da7a46b73b
upgraded ike scenarios to 5.0.0
2012-05-25 16:58:17 +02:00
d2933125d5
added IKEv1 IPCOMP pluto-charon interoperability scenarios
2012-05-25 12:52:21 +02:00
b253008544
upgraded ikev1/compress to 5.0.0
2012-05-24 17:36:27 +02:00
fa50a89c95
added ikev1/xauth-rsa-eap-md5-radius scenario
2012-05-24 09:26:00 +02:00
31c83b973e
load nonce plugin
2012-05-23 15:05:57 +02:00
ad59f3a91a
added ikev1 pluto-charon interoperability scenarios
2012-05-23 14:47:41 +02:00
148b643880
upgraded ikev1 scenarios to 5.0.0
2012-05-23 14:45:15 +02:00
7a56c35fc9
Remove executable flag from source files.
2012-05-18 10:04:08 +02:00
5cc6dc8b39
check for ESP in UDP encapsulation
2012-05-12 12:15:58 +02:00
a56fdff194
upgraded ikev2 scenarios to 5.0.0
2012-05-11 11:00:32 +02:00
0e1c6fa2a9
suppress leak detective output
2012-05-11 05:48:11 +02:00
86aab92248
upgraded ha scenario for 5.0.0
2012-05-06 15:03:26 +02:00
922e0d0975
added gcrypt-ikev1 pluto interoperability tests
2012-05-06 09:51:19 +02:00
949d08dfca
upgraded gcrypt-ikev1 scenarios to 5.0.0
2012-05-06 09:25:31 +02:00
04d7b1725d
upgraded gcrypt-ikev2 scenarios to 5.0.0
2012-05-06 09:23:09 +02:00
8f834c16ae
upgraded pfkey scenarios to 5.0.0
2012-05-05 11:55:48 +02:00
6624b8be24
removed leftover ipsec.conf parameters
2012-05-05 09:20:42 +02:00
84b291e668
upgraded sql scenarios to 5.0.0
2012-05-05 09:16:15 +02:00
8a5a33b52e
upgrade p2pnat scenarios to 5.0.0
2012-05-04 14:56:09 +02:00
e5502cd2b5
updated af-alg scenarios to 5.0.0
2012-05-04 12:15:30 +02:00
680609b972
added openssl-ikev1 pluto interoperability tests
2012-05-04 12:12:39 +02:00
1e9b62ad50
deleted unneeded openssl-ikev1 files
2012-05-04 12:11:57 +02:00
90e941fb97
upgraded openssl-ikev1 scenarios to 5.0.0
2012-05-04 12:06:45 +02:00
3805e569f6
upgraded openssl-ikev2 scenarios to 5.0.0
2012-05-04 12:03:05 +02:00
22bec9d4ae
upgraded tnc scenarios to 5.0.0
2012-05-04 11:57:31 +02:00
6c5873d448
updated testing.conf for 5.0.0
2012-05-02 22:53:11 +02:00
9fc69a0c81
two new options for 5.0.0 UML testing
2012-05-02 21:13:14 +02:00
fe23d9aaa4
ikev2/net2net-pubkey scenario does not need dnskey plugin
2012-04-30 07:02:08 +02:00
86b79a5f6d
added ikev2/net2net-pubkey scenario
2012-04-30 00:33:18 +02:00
7ea31a17ea
added ikev2/net2net-rsa scenario
2012-04-30 00:32:58 +02:00
2338b9f019
added ikev2/rw-eap-md5-id-prompt scenario
2012-04-29 19:10:25 +02:00
5ff8fe5d48
activated cmac plugin in UML test suites
2012-04-22 22:22:25 +02:00
3cea55b0c8
corrected description
2012-03-17 23:22:25 +01:00
9da795392e
added ikev2/esp-alg-sha1-160 scenario
2012-03-17 23:20:03 +01:00
d9b539dc33
added ikev2/esp-alg-md5-128 scenario
2012-03-17 22:56:37 +01:00
bd360b3911
keep a copy of refreshed carolCert-ocsp.pem
2012-03-15 07:59:42 +01:00
ebf292bad0
refreshed carolCert-ocsp.pem
2012-03-15 07:58:35 +01:00
ea2f340e27
added tnc/tnccs-20-pdp scenario
2012-03-14 08:47:12 +01:00
9b8053a63a
edited description of tnc/tnccs-11-radius scenario
2012-03-14 08:46:52 +01:00
70fd2d1af7
created tnc-pdp policy decision point plugin
2012-03-13 16:27:16 +01:00
2af22e1135
adapted debug output check in openssl-ikev2/rw-eap-tls-only scenario
2012-02-07 20:31:17 +01:00
269e487567
open RADIUS accounting port in firewall
2012-02-06 20:45:21 +01:00
9755910d7f
added ikev2/rw-radius-accounting scenario
2012-02-06 12:52:48 +01:00
48bf8ce9bd
added openssl-ikev2/ecdsa-pkcs8 scenario
2012-02-03 11:44:04 +01:00
6b4e0dd504
added ikev2/rw-pkcs8 scenario
2012-02-03 11:10:13 +01:00
35a1986142
Fixed additional typos in comments and log messages.
2012-01-12 11:42:42 +01:00
a24f2241bc
made ikev2/reauth-late scenario more robust
2011-12-21 06:00:13 +01:00
034b792b90
added Attestation IMC/IMV to UML build
2011-12-18 18:07:47 +01:00
19e9bdda1f
added UML support for IF-MAP interface
2011-12-12 17:00:50 +01:00
63179fd459
upgraded Test IMC/IMV pair to fully support multple IMC IDs
2011-12-11 22:01:49 +01:00
566311862f
moved random plugin in front of openssl in order to prefer gmp
2011-11-05 07:24:17 +01:00
0986fe362f
added integrity test to rw-eap-sim-rsa and rw-eap-aka-rsa scenarios
2011-11-04 11:27:19 +01:00
a12bb386f7
enable integrity test in tnc/tnccs-dynamic scenario
2011-11-02 09:30:18 +01:00
6ae024392b
removed xcbc plugin from sql scenarios
2011-11-01 00:16:35 +01:00
5153af66e0
added tnc-tnccs plugin and removed xcbc plugin
2011-10-25 15:20:03 +02:00
448fc5091f
updated strong certificates
2011-10-17 18:04:12 +02:00
f63f7822ed
Run scenarios without xcbc plugin
2011-10-17 14:08:50 +02:00
91adba2051
Run scenarios without xcbc plugin
2011-10-16 17:18:32 +02:00
8b0e38e69e
run scenarios without xcbc plugin
2011-10-14 17:41:08 +02:00
fc67132697
due to a bug fix reverted to the previous RULE_CRL_VALIDATION check
2011-09-09 09:25:54 +02:00
7ec35f561c
show correct network topology in shunt-policies scenarios
2011-07-26 07:55:20 +02:00
92032fd4d6
Fixed sleep command in two test cases.
2011-07-21 16:34:37 +02:00
f3bb1bd039
Fixed common misspellings.
...
Mostly found by 'codespell'.
2011-07-20 16:14:10 +02:00
456c668d92
added ikev2/net2net-esn scenario
2011-07-16 14:12:23 +02:00
0cb5d713ab
alice is now master in the ha/both-active scenario
2011-07-14 17:31:47 +02:00
9de0f9d487
short form changed
2011-07-14 16:49:41 +02:00
52ba840d5c
adapted tnc scenarios to new imcvs library path
2011-07-06 21:55:17 +02:00
1f3b5c7778
corrected description of shunt-policies scenario
2011-07-05 22:07:42 +02:00
d6e40a3b91
start and stop apache server on dave
2011-07-04 22:40:46 +02:00
0b0f36cc1a
added ITA Scanner IMC/IMV pair to tnccs-11-radius-block scenario
2011-07-04 22:32:34 +02:00
31479712b5
added ITA Scanner IMC/IMV pair to tnccs-20 and tnccs-20-block scenarios
2011-07-04 21:44:22 +02:00
d9cdab9249
added ITA Scanner IMC/IMV pair which detects open server ports on TNC clients
2011-07-04 21:40:25 +02:00
c755c365d7
fixed sql/shunt-policies scenario
2011-06-29 08:23:58 +02:00
f87991704e
implemented PASS and DROP shunt policies
2011-06-28 19:42:54 +02:00
535f5d8a10
added tnc/tnccs-20-server-retry scenario
2011-06-23 19:59:27 +02:00
6b57728cce
renamed tncss-20-retry scenario to tnccs-20-client-retry
2011-06-23 19:59:00 +02:00
9368185260
restablish the lost links to the TNC@FHH project
2011-06-15 14:16:58 +02:00
f9b5d9ae9c
fixed some descriptions
2011-06-15 14:07:16 +02:00
da73199fe5
added the tnc/tnccs-20-retry scenario
2011-06-15 14:06:48 +02:00
8b3d522620
link to the TNC@FHH project
2011-06-03 08:36:57 +02:00
b24ffda989
fixed sleep command in ikev1/esp-ah-tunnel scenario
2011-06-03 07:05:43 +02:00
7bd580bf08
active and passive IKEv2 hosts changed again
2011-06-03 01:47:25 +02:00
2e60060095
moved TNC scenarios to tnc folder
2011-06-03 00:47:20 +02:00
51679e67c9
ikev2/rw-eap-tnc-11-radius scenario now uses a PA-TNC IMC/IMV pair
2011-06-02 12:36:27 +02:00
0410c3c363
disable leak_detective in ikev2/rw-eap-tnc-11-radius scenario
2011-06-01 22:17:32 +02:00
a420b4736f
output strongswan.conf and daemon.log on RADIUS hosts with strongSwan IMV
2011-06-01 21:38:03 +02:00
7e432eff6b
renamed tls_reader|writer to bio_* and moved to libstrongswan
2011-05-31 15:46:51 +02:00
4cefb9bd10
removed unused files
2011-05-31 15:46:51 +02:00
a5cfcc5f50
re-established a deleted colon character
2011-05-30 22:48:53 +02:00
ea9f1002cd
cleaned up the rw-eap-tnc-20 and rw-eap-tnc-20-fhh scenarios
2011-05-30 21:46:45 +02:00
83348c80e4
added the ikev2/rw-eap-tnc-20 scenario based on the RFC 5792 PA-TNC protocol
2011-05-30 21:31:50 +02:00
61420db66c
renamed ikev2/rw-eap-tnc-20 scenario to rw-eap-tnc-20-fhh
2011-05-30 21:28:07 +02:00
636a7d2bc3
whitelisting can already be enabled in strongswan.conf
2011-05-14 17:11:15 +02:00
8afbc768f3
added ikev2/rw-whitelist scenario
2011-05-12 21:11:01 +02:00
a855af9544
testing: Properly align numbers of succeeded and failed tests in overview page.
2011-05-05 10:29:52 +02:00
e296fc2d26
testing: Add crumbtrail to overview page which lists all tests.
2011-05-05 10:29:52 +02:00
ca25eb9eb3
testing: Directly link to index.html of tests to allow browsing via file://.
2011-05-05 10:29:52 +02:00
e8ae55f64b
testing: Avoid adding additional spacing around testresults.
2011-05-05 10:29:52 +02:00
074919dcc5
testing: Replace back link in results with crumbtrail to improve navigation.
2011-05-05 10:29:51 +02:00
1ef7a2ef94
with the 2.6.38 kernel alice is preferred for handling the IKE connections
2011-04-08 07:50:20 +02:00
7346114e9c
added ikev2/rw-eap-peap-mschapv2 scenario
2011-04-06 19:44:58 +02:00
35e2a87e1e
added ikev2/rw-eap-peap-md5 scenario
2011-04-06 19:44:30 +02:00
119b0a45a1
added ikev2/rw-eap-peap-radius scenario
2011-04-06 19:42:52 +02:00
1be296dfb2
implemented the PEAP tunneling protocol as an EAP plugin
2011-04-06 14:42:02 +02:00
bf2233b32d
updated ikev2/rw-eap-tnc scenarios
2011-04-01 19:44:25 +02:00
3f5647819b
redirect debug output of imc/imv pairs to syslog
2011-03-19 23:23:52 +01:00
b03dd40fe6
some changes to the ikev2/rw-eap-tnc-11|20 scenarios
2011-03-19 16:48:06 +01:00
357894c692
af-alg plugin does not require hmac and xcbc plugins
2011-03-18 09:55:26 +01:00
ae04b73eb4
added af-alg-ikev1/alg-camellia scenario
2011-03-18 07:39:21 +01:00
ec160f132c
added af-alg-ikev2/alg-camellia scenario
2011-03-18 07:34:48 +01:00
efe7e863e7
added the af-alg-ikev1/rw-cert scenario
2011-03-17 23:16:41 +01:00
d6946481ae
added the af-alg-ikev2/rw-cert scenario
2011-03-17 22:55:26 +01:00
788fc89cc2
build the af-alg plugin in the UML test environment
2011-03-17 22:53:09 +01:00
76c8b190f8
removed ipsec up %startall from scenario descriptions
2011-02-10 10:03:59 +01:00
f04d1c2dfe
replaced ipsec up %startall command by start_action job
2011-02-09 22:27:04 +01:00
2ecafc7316
added openssl-ikev2/critical-extension scenario
2011-02-08 22:58:31 +01:00
2ee4cb6430
added ikev2/critical-extension scenario
2011-02-08 07:05:23 +01:00
84545f6e7c
Some typos fixed.
2011-02-07 11:39:41 +01:00
3891b75628
disable INITIAL_CONTACT message by setting unigueids=no
2011-02-02 15:58:40 +01:00
f808aa2c44
load constraints plugin in ikev2/multi-level-ca-pathlen scenario
2011-01-31 14:46:16 +01:00
ec9f8440f3
adapted some UML timings
2011-01-31 09:38:22 +01:00
35c58deb67
move sleep into host start if statement
2011-01-31 08:18:34 +01:00
36580b1614
fixed typo
2011-01-31 08:07:28 +01:00
3ba7616d8f
added ikev2/rw-eap-tnc-dynamic scenario
2011-01-31 07:30:41 +01:00
3ba4d12139
updated testing.conf UML configuration file
2011-01-31 05:47:39 +01:00
b6a8cfab4b
additional UML configuration options
2011-01-31 05:47:05 +01:00
fc293c96b2
unset RADIUSHOSTS after before loading new scenario
2010-12-27 06:26:17 +01:00
e27554144a
increase sleep time in mediation scenarios
2010-12-12 21:54:44 +01:00
458e7779a8
reorganized ikev2/rw-eap-tnc scenarios
2010-12-12 12:51:14 +01:00
146e9123a2
added the ikev2/rw-eap-tnc-20 scenario
2010-12-12 10:47:16 +01:00
2965eb3cc7
added sql/multi-level-ca scenario
2010-12-05 21:53:43 +01:00
13a7f5f3e3
added certificate_authorities and certificate_distribution_points tables
2010-12-05 11:30:06 +01:00
2da636fd9b
support of reqid field in SQL database
2010-12-05 11:21:40 +01:00
f143f0f743
use a composite test proposal
2010-12-01 10:05:28 +01:00
cbdcca7fd7
renamed algorithm to proposal
2010-11-30 17:38:49 +01:00
f4e5acef3a
store IKE and ESP proposals in SQL database
2010-11-30 17:03:21 +01:00
b62bde3b95
configured various DPD modes in sql scenarios
2010-11-28 17:41:27 +01:00
11c904b373
added sql/net2net-route-pem scenario
2010-11-28 12:00:44 +01:00
d6a13b895f
added sql/net2net-start-pem scenario
2010-11-28 12:00:19 +01:00
c616d84c3f
start and route connections defined in an SQL database via start_action field and ipsec up %startall command
2010-11-28 11:57:49 +01:00
1f201db699
enabled ha plugin in UML scenarios
2010-11-20 21:52:40 +01:00
d16ecc1753
fixed iptables script of gateway alice
2010-11-20 21:01:54 +01:00
aafe3b090e
removed copy of strongswancCert.pem
2010-11-20 20:34:21 +01:00
4a8ebe0b35
added ha/both-active scenario
2010-11-20 20:16:26 +01:00
841b2b3ee9
created certificate and /etc/hosts entry for virtual gateway mars
2010-11-20 18:20:23 +01:00
77255f477c
version bump to 4.5.1
2010-10-29 09:30:57 +02:00
8d01a80819
do not send certificate requests in EAP-ONLY scenarios
2010-10-14 21:10:03 +02:00
ea7c8b3880
added ikev2/rw-eap-tnc-ls scenario
2010-10-14 21:00:41 +02:00
cf76984c28
Define explicit IKEv1 keyexchange mode V
2010-10-14 16:13:52 +02:00
6587f1a04d
increase eap-tls max_message_count in fragments scenario
2010-10-14 16:09:44 +02:00
e7e48fff9f
Added ssh_config to distribution.
2010-10-14 15:58:26 +02:00
7ec11936e8
testing: Reduce testing runtime by reusing SSH sessions.
...
By using the ControlMaster and ControlPath options, existing SSH sessions
are reused (a session to each host is opened at the beginning of a test
run). Also, RC4 is used as encryption algorithm to further improve the
performance. These changes reduce the runtime by over 20%.
2010-10-14 14:01:26 +02:00
972663ccb0
Define explicit IKEv1 keyexchange mode IV.
2010-10-14 13:55:04 +02:00
897a9baaba
define explicit IKEv1 keyexchange mode III
2010-10-14 07:34:13 +02:00
a885f0737c
fixed ikev2/rw-eap-ttls-radius scenario
2010-10-14 07:26:10 +02:00
d8a379e1e4
fixed ikev2/rw-eap-tnc-radius-block scenario
2010-10-14 07:22:39 +02:00
adf5ebaa28
fixed ikev2/rw-eap-tnc scenario
2010-10-14 07:08:33 +02:00
c763ec09db
fixed ikev2/rw-eap-sim-radius scenario
2010-10-14 07:01:06 +02:00
15a7b95f86
fixed ikev2/rw-eap-sim-only-radius scenario
2010-10-14 06:55:06 +02:00
907ca3d4df
fixed ikev2/mult-auth-rsa-eap-sim-id
2010-10-14 06:41:26 +02:00
e6f685b0fa
scenarios without RADIUS server can use default iptables script
2010-10-11 17:04:53 +02:00
e5f5f612bd
fixed some evaltest.dat files
2010-10-11 16:58:12 +02:00
7d8cb1f952
added ikev2/rw-eap-tnc-block scenario
2010-10-11 16:58:12 +02:00
8efd583a64
explicit ikev1 key exchange for ikev1/esp-alg-null scenario
2010-10-09 22:07:51 +02:00
1e6c92789e
fixed typo
2010-10-09 22:05:26 +02:00
74e14ed631
define explicit IKEv1 key exchange mode II
2010-10-09 20:04:00 +02:00
ed08f7ce83
use DBG_TNC for TNC debugging output
2010-10-09 16:01:19 +02:00
db24b600fb
changed filter attribute from access to allow
2010-10-09 01:01:19 +02:00
a1afa8d810
added ikev2/rw-eap-tnc scenario
2010-10-09 00:59:31 +02:00
8dcc56dcc0
created tnc-imc and tnc-imv plugins
2010-10-07 23:31:23 +02:00
84babfb895
define explicit IKEv1 key exchange mode
2010-10-07 07:31:44 +02:00
9b201cf859
host venus is used in ikev2/rw-eap-tnc-radius scenario
2010-10-06 10:38:18 +02:00
541666b89f
added ikev2/rw-eap-tnc-radius-block scenario
2010-10-06 10:32:50 +02:00
48e16e0ae1
final version of ikev2/rw-eap-tnc-radius scenario
2010-10-05 20:38:34 +02:00
9ffa3f71f2
fixed typo in image path
2010-10-05 09:09:58 +02:00
e7104a6ec9
updated ikev2/rw-eap-tnc-radius scenario
2010-10-05 07:56:57 +02:00
30f14b7066
added configuration files for dummyimc.so IMC
2010-10-01 00:14:44 +02:00
ea893a5de2
The TNC@FHH TNC Serve does not like symbolic links
2010-09-30 23:35:24 +02:00
cae4668ffb
added tnc_config files to TNC scenario
2010-09-30 12:42:18 +02:00
440231e863
load tnccs-11 plugin in ikev2/rw-eap-tnc-radius scenario
2010-09-28 23:52:59 +02:00
4e8e74fcfa
moved TNCCS layer out of eap_tnc plugin
2010-09-28 23:34:04 +02:00
280c8ea2f0
stop gateway after clients in order to check release of virtual IP
2010-09-26 11:31:39 +02:00
1e6cc07ee4
stop gateway after clients in order to check release of virtual IP
2010-09-26 10:58:28 +02:00
234aaf2df2
stop gateway after clients in order to check release of virtual IP
2010-09-26 10:35:12 +02:00
939c4bf2e8
added ikev1/net2net-same-nets scenario
2010-09-09 13:37:30 +02:00
2774826995
added openssl-ikev2/rw-eap-tls-only scenario
2010-09-07 17:14:32 +02:00
6d71f4dcb9
updown script variable is called PLUTO_UDP_ENC
2010-09-03 12:58:10 +02:00
6deeacd965
adapted debug options
2010-09-03 09:29:56 +02:00
4cbe758cd4
adapted debug options
2010-09-03 09:27:16 +02:00
5175adee66
optimized FreeRadius scenarios for debug output
2010-09-02 22:19:37 +02:00
0fb2980281
added ikev2/rw-eap-tnc-radius scenario
2010-09-02 22:19:37 +02:00
c0cecc0a0e
added radius init script mit increased debugging
2010-09-02 22:19:37 +02:00
f9cfb5c836
display configuration and log of FreeRadius servers
2010-09-02 22:19:37 +02:00
fe962bc788
testing: Added ikev1 xfrm mark scenarios.
2010-09-02 19:04:25 +02:00
f23e7394ae
pluto: Added PLUTO_UDP_ENC argument to updown script.
...
This contains the remote UDP port in case of UDP encapsulated ESP.
2010-09-02 19:04:25 +02:00
80c0328eec
testing: Print output of 'make oldconfig' to STDOUT, besides logging it.
2010-09-02 19:04:23 +02:00
f32c0ce7b6
testing: Only sleep after a host has actually been started.
2010-09-02 19:04:22 +02:00
ad808bc2a2
testing: Build strongSwan a bit faster using make -j.
2010-09-02 19:04:22 +02:00
38dd45c480
testing: Force the UML Kernel to x86.
2010-09-02 19:04:22 +02:00
91ea48352c
testing: Adding kernel-netlink to pluto.load statements.
2010-09-02 19:04:22 +02:00
cc9cfc2e11
testing: Added missing host alice to test.conf.
2010-09-02 19:04:22 +02:00
4171cbd60b
adapted evaltest.dat to new RULE_OCSP_VALIDATION
2010-09-01 22:22:27 +02:00
873604dd7f
defined aaa_identity
2010-09-01 00:16:19 +02:00
d93e2e5409
created an eap-tnc method hull
2010-08-30 15:36:34 +02:00
1bc8690f54
replaced ikev2/esp-alg-aes-ctr by ikev2/alg-aes-ctr
2010-08-29 21:52:08 +02:00
6297dc390f
added ctr ccm and gcm plugins to ikev2/rw-cert scenario
2010-08-29 21:11:00 +02:00
8eb74facfe
added ctr ccm and gcm plugins to openssl-ikev2/rw-cert scenario
2010-08-29 21:09:25 +02:00
6aa82ec280
added ctr ccm and gcm plugins to gcrypt-ikev2/rw-cert scenario
2010-08-29 20:50:37 +02:00
4f2a0bd839
replaced ikev2/esp-alg-aes-gcm by ikev2/alg-aes-gcm
2010-08-29 20:39:51 +02:00
8318d88450
replaced ikev2/esp-alg-aes-ccm by ikev2/alg-aes-ccm
2010-08-29 20:24:12 +02:00
421a529f88
added ikev2/rw-eap-tls-fragments scenario
2010-08-24 10:12:15 +02:00
234aa8ee03
use correct network diagram
2010-08-24 10:09:58 +02:00
906680029d
enable the ccm and gcm plugins in the UML scenarios
2010-08-20 12:47:44 +02:00
f9a2d4bfcb
describe EAP-TTLS phase2 start options using the phase2_piggyback parameter
2010-08-16 19:29:39 +02:00
cf95e162f2
added ikev2/rw-eap-ttls-phase2-piggyback scenario
2010-08-16 18:32:00 +02:00
f2b9b9725c
changed ikev2/rw-eap-ttls-only description
2010-08-16 18:30:41 +02:00
d2be215a99
added ikev2/rw-eap-ttls-only scenario
2010-08-16 16:44:13 +02:00
758d7283fb
used default ipsec.secrets
2010-08-15 12:49:14 +02:00
d662a7ffad
included bad case in ikev2/rw-eap-ttls-radius scenario
2010-08-15 11:13:41 +02:00
eb4c9c609c
version bumps in testing.conf
2010-08-14 21:41:52 +02:00
4618430f83
enable the eap-ttls and ctr plugins in the uml scenarios
2010-08-14 21:40:05 +02:00
e8f971ee4e
added rw-eap-ttls-radius scenario
2010-08-14 20:05:21 +02:00
6ac797ad3a
added ikev2/rw-eap-tls-radius
2010-08-05 19:28:06 +02:00
6b717cc28d
no need for strongSwan VID since the EAP_ONLY notification has been officially registered with IANA
2010-08-05 12:47:09 +02:00
8e7920eea1
generated aaa certificate
2010-08-04 12:44:47 +02:00
f8bb082f1f
added ikev2/rw-eap-tls-only scenario
2010-08-04 08:36:27 +02:00
9dffc26b73
--enable eap-tls and --disable-load-warning in uml build
2010-08-04 07:48:19 +02:00
b599b80013
version bump to 4.4.2
2010-07-30 22:26:14 +02:00
ff7b0dd289
added NETMAP rules for the reverse direction
2010-07-27 21:16:44 +02:00
c100dd6b5f
fixed description of ikev2/net2net-same-nets scenario
2010-07-27 20:50:28 +02:00
c74c4c2a20
added net2net-same-nets
2010-07-25 11:56:33 +02:00
e93f452825
remove the private updown scripts after use
2010-07-17 23:25:15 +02:00
15fd135564
minor fixes in the ikev2/rw-mark-in-out scenarios
2010-07-17 17:36:04 +02:00
f5baa5c4cf
some reformulations
2010-07-17 17:19:26 +02:00
d2d7ed9227
the ikev2/nat-two-rw-mark and ikev2/rw-mark-in-out scenarios use the PLUTO_MARK_IN and PLUTO_ESP_ENC variables in the mark_update script
2010-07-17 16:32:47 +02:00
34e93c0280
fix html error in scenario description
2010-07-17 13:09:28 +02:00
cde633d632
all x509 based sql scenarios require the revocation plugin
2010-07-15 23:19:52 +02:00
c349a68b2e
all x509 based pfkey scenarios require the revocation plugin
2010-07-15 23:17:37 +02:00
f5731b4579
all x509 based p2pnat scenarios require the revocation plugin
2010-07-15 23:07:12 +02:00
295d9cc313
all x509 based ipv6/*-ikev2 scenarios require the revocation plugin
2010-07-15 23:02:17 +02:00
84fe65bd43
all x509 based ike scenarios require the revocation plugin
2010-07-15 22:40:20 +02:00
001787b3eb
all x509 based openssl-ikev2 scenarios require the revocation plugin
2010-07-15 22:33:05 +02:00
6c2bd2a7d8
all x509 based gcrypt-ikev2 scenarios require the revocation plugin
2010-07-15 22:03:16 +02:00
2cf4d34f2f
all x509 based ikev2 scenarios require the revocation plugin
2010-07-15 21:39:01 +02:00
afe5d482db
ikev2/net2net-psk-dscp does not need certificate support
2010-07-15 21:37:45 +02:00
a3527c39dd
add revocation plugin to ikev2/rw-cert scenario
2010-07-15 20:03:11 +02:00
fccf00576f
activate --enable-addrblock configure option in UML scenarios
2010-07-13 21:04:20 +02:00
f90d465ce2
Added addrblock plugin to RFC3779 test cases
2010-07-13 10:26:07 +02:00
1f457546c1
Added revocation plugin to ikev2 crl/ocsp test cases
2010-07-13 10:26:07 +02:00
bb021fbbc9
updated ikev2/ip-two-pools-db scenario to support pool and identity based dns attributes
2010-07-12 20:54:40 +02:00
ab635e029e
updated SQL templates to support attribute pool and identity parameters
2010-07-12 20:28:34 +02:00
ec7adea007
Added support for named attribute groups
...
Add the possibility to group attributes by a name and assign these
groups to connections. This allows a more granular configuration of
which client will receive what atrributes.
2010-07-09 13:09:31 +02:00
f65e0dc80f
added ikev2/net2net-psk-dscp2 DiffServ scenario
2010-07-09 11:55:01 +02:00
9f94906815
added ikev2/nat-two-rw-mark-in-out scenario
2010-07-09 09:36:03 +02:00
bcf608c848
some changes to the ikev2/nat-two-rw-mark scenario
2010-07-09 09:35:02 +02:00
36b3c0a8dd
regenerated loop intermediate CA certificates
2010-07-03 18:18:30 +02:00
342fc85e9e
added ikev2/nat-two-rw-mark scenario
2010-07-03 13:25:09 +02:00
b3f65304ba
check for installed aead algorithms in kernel
2010-06-27 22:26:00 +02:00
39e3b58fe4
use --addattr
2010-06-05 13:49:01 +02:00
88613f159d
use --addattr
2010-06-05 13:47:23 +02:00
4321d19d1e
added ikev2/nat-virtual-ip scenario
2010-06-05 13:42:28 +02:00
b2be7dd621
remove stray carolReq.pem
2010-06-05 13:36:39 +02:00
5a9a255ae5
share pool in ikev1/mode-config-multiple scenario
2010-06-05 13:17:51 +02:00
6d989d356b
use --addattr
2010-06-05 13:15:03 +02:00
bdd28aa9c5
remove stray scenario files
2010-06-05 13:10:39 +02:00
5b6200888b
remove x509 plugin from openssl-ikev1 scenarios
2010-05-28 23:22:15 +02:00
bd371ccac7
remove x509 plugin from remaining openssl-ikev2 scenarios
2010-05-25 15:49:58 +02:00
2996cb3163
openssl-ikev2/rw-cert scenario doesn't need x509 plugin any more
2010-05-25 15:26:46 +02:00
b596f4f260
updated ikev1/rw-cert scenario to support xauth integrity test
2010-05-19 08:31:39 +02:00
73434ce9eb
updated ikev1/xauth-rsa-mode-config scenario to support xauth plugin
2010-05-18 22:57:12 +02:00
1fe5d973cb
updated ikev1/xauth-psk-mode-config scenario to support xauth plugin
2010-05-18 22:56:42 +02:00
17adc8d074
updated ikev1/xauth-psk-mode-config scenario to support xauth plugin
2010-05-18 22:48:37 +02:00
efde96b38e
updated ikev1/xauth-rsa-nosecret scenario to support xauth plugin
2010-05-18 20:20:55 +02:00
4f1110ab7b
created ikev1/xauth-id-psk scenario
2010-05-18 20:04:52 +02:00
dc5d63a599
updated ikev1/xauth-psk scenario to support xauth plugin
2010-05-18 20:04:02 +02:00
8ebc3da64c
updated ikev1/xauth-rsa-fail scenario to xauth plugin
2010-05-18 16:54:25 +02:00
2549ff7849
created ikev1/xauth-id-rsa scenario using XAUTH identities
2010-05-18 16:54:25 +02:00
0a6085b13e
updated ikev1/xauth-rsa scenario to xauth plugin
2010-05-18 16:54:25 +02:00
ee1bdd85d3
it's too late on Saturday evening
2010-05-15 18:52:59 +02:00
3399c3dca0
roll back some changes
2010-05-15 18:48:35 +02:00
31b39e5f7c
encoding of MODE_TUNNEL changed
2010-05-15 18:36:14 +02:00
20ae6eccf5
the keyid is a subjectKeyIdentifier
2010-05-15 17:03:04 +02:00
ccfd54e68d
fixed keyids in sql/rw-psk-rsa-split scenario
2010-05-15 16:55:08 +02:00
4636f1579c
fixed keyids in sql/rw-eap-aka-rsa scenario
2010-05-15 16:44:53 +02:00
88e180489a
fixed keyids in sql/rw-cert scenario
2010-05-15 16:34:50 +02:00
829b790e5b
fixed keyids in sql/net2net-cert scenario
2010-05-15 16:20:34 +02:00
d147de932e
inserted newline
2010-05-15 16:13:22 +02:00
c572f93ed7
fixed keyids in sql/ip-split-pools-db-restart scenario
2010-05-15 16:11:08 +02:00
2948e3d0c2
fixed keyids in sql/ip-split-pools-db scenario
2010-05-15 13:40:11 +02:00
1ae9353d8a
fixed keyids in sql/ip-pool-db-restart scenario
2010-05-15 13:22:49 +02:00
f2c84bd890
fixed keyids in sql/ip-pool-db-expired scenario
2010-05-15 13:07:22 +02:00
0ee2c5e9be
fixed keyids in sql/ip-pool-db scenario
2010-05-15 13:06:48 +02:00
b8520ad50d
adapted evaltest of ikev1/ip-pool-db-push scenario to resolve plugin
2010-05-14 17:26:59 +02:00
9e229e284f
adapted evaltest of ikev1/ip-pool-db scenario to resolve plugin
2010-05-14 17:20:28 +02:00
a273546854
adapted evaltest of ikev1/mode-config-push scenario to resolve plugin
2010-05-14 15:12:03 +02:00
3cbf6db653
adapted evaltest to resolve plugin
2010-05-14 11:07:26 +02:00
a784c540e5
version bump to 4.4.1
2010-05-03 09:09:43 +02:00
4c9b5e742a
updated options in testing.conf
2010-05-02 11:47:24 +02:00
cb9c497a86
added ikev1/alg-esp-aes-gmac scenario
2010-04-27 13:48:37 +02:00
6f7dac0d72
added ikev2/alg-esp-aes-gmac scenario
2010-04-27 13:13:10 +02:00
6207b63d76
added ikev1/alg-modp-subgroup scenario
2010-04-23 15:23:54 +02:00
9239fc4a15
added ikev2/alg-modp-subgroup scenario
2010-04-23 15:03:16 +02:00
2dbff1bf53
added ikev2/dhcp-static-client-id scenario
2010-04-23 12:56:59 +02:00
55fe05d489
fixed optional dnsmasq.conf in the ikev2/dhcp-static-mac scenario
2010-04-23 12:38:30 +02:00
837e9fda57
added ikev2/dhcp-static-mac scenario
2010-04-23 12:33:11 +02:00
bcd20cc987
added ikev2/dhcp-dynamic scenario
2010-04-23 11:52:37 +02:00
355c3a66b1
When logging to the database, the IDs of an IKE SA are initially NULL.
2010-04-12 13:51:10 +02:00
9391b485f7
updated DER versions of research and sales CAs
2010-04-11 22:00:01 +02:00
6e939d2f94
added ikev1/ip-two-pools-mixed scenario
2010-04-11 17:05:42 +02:00
2544e08ec7
IKEv1 uses Mode Config payload
2010-04-11 16:09:09 +02:00
b87edeaade
added ikev1/ip-two-pools scenario
2010-04-11 16:05:54 +02:00
a4b2332fd2
remove virtual interfaces after scenario
2010-04-11 16:05:04 +02:00
b516382cc9
added ikev1/ip-pool scenario
2010-04-11 14:40:04 +02:00
b74cd9573d
pluto now requires attr plugin for dns and nbns server loading from strongswan.conf
2010-04-09 21:03:44 +02:00
6c1dc87551
recovered private keys of no CDP certificates
2010-04-07 19:38:10 +02:00
589d175a05
recovered lost Duck CA certificates
2010-04-07 19:38:10 +02:00
e6e8eb09dd
fixed ikev1/protoport-route timing
2010-04-07 13:24:58 +02:00
c3379af391
removed whitespace
2010-04-07 13:07:11 +02:00
ef4aa67bf7
generated new research and sales CA certs for carol and dave, respectively
2010-04-07 13:05:17 +02:00
586c137016
prolonged Research and Sales CA certs
2010-04-06 12:05:39 +02:00
7d00ebfb54
wait one second before running evaluations
2010-04-06 10:55:59 +02:00
efd16e405a
increase UML root file system to 700 MB
2010-04-05 20:23:20 +02:00
5ee07585aa
added ikev2/nat-virtual-ip scenario
2010-04-05 14:03:38 +02:00
a287bdd46c
farp scenario requires logging of arp packets
2010-04-05 14:01:29 +02:00
eb11d1c58c
added ikev2/farp scenario
2010-04-05 12:50:32 +02:00
b49cbd68a6
added dave2 and carol2 entries to /etc/hosts
2010-04-05 12:50:07 +02:00
3ad78f0239
compile dhcp and farp plugins in UMLs
2010-03-28 22:40:20 +02:00
5d91d4c6d7
moved attr-sql plugin to libhydra in pool scenarios
2010-03-28 22:33:30 +02:00
0ef84e5e4d
enable build of socket-default plugin
2010-03-11 21:53:18 +01:00
44f1024705
mixed IKEv1/IKEv2 scenarios require socket-raw
2010-03-11 21:32:36 +01:00
a5166b16a1
Adding socket-default to the plugin list in all test cases.
2010-03-09 17:43:21 +01:00
3cfbc91a98
renewed Authorization Authority certificate
2010-02-27 22:16:36 +01:00
b65d7f8a15
version bump to 4.4.0
2010-02-15 20:58:41 +01:00
2d07095e01
hash-and-url avoids IP fragementation, cert and crl fetch based on IPv6
2010-02-06 12:34:41 +01:00
dd0b1b9a16
generated hash-and-url files for rfc3779 certs
2010-02-06 11:41:44 +01:00
76fe5500c4
hash-and-url avoids IP fragementation, cert and crl fetch based on IPv6
2010-02-06 11:39:33 +01:00
5094bfd85f
hash-and-url avoids IP fragmentation, cert and crl fetch based on IPv6
2010-02-05 20:39:13 +01:00
61d7ff0c19
IPv6 fragment and http access are not needed in PSK scenario
2010-02-05 20:27:03 +01:00
699c47a9be
hash-and-url avoids IP fragmentation, cert and crl fetch based on IPv6
2010-02-05 20:16:26 +01:00
1f2da75069
IPv6 frag netfilter rule not needed anymore
2010-02-05 20:04:01 +01:00
563a177830
hash-and-url avoids IP fragmentation, cert and crl fetch based on IPv6
2010-02-05 19:58:42 +01:00
52719d719c
use static IPsec policy netfilter rules in MOBIKE scenarios
2010-02-04 10:05:44 +01:00
8501181925
remove any charon.pid files remaining at the end of each scenario
2010-02-04 08:53:52 +01:00
00eb9267ad
IPSEC_ROUTING_TABLE is now called routing_table
2010-02-03 19:32:50 +01:00
ec37b04732
differentiate between executed and displayed iptables commands
2010-02-03 19:21:55 +01:00
0d8bdf24ff
added ikev2/inactivity-timeout scenario
2010-02-03 10:28:30 +01:00
8fb389b299
added ikev2/rw-eap-sim-only-radius scenario
2010-01-11 11:20:45 +01:00
87eb27681a
send strongSwan Vendor ID in ikev2/alg-sha256-96 scenario
2010-01-11 00:54:33 +01:00
a2847740d2
removed charon-specific load statement in pluto scenario
2009-12-26 17:13:53 +01:00
c5454eaf61
added RFC 3779 CA
2009-12-25 11:20:59 +01:00
Andreas Steffen