diff options
Diffstat (limited to 'testing/tests/rw-rsa-no-policy')
| -rw-r--r-- | testing/tests/rw-rsa-no-policy/description.txt | 3 | ||||
| -rw-r--r-- | testing/tests/rw-rsa-no-policy/evaltest.dat | 5 | ||||
| -rwxr-xr-x | testing/tests/rw-rsa-no-policy/hosts/moon/etc/ipsec.conf | 22 | ||||
| -rw-r--r-- | testing/tests/rw-rsa-no-policy/hosts/moon/etc/ipsec.secrets | 3 | ||||
| -rw-r--r-- | testing/tests/rw-rsa-no-policy/posttest.dat | 2 | ||||
| -rw-r--r-- | testing/tests/rw-rsa-no-policy/pretest.dat | 5 | ||||
| -rw-r--r-- | testing/tests/rw-rsa-no-policy/test.conf | 21 |
7 files changed, 61 insertions, 0 deletions
diff --git a/testing/tests/rw-rsa-no-policy/description.txt b/testing/tests/rw-rsa-no-policy/description.txt new file mode 100644 index 000000000..c3336b769 --- /dev/null +++ b/testing/tests/rw-rsa-no-policy/description.txt @@ -0,0 +1,3 @@ +The roadwarrior <b>carol</b> wants to set up a connection to gateway <b>moon</b> using +<b>RSASIG</b>-based authentication. Since <b>moon</b> supports <b>PSK</b>-based +authentication only, the connection setup fails. diff --git a/testing/tests/rw-rsa-no-policy/evaltest.dat b/testing/tests/rw-rsa-no-policy/evaltest.dat new file mode 100644 index 000000000..188b7bbb5 --- /dev/null +++ b/testing/tests/rw-rsa-no-policy/evaltest.dat @@ -0,0 +1,5 @@ +carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::NO +moon::cat /var/log/auth.log::peer requests RSASIG authentication::YES +moon::cat /var/log/auth.log::but no connection has been authorized with policy=RSASIG::YES +moon::ipsec status::*PH_IP_CAROL STATE_QUICK_R2.*IPsec SA established::NO + diff --git a/testing/tests/rw-rsa-no-policy/hosts/moon/etc/ipsec.conf b/testing/tests/rw-rsa-no-policy/hosts/moon/etc/ipsec.conf new file mode 100755 index 000000000..b9318c058 --- /dev/null +++ b/testing/tests/rw-rsa-no-policy/hosts/moon/etc/ipsec.conf @@ -0,0 +1,22 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +version 2.0 # conforms to second version of ipsec.conf specification + +config setup + plutodebug=control + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + +conn rw-psk + authby=secret + left=PH_IP_MOON + leftnexthop=%direct + leftid=@moon.strongswan.org + leftsubnet=10.1.0.0/16 + leftfirewall=yes + right=%any + auto=add diff --git a/testing/tests/rw-rsa-no-policy/hosts/moon/etc/ipsec.secrets b/testing/tests/rw-rsa-no-policy/hosts/moon/etc/ipsec.secrets new file mode 100644 index 000000000..e8c151f05 --- /dev/null +++ b/testing/tests/rw-rsa-no-policy/hosts/moon/etc/ipsec.secrets @@ -0,0 +1,3 @@ +# /etc/ipsec.secrets - strongSwan IPsec secrets file + +: PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL diff --git a/testing/tests/rw-rsa-no-policy/posttest.dat b/testing/tests/rw-rsa-no-policy/posttest.dat new file mode 100644 index 000000000..c6d6235f9 --- /dev/null +++ b/testing/tests/rw-rsa-no-policy/posttest.dat @@ -0,0 +1,2 @@ +moon::ipsec stop +carol::ipsec stop diff --git a/testing/tests/rw-rsa-no-policy/pretest.dat b/testing/tests/rw-rsa-no-policy/pretest.dat new file mode 100644 index 000000000..0d2a0dd1f --- /dev/null +++ b/testing/tests/rw-rsa-no-policy/pretest.dat @@ -0,0 +1,5 @@ +moon::rm /etc/ipsec.d/cacerts/* +carol::ipsec start +moon::ipsec start +carol::sleep 2 +carol::ipsec up home diff --git a/testing/tests/rw-rsa-no-policy/test.conf b/testing/tests/rw-rsa-no-policy/test.conf new file mode 100644 index 000000000..f622c18b7 --- /dev/null +++ b/testing/tests/rw-rsa-no-policy/test.conf @@ -0,0 +1,21 @@ +#!/bin/bash +# +# This configuration file provides information on the +# UML instances used for this test + +# All UML instances that are required for this test +# +UMLHOSTS="moon carol winnetou" + +# Corresponding block diagram +# +DIAGRAM="a-m-c-w.png" + +# UML instances on which tcpdump is to be started +# +TCPDUMPHOSTS="" + +# UML instances on which IPsec is started +# Used for IPsec logging purposes +# +IPSECHOSTS="moon carol" |