aboutsummaryrefslogtreecommitdiffstats
path: root/testing/hosts/default
Commit message (Collapse)AuthorAgeFilesLines
* testing: Configure logging via syslog in strongswan.confTobias Brunner2017-11-151-2/+0
| | | | | Globally configure logging in strongswan.conf.testing and replace all charondebug statements with strongswan.conf settings.
* testing: Disable logging via journal in charon-systemdTobias Brunner2017-11-151-0/+3
| | | | | This avoids duplicate log messages as we already log via syslog to get daemon.log.
* testing: Globally define logging via syslog for charon-systemdTobias Brunner2017-11-151-0/+9
| | | | | | | We could make the same change for charon (actually setting it for charon in strongswan.conf.testing would work for charon-systemd too), however, there are dozens of test cases that currently set charondebug in ipsec.conf.
* testing: Move collector.db in tnc/tnccs-20-ev-pt-tls scenario to /etc/db.dTobias Brunner2017-08-071-1/+1
| | | | | Also move initialization to the pretest script (it's way faster in the in-memory database).
* testing: Added tnc/tnccs-20-ev-pt-tls scenarioAndreas Steffen2017-08-041-0/+4
|
* testing: Add wrapper around service commandTobias Brunner2017-05-261-0/+22
| | | | | | | | When charon is started via service command LEAK_DETECTIVE_LOG is not set because the command strips the environment. Since we only want the variable to be set during the automated test runs we can't just set it in /etc/default/charon. Instead, we do so in this wrapper when charon is started and remove the variable again when it is stopped.
* Fixed some typos, courtesy of codespellTobias Brunner2017-05-261-1/+1
|
* testing: Avoid expiration of allocated SPIs due to low retransmission settingsTobias Brunner2017-05-231-1/+6
|
* testing: strongTNC does not come with django.db any moreAndreas Steffen2016-12-171-0/+15
|
* testing: Log leaks and fail tests if any are detectedTobias Brunner2016-09-201-0/+1
|
* Revert "testing: Only load selected plugins in swanctl"Tobias Brunner2016-07-011-4/+0
| | | | | | | This reverts commit dee01d019ba9743b2784b417155601d10c173a66. Thanks to 505c31870162 ("leak-detective: Try to properly free allocations after deinitialization") this is not required anymore.
* testing: Only load selected plugins in swanctlTobias Brunner2016-06-201-0/+4
| | | | | | | | | The main issue is that the ldap and curl plugins, or rather the libraries they use, initialize GnuTLS (curl, strangely, even when it is, by its own account, linked against OpenSSL). Some of these allocations are only freed once the libraries are unloaded. This means that the leak detective causes invalid frees when swanctl is terminated and libraries are unloaded after the leak detective is already deinitialized.
* testing: Fix expect-connection for tkm testsTobias Brunner2016-06-161-1/+1
| | | | We don't use swanctl there but there is no load statement either.
* testing: Add root to fstabTobias Brunner2016-06-151-0/+1
| | | | This seems to be required for systemd to remount it.
* testing: Explicitly enable RC4 in SSH server configTobias Brunner2016-06-151-0/+1
| | | | | | Newer OpenSSH versions disable this by default because it's unsafe. Since this is not relevant for our use case we enable it due to its speed.
* testing: The expect-connection helper may use swanctl to check for connectionsTobias Brunner2015-12-111-1/+7
| | | | | | Depending on the plugin configuration in the test scenario either `ipsec statusall` or `swanctl --list-conns` is used to check for a named connection.
* testing: Only send two retransmits after 1 second each to fail negative ↵Tobias Brunner2015-11-091-0/+6
| | | | tests earlier
* testing: Add a base strongswan.conf file used by all hosts in all scenariosTobias Brunner2015-11-091-0/+1
| | | | | | We will use this to set some defaults (e.g. timeouts to make testing negative tests quicker). We don't want these settings to show up in the configs of the actual scenarios though.
* testing: Enable virtio console for guestsTobias Brunner2014-10-101-0/+71
| | | | | | | | | | | This allows accessing the guests with `virsh console <name>`. Using a serial console would also be possible but our kernel configs have no serial drivers enabled, CONFIG_VIRTIO_CONSOLE is enabled though. So to avoid having to recompile the kernels let's do it this way, only requires rebuilding the guest images. References #729.
* First swanctl scenario5.2.0dr5Andreas Steffen2014-06-011-0/+156
|
* Test SWID REST API ins tnc/tnccs-20-pdp scenariosAndreas Steffen2014-05-311-1/+1
|
* testing: Use installed PTS SQL schema and data instead of local copyTobias Brunner2014-02-122-1448/+0
|
* testing: Use installed SQL schema instead of local copyTobias Brunner2014-02-121-270/+0
|
* Added missing semicolon in SQL statementsAndreas Steffen2014-02-051-6/+6
|
* Added Android 4.3.1 to products database tableAndreas Steffen2014-02-041-2/+14
|
* Added new Android versions to PTS databaseAndreas Steffen2014-02-041-0/+60
|
* Added TPMRA workitem support in PTS databaseAndreas Steffen2014-01-161-0/+60
|
* Updated and split data.sqlAndreas Steffen2013-10-231-37/+121
|
* Define aaa.strongswan.org in /etc/hostsAndreas Steffen2013-10-111-1/+1
|
* testing: Allow AH packets in default INPUT/OUTPUT chainsMartin Willi2013-10-111-0/+4
|
* Added tags table and some tag samplesAndreas Steffen2013-09-052-1/+95
|
* Added regids table and some sample reqid dataAndreas Steffen2013-09-022-0/+58
|
* Updated PTS database scheme to new workitems modelAndreas Steffen2013-07-291-39/+127
|
* Register packages under Debian 7.0 x86_64Andreas Steffen2013-07-041-26/+765
|
* testing: Set terminal title when logging in via SSHTobias Brunner2013-05-151-0/+11
| | | | | Since we always log in as root use a simpler command prompt. And don't store duplicate commands in the bash command history.
* Use attest database in tnc/tnccs-20-os scenario5.0.4Andreas Steffen2013-04-212-0/+253
|
* Add expect-file guest image scriptReto Buerki2013-03-191-0/+29
| | | | | This script can be used in pretest.dat files to wait until a given file appears.
* Add /usr/local/lib/ipsec to linker cacheReto Buerki2013-03-191-0/+1
|
* Make core dumps workReto Buerki2013-01-173-2/+9
| | | | Core dumps are written to the /var/local/dumps directory.
* Switch to 'mapped' access mode for hostfsReto Buerki2013-01-171-1/+1
| | | | | | | | | | | Passthrough mode only works as expected when running as root. On Debian/Ubuntu systems qemu runs as user 'libvirt-qemu' and group 'kvm' so all shared files must be chowned to grant access from guests. Symlinks created on the host are still problematic because the Plan 9 filesystem has no direct notion of symbolic links, see [1]. [1] - http://ericvh.github.com/9p-rfc/rfc9p2000.u.html
* converted all ipv6 iptables/ip6tables scenariosAndreas Steffen2013-01-172-0/+16
|
* implemented ip6tables.rulesAndreas Steffen2013-01-172-0/+50
|
* activated iptables in some ikev2 scenariosAndreas Steffen2013-01-171-0/+4
|
* Export compile directory to guestsReto Buerki2013-01-171-0/+1
| | | | | Use 9p over virtio to share files on the host with the guest domains. The files are accessible in the guests /hostfs directory.
* Add ssh config to guest root accountReto Buerki2013-01-171-0/+3
|
* Add expect-connection guest image scriptReto Buerki2013-01-171-0/+27
| | | | | | | | This script can be used in pretest.dat files to wait until an IPsec connection becomes available. This avoids unconditional sleeps and improves test performance. The ipv6 tests have been updated to use the expect-connection script.
* Use key(and password-)less SSH authenticationTobias Brunner2013-01-171-0/+13
|
* Adapt host configurationReto Buerki2012-12-186-0/+333
| | | | | Adapt the configuration of the test hosts to the new Debian-based system.
* added certificate_authorities and certificate_distribution_points tablesAndreas Steffen2010-12-051-0/+14
|
* support of reqid field in SQL databaseAndreas Steffen2010-12-051-1/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-06 08:16:00 +0000