updated rw-eap-aka-rsa scenario

testing/tests/ikev2/reauth-early/evaltest.dat

@@ -1,7 +1,6 @@
 moon::ipsec statusall::rw\[2\].*ESTABLISHED::YES
 carol::ipsec statusall::home\[2\].*ESTABLISHED::YES
 carol::cat /var/log/daemon.log::received AUTH_LIFETIME of 30s, scheduling reauthentication in 25s::YES
-carol::cat /var/log/daemon.log::maximum IKE_SA lifetime 30s::YES
 carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
 moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
 moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES

testing/tests/ikev2/reauth-late/evaltest.dat

@@ -2,7 +2,6 @@ moon::ipsec statusall::rw\[2\].*ESTABLISHED::YES
 carol::ipsec statusall::home\[2\].*ESTABLISHED::YES
 carol::cat /var/log/daemon.log::received AUTH_LIFETIME of 3600s, scheduling reauthentication in 3595s::YES
 carol::cat /var/log/daemon.log::scheduling reauthentication in 2[0-5]s::YES
-carol::cat /var/log/daemon.log::maximum IKE_SA lifetime [23][0-9]s::YES
 carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
 moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
 moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES

testing/tests/ikev2/rw-eap-aka-rsa/description.txt

@@ -2,6 +2,6 @@ The roadwarrior <b>carol</b> sets up a connection to gateway <b>moon</b>.
 <b>carol</b> uses the <i>Extensible Authentication Protocol</i>
 in association with the <i>Authentication and Key Agreement</i> protocol
 (<b>EAP-AKA</b>) to authenticate against the gateway. This protocol is used
-in UMTS, but here a secret from ipsec.secrets is used instead of a USIM/(R)UIM.
-Gateway <b>moon</b> additionaly uses an RSA signature to authenticate itself
+in UMTS, but here a secret from <b>ipsec.secrets</b> is used instead of a USIM/(R)UIM.
+Gateway <b>moon</b> additionaly uses an <b>RSA signature</b> to authenticate itself
 against <b>carol</b>.

testing/tests/ikev2/rw-eap-aka-rsa/evaltest.dat

@@ -1,5 +1,5 @@
-carol::cat /var/log/daemon.log::authentication of '@moon.strongswan.org' with RSA signature successful::YES
-carol::cat /var/log/daemon.log::authentication of '@moon.strongswan.org' with EAP successful::YES
+carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA signature successful::YES
+carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
 moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
 moon::ipsec statusall::rw-eapaka.*ESTABLISHED::YES
 carol::ipsec statusall::home.*ESTABLISHED::YES

testing/tests/ikev2/rw-eap-aka-rsa/hosts/carol/etc/ipsec.secrets

@@ -1,3 +1,3 @@
 # /etc/ipsec.secrets - strongSwan IPsec secrets file
 
-carol@strongswan.org : PSK "Ar3etTnp01qlpOgb"
+carol@strongswan.org : EAP "Ar3etTnp01qlpOgb"

testing/tests/ikev2/rw-eap-aka-rsa/hosts/moon/etc/ipsec.secrets

@@ -2,4 +2,4 @@
 
 : RSA moonKey.pem
 
-carol@strongswan.org : PSK "Ar3etTnp01qlpOgb"
+carol@strongswan.org : EAP "Ar3etTnp01qlpOgb"

testing/tests/ikev2/rw-eap-aka-rsa/posttest.dat

@@ -0,0 +1,4 @@
+moon::ipsec stop
+carol::ipsec stop
+moon::/etc/init.d/iptables stop 2> /dev/null
+carol::/etc/init.d/iptables stop 2> /dev/null

testing/tests/ikev2/rw-eap-aka-rsa/pretest.dat

@@ -0,0 +1,7 @@
+moon::/etc/init.d/iptables start 2> /dev/null
+carol::/etc/init.d/iptables start 2> /dev/null
+moon::ipsec start
+carol::ipsec start
+carol::sleep 1
+carol::ipsec up home
+carol::sleep 1

testing/tests/ikev2/rw-eapaka-rsa/posttest.dat

@@ -1,2 +0,0 @@
-moon::ipsec stop
-carol::ipsec stop

testing/tests/ikev2/rw-eapaka-rsa/pretest.dat

@@ -1,5 +0,0 @@
-moon::echo 1 > /proc/sys/net/ipv4/ip_forward
-moon::ipsec start
-carol::ipsec start
-carol::sleep 1
-carol::ipsec up home