Andreas Steffen
da7a46b73b
upgraded ike scenarios to 5.0.0
2012-05-25 16:58:17 +02:00
Andreas Steffen
d2933125d5
added IKEv1 IPCOMP pluto-charon interoperability scenarios
2012-05-25 12:52:21 +02:00
Andreas Steffen
b253008544
upgraded ikev1/compress to 5.0.0
2012-05-24 17:36:27 +02:00
Andreas Steffen
fa50a89c95
added ikev1/xauth-rsa-eap-md5-radius scenario
2012-05-24 09:26:00 +02:00
Andreas Steffen
31c83b973e
load nonce plugin
2012-05-23 15:05:57 +02:00
Andreas Steffen
ad59f3a91a
added ikev1 pluto-charon interoperability scenarios
2012-05-23 14:47:41 +02:00
Andreas Steffen
148b643880
upgraded ikev1 scenarios to 5.0.0
2012-05-23 14:45:15 +02:00
Tobias Brunner
7a56c35fc9
Remove executable flag from source files.
2012-05-18 10:04:08 +02:00
Andreas Steffen
5cc6dc8b39
check for ESP in UDP encapsulation
2012-05-12 12:15:58 +02:00
Andreas Steffen
a56fdff194
upgraded ikev2 scenarios to 5.0.0
2012-05-11 11:00:32 +02:00
Andreas Steffen
0e1c6fa2a9
suppress leak detective output
2012-05-11 05:48:11 +02:00
Andreas Steffen
86aab92248
upgraded ha scenario for 5.0.0
2012-05-06 15:03:26 +02:00
Andreas Steffen
922e0d0975
added gcrypt-ikev1 pluto interoperability tests
2012-05-06 09:51:19 +02:00
Andreas Steffen
949d08dfca
upgraded gcrypt-ikev1 scenarios to 5.0.0
2012-05-06 09:25:31 +02:00
Andreas Steffen
04d7b1725d
upgraded gcrypt-ikev2 scenarios to 5.0.0
2012-05-06 09:23:09 +02:00
Andreas Steffen
8f834c16ae
upgraded pfkey scenarios to 5.0.0
2012-05-05 11:55:48 +02:00
Andreas Steffen
6624b8be24
removed leftover ipsec.conf parameters
2012-05-05 09:20:42 +02:00
Andreas Steffen
84b291e668
upgraded sql scenarios to 5.0.0
2012-05-05 09:16:15 +02:00
Andreas Steffen
8a5a33b52e
upgrade p2pnat scenarios to 5.0.0
2012-05-04 14:56:09 +02:00
Andreas Steffen
e5502cd2b5
updated af-alg scenarios to 5.0.0
2012-05-04 12:15:30 +02:00
Andreas Steffen
680609b972
added openssl-ikev1 pluto interoperability tests
2012-05-04 12:12:39 +02:00
Andreas Steffen
1e9b62ad50
deleted unneeded openssl-ikev1 files
2012-05-04 12:11:57 +02:00
Andreas Steffen
90e941fb97
upgraded openssl-ikev1 scenarios to 5.0.0
2012-05-04 12:06:45 +02:00
Andreas Steffen
3805e569f6
upgraded openssl-ikev2 scenarios to 5.0.0
2012-05-04 12:03:05 +02:00
Andreas Steffen
22bec9d4ae
upgraded tnc scenarios to 5.0.0
2012-05-04 11:57:31 +02:00
Andreas Steffen
6c5873d448
updated testing.conf for 5.0.0
2012-05-02 22:53:11 +02:00
Andreas Steffen
9fc69a0c81
two new options for 5.0.0 UML testing
2012-05-02 21:13:14 +02:00
Andreas Steffen
fe23d9aaa4
ikev2/net2net-pubkey scenario does not need dnskey plugin
2012-04-30 07:02:08 +02:00
Andreas Steffen
86b79a5f6d
added ikev2/net2net-pubkey scenario
2012-04-30 00:33:18 +02:00
Andreas Steffen
7ea31a17ea
added ikev2/net2net-rsa scenario
2012-04-30 00:32:58 +02:00
Andreas Steffen
2338b9f019
added ikev2/rw-eap-md5-id-prompt scenario
2012-04-29 19:10:25 +02:00
Andreas Steffen
5ff8fe5d48
activated cmac plugin in UML test suites
2012-04-22 22:22:25 +02:00
Andreas Steffen
3cea55b0c8
corrected description
2012-03-17 23:22:25 +01:00
Andreas Steffen
9da795392e
added ikev2/esp-alg-sha1-160 scenario
2012-03-17 23:20:03 +01:00
Andreas Steffen
d9b539dc33
added ikev2/esp-alg-md5-128 scenario
2012-03-17 22:56:37 +01:00
Andreas Steffen
bd360b3911
keep a copy of refreshed carolCert-ocsp.pem
2012-03-15 07:59:42 +01:00
Andreas Steffen
ebf292bad0
refreshed carolCert-ocsp.pem
2012-03-15 07:58:35 +01:00
Andreas Steffen
ea2f340e27
added tnc/tnccs-20-pdp scenario
2012-03-14 08:47:12 +01:00
Andreas Steffen
9b8053a63a
edited description of tnc/tnccs-11-radius scenario
2012-03-14 08:46:52 +01:00
Andreas Steffen
70fd2d1af7
created tnc-pdp policy decision point plugin
2012-03-13 16:27:16 +01:00
Andreas Steffen
2af22e1135
adapted debug output check in openssl-ikev2/rw-eap-tls-only scenario
2012-02-07 20:31:17 +01:00
Andreas Steffen
269e487567
open RADIUS accounting port in firewall
2012-02-06 20:45:21 +01:00
Andreas Steffen
9755910d7f
added ikev2/rw-radius-accounting scenario
2012-02-06 12:52:48 +01:00
Andreas Steffen
48bf8ce9bd
added openssl-ikev2/ecdsa-pkcs8 scenario
2012-02-03 11:44:04 +01:00
Andreas Steffen
6b4e0dd504
added ikev2/rw-pkcs8 scenario
2012-02-03 11:10:13 +01:00
Tobias Brunner
35a1986142
Fixed additional typos in comments and log messages.
2012-01-12 11:42:42 +01:00
Andreas Steffen
a24f2241bc
made ikev2/reauth-late scenario more robust
2011-12-21 06:00:13 +01:00
Andreas Steffen
034b792b90
added Attestation IMC/IMV to UML build
2011-12-18 18:07:47 +01:00
Andreas Steffen
19e9bdda1f
added UML support for IF-MAP interface
2011-12-12 17:00:50 +01:00
Andreas Steffen
63179fd459
upgraded Test IMC/IMV pair to fully support multple IMC IDs
2011-12-11 22:01:49 +01:00
Andreas Steffen
566311862f
moved random plugin in front of openssl in order to prefer gmp
2011-11-05 07:24:17 +01:00
Andreas Steffen
0986fe362f
added integrity test to rw-eap-sim-rsa and rw-eap-aka-rsa scenarios
2011-11-04 11:27:19 +01:00
Andreas Steffen
a12bb386f7
enable integrity test in tnc/tnccs-dynamic scenario
2011-11-02 09:30:18 +01:00
Andreas Steffen
6ae024392b
removed xcbc plugin from sql scenarios
2011-11-01 00:16:35 +01:00
Andreas Steffen
5153af66e0
added tnc-tnccs plugin and removed xcbc plugin
2011-10-25 15:20:03 +02:00
Andreas Steffen
448fc5091f
updated strong certificates
2011-10-17 18:04:12 +02:00
Andreas Steffen
f63f7822ed
Run scenarios without xcbc plugin
2011-10-17 14:08:50 +02:00
Andreas Steffen
91adba2051
Run scenarios without xcbc plugin
2011-10-16 17:18:32 +02:00
Andreas Steffen
8b0e38e69e
run scenarios without xcbc plugin
2011-10-14 17:41:08 +02:00
Andreas Steffen
fc67132697
due to a bug fix reverted to the previous RULE_CRL_VALIDATION check
2011-09-09 09:25:54 +02:00
Andreas Steffen
7ec35f561c
show correct network topology in shunt-policies scenarios
2011-07-26 07:55:20 +02:00
Tobias Brunner
92032fd4d6
Fixed sleep command in two test cases.
2011-07-21 16:34:37 +02:00
Tobias Brunner
f3bb1bd039
Fixed common misspellings.
...
Mostly found by 'codespell'.
2011-07-20 16:14:10 +02:00
Andreas Steffen
456c668d92
added ikev2/net2net-esn scenario
2011-07-16 14:12:23 +02:00
Andreas Steffen
0cb5d713ab
alice is now master in the ha/both-active scenario
2011-07-14 17:31:47 +02:00
Andreas Steffen
9de0f9d487
short form changed
2011-07-14 16:49:41 +02:00
Andreas Steffen
52ba840d5c
adapted tnc scenarios to new imcvs library path
2011-07-06 21:55:17 +02:00
Andreas Steffen
1f3b5c7778
corrected description of shunt-policies scenario
2011-07-05 22:07:42 +02:00
Andreas Steffen
d6e40a3b91
start and stop apache server on dave
2011-07-04 22:40:46 +02:00
Andreas Steffen
0b0f36cc1a
added ITA Scanner IMC/IMV pair to tnccs-11-radius-block scenario
2011-07-04 22:32:34 +02:00
Andreas Steffen
31479712b5
added ITA Scanner IMC/IMV pair to tnccs-20 and tnccs-20-block scenarios
2011-07-04 21:44:22 +02:00
Andreas Steffen
d9cdab9249
added ITA Scanner IMC/IMV pair which detects open server ports on TNC clients
2011-07-04 21:40:25 +02:00
Andreas Steffen
c755c365d7
fixed sql/shunt-policies scenario
2011-06-29 08:23:58 +02:00
Andreas Steffen
f87991704e
implemented PASS and DROP shunt policies
2011-06-28 19:42:54 +02:00
Andreas Steffen
535f5d8a10
added tnc/tnccs-20-server-retry scenario
2011-06-23 19:59:27 +02:00
Andreas Steffen
6b57728cce
renamed tncss-20-retry scenario to tnccs-20-client-retry
2011-06-23 19:59:00 +02:00
Andreas Steffen
9368185260
restablish the lost links to the TNC@FHH project
2011-06-15 14:16:58 +02:00
Andreas Steffen
f9b5d9ae9c
fixed some descriptions
2011-06-15 14:07:16 +02:00
Andreas Steffen
da73199fe5
added the tnc/tnccs-20-retry scenario
2011-06-15 14:06:48 +02:00
Andreas Steffen
8b3d522620
link to the TNC@FHH project
2011-06-03 08:36:57 +02:00
Andreas Steffen
b24ffda989
fixed sleep command in ikev1/esp-ah-tunnel scenario
2011-06-03 07:05:43 +02:00
Andreas Steffen
7bd580bf08
active and passive IKEv2 hosts changed again
2011-06-03 01:47:25 +02:00
Andreas Steffen
2e60060095
moved TNC scenarios to tnc folder
2011-06-03 00:47:20 +02:00
Andreas Steffen
51679e67c9
ikev2/rw-eap-tnc-11-radius scenario now uses a PA-TNC IMC/IMV pair
2011-06-02 12:36:27 +02:00
Andreas Steffen
0410c3c363
disable leak_detective in ikev2/rw-eap-tnc-11-radius scenario
2011-06-01 22:17:32 +02:00
Andreas Steffen
a420b4736f
output strongswan.conf and daemon.log on RADIUS hosts with strongSwan IMV
2011-06-01 21:38:03 +02:00
Andreas Steffen
7e432eff6b
renamed tls_reader|writer to bio_* and moved to libstrongswan
2011-05-31 15:46:51 +02:00
Andreas Steffen
4cefb9bd10
removed unused files
2011-05-31 15:46:51 +02:00
Andreas Steffen
a5cfcc5f50
re-established a deleted colon character
2011-05-30 22:48:53 +02:00
Andreas Steffen
ea9f1002cd
cleaned up the rw-eap-tnc-20 and rw-eap-tnc-20-fhh scenarios
2011-05-30 21:46:45 +02:00
Andreas Steffen
83348c80e4
added the ikev2/rw-eap-tnc-20 scenario based on the RFC 5792 PA-TNC protocol
2011-05-30 21:31:50 +02:00
Andreas Steffen
61420db66c
renamed ikev2/rw-eap-tnc-20 scenario to rw-eap-tnc-20-fhh
2011-05-30 21:28:07 +02:00
Andreas Steffen
636a7d2bc3
whitelisting can already be enabled in strongswan.conf
2011-05-14 17:11:15 +02:00
Andreas Steffen
8afbc768f3
added ikev2/rw-whitelist scenario
2011-05-12 21:11:01 +02:00
Tobias Brunner
a855af9544
testing: Properly align numbers of succeeded and failed tests in overview page.
2011-05-05 10:29:52 +02:00
Tobias Brunner
e296fc2d26
testing: Add crumbtrail to overview page which lists all tests.
2011-05-05 10:29:52 +02:00
Tobias Brunner
ca25eb9eb3
testing: Directly link to index.html of tests to allow browsing via file://.
2011-05-05 10:29:52 +02:00
Tobias Brunner
e8ae55f64b
testing: Avoid adding additional spacing around testresults.
2011-05-05 10:29:52 +02:00
Tobias Brunner
074919dcc5
testing: Replace back link in results with crumbtrail to improve navigation.
2011-05-05 10:29:51 +02:00
Andreas Steffen
1ef7a2ef94
with the 2.6.38 kernel alice is preferred for handling the IKE connections
2011-04-08 07:50:20 +02:00
Andreas Steffen
7346114e9c
added ikev2/rw-eap-peap-mschapv2 scenario
2011-04-06 19:44:58 +02:00
Andreas Steffen
35e2a87e1e
added ikev2/rw-eap-peap-md5 scenario
2011-04-06 19:44:30 +02:00
Andreas Steffen
119b0a45a1
added ikev2/rw-eap-peap-radius scenario
2011-04-06 19:42:52 +02:00
Andreas Steffen
1be296dfb2
implemented the PEAP tunneling protocol as an EAP plugin
2011-04-06 14:42:02 +02:00
Andreas Steffen
bf2233b32d
updated ikev2/rw-eap-tnc scenarios
2011-04-01 19:44:25 +02:00
Andreas Steffen
3f5647819b
redirect debug output of imc/imv pairs to syslog
2011-03-19 23:23:52 +01:00
Andreas Steffen
b03dd40fe6
some changes to the ikev2/rw-eap-tnc-11|20 scenarios
2011-03-19 16:48:06 +01:00
Andreas Steffen
357894c692
af-alg plugin does not require hmac and xcbc plugins
2011-03-18 09:55:26 +01:00
Andreas Steffen
ae04b73eb4
added af-alg-ikev1/alg-camellia scenario
2011-03-18 07:39:21 +01:00
Andreas Steffen
ec160f132c
added af-alg-ikev2/alg-camellia scenario
2011-03-18 07:34:48 +01:00
Andreas Steffen
efe7e863e7
added the af-alg-ikev1/rw-cert scenario
2011-03-17 23:16:41 +01:00
Andreas Steffen
d6946481ae
added the af-alg-ikev2/rw-cert scenario
2011-03-17 22:55:26 +01:00
Andreas Steffen
788fc89cc2
build the af-alg plugin in the UML test environment
2011-03-17 22:53:09 +01:00
Andreas Steffen
76c8b190f8
removed ipsec up %startall from scenario descriptions
2011-02-10 10:03:59 +01:00
Andreas Steffen
f04d1c2dfe
replaced ipsec up %startall command by start_action job
2011-02-09 22:27:04 +01:00
Andreas Steffen
2ecafc7316
added openssl-ikev2/critical-extension scenario
2011-02-08 22:58:31 +01:00
Andreas Steffen
2ee4cb6430
added ikev2/critical-extension scenario
2011-02-08 07:05:23 +01:00
Tobias Brunner
84545f6e7c
Some typos fixed.
2011-02-07 11:39:41 +01:00
Andreas Steffen
3891b75628
disable INITIAL_CONTACT message by setting unigueids=no
2011-02-02 15:58:40 +01:00
Andreas Steffen
f808aa2c44
load constraints plugin in ikev2/multi-level-ca-pathlen scenario
2011-01-31 14:46:16 +01:00
Andreas Steffen
ec9f8440f3
adapted some UML timings
2011-01-31 09:38:22 +01:00
Andreas Steffen
35c58deb67
move sleep into host start if statement
2011-01-31 08:18:34 +01:00
Andreas Steffen
36580b1614
fixed typo
2011-01-31 08:07:28 +01:00
Andreas Steffen
3ba7616d8f
added ikev2/rw-eap-tnc-dynamic scenario
2011-01-31 07:30:41 +01:00
Andreas Steffen
3ba4d12139
updated testing.conf UML configuration file
2011-01-31 05:47:39 +01:00
Andreas Steffen
b6a8cfab4b
additional UML configuration options
2011-01-31 05:47:05 +01:00
Andreas Steffen
fc293c96b2
unset RADIUSHOSTS after before loading new scenario
2010-12-27 06:26:17 +01:00
Andreas Steffen
e27554144a
increase sleep time in mediation scenarios
2010-12-12 21:54:44 +01:00
Andreas Steffen
458e7779a8
reorganized ikev2/rw-eap-tnc scenarios
2010-12-12 12:51:14 +01:00
Andreas Steffen
146e9123a2
added the ikev2/rw-eap-tnc-20 scenario
2010-12-12 10:47:16 +01:00
Andreas Steffen
2965eb3cc7
added sql/multi-level-ca scenario
2010-12-05 21:53:43 +01:00
Andreas Steffen
13a7f5f3e3
added certificate_authorities and certificate_distribution_points tables
2010-12-05 11:30:06 +01:00
Andreas Steffen
2da636fd9b
support of reqid field in SQL database
2010-12-05 11:21:40 +01:00
Andreas Steffen
f143f0f743
use a composite test proposal
2010-12-01 10:05:28 +01:00
Andreas Steffen
cbdcca7fd7
renamed algorithm to proposal
2010-11-30 17:38:49 +01:00
Andreas Steffen
f4e5acef3a
store IKE and ESP proposals in SQL database
2010-11-30 17:03:21 +01:00
Andreas Steffen
b62bde3b95
configured various DPD modes in sql scenarios
2010-11-28 17:41:27 +01:00
Andreas Steffen
11c904b373
added sql/net2net-route-pem scenario
2010-11-28 12:00:44 +01:00
Andreas Steffen
d6a13b895f
added sql/net2net-start-pem scenario
2010-11-28 12:00:19 +01:00
Andreas Steffen
c616d84c3f
start and route connections defined in an SQL database via start_action field and ipsec up %startall command
2010-11-28 11:57:49 +01:00
Andreas Steffen
1f201db699
enabled ha plugin in UML scenarios
2010-11-20 21:52:40 +01:00
Andreas Steffen
d16ecc1753
fixed iptables script of gateway alice
2010-11-20 21:01:54 +01:00
Andreas Steffen
aafe3b090e
removed copy of strongswancCert.pem
2010-11-20 20:34:21 +01:00
Andreas Steffen
4a8ebe0b35
added ha/both-active scenario
2010-11-20 20:16:26 +01:00
Andreas Steffen
841b2b3ee9
created certificate and /etc/hosts entry for virtual gateway mars
2010-11-20 18:20:23 +01:00
Andreas Steffen
77255f477c
version bump to 4.5.1
2010-10-29 09:30:57 +02:00
Andreas Steffen
8d01a80819
do not send certificate requests in EAP-ONLY scenarios
2010-10-14 21:10:03 +02:00
Andreas Steffen
ea7c8b3880
added ikev2/rw-eap-tnc-ls scenario
2010-10-14 21:00:41 +02:00
Andreas Steffen
cf76984c28
Define explicit IKEv1 keyexchange mode V
2010-10-14 16:13:52 +02:00
Andreas Steffen
6587f1a04d
increase eap-tls max_message_count in fragments scenario
2010-10-14 16:09:44 +02:00
Tobias Brunner
e7e48fff9f
Added ssh_config to distribution.
2010-10-14 15:58:26 +02:00
Tobias Brunner
7ec11936e8
testing: Reduce testing runtime by reusing SSH sessions.
...
By using the ControlMaster and ControlPath options, existing SSH sessions
are reused (a session to each host is opened at the beginning of a test
run). Also, RC4 is used as encryption algorithm to further improve the
performance. These changes reduce the runtime by over 20%.
2010-10-14 14:01:26 +02:00
Tobias Brunner
972663ccb0
Define explicit IKEv1 keyexchange mode IV.
2010-10-14 13:55:04 +02:00
Andreas Steffen
897a9baaba
define explicit IKEv1 keyexchange mode III
2010-10-14 07:34:13 +02:00
Andreas Steffen
a885f0737c
fixed ikev2/rw-eap-ttls-radius scenario
2010-10-14 07:26:10 +02:00
Andreas Steffen
d8a379e1e4
fixed ikev2/rw-eap-tnc-radius-block scenario
2010-10-14 07:22:39 +02:00
Andreas Steffen
adf5ebaa28
fixed ikev2/rw-eap-tnc scenario
2010-10-14 07:08:33 +02:00
Andreas Steffen
c763ec09db
fixed ikev2/rw-eap-sim-radius scenario
2010-10-14 07:01:06 +02:00
Andreas Steffen
15a7b95f86
fixed ikev2/rw-eap-sim-only-radius scenario
2010-10-14 06:55:06 +02:00
Andreas Steffen
907ca3d4df
fixed ikev2/mult-auth-rsa-eap-sim-id
2010-10-14 06:41:26 +02:00
Andreas Steffen
e6f685b0fa
scenarios without RADIUS server can use default iptables script
2010-10-11 17:04:53 +02:00
Andreas Steffen
e5f5f612bd
fixed some evaltest.dat files
2010-10-11 16:58:12 +02:00
Andreas Steffen
7d8cb1f952
added ikev2/rw-eap-tnc-block scenario
2010-10-11 16:58:12 +02:00
Andreas Steffen
8efd583a64
explicit ikev1 key exchange for ikev1/esp-alg-null scenario
2010-10-09 22:07:51 +02:00
Andreas Steffen
1e6c92789e
fixed typo
2010-10-09 22:05:26 +02:00
Andreas Steffen
74e14ed631
define explicit IKEv1 key exchange mode II
2010-10-09 20:04:00 +02:00
Andreas Steffen
ed08f7ce83
use DBG_TNC for TNC debugging output
2010-10-09 16:01:19 +02:00
Andreas Steffen
db24b600fb
changed filter attribute from access to allow
2010-10-09 01:01:19 +02:00
Andreas Steffen
a1afa8d810
added ikev2/rw-eap-tnc scenario
2010-10-09 00:59:31 +02:00
Andreas Steffen
8dcc56dcc0
created tnc-imc and tnc-imv plugins
2010-10-07 23:31:23 +02:00
Andreas Steffen
84babfb895
define explicit IKEv1 key exchange mode
2010-10-07 07:31:44 +02:00
Andreas Steffen
9b201cf859
host venus is used in ikev2/rw-eap-tnc-radius scenario
2010-10-06 10:38:18 +02:00
Andreas Steffen
541666b89f
added ikev2/rw-eap-tnc-radius-block scenario
2010-10-06 10:32:50 +02:00
Andreas Steffen
48e16e0ae1
final version of ikev2/rw-eap-tnc-radius scenario
2010-10-05 20:38:34 +02:00
Andreas Steffen
9ffa3f71f2
fixed typo in image path
2010-10-05 09:09:58 +02:00
Andreas Steffen
e7104a6ec9
updated ikev2/rw-eap-tnc-radius scenario
2010-10-05 07:56:57 +02:00
Andreas Steffen
30f14b7066
added configuration files for dummyimc.so IMC
2010-10-01 00:14:44 +02:00
Andreas Steffen
ea893a5de2
The TNC@FHH TNC Serve does not like symbolic links
2010-09-30 23:35:24 +02:00
Andreas Steffen
cae4668ffb
added tnc_config files to TNC scenario
2010-09-30 12:42:18 +02:00
Andreas Steffen
440231e863
load tnccs-11 plugin in ikev2/rw-eap-tnc-radius scenario
2010-09-28 23:52:59 +02:00
Andreas Steffen
4e8e74fcfa
moved TNCCS layer out of eap_tnc plugin
2010-09-28 23:34:04 +02:00
Andreas Steffen
280c8ea2f0
stop gateway after clients in order to check release of virtual IP
2010-09-26 11:31:39 +02:00
Andreas Steffen
1e6cc07ee4
stop gateway after clients in order to check release of virtual IP
2010-09-26 10:58:28 +02:00
Andreas Steffen
234aaf2df2
stop gateway after clients in order to check release of virtual IP
2010-09-26 10:35:12 +02:00
Andreas Steffen
939c4bf2e8
added ikev1/net2net-same-nets scenario
2010-09-09 13:37:30 +02:00
Andreas Steffen
2774826995
added openssl-ikev2/rw-eap-tls-only scenario
2010-09-07 17:14:32 +02:00
Andreas Steffen
6d71f4dcb9
updown script variable is called PLUTO_UDP_ENC
2010-09-03 12:58:10 +02:00
Andreas Steffen
6deeacd965
adapted debug options
2010-09-03 09:29:56 +02:00
Andreas Steffen
4cbe758cd4
adapted debug options
2010-09-03 09:27:16 +02:00
Andreas Steffen
5175adee66
optimized FreeRadius scenarios for debug output
2010-09-02 22:19:37 +02:00
Andreas Steffen
0fb2980281
added ikev2/rw-eap-tnc-radius scenario
2010-09-02 22:19:37 +02:00
Andreas Steffen
c0cecc0a0e
added radius init script mit increased debugging
2010-09-02 22:19:37 +02:00
Andreas Steffen
f9cfb5c836
display configuration and log of FreeRadius servers
2010-09-02 22:19:37 +02:00
Tobias Brunner
fe962bc788
testing: Added ikev1 xfrm mark scenarios.
2010-09-02 19:04:25 +02:00
Tobias Brunner
f23e7394ae
pluto: Added PLUTO_UDP_ENC argument to updown script.
...
This contains the remote UDP port in case of UDP encapsulated ESP.
2010-09-02 19:04:25 +02:00
Tobias Brunner
80c0328eec
testing: Print output of 'make oldconfig' to STDOUT, besides logging it.
2010-09-02 19:04:23 +02:00
Tobias Brunner
f32c0ce7b6
testing: Only sleep after a host has actually been started.
2010-09-02 19:04:22 +02:00
Tobias Brunner
ad808bc2a2
testing: Build strongSwan a bit faster using make -j.
2010-09-02 19:04:22 +02:00
Tobias Brunner
38dd45c480
testing: Force the UML Kernel to x86.
2010-09-02 19:04:22 +02:00
Tobias Brunner
91ea48352c
testing: Adding kernel-netlink to pluto.load statements.
2010-09-02 19:04:22 +02:00
Tobias Brunner
cc9cfc2e11
testing: Added missing host alice to test.conf.
2010-09-02 19:04:22 +02:00
Andreas Steffen
4171cbd60b
adapted evaltest.dat to new RULE_OCSP_VALIDATION
2010-09-01 22:22:27 +02:00
Andreas Steffen
873604dd7f
defined aaa_identity
2010-09-01 00:16:19 +02:00
Andreas Steffen
d93e2e5409
created an eap-tnc method hull
2010-08-30 15:36:34 +02:00
Andreas Steffen
1bc8690f54
replaced ikev2/esp-alg-aes-ctr by ikev2/alg-aes-ctr
2010-08-29 21:52:08 +02:00
Andreas Steffen
6297dc390f
added ctr ccm and gcm plugins to ikev2/rw-cert scenario
2010-08-29 21:11:00 +02:00
Andreas Steffen
8eb74facfe
added ctr ccm and gcm plugins to openssl-ikev2/rw-cert scenario
2010-08-29 21:09:25 +02:00
Andreas Steffen
6aa82ec280
added ctr ccm and gcm plugins to gcrypt-ikev2/rw-cert scenario
2010-08-29 20:50:37 +02:00
Andreas Steffen
4f2a0bd839
replaced ikev2/esp-alg-aes-gcm by ikev2/alg-aes-gcm
2010-08-29 20:39:51 +02:00
Andreas Steffen
8318d88450
replaced ikev2/esp-alg-aes-ccm by ikev2/alg-aes-ccm
2010-08-29 20:24:12 +02:00
Andreas Steffen
421a529f88
added ikev2/rw-eap-tls-fragments scenario
2010-08-24 10:12:15 +02:00
Andreas Steffen
234aa8ee03
use correct network diagram
2010-08-24 10:09:58 +02:00
Andreas Steffen
906680029d
enable the ccm and gcm plugins in the UML scenarios
2010-08-20 12:47:44 +02:00
Andreas Steffen
f9a2d4bfcb
describe EAP-TTLS phase2 start options using the phase2_piggyback parameter
2010-08-16 19:29:39 +02:00
Andreas Steffen
cf95e162f2
added ikev2/rw-eap-ttls-phase2-piggyback scenario
2010-08-16 18:32:00 +02:00
Andreas Steffen
f2b9b9725c
changed ikev2/rw-eap-ttls-only description
2010-08-16 18:30:41 +02:00
Andreas Steffen
d2be215a99
added ikev2/rw-eap-ttls-only scenario
2010-08-16 16:44:13 +02:00
Andreas Steffen
758d7283fb
used default ipsec.secrets
2010-08-15 12:49:14 +02:00
Andreas Steffen
d662a7ffad
included bad case in ikev2/rw-eap-ttls-radius scenario
2010-08-15 11:13:41 +02:00
Andreas Steffen
eb4c9c609c
version bumps in testing.conf
2010-08-14 21:41:52 +02:00
Andreas Steffen
4618430f83
enable the eap-ttls and ctr plugins in the uml scenarios
2010-08-14 21:40:05 +02:00
Andreas Steffen
e8f971ee4e
added rw-eap-ttls-radius scenario
2010-08-14 20:05:21 +02:00
Andreas Steffen
6ac797ad3a
added ikev2/rw-eap-tls-radius
2010-08-05 19:28:06 +02:00
Andreas Steffen
6b717cc28d
no need for strongSwan VID since the EAP_ONLY notification has been officially registered with IANA
2010-08-05 12:47:09 +02:00
Andreas Steffen
8e7920eea1
generated aaa certificate
2010-08-04 12:44:47 +02:00
Andreas Steffen
f8bb082f1f
added ikev2/rw-eap-tls-only scenario
2010-08-04 08:36:27 +02:00
Andreas Steffen
9dffc26b73
--enable eap-tls and --disable-load-warning in uml build
2010-08-04 07:48:19 +02:00
Andreas Steffen
b599b80013
version bump to 4.4.2
2010-07-30 22:26:14 +02:00
Andreas Steffen
ff7b0dd289
added NETMAP rules for the reverse direction
2010-07-27 21:16:44 +02:00
Andreas Steffen
c100dd6b5f
fixed description of ikev2/net2net-same-nets scenario
2010-07-27 20:50:28 +02:00
Andreas Steffen
c74c4c2a20
added net2net-same-nets
2010-07-25 11:56:33 +02:00
Andreas Steffen
e93f452825
remove the private updown scripts after use
2010-07-17 23:25:15 +02:00
Andreas Steffen
15fd135564
minor fixes in the ikev2/rw-mark-in-out scenarios
2010-07-17 17:36:04 +02:00
Andreas Steffen
f5baa5c4cf
some reformulations
2010-07-17 17:19:26 +02:00
Andreas Steffen
d2d7ed9227
the ikev2/nat-two-rw-mark and ikev2/rw-mark-in-out scenarios use the PLUTO_MARK_IN and PLUTO_ESP_ENC variables in the mark_update script
2010-07-17 16:32:47 +02:00
Andreas Steffen
34e93c0280
fix html error in scenario description
2010-07-17 13:09:28 +02:00
Andreas Steffen
cde633d632
all x509 based sql scenarios require the revocation plugin
2010-07-15 23:19:52 +02:00
Andreas Steffen
c349a68b2e
all x509 based pfkey scenarios require the revocation plugin
2010-07-15 23:17:37 +02:00
Andreas Steffen
f5731b4579
all x509 based p2pnat scenarios require the revocation plugin
2010-07-15 23:07:12 +02:00
Andreas Steffen
295d9cc313
all x509 based ipv6/*-ikev2 scenarios require the revocation plugin
2010-07-15 23:02:17 +02:00
Andreas Steffen
84fe65bd43
all x509 based ike scenarios require the revocation plugin
2010-07-15 22:40:20 +02:00
Andreas Steffen
001787b3eb
all x509 based openssl-ikev2 scenarios require the revocation plugin
2010-07-15 22:33:05 +02:00
Andreas Steffen
6c2bd2a7d8
all x509 based gcrypt-ikev2 scenarios require the revocation plugin
2010-07-15 22:03:16 +02:00
Andreas Steffen
2cf4d34f2f
all x509 based ikev2 scenarios require the revocation plugin
2010-07-15 21:39:01 +02:00
Andreas Steffen
afe5d482db
ikev2/net2net-psk-dscp does not need certificate support
2010-07-15 21:37:45 +02:00
Andreas Steffen
a3527c39dd
add revocation plugin to ikev2/rw-cert scenario
2010-07-15 20:03:11 +02:00
Andreas Steffen
fccf00576f
activate --enable-addrblock configure option in UML scenarios
2010-07-13 21:04:20 +02:00
Martin Willi
f90d465ce2
Added addrblock plugin to RFC3779 test cases
2010-07-13 10:26:07 +02:00
Martin Willi
1f457546c1
Added revocation plugin to ikev2 crl/ocsp test cases
2010-07-13 10:26:07 +02:00
Andreas Steffen
bb021fbbc9
updated ikev2/ip-two-pools-db scenario to support pool and identity based dns attributes
2010-07-12 20:54:40 +02:00
Andreas Steffen
ab635e029e
updated SQL templates to support attribute pool and identity parameters
2010-07-12 20:28:34 +02:00
Heiko Hund
ec7adea007
Added support for named attribute groups
...
Add the possibility to group attributes by a name and assign these
groups to connections. This allows a more granular configuration of
which client will receive what atrributes.
2010-07-09 13:09:31 +02:00
Andreas Steffen
f65e0dc80f
added ikev2/net2net-psk-dscp2 DiffServ scenario
2010-07-09 11:55:01 +02:00
Andreas Steffen
9f94906815
added ikev2/nat-two-rw-mark-in-out scenario
2010-07-09 09:36:03 +02:00
Andreas Steffen
bcf608c848
some changes to the ikev2/nat-two-rw-mark scenario
2010-07-09 09:35:02 +02:00
Andreas Steffen
36b3c0a8dd
regenerated loop intermediate CA certificates
2010-07-03 18:18:30 +02:00
Andreas Steffen
342fc85e9e
added ikev2/nat-two-rw-mark scenario
2010-07-03 13:25:09 +02:00
Andreas Steffen
b3f65304ba
check for installed aead algorithms in kernel
2010-06-27 22:26:00 +02:00
Andreas Steffen
39e3b58fe4
use --addattr
2010-06-05 13:49:01 +02:00
Andreas Steffen
88613f159d
use --addattr
2010-06-05 13:47:23 +02:00
Andreas Steffen
4321d19d1e
added ikev2/nat-virtual-ip scenario
2010-06-05 13:42:28 +02:00
Andreas Steffen
b2be7dd621
remove stray carolReq.pem
2010-06-05 13:36:39 +02:00
Andreas Steffen
5a9a255ae5
share pool in ikev1/mode-config-multiple scenario
2010-06-05 13:17:51 +02:00
Andreas Steffen
6d989d356b
use --addattr
2010-06-05 13:15:03 +02:00
Andreas Steffen
bdd28aa9c5
remove stray scenario files
2010-06-05 13:10:39 +02:00
Andreas Steffen
5b6200888b
remove x509 plugin from openssl-ikev1 scenarios
2010-05-28 23:22:15 +02:00
Andreas Steffen
bd371ccac7
remove x509 plugin from remaining openssl-ikev2 scenarios
2010-05-25 15:49:58 +02:00
Andreas Steffen
2996cb3163
openssl-ikev2/rw-cert scenario doesn't need x509 plugin any more
2010-05-25 15:26:46 +02:00
Andreas Steffen
b596f4f260
updated ikev1/rw-cert scenario to support xauth integrity test
2010-05-19 08:31:39 +02:00
Andreas Steffen
73434ce9eb
updated ikev1/xauth-rsa-mode-config scenario to support xauth plugin
2010-05-18 22:57:12 +02:00
Andreas Steffen
1fe5d973cb
updated ikev1/xauth-psk-mode-config scenario to support xauth plugin
2010-05-18 22:56:42 +02:00
Andreas Steffen
17adc8d074
updated ikev1/xauth-psk-mode-config scenario to support xauth plugin
2010-05-18 22:48:37 +02:00
Andreas Steffen
efde96b38e
updated ikev1/xauth-rsa-nosecret scenario to support xauth plugin
2010-05-18 20:20:55 +02:00
Andreas Steffen
4f1110ab7b
created ikev1/xauth-id-psk scenario
2010-05-18 20:04:52 +02:00
Andreas Steffen
dc5d63a599
updated ikev1/xauth-psk scenario to support xauth plugin
2010-05-18 20:04:02 +02:00
Andreas Steffen
8ebc3da64c
updated ikev1/xauth-rsa-fail scenario to xauth plugin
2010-05-18 16:54:25 +02:00
Andreas Steffen
2549ff7849
created ikev1/xauth-id-rsa scenario using XAUTH identities
2010-05-18 16:54:25 +02:00
Andreas Steffen
0a6085b13e
updated ikev1/xauth-rsa scenario to xauth plugin
2010-05-18 16:54:25 +02:00
Andreas Steffen
ee1bdd85d3
it's too late on Saturday evening
2010-05-15 18:52:59 +02:00
Andreas Steffen
3399c3dca0
roll back some changes
2010-05-15 18:48:35 +02:00
Andreas Steffen
31b39e5f7c
encoding of MODE_TUNNEL changed
2010-05-15 18:36:14 +02:00
Andreas Steffen
20ae6eccf5
the keyid is a subjectKeyIdentifier
2010-05-15 17:03:04 +02:00
Andreas Steffen
ccfd54e68d
fixed keyids in sql/rw-psk-rsa-split scenario
2010-05-15 16:55:08 +02:00
Andreas Steffen
4636f1579c
fixed keyids in sql/rw-eap-aka-rsa scenario
2010-05-15 16:44:53 +02:00
Andreas Steffen
88e180489a
fixed keyids in sql/rw-cert scenario
2010-05-15 16:34:50 +02:00
Andreas Steffen
829b790e5b
fixed keyids in sql/net2net-cert scenario
2010-05-15 16:20:34 +02:00
Andreas Steffen
d147de932e
inserted newline
2010-05-15 16:13:22 +02:00
Andreas Steffen
c572f93ed7
fixed keyids in sql/ip-split-pools-db-restart scenario
2010-05-15 16:11:08 +02:00
Andreas Steffen
2948e3d0c2
fixed keyids in sql/ip-split-pools-db scenario
2010-05-15 13:40:11 +02:00
Andreas Steffen
1ae9353d8a
fixed keyids in sql/ip-pool-db-restart scenario
2010-05-15 13:22:49 +02:00
Andreas Steffen
f2c84bd890
fixed keyids in sql/ip-pool-db-expired scenario
2010-05-15 13:07:22 +02:00
Andreas Steffen
0ee2c5e9be
fixed keyids in sql/ip-pool-db scenario
2010-05-15 13:06:48 +02:00
Andreas Steffen
b8520ad50d
adapted evaltest of ikev1/ip-pool-db-push scenario to resolve plugin
2010-05-14 17:26:59 +02:00
Andreas Steffen
9e229e284f
adapted evaltest of ikev1/ip-pool-db scenario to resolve plugin
2010-05-14 17:20:28 +02:00
Andreas Steffen
a273546854
adapted evaltest of ikev1/mode-config-push scenario to resolve plugin
2010-05-14 15:12:03 +02:00
Andreas Steffen
3cbf6db653
adapted evaltest to resolve plugin
2010-05-14 11:07:26 +02:00
Andreas Steffen
a784c540e5
version bump to 4.4.1
2010-05-03 09:09:43 +02:00
Andreas Steffen
4c9b5e742a
updated options in testing.conf
2010-05-02 11:47:24 +02:00
Andreas Steffen
cb9c497a86
added ikev1/alg-esp-aes-gmac scenario
2010-04-27 13:48:37 +02:00
Andreas Steffen
6f7dac0d72
added ikev2/alg-esp-aes-gmac scenario
2010-04-27 13:13:10 +02:00
Andreas Steffen
6207b63d76
added ikev1/alg-modp-subgroup scenario
2010-04-23 15:23:54 +02:00
Andreas Steffen
9239fc4a15
added ikev2/alg-modp-subgroup scenario
2010-04-23 15:03:16 +02:00
Andreas Steffen
2dbff1bf53
added ikev2/dhcp-static-client-id scenario
2010-04-23 12:56:59 +02:00
Andreas Steffen
55fe05d489
fixed optional dnsmasq.conf in the ikev2/dhcp-static-mac scenario
2010-04-23 12:38:30 +02:00
Andreas Steffen
837e9fda57
added ikev2/dhcp-static-mac scenario
2010-04-23 12:33:11 +02:00
Andreas Steffen
bcd20cc987
added ikev2/dhcp-dynamic scenario
2010-04-23 11:52:37 +02:00
Tobias Brunner
355c3a66b1
When logging to the database, the IDs of an IKE SA are initially NULL.
2010-04-12 13:51:10 +02:00
Andreas Steffen
9391b485f7
updated DER versions of research and sales CAs
2010-04-11 22:00:01 +02:00
Andreas Steffen
6e939d2f94
added ikev1/ip-two-pools-mixed scenario
2010-04-11 17:05:42 +02:00
Andreas Steffen
2544e08ec7
IKEv1 uses Mode Config payload
2010-04-11 16:09:09 +02:00
Andreas Steffen
b87edeaade
added ikev1/ip-two-pools scenario
2010-04-11 16:05:54 +02:00
Andreas Steffen
a4b2332fd2
remove virtual interfaces after scenario
2010-04-11 16:05:04 +02:00
Andreas Steffen
b516382cc9
added ikev1/ip-pool scenario
2010-04-11 14:40:04 +02:00
Andreas Steffen
b74cd9573d
pluto now requires attr plugin for dns and nbns server loading from strongswan.conf
2010-04-09 21:03:44 +02:00
Andreas Steffen
6c1dc87551
recovered private keys of no CDP certificates
2010-04-07 19:38:10 +02:00
Andreas Steffen
589d175a05
recovered lost Duck CA certificates
2010-04-07 19:38:10 +02:00
Andreas Steffen
e6e8eb09dd
fixed ikev1/protoport-route timing
2010-04-07 13:24:58 +02:00
Andreas Steffen
c3379af391
removed whitespace
2010-04-07 13:07:11 +02:00
Andreas Steffen
ef4aa67bf7
generated new research and sales CA certs for carol and dave, respectively
2010-04-07 13:05:17 +02:00
Andreas Steffen
586c137016
prolonged Research and Sales CA certs
2010-04-06 12:05:39 +02:00
Andreas Steffen
7d00ebfb54
wait one second before running evaluations
2010-04-06 10:55:59 +02:00
Andreas Steffen
efd16e405a
increase UML root file system to 700 MB
2010-04-05 20:23:20 +02:00
Andreas Steffen
5ee07585aa
added ikev2/nat-virtual-ip scenario
2010-04-05 14:03:38 +02:00
Andreas Steffen
a287bdd46c
farp scenario requires logging of arp packets
2010-04-05 14:01:29 +02:00
Andreas Steffen
eb11d1c58c
added ikev2/farp scenario
2010-04-05 12:50:32 +02:00
Andreas Steffen
b49cbd68a6
added dave2 and carol2 entries to /etc/hosts
2010-04-05 12:50:07 +02:00
Andreas Steffen
3ad78f0239
compile dhcp and farp plugins in UMLs
2010-03-28 22:40:20 +02:00
Andreas Steffen
5d91d4c6d7
moved attr-sql plugin to libhydra in pool scenarios
2010-03-28 22:33:30 +02:00
Andreas Steffen
0ef84e5e4d
enable build of socket-default plugin
2010-03-11 21:53:18 +01:00
Andreas Steffen
44f1024705
mixed IKEv1/IKEv2 scenarios require socket-raw
2010-03-11 21:32:36 +01:00
Tobias Brunner
a5166b16a1
Adding socket-default to the plugin list in all test cases.
2010-03-09 17:43:21 +01:00
Andreas Steffen
3cfbc91a98
renewed Authorization Authority certificate
2010-02-27 22:16:36 +01:00
Andreas Steffen
b65d7f8a15
version bump to 4.4.0
2010-02-15 20:58:41 +01:00
Andreas Steffen
2d07095e01
hash-and-url avoids IP fragementation, cert and crl fetch based on IPv6
2010-02-06 12:34:41 +01:00
Andreas Steffen
dd0b1b9a16
generated hash-and-url files for rfc3779 certs
2010-02-06 11:41:44 +01:00
Andreas Steffen
76fe5500c4
hash-and-url avoids IP fragementation, cert and crl fetch based on IPv6
2010-02-06 11:39:33 +01:00
Andreas Steffen
5094bfd85f
hash-and-url avoids IP fragmentation, cert and crl fetch based on IPv6
2010-02-05 20:39:13 +01:00
Andreas Steffen
61d7ff0c19
IPv6 fragment and http access are not needed in PSK scenario
2010-02-05 20:27:03 +01:00
Andreas Steffen
699c47a9be
hash-and-url avoids IP fragmentation, cert and crl fetch based on IPv6
2010-02-05 20:16:26 +01:00
Andreas Steffen
1f2da75069
IPv6 frag netfilter rule not needed anymore
2010-02-05 20:04:01 +01:00
Andreas Steffen
563a177830
hash-and-url avoids IP fragmentation, cert and crl fetch based on IPv6
2010-02-05 19:58:42 +01:00
Andreas Steffen
52719d719c
use static IPsec policy netfilter rules in MOBIKE scenarios
2010-02-04 10:05:44 +01:00
Andreas Steffen
8501181925
remove any charon.pid files remaining at the end of each scenario
2010-02-04 08:53:52 +01:00
Andreas Steffen
00eb9267ad
IPSEC_ROUTING_TABLE is now called routing_table
2010-02-03 19:32:50 +01:00
Andreas Steffen
ec37b04732
differentiate between executed and displayed iptables commands
2010-02-03 19:21:55 +01:00
Andreas Steffen
0d8bdf24ff
added ikev2/inactivity-timeout scenario
2010-02-03 10:28:30 +01:00
Andreas Steffen
8fb389b299
added ikev2/rw-eap-sim-only-radius scenario
2010-01-11 11:20:45 +01:00
Andreas Steffen
87eb27681a
send strongSwan Vendor ID in ikev2/alg-sha256-96 scenario
2010-01-11 00:54:33 +01:00
Andreas Steffen
a2847740d2
removed charon-specific load statement in pluto scenario
2009-12-26 17:13:53 +01:00
Andreas Steffen
c5454eaf61
added RFC 3779 CA
2009-12-25 11:20:59 +01:00