aboutsummaryrefslogtreecommitdiffstats
path: root/testing/hosts/default/etc
Commit message (Collapse)AuthorAgeFilesLines
* testing: Configure logging via syslog in strongswan.confTobias Brunner2017-11-151-2/+0
| | | | | Globally configure logging in strongswan.conf.testing and replace all charondebug statements with strongswan.conf settings.
* testing: Disable logging via journal in charon-systemdTobias Brunner2017-11-151-0/+3
| | | | | This avoids duplicate log messages as we already log via syslog to get daemon.log.
* testing: Globally define logging via syslog for charon-systemdTobias Brunner2017-11-151-0/+9
| | | | | | | We could make the same change for charon (actually setting it for charon in strongswan.conf.testing would work for charon-systemd too), however, there are dozens of test cases that currently set charondebug in ipsec.conf.
* Fixed some typos, courtesy of codespellTobias Brunner2017-05-261-1/+1
|
* testing: Avoid expiration of allocated SPIs due to low retransmission settingsTobias Brunner2017-05-231-1/+6
|
* testing: Log leaks and fail tests if any are detectedTobias Brunner2016-09-201-0/+1
|
* Revert "testing: Only load selected plugins in swanctl"Tobias Brunner2016-07-011-4/+0
| | | | | | | This reverts commit dee01d019ba9743b2784b417155601d10c173a66. Thanks to 505c31870162 ("leak-detective: Try to properly free allocations after deinitialization") this is not required anymore.
* testing: Only load selected plugins in swanctlTobias Brunner2016-06-201-0/+4
| | | | | | | | | The main issue is that the ldap and curl plugins, or rather the libraries they use, initialize GnuTLS (curl, strangely, even when it is, by its own account, linked against OpenSSL). Some of these allocations are only freed once the libraries are unloaded. This means that the leak detective causes invalid frees when swanctl is terminated and libraries are unloaded after the leak detective is already deinitialized.
* testing: Add root to fstabTobias Brunner2016-06-151-0/+1
| | | | This seems to be required for systemd to remount it.
* testing: Explicitly enable RC4 in SSH server configTobias Brunner2016-06-151-0/+1
| | | | | | Newer OpenSSH versions disable this by default because it's unsafe. Since this is not relevant for our use case we enable it due to its speed.
* testing: Only send two retransmits after 1 second each to fail negative ↵Tobias Brunner2015-11-091-0/+6
| | | | tests earlier
* testing: Add a base strongswan.conf file used by all hosts in all scenariosTobias Brunner2015-11-091-0/+1
| | | | | | We will use this to set some defaults (e.g. timeouts to make testing negative tests quicker). We don't want these settings to show up in the configs of the actual scenarios though.
* testing: Enable virtio console for guestsTobias Brunner2014-10-101-0/+71
| | | | | | | | | | | This allows accessing the guests with `virsh console <name>`. Using a serial console would also be possible but our kernel configs have no serial drivers enabled, CONFIG_VIRTIO_CONSOLE is enabled though. So to avoid having to recompile the kernels let's do it this way, only requires rebuilding the guest images. References #729.
* First swanctl scenario5.2.0dr5Andreas Steffen2014-06-011-0/+156
|
* Test SWID REST API ins tnc/tnccs-20-pdp scenariosAndreas Steffen2014-05-311-1/+1
|
* testing: Use installed PTS SQL schema and data instead of local copyTobias Brunner2014-02-122-1448/+0
|
* testing: Use installed SQL schema instead of local copyTobias Brunner2014-02-121-270/+0
|
* Added missing semicolon in SQL statementsAndreas Steffen2014-02-051-6/+6
|
* Added Android 4.3.1 to products database tableAndreas Steffen2014-02-041-2/+14
|
* Added new Android versions to PTS databaseAndreas Steffen2014-02-041-0/+60
|
* Added TPMRA workitem support in PTS databaseAndreas Steffen2014-01-161-0/+60
|
* Updated and split data.sqlAndreas Steffen2013-10-231-37/+121
|
* Define aaa.strongswan.org in /etc/hostsAndreas Steffen2013-10-111-1/+1
|
* testing: Allow AH packets in default INPUT/OUTPUT chainsMartin Willi2013-10-111-0/+4
|
* Added tags table and some tag samplesAndreas Steffen2013-09-052-1/+95
|
* Added regids table and some sample reqid dataAndreas Steffen2013-09-022-0/+58
|
* Updated PTS database scheme to new workitems modelAndreas Steffen2013-07-291-39/+127
|
* Register packages under Debian 7.0 x86_64Andreas Steffen2013-07-041-26/+765
|
* Use attest database in tnc/tnccs-20-os scenario5.0.4Andreas Steffen2013-04-212-0/+253
|
* Add /usr/local/lib/ipsec to linker cacheReto Buerki2013-03-191-0/+1
|
* Make core dumps workReto Buerki2013-01-173-2/+9
| | | | Core dumps are written to the /var/local/dumps directory.
* Switch to 'mapped' access mode for hostfsReto Buerki2013-01-171-1/+1
| | | | | | | | | | | Passthrough mode only works as expected when running as root. On Debian/Ubuntu systems qemu runs as user 'libvirt-qemu' and group 'kvm' so all shared files must be chowned to grant access from guests. Symlinks created on the host are still problematic because the Plan 9 filesystem has no direct notion of symbolic links, see [1]. [1] - http://ericvh.github.com/9p-rfc/rfc9p2000.u.html
* converted all ipv6 iptables/ip6tables scenariosAndreas Steffen2013-01-172-0/+16
|
* implemented ip6tables.rulesAndreas Steffen2013-01-172-0/+50
|
* activated iptables in some ikev2 scenariosAndreas Steffen2013-01-171-0/+4
|
* Export compile directory to guestsReto Buerki2013-01-171-0/+1
| | | | | Use 9p over virtio to share files on the host with the guest domains. The files are accessible in the guests /hostfs directory.
* Use key(and password-)less SSH authenticationTobias Brunner2013-01-171-0/+13
|
* Adapt host configurationReto Buerki2012-12-186-0/+333
| | | | | Adapt the configuration of the test hosts to the new Debian-based system.
* added certificate_authorities and certificate_distribution_points tablesAndreas Steffen2010-12-051-0/+14
|
* support of reqid field in SQL databaseAndreas Steffen2010-12-051-1/+2
|
* renamed algorithm to proposalAndreas Steffen2010-11-301-9/+9
|
* store IKE and ESP proposals in SQL databaseAndreas Steffen2010-11-301-0/+20
|
* start and route connections defined in an SQL database via start_action ↵Andreas Steffen2010-11-281-0/+1
| | | | field and ipsec up %startall command
* created certificate and /etc/hosts entry for virtual gateway marsAndreas Steffen2010-11-201-0/+2
|
* updated SQL templates to support attribute pool and identity parametersAndreas Steffen2010-07-121-0/+1
|
* Added support for named attribute groupsHeiko Hund2010-07-091-0/+15
| | | | | | Add the possibility to group attributes by a name and assign these groups to connections. This allows a more granular configuration of which client will receive what atrributes.
* it's too late on Saturday eveningAndreas Steffen2010-05-151-2/+2
|
* roll back some changesAndreas Steffen2010-05-151-2/+2
|
* encoding of MODE_TUNNEL changedAndreas Steffen2010-05-151-3/+3
|
* added ikev2/dhcp-dynamic scenarioAndreas Steffen2010-04-231-0/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 06:09:21 +0000