Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | testing: Converted libipsec/net2net-3des to swanctl | Andreas Steffen | 2017-11-10 | 10 | -67/+102 |
| | |||||
* | testing: Converted libipsec/host2host-cert to swanctl | Andreas Steffen | 2017-11-10 | 10 | -51/+94 |
| | |||||
* | testing: Converted gcrypt-ikev2 to swanctl | Andreas Steffen | 2017-11-10 | 25 | -158/+243 |
| | |||||
* | testing: Converted gcrypt-ikev1 to systemd | Andreas Steffen | 2017-11-10 | 8 | -31/+63 |
| | |||||
* | testing: Converted af-alg to systemd | Andreas Steffen | 2017-11-10 | 9 | -35/+72 |
| | |||||
* | testing: Updated some descriptions | Andreas Steffen | 2017-11-10 | 3 | -9/+9 |
| | |||||
* | testing: Fix output matching of lease time in ipsec pool utility | Tobias Brunner | 2017-11-02 | 1 | -2/+2 |
| | |||||
* | testing: Add libipsec/net2net-cert-ipv6 scenario | Tobias Brunner | 2017-09-18 | 11 | -0/+1311 |
| | |||||
* | imv-os: Updated security update evaluation | Andreas Steffen | 2017-09-01 | 3 | -3/+3 |
| | |||||
* | imv-attestation: Fixed file hash measurements | Andreas Steffen | 2017-09-01 | 5 | -12/+12 |
| | | | | | | The introduction of file versions broke file hash measurements. This has been fixed by using a generic product versions having an empty package name. | ||||
* | testing: Move collector.db in tnc/tnccs-20-ev-pt-tls scenario to /etc/db.d | Tobias Brunner | 2017-08-07 | 3 | -2/+3 |
| | | | | | Also move initialization to the pretest script (it's way faster in the in-memory database). | ||||
* | charon-tkm: Call esa_reset() when the inbound SA is deleted | Tobias Brunner | 2017-08-07 | 6 | -7/+19 |
| | | | | | | | | | After a rekeying the outbound SA and policy is deleted immediately, however, the inbound SA is not removed until a few seconds later, so delayed packets can still be processed. This adds a flag to get_esa_id() that specifies the location of the given SPI. | ||||
* | testing: Add tkm/xfrmproxy-rekey scenario | Tobias Brunner | 2017-08-07 | 11 | -0/+119 |
| | | | | | Similar to the xfrmproxy-expire scenario but here the TKM host is the responder to a rekeying. | ||||
* | testing: Add pfkey/net2net-rekey scenario | Tobias Brunner | 2017-08-07 | 9 | -0/+117 |
| | |||||
* | testing: Add ikev2/net2net-rekey scenario | Tobias Brunner | 2017-08-07 | 9 | -0/+115 |
| | |||||
* | testing: Added tnc/tnccs-20-ev-pt-tls scenario | Andreas Steffen | 2017-08-04 | 31 | -0/+484 |
| | |||||
* | testing: Fixed the path of pt-tls-client | Andreas Steffen | 2017-07-18 | 3 | -5/+5 |
| | |||||
* | testing: Added tnc/tnccs-20-nea-pt-tls scenario | Andreas Steffen | 2017-07-08 | 29 | -0/+455 |
| | |||||
* | testing: Adaptation to ISO 19770-2:2015 SWID standard | Andreas Steffen | 2017-07-08 | 1 | -1/+1 |
| | |||||
* | testing: Fixed typo in openssl-ikev2/rw-suite-b-192 scenario | Andreas Steffen | 2017-07-08 | 1 | -1/+1 |
| | |||||
* | testing: Added swanctl/rw-eap-md5-id-rsa scenario | Andreas Steffen | 2017-05-26 | 9 | -0/+160 |
| | |||||
* | testing: Fix ikev2/two-certs scenario | Tobias Brunner | 2017-05-26 | 1 | -1/+1 |
| | | | | | | | Since 6a8a44be88b0 the certificate received by the client is verified first, before checking the cached certificates for any with matching identities. So we usually don't have to attempt to verify the signature with wrong certificates first and can avoid this message. | ||||
* | testing: Created swanctl/rw-eap-aka-sql-rsa scenario | Andreas Steffen | 2017-04-26 | 13 | -0/+187 |
| | |||||
* | testing: Created ikev2/rw-eap-aka-sql-rsa scenario | Andreas Steffen | 2017-04-26 | 14 | -0/+162 |
| | | | | This test scenario tests the eap-simaka-sql plugin. | ||||
* | testing: List BLIS certs in swanctl/rw-newhope-bliss scenario | Andreas Steffen | 2017-03-27 | 3 | -3/+3 |
| | |||||
* | testing: Updated OCSP certificate for carol | Andreas Steffen | 2017-03-21 | 8 | -444/+168 |
| | |||||
* | Allow x25519 as an alias of the curve25519 KE algorithm | Andreas Steffen | 2017-03-20 | 83 | -171/+171 |
| | |||||
* | testing: Fix ALLOWED_HOSTS in strongTNC settings.ini | Tobias Brunner | 2017-02-16 | 2 | -2/+2 |
| | |||||
* | testing: Fix swanctl/ocsp-disabled scenario after changing the log messages | Tobias Brunner | 2017-02-16 | 1 | -2/+2 |
| | |||||
* | testing: Added swanctl/ocsp-disabled scenario | Andreas Steffen | 2017-01-02 | 11 | -0/+264 |
| | |||||
* | testing: Added swanctl/ocsp-signer-cert scenario | Andreas Steffen | 2017-01-02 | 11 | -0/+257 |
| | |||||
* | testing: Convert swanctl scenarios to curve-25519 | Andreas Steffen | 2016-12-30 | 55 | -101/+101 |
| | |||||
* | testing: strongTNC does not come with django.db any more | Andreas Steffen | 2016-12-17 | 2 | -2/+2 |
| | |||||
* | testing: Added ikev2/net2net-ed25519 scenario | Andreas Steffen | 2016-12-17 | 17 | -0/+173 |
| | |||||
* | Added swanctl/net2net-ed2559 scenario and needed Ed25519 certificates | Andreas Steffen | 2016-12-14 | 15 | -0/+218 |
| | |||||
* | testing: make curve25519 the default DH group | Andreas Steffen | 2016-11-14 | 819 | -1071/+1049 |
| | |||||
* | testing: Renewed expired certificates | Andreas Steffen | 2016-10-18 | 6 | -132/+132 |
| | |||||
* | Save both base and delta CRLs to disk | Andreas Steffen | 2016-10-11 | 5 | -9/+58 |
| | |||||
* | vici: strongswan.conf cache_crls = yes saves fetched CRLs to disk | Andreas Steffen | 2016-10-11 | 13 | -2/+124 |
| | |||||
* | testing: Remove ikev2/default-keys scenario | Tobias Brunner | 2016-10-05 | 10 | -156/+0 |
| | | | | No default keys are generated anymore. | ||||
* | testing: Enable outbound FWD policies in swanctl/manual-prio scenario | Tobias Brunner | 2016-09-28 | 1 | -5/+6 |
| | |||||
* | testing: Added swanctl/net2net-multicast scenario | Andreas Steffen | 2016-09-27 | 9 | -0/+166 |
| | |||||
* | testing: Added ikev2/net2net-multicast scenario | Andreas Steffen | 2016-09-27 | 9 | -0/+125 |
| | |||||
* | testing: Added swanctl/net2net-sha3-rsa-cert and swanctl/rw-eap-tls-sha3-rsa ↵ | Andreas Steffen | 2016-09-22 | 35 | -0/+803 |
| | | | | scenarios | ||||
* | gmp: Support of SHA-3 RSA signatures | Andreas Steffen | 2016-09-22 | 2 | -4/+4 |
| | |||||
* | mgf1: Refactored MGF1 as an XOF | Andreas Steffen | 2016-09-21 | 29 | -29/+30 |
| | |||||
* | testing: Use curl instead of soup plugin in libipsec/rw-suite-b scenario | Tobias Brunner | 2016-09-20 | 3 | -3/+3 |
| | | | | | The soup plugin is already used in the openssl-ikev2/rw-suite-b* scenarios. | ||||
* | testing: Virtual IPs went missing | Andreas Steffen | 2016-08-16 | 5 | -15/+17 |
| | |||||
* | testing: Added swanctl/rw-newhope-bliss scenario | Andreas Steffen | 2016-08-10 | 20 | -0/+212 |
| | |||||
* | testing: Add chapoly, ntru and newhope plugins to crypto and integrity tests | Andreas Steffen | 2016-08-10 | 3 | -3/+3 |
| |