=PH_IP_DAVE diff --git a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.conf index e67d9af9b..c5e5e61b0 100644 --- a/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.conf @@ -8,6 +8,8 @@ conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 + ike=aes128-sha256-ecp256! + esp=aes128gcm16! conn rw left=PH_IP_MOON diff --git a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/ipsec.conf b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/ipsec.conf index dd2ceea60..c562e359c 100644 --- a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/ipsec.conf @@ -8,6 +8,8 @@ conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 + ike=aes128-sha256-ecp256! + esp=aes128gcm16! conn home left=PH_IP_CAROL diff --git a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/ipsec.conf b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/ipsec.conf index 4c6e11f16..62a62a463 100644 --- a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/ipsec.conf @@ -8,6 +8,8 @@ conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 + ike=aes128-sha256-ecp256! + esp=aes128gcm16! conn home left=PH_IP_DAVE diff --git a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/ipsec.conf index e67d9af9b..c5e5e61b0 100644 --- a/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/ipsec.conf @@ -8,6 +8,8 @@ conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 + ike=aes128-sha256-ecp256! + esp=aes128gcm16! conn rw left=PH_IP_MOON diff --git a/testing/tests/openssl-ikev2/net2net-pgp-v3/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev2/net2net-pgp-v3/hosts/moon/etc/ipsec.conf index 7601113ab..fcb9d839f 100644 --- a/testing/tests/openssl-ikev2/net2net-pgp-v3/hosts/moon/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/net2net-pgp-v3/hosts/moon/etc/ipsec.conf @@ -8,7 +8,10 @@ conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 - + ike=aes128-sha256-modp3072! + esp=aes128gcm16! + mobike=no + conn net-net left=PH_IP_MOON leftsubnet=10.1.0.0/16 diff --git a/testing/tests/openssl-ikev2/net2net-pgp-v3/hosts/sun/etc/ipsec.conf b/testing/tests/openssl-ikev2/net2net-pgp-v3/hosts/sun/etc/ipsec.conf index 641c3d929..91d6ef5d8 100644 --- a/testing/tests/openssl-ikev2/net2net-pgp-v3/hosts/sun/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/net2net-pgp-v3/hosts/sun/etc/ipsec.conf @@ -8,6 +8,9 @@ conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 + ike=aes128-sha256-modp3072! + esp=aes128gcm16! + mobike=no conn net-net left=PH_IP_SUN diff --git a/testing/tests/openssl-ikev2/net2net-pkcs12/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev2/net2net-pkcs12/hosts/moon/etc/ipsec.conf index 0296e1804..195710a7f 100644 --- a/testing/tests/openssl-ikev2/net2net-pkcs12/hosts/moon/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/net2net-pkcs12/hosts/moon/etc/ipsec.conf @@ -8,6 +8,8 @@ conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 + ike=aes128-sha256-modp3072! + esp=aes128gcm16! mobike=no conn net-net diff --git a/testing/tests/openssl-ikev2/net2net-pkcs12/hosts/sun/etc/ipsec.conf b/testing/tests/openssl-ikev2/net2net-pkcs12/hosts/sun/etc/ipsec.conf index 6dcedd0e6..292fbeeb6 100644 --- a/testing/tests/openssl-ikev2/net2net-pkcs12/hosts/sun/etc/ipsec.conf +++ b/testing/tests/openssl-ikev2/net2net-pkcs12/hosts/sun/etc/ipsec.conf @@ -6,8 +6,10 @@ conn %default ikelifetime=60m keylife=20m rekeymargin=3m - keyingtries=1 + keyingtries=1 keyexchange=ikev2 + ike=aes128-sha256-modp3072! + esp=aes128gcm16! mobike=no conn net-net |