c6e1eda6d0
testing: Set terminal title when logging in via SSH
...
Since we always log in as root use a simpler command prompt. And don't
store duplicate commands in the bash command history.
2013-05-15 10:35:48 +02:00
0f499f41dc
Use attest database in tnc/tnccs-20-os scenario
2013-04-21 16:31:23 +02:00
7b702150a0
Add expect-file guest image script
...
This script can be used in pretest.dat files to wait until a given file
appears.
2013-03-19 15:23:50 +01:00
0e1d008d71
Add /usr/local/lib/ipsec to linker cache
2013-03-19 15:23:50 +01:00
d7eec03815
removed unneeded DS files
2013-03-05 09:08:25 +01:00
37c589f0e0
Configure winnetou as a DNSSEC enabled nameserver for the strongswan.org, org, and root zones
2013-02-19 12:25:01 +01:00
41943e9c1b
Make core dumps work
...
Core dumps are written to the /var/local/dumps directory.
2013-01-17 16:55:04 +01:00
2c4954ad24
Switch to 'mapped' access mode for hostfs
...
Passthrough mode only works as expected when running as root. On
Debian/Ubuntu systems qemu runs as user 'libvirt-qemu' and group 'kvm'
so all shared files must be chowned to grant access from guests.
Symlinks created on the host are still problematic because the Plan 9
filesystem has no direct notion of symbolic links, see [1].
[1] - http://ericvh.github.com/9p-rfc/rfc9p2000.u.html
2013-01-17 16:55:04 +01:00
5c09942d54
converted all ipv6 iptables/ip6tables scenarios
2013-01-17 16:55:03 +01:00
b27836412b
Rename UML to KVM tests
2013-01-17 16:55:02 +01:00
cedc96c2c4
implemented ip6tables.rules
2013-01-17 16:55:02 +01:00
9b4477d5b8
activated iptables in some ikev2 scenarios
2013-01-17 16:55:00 +01:00
0593b6c975
Export compile directory to guests
...
Use 9p over virtio to share files on the host with the guest domains.
The files are accessible in the guests /hostfs directory.
2013-01-17 16:54:58 +01:00
b351656cc7
Disable checksum offloading on moon's eth1 interface
...
Disable checksum offloading on eth1 because it does not currently work
with virtio and the isc-dhcp-server running on venus, see [1].
[1] - https://bugs.mageia.org/show_bug.cgi?id=1243
2013-01-17 16:54:57 +01:00
bd4c6122a4
Add ssh config to guest root account
2013-01-17 16:54:56 +01:00
76ccd25a05
Add expect-connection guest image script
...
This script can be used in pretest.dat files to wait until an IPsec
connection becomes available. This avoids unconditional sleeps and
improves test performance.
The ipv6 tests have been updated to use the expect-connection script.
2013-01-17 16:54:55 +01:00
261cf0e395
Drop build-hostconfig script
...
Use processed host configurations directly instead.
2013-01-17 15:22:10 +01:00
18bce26ea6
Use key(and password-)less SSH authentication
2013-01-17 15:22:09 +01:00
766466b8d1
Adapt host configuration
...
Adapt the configuration of the test hosts to the new Debian-based
system.
2012-12-18 16:00:21 +01:00
5d476b4266
updated default configuration of UML hosts to 5.0.0
2012-06-25 13:04:55 +02:00
2be46da56d
added nonce plugin in default host configurations
2012-05-25 17:00:03 +02:00
bd360b3911
keep a copy of refreshed carolCert-ocsp.pem
2012-03-15 07:59:42 +01:00
ebf292bad0
refreshed carolCert-ocsp.pem
2012-03-15 07:58:35 +01:00
448fc5091f
updated strong certificates
2011-10-17 18:04:12 +02:00
f3bb1bd039
Fixed common misspellings.
...
Mostly found by 'codespell'.
2011-07-20 16:14:10 +02:00
13a7f5f3e3
added certificate_authorities and certificate_distribution_points tables
2010-12-05 11:30:06 +01:00
2da636fd9b
support of reqid field in SQL database
2010-12-05 11:21:40 +01:00
cbdcca7fd7
renamed algorithm to proposal
2010-11-30 17:38:49 +01:00
f4e5acef3a
store IKE and ESP proposals in SQL database
2010-11-30 17:03:21 +01:00
c616d84c3f
start and route connections defined in an SQL database via start_action field and ipsec up %startall command
2010-11-28 11:57:49 +01:00
841b2b3ee9
created certificate and /etc/hosts entry for virtual gateway mars
2010-11-20 18:20:23 +01:00
84babfb895
define explicit IKEv1 key exchange mode
2010-10-07 07:31:44 +02:00
c0cecc0a0e
added radius init script mit increased debugging
2010-09-02 22:19:37 +02:00
91ea48352c
testing: Adding kernel-netlink to pluto.load statements.
2010-09-02 19:04:22 +02:00
8e7920eea1
generated aaa certificate
2010-08-04 12:44:47 +02:00
ab635e029e
updated SQL templates to support attribute pool and identity parameters
2010-07-12 20:28:34 +02:00
ec7adea007
Added support for named attribute groups
...
Add the possibility to group attributes by a name and assign these
groups to connections. This allows a more granular configuration of
which client will receive what atrributes.
2010-07-09 13:09:31 +02:00
36b3c0a8dd
regenerated loop intermediate CA certificates
2010-07-03 18:18:30 +02:00
b2be7dd621
remove stray carolReq.pem
2010-06-05 13:36:39 +02:00
ee1bdd85d3
it's too late on Saturday evening
2010-05-15 18:52:59 +02:00
3399c3dca0
roll back some changes
2010-05-15 18:48:35 +02:00
31b39e5f7c
encoding of MODE_TUNNEL changed
2010-05-15 18:36:14 +02:00
bcd20cc987
added ikev2/dhcp-dynamic scenario
2010-04-23 11:52:37 +02:00
355c3a66b1
When logging to the database, the IDs of an IKE SA are initially NULL.
2010-04-12 13:51:10 +02:00
9391b485f7
updated DER versions of research and sales CAs
2010-04-11 22:00:01 +02:00
c3379af391
removed whitespace
2010-04-07 13:07:11 +02:00
ef4aa67bf7
generated new research and sales CA certs for carol and dave, respectively
2010-04-07 13:05:17 +02:00
586c137016
prolonged Research and Sales CA certs
2010-04-06 12:05:39 +02:00
b49cbd68a6
added dave2 and carol2 entries to /etc/hosts
2010-04-05 12:50:07 +02:00
3cfbc91a98
renewed Authorization Authority certificate
2010-02-27 22:16:36 +01:00
dd0b1b9a16
generated hash-and-url files for rfc3779 certs
2010-02-06 11:41:44 +01:00
c5454eaf61
added RFC 3779 CA
2009-12-25 11:20:59 +01:00
a461e20dd8
provide attributes from SQL database
2009-12-16 12:31:41 +01:00
17d52fbba1
renewed OCSP Signing certificate
2009-11-24 13:55:38 +01:00
28c554088d
added a subsidiary Duck Research CA
2009-11-04 18:13:06 +01:00
5d1d7e82b5
refreshened and fortified strongSwan Root CA certificate
2009-11-04 00:16:48 +01:00
f3e9eae283
the ikev1 scenarios need the x509 plugin
2009-10-06 14:38:34 +02:00
1271983ab9
computed hash-and-url for new certificates
2009-09-22 12:05:37 +02:00
bdfe17c79b
renewal of end entity certificates
2009-09-18 21:17:03 +02:00
26fa5a37d9
new UML scenario certs have SHA256 digest
2009-08-30 17:58:34 +02:00
fb70fc24d3
revoked soon-to-expire carol certificate
2009-08-27 13:36:02 +02:00
87cb92d944
renewed expiring strongSwan certicates for UML scenarios
2009-08-27 13:21:04 +02:00
41f57038e4
tests load pem/pkcs1 plugins, pubkey plugin not needed anymore
2009-08-26 11:23:55 +02:00
0005269132
ECDSA 256 and 384 certificates for moon
2009-06-13 07:28:47 +02:00
4ca4efb28f
update strongswan.conf for pluto and scepclient
2009-06-09 11:03:34 +02:00
bce979ae44
pluto now requires gmp plugin for DH functions
2009-05-24 16:11:24 +02:00
6ef94ae994
new default strongswan.conf for UML scenarios
2009-05-15 16:42:05 +02:00
8c5d72cd0b
removing svn keyword $Id$ from all files
2009-04-30 13:19:35 +00:00
a44bb9345f
merged multi-auth branch back into trunk
2009-04-14 10:34:24 +00:00
ab6923f28c
the after-2038-certs scenario tests the year 2038 ASN.1 to time_t conversion workaround on 32 bit platforms
2009-03-28 15:08:47 +00:00
232c80bb4d
distinct distinguished names in research and sales CAs
2009-03-24 21:20:17 +00:00
77a06476dc
adapted UML scenarios to improved virtual IP address pool
2008-07-25 10:18:23 +00:00
cae0c12d53
SQLite database template with improved address pool management
2008-07-25 08:02:53 +00:00
63265f0e58
generate CRL for strongSwan EC Root CA
2008-06-22 17:56:42 +00:00
1bd02e864c
added strongSwan EC Root CA
2008-06-22 16:41:00 +00:00
76340368a6
divided ipsec.sql into tables.sql and data.sql
2008-05-31 08:53:48 +00:00
d6436bfbd9
added empty ipsec.sql file
2008-05-13 05:50:23 +00:00
f6ef204a9e
'Hash and URL' certificates of research and sales CAs
2008-04-22 20:36:44 +00:00
544f8f6380
added hash-and-url certs
2008-04-18 21:46:26 +00:00
decfd8e546
moved strongswan.conf to /etc
2008-04-07 07:21:06 +00:00
833bb3ca04
upgrade of apache2 runlevel scripts from 2.0 to 2.2
2007-11-09 00:48:08 +00:00
17d75fb4a2
upgrade from apache 2.0 to 2.2
2007-11-09 00:38:01 +00:00
0886e64022
updated index.txt.old
2007-08-29 12:50:26 +00:00
c598ac6360
changes in uml configuration to allow mobike
2007-07-02 09:52:20 +00:00
cea6634fde
MobIKE requires iptables to open udp/4500
2007-06-28 21:33:51 +00:00
174c9e18c1
eliminated nexthop
2007-06-17 15:29:49 +00:00
9a590819a2
reduced crl validity of research and sales ca to 15 days
2007-05-19 19:47:24 +00:00
a11cd0a102
support of crlnumber in research and sales CAs
2007-05-18 12:24:50 +00:00
e0e399ccc5
generated new winnetou certificate
2007-04-27 21:41:27 +00:00
85e658a2c4
added crlnumber
2007-04-27 21:41:07 +00:00
0a09cd6864
generated certs for ocsp-strict-ifuri scenario
2007-04-20 14:54:10 +00:00
4031b8bae7
generated certs for ocsp-strict-ifuri scenario
2007-04-20 14:52:32 +00:00
69837d5baa
support multiple ocsp servers
2007-04-05 17:08:51 +00:00
51ae94d775
added OCSP signing certificates for the research and sales CAs
2007-03-26 07:08:39 +00:00
bcee8816a5
added
2007-03-15 13:30:55 +00:00
328453863a
added
2007-03-15 13:29:56 +00:00
6f1ae5d21c
added
2007-03-15 13:29:02 +00:00
4bd0d7e1d9
added
2007-03-14 15:09:00 +00:00
3a7b69e699
changed OCSPSigner to OCSPSigning
2007-03-14 15:08:23 +00:00
83c3750ac3
added cert with OCSP access info
2007-02-28 23:25:13 +00:00
81a65f7b1f
removed trailing lines
2007-01-05 11:00:42 +00:00
86f5748b7f
added stronger certs for moon, carol, and dave
2006-10-09 08:25:20 +00:00
06890eef8e
added IPv6 hw and multicast addresses
2006-10-09 08:24:49 +00:00
118a19ecb6
fixed bug with openldap 2.3
2006-10-06 07:48:24 +00:00
e6b51ef666
removed ipsec.conf version information
2006-10-06 07:47:11 +00:00
e088404b0c
carolKey.pem is now protected by 3DES passphrase
2006-10-06 07:45:42 +00:00
38eb3325a1
updated net runlevel scripts
2006-10-06 07:43:31 +00:00
1c1f9ae109
updated net init scripts
2006-10-06 07:42:17 +00:00
564363ee29
new net configuration format
2006-10-06 07:40:39 +00:00
1a8a163630
removed version information from ipsec.conf
2006-07-04 06:12:10 +00:00
fc0afb6810
created IPv6 environment
2006-06-06 05:41:21 +00:00
b5e1560659
- applied andreas's patch
...
- logger output improvements
- testin gupdates
- and a lot more
2006-05-18 06:02:28 +00:00
997358a6c4
- import of strongswan-2.7.0
...
- applied patch for charon
2006-04-28 07:14:48 +00:00
Tobias Brunner