diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2014-05-31 20:23:15 +0200 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2014-05-31 21:25:46 +0200 |
commit | 2382d45b1c756cc100314318b47e4953745a060e (patch) | |
tree | c77ced23ed99a718195ef8c9f47ef0014680b78f /testing/tests | |
parent | 59db6660946a92b1919753572b7c6643d3dbe6c4 (diff) | |
download | strongswan-2382d45b1c756cc100314318b47e4953745a060e.tar.bz2 strongswan-2382d45b1c756cc100314318b47e4953745a060e.tar.xz |
Test SWID REST API ins tnc/tnccs-20-pdp scenarios
Diffstat (limited to 'testing/tests')
21 files changed, 161 insertions, 69 deletions
diff --git a/testing/tests/tnc/tnccs-20-pdp-eap/evaltest.dat b/testing/tests/tnc/tnccs-20-pdp-eap/evaltest.dat index 505a4d079..9a477bd04 100644 --- a/testing/tests/tnc/tnccs-20-pdp-eap/evaltest.dat +++ b/testing/tests/tnc/tnccs-20-pdp-eap/evaltest.dat @@ -1,21 +1,28 @@ -carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA signature successful::YES -carol::cat /var/log/daemon.log::PDP server.*aaa.strongswan.org.*is listening on port 271::YES -carol::cat /var/log/daemon.log::PB-TNC access recommendation is .*Access Allowed::YES -carol::cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established::YES -carol::cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.100/32 === 10.1.0.0/28::YES dave:: cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA signature successful::YES dave:: cat /var/log/daemon.log::PDP server.*aaa.strongswan.org.*is listening on port 271::YES +dave:: cat /var/log/daemon.log::collected 372 SWID tags::YES dave:: cat /var/log/daemon.log::PB-TNC access recommendation is .*Quarantined::YES dave:: cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established::YES dave:: cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.200/32 === 10.1.0.16/28::YES -moon:: cat /var/log/daemon.log::received RADIUS attribute Filter-Id: 'allow'::YES -moon:: cat /var/log/daemon.log::RADIUS authentication of 'carol' successful::YES -moon:: cat /var/log/daemon.log::authentication of '192.168.0.100' with EAP successful::YES +carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA signature successful::YES +carol::cat /var/log/daemon.log::PDP server.*aaa.strongswan.org.*is listening on port 271::YES +carol::cat /var/log/daemon.log::collected 373 SWID tag IDs::YES +carol::cat /var/log/daemon.log::collected 1 SWID tag::YES +carol::cat /var/log/daemon.log::PB-TNC access recommendation is .*Access Allowed::YES +carol::cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established::YES +carol::cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.100/32 === 10.1.0.0/28::YES +alice::cat /var/log/daemon.log::user AR identity.*dave.*authenticated by password::YES +alice::cat /var/log/daemon.log::IMV 2 handled SWIDT workitem 3: allow - received inventory of 0 SWID tag IDs and 372 SWID tags::YES +alice::cat /var/log/daemon.log::user AR identity.*carol.*authenticated by password::YES +alice::cat /var/log/daemon.log::IMV 2 handled SWIDT workitem 9: allow - received inventory of 373 SWID tag IDs and 1 SWID tag::YES moon:: cat /var/log/daemon.log::received RADIUS attribute Filter-Id: 'isolate'::YES moon:: cat /var/log/daemon.log::RADIUS authentication of 'dave' successful::YES moon:: cat /var/log/daemon.log::authentication of '192.168.0.200' with EAP successful::YES -moon:: ipsec statusall 2>/dev/null::rw-allow.*10.1.0.0/28 === 192.168.0.100/32::YES +moon:: cat /var/log/daemon.log::received RADIUS attribute Filter-Id: 'allow'::YES +moon:: cat /var/log/daemon.log::RADIUS authentication of 'carol' successful::YES +moon:: cat /var/log/daemon.log::authentication of '192.168.0.100' with EAP successful::YES moon:: ipsec statusall 2>/dev/null::rw-isolate.*10.1.0.16/28 === 192.168.0.200/32::YES +moon:: ipsec statusall 2>/dev/null::rw-allow.*10.1.0.0/28 === 192.168.0.100/32::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_req=1::YES carol::ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_req=1::NO dave:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_req=1::YES diff --git a/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/apache2/sites-available/default b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/apache2/sites-available/default new file mode 100644 index 000000000..f6bf635f4 --- /dev/null +++ b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/apache2/sites-available/default @@ -0,0 +1,24 @@ +WSGIPythonPath /var/www/tnc + +<VirtualHost *:80> + ServerName tnc.strongswan.org + ServerAlias tnc + ServerAdmin webmaster@localhost + + DocumentRoot /var/www/tnc + + <Directory /var/www/tnc/config> + <Files wsgi.py> + Order deny,allow + Allow from all + </Files> + </Directory> + + WSGIScriptAlias / /var/www/tnc/config/wsgi.py + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + + ErrorLog ${APACHE_LOG_DIR}/tnc/error.log + LogLevel warn + CustomLog ${APACHE_LOG_DIR}/tnc/access.log combined +</VirtualHost> diff --git a/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/django.db b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/django.db Binary files differnew file mode 100644 index 000000000..3866bfab0 --- /dev/null +++ b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/django.db diff --git a/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/settings.ini b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/settings.ini new file mode 100644 index 000000000..5d12736eb --- /dev/null +++ b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/strongTNC/settings.ini @@ -0,0 +1,19 @@ +[debug] +DEBUG=1 +TEMPLATE_DEBUG=1 +DEBUG_TOOLBAR=0 + +[db] +DJANGO_DB_URL=sqlite:////etc/strongTNC/django.db +STRONGTNC_DB_URL = sqlite:////etc/pts/config.db + +[localization] +LANGUAGE_CODE=en-us +TIME_ZONE=Europe/Zurich + +[admins] +Your Name: alice@strongswan.org + +[security] +SECRET_KEY=strongSwan + diff --git a/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/strongswan.conf index 1237d233b..a60f1dead 100644 --- a/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/strongswan.conf +++ b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/strongswan.conf @@ -11,7 +11,7 @@ charon { max_message_count = 0 } eap-tnc { - max_message_count = 20 + max_message_count = 0 } tnc-pdp { server = aaa.strongswan.org @@ -26,4 +26,10 @@ libimcv { debug_level = 3 database = sqlite:///etc/pts/config.db policy_script = ipsec imv_policy_manager + + plugins { + imv-swid { + rest_api_uri = http://admin-user:strongSwan@tnc.strongswan.org/api/ + } + } } diff --git a/testing/tests/tnc/tnccs-20-pdp-eap/hosts/carol/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/carol/etc/strongswan.conf index eeb8e42ab..c040f0997 100644 --- a/testing/tests/tnc/tnccs-20-pdp-eap/hosts/carol/etc/strongswan.conf +++ b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/carol/etc/strongswan.conf @@ -8,7 +8,7 @@ charon { max_message_count = 0 } eap-tnc { - max_message_count = 20 + max_message_count = 0 } tnccs-20 { max_batch_size = 32754 @@ -16,4 +16,3 @@ charon { } } } - diff --git a/testing/tests/tnc/tnccs-20-pdp-eap/hosts/dave/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/dave/etc/strongswan.conf index c9cbad966..cd9efeecb 100644 --- a/testing/tests/tnc/tnccs-20-pdp-eap/hosts/dave/etc/strongswan.conf +++ b/testing/tests/tnc/tnccs-20-pdp-eap/hosts/dave/etc/strongswan.conf @@ -8,7 +8,7 @@ charon { max_message_count = 0 } eap-tnc { - max_message_count = 20 + max_message_count = 0 } tnccs-20 { max_batch_size = 32754 @@ -23,6 +23,7 @@ libimcv { push_info = no } imc-swid { + swid_directory = /usr/share swid_pretty = no } } diff --git a/testing/tests/tnc/tnccs-20-pdp-eap/posttest.dat b/testing/tests/tnc/tnccs-20-pdp-eap/posttest.dat index 916e433c0..1e5c3f8cd 100644 --- a/testing/tests/tnc/tnccs-20-pdp-eap/posttest.dat +++ b/testing/tests/tnc/tnccs-20-pdp-eap/posttest.dat @@ -2,6 +2,7 @@ moon::ipsec stop carol::ipsec stop dave::ipsec stop alice::ipsec stop +alice::service apache2 stop alice::rm /etc/pts/config.db moon::iptables-restore < /etc/iptables.flush carol::iptables-restore < /etc/iptables.flush diff --git a/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat b/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat index 6709b8905..6c7477786 100644 --- a/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat +++ b/testing/tests/tnc/tnccs-20-pdp-eap/pretest.dat @@ -8,11 +8,13 @@ carol::echo 0 > /proc/sys/net/ipv4/ip_forward dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/pts/config.db +alice::chgrp www-data /etc/pts/config.db; chmod g+w /etc/pts/config.db +alice::service apache2 start alice::ipsec start moon::ipsec start -carol::ipsec start dave::ipsec start +carol::ipsec start carol::sleep 1 -carol::ipsec up home dave::ipsec up home -dave::sleep 1 +carol::ipsec up home +carol::sleep 1 diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/evaltest.dat b/testing/tests/tnc/tnccs-20-pdp-pt-tls/evaltest.dat index 4be71afb0..9327f51bf 100644 --- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/evaltest.dat +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/evaltest.dat @@ -1,12 +1,19 @@ -alice:: cat /var/log/daemon.log::accepting PT-TLS stream from PH_IP_CAROL::YES -alice:: cat /var/log/daemon.log::SASL PLAIN authentication successful::YES -alice:: cat /var/log/daemon.log::SASL client identity is.*carol::YES -alice:: cat /var/log/daemon.log::user AR identity.*carol.*authenticated by password::YES -alice:: cat /var/log/daemon.log::received SWID tag ID inventory for request 6 at eid 1 of epoch::YES -alice:: cat /var/log/daemon.log::regid.2004-03.org.strongswan_strongSwan-::YES -alice:: cat /var/log/daemon.log::accepting PT-TLS stream from PH_IP_DAVE::YES -alice:: cat /var/log/daemon.log::checking certificate status of.*C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org::YES -alice:: cat /var/log/daemon.log::certificate status is good::YES -alice:: cat /var/log/daemon.log::skipping SASL, client already authenticated by TLS certificate::YES -alice:: cat /var/log/daemon.log::user AR identity.*C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org.*authenticated by certificate::YES -alice:: cat /var/log/daemon.log::received SWID tag inventory for request 11 at eid 1 of epoch::YES +dave:: cat /var/log/auth.log::sending TLS CertificateVerify handshake::YES +dave:: cat /var/log/auth.log::collected 372 SWID tags::YES +carol::cat /var/log/auth.log::received SASL Success result::YES +carol::cat /var/log/auth.log::collected 373 SWID tag IDs::YES +carol::cat /var/log/auth.log::collected 1 SWID tag::YES +alice::cat /var/log/daemon.log::accepting PT-TLS stream from PH_IP_DAVE::YES +alice::cat /var/log/daemon.log::checking certificate status of.*C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org::YES +alice::cat /var/log/daemon.log::certificate status is good::YES +alice::cat /var/log/daemon.log::skipping SASL, client already authenticated by TLS certificate::YES +alice::cat /var/log/daemon.log::user AR identity.*C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org.*authenticated by certificate::YES +alice::cat /var/log/daemon.log::received SWID tag inventory with 372 items for request 3 at eid 1 of epoch::YES +alice::cat /var/log/daemon.log::accepting PT-TLS stream from PH_IP_CAROL::YES +alice::cat /var/log/daemon.log::SASL PLAIN authentication successful::YES +alice::cat /var/log/daemon.log::SASL client identity is.*carol::YES +alice::cat /var/log/daemon.log::user AR identity.*carol.*authenticated by password::YES +alice::cat /var/log/daemon.log::received SWID tag ID inventory with 373 items for request 9 at eid 1 of epoch::YES +alice::cat /var/log/daemon.log::1 SWID tag target::YES +alice::cat /var/log/daemon.log::received SWID tag inventory with 1 item for request 9 at eid 1 of epoch::YES +alice::cat /var/log/daemon.log::regid.2004-03.org.strongswan_strongSwan-::YES diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/apache2/sites-available/default b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/apache2/sites-available/default new file mode 100644 index 000000000..f6bf635f4 --- /dev/null +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/apache2/sites-available/default @@ -0,0 +1,24 @@ +WSGIPythonPath /var/www/tnc + +<VirtualHost *:80> + ServerName tnc.strongswan.org + ServerAlias tnc + ServerAdmin webmaster@localhost + + DocumentRoot /var/www/tnc + + <Directory /var/www/tnc/config> + <Files wsgi.py> + Order deny,allow + Allow from all + </Files> + </Directory> + + WSGIScriptAlias / /var/www/tnc/config/wsgi.py + WSGIApplicationGroup %{GLOBAL} + WSGIPassAuthorization On + + ErrorLog ${APACHE_LOG_DIR}/tnc/error.log + LogLevel warn + CustomLog ${APACHE_LOG_DIR}/tnc/access.log combined +</VirtualHost> diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/iptables.rules b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/iptables.rules index 5b275392b..1586214d8 100644 --- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/iptables.rules +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/iptables.rules @@ -5,6 +5,10 @@ -P OUTPUT DROP -P FORWARD DROP +# open loopback interface +-A INPUT -i lo -j ACCEPT +-A OUTPUT -o lo -j ACCEPT + # allow PT-TLS -A INPUT -i eth0 -p tcp --dport 271 -j ACCEPT -A OUTPUT -o eth0 -p tcp --sport 271 -j ACCEPT diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/django.db b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/django.db Binary files differnew file mode 100644 index 000000000..3866bfab0 --- /dev/null +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/django.db diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/settings.ini b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/settings.ini new file mode 100644 index 000000000..5d12736eb --- /dev/null +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongTNC/settings.ini @@ -0,0 +1,19 @@ +[debug] +DEBUG=1 +TEMPLATE_DEBUG=1 +DEBUG_TOOLBAR=0 + +[db] +DJANGO_DB_URL=sqlite:////etc/strongTNC/django.db +STRONGTNC_DB_URL = sqlite:////etc/pts/config.db + +[localization] +LANGUAGE_CODE=en-us +TIME_ZONE=Europe/Zurich + +[admins] +Your Name: alice@strongswan.org + +[security] +SECRET_KEY=strongSwan + diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf index 21961d4b1..eb807b189 100644 --- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf @@ -13,16 +13,17 @@ charon { } } -libtnccs { - plugins { - tnccs-20 { - max_batch_size = 131056 - max_message_size = 131024 - } - } +libtls { + suites = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 } libimcv { database = sqlite:///etc/pts/config.db policy_script = ipsec imv_policy_manager + + plugins { + imv-swid { + rest_api_uri = http://admin-user:strongSwan@tnc.strongswan.org/api/ + } + } } diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/carol/etc/pts/options b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/carol/etc/pts/options index f04e9472a..d485e9bf7 100644 --- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/carol/etc/pts/options +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/carol/etc/pts/options @@ -2,4 +2,5 @@ --client carol --secret "Ar3etTnp" --cert /etc/ipsec.d/cacerts/strongswanCert.pem ---debug 2 +--quiet +--debug 2 diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/carol/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/carol/etc/strongswan.conf index 685a65250..29fdf0235 100644 --- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/carol/etc/strongswan.conf +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/carol/etc/strongswan.conf @@ -1,25 +1,5 @@ # /etc/strongswan.conf - strongSwan configuration file -libimcv { - plugins { - imc-os { - push_info = yes - } - imc-swid { - #swid_directory = /usr/share - } - } -} - -libtnccs { - plugins { - tnccs-20 { - max_batch_size = 131056 - max_message_size = 131024 - } - } -} - libtls { suites = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 } diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/dave/etc/pts/options b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/dave/etc/pts/options index 46821ec73..ca3ca3aa1 100644 --- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/dave/etc/pts/options +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/dave/etc/pts/options @@ -3,4 +3,5 @@ --key /etc/ipsec.d/private/daveKey.pem --cert /etc/ipsec.d/certs/daveCert.pem --cert /etc/ipsec.d/cacerts/strongswanCert.pem +--quiet --debug 2 diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/dave/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/dave/etc/strongswan.conf index 4996d0307..0a7f048bf 100644 --- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/dave/etc/strongswan.conf +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/dave/etc/strongswan.conf @@ -6,20 +6,12 @@ libimcv { push_info = no } imc-swid { + swid_directory = /usr/share swid_pretty = yes } } } -libtnccs { - plugins { - tnccs-20 { - max_batch_size = 131056 - max_message_size = 131024 - } - } -} - libtls { suites = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 } diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/posttest.dat b/testing/tests/tnc/tnccs-20-pdp-pt-tls/posttest.dat index c98df8671..b7da857a7 100644 --- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/posttest.dat +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/posttest.dat @@ -2,6 +2,7 @@ carol::ip route del 10.1.0.0/16 via 192.168.0.1 dave::ip route del 10.1.0.0/16 via 192.168.0.1 winnetou::ip route del 10.1.0.0/16 via 192.168.0.1 alice::ipsec stop +alice::service apache2 stop alice::rm /etc/pts/config.db alice::iptables-restore < /etc/iptables.flush carol::iptables-restore < /etc/iptables.flush diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat b/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat index 97ff0c1ec..0918909fa 100644 --- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat +++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat @@ -8,12 +8,15 @@ dave::echo aabbccddeeff11223344556677889900 > /var/lib/dbus/machine-id dave::cat /etc/tnc_config alice::sed -i "s/NOW/`date +%s`/g" /etc/pts/data1.sql alice::cd /usr/local/share/strongswan/templates/database/imv; cat tables.sql data.sql /etc/pts/data1.sql | sqlite3 /etc/pts/config.db +alice::chgrp www-data /etc/pts/config.db; chmod g+w /etc/pts/config.db +alice::service apache2 start alice::ipsec start +alice::sleep 1 winnetou::ip route add 10.1.0.0/16 via 192.168.0.1 -carol::ip route add 10.1.0.0/16 via 192.168.0.1 -carol::cat /etc/pts/options -carol::ipsec pt-tls-client --optionsfrom /etc/pts/options dave::ip route add 10.1.0.0/16 via 192.168.0.1 dave::cat /etc/pts/options dave::ipsec pt-tls-client --optionsfrom /etc/pts/options -dave::sleep 1 +carol::ip route add 10.1.0.0/16 via 192.168.0.1 +carol::cat /etc/pts/options +carol::ipsec pt-tls-client --optionsfrom /etc/pts/options +carol::sleep 1 |