aboutsummaryrefslogtreecommitdiffstats
path: root/testing/tests/tnc/tnccs-20-mutual-eap/hosts/moon
Commit message (Collapse)AuthorAgeFilesLines
* testing: Globally define logging via syslog for charon-systemdTobias Brunner2017-11-151-3/+0
| | | | | | | We could make the same change for charon (actually setting it for charon in strongswan.conf.testing would work for charon-systemd too), however, there are dozens of test cases that currently set charondebug in ipsec.conf.
* testing: Converterd tnc to systemdAndreas Steffen2017-11-111-7/+3
|
* Fix of the mutual TNC measurement use caseAndreas Steffen2016-02-161-2/+3
| | | | | | | | | | | | | | | | | If the IKEv2 initiator acting as a TNC server receives invalid TNC measurements from the IKEv2 responder acting as a TNC clienti, the exchange of PB-TNC batches is continued until the IKEv2 responder acting as a TNC server has also finished its TNC measurements. In the past if these measurements in the other direction were correct the IKEv2 responder acting as EAP server declared the IKEv2 EAP authentication successful and the IPsec connection was established even though the TNC measurement verification on the EAP peer side failed. The fix adds an "allow" group membership on each endpoint if the corresponding TNC measurements of the peer are successful. By requiring a "allow" group membership in the IKEv2 connection definition the IPsec connection succeeds only if the TNC measurements on both sides are valid.
* testing: Converted tnc scenarios to swanctlAndreas Steffen2015-12-113-25/+48
|
* Added tnc/tnccs-20-pt-tls scenarioAndreas Steffen2015-03-273-0/+53
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-14 18:54:56 +0000