aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xtesting/tests/swanctl/rw-newhope-bliss/evaltest.dat12
-rwxr-xr-xtesting/tests/swanctl/rw-newhope-bliss/hosts/carol/etc/swanctl/swanctl.conf9
-rwxr-xr-xtesting/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf1
-rwxr-xr-xtesting/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/strongswan.conf3
-rwxr-xr-xtesting/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/swanctl/swanctl.conf7
5 files changed, 17 insertions, 15 deletions
diff --git a/testing/tests/swanctl/rw-newhope-bliss/evaltest.dat b/testing/tests/swanctl/rw-newhope-bliss/evaltest.dat
index bcf614335..be3b867a3 100755
--- a/testing/tests/swanctl/rw-newhope-bliss/evaltest.dat
+++ b/testing/tests/swanctl/rw-newhope-bliss/evaltest.dat
@@ -1,9 +1,9 @@
-carol::swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.100 local-port=4500 local-id=carol@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*child-sas.*home.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[192.168.0.100/32] remote-ts=\[10.1.0.0/16]::YES
-dave:: swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.200 local-port=4500 local-id=dave@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*child-sas.*home.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[192.168.0.200/32] remote-ts=\[10.1.0.0/16]::YES
-moon:: swanctl --list-sas --ike-id 1 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.100 remote-port=4500 remote-id=carol@strongswan.org.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*child-sas.*net.*reqid=1 state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[10.1.0.0/16] remote-ts=\[192.168.0.100/32]::YES
-moon:: swanctl --list-sas --ike-id 2 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.200 remote-port=4500 remote-id=dave@strongswan.org.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*child-sas.*net.*reqid=2 state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[10.1.0.0/16] remote-ts=\[192.168.0.200/32]::YES
-alice::ping -c 1 192.168.0.100::64 bytes from 192.168.0.100: icmp_.eq=1::YES
-alice::ping -c 1 192.168.0.200::64 bytes from 192.168.0.200: icmp_.eq=1::YES
+carol::swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.100 local-port=4500 local-id=carol@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*local-vips=\[10.3.0.1] child-sas.*home.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[10.3.0.1/32] remote-ts=\[10.1.0.0/16]::YES
+dave:: swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.200 local-port=4500 local-id=dave@strongswan.org remote-host=192.168.0.1 remote-port=4500 remote-id=moon.strongswan.org initiator=yes.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*local-vips=\[10.3.0.2] child-sas.*home.*state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[10.3.0.2/32] remote-ts=\[10.1.0.0/16]::YES
+moon:: swanctl --list-sas --ike-id 1 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.100 remote-port=4500 remote-id=carol@strongswan.org.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*remote-vips=\[10.3.0.1] child-sas.*net.*reqid=1 state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[10.1.0.0/16] remote-ts=\[10.3.0.1/32]::YES
+moon:: swanctl --list-sas --ike-id 2 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=moon.strongswan.org remote-host=192.168.0.200 remote-port=4500 remote-id=dave@strongswan.org.*encr-alg=AES_CBC encr-keysize=256 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=NEWHOPE_128.*remote-vips=\[10.3.0.2] child-sas.*net.*reqid=2 state=INSTALLED mode=TUNNEL.*ESP.*encr-alg=AES_GCM_16 encr-keysize=256.*local-ts=\[10.1.0.0/16] remote-ts=\[10.3.0.2/32]::YES
+alice::ping -c 1 10.3.0.1::64 bytes from 10.3.0.1: icmp_.eq=1::YES
+alice::ping -c 1 10.3.0.2::64 bytes from 10.3.0.2: icmp_.eq=1::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
diff --git a/testing/tests/swanctl/rw-newhope-bliss/hosts/carol/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-newhope-bliss/hosts/carol/etc/swanctl/swanctl.conf
index 5bffca662..5706eda18 100755
--- a/testing/tests/swanctl/rw-newhope-bliss/hosts/carol/etc/swanctl/swanctl.conf
+++ b/testing/tests/swanctl/rw-newhope-bliss/hosts/carol/etc/swanctl/swanctl.conf
@@ -3,6 +3,7 @@ connections {
home {
local_addrs = 192.168.0.100
remote_addrs = 192.168.0.1
+ vips = 0.0.0.0
local {
auth = pubkey
@@ -26,11 +27,3 @@ connections {
fragmentation = yes
}
}
-
-secrets {
-
- rsa-carol {
- file = carolKey.pem
- secret = "nH5ZQEWtku0RJEZ6"
- }
-}
diff --git a/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf
index 9d3d90865..13407ed44 100755
--- a/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf
+++ b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf
@@ -3,6 +3,7 @@ connections {
home {
local_addrs = 192.168.0.200
remote_addrs = 192.168.0.1
+ vips = 0.0.0.0
local {
auth = pubkey
diff --git a/testing/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/strongswan.conf b/testing/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/strongswan.conf
index 69a39e885..29c274532 100755
--- a/testing/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/strongswan.conf
@@ -11,7 +11,8 @@ charon {
fragment_size = 1500
start-scripts {
- creds = /usr/local/sbin/swanctl --load-creds
+ creds = /usr/local/sbin/swanctl --load-creds
+ pools = /usr/local/sbin/swanctl --load-pools
conns = /usr/local/sbin/swanctl --load-conns
}
}
diff --git a/testing/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/swanctl/swanctl.conf
index 6cfd7a827..bce22d057 100755
--- a/testing/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/swanctl/swanctl.conf
+++ b/testing/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/swanctl/swanctl.conf
@@ -2,6 +2,7 @@ connections {
rw {
local_addrs = 192.168.0.1
+ pools = rw_pool
local {
auth = pubkey
@@ -24,3 +25,9 @@ connections {
fragmentation = yes
}
}
+
+pools {
+ rw_pool {
+ addrs = 10.3.0.0/28
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-20 05:02:52 +0000