Tobias Brunner
2b5c743952
testing: Migrate MOBIKE tests to vici
...
Note that the mobike-nat test has been removed as it basically did the same
as the mobike-virtual-ip-nat test. Instead, the mobike-nat-mapping scenario
is added, which simulates a NAT router restart.
2021-06-21 12:03:36 +02:00
Andreas Steffen
7c5a2974b9
testing: Reorganizing IKEv1 and IKEv2 examples
...
For documentation purposes the new folders ikev1-algs, ikev2-algs,
ikev1-multi-ca and ikev2-multi-ca have been created. Most of the
test cases have now been converted to the vici interface. The
remaining legacy stroke scenarios yet to be converted have been put
into the ikev2-stroke-bye folder.
For documentation purposes some legacy stroke scenarios will be kept
in the ikev1-stroke, ikev2-stroke and ipv6-stroke folders.
2021-05-21 09:42:50 +02:00
Josh Soref
b3ab7a48cc
Spelling fixes
...
* accumulating
* acquire
* alignment
* appropriate
* argument
* assign
* attribute
* authenticate
* authentication
* authenticator
* authority
* auxiliary
* brackets
* callback
* camellia
* can't
* cancelability
* certificate
* choinyambuu
* chunk
* collector
* collision
* communicating
* compares
* compatibility
* compressed
* confidentiality
* configuration
* connection
* consistency
* constraint
* construction
* constructor
* database
* decapsulated
* declaration
* decrypt
* derivative
* destination
* destroyed
* details
* devised
* dynamic
* ecapsulation
* encoded
* encoding
* encrypted
* enforcing
* enumerator
* establishment
* excluded
* exclusively
* exited
* expecting
* expire
* extension
* filter
* firewall
* foundation
* fulfillment
* gateways
* hashing
* hashtable
* heartbeats
* identifier
* identifiers
* identities
* identity
* implementers
* indicating
* initialize
* initiate
* initiation
* initiator
* inner
* instantiate
* legitimate
* libraries
* libstrongswan
* logger
* malloc
* manager
* manually
* measurement
* mechanism
* message
* network
* nonexistent
* object
* occurrence
* optional
* outgoing
* packages
* packets
* padding
* particular
* passphrase
* payload
* periodically
* policies
* possible
* previously
* priority
* proposal
* protocol
* provide
* provider
* pseudo
* pseudonym
* public
* qualifier
* quantum
* quintuplets
* reached
* reading
* recommendation to
* recommendation
* recursive
* reestablish
* referencing
* registered
* rekeying
* reliable
* replacing
* representing
* represents
* request
* request
* resolver
* result
* resulting
* resynchronization
* retriable
* revocation
* right
* rollback
* rule
* rules
* runtime
* scenario
* scheduled
* security
* segment
* service
* setting
* signature
* specific
* specified
* speed
* started
* steffen
* strongswan
* subjectaltname
* supported
* threadsafe
* traffic
* tremendously
* treshold
* unique
* uniqueness
* unknown
* until
* upper
* using
* validator
* verification
* version
* version
* warrior
Closes strongswan/strongswan#164 .
2020-02-11 18:23:07 +01:00
Andreas Steffen
99c03e9a11
testing: make curve25519 the default DH group
2016-11-14 16:20:51 +01:00
Tobias Brunner
aacf84d837
testing: Add expect-connection calls for all tests and hosts
...
There are some exceptions (e.g. those that use auto=start or p2pnat).
2016-06-16 14:35:18 +02:00
Tobias Brunner
8f56bbc82b
testing: Update test scenarios for Debian jessie
...
The main difference is that ping now reports icmp_seq instead of
icmp_req, so we match for icmp_.eq, which works with both releases.
tcpdump now also reports port 4500 as ipsec-nat-t.
2016-06-16 14:04:11 +02:00
Tobias Brunner
0ee4a333a8
testing: Speed up ifdown calls in ikev2/mobike scenarios
...
ifdown calls bind's rndc, which tries to access TCP port 953 on lo.
If these packets are dropped by the firewall we have to wait for the TCP
connections to time out, which takes quite a while.
2015-11-09 15:18:35 +01:00
Tobias Brunner
f519acd42f
testing: Remove nearly all sleep calls from pretest and posttest scripts
...
By consistently using the `expect-connection` helper we can avoid pretty
much all previously needed calls to sleep.
2015-11-09 15:18:35 +01:00
Martin Willi
44b6a34d43
configure: Load fetcher plugins after crypto base plugins
...
Some fetcher plugins (such as curl) might build upon OpenSSL to implement
HTTPS fetching. As we set (and can't unset) threading callbacks in our
openssl plugin, we must ensure that OpenSSL functions don't get called after
openssl plugin unloading.
We achieve that by loading curl and all other fetcher plugins after the base
crypto plugins, including openssl.
2014-09-24 17:34:54 +02:00
Tobias Brunner
b1169a880a
Updated comments in test.conf of all tests
2013-01-17 16:56:02 +01:00
Tobias Brunner
7699a928f7
Renamed $UMLHOSTS to $VIRTHOSTS
2013-01-17 16:56:02 +01:00
Andreas Steffen
d815235d17
use iptables-restore in all ikev2 firewall scenarios
2013-01-17 16:55:00 +01:00
Reto Buerki
533177003c
Adapt test configurations
...
Adapt test configurations to the new Debian-based system.
2013-01-17 15:22:07 +01:00
Andreas Steffen
daa857029f
removed plutostart parameter
2012-06-13 21:19:05 +02:00
Andreas Steffen
31c83b973e
load nonce plugin
2012-05-23 15:05:57 +02:00
Andreas Steffen
a56fdff194
upgraded ikev2 scenarios to 5.0.0
2012-05-11 11:00:32 +02:00
Andreas Steffen
2cf4d34f2f
all x509 based ikev2 scenarios require the revocation plugin
2010-07-15 21:39:01 +02:00
Tobias Brunner
a5166b16a1
Adding socket-default to the plugin list in all test cases.
2010-03-09 17:43:21 +01:00
Andreas Steffen
52719d719c
use static IPsec policy netfilter rules in MOBIKE scenarios
2010-02-04 10:05:44 +01:00
Martin Willi
41f57038e4
tests load pem/pkcs1 plugins, pubkey plugin not needed anymore
2009-08-26 11:23:55 +02:00
Andreas Steffen
895a1156d5
use static IPsec policy iptables rule for alice in mobike scenario
2008-11-25 08:11:14 +00:00
Martin Willi
6f3ea4a516
loading updown plugin if required
2008-10-16 12:48:27 +00:00
Andreas Steffen
e8c58d8e64
explicitly load kernel-netlink plugin in UML scenarios
2008-10-07 04:51:20 +00:00
Andreas Steffen
6567648616
check migration of ESP sequence numbers in MOBIKE scenarios
2008-06-26 09:46:23 +00:00
Andreas Steffen
c9be754a45
define plugins to be loaded in strongswan.conf
2008-05-28 08:29:51 +00:00
Andreas Steffen
0a46e963ff
added three mobike scenarios
2007-07-04 17:39:10 +00:00