Tobias Brunner
c6e1eda6d0
testing: Set terminal title when logging in via SSH
...
Since we always log in as root use a simpler command prompt. And don't
store duplicate commands in the bash command history.
2013-05-15 10:35:48 +02:00
Andreas Steffen
0f499f41dc
Use attest database in tnc/tnccs-20-os scenario
2013-04-21 16:31:23 +02:00
Reto Buerki
7b702150a0
Add expect-file guest image script
...
This script can be used in pretest.dat files to wait until a given file
appears.
2013-03-19 15:23:50 +01:00
Reto Buerki
0e1d008d71
Add /usr/local/lib/ipsec to linker cache
2013-03-19 15:23:50 +01:00
Andreas Steffen
d7eec03815
removed unneeded DS files
2013-03-05 09:08:25 +01:00
Andreas Steffen
37c589f0e0
Configure winnetou as a DNSSEC enabled nameserver for the strongswan.org, org, and root zones
2013-02-19 12:25:01 +01:00
Reto Buerki
41943e9c1b
Make core dumps work
...
Core dumps are written to the /var/local/dumps directory.
2013-01-17 16:55:04 +01:00
Reto Buerki
2c4954ad24
Switch to 'mapped' access mode for hostfs
...
Passthrough mode only works as expected when running as root. On
Debian/Ubuntu systems qemu runs as user 'libvirt-qemu' and group 'kvm'
so all shared files must be chowned to grant access from guests.
Symlinks created on the host are still problematic because the Plan 9
filesystem has no direct notion of symbolic links, see [1].
[1] - http://ericvh.github.com/9p-rfc/rfc9p2000.u.html
2013-01-17 16:55:04 +01:00
Andreas Steffen
5c09942d54
converted all ipv6 iptables/ip6tables scenarios
2013-01-17 16:55:03 +01:00
Andreas Steffen
b27836412b
Rename UML to KVM tests
2013-01-17 16:55:02 +01:00
Andreas Steffen
cedc96c2c4
implemented ip6tables.rules
2013-01-17 16:55:02 +01:00
Andreas Steffen
9b4477d5b8
activated iptables in some ikev2 scenarios
2013-01-17 16:55:00 +01:00
Reto Buerki
0593b6c975
Export compile directory to guests
...
Use 9p over virtio to share files on the host with the guest domains.
The files are accessible in the guests /hostfs directory.
2013-01-17 16:54:58 +01:00
Reto Buerki
b351656cc7
Disable checksum offloading on moon's eth1 interface
...
Disable checksum offloading on eth1 because it does not currently work
with virtio and the isc-dhcp-server running on venus, see [1].
[1] - https://bugs.mageia.org/show_bug.cgi?id=1243
2013-01-17 16:54:57 +01:00
Reto Buerki
bd4c6122a4
Add ssh config to guest root account
2013-01-17 16:54:56 +01:00
Reto Buerki
76ccd25a05
Add expect-connection guest image script
...
This script can be used in pretest.dat files to wait until an IPsec
connection becomes available. This avoids unconditional sleeps and
improves test performance.
The ipv6 tests have been updated to use the expect-connection script.
2013-01-17 16:54:55 +01:00
Reto Buerki
261cf0e395
Drop build-hostconfig script
...
Use processed host configurations directly instead.
2013-01-17 15:22:10 +01:00
Tobias Brunner
18bce26ea6
Use key(and password-)less SSH authentication
2013-01-17 15:22:09 +01:00
Reto Buerki
766466b8d1
Adapt host configuration
...
Adapt the configuration of the test hosts to the new Debian-based
system.
2012-12-18 16:00:21 +01:00
Andreas Steffen
5d476b4266
updated default configuration of UML hosts to 5.0.0
2012-06-25 13:04:55 +02:00
Andreas Steffen
2be46da56d
added nonce plugin in default host configurations
2012-05-25 17:00:03 +02:00
Andreas Steffen
bd360b3911
keep a copy of refreshed carolCert-ocsp.pem
2012-03-15 07:59:42 +01:00
Andreas Steffen
ebf292bad0
refreshed carolCert-ocsp.pem
2012-03-15 07:58:35 +01:00
Andreas Steffen
448fc5091f
updated strong certificates
2011-10-17 18:04:12 +02:00
Tobias Brunner
f3bb1bd039
Fixed common misspellings.
...
Mostly found by 'codespell'.
2011-07-20 16:14:10 +02:00
Andreas Steffen
13a7f5f3e3
added certificate_authorities and certificate_distribution_points tables
2010-12-05 11:30:06 +01:00
Andreas Steffen
2da636fd9b
support of reqid field in SQL database
2010-12-05 11:21:40 +01:00
Andreas Steffen
cbdcca7fd7
renamed algorithm to proposal
2010-11-30 17:38:49 +01:00
Andreas Steffen
f4e5acef3a
store IKE and ESP proposals in SQL database
2010-11-30 17:03:21 +01:00
Andreas Steffen
c616d84c3f
start and route connections defined in an SQL database via start_action field and ipsec up %startall command
2010-11-28 11:57:49 +01:00
Andreas Steffen
841b2b3ee9
created certificate and /etc/hosts entry for virtual gateway mars
2010-11-20 18:20:23 +01:00
Andreas Steffen
84babfb895
define explicit IKEv1 key exchange mode
2010-10-07 07:31:44 +02:00
Andreas Steffen
c0cecc0a0e
added radius init script mit increased debugging
2010-09-02 22:19:37 +02:00
Tobias Brunner
91ea48352c
testing: Adding kernel-netlink to pluto.load statements.
2010-09-02 19:04:22 +02:00
Andreas Steffen
8e7920eea1
generated aaa certificate
2010-08-04 12:44:47 +02:00
Andreas Steffen
ab635e029e
updated SQL templates to support attribute pool and identity parameters
2010-07-12 20:28:34 +02:00
Heiko Hund
ec7adea007
Added support for named attribute groups
...
Add the possibility to group attributes by a name and assign these
groups to connections. This allows a more granular configuration of
which client will receive what atrributes.
2010-07-09 13:09:31 +02:00
Andreas Steffen
36b3c0a8dd
regenerated loop intermediate CA certificates
2010-07-03 18:18:30 +02:00
Andreas Steffen
b2be7dd621
remove stray carolReq.pem
2010-06-05 13:36:39 +02:00
Andreas Steffen
ee1bdd85d3
it's too late on Saturday evening
2010-05-15 18:52:59 +02:00
Andreas Steffen
3399c3dca0
roll back some changes
2010-05-15 18:48:35 +02:00
Andreas Steffen
31b39e5f7c
encoding of MODE_TUNNEL changed
2010-05-15 18:36:14 +02:00
Andreas Steffen
bcd20cc987
added ikev2/dhcp-dynamic scenario
2010-04-23 11:52:37 +02:00
Tobias Brunner
355c3a66b1
When logging to the database, the IDs of an IKE SA are initially NULL.
2010-04-12 13:51:10 +02:00
Andreas Steffen
9391b485f7
updated DER versions of research and sales CAs
2010-04-11 22:00:01 +02:00
Andreas Steffen
c3379af391
removed whitespace
2010-04-07 13:07:11 +02:00
Andreas Steffen
ef4aa67bf7
generated new research and sales CA certs for carol and dave, respectively
2010-04-07 13:05:17 +02:00
Andreas Steffen
586c137016
prolonged Research and Sales CA certs
2010-04-06 12:05:39 +02:00
Andreas Steffen
b49cbd68a6
added dave2 and carol2 entries to /etc/hosts
2010-04-05 12:50:07 +02:00
Andreas Steffen
3cfbc91a98
renewed Authorization Authority certificate
2010-02-27 22:16:36 +01:00
Andreas Steffen
dd0b1b9a16
generated hash-and-url files for rfc3779 certs
2010-02-06 11:41:44 +01:00
Andreas Steffen
c5454eaf61
added RFC 3779 CA
2009-12-25 11:20:59 +01:00
Andreas Steffen
a461e20dd8
provide attributes from SQL database
2009-12-16 12:31:41 +01:00
Andreas Steffen
17d52fbba1
renewed OCSP Signing certificate
2009-11-24 13:55:38 +01:00
Andreas Steffen
28c554088d
added a subsidiary Duck Research CA
2009-11-04 18:13:06 +01:00
Andreas Steffen
5d1d7e82b5
refreshened and fortified strongSwan Root CA certificate
2009-11-04 00:16:48 +01:00
Andreas Steffen
f3e9eae283
the ikev1 scenarios need the x509 plugin
2009-10-06 14:38:34 +02:00
Andreas Steffen
1271983ab9
computed hash-and-url for new certificates
2009-09-22 12:05:37 +02:00
Andreas Steffen
bdfe17c79b
renewal of end entity certificates
2009-09-18 21:17:03 +02:00
Andreas Steffen
26fa5a37d9
new UML scenario certs have SHA256 digest
2009-08-30 17:58:34 +02:00
Andreas Steffen
fb70fc24d3
revoked soon-to-expire carol certificate
2009-08-27 13:36:02 +02:00
Andreas Steffen
87cb92d944
renewed expiring strongSwan certicates for UML scenarios
2009-08-27 13:21:04 +02:00
Martin Willi
41f57038e4
tests load pem/pkcs1 plugins, pubkey plugin not needed anymore
2009-08-26 11:23:55 +02:00
Andreas Steffen
0005269132
ECDSA 256 and 384 certificates for moon
2009-06-13 07:28:47 +02:00
Andreas Steffen
4ca4efb28f
update strongswan.conf for pluto and scepclient
2009-06-09 11:03:34 +02:00
Andreas Steffen
bce979ae44
pluto now requires gmp plugin for DH functions
2009-05-24 16:11:24 +02:00
Andreas Steffen
6ef94ae994
new default strongswan.conf for UML scenarios
2009-05-15 16:42:05 +02:00
Tobias Brunner
8c5d72cd0b
removing svn keyword $Id$ from all files
2009-04-30 13:19:35 +00:00
Martin Willi
a44bb9345f
merged multi-auth branch back into trunk
2009-04-14 10:34:24 +00:00
Andreas Steffen
ab6923f28c
the after-2038-certs scenario tests the year 2038 ASN.1 to time_t conversion workaround on 32 bit platforms
2009-03-28 15:08:47 +00:00
Andreas Steffen
232c80bb4d
distinct distinguished names in research and sales CAs
2009-03-24 21:20:17 +00:00
Andreas Steffen
77a06476dc
adapted UML scenarios to improved virtual IP address pool
2008-07-25 10:18:23 +00:00
Andreas Steffen
cae0c12d53
SQLite database template with improved address pool management
2008-07-25 08:02:53 +00:00
Andreas Steffen
63265f0e58
generate CRL for strongSwan EC Root CA
2008-06-22 17:56:42 +00:00
Andreas Steffen
1bd02e864c
added strongSwan EC Root CA
2008-06-22 16:41:00 +00:00
Andreas Steffen
76340368a6
divided ipsec.sql into tables.sql and data.sql
2008-05-31 08:53:48 +00:00
Andreas Steffen
d6436bfbd9
added empty ipsec.sql file
2008-05-13 05:50:23 +00:00
Andreas Steffen
f6ef204a9e
'Hash and URL' certificates of research and sales CAs
2008-04-22 20:36:44 +00:00
Andreas Steffen
544f8f6380
added hash-and-url certs
2008-04-18 21:46:26 +00:00
Andreas Steffen
decfd8e546
moved strongswan.conf to /etc
2008-04-07 07:21:06 +00:00
Andreas Steffen
833bb3ca04
upgrade of apache2 runlevel scripts from 2.0 to 2.2
2007-11-09 00:48:08 +00:00
Andreas Steffen
17d75fb4a2
upgrade from apache 2.0 to 2.2
2007-11-09 00:38:01 +00:00
Andreas Steffen
0886e64022
updated index.txt.old
2007-08-29 12:50:26 +00:00
Andreas Steffen
c598ac6360
changes in uml configuration to allow mobike
2007-07-02 09:52:20 +00:00
Andreas Steffen
cea6634fde
MobIKE requires iptables to open udp/4500
2007-06-28 21:33:51 +00:00
Andreas Steffen
174c9e18c1
eliminated nexthop
2007-06-17 15:29:49 +00:00
Andreas Steffen
9a590819a2
reduced crl validity of research and sales ca to 15 days
2007-05-19 19:47:24 +00:00
Andreas Steffen
a11cd0a102
support of crlnumber in research and sales CAs
2007-05-18 12:24:50 +00:00
Andreas Steffen
e0e399ccc5
generated new winnetou certificate
2007-04-27 21:41:27 +00:00
Andreas Steffen
85e658a2c4
added crlnumber
2007-04-27 21:41:07 +00:00
Andreas Steffen
0a09cd6864
generated certs for ocsp-strict-ifuri scenario
2007-04-20 14:54:10 +00:00
Andreas Steffen
4031b8bae7
generated certs for ocsp-strict-ifuri scenario
2007-04-20 14:52:32 +00:00
Andreas Steffen
69837d5baa
support multiple ocsp servers
2007-04-05 17:08:51 +00:00
Andreas Steffen
51ae94d775
added OCSP signing certificates for the research and sales CAs
2007-03-26 07:08:39 +00:00
Andreas Steffen
bcee8816a5
added
2007-03-15 13:30:55 +00:00
Andreas Steffen
328453863a
added
2007-03-15 13:29:56 +00:00
Andreas Steffen
6f1ae5d21c
added
2007-03-15 13:29:02 +00:00
Andreas Steffen
4bd0d7e1d9
added
2007-03-14 15:09:00 +00:00
Andreas Steffen
3a7b69e699
changed OCSPSigner to OCSPSigning
2007-03-14 15:08:23 +00:00
Andreas Steffen
83c3750ac3
added cert with OCSP access info
2007-02-28 23:25:13 +00:00
Andreas Steffen
81a65f7b1f
removed trailing lines
2007-01-05 11:00:42 +00:00
Andreas Steffen
86f5748b7f
added stronger certs for moon, carol, and dave
2006-10-09 08:25:20 +00:00
Andreas Steffen
06890eef8e
added IPv6 hw and multicast addresses
2006-10-09 08:24:49 +00:00
Andreas Steffen
118a19ecb6
fixed bug with openldap 2.3
2006-10-06 07:48:24 +00:00
Andreas Steffen
e6b51ef666
removed ipsec.conf version information
2006-10-06 07:47:11 +00:00
Andreas Steffen
e088404b0c
carolKey.pem is now protected by 3DES passphrase
2006-10-06 07:45:42 +00:00
Andreas Steffen
38eb3325a1
updated net runlevel scripts
2006-10-06 07:43:31 +00:00
Andreas Steffen
1c1f9ae109
updated net init scripts
2006-10-06 07:42:17 +00:00
Andreas Steffen
564363ee29
new net configuration format
2006-10-06 07:40:39 +00:00
Andreas Steffen
1a8a163630
removed version information from ipsec.conf
2006-07-04 06:12:10 +00:00
Andreas Steffen
fc0afb6810
created IPv6 environment
2006-06-06 05:41:21 +00:00
Martin Willi
b5e1560659
- applied andreas's patch
...
- logger output improvements
- testin gupdates
- and a lot more
2006-05-18 06:02:28 +00:00
Martin Willi
997358a6c4
- import of strongswan-2.7.0
...
- applied patch for charon
2006-04-28 07:14:48 +00:00