Andreas Steffen
295493f46f
testing: Renewed ECDSA certificates
2018-06-13 17:07:25 +02:00
Andreas Steffen
99c03e9a11
testing: make curve25519 the default DH group
2016-11-14 16:20:51 +01:00
Tobias Brunner
aacf84d837
testing: Add expect-connection calls for all tests and hosts
...
There are some exceptions (e.g. those that use auto=start or p2pnat).
2016-06-16 14:35:18 +02:00
Tobias Brunner
8f56bbc82b
testing: Update test scenarios for Debian jessie
...
The main difference is that ping now reports icmp_seq instead of
icmp_req, so we match for icmp_.eq, which works with both releases.
tcpdump now also reports port 4500 as ipsec-nat-t.
2016-06-16 14:04:11 +02:00
Thomas Egerer
beb4a07ea8
ikev1: Log successful authentication with signature scheme
...
Output is now identical to that of the IKEv2 pubkey authenticator.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
2016-02-01 15:58:53 +01:00
Andreas Steffen
5e2b740a00
128 bit default security strength requires 3072 bit prime DH group
2015-12-14 10:39:40 +01:00
Tobias Brunner
f519acd42f
testing: Remove nearly all sleep calls from pretest and posttest scripts
...
By consistently using the `expect-connection` helper we can avoid pretty
much all previously needed calls to sleep.
2015-11-09 15:18:35 +01:00
Martin Willi
44b6a34d43
configure: Load fetcher plugins after crypto base plugins
...
Some fetcher plugins (such as curl) might build upon OpenSSL to implement
HTTPS fetching. As we set (and can't unset) threading callbacks in our
openssl plugin, we must ensure that OpenSSL functions don't get called after
openssl plugin unloading.
We achieve that by loading curl and all other fetcher plugins after the base
crypto plugins, including openssl.
2014-09-24 17:34:54 +02:00
Andreas Steffen
b1f1e5e5f2
5.1.0 changes for test cases
2013-06-29 00:07:15 +02:00
Tobias Brunner
b1169a880a
Updated comments in test.conf of all tests
2013-01-17 16:56:02 +01:00
Tobias Brunner
7699a928f7
Renamed $UMLHOSTS to $VIRTHOSTS
2013-01-17 16:56:02 +01:00
Andreas Steffen
44047e7adb
converted all openssl-ikev1 iptables scenarios
2013-01-17 16:55:01 +01:00
Reto Buerki
533177003c
Adapt test configurations
...
Adapt test configurations to the new Debian-based system.
2013-01-17 15:22:07 +01:00
Andreas Steffen
daa857029f
removed plutostart parameter
2012-06-13 21:19:05 +02:00
Andreas Steffen
31c83b973e
load nonce plugin
2012-05-23 15:05:57 +02:00
Andreas Steffen
0e1c6fa2a9
suppress leak detective output
2012-05-11 05:48:11 +02:00
Andreas Steffen
1e9b62ad50
deleted unneeded openssl-ikev1 files
2012-05-04 12:11:57 +02:00
Andreas Steffen
90e941fb97
upgraded openssl-ikev1 scenarios to 5.0.0
2012-05-04 12:06:45 +02:00
Andreas Steffen
566311862f
moved random plugin in front of openssl in order to prefer gmp
2011-11-05 07:24:17 +01:00
Andreas Steffen
84babfb895
define explicit IKEv1 key exchange mode
2010-10-07 07:31:44 +02:00
Tobias Brunner
91ea48352c
testing: Adding kernel-netlink to pluto.load statements.
2010-09-02 19:04:22 +02:00
Tobias Brunner
cc9cfc2e11
testing: Added missing host alice to test.conf.
2010-09-02 19:04:22 +02:00
Andreas Steffen
5b6200888b
remove x509 plugin from openssl-ikev1 scenarios
2010-05-28 23:22:15 +02:00
Andreas Steffen
b75002bc95
added openssl-ikev1/alg-camellia scenario
2009-12-15 19:55:58 +01:00
Andreas Steffen
f3e9eae283
the ikev1 scenarios need the x509 plugin
2009-10-06 14:38:34 +02:00
Martin Willi
41f57038e4
tests load pem/pkcs1 plugins, pubkey plugin not needed anymore
2009-08-26 11:23:55 +02:00
Andreas Steffen
f179ba474e
enable integrity test in all rw-cert scenarios
2009-07-17 20:52:14 +02:00
Andreas Steffen
bd33859fb8
some more scenario adaptations
2009-06-16 21:03:13 +02:00
Andreas Steffen
c8db70156d
test-vector support in rw-cert scenarios
2009-06-16 20:53:41 +02:00
Andreas Steffen
0002de3b98
adaptations of UML scenarios to 4.3.2
2009-06-16 07:33:22 +02:00
Andreas Steffen
1930cb22ff
updated pluto.load configuration in ikev1 scenarios
2009-06-13 08:56:05 +02:00
Andreas Steffen
80873f2c5e
added openssl-ikev1/ecdsa-certs scenario
2009-06-13 08:43:34 +02:00
Andreas Steffen
eca36f44de
split openssl scenarios into openssl-ikev1 and openssl-ikev2
2009-06-12 19:59:48 +02:00