Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | testing: Configure logging via syslog in strongswan.conf | Tobias Brunner | 2017-11-15 | 1 | -2/+0 |
| | | | | | Globally configure logging in strongswan.conf.testing and replace all charondebug statements with strongswan.conf settings. | ||||
* | testing: Disable logging via journal in charon-systemd | Tobias Brunner | 2017-11-15 | 1 | -0/+3 |
| | | | | | This avoids duplicate log messages as we already log via syslog to get daemon.log. | ||||
* | testing: Globally define logging via syslog for charon-systemd | Tobias Brunner | 2017-11-15 | 1 | -0/+9 |
| | | | | | | | We could make the same change for charon (actually setting it for charon in strongswan.conf.testing would work for charon-systemd too), however, there are dozens of test cases that currently set charondebug in ipsec.conf. | ||||
* | testing: Move collector.db in tnc/tnccs-20-ev-pt-tls scenario to /etc/db.d | Tobias Brunner | 2017-08-07 | 1 | -1/+1 |
| | | | | | Also move initialization to the pretest script (it's way faster in the in-memory database). | ||||
* | testing: Added tnc/tnccs-20-ev-pt-tls scenario | Andreas Steffen | 2017-08-04 | 1 | -0/+4 |
| | |||||
* | testing: Add wrapper around service command | Tobias Brunner | 2017-05-26 | 1 | -0/+22 |
| | | | | | | | | When charon is started via service command LEAK_DETECTIVE_LOG is not set because the command strips the environment. Since we only want the variable to be set during the automated test runs we can't just set it in /etc/default/charon. Instead, we do so in this wrapper when charon is started and remove the variable again when it is stopped. | ||||
* | Fixed some typos, courtesy of codespell | Tobias Brunner | 2017-05-26 | 1 | -1/+1 |
| | |||||
* | testing: Avoid expiration of allocated SPIs due to low retransmission settings | Tobias Brunner | 2017-05-23 | 1 | -1/+6 |
| | |||||
* | testing: strongTNC does not come with django.db any more | Andreas Steffen | 2016-12-17 | 1 | -0/+15 |
| | |||||
* | testing: Log leaks and fail tests if any are detected | Tobias Brunner | 2016-09-20 | 1 | -0/+1 |
| | |||||
* | Revert "testing: Only load selected plugins in swanctl" | Tobias Brunner | 2016-07-01 | 1 | -4/+0 |
| | | | | | | | This reverts commit dee01d019ba9743b2784b417155601d10c173a66. Thanks to 505c31870162 ("leak-detective: Try to properly free allocations after deinitialization") this is not required anymore. | ||||
* | testing: Only load selected plugins in swanctl | Tobias Brunner | 2016-06-20 | 1 | -0/+4 |
| | | | | | | | | | The main issue is that the ldap and curl plugins, or rather the libraries they use, initialize GnuTLS (curl, strangely, even when it is, by its own account, linked against OpenSSL). Some of these allocations are only freed once the libraries are unloaded. This means that the leak detective causes invalid frees when swanctl is terminated and libraries are unloaded after the leak detective is already deinitialized. | ||||
* | testing: Fix expect-connection for tkm tests | Tobias Brunner | 2016-06-16 | 1 | -1/+1 |
| | | | | We don't use swanctl there but there is no load statement either. | ||||
* | testing: Add root to fstab | Tobias Brunner | 2016-06-15 | 1 | -0/+1 |
| | | | | This seems to be required for systemd to remount it. | ||||
* | testing: Explicitly enable RC4 in SSH server config | Tobias Brunner | 2016-06-15 | 1 | -0/+1 |
| | | | | | | Newer OpenSSH versions disable this by default because it's unsafe. Since this is not relevant for our use case we enable it due to its speed. | ||||
* | testing: The expect-connection helper may use swanctl to check for connections | Tobias Brunner | 2015-12-11 | 1 | -1/+7 |
| | | | | | | Depending on the plugin configuration in the test scenario either `ipsec statusall` or `swanctl --list-conns` is used to check for a named connection. | ||||
* | testing: Only send two retransmits after 1 second each to fail negative ↵ | Tobias Brunner | 2015-11-09 | 1 | -0/+6 |
| | | | | tests earlier | ||||
* | testing: Add a base strongswan.conf file used by all hosts in all scenarios | Tobias Brunner | 2015-11-09 | 1 | -0/+1 |
| | | | | | | We will use this to set some defaults (e.g. timeouts to make testing negative tests quicker). We don't want these settings to show up in the configs of the actual scenarios though. | ||||
* | testing: Enable virtio console for guests | Tobias Brunner | 2014-10-10 | 1 | -0/+71 |
| | | | | | | | | | | | This allows accessing the guests with `virsh console <name>`. Using a serial console would also be possible but our kernel configs have no serial drivers enabled, CONFIG_VIRTIO_CONSOLE is enabled though. So to avoid having to recompile the kernels let's do it this way, only requires rebuilding the guest images. References #729. | ||||
* | First swanctl scenario5.2.0dr5 | Andreas Steffen | 2014-06-01 | 1 | -0/+156 |
| | |||||
* | Test SWID REST API ins tnc/tnccs-20-pdp scenarios | Andreas Steffen | 2014-05-31 | 1 | -1/+1 |
| | |||||
* | testing: Use installed PTS SQL schema and data instead of local copy | Tobias Brunner | 2014-02-12 | 2 | -1448/+0 |
| | |||||
* | testing: Use installed SQL schema instead of local copy | Tobias Brunner | 2014-02-12 | 1 | -270/+0 |
| | |||||
* | Added missing semicolon in SQL statements | Andreas Steffen | 2014-02-05 | 1 | -6/+6 |
| | |||||
* | Added Android 4.3.1 to products database table | Andreas Steffen | 2014-02-04 | 1 | -2/+14 |
| | |||||
* | Added new Android versions to PTS database | Andreas Steffen | 2014-02-04 | 1 | -0/+60 |
| | |||||
* | Added TPMRA workitem support in PTS database | Andreas Steffen | 2014-01-16 | 1 | -0/+60 |
| | |||||
* | Updated and split data.sql | Andreas Steffen | 2013-10-23 | 1 | -37/+121 |
| | |||||
* | Define aaa.strongswan.org in /etc/hosts | Andreas Steffen | 2013-10-11 | 1 | -1/+1 |
| | |||||
* | testing: Allow AH packets in default INPUT/OUTPUT chains | Martin Willi | 2013-10-11 | 1 | -0/+4 |
| | |||||
* | Added tags table and some tag samples | Andreas Steffen | 2013-09-05 | 2 | -1/+95 |
| | |||||
* | Added regids table and some sample reqid data | Andreas Steffen | 2013-09-02 | 2 | -0/+58 |
| | |||||
* | Updated PTS database scheme to new workitems model | Andreas Steffen | 2013-07-29 | 1 | -39/+127 |
| | |||||
* | Register packages under Debian 7.0 x86_64 | Andreas Steffen | 2013-07-04 | 1 | -26/+765 |
| | |||||
* | testing: Set terminal title when logging in via SSH | Tobias Brunner | 2013-05-15 | 1 | -0/+11 |
| | | | | | Since we always log in as root use a simpler command prompt. And don't store duplicate commands in the bash command history. | ||||
* | Use attest database in tnc/tnccs-20-os scenario5.0.4 | Andreas Steffen | 2013-04-21 | 2 | -0/+253 |
| | |||||
* | Add expect-file guest image script | Reto Buerki | 2013-03-19 | 1 | -0/+29 |
| | | | | | This script can be used in pretest.dat files to wait until a given file appears. | ||||
* | Add /usr/local/lib/ipsec to linker cache | Reto Buerki | 2013-03-19 | 1 | -0/+1 |
| | |||||
* | Make core dumps work | Reto Buerki | 2013-01-17 | 3 | -2/+9 |
| | | | | Core dumps are written to the /var/local/dumps directory. | ||||
* | Switch to 'mapped' access mode for hostfs | Reto Buerki | 2013-01-17 | 1 | -1/+1 |
| | | | | | | | | | | | Passthrough mode only works as expected when running as root. On Debian/Ubuntu systems qemu runs as user 'libvirt-qemu' and group 'kvm' so all shared files must be chowned to grant access from guests. Symlinks created on the host are still problematic because the Plan 9 filesystem has no direct notion of symbolic links, see [1]. [1] - http://ericvh.github.com/9p-rfc/rfc9p2000.u.html | ||||
* | converted all ipv6 iptables/ip6tables scenarios | Andreas Steffen | 2013-01-17 | 2 | -0/+16 |
| | |||||
* | implemented ip6tables.rules | Andreas Steffen | 2013-01-17 | 2 | -0/+50 |
| | |||||
* | activated iptables in some ikev2 scenarios | Andreas Steffen | 2013-01-17 | 1 | -0/+4 |
| | |||||
* | Export compile directory to guests | Reto Buerki | 2013-01-17 | 1 | -0/+1 |
| | | | | | Use 9p over virtio to share files on the host with the guest domains. The files are accessible in the guests /hostfs directory. | ||||
* | Add ssh config to guest root account | Reto Buerki | 2013-01-17 | 1 | -0/+3 |
| | |||||
* | Add expect-connection guest image script | Reto Buerki | 2013-01-17 | 1 | -0/+27 |
| | | | | | | | | This script can be used in pretest.dat files to wait until an IPsec connection becomes available. This avoids unconditional sleeps and improves test performance. The ipv6 tests have been updated to use the expect-connection script. | ||||
* | Use key(and password-)less SSH authentication | Tobias Brunner | 2013-01-17 | 1 | -0/+13 |
| | |||||
* | Adapt host configuration | Reto Buerki | 2012-12-18 | 6 | -0/+333 |
| | | | | | Adapt the configuration of the test hosts to the new Debian-based system. | ||||
* | added certificate_authorities and certificate_distribution_points tables | Andreas Steffen | 2010-12-05 | 1 | -0/+14 |
| | |||||
* | support of reqid field in SQL database | Andreas Steffen | 2010-12-05 | 1 | -1/+2 |
| |