aboutsummaryrefslogtreecommitdiffstats
path: root/testing/tests/ikev2
Commit message (Collapse)AuthorAgeFilesLines
* Renewed expired user certificateAndreas Steffen2014-04-152-42/+42
|
* testing: Run 'conntrack -F' before all test scenariosTobias Brunner2014-04-0218-27/+4
| | | | This prevents failures due to remaining conntrack entries.
* Test TLS AEAD cipher suitesAndreas Steffen2014-04-017-4/+13
|
* Slightly edited evaltest of ikev2/ocsp-untrusted-cert scenarioAndreas Steffen2014-03-311-1/+1
|
* revocation: Restrict OCSP signing to specific certificatesMartin Willi2014-03-312-3/+2
| | | | | | | | | | | | | To avoid considering each cached OCSP response and evaluating its trustchain, we limit the certificates considered for OCSP signing to: - The issuing CA of the checked certificate - A directly delegated signer by the same CA, having the OCSP signer constraint - Any locally installed (trusted) certificate having the OCSP signer constraint The first two options cover the requirements from RFC 6960 2.6. For compatibility with non-conforming CAs, we allow the third option as exception, but require the installation of such certificates locally.
* testing: Add an acert test that forces a fallback connection based on groupsMartin Willi2014-03-3113-0/+199
|
* testing: Add an acert test case sending attribute certificates inlineMartin Willi2014-03-3118-0/+291
|
* testing: Add an acert test using locally cached attribute certificatesMartin Willi2014-03-3116-0/+239
|
* Renewed self-signed OCSP signer certificateAndreas Steffen2014-03-272-28/+28
|
* Check that valid OCSP responses are received in the ikev2/ocsp-multi-level ↵Andreas Steffen2014-03-241-0/+4
| | | | scenario
* Updated expired certificates issued by the Research and Sales Intermediate CAsAndreas Steffen2014-03-244-87/+87
|
* Renewed revoked Research CA certificate5.1.3dr1Andreas Steffen2014-03-221-9/+9
|
* Completed integration of ntru_crypto library into ntru pluginAndreas Steffen2014-03-229-0/+128
|
* Merged libstrongswan options into charon sectionAndreas Steffen2014-03-1520-51/+4
|
* Added ikev2/lookip scenarioAndreas Steffen2014-02-1711-0/+149
|
* testing: Use installed SQL schema instead of local copyTobias Brunner2014-02-125-11/+11
|
* testing: Add ikev2/host2host-transport-nat scenarioTobias Brunner2014-01-239-0/+146
|
* testing: Add ikev2/compress-nat scenarioTobias Brunner2014-01-2312-0/+187
|
* testing: Enable firewall for ikev2/compress scenarioTobias Brunner2014-01-238-7/+14
| | | | | Additionally, send a regular (small) ping as the kernel does not compress small packets and handles those differently inbound.
* Any of the four NTRU parameter sets can be selectedAndreas Steffen2013-11-271-0/+8
|
* Added ikev2/net2net-ntru-cert and ikev2/rw-ntru-psk scenariosAndreas Steffen2013-11-2723-0/+284
|
* testing: Add ikev2/net2net-dnscert scenarioTobias Brunner2013-10-1115-0/+224
|
* testing: Add an IKEv2 host2host AH transport mode test caseMartin Willi2013-10-119-0/+89
|
* testing: Add an IKEv2 net2net AH test caseMartin Willi2013-10-119-0/+101
|
* testing: Don't load certificates explicitly and delete CA certificates in ↵Tobias Brunner2013-07-153-2/+3
| | | | | | PKCS#12 scenarios Certificates are now properly extracted from PKCS#12 files.
* Added ikev2/net2net-pkcs12 scenarioAndreas Steffen2013-07-1013-0/+116
|
* conntrack -F makes ikev2/nat-rw scenario to work alwaysAndreas Steffen2013-07-101-0/+1
|
* dhcp: Use chunk_hash_static() to calculate ID-based MAC addressesTobias Brunner2013-06-282-4/+4
|
* Load any type (RSA/ECDSA) of public key via left|rightsigkeyTobias Brunner2013-05-079-13/+13
|
* left|rightrsasigkey accepts SSH keys but the key format has to be specified ↵Tobias Brunner2013-05-074-6/+6
| | | | | | | explicitly The default is now PKCS#1. With the dns: and ssh: prefixes other formats can be selected.
* disable reauth, tooAndreas Steffen2013-04-151-1/+2
|
* Added charon.initiator_only option which causes charon to ignore IKE ↵Andreas Steffen2013-04-1411-0/+132
| | | | initiation requests by peers
* Added Framed-IP-Address information to RADIUS accounting recordsAndreas Steffen2013-03-222-0/+2
|
* Added ikev2/rw-eap-framed-ip-radius scenarioAndreas Steffen2013-03-2219-0/+266
|
* Added ikev2/ip-two-pools-v4v6-db scenarioAndreas Steffen2013-03-229-0/+110
|
* Added ikev2/rw-dnssec scenarioAndreas Steffen2013-02-1921-0/+301
|
* Added ikev2/net2net-dnssec scenarioAndreas Steffen2013-02-1917-0/+220
|
* Removed UML from description of ikev2/default-keys testTobias Brunner2013-01-171-3/+3
|
* Updated comments in test.conf of all testsTobias Brunner2013-01-17132-406/+406
|
* Renamed $UMLHOSTS to $VIRTHOSTSTobias Brunner2013-01-17132-264/+264
|
* Drop vim swap fileReto Buerki2013-01-171-0/+0
|
* Drop obsolete Gentoo dhcpd init scriptReto Buerki2013-01-173-72/+0
|
* No need to enable ip_forward in pretest filesReto Buerki2013-01-1720-24/+0
| | | | It is enabled by default now.
* use iptables-restore in all ikev2 firewall scenariosAndreas Steffen2013-01-17245-2743/+1374
|
* Updated mark_update script in several IKEv2 scenariosAndreas Steffen2013-01-173-9/+39
|
* activated iptables in some ikev2 scenariosAndreas Steffen2013-01-1728-686/+222
|
* Adjust ikev2/farp test to qemu network interfacesReto Buerki2013-01-171-2/+2
|
* Adjust ikev2/dhcp tests to qemu network interfacesReto Buerki2013-01-173-6/+6
|
* Adapt test configurationsReto Buerki2013-01-17246-1803/+415
| | | | Adapt test configurations to the new Debian-based system.
* added ike2/rw-eap-md5-class-radius scenarioAndreas Steffen2012-11-2122-0/+467
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 07:52:00 +0000