Martin Willi
b5f3c1f785
Define SSHCONF from strongswan testing directory, not TESTDIR
...
This fixes the use of SSHCONF in the ssh wrapper script before ./do-tests
had a chance to create the required symlinks.
2013-03-26 10:31:29 +01:00
Martin Willi
0ba8842348
Lazy unmount guest filesystem after building image, as it still might be busy
2013-03-26 10:31:29 +01:00
Reto Buerki
f7fea72e46
Recipes: Disable Anet unit tests
...
Some Anet unit tests may fail because of the network configuration on
the testing host. These failures do not indicate a problem in Anet but
are a result of unpredictable events.
2013-03-25 16:49:30 +01:00
Andreas Steffen
7e20062fdf
Added hostapd package to base image
2013-03-22 23:53:39 +01:00
Andreas Steffen
8f72ba4aff
Added Framed-IP-Address information to RADIUS accounting records
2013-03-22 23:52:01 +01:00
Andreas Steffen
0b6c43f038
Added ikev2/rw-eap-framed-ip-radius scenario
2013-03-22 19:08:42 +01:00
Andreas Steffen
4a3c1cdc2b
Store debug output from standalone IMC/IMVs
2013-03-22 16:45:24 +01:00
Andreas Steffen
1eada67bcb
Added ikev2/ip-two-pools-v4v6-db scenario
2013-03-22 12:18:43 +01:00
Reto Buerki
3db17b0ccc
Fixed TKM build
2013-03-22 10:35:48 +01:00
Andreas Steffen
2c80ab3def
Build TNC-enabled wpa_supplicant
2013-03-22 10:33:39 +01:00
Reto Buerki
8484f2bc5c
Implement multiple-clients integration test
...
Two transport connections to gateway sun are set up, one from client
carol and the other from client dave. The gateway sun uses the Trusted
Key Manager (TKM) and is the responder for both connections. The
authentication is based on X.509 certificates. In order to test the
connections, both carol and dave ping gateway sun.
2013-03-19 15:23:51 +01:00
Reto Buerki
a520e4a010
Implement net2net-xfrmproxy integration test
2013-03-19 15:23:50 +01:00
Reto Buerki
847d320950
Implement net2net-initiator integration test
2013-03-19 15:23:50 +01:00
Reto Buerki
d8b2064a34
Add xfrm_proxy integration test
2013-03-19 15:23:50 +01:00
Reto Buerki
f10f7fe261
Provide script to build Ada XFRM proxy
2013-03-19 15:23:50 +01:00
Reto Buerki
3150dbd3e3
Add TKM responder integration test
2013-03-19 15:23:50 +01:00
Reto Buerki
117375ed00
Add initial TKM integration test
...
A connection between the hosts moon and sun is set up. The host moon
uses the Trusted Key Manager (TKM) and is the initiator of the transport
connection. The authentication is based on X.509 certificates.
2013-03-19 15:23:50 +01:00
Reto Buerki
7b702150a0
Add expect-file guest image script
...
This script can be used in pretest.dat files to wait until a given file
appears.
2013-03-19 15:23:50 +01:00
Reto Buerki
0e1d008d71
Add /usr/local/lib/ipsec to linker cache
2013-03-19 15:23:50 +01:00
Reto Buerki
b491ee4ecd
Provide recipes to build tkm and required libraries
2013-03-19 15:23:50 +01:00
Reto Buerki
3fc766d61e
Add GNAT compiler and Ada libs to base image
2013-03-19 15:23:50 +01:00
Tobias Brunner
7a87381840
testing: Rename interfaces and bridges so they are easier to identify
...
This simplifies capturing traffic with Wireshark on the host as each of
the guest's interfaces is clearly identified.
The three bridges were previously numbered starting from 0, this scheme
is restored here.
2013-03-19 11:50:39 +01:00
Tobias Brunner
9525e9c506
testing: Don't use a specific version for the QEMU machine type
...
The previously used pc-1.1 is not yet available on e.g. Ubuntu 12.04.
With 'pc' the most current supported version of that type is used.
2013-03-19 11:50:39 +01:00
Tobias Brunner
d62f043f01
testing: Add screen package to base image
...
Makes working in a single SSH session easier.
2013-03-05 17:40:13 +01:00
Tobias Brunner
eeb029360a
testing: Enable ssh connection to second IP by name (e.g. moon1)
2013-03-05 17:40:13 +01:00
Tobias Brunner
45ee7c9429
testing: ssh script accepts IP addresses instead of host names
2013-03-05 17:40:13 +01:00
Tobias Brunner
5057455674
testing: ssh script forwards arguments to ssh command
...
This allows to execute commands on a virtual host.
2013-03-05 17:40:12 +01:00
Andreas Steffen
d7eec03815
removed unneeded DS files
2013-03-05 09:08:25 +01:00
Andreas Steffen
7b11a1dcdc
upgraded KVM test suite to Linux 3.8 kernel
2013-03-03 11:59:07 +01:00
Andreas Steffen
f7580a5a67
added openssl-ikev2/alg-aes-gcm scenario
2013-03-03 11:43:52 +01:00
Andreas Steffen
81419b9748
use DNs in tnc/tnccs-20-tls scenario
2013-03-03 10:47:17 +01:00
Tobias Brunner
9a70fe8412
testing: Add a script to easily connect to a host via SSH
...
This doesn't require any entries in /etc/hosts and the correct SSH
config is used to allow password-less access.
2013-02-28 18:21:14 +01:00
Reto Buerki
b32e732b2f
Check kvm command existence in start-testing
2013-02-22 19:22:08 +01:00
Andreas Steffen
f0c102cbfa
Added ikev2/rw-dnssec scenario
2013-02-19 12:25:01 +01:00
Andreas Steffen
1d4ff25fb8
Added ikev2/net2net-dnssec scenario
2013-02-19 12:25:01 +01:00
Andreas Steffen
37c589f0e0
Configure winnetou as a DNSSEC enabled nameserver for the strongswan.org, org, and root zones
2013-02-19 12:25:01 +01:00
Andreas Steffen
3fbc328d14
Build unbound and ipseckey plugins on KVM image
2013-02-19 12:25:01 +01:00
Andreas Steffen
5374fe3a09
added ikev1/net2net-fragmentation scenario
2013-02-12 23:01:48 +01:00
Andreas Steffen
7d355f853d
use EAP identity in tnc/tnccs-20-pdp scenario
2013-02-12 20:41:37 +01:00
Andreas Steffen
d82372fab8
Removed INSTALL from EXTRA_DIST
2013-01-17 23:20:37 +01:00
Tobias Brunner
232af2fab5
Updated documentation for the integration tests
2013-01-17 16:56:02 +01:00
Tobias Brunner
812cd9c18a
Removed UML from description of ikev2/default-keys test
2013-01-17 16:56:02 +01:00
Tobias Brunner
b1169a880a
Updated comments in test.conf of all tests
2013-01-17 16:56:02 +01:00
Tobias Brunner
7699a928f7
Renamed $UMLHOSTS to $VIRTHOSTS
2013-01-17 16:56:02 +01:00
Reto Buerki
88bffacfdc
Drop vim swap file
2013-01-17 16:55:04 +01:00
Reto Buerki
f3db566983
Enforce reception of multicast traffic on virbr[1|2]
...
This is needed to let the ha/both-active test pass.
2013-01-17 16:55:04 +01:00
Reto Buerki
41943e9c1b
Make core dumps work
...
Core dumps are written to the /var/local/dumps directory.
2013-01-17 16:55:04 +01:00
Reto Buerki
e3a3013323
Append seconds to TESTDATE
...
This avoids 'file exists' warnings when running tests multiple times in
one minute.
2013-01-17 16:55:04 +01:00
Reto Buerki
2c4954ad24
Switch to 'mapped' access mode for hostfs
...
Passthrough mode only works as expected when running as root. On
Debian/Ubuntu systems qemu runs as user 'libvirt-qemu' and group 'kvm'
so all shared files must be chowned to grant access from guests.
Symlinks created on the host are still problematic because the Plan 9
filesystem has no direct notion of symbolic links, see [1].
[1] - http://ericvh.github.com/9p-rfc/rfc9p2000.u.html
2013-01-17 16:55:04 +01:00
Reto Buerki
677795c3e7
Make guest ACPI shutdown work
2013-01-17 16:55:03 +01:00
Reto Buerki
c25f850601
Drop obsolete Gentoo dhcpd init script
2013-01-17 16:55:03 +01:00
Reto Buerki
530f7b8421
No need to enable ip_forward in pretest files
...
It is enabled by default now.
2013-01-17 16:55:03 +01:00
Reto Buerki
49b1655ae1
Auto-create symlink to testing directory in workdir
2013-01-17 16:55:03 +01:00
Andreas Steffen
44e533b88e
converted ha/both-active iptables scenario
2013-01-17 16:55:03 +01:00
Andreas Steffen
5c09942d54
converted all ipv6 iptables/ip6tables scenarios
2013-01-17 16:55:03 +01:00
Andreas Steffen
a0ffe67fab
converted all p2pnat iptables scenarios
2013-01-17 16:55:02 +01:00
Andreas Steffen
b27836412b
Rename UML to KVM tests
2013-01-17 16:55:02 +01:00
Andreas Steffen
472a411aa8
converted all tnc iptables scenarios
2013-01-17 16:55:02 +01:00
Andreas Steffen
4aa32cc3fe
List daemon.log on $RADIUSHOSTS
2013-01-17 16:55:02 +01:00
Andreas Steffen
cedc96c2c4
implemented ip6tables.rules
2013-01-17 16:55:02 +01:00
Andreas Steffen
136f74161b
converted all sql iptables scenarios
2013-01-17 16:55:02 +01:00
Andreas Steffen
6fff9d9ace
converted all pfkey iptables scenarios
2013-01-17 16:55:01 +01:00
Andreas Steffen
8fbb9458d6
converted all openssl-ikev2 iptables scenarios
2013-01-17 16:55:01 +01:00
Andreas Steffen
44047e7adb
converted all openssl-ikev1 iptables scenarios
2013-01-17 16:55:01 +01:00
Andreas Steffen
61ab7db386
converted all gcrypt-ikev2 iptables scenarios
2013-01-17 16:55:01 +01:00
Andreas Steffen
1dc14281fc
converted all af-alg iptables scenarios
2013-01-17 16:55:01 +01:00
Andreas Steffen
ac09da8e50
added ikev1/nat-virtual-ip scenario
2013-01-17 16:55:00 +01:00
Andreas Steffen
ca0128588f
converted all ikev1 iptables scenarios
2013-01-17 16:55:00 +01:00
Andreas Steffen
d815235d17
use iptables-restore in all ikev2 firewall scenarios
2013-01-17 16:55:00 +01:00
Andreas Steffen
28b7db2b3c
Updated mark_update script in several IKEv2 scenarios
2013-01-17 16:55:00 +01:00
Andreas Steffen
9b4477d5b8
activated iptables in some ikev2 scenarios
2013-01-17 16:55:00 +01:00
Andreas Steffen
8e75e8dfa7
Fixed NO evaltest in tnc/tnccs-20-pdp scenario
2013-01-17 16:54:59 +01:00
Andreas Steffen
9c36018cc7
Disable IPv4 forwarding on carol in order to pass tnc/tnccs-20-os scenario
2013-01-17 16:54:59 +01:00
Andreas Steffen
7deb8bd905
Added less package to Debian base image
2013-01-17 16:54:59 +01:00
Andreas Steffen
54c526675e
Added config directory to EXTRA-DIST
2013-01-17 16:54:59 +01:00
Andreas Steffen
8b8a4c5c45
Added config für Linux 3.6 guest kernels
2013-01-17 16:54:59 +01:00
Reto Buerki
aafc0a1799
Make test scripts callable from any path
2013-01-17 16:54:58 +01:00
Reto Buerki
0593b6c975
Export compile directory to guests
...
Use 9p over virtio to share files on the host with the guest domains.
The files are accessible in the guests /hostfs directory.
2013-01-17 16:54:58 +01:00
Reto Buerki
48ea1d8b0b
Create all images in $BUILDDIR/images
2013-01-17 16:54:58 +01:00
Reto Buerki
482d3ec9ff
Also restore 'default' host configuration
2013-01-17 16:54:58 +01:00
Reto Buerki
58e0b386ea
Add eth1 NIC to alice domain
2013-01-17 16:54:58 +01:00
Reto Buerki
602ba2f6d1
Adjust ikev2/farp test to qemu network interfaces
2013-01-17 16:54:58 +01:00
Reto Buerki
23382d2e00
Directly use STRONGSWANHOSTS in build-guestimages
...
Drop support for building guests specified on the command line; creating
all images unconditionally is very fast now thanks to qcow2.
2013-01-17 16:54:57 +01:00
Reto Buerki
12f1ff3a0e
Drop SELECTEDTESTSONLY support
2013-01-17 16:54:57 +01:00
Reto Buerki
50fb9b8457
Use exit trap to kill open ssh sessions
2013-01-17 16:54:57 +01:00
Tobias Brunner
16cd6f63e2
Don't refer to recipes and images via $TESTDIR
...
This way no symlink to the testing directory is required in $TESTDIR.
2013-01-17 16:54:57 +01:00
Reto Buerki
7fa92110e8
Adjust ikev2/dhcp tests to qemu network interfaces
2013-01-17 16:54:57 +01:00
Reto Buerki
b351656cc7
Disable checksum offloading on moon's eth1 interface
...
Disable checksum offloading on eth1 because it does not currently work
with virtio and the isc-dhcp-server running on venus, see [1].
[1] - https://bugs.mageia.org/show_bug.cgi?id=1243
2013-01-17 16:54:57 +01:00
Reto Buerki
63178a8830
Add ethtool to debootstrap package includes
2013-01-17 16:54:56 +01:00
Reto Buerki
82499010eb
stop-testing requires virsh
2013-01-17 16:54:56 +01:00
Reto Buerki
bd4c6122a4
Add ssh config to guest root account
2013-01-17 16:54:56 +01:00
Tobias Brunner
ac8c96e51b
Patch iptables for use with HA kernel patch (XFRM hooks)
2013-01-17 16:54:56 +01:00
Tobias Brunner
1a16b170ba
start-testing requires virsh
2013-01-17 16:54:56 +01:00
Reto Buerki
cbe031d755
Make root image a clone of the base image
2013-01-17 16:54:56 +01:00
Reto Buerki
76ccd25a05
Add expect-connection guest image script
...
This script can be used in pretest.dat files to wait until an IPsec
connection becomes available. This avoids unconditional sleeps and
improves test performance.
The ipv6 tests have been updated to use the expect-connection script.
2013-01-17 16:54:55 +01:00
Reto Buerki
44e83859e0
Rename build-umlhostfs script to build-guestimages
2013-01-17 16:54:55 +01:00
Reto Buerki
90dd71e41c
Rename build-umlrootfs script to build-rootimg
2013-01-17 16:54:55 +01:00
Reto Buerki
258cbd40cf
Unify naming of base,root image settings
2013-01-17 16:54:55 +01:00
Reto Buerki
aba43136c2
Drop now obsolete UML helper functions
2013-01-17 16:54:55 +01:00
Reto Buerki
345dba0de4
Exclude iptables from debootstrap
2013-01-17 16:54:55 +01:00
Reto Buerki
74c0839ad6
Run on_exit commands in FILO order
2013-01-17 16:54:54 +01:00
Reto Buerki
97265abaf0
Inform kernel about /dev/nbd0 partition changes
2013-01-17 16:54:54 +01:00
Reto Buerki
b24d3ed5fc
Test availability of required commands
2013-01-17 16:54:54 +01:00
Reto Buerki
f241f46d88
Exit make-testing on script failure
2013-01-17 16:54:54 +01:00
Reto Buerki
8ed98c1373
Switch from raw images to qcow2 format
...
This allows to use minimal copy-on-write clones of the base image as
guest images, which in turn saves a lot of disk space.
2013-01-17 16:54:54 +01:00
Reto Buerki
7fa2719185
Set default TESTDIR to /srv/strongswan-testing
2013-01-17 16:54:54 +01:00
Reto Buerki
bc3cc45e8b
Drop unneeded TZUML variable
2013-01-17 16:54:53 +01:00
Reto Buerki
043caec129
Set BUILDDIR to $TESTDIR/build
2013-01-17 16:54:53 +01:00
Reto Buerki
619c5430b8
Drop unneeded UMLKERNEL variable
2013-01-17 16:54:53 +01:00
Reto Buerki
bf48ee33e5
Rename UMLTESTDIR variable to TESTDIR
2013-01-17 16:54:53 +01:00
Reto Buerki
36a3fe90d8
Drop cecho functions
2013-01-17 16:54:53 +01:00
Reto Buerki
8cb4628ff9
Use log_action function in do-tests script
2013-01-17 16:54:53 +01:00
Reto Buerki
1102a8c1cc
Remove executable bit from testing.conf
2013-01-17 16:54:52 +01:00
Reto Buerki
9b3316ed27
Use qemu/KVM virtualization instead of UML
...
Guest and network configuration is setup using the libvirt
virtualization API. The [start|stop]_testing scripts have been updated
accordingly.
qemu/KVM does not currently support a hostfs, so the shared build tree
mount has been dropped for now.
2013-01-17 16:54:52 +01:00
Reto Buerki
f9df3d06b5
Rename build-umlkernel script to build-guestkernel
2013-01-17 15:22:11 +01:00
Reto Buerki
62a277cfae
Move ROOTFSDIR declaration to testing.conf
2013-01-17 15:22:11 +01:00
Reto Buerki
ee1cd88c7a
Prefix all recipes with a number
2013-01-17 15:22:11 +01:00
Reto Buerki
0cc4063799
Use do_on_exit() in build scripts for cleanup
2013-01-17 15:22:11 +01:00
Reto Buerki
9a045eef8e
Provide do_on_exit() function
...
This function allows to register an exit action which executes when the
calling script terminates.
2013-01-17 15:22:11 +01:00
Reto Buerki
7c2ef58e86
Import testing.conf file in function.sh
...
This is needed to have access to $LOGFILE and possibly other config
settings.
2013-01-17 15:22:10 +01:00
Reto Buerki
261cf0e395
Drop build-hostconfig script
...
Use processed host configurations directly instead.
2013-01-17 15:22:10 +01:00
Reto Buerki
2d1577d661
Update build-umlhostfs script to new log format
2013-01-17 15:22:10 +01:00
Reto Buerki
bf3ff0e585
Update build-umlrootfs script to new log format
2013-01-17 15:22:10 +01:00
Reto Buerki
5828e434bd
Update build-umlkernel script to new log format
2013-01-17 15:22:10 +01:00
Reto Buerki
fb2aab414a
Use red color in die() function
...
This is the function where red color SHOULD be used.
2013-01-17 15:22:10 +01:00
Reto Buerki
b86866579a
Move execute wrappers to function.sh file
2013-01-17 15:22:09 +01:00
Reto Buerki
9574bf7a5e
Use log_action, log_status in build-baseimage script
2013-01-17 15:22:09 +01:00
Reto Buerki
c120f25e60
Provide log_action and log_status functions
...
These two functions are used to log action descriptions and the
corresponding command exit status in a consistent way.
2013-01-17 15:22:09 +01:00
Reto Buerki
3c9df38c5e
Add chroot() helper function
2013-01-17 15:22:09 +01:00
Reto Buerki
3b75c7ddc8
Use execute wrapper to disable root password
2013-01-17 15:22:09 +01:00
Reto Buerki
6022f37aec
Simplify test starting and stopping logic
...
Reduce the coupling of the different scripts.
make-testing : Build the testing environment
start-testing : Start switches and guests
do-tests : Run tests
stop-testing : Stop switches and guests
2013-01-17 15:22:09 +01:00
Tobias Brunner
18bce26ea6
Use key(and password-)less SSH authentication
2013-01-17 15:22:09 +01:00
Reto Buerki
beff82dd98
Adjust strongSwan version handling in HTML output
2013-01-17 15:22:08 +01:00
Tobias Brunner
ffe710ae71
Patch AVP parsing in EAP-TTLS module in FreeRADIUS
2013-01-17 15:22:08 +01:00
Tobias Brunner
d47b751850
Add recipes for libtnc and TNC@FHH
2013-01-17 15:22:08 +01:00
Tobias Brunner
669fc9f9ec
Copy and display host specific tcpdump.log files
2013-01-17 15:22:08 +01:00
Tobias Brunner
b460fb1dd2
Drop SHAREDTREE in favor of mounting the compile dir
2013-01-17 15:22:08 +01:00
Tobias Brunner
633bee03fc
Patch EAP-SIM module in FreeRADIUS
2013-01-17 15:22:08 +01:00
Tobias Brunner
d94f6a2ff6
Don't generate do-tests
2013-01-17 15:22:08 +01:00
Reto Buerki
533177003c
Adapt test configurations
...
Adapt test configurations to the new Debian-based system.
2013-01-17 15:22:07 +01:00
Reto Buerki
766466b8d1
Adapt host configuration
...
Adapt the configuration of the test hosts to the new Debian-based
system.
2012-12-18 16:00:21 +01:00
Reto Buerki
108040800d
Add recipe for iptables
2012-12-18 16:00:21 +01:00
Reto Buerki
adbb5cbd43
Add freeradius recipe
2012-12-18 16:00:21 +01:00
Reto Buerki
e61ce6ee02
Factor out building of strongswan into own Makefile
...
Small Makefiles (recipes) are used to install software from source into
the root UML image.
2012-12-18 16:00:21 +01:00
Reto Buerki
aa5803e0e3
testing: Switch to Debian based guest images
...
Instead of extracting a downloaded Gentoo filesystem tree into a file
containing a reiserfs filesystem, create an ext3 filesystem inside a
sparse file, mount it and debootstrap an up-to-date Debian system. Use
this image as base for all UML guest images.
Also, drop support for the various consoles and use xterm
unconditionally.
2012-12-18 16:00:21 +01:00
Andreas Steffen
ef214f2855
added ike2/rw-eap-md5-class-radius scenario
2012-11-21 06:05:34 +01:00
Andreas Steffen
7c49d77982
updated parameters
2012-11-12 10:45:38 +01:00
Andreas Steffen
a9c9414d58
implemented IETF Numeric Version attribute
2012-10-18 22:33:26 +02:00
Andreas Steffen
ef315c5a1c
implemented IETF Remediation Instructions attribute
2012-10-18 18:24:26 +02:00
Andreas Steffen
154cae09e3
increased IMC/IMV debug level to 3
2012-10-17 10:02:53 +02:00