aboutsummaryrefslogtreecommitdiffstats
path: root/testing
Commit message (Collapse)AuthorAgeFilesLines
...
* testing: Adapt tests to retransmission settings and reduce DPD delay/timeoutTobias Brunner2015-11-0926-43/+43
|
* testing: Only send two retransmits after 1 second each to fail negative ↵Tobias Brunner2015-11-091-0/+6
| | | | tests earlier
* testing: Add a base strongswan.conf file used by all hosts in all scenariosTobias Brunner2015-11-092-0/+2
| | | | | | We will use this to set some defaults (e.g. timeouts to make testing negative tests quicker). We don't want these settings to show up in the configs of the actual scenarios though.
* testing: Add libipsec/net2net-null scenarioTobias Brunner2015-11-0911-0/+1245
|
* testing: BLISS CA uses SHA-3 in its CRLAndreas Steffen2015-11-038-5/+9
|
* testing: Update tkm to version 0.1.3Tobias Brunner2015-10-301-1/+1
| | | | | | Adds XFRM state/policy flush when terminating which caused tests to fail due to the check added with 9086f060d35a ("testing: Let test scenarios fail if IPsec SAs or policies are not removed").
* testing: Actually send an uncompressed packet in the ipv6/rw-compress-ikev2 ↵Tobias Brunner2015-10-061-1/+2
| | | | | | | | | | | | | | | | | | | | | | scenario The default of 56 bytes already exceeds the threshold of 90 bytes (8 bytes ICMP + 40 bytes IPv6 = 104 bytes). By reducing the size we make sure the packet is not compressed (40 + 8 + 40 = 88). This also fixes a strange failure of this scenario due to the recently added post-test `ip xfrm state` check. The kernel stores a reference to the used SAs on the inbound skbuffs and since these are garbage collected it could take a while until all references to an SA disappear and the SA is finally destroyed. But while SAs might not get destroyed immediately when we delete them, they are actually marked as dead and therefore won't show up in `ip xfrm state`. However, that's not the case for the tunnel SAs the kernel attaches to IPComp SAs, which we don't explicitly delete, and which aren't modified by the kernel until the IPComp SA is destroyed. So what happened when the last ping unintentionally got compressed is that the skbuff had a reference to the IPComp SA and therefore the tunnel SA. This skbuff often was destroyed after the `ip xfrm state` check ran and because the tunnel SA would still get reported the test case failed.
* testing: added ikev2/alg-chacha20poly1305 scenarioAndreas Steffen2015-09-019-0/+106
|
* testing: update to Linux 4.2 kernelAndreas Steffen2015-09-013-4/+4471
|
* testing: Updated environment variable documentation in updown scriptsTobias Brunner2015-08-3114-14/+126
|
* Added some spaces in swanctl.confAndreas Steffen2015-08-252-8/+8
|
* testing: Let test scenarios fail if IPsec SAs or policies are not removedTobias Brunner2015-08-211-0/+18
| | | | | The IKE daemon should delete all installed SAs and policies when everything works properly, so we fail the test if that's not the case.
* testing: Flush state and policies before every scenarioTobias Brunner2015-08-211-0/+8
| | | | Similar to conntrack we make sure we are working on a clean slate.
* testing: Fix typo in p2pnat/behind-same-nat scenarioTobias Brunner2015-08-211-2/+2
|
* testing: Add missing sim_files file to ikev2/rw-eap-sim-radius scenarioTobias Brunner2015-08-211-0/+3
|
* testing: alice is RADIUS server in the ikev2/rw-eap-sim-radius scenarioTobias Brunner2015-08-211-0/+4
|
* testing: Print triplets.dat files of clients in EAP-SIM scenariosTobias Brunner2015-08-214-0/+7
| | | | References #1078.
* testing: Add ikev2/trap-any scenarioTobias Brunner2015-08-1917-0/+181
|
* Extend HCD attribute data for tnc/tnccs-20-hcd-eap scenarioAndreas Steffen2015-08-182-16/+45
|
* Added reason string support to HCD IMVAndreas Steffen2015-08-181-7/+10
|
* Fixed patches format delimited by CR/LFAndreas Steffen2015-08-184-50/+50
|
* testing: Added tnc/tnccs-20-hcd-eap scenarioAndreas Steffen2015-08-1824-0/+674
|
* testing: enable HCD IMC and IMVAndreas Steffen2015-08-181-0/+2
|
* testing: Update AAA certificate on Freeradius as wellAndreas Steffen2015-08-052-42/+42
|
* testing: Updated expired AAA server certificateAndreas Steffen2015-08-049-88/+115
|
* testing: Don't run do-tests when hosts are not runningTobias Brunner2015-08-031-0/+1
| | | | | | running_any is satisfied if at least one host is running. We could easily add a running_all() helper to check if all hosts are running if it turns out that's not strong enough.
* testing: Suppress errors when checking for running hostsTobias Brunner2015-08-031-1/+1
| | | | | If libvirt is not running virsh can't connect to it and will complain that the socket does not exist.
* testing: Adapted ha/both-active scenario to new jhash valuesAndreas Steffen2015-07-316-8/+11
|
* testing: Fix initial kernel buildTobias Brunner2015-07-311-2/+2
| | | | | | The directory does not exist yet if the kernel was never built. Fixes: a4a13d0be29b ("testing: Extract and patch each kernel version only once")
* testing: Regenerated BLISS certificates due to oracle changesAndreas Steffen2015-07-277-0/+0
|
* testing: Updated loop ca certificatesAndreas Steffen2015-07-2212-25/+77
|
* testing: Added swanctl --list-authorities output to do-testsAndreas Steffen2015-07-221-1/+5
|
* testing: Updated all swanctl scenarios and added some new onesAndreas Steffen2015-07-22102-104/+1744
|
* tests: Introduced IPV6 flag in tests.confAndreas Steffen2015-07-2120-1/+77
|
* tests: Introduced SWANCTL flag in test.confAndreas Steffen2015-07-219-23/+57
|
* tests: fixed evaltest of swanctl/rw-cert scenarioAndreas Steffen2015-07-211-2/+2
|
* tests: fixed description of swanctl ip-pool scenariosAndreas Steffen2015-07-212-9/+8
|
* testing: Do not attempt to start the test environment if hosts are still runningTobias Brunner2015-07-151-0/+1
|
* testing: Enable AESNI/PCLMULQD in moon/sun guests, if supportedMartin Willi2015-07-122-0/+10
|
* testing: Do not overwrite kernel configuration if it already existsMartin Willi2015-07-121-1/+4
| | | | | This allows us to do changes to the kernel configuration using menuconfig and friends, and update the kernel with make-testing.
* testing: Extract and patch each kernel version only onceMartin Willi2015-07-121-8/+11
| | | | | | This allows us to do modifications to the kernel tree and rebuild that kernel using make-testing. We can even have a git kernel tree in a directory to do kernel development.
* testing: Build with --enable-chapolyMartin Willi2015-07-121-0/+1
|
* testing: use a decent PSKAndreas Steffen2015-05-302-2/+2
|
* testing: Added ha/active-passive scenarioAndreas Steffen2015-05-3021-0/+441
|
* testing: Include iperf and htop in base imageTobias Brunner2015-05-221-2/+2
|
* testing: Don't check parent dir (and subdirs) when downloading OpenSSL packagesTobias Brunner2015-05-211-1/+1
|
* testing: Fix kernel download URL for kernel versions != 4.xTobias Brunner2015-05-191-1/+1
|
* testing: Fix URL to TNC@FHH project in scenario descriptionsTobias Brunner2015-05-056-8/+8
|
* testing: Update TKM assert stringsReto Buerki2015-05-057-10/+10
|
* testing: Update alog to version 0.3.1Reto Buerki2015-05-051-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 08:21:59 +0000