aboutsummaryrefslogtreecommitdiffstats
path: root/testing/hosts
Commit message (Collapse)AuthorAgeFilesLines
* testing: Configure logging via syslog in strongswan.confTobias Brunner2017-11-151-2/+0
| | | | | Globally configure logging in strongswan.conf.testing and replace all charondebug statements with strongswan.conf settings.
* testing: Disable logging via journal in charon-systemdTobias Brunner2017-11-151-0/+3
| | | | | This avoids duplicate log messages as we already log via syslog to get daemon.log.
* testing: Globally define logging via syslog for charon-systemdTobias Brunner2017-11-151-0/+9
| | | | | | | We could make the same change for charon (actually setting it for charon in strongswan.conf.testing would work for charon-systemd too), however, there are dozens of test cases that currently set charondebug in ipsec.conf.
* testing: Move collector.db in tnc/tnccs-20-ev-pt-tls scenario to /etc/db.dTobias Brunner2017-08-079-41/+1
| | | | | Also move initialization to the pretest script (it's way faster in the in-memory database).
* testing: Added tnc/tnccs-20-ev-pt-tls scenarioAndreas Steffen2017-08-049-21/+37
|
* testing: Add wrapper around service commandTobias Brunner2017-05-261-0/+22
| | | | | | | | When charon is started via service command LEAK_DETECTIVE_LOG is not set because the command strips the environment. Since we only want the variable to be set during the automated test runs we can't just set it in /etc/default/charon. Instead, we do so in this wrapper when charon is started and remove the variable again when it is stopped.
* Fixed some typos, courtesy of codespellTobias Brunner2017-05-261-1/+1
|
* testing: Avoid expiration of allocated SPIs due to low retransmission settingsTobias Brunner2017-05-231-1/+6
|
* testing: Updated OCSP certificate for carolAndreas Steffen2017-03-215-4/+32
|
* testing: strongTNC does not come with django.db any moreAndreas Steffen2016-12-171-0/+15
|
* Added swanctl/net2net-ed2559 scenario and needed Ed25519 certificatesAndreas Steffen2016-12-1413-1/+82
|
* testing: Renewed expired certificatesAndreas Steffen2016-10-187-8/+89
|
* Save both base and delta CRLs to diskAndreas Steffen2016-10-111-0/+6
|
* testing: Added swanctl/net2net-sha3-rsa-cert and swanctl/rw-eap-tls-sha3-rsa ↵Andreas Steffen2016-09-2211-0/+336
| | | | scenarios
* gmp: Support of SHA-3 RSA signaturesAndreas Steffen2016-09-221-0/+5
|
* testing: Log leaks and fail tests if any are detectedTobias Brunner2016-09-201-0/+1
|
* testing: Serve images in testresults via mod_rewrite and not a symlinkTobias Brunner2016-08-291-0/+3
|
* Revert "testing: Only load selected plugins in swanctl"Tobias Brunner2016-07-011-4/+0
| | | | | | | This reverts commit dee01d019ba9743b2784b417155601d10c173a66. Thanks to 505c31870162 ("leak-detective: Try to properly free allocations after deinitialization") this is not required anymore.
* testing: Only load selected plugins in swanctlTobias Brunner2016-06-201-0/+4
| | | | | | | | | The main issue is that the ldap and curl plugins, or rather the libraries they use, initialize GnuTLS (curl, strangely, even when it is, by its own account, linked against OpenSSL). Some of these allocations are only freed once the libraries are unloaded. This means that the leak detective causes invalid frees when swanctl is terminated and libraries are unloaded after the leak detective is already deinitialized.
* testing: Fix expect-connection for tkm testsTobias Brunner2016-06-161-1/+1
| | | | We don't use swanctl there but there is no load statement either.
* testing: Add root to fstabTobias Brunner2016-06-151-0/+1
| | | | This seems to be required for systemd to remount it.
* testing: Update Apache config for newer Debian releasesTobias Brunner2016-06-154-10/+38
| | | | | | It is still compatible with the current release as the config in sites-available will be ignored, while conf-enabled does not exist and is not included in the main config.
* testing: Explicitly enable RC4 in SSH server configTobias Brunner2016-06-151-0/+1
| | | | | | Newer OpenSSH versions disable this by default because it's unsafe. Since this is not relevant for our use case we enable it due to its speed.
* testing: Disable leak detective when generating CRLsTobias Brunner2016-04-061-0/+4
| | | | | | | | | GnuTLS, which can get loaded by the curl plugin, does not properly cleanup some allocated memory when deinitializing. This causes invalid frees if leak detective is active. Other invalid frees are related to time conversions (tzset). References #1382.
* testing: Generate a CRL that has moon's actual certificate revokedTobias Brunner2016-03-101-0/+3
|
* testing: Change sql scenarios to swanctlAndreas Steffen2016-01-037-14/+14
|
* testing: The expect-connection helper may use swanctl to check for connectionsTobias Brunner2015-12-111-1/+7
| | | | | | Depending on the plugin configuration in the test scenario either `ipsec statusall` or `swanctl --list-conns` is used to check for a named connection.
* testing: Updated expired mars.strongswan.org certificateAndreas Steffen2015-11-265-4/+31
|
* testing: Only send two retransmits after 1 second each to fail negative ↵Tobias Brunner2015-11-091-0/+6
| | | | tests earlier
* testing: Add a base strongswan.conf file used by all hosts in all scenariosTobias Brunner2015-11-091-0/+1
| | | | | | We will use this to set some defaults (e.g. timeouts to make testing negative tests quicker). We don't want these settings to show up in the configs of the actual scenarios though.
* testing: BLISS CA uses SHA-3 in its CRLAndreas Steffen2015-11-031-1/+1
|
* testing: Update AAA certificate on Freeradius as wellAndreas Steffen2015-08-052-42/+42
|
* testing: Updated expired AAA server certificateAndreas Steffen2015-08-045-4/+31
|
* testing: Regenerated BLISS certificates due to oracle changesAndreas Steffen2015-07-271-0/+0
|
* testing: Updated loop ca certificatesAndreas Steffen2015-07-2210-8/+60
|
* testing: Updated carol's certificate from research CA and dave's certificate ↵5.3.1dr1Andreas Steffen2015-04-2610-8/+61
| | | | from sales CA
* Implemented improved BLISS-B signature algorithmAndreas Steffen2015-02-251-0/+0
|
* Updated RFC3779 certificates5.2.2Andreas Steffen2014-12-2818-10/+141
|
* Updated BLISS scenario keys and certificates to new formatAndreas Steffen2014-12-122-0/+0
|
* Renewed expired certificatesAndreas Steffen2014-11-2916-110/+162
|
* Created ikev2/rw-ntru-bliss scenarioAndreas Steffen2014-11-293-1/+3
|
* testing: Enable virtio console for guestsTobias Brunner2014-10-101-0/+71
| | | | | | | | | | | This allows accessing the guests with `virsh console <name>`. Using a serial console would also be possible but our kernel configs have no serial drivers enabled, CONFIG_VIRTIO_CONSOLE is enabled though. So to avoid having to recompile the kernels let's do it this way, only requires rebuilding the guest images. References #729.
* testing: Updated swanctl certificates and keysTobias Brunner2014-10-0314-292/+292
|
* testing: Update public keys and certificates in DNS zoneTobias Brunner2014-10-031-64/+60
|
* Generated new test certificatesAndreas Steffen2014-08-2874-309/+500
|
* Define default swanctl credentials in hosts directoryAndreas Steffen2014-06-1021-0/+517
|
* First swanctl scenario5.2.0dr5Andreas Steffen2014-06-011-0/+156
|
* Test SWID REST API ins tnc/tnccs-20-pdp scenariosAndreas Steffen2014-05-311-1/+1
|
* Renewed expired user certificateAndreas Steffen2014-04-155-7/+33
|
* Renewed self-signed OCSP signer certificateAndreas Steffen2014-03-272-15/+17
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 17:51:54 +0000