diff options
Diffstat (limited to 'testing/tests/ikev1-p-c/net2net-psk-fail')
11 files changed, 0 insertions, 115 deletions
diff --git a/testing/tests/ikev1-p-c/net2net-psk-fail/description.txt b/testing/tests/ikev1-p-c/net2net-psk-fail/description.txt deleted file mode 100644 index 688182be4..000000000 --- a/testing/tests/ikev1-p-c/net2net-psk-fail/description.txt +++ /dev/null @@ -1,5 +0,0 @@ -A connection between the gateways <b>moon</b> and <b>sun</b> is set up. -The authentication is based on <b>Preshared Keys</b> (PSK), but gateway <b>moon</b> -uses a wrong PSK. This makes it impossible for gateway <b>sun</b> to decrypt the -IKEv1 message correctly. Thus <b>sun</b> returns a <b>PAYLOAD-MALFORMED</b> error -notify which in turn cannot be decrypted by <b>moon</b>. diff --git a/testing/tests/ikev1-p-c/net2net-psk-fail/evaltest.dat b/testing/tests/ikev1-p-c/net2net-psk-fail/evaltest.dat deleted file mode 100644 index 0b9520bb2..000000000 --- a/testing/tests/ikev1-p-c/net2net-psk-fail/evaltest.dat +++ /dev/null @@ -1,7 +0,0 @@ -sun:: cat /var/log/daemon.log::invalid ID_V1 payload length, decryption failed::YES -sun:: cat /var/log/daemon.log::generating INFORMATIONAL_V1 request.*HASH N(PLD_MAL)::YES -moon::cat /var/log/auth.log::malformed payload in packet::YES -moon::ipsec status 2> /dev/null::net-net.*STATE_MAIN_I4.*ISAKMP SA established::NO -sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::NO -moon::ipsec status 2> /dev/null::net-net.*STATE_QUICK_I2.*IPsec SA established::NO -sun:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::NO diff --git a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/moon/etc/ipsec.conf b/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/moon/etc/ipsec.conf deleted file mode 100755 index fbafb4221..000000000 --- a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/moon/etc/ipsec.conf +++ /dev/null @@ -1,24 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - plutodebug=control - charonstart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - authby=secret - pfs=no - -conn net-net - left=PH_IP_MOON - leftsubnet=10.1.0.0/16 - leftid=@moon.strongswan.org - leftfirewall=yes - right=PH_IP_SUN - rightsubnet=10.2.0.0/16 - rightid=@sun.strongswan.org - auto=add diff --git a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/moon/etc/ipsec.secrets b/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/moon/etc/ipsec.secrets deleted file mode 100644 index a294f246d..000000000 --- a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/moon/etc/ipsec.secrets +++ /dev/null @@ -1,3 +0,0 @@ -# /etc/ipsec.secrets - strongSwan IPsec secrets file - -@moon.strongswan.org @sun.strongswan.org : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2dxxxx diff --git a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/moon/etc/strongswan.conf deleted file mode 100644 index f9a03fef5..000000000 --- a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/moon/etc/strongswan.conf +++ /dev/null @@ -1,11 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -pluto { - load = sha1 sha2 md5 aes des hmac gmp random nonce kernel-netlink -} - -# pluto uses optimized DH exponent sizes (RFC 3526) - -libstrongswan { - dh_exponent_ansi_x9_42 = no -} diff --git a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/sun/etc/ipsec.conf b/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/sun/etc/ipsec.conf deleted file mode 100755 index 027287ad4..000000000 --- a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/sun/etc/ipsec.conf +++ /dev/null @@ -1,22 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - plutostart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - authby=secret - -conn net-net - left=PH_IP_SUN - leftsubnet=10.2.0.0/16 - leftid=@sun.strongswan.org - leftfirewall=yes - right=PH_IP_MOON - rightsubnet=10.1.0.0/16 - rightid=@moon.strongswan.org - auto=add diff --git a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/sun/etc/ipsec.secrets b/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/sun/etc/ipsec.secrets deleted file mode 100644 index 27185fbc5..000000000 --- a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/sun/etc/ipsec.secrets +++ /dev/null @@ -1,5 +0,0 @@ -# /etc/ipsec.secrets - strongSwan IPsec secrets file - -@moon.strongswan.org @sun.strongswan.org : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL - -192.168.0.1 192.168.0.2 : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL diff --git a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/sun/etc/strongswan.conf b/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/sun/etc/strongswan.conf deleted file mode 100644 index d84cba2b0..000000000 --- a/testing/tests/ikev1-p-c/net2net-psk-fail/hosts/sun/etc/strongswan.conf +++ /dev/null @@ -1,5 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -charon { - load = aes des sha1 sha2 md5 gmp random nonce hmac stroke kernel-netlink socket-default updown -} diff --git a/testing/tests/ikev1-p-c/net2net-psk-fail/posttest.dat b/testing/tests/ikev1-p-c/net2net-psk-fail/posttest.dat deleted file mode 100644 index 5a9150bc8..000000000 --- a/testing/tests/ikev1-p-c/net2net-psk-fail/posttest.dat +++ /dev/null @@ -1,4 +0,0 @@ -moon::ipsec stop -sun::ipsec stop -moon::/etc/init.d/iptables stop 2> /dev/null -sun::/etc/init.d/iptables stop 2> /dev/null diff --git a/testing/tests/ikev1-p-c/net2net-psk-fail/pretest.dat b/testing/tests/ikev1-p-c/net2net-psk-fail/pretest.dat deleted file mode 100644 index 9e40684ab..000000000 --- a/testing/tests/ikev1-p-c/net2net-psk-fail/pretest.dat +++ /dev/null @@ -1,8 +0,0 @@ -moon::/etc/init.d/iptables start 2> /dev/null -sun::/etc/init.d/iptables start 2> /dev/null -moon::rm /etc/ipsec.d/cacerts/* -sun::rm /etc/ipsec.d/cacerts/* -moon::ipsec start -sun::ipsec start -moon::sleep 2 -moon::ipsec up net-net diff --git a/testing/tests/ikev1-p-c/net2net-psk-fail/test.conf b/testing/tests/ikev1-p-c/net2net-psk-fail/test.conf deleted file mode 100644 index f74d0f7d6..000000000 --- a/testing/tests/ikev1-p-c/net2net-psk-fail/test.conf +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# -# This configuration file provides information on the -# UML instances used for this test - -# All UML instances that are required for this test -# -UMLHOSTS="alice moon winnetou sun bob" - -# Corresponding block diagram -# -DIAGRAM="a-m-w-s-b.png" - -# UML instances on which tcpdump is to be started -# -TCPDUMPHOSTS="sun" - -# UML instances on which IPsec is started -# Used for IPsec logging purposes -# -IPSECHOSTS="moon sun" |