diff options
| author | Andreas Steffen <andreas.steffen@strongswan.org> | 2008-05-31 08:53:48 +0000 |
|---|---|---|
| committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2008-05-31 08:53:48 +0000 |
| commit | 76340368a6592fee54282d29d80d99264424970f (patch) | |
| tree | d8e9586ab788fee33da784d8d1cdce595ca386ed /testing/tests | |
| parent | fe46d8da371e2e816bd52806c593993d39651763 (diff) | |
| download | strongswan-76340368a6592fee54282d29d80d99264424970f.tar.bz2 strongswan-76340368a6592fee54282d29d80d99264424970f.tar.xz | |
divided ipsec.sql into tables.sql and data.sql
Diffstat (limited to 'testing/tests')
46 files changed, 998 insertions, 6275 deletions
diff --git a/testing/tests/ikev2/ip-pool-db/hosts/moon/etc/ipsec.d/ipsec.sql b/testing/tests/ikev2/ip-pool-db/hosts/moon/etc/ipsec.d/ipsec.sql deleted file mode 100644 index e393337bc..000000000 --- a/testing/tests/ikev2/ip-pool-db/hosts/moon/etc/ipsec.d/ipsec.sql +++ /dev/null @@ -1,203 +0,0 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); diff --git a/testing/tests/ikev2/ip-pool-db/pretest.dat b/testing/tests/ikev2/ip-pool-db/pretest.dat index 2d41ffe24..78ba3f581 100644 --- a/testing/tests/ikev2/ip-pool-db/pretest.dat +++ b/testing/tests/ikev2/ip-pool-db/pretest.dat @@ -1,3 +1,4 @@ +moon::cat /etc/ipsec.d/tables.sql > /etc/ipsec.d/ipsec.sql moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db moon::ipsec pool --add bigpool --start 10.3.0.1 --end 10.3.255.254 --timeout 0 moon::/etc/init.d/iptables start 2> /dev/null diff --git a/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.d/ipsec.sql b/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.d/data.sql index c9f834c94..ca813d44f 100644 --- a/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.d/ipsec.sql b/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.d/data.sql index 2b52acfdb..5233806c7 100644 --- a/testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.d/ipsec.sql b/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.d/data.sql index 36f121ceb..8671f3070 100644 --- a/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/ip-pool-db-expired/pretest.dat b/testing/tests/sql/ip-pool-db-expired/pretest.dat index dd5680ea8..c83449eaf 100644 --- a/testing/tests/sql/ip-pool-db-expired/pretest.dat +++ b/testing/tests/sql/ip-pool-db-expired/pretest.dat @@ -1,6 +1,9 @@ moon::rm /etc/ipsec.d/cacerts/* carol::rm /etc/ipsec.d/cacerts/* dave::rm /etc/ipsec.d/cacerts/* +moon::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +carol::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +dave::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db diff --git a/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.d/ipsec.sql b/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.d/data.sql index c9f834c94..ca813d44f 100644 --- a/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.d/ipsec.sql b/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.d/data.sql index 2b52acfdb..5233806c7 100644 --- a/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.d/ipsec.sql b/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.d/data.sql index 58ffac2df..d250628e7 100644 --- a/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/ip-pool-db-restart/pretest.dat b/testing/tests/sql/ip-pool-db-restart/pretest.dat index da6c4e659..4ecf6347a 100644 --- a/testing/tests/sql/ip-pool-db-restart/pretest.dat +++ b/testing/tests/sql/ip-pool-db-restart/pretest.dat @@ -1,6 +1,9 @@ moon::rm /etc/ipsec.d/cacerts/* carol::rm /etc/ipsec.d/cacerts/* dave::rm /etc/ipsec.d/cacerts/* +moon::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +carol::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +dave::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db diff --git a/testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.d/ipsec.sql b/testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.d/data.sql index c9f834c94..ca813d44f 100644 --- a/testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.d/ipsec.sql b/testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.d/data.sql index 2b52acfdb..5233806c7 100644 --- a/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.d/ipsec.sql b/testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.d/data.sql index 0c61cbfef..b7585f56b 100644 --- a/testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/ip-pool-db/pretest.dat b/testing/tests/sql/ip-pool-db/pretest.dat index 4224f3106..76316f33d 100644 --- a/testing/tests/sql/ip-pool-db/pretest.dat +++ b/testing/tests/sql/ip-pool-db/pretest.dat @@ -1,6 +1,9 @@ moon::rm /etc/ipsec.d/cacerts/* carol::rm /etc/ipsec.d/cacerts/* dave::rm /etc/ipsec.d/cacerts/* +moon::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +carol::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +dave::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db diff --git a/testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.d/ipsec.sql b/testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.d/data.sql index dc2d19dc3..a5e0afcd7 100644 --- a/testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.d/ipsec.sql b/testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.d/data.sql index dc26d14cf..0d772ef10 100644 --- a/testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/net2net-cert/pretest.dat b/testing/tests/sql/net2net-cert/pretest.dat index 9810b0a7b..2ab18542f 100644 --- a/testing/tests/sql/net2net-cert/pretest.dat +++ b/testing/tests/sql/net2net-cert/pretest.dat @@ -1,6 +1,8 @@ moon::rm /etc/ipsec.d/cacerts/* -moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db sun::rm /etc/ipsec.d/cacerts/* +moon::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +sun::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db sun::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db moon::/etc/init.d/iptables start 2> /dev/null sun::/etc/init.d/iptables start 2> /dev/null diff --git a/testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.d/data.sql b/testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.d/data.sql new file mode 100644 index 000000000..aa6e84c48 --- /dev/null +++ b/testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.d/data.sql @@ -0,0 +1,90 @@ +/* Identities */ + +INSERT INTO identities ( + type, data +) VALUES ( /* moon.strongswan.org */ + 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* sun.strongswan.org */ + 2, X'73756e2e7374726f6e677377616e2e6f7267' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* %any */ + 0, '%any' + ); + +/* Shared Secrets */ + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'bfe364c58f4b2d9bf08f8a820b6a3f806ad60c5d9ddb58cb' +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 1 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 2 +); + +/* Configurations */ + +INSERT INTO ike_configs ( + local, remote +) VALUES ( + 'PH_IP_MOON', 'PH_IP_SUN' +); + +INSERT INTO peer_configs ( + name, ike_cfg, local_id, remote_id, auth_method, mobike +) VALUES ( + 'net-net', 1, 1, 2, 2, 0 +); + +INSERT INTO child_configs ( + name, updown +) VALUES ( + 'net-net', 'ipsec _updown iptables' +); + +INSERT INTO peer_config_child_config ( + peer_cfg, child_cfg +) VALUES ( + 1, 1 +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( + 7, X'0a010000', X'0a01ffff' +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( + 7, X'0a020000', X'0a02ffff' +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 1, 0 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 2, 1 +); + diff --git a/testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.d/ipsec.sql b/testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.d/ipsec.sql deleted file mode 100644 index d110219d5..000000000 --- a/testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.d/ipsec.sql +++ /dev/null @@ -1,294 +0,0 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -/* Identities */ - -INSERT INTO identities ( - type, data -) VALUES ( /* moon.strongswan.org */ - 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* sun.strongswan.org */ - 2, X'73756e2e7374726f6e677377616e2e6f7267' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* %any */ - 0, '%any' - ); - -/* Shared Secrets */ - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'bfe364c58f4b2d9bf08f8a820b6a3f806ad60c5d9ddb58cb' -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 1 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 2 -); - -/* Configurations */ - -INSERT INTO ike_configs ( - local, remote -) VALUES ( - 'PH_IP_MOON', 'PH_IP_SUN' -); - -INSERT INTO peer_configs ( - name, ike_cfg, local_id, remote_id, auth_method, mobike -) VALUES ( - 'net-net', 1, 1, 2, 2, 0 -); - -INSERT INTO child_configs ( - name, updown -) VALUES ( - 'net-net', 'ipsec _updown iptables' -); - -INSERT INTO peer_config_child_config ( - peer_cfg, child_cfg -) VALUES ( - 1, 1 -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( - 7, X'0a010000', X'0a01ffff' -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( - 7, X'0a020000', X'0a02ffff' -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 1, 0 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 2, 1 -); - diff --git a/testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.d/data.sql b/testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.d/data.sql new file mode 100644 index 000000000..7c2865fd8 --- /dev/null +++ b/testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.d/data.sql @@ -0,0 +1,84 @@ +/* Identities */ + +INSERT INTO identities ( + type, data +) VALUES ( /* moon.strongswan.org */ + 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* sun.strongswan.org */ + 2, X'73756e2e7374726f6e677377616e2e6f7267' + ); + +/* Shared Secrets */ + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'bfe364c58f4b2d9bf08f8a820b6a3f806ad60c5d9ddb58cb' +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 1 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 2 +); + +/* Configurations */ + +INSERT INTO ike_configs ( + local, remote +) VALUES ( + 'PH_IP_SUN', 'PH_IP_MOON' +); + +INSERT INTO peer_configs ( + name, ike_cfg, local_id, remote_id, auth_method, mobike +) VALUES ( + 'net-net', 1, 2, 1, 2, 0 +); + +INSERT INTO child_configs ( + name, updown +) VALUES ( + 'net-net', 'ipsec _updown iptables' +); + +INSERT INTO peer_config_child_config ( + peer_cfg, child_cfg +) VALUES ( + 1, 1 +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( + 7, X'0a010000', X'0a01ffff' +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( + 7, X'0a020000', X'0a02ffff' +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 2, 0 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 1, 1 +); + diff --git a/testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.d/ipsec.sql b/testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.d/ipsec.sql deleted file mode 100644 index 61e99a93a..000000000 --- a/testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.d/ipsec.sql +++ /dev/null @@ -1,288 +0,0 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -/* Identities */ - -INSERT INTO identities ( - type, data -) VALUES ( /* moon.strongswan.org */ - 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* sun.strongswan.org */ - 2, X'73756e2e7374726f6e677377616e2e6f7267' - ); - -/* Shared Secrets */ - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'bfe364c58f4b2d9bf08f8a820b6a3f806ad60c5d9ddb58cb' -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 1 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 2 -); - -/* Configurations */ - -INSERT INTO ike_configs ( - local, remote -) VALUES ( - 'PH_IP_SUN', 'PH_IP_MOON' -); - -INSERT INTO peer_configs ( - name, ike_cfg, local_id, remote_id, auth_method, mobike -) VALUES ( - 'net-net', 1, 2, 1, 2, 0 -); - -INSERT INTO child_configs ( - name, updown -) VALUES ( - 'net-net', 'ipsec _updown iptables' -); - -INSERT INTO peer_config_child_config ( - peer_cfg, child_cfg -) VALUES ( - 1, 1 -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( - 7, X'0a010000', X'0a01ffff' -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( - 7, X'0a020000', X'0a02ffff' -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 2, 0 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 1, 1 -); - diff --git a/testing/tests/sql/net2net-psk/pretest.dat b/testing/tests/sql/net2net-psk/pretest.dat index e2dca222c..2ab18542f 100644 --- a/testing/tests/sql/net2net-psk/pretest.dat +++ b/testing/tests/sql/net2net-psk/pretest.dat @@ -1,5 +1,7 @@ moon::rm /etc/ipsec.d/cacerts/* sun::rm /etc/ipsec.d/cacerts/* +moon::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +sun::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db sun::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db moon::/etc/init.d/iptables start 2> /dev/null diff --git a/testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.d/data.sql index c223fb8f2..ef9c228e1 100644 --- a/testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.d/data.sql index 1fc923a73..5a4bbd5c0 100644 --- a/testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.d/data.sql index dc23858cf..67570add2 100644 --- a/testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/rw-cert/pretest.dat b/testing/tests/sql/rw-cert/pretest.dat index 4224f3106..76316f33d 100644 --- a/testing/tests/sql/rw-cert/pretest.dat +++ b/testing/tests/sql/rw-cert/pretest.dat @@ -1,6 +1,9 @@ moon::rm /etc/ipsec.d/cacerts/* carol::rm /etc/ipsec.d/cacerts/* dave::rm /etc/ipsec.d/cacerts/* +moon::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +carol::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +dave::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.d/data.sql b/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.d/data.sql new file mode 100644 index 000000000..a5ff52d65 --- /dev/null +++ b/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.d/data.sql @@ -0,0 +1,84 @@ +/* Identities */ + +INSERT INTO identities ( + type, data +) VALUES ( /* 192.168.0.1 */ + 1 , X'c0a80001' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* 192.168.0.100 */ + 1 , X'c0a80064' + ); + +/* Shared Secrets */ + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'16964066a10de938bdb2ab7864fe4459cab1' +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 1 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 2 +); + +/* Configurations */ + +INSERT INTO ike_configs ( + local, remote +) VALUES ( + 'PH_IP_CAROL', 'PH_IP_MOON' +); + +INSERT INTO peer_configs ( + name, ike_cfg, local_id, remote_id, auth_method +) VALUES ( + 'home', 1, 2, 1, 2 +); + +INSERT INTO child_configs ( + name, updown +) VALUES ( + 'home', 'ipsec _updown iptables' +); + +INSERT INTO peer_config_child_config ( + peer_cfg, child_cfg +) VALUES ( + 1, 1 +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( /* 10.1.0.0/16 */ + 7, X'0a010000', X'0a01ffff' +); + +INSERT INTO traffic_selectors ( + type +) VALUES ( /* dynamic/32 */ + 7 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 1, 1 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 2, 2 +); + diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.d/ipsec.sql deleted file mode 100644 index 45fd8cbf1..000000000 --- a/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.d/ipsec.sql +++ /dev/null @@ -1,288 +0,0 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -/* Identities */ - -INSERT INTO identities ( - type, data -) VALUES ( /* 192.168.0.1 */ - 1 , X'c0a80001' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* 192.168.0.100 */ - 1 , X'c0a80064' - ); - -/* Shared Secrets */ - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'16964066a10de938bdb2ab7864fe4459cab1' -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 1 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 2 -); - -/* Configurations */ - -INSERT INTO ike_configs ( - local, remote -) VALUES ( - 'PH_IP_CAROL', 'PH_IP_MOON' -); - -INSERT INTO peer_configs ( - name, ike_cfg, local_id, remote_id, auth_method -) VALUES ( - 'home', 1, 2, 1, 2 -); - -INSERT INTO child_configs ( - name, updown -) VALUES ( - 'home', 'ipsec _updown iptables' -); - -INSERT INTO peer_config_child_config ( - peer_cfg, child_cfg -) VALUES ( - 1, 1 -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( /* 10.1.0.0/16 */ - 7, X'0a010000', X'0a01ffff' -); - -INSERT INTO traffic_selectors ( - type -) VALUES ( /* dynamic/32 */ - 7 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 1, 1 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 2, 2 -); - diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.d/data.sql b/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.d/data.sql new file mode 100644 index 000000000..ac39472f3 --- /dev/null +++ b/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.d/data.sql @@ -0,0 +1,84 @@ +/* Identities */ + +INSERT INTO identities ( + type, data +) VALUES ( /* 192.168.0.1 */ + 1 , X'c0a80001' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* 192.168.0.200 */ + 1 , X'c0a800c8' + ); + +/* Shared Secrets */ + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'8d5cce342174da772c8224a59885deaa118d' +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 1 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 2 +); + +/* Configurations */ + +INSERT INTO ike_configs ( + local, remote +) VALUES ( + 'PH_IP_DAVE', 'PH_IP_MOON' +); + +INSERT INTO peer_configs ( + name, ike_cfg, local_id, remote_id, auth_method +) VALUES ( + 'home', 1, 2, 1, 2 +); + +INSERT INTO child_configs ( + name, updown +) VALUES ( + 'home', 'ipsec _updown iptables' +); + +INSERT INTO peer_config_child_config ( + peer_cfg, child_cfg +) VALUES ( + 1, 1 +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( /* 10.1.0.0/16 */ + 7, X'0a010000', X'0a01ffff' +); + +INSERT INTO traffic_selectors ( + type +) VALUES ( /* dynamic/32 */ + 7 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 1, 1 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 2, 2 +); + diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.d/ipsec.sql deleted file mode 100644 index efb8551ab..000000000 --- a/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.d/ipsec.sql +++ /dev/null @@ -1,288 +0,0 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -/* Identities */ - -INSERT INTO identities ( - type, data -) VALUES ( /* 192.168.0.1 */ - 1 , X'c0a80001' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* 192.168.0.200 */ - 1 , X'c0a800c8' - ); - -/* Shared Secrets */ - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'8d5cce342174da772c8224a59885deaa118d' -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 1 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 2 -); - -/* Configurations */ - -INSERT INTO ike_configs ( - local, remote -) VALUES ( - 'PH_IP_DAVE', 'PH_IP_MOON' -); - -INSERT INTO peer_configs ( - name, ike_cfg, local_id, remote_id, auth_method -) VALUES ( - 'home', 1, 2, 1, 2 -); - -INSERT INTO child_configs ( - name, updown -) VALUES ( - 'home', 'ipsec _updown iptables' -); - -INSERT INTO peer_config_child_config ( - peer_cfg, child_cfg -) VALUES ( - 1, 1 -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( /* 10.1.0.0/16 */ - 7, X'0a010000', X'0a01ffff' -); - -INSERT INTO traffic_selectors ( - type -) VALUES ( /* dynamic/32 */ - 7 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 1, 1 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 2, 2 -); - diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.d/data.sql b/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.d/data.sql new file mode 100644 index 000000000..231b84cb9 --- /dev/null +++ b/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.d/data.sql @@ -0,0 +1,114 @@ +/* Identities */ + +INSERT INTO identities ( + type, data +) VALUES ( /* 192.168.0.1 */ + 1 , X'c0a80001' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* 192.168.0.100 */ + 1 , X'c0a80064' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* 192.168.0.200 */ + 1 , X'c0a800c8' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* %any */ + 0, '%any' +); + +/* Shared Secrets */ + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'16964066a10de938bdb2ab7864fe4459cab1' +); + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'8d5cce342174da772c8224a59885deaa118d' +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 1 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 2 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 2, 1 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 2, 3 +); + +/* Configurations */ + +INSERT INTO ike_configs ( + local, remote +) VALUES ( + 'PH_IP_MOON', '0.0.0.0' +); + +INSERT INTO peer_configs ( + name, ike_cfg, local_id, remote_id, auth_method +) VALUES ( + 'rw', 1, 1, 4, 2 +); + +INSERT INTO child_configs ( + name, updown +) VALUES ( + 'rw', 'ipsec _updown iptables' +); + +INSERT INTO peer_config_child_config ( + peer_cfg, child_cfg +) VALUES ( + 1, 1 +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( /* 10.1.0.0/16 */ + 7, X'0a010000', X'0a01ffff' +); + +INSERT INTO traffic_selectors ( + type +) VALUES ( /* dynamic/32 */ + 7 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 1, 0 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 2, 3 +); + diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.d/ipsec.sql deleted file mode 100644 index da5b2ed9b..000000000 --- a/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.d/ipsec.sql +++ /dev/null @@ -1,318 +0,0 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -/* Identities */ - -INSERT INTO identities ( - type, data -) VALUES ( /* 192.168.0.1 */ - 1 , X'c0a80001' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* 192.168.0.100 */ - 1 , X'c0a80064' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* 192.168.0.200 */ - 1 , X'c0a800c8' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* %any */ - 0, '%any' -); - -/* Shared Secrets */ - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'16964066a10de938bdb2ab7864fe4459cab1' -); - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'8d5cce342174da772c8224a59885deaa118d' -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 1 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 2 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 2, 1 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 2, 3 -); - -/* Configurations */ - -INSERT INTO ike_configs ( - local, remote -) VALUES ( - 'PH_IP_MOON', '0.0.0.0' -); - -INSERT INTO peer_configs ( - name, ike_cfg, local_id, remote_id, auth_method -) VALUES ( - 'rw', 1, 1, 4, 2 -); - -INSERT INTO child_configs ( - name, updown -) VALUES ( - 'rw', 'ipsec _updown iptables' -); - -INSERT INTO peer_config_child_config ( - peer_cfg, child_cfg -) VALUES ( - 1, 1 -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( /* 10.1.0.0/16 */ - 7, X'0a010000', X'0a01ffff' -); - -INSERT INTO traffic_selectors ( - type -) VALUES ( /* dynamic/32 */ - 7 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 1, 0 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 2, 3 -); - diff --git a/testing/tests/sql/rw-psk-ipv4/pretest.dat b/testing/tests/sql/rw-psk-ipv4/pretest.dat index 4224f3106..76316f33d 100644 --- a/testing/tests/sql/rw-psk-ipv4/pretest.dat +++ b/testing/tests/sql/rw-psk-ipv4/pretest.dat @@ -1,6 +1,9 @@ moon::rm /etc/ipsec.d/cacerts/* carol::rm /etc/ipsec.d/cacerts/* dave::rm /etc/ipsec.d/cacerts/* +moon::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +carol::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +dave::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.d/data.sql b/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.d/data.sql new file mode 100644 index 000000000..8cbb82d71 --- /dev/null +++ b/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.d/data.sql @@ -0,0 +1,84 @@ +/* Identities */ + +INSERT INTO identities ( + type, data +) VALUES ( /* fec0::1 */ + 5 , X'fec00000000000000000000000000001' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* fec0::10 */ + 5 , X'fec00000000000000000000000000010' + ); + +/* Shared Secrets */ + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'16964066a10de938bdb2ab7864fe4459cab1' +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 1 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 2 +); + +/* Configurations */ + +INSERT INTO ike_configs ( + local, remote +) VALUES ( + 'PH_IP6_CAROL', 'PH_IP6_MOON' +); + +INSERT INTO peer_configs ( + name, ike_cfg, local_id, remote_id, auth_method +) VALUES ( + 'home', 1, 2, 1, 2 +); + +INSERT INTO child_configs ( + name, updown +) VALUES ( + 'home', 'ipsec _updown iptables' +); + +INSERT INTO peer_config_child_config ( + peer_cfg, child_cfg +) VALUES ( + 1, 1 +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( /* fec1::/16 */ + 8, X'fec10000000000000000000000000000', X'fec1ffffffffffffffffffffffffffff' +); + +INSERT INTO traffic_selectors ( + type +) VALUES ( /* dynamic/128 */ + 8 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 1, 1 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 2, 2 +); + diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.d/ipsec.sql deleted file mode 100644 index 715c6d2e4..000000000 --- a/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.d/ipsec.sql +++ /dev/null @@ -1,288 +0,0 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -/* Identities */ - -INSERT INTO identities ( - type, data -) VALUES ( /* fec0::1 */ - 5 , X'fec00000000000000000000000000001' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* fec0::10 */ - 5 , X'fec00000000000000000000000000010' - ); - -/* Shared Secrets */ - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'16964066a10de938bdb2ab7864fe4459cab1' -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 1 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 2 -); - -/* Configurations */ - -INSERT INTO ike_configs ( - local, remote -) VALUES ( - 'PH_IP6_CAROL', 'PH_IP6_MOON' -); - -INSERT INTO peer_configs ( - name, ike_cfg, local_id, remote_id, auth_method -) VALUES ( - 'home', 1, 2, 1, 2 -); - -INSERT INTO child_configs ( - name, updown -) VALUES ( - 'home', 'ipsec _updown iptables' -); - -INSERT INTO peer_config_child_config ( - peer_cfg, child_cfg -) VALUES ( - 1, 1 -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( /* fec1::/16 */ - 8, X'fec10000000000000000000000000000', X'fec1ffffffffffffffffffffffffffff' -); - -INSERT INTO traffic_selectors ( - type -) VALUES ( /* dynamic/128 */ - 8 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 1, 1 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 2, 2 -); - diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.d/data.sql b/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.d/data.sql new file mode 100644 index 000000000..87055a216 --- /dev/null +++ b/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.d/data.sql @@ -0,0 +1,84 @@ +/* Identities */ + +INSERT INTO identities ( + type, data +) VALUES ( /* fec0::1 */ + 5 , X'fec00000000000000000000000000001' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* fec0::20 */ + 5 , X'fec00000000000000000000000000020' + ); + +/* Shared Secrets */ + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'8d5cce342174da772c8224a59885deaa118d' +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 1 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 2 +); + +/* Configurations */ + +INSERT INTO ike_configs ( + local, remote +) VALUES ( + 'PH_IP6_DAVE', 'PH_IP6_MOON' +); + +INSERT INTO peer_configs ( + name, ike_cfg, local_id, remote_id, auth_method +) VALUES ( + 'home', 1, 2, 1, 2 +); + +INSERT INTO child_configs ( + name, updown +) VALUES ( + 'home', 'ipsec _updown iptables' +); + +INSERT INTO peer_config_child_config ( + peer_cfg, child_cfg +) VALUES ( + 1, 1 +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( /* fec1::/16 */ + 8, X'fec10000000000000000000000000000', X'fec1ffffffffffffffffffffffffffff' +); + +INSERT INTO traffic_selectors ( + type +) VALUES ( /* dynamic/128 */ + 8 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 1, 1 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 2, 2 +); + diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.d/ipsec.sql deleted file mode 100644 index f23baa32c..000000000 --- a/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.d/ipsec.sql +++ /dev/null @@ -1,288 +0,0 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -/* Identities */ - -INSERT INTO identities ( - type, data -) VALUES ( /* fec0::1 */ - 5 , X'fec00000000000000000000000000001' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* fec0::20 */ - 5 , X'fec00000000000000000000000000020' - ); - -/* Shared Secrets */ - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'8d5cce342174da772c8224a59885deaa118d' -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 1 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 2 -); - -/* Configurations */ - -INSERT INTO ike_configs ( - local, remote -) VALUES ( - 'PH_IP6_DAVE', 'PH_IP6_MOON' -); - -INSERT INTO peer_configs ( - name, ike_cfg, local_id, remote_id, auth_method -) VALUES ( - 'home', 1, 2, 1, 2 -); - -INSERT INTO child_configs ( - name, updown -) VALUES ( - 'home', 'ipsec _updown iptables' -); - -INSERT INTO peer_config_child_config ( - peer_cfg, child_cfg -) VALUES ( - 1, 1 -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( /* fec1::/16 */ - 8, X'fec10000000000000000000000000000', X'fec1ffffffffffffffffffffffffffff' -); - -INSERT INTO traffic_selectors ( - type -) VALUES ( /* dynamic/128 */ - 8 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 1, 1 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 2, 2 -); - diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.d/data.sql b/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.d/data.sql new file mode 100644 index 000000000..2479bea12 --- /dev/null +++ b/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.d/data.sql @@ -0,0 +1,114 @@ +/* Identities */ + +INSERT INTO identities ( + type, data +) VALUES ( /* fec0::1 */ + 5 , X'fec00000000000000000000000000001' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* fec0::10 */ + 5 , X'fec00000000000000000000000000010' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* fec0::20 */ + 5 , X'fec00000000000000000000000000020' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* %any */ + 0, '%any' +); + +/* Shared Secrets */ + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'16964066a10de938bdb2ab7864fe4459cab1' +); + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'8d5cce342174da772c8224a59885deaa118d' +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 1 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 2 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 2, 1 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 2, 3 +); + +/* Configurations */ + +INSERT INTO ike_configs ( + local, remote +) VALUES ( + 'PH_IP6_MOON', '0::0' +); + +INSERT INTO peer_configs ( + name, ike_cfg, local_id, remote_id, auth_method +) VALUES ( + 'rw', 1, 1, 4, 2 +); + +INSERT INTO child_configs ( + name, updown +) VALUES ( + 'rw', 'ipsec _updown iptables' +); + +INSERT INTO peer_config_child_config ( + peer_cfg, child_cfg +) VALUES ( + 1, 1 +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( /* fec1::/16 */ + 8, X'fec10000000000000000000000000000', X'fec1ffffffffffffffffffffffffffff' +); + +INSERT INTO traffic_selectors ( + type +) VALUES ( /* dynamic/128 */ + 8 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 1, 0 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 2, 3 +); + diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.d/ipsec.sql deleted file mode 100644 index 13ff0b5da..000000000 --- a/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.d/ipsec.sql +++ /dev/null @@ -1,318 +0,0 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -/* Identities */ - -INSERT INTO identities ( - type, data -) VALUES ( /* fec0::1 */ - 5 , X'fec00000000000000000000000000001' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* fec0::10 */ - 5 , X'fec00000000000000000000000000010' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* fec0::20 */ - 5 , X'fec00000000000000000000000000020' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* %any */ - 0, '%any' -); - -/* Shared Secrets */ - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'16964066a10de938bdb2ab7864fe4459cab1' -); - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'8d5cce342174da772c8224a59885deaa118d' -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 1 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 2 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 2, 1 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 2, 3 -); - -/* Configurations */ - -INSERT INTO ike_configs ( - local, remote -) VALUES ( - 'PH_IP6_MOON', '0::0' -); - -INSERT INTO peer_configs ( - name, ike_cfg, local_id, remote_id, auth_method -) VALUES ( - 'rw', 1, 1, 4, 2 -); - -INSERT INTO child_configs ( - name, updown -) VALUES ( - 'rw', 'ipsec _updown iptables' -); - -INSERT INTO peer_config_child_config ( - peer_cfg, child_cfg -) VALUES ( - 1, 1 -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( /* fec1::/16 */ - 8, X'fec10000000000000000000000000000', X'fec1ffffffffffffffffffffffffffff' -); - -INSERT INTO traffic_selectors ( - type -) VALUES ( /* dynamic/128 */ - 8 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 1, 0 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 2, 3 -); - diff --git a/testing/tests/sql/rw-psk-ipv6/pretest.dat b/testing/tests/sql/rw-psk-ipv6/pretest.dat index 32cb2e5cb..253438dbf 100644 --- a/testing/tests/sql/rw-psk-ipv6/pretest.dat +++ b/testing/tests/sql/rw-psk-ipv6/pretest.dat @@ -1,6 +1,9 @@ moon::rm /etc/ipsec.d/cacerts/* carol::rm /etc/ipsec.d/cacerts/* dave::rm /etc/ipsec.d/cacerts/* +moon::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +carol::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +dave::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db diff --git a/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.d/data.sql b/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.d/data.sql new file mode 100644 index 000000000..31c6bf81f --- /dev/null +++ b/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.d/data.sql @@ -0,0 +1,116 @@ +/* Identities */ + +INSERT INTO identities ( + type, data +) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */ + 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */ + 202, X'ae096b87b44886d3b820978623dabd0eae22ebbc' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* carol@strongswan.org */ + 3, X'6361726f6c407374726f6e677377616e2e6f7267' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* moon.strongswan.org */ + 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267' + ); + +/* Certificates */ + +INSERT INTO certificates ( + type, keytype, data +) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */ + 1, 1, X'308203b53082029da003020102020100300d06092a864886f70d01010405003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303131303134355a170d3134303930383131303134355a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381af3081ac300f0603551d130101ff040530030101ff300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d010104050003820101009ad74e3e60592dfb9b21c78628bd76b63090c1720c74bf94753cad6fddadc9c776eb39d3bfaa52136bf528840078386308fcf79503bd3d1ad6c15ac38e10c846bff7888a03cfe7fa0e644b522b2af5aedf0bbc508dc48330a180757772771095059b2be148f58dc0c753b59e9d6bfb02e9b685a928a284531b187313fd2b835bc9ea27d0020739a8d485e88bdede9a45cde6d28ed553b0e8e92dabf877bed59abf9d151f15e4f2d00b5e6e49fcb665293d2296697926c2954dae367542ef6e98053e76d2728732f6ce69f284f0b856aa6c2823a9ee29b280a66f50828f9b5cf27f84feca3c31c24897db156c7a833768ab306f51286457a51f09dd53bbb4190f' +); + +INSERT INTO certificate_identity ( + certificate, identity +) VALUES ( + 1, 1 +); + +INSERT INTO certificate_identity ( + certificate, identity +) VALUES ( + 1, 2 +); + +/* Shared Secrets */ + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'16964066a10de938bdb2ab7864fe4459cab1' +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 3 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 4 +); + +/* Configurations */ + +INSERT INTO ike_configs ( + local, remote +) VALUES ( + 'PH_IP_CAROL', 'PH_IP_MOON' +); + +INSERT INTO peer_configs ( + name, ike_cfg, local_id, remote_id, auth_method +) VALUES ( + 'home', 1, 3, 4, 2 +); + +INSERT INTO child_configs ( + name, updown +) VALUES ( + 'home', 'ipsec _updown iptables' +); + +INSERT INTO peer_config_child_config ( + peer_cfg, child_cfg +) VALUES ( + 1, 1 +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( /* 10.1.0.0/16 */ + 7, X'0a010000', X'0a01ffff' +); + +INSERT INTO traffic_selectors ( + type +) VALUES ( /* dynamic/32 */ + 7 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 1, 1 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 2, 2 +); + diff --git a/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.d/ipsec.sql deleted file mode 100644 index 61ffeeb46..000000000 --- a/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.d/ipsec.sql +++ /dev/null @@ -1,320 +0,0 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -/* Identities */ - -INSERT INTO identities ( - type, data -) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */ - 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */ - 202, X'ae096b87b44886d3b820978623dabd0eae22ebbc' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* carol@strongswan.org */ - 3, X'6361726f6c407374726f6e677377616e2e6f7267' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* moon.strongswan.org */ - 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267' - ); - -/* Certificates */ - -INSERT INTO certificates ( - type, keytype, data -) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */ - 1, 1, X'308203b53082029da003020102020100300d06092a864886f70d01010405003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303131303134355a170d3134303930383131303134355a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381af3081ac300f0603551d130101ff040530030101ff300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d010104050003820101009ad74e3e60592dfb9b21c78628bd76b63090c1720c74bf94753cad6fddadc9c776eb39d3bfaa52136bf528840078386308fcf79503bd3d1ad6c15ac38e10c846bff7888a03cfe7fa0e644b522b2af5aedf0bbc508dc48330a180757772771095059b2be148f58dc0c753b59e9d6bfb02e9b685a928a284531b187313fd2b835bc9ea27d0020739a8d485e88bdede9a45cde6d28ed553b0e8e92dabf877bed59abf9d151f15e4f2d00b5e6e49fcb665293d2296697926c2954dae367542ef6e98053e76d2728732f6ce69f284f0b856aa6c2823a9ee29b280a66f50828f9b5cf27f84feca3c31c24897db156c7a833768ab306f51286457a51f09dd53bbb4190f' -); - -INSERT INTO certificate_identity ( - certificate, identity -) VALUES ( - 1, 1 -); - -INSERT INTO certificate_identity ( - certificate, identity -) VALUES ( - 1, 2 -); - -/* Shared Secrets */ - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'16964066a10de938bdb2ab7864fe4459cab1' -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 3 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 4 -); - -/* Configurations */ - -INSERT INTO ike_configs ( - local, remote -) VALUES ( - 'PH_IP_CAROL', 'PH_IP_MOON' -); - -INSERT INTO peer_configs ( - name, ike_cfg, local_id, remote_id, auth_method -) VALUES ( - 'home', 1, 3, 4, 2 -); - -INSERT INTO child_configs ( - name, updown -) VALUES ( - 'home', 'ipsec _updown iptables' -); - -INSERT INTO peer_config_child_config ( - peer_cfg, child_cfg -) VALUES ( - 1, 1 -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( /* 10.1.0.0/16 */ - 7, X'0a010000', X'0a01ffff' -); - -INSERT INTO traffic_selectors ( - type -) VALUES ( /* dynamic/32 */ - 7 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 1, 1 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 2, 2 -); - diff --git a/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.d/data.sql b/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.d/data.sql new file mode 100644 index 000000000..e12ca449d --- /dev/null +++ b/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.d/data.sql @@ -0,0 +1,117 @@ +/* Identities */ + +INSERT INTO identities ( + type, data +) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */ + 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */ + 202, X'ae096b87b44886d3b820978623dabd0eae22ebbc' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* dave@strongswan.org */ + 3, X'64617665407374726f6e677377616e2e6f7267' + ); + +INSERT INTO identities ( + type, data +) VALUES ( /* moon.strongswan.org */ + 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267' + ); + +/* Certificates */ + +INSERT INTO certificates ( + type, keytype, data +) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */ + 1, 1, X'308203b53082029da003020102020100300d06092a864886f70d01010405003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303131303134355a170d3134303930383131303134355a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381af3081ac300f0603551d130101ff040530030101ff300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d010104050003820101009ad74e3e60592dfb9b21c78628bd76b63090c1720c74bf94753cad6fddadc9c776eb39d3bfaa52136bf528840078386308fcf79503bd3d1ad6c15ac38e10c846bff7888a03cfe7fa0e644b522b2af5aedf0bbc508dc48330a180757772771095059b2be148f58dc0c753b59e9d6bfb02e9b685a928a284531b187313fd2b835bc9ea27d0020739a8d485e88bdede9a45cde6d28ed553b0e8e92dabf877bed59abf9d151f15e4f2d00b5e6e49fcb665293d2296697926c2954dae367542ef6e98053e76d2728732f6ce69f284f0b856aa6c2823a9ee29b280a66f50828f9b5cf27f84feca3c31c24897db156c7a833768ab306f51286457a51f09dd53bbb4190f' +); + +INSERT INTO certificate_identity ( + certificate, identity +) VALUES ( + 1, 1 +); + +INSERT INTO certificate_identity ( + certificate, identity +) VALUES ( + 1, 2 +); + +/* Shared Secrets */ + +INSERT INTO shared_secrets ( + type, data +) VALUES ( + 1, X'8d5cce342174da772c8224a59885deaa118d' +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 3 +); + +INSERT INTO shared_secret_identity ( + shared_secret, identity +) VALUES ( + 1, 4 +); + + +/* Configurations */ + +INSERT INTO ike_configs ( + local, remote +) VALUES ( + 'PH_IP_DAVE', 'PH_IP_MOON' +); + +INSERT INTO peer_configs ( + name, ike_cfg, local_id, remote_id, auth_method +) VALUES ( + 'home', 1, 3, 4, 2 +); + +INSERT INTO child_configs ( + name, updown +) VALUES ( + 'home', 'ipsec _updown iptables' +); + +INSERT INTO peer_config_child_config ( + peer_cfg, child_cfg +) VALUES ( + 1, 1 +); + +INSERT INTO traffic_selectors ( + type, start_addr, end_addr +) VALUES ( /* 10.1.0.0/16 */ + 7, X'0a010000', X'0a01ffff' +); + +INSERT INTO traffic_selectors ( + type +) VALUES ( /* dynamic/32 */ + 7 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 1, 1 +); + +INSERT INTO child_config_traffic_selector ( + child_cfg, traffic_selector, kind +) VALUES ( + 1, 2, 2 +); + diff --git a/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.d/ipsec.sql deleted file mode 100644 index 0a9bdebec..000000000 --- a/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.d/ipsec.sql +++ /dev/null @@ -1,321 +0,0 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -/* Identities */ - -INSERT INTO identities ( - type, data -) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */ - 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */ - 202, X'ae096b87b44886d3b820978623dabd0eae22ebbc' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* dave@strongswan.org */ - 3, X'64617665407374726f6e677377616e2e6f7267' - ); - -INSERT INTO identities ( - type, data -) VALUES ( /* moon.strongswan.org */ - 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267' - ); - -/* Certificates */ - -INSERT INTO certificates ( - type, keytype, data -) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */ - 1, 1, X'308203b53082029da003020102020100300d06092a864886f70d01010405003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303131303134355a170d3134303930383131303134355a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381af3081ac300f0603551d130101ff040530030101ff300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d010104050003820101009ad74e3e60592dfb9b21c78628bd76b63090c1720c74bf94753cad6fddadc9c776eb39d3bfaa52136bf528840078386308fcf79503bd3d1ad6c15ac38e10c846bff7888a03cfe7fa0e644b522b2af5aedf0bbc508dc48330a180757772771095059b2be148f58dc0c753b59e9d6bfb02e9b685a928a284531b187313fd2b835bc9ea27d0020739a8d485e88bdede9a45cde6d28ed553b0e8e92dabf877bed59abf9d151f15e4f2d00b5e6e49fcb665293d2296697926c2954dae367542ef6e98053e76d2728732f6ce69f284f0b856aa6c2823a9ee29b280a66f50828f9b5cf27f84feca3c31c24897db156c7a833768ab306f51286457a51f09dd53bbb4190f' -); - -INSERT INTO certificate_identity ( - certificate, identity -) VALUES ( - 1, 1 -); - -INSERT INTO certificate_identity ( - certificate, identity -) VALUES ( - 1, 2 -); - -/* Shared Secrets */ - -INSERT INTO shared_secrets ( - type, data -) VALUES ( - 1, X'8d5cce342174da772c8224a59885deaa118d' -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 3 -); - -INSERT INTO shared_secret_identity ( - shared_secret, identity -) VALUES ( - 1, 4 -); - - -/* Configurations */ - -INSERT INTO ike_configs ( - local, remote -) VALUES ( - 'PH_IP_DAVE', 'PH_IP_MOON' -); - -INSERT INTO peer_configs ( - name, ike_cfg, local_id, remote_id, auth_method -) VALUES ( - 'home', 1, 3, 4, 2 -); - -INSERT INTO child_configs ( - name, updown -) VALUES ( - 'home', 'ipsec _updown iptables' -); - -INSERT INTO peer_config_child_config ( - peer_cfg, child_cfg -) VALUES ( - 1, 1 -); - -INSERT INTO traffic_selectors ( - type, start_addr, end_addr -) VALUES ( /* 10.1.0.0/16 */ - 7, X'0a010000', X'0a01ffff' -); - -INSERT INTO traffic_selectors ( - type -) VALUES ( /* dynamic/32 */ - 7 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 1, 1 -); - -INSERT INTO child_config_traffic_selector ( - child_cfg, traffic_selector, kind -) VALUES ( - 1, 2, 2 -); - diff --git a/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.d/ipsec.sql b/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.d/data.sql index 07e205b88..4f66841fa 100644 --- a/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.d/ipsec.sql +++ b/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.d/data.sql @@ -1,207 +1,3 @@ -/* strongSwan SQLite database */ - -DROP TABLE IF EXISTS identities; -CREATE TABLE identities ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL, - UNIQUE (type, data) -); - -DROP TABLE IF EXISTS child_configs; -CREATE TABLE child_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - lifetime INTEGER NOT NULL DEFAULT '1200', - rekeytime INTEGER NOT NULL DEFAULT '1020', - jitter INTEGER NOT NULL DEFAULT '180', - updown TEXT DEFAULT NULL, - hostaccess INTEGER NOT NULL DEFAULT '0', - mode INTEGER NOT NULL DEFAULT '1', - dpd_action INTEGER NOT NULL DEFAULT '0', - close_action INTEGER NOT NULL DEFAULT '0', - ipcomp INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS child_configs_name; -CREATE INDEX child_configs_name ON child_configs ( - name -); - -DROP TABLE IF EXISTS child_config_traffic_selector; -CREATE TABLE child_config_traffic_selector ( - child_cfg INTEGER NOT NULL, - traffic_selector INTEGER NOT NULL, - kind INTEGER NOT NULL -); -DROP INDEX IF EXISTS child_config_traffic_selector; -CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector ( - child_cfg, traffic_selector -); - -DROP TABLE IF EXISTS ike_configs; -CREATE TABLE ike_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - certreq INTEGER NOT NULL DEFAULT '1', - force_encap INTEGER NOT NULL DEFAULT '0', - local TEXT NOT NULL, - remote TEXT NOT NULL -); - -DROP TABLE IF EXISTS peer_configs; -CREATE TABLE peer_configs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - ike_version INTEGER NOT NULL DEFAULT '2', - ike_cfg INTEGER NOT NULL, - local_id TEXT NOT NULL, - remote_id TEXT NOT NULL, - cert_policy INTEGER NOT NULL DEFAULT '1', - uniqueid INTEGER NOT NULL DEFAULT '0', - auth_method INTEGER NOT NULL DEFAULT '1', - eap_type INTEGER NOT NULL DEFAULT '0', - eap_vendor INTEGER NOT NULL DEFAULT '0', - keyingtries INTEGER NOT NULL DEFAULT '1', - rekeytime INTEGER NOT NULL DEFAULT '0', - reauthtime INTEGER NOT NULL DEFAULT '3600', - jitter INTEGER NOT NULL DEFAULT '180', - overtime INTEGER NOT NULL DEFAULT '300', - mobike INTEGER NOT NULL DEFAULT '1', - dpd_delay INTEGER NOT NULL DEFAULT '120', - virtual TEXT DEFAULT NULL, - pool TEXT DEFAULT NULL, - mediation INTEGER NOT NULL DEFAULT '0', - mediated_by INTEGER NOT NULL DEFAULT '0', - peer_id INTEGER NOT NULL DEFAULT '0' -); -DROP INDEX IF EXISTS peer_configs_name; -CREATE INDEX peer_configs_name ON peer_configs ( - name -); - -DROP TABLE IF EXISTS peer_config_child_config; -CREATE TABLE peer_config_child_config ( - peer_cfg INTEGER NOT NULL, - child_cfg INTEGER NOT NULL, - PRIMARY KEY (peer_cfg, child_cfg) -); - -DROP TABLE IF EXISTS traffic_selectors; -CREATE TABLE traffic_selectors ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL DEFAULT '7', - protocol INTEGER NOT NULL DEFAULT '0', - start_addr BLOB DEFAULT NULL, - end_addr BLOB DEFAULT NULL, - start_port INTEGER NOT NULL DEFAULT '0', - end_port INTEGER NOT NULL DEFAULT '65535' -); - -DROP TABLE IF EXISTS certificates; -CREATE TABLE certificates ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - keytype INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS certificate_identity; -CREATE TABLE certificate_identity ( - certificate INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (certificate, identity) -); - -DROP TABLE IF EXISTS private_keys; -CREATE TABLE private_keys ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS private_key_identity; -CREATE TABLE private_key_identity ( - private_key INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (private_key, identity) -); - -DROP TABLE IF EXISTS shared_secrets; -CREATE TABLE shared_secrets ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - type INTEGER NOT NULL, - data BLOB NOT NULL -); - -DROP TABLE IF EXISTS shared_secret_identity; -CREATE TABLE shared_secret_identity ( - shared_secret INTEGER NOT NULL, - identity INTEGER NOT NULL, - PRIMARY KEY (shared_secret, identity) -); - -DROP TABLE IF EXISTS pools; -CREATE TABLE pools ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - name TEXT NOT NULL, - start BLOB NOT NULL, - end BLOB NOT NULL, - next BLOB NOT NULL, - timeout INTEGER DEFAULT NULL, - UNIQUE (name) -); -DROP INDEX IF EXISTS pools_name; -CREATE INDEX pools_name ON pools ( - name -); - -DROP TABLE IF EXISTS leases; -CREATE TABLE leases ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - pool INTEGER NOT NULL, - address BLOB NOT NULL, - identity INTEGER NOT NULL, - acquired INTEGER NOT NULL, - released INTEGER DEFAULT NULL -); -DROP INDEX IF EXISTS leases_pool; -CREATE INDEX leases_pool ON leases ( - pool -); -DROP INDEX IF EXISTS leases_identity; -CREATE INDEX leases_identity ON leases ( - identity -); -DROP INDEX IF EXISTS leases_released; -CREATE INDEX leases_released ON leases ( - released -); - -DROP TABLE IF EXISTS ike_sas; -CREATE TABLE ike_sas ( - local_spi BLOB NOT NULL PRIMARY KEY, - remote_spi BLOB NOT NULL, - id INTEGER NOT NULL, - initiator INTEGER NOT NULL, - local_id_type INTEGER NOT NULL, - local_id_data BLOB NOT NULL, - remote_id_type INTEGER NOT NULL, - remote_id_data BLOB NOT NULL, - host_family INTEGER NOT NULL, - local_host_data BLOB NOT NULL, - remote_host_data BLOB NOT NULL, - created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - -DROP TABLE IF EXISTS logs; -CREATE TABLE logs ( - id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT, - local_spi BLOB NOT NULL, - signal INTEGER NOT NULL, - level INTEGER NOT NULL, - msg TEXT NOT NULL, - time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP -); - /* Identities */ INSERT INTO identities ( diff --git a/testing/tests/sql/rw-psk-rsa-split/pretest.dat b/testing/tests/sql/rw-psk-rsa-split/pretest.dat index 4224f3106..76316f33d 100644 --- a/testing/tests/sql/rw-psk-rsa-split/pretest.dat +++ b/testing/tests/sql/rw-psk-rsa-split/pretest.dat @@ -1,6 +1,9 @@ moon::rm /etc/ipsec.d/cacerts/* carol::rm /etc/ipsec.d/cacerts/* dave::rm /etc/ipsec.d/cacerts/* +moon::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +carol::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql +dave::cat /etc/ipsec.d/tables.sql /etc/ipsec.d/data.sql > /etc/ipsec.d/ipsec.sql moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db carol::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db dave::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db |