Streamlined EAP plugins to use a dash between eap-method, as used in all other places
This commit is contained in:
parent
b76b867c70
commit
c4d53fe06b
|
@ -35,7 +35,6 @@ ARG_WITH_SUBST([resolv-conf], [${sysconfdir}/resolv.conf], [set the file
|
|||
ARG_WITH_SUBST([piddir], [/var/run], [set path for PID and UNIX socket files])
|
||||
ARG_WITH_SUBST([ipsecdir], [${libexecdir%/}/ipsec], [set installation path for ipsec tools])
|
||||
ARG_WITH_SUBST([plugindir], [${ipsecdir%/}/plugins], [set the installation path of plugins])
|
||||
ARG_WITH_SUBST([sim-reader], [${plugindir%/}/libeapsim-file.so], [set library containing the sim_run_alg()/sim_get_triplet() functions for EAP-SIM])
|
||||
ARG_WITH_SUBST([nm-ca-dir], [/usr/share/ca-certificates], [directory the NM plugin uses to look up trusted root certificates])
|
||||
ARG_WITH_SUBST([linux-headers], [\${top_srcdir}/src/include], [set directory of linux header files to use])
|
||||
ARG_WITH_SUBST([routing-table], [220], [set routing table to use for IPsec routes])
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
usr/lib/strongswan/plugins/libstrongswan-eapgtc.so* usr/lib/strongswan/plugins/
|
||||
usr/lib/strongswan/plugins/libstrongswan-eap-gtc.so* usr/lib/strongswan/plugins/
|
||||
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
usr/lib/strongswan/plugins/libstrongswan-eapidentity.so* usr/lib/strongswan/plugins/
|
||||
usr/lib/strongswan/plugins/libstrongswan-eap-identity.so* usr/lib/strongswan/plugins/
|
||||
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
usr/lib/strongswan/plugins/libstrongswan-eapmd5.so* usr/lib/strongswan/plugins/
|
||||
usr/lib/strongswan/plugins/libstrongswan-eap-md5.so* usr/lib/strongswan/plugins/
|
||||
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
usr/lib/strongswan/plugins/libstrongswan-eapmschapv2.so* usr/lib/strongswan/plugins/
|
||||
usr/lib/strongswan/plugins/libstrongswan-eap-mschapv2.so* usr/lib/strongswan/plugins/
|
||||
|
||||
|
|
|
@ -187,47 +187,47 @@ endif
|
|||
|
||||
if USE_EAP_IDENTITY
|
||||
SUBDIRS += plugins/eap_identity
|
||||
PLUGINS += eapidentity
|
||||
PLUGINS += eap-identity
|
||||
endif
|
||||
|
||||
if USE_EAP_SIM
|
||||
SUBDIRS += plugins/eap_sim
|
||||
PLUGINS += eapsim
|
||||
PLUGINS += eap-sim
|
||||
endif
|
||||
|
||||
if USE_EAP_SIM_FILE
|
||||
SUBDIRS += plugins/eap_sim_file
|
||||
PLUGINS += eapsim-file
|
||||
PLUGINS += eap-sim-file
|
||||
endif
|
||||
|
||||
if USE_EAP_MD5
|
||||
SUBDIRS += plugins/eap_md5
|
||||
PLUGINS += eapmd5
|
||||
PLUGINS += eap-md5
|
||||
endif
|
||||
|
||||
if USE_EAP_GTC
|
||||
SUBDIRS += plugins/eap_gtc
|
||||
PLUGINS += eapgtc
|
||||
PLUGINS += eap-gtc
|
||||
endif
|
||||
|
||||
if USE_EAP_AKA
|
||||
SUBDIRS += plugins/eap_aka
|
||||
PLUGINS += eapaka
|
||||
PLUGINS += eap-aka
|
||||
endif
|
||||
|
||||
if USE_EAP_AKA_3GPP2
|
||||
SUBDIRS += plugins/eap_aka_3gpp2
|
||||
PLUGINS += eapaka-3gpp2
|
||||
PLUGINS += eap-aka-3gpp2
|
||||
endif
|
||||
|
||||
if USE_EAP_MSCHAPV2
|
||||
SUBDIRS += plugins/eap_mschapv2
|
||||
PLUGINS += eapmschapv2
|
||||
PLUGINS += eap-mschapv2
|
||||
endif
|
||||
|
||||
if USE_EAP_RADIUS
|
||||
SUBDIRS += plugins/eap_radius
|
||||
PLUGINS += eapradius
|
||||
PLUGINS += eap-radius
|
||||
endif
|
||||
|
||||
if USE_MEDSRV
|
||||
|
|
|
@ -3,8 +3,8 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
|
|||
|
||||
AM_CFLAGS = -rdynamic
|
||||
|
||||
plugin_LTLIBRARIES = libstrongswan-eapaka.la
|
||||
plugin_LTLIBRARIES = libstrongswan-eap-aka.la
|
||||
|
||||
libstrongswan_eapaka_la_SOURCES = eap_aka_plugin.h eap_aka_plugin.c eap_aka.h eap_aka.c
|
||||
libstrongswan_eapaka_la_LDFLAGS = -module -avoid-version
|
||||
libstrongswan_eap_aka_la_SOURCES = eap_aka_plugin.h eap_aka_plugin.c eap_aka.h eap_aka.c
|
||||
libstrongswan_eap_aka_la_LDFLAGS = -module -avoid-version
|
||||
|
||||
|
|
|
@ -3,13 +3,13 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
|
|||
|
||||
AM_CFLAGS = -rdynamic
|
||||
|
||||
plugin_LTLIBRARIES = libstrongswan-eapaka-3gpp2.la
|
||||
plugin_LTLIBRARIES = libstrongswan-eap-aka-3gpp2.la
|
||||
|
||||
libstrongswan_eapaka_3gpp2_la_SOURCES = \
|
||||
libstrongswan_eap_aka_3gpp2_la_SOURCES = \
|
||||
eap_aka_3gpp2_plugin.h eap_aka_3gpp2_plugin.c \
|
||||
eap_aka_3gpp2_card.h eap_aka_3gpp2_card.c \
|
||||
eap_aka_3gpp2_provider.h eap_aka_3gpp2_provider.c \
|
||||
eap_aka_3gpp2_functions.h eap_aka_3gpp2_functions.c
|
||||
libstrongswan_eapaka_3gpp2_la_LDFLAGS = -module -avoid-version
|
||||
libstrongswan_eapaka_3gpp2_la_LIBADD = -lgmp
|
||||
libstrongswan_eap_aka_3gpp2_la_LDFLAGS = -module -avoid-version
|
||||
libstrongswan_eap_aka_3gpp2_la_LIBADD = -lgmp
|
||||
|
||||
|
|
|
@ -3,8 +3,8 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
|
|||
|
||||
AM_CFLAGS = -rdynamic
|
||||
|
||||
plugin_LTLIBRARIES = libstrongswan-eapgtc.la
|
||||
plugin_LTLIBRARIES = libstrongswan-eap-gtc.la
|
||||
|
||||
libstrongswan_eapgtc_la_SOURCES = eap_gtc_plugin.h eap_gtc_plugin.c eap_gtc.h eap_gtc.c
|
||||
libstrongswan_eapgtc_la_LDFLAGS = -module -avoid-version -lpam
|
||||
libstrongswan_eap_gtc_la_SOURCES = eap_gtc_plugin.h eap_gtc_plugin.c eap_gtc.h eap_gtc.c
|
||||
libstrongswan_eap_gtc_la_LDFLAGS = -module -avoid-version -lpam
|
||||
|
||||
|
|
|
@ -3,8 +3,8 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
|
|||
|
||||
AM_CFLAGS = -rdynamic
|
||||
|
||||
plugin_LTLIBRARIES = libstrongswan-eapidentity.la
|
||||
libstrongswan_eapidentity_la_SOURCES = \
|
||||
plugin_LTLIBRARIES = libstrongswan-eap-identity.la
|
||||
libstrongswan_eap_identity_la_SOURCES = \
|
||||
eap_identity_plugin.h eap_identity_plugin.c eap_identity.h eap_identity.c
|
||||
libstrongswan_eapidentity_la_LDFLAGS = -module -avoid-version
|
||||
libstrongswan_eap_identity_la_LDFLAGS = -module -avoid-version
|
||||
|
||||
|
|
|
@ -3,8 +3,8 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
|
|||
|
||||
AM_CFLAGS = -rdynamic
|
||||
|
||||
plugin_LTLIBRARIES = libstrongswan-eapmd5.la
|
||||
plugin_LTLIBRARIES = libstrongswan-eap-md5.la
|
||||
|
||||
libstrongswan_eapmd5_la_SOURCES = eap_md5_plugin.h eap_md5_plugin.c eap_md5.h eap_md5.c
|
||||
libstrongswan_eapmd5_la_LDFLAGS = -module -avoid-version
|
||||
libstrongswan_eap_md5_la_SOURCES = eap_md5_plugin.h eap_md5_plugin.c eap_md5.h eap_md5.c
|
||||
libstrongswan_eap_md5_la_LDFLAGS = -module -avoid-version
|
||||
|
||||
|
|
|
@ -3,10 +3,10 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
|
|||
|
||||
AM_CFLAGS = -rdynamic
|
||||
|
||||
plugin_LTLIBRARIES = libstrongswan-eapmschapv2.la
|
||||
plugin_LTLIBRARIES = libstrongswan-eap-mschapv2.la
|
||||
|
||||
libstrongswan_eapmschapv2_la_SOURCES = \
|
||||
libstrongswan_eap_mschapv2_la_SOURCES = \
|
||||
eap_mschapv2_plugin.h eap_mschapv2_plugin.c \
|
||||
eap_mschapv2.h eap_mschapv2.c
|
||||
libstrongswan_eapmschapv2_la_LDFLAGS = -module -avoid-version
|
||||
libstrongswan_eap_mschapv2_la_LDFLAGS = -module -avoid-version
|
||||
|
||||
|
|
|
@ -5,9 +5,9 @@ AM_CFLAGS = -rdynamic \
|
|||
-DIPSEC_CONFDIR=\"${sysconfdir}\" \
|
||||
-DSIM_READER_LIB=\"${sim_reader}\"
|
||||
|
||||
plugin_LTLIBRARIES = libstrongswan-eapsim.la
|
||||
plugin_LTLIBRARIES = libstrongswan-eap-sim.la
|
||||
|
||||
libstrongswan_eapsim_la_SOURCES = eap_sim.h eap_sim.c \
|
||||
libstrongswan_eap_sim_la_SOURCES = eap_sim.h eap_sim.c \
|
||||
eap_sim_plugin.h eap_sim_plugin.c
|
||||
libstrongswan_eapsim_la_LDFLAGS = -module -avoid-version
|
||||
libstrongswan_eap_sim_la_LDFLAGS = -module -avoid-version
|
||||
|
||||
|
|
|
@ -3,12 +3,12 @@ INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/charon
|
|||
|
||||
AM_CFLAGS = -rdynamic -DIPSEC_CONFDIR=\"${sysconfdir}\"
|
||||
|
||||
plugin_LTLIBRARIES = libstrongswan-eapsim-file.la
|
||||
plugin_LTLIBRARIES = libstrongswan-eap-sim-file.la
|
||||
|
||||
libstrongswan_eapsim_file_la_SOURCES = \
|
||||
libstrongswan_eap_sim_file_la_SOURCES = \
|
||||
eap_sim_file_plugin.h eap_sim_file_plugin.c \
|
||||
eap_sim_file_card.h eap_sim_file_card.c \
|
||||
eap_sim_file_provider.h eap_sim_file_provider.c \
|
||||
eap_sim_file_triplets.h eap_sim_file_triplets.c
|
||||
libstrongswan_eapsim_file_la_LDFLAGS = -module -avoid-version
|
||||
libstrongswan_eap_sim_file_la_LDFLAGS = -module -avoid-version
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapsim eapsim-file eapidentity updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-sim eap-sim-file eap-identity updown
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapsim eapsim-file eapidentity updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-sim eap-sim-file eap-identity updown
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapradius eapidentity updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-radius eap-identity updown
|
||||
plugins {
|
||||
eap_radius {
|
||||
secret = gv6URkSs
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapaka eapaka-3gpp2 eapidentity updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-aka eap-aka-3gpp2 eap-identity updown
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapaka eapaka-3gpp2 eapidentity updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-aka eap-aka-3gpp2 eap-identity updown
|
||||
}
|
||||
|
|
|
@ -2,7 +2,7 @@ carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA
|
|||
carol::cat /var/log/daemon.log::server requested EAP_AKA authentication::YES
|
||||
carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
|
||||
moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
|
||||
moon::ipsec statusall::rw-eapaka.*ESTABLISHED::YES
|
||||
moon::ipsec statusall::rw-eap-aka.*ESTABLISHED::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapaka eapaka-3gpp2 updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-aka eap-aka-3gpp2 updown
|
||||
}
|
||||
|
|
|
@ -11,7 +11,7 @@ conn %default
|
|||
keyingtries=1
|
||||
keyexchange=ikev2
|
||||
|
||||
conn rw-eapaka
|
||||
conn rw-eap-aka
|
||||
left=PH_IP_MOON
|
||||
leftsubnet=10.1.0.0/16
|
||||
leftid=@moon.strongswan.org
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapaka eapaka-3gpp2 updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-aka eap-aka-3gpp2 updown
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapmd5 eapidentity updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-md5 eap-identity updown
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapradius eapidentity updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-radius eap-identity updown
|
||||
plugins {
|
||||
eap_radius {
|
||||
secret = gv6URkSs
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapmd5 updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-md5 updown
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapmd5 updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-md5 updown
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapmd5 updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-md5 updown
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md4 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapmschapv2 eapidentity updown
|
||||
load = curl aes des sha1 sha2 md4 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-mschapv2 eap-identity updown
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md4 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapmschapv2 eapidentity updown
|
||||
load = curl aes des sha1 sha2 md4 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-mschapv2 eap-identity updown
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapsim eapsim-file eapidentity updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-sim eap-sim-file eap-identity updown
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapradius eapidentity updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-radius eap-identity updown
|
||||
plugins {
|
||||
eap_radius {
|
||||
secret = gv6URkSs
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapsim eapsim-file updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-sim eap-sim-file updown
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapsim eapsim-file updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-sim eap-sim-file updown
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA signature successful::YES
|
||||
carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
|
||||
moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
|
||||
moon::ipsec statusall::rw-eapsim.*ESTABLISHED::YES
|
||||
moon::ipsec statusall::rw-eap-sim.*ESTABLISHED::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapsim eapsim-file updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-sim eap-sim-file updown
|
||||
}
|
||||
|
|
|
@ -11,7 +11,7 @@ conn %default
|
|||
keyingtries=1
|
||||
keyexchange=ikev2
|
||||
|
||||
conn rw-eapsim
|
||||
conn rw-eap-sim
|
||||
left=PH_IP_MOON
|
||||
leftsubnet=10.1.0.0/16
|
||||
leftid=@moon.strongswan.org
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
# /etc/strongswan.conf - strongSwan configuration file
|
||||
|
||||
charon {
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eapsim eapsim-file updown
|
||||
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink fips-prf eap-sim eap-sim-file updown
|
||||
}
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA signature successful::YES
|
||||
carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
|
||||
moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
|
||||
moon::ipsec statusall::rw-eapaka.*ESTABLISHED::YES
|
||||
moon::ipsec statusall::rw-eap-aka.*ESTABLISHED::YES
|
||||
carol::ipsec statusall::home.*ESTABLISHED::YES
|
||||
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
|
||||
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
|
||||
|
|
|
@ -3,8 +3,8 @@
|
|||
charon {
|
||||
plugins {
|
||||
sql {
|
||||
database = sqlite:///etc/ipsec.d/ipsec.db
|
||||
database = sqlite:///etc/ipsec.d/ipsec.db
|
||||
}
|
||||
}
|
||||
load = curl aes des sha1 sha2 md5 fips-prf pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql eapaka eapaka-3gpp2
|
||||
load = curl aes des sha1 sha2 md5 fips-prf pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql eap-aka eap-aka-3gpp2
|
||||
}
|
||||
|
|
|
@ -98,20 +98,20 @@ INSERT INTO private_key_identity (
|
|||
|
||||
INSERT INTO shared_secrets (
|
||||
type, data
|
||||
) VALUES (
|
||||
) VALUES (
|
||||
2, X'4172336574546e703031716c704f6762'
|
||||
);
|
||||
|
||||
INSERT INTO shared_secret_identity (
|
||||
shared_secret, identity
|
||||
) VALUES (
|
||||
1, 3
|
||||
1, 3
|
||||
);
|
||||
|
||||
INSERT INTO shared_secret_identity (
|
||||
shared_secret, identity
|
||||
) VALUES (
|
||||
1, 6
|
||||
1, 6
|
||||
);
|
||||
|
||||
/* Configurations */
|
||||
|
@ -125,13 +125,13 @@ INSERT INTO ike_configs (
|
|||
INSERT INTO peer_configs (
|
||||
name, ike_cfg, local_id, remote_id, eap_type
|
||||
) VALUES (
|
||||
'rw-eapaka', 1, 3, 5, 23
|
||||
'rw-eap-aka', 1, 3, 5, 23
|
||||
);
|
||||
|
||||
INSERT INTO child_configs (
|
||||
name, updown
|
||||
) VALUES (
|
||||
'rw-eapaka', 'ipsec _updown iptables'
|
||||
'rw-eap-aka', 'ipsec _updown iptables'
|
||||
);
|
||||
|
||||
INSERT INTO peer_config_child_config (
|
||||
|
|
|
@ -3,8 +3,8 @@
|
|||
charon {
|
||||
plugins {
|
||||
sql {
|
||||
database = sqlite:///etc/ipsec.d/ipsec.db
|
||||
database = sqlite:///etc/ipsec.d/ipsec.db
|
||||
}
|
||||
}
|
||||
load = aes des sha1 sha2 md5 fips-prf pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql eapaka eapaka-3gpp2
|
||||
load = aes des sha1 sha2 md5 fips-prf pem pkcs1 gmp random x509 hmac xcbc stroke kernel-netlink updown sqlite sql eap-aka eap-aka-3gpp2
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue