295493f46f
testing: Renewed ECDSA certificates
2018-06-13 17:07:25 +02:00
99c03e9a11
testing: make curve25519 the default DH group
2016-11-14 16:20:51 +01:00
aacf84d837
testing: Add expect-connection calls for all tests and hosts
...
There are some exceptions (e.g. those that use auto=start or p2pnat).
2016-06-16 14:35:18 +02:00
8f56bbc82b
testing: Update test scenarios for Debian jessie
...
The main difference is that ping now reports icmp_seq instead of
icmp_req, so we match for icmp_.eq, which works with both releases.
tcpdump now also reports port 4500 as ipsec-nat-t.
2016-06-16 14:04:11 +02:00
beb4a07ea8
ikev1: Log successful authentication with signature scheme
...
Output is now identical to that of the IKEv2 pubkey authenticator.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
2016-02-01 15:58:53 +01:00
5e2b740a00
128 bit default security strength requires 3072 bit prime DH group
2015-12-14 10:39:40 +01:00
f519acd42f
testing: Remove nearly all sleep calls from pretest and posttest scripts
...
By consistently using the `expect-connection` helper we can avoid pretty
much all previously needed calls to sleep.
2015-11-09 15:18:35 +01:00
44b6a34d43
configure: Load fetcher plugins after crypto base plugins
...
Some fetcher plugins (such as curl) might build upon OpenSSL to implement
HTTPS fetching. As we set (and can't unset) threading callbacks in our
openssl plugin, we must ensure that OpenSSL functions don't get called after
openssl plugin unloading.
We achieve that by loading curl and all other fetcher plugins after the base
crypto plugins, including openssl.
2014-09-24 17:34:54 +02:00
b1f1e5e5f2
5.1.0 changes for test cases
2013-06-29 00:07:15 +02:00
b1169a880a
Updated comments in test.conf of all tests
2013-01-17 16:56:02 +01:00
7699a928f7
Renamed $UMLHOSTS to $VIRTHOSTS
2013-01-17 16:56:02 +01:00
44047e7adb
converted all openssl-ikev1 iptables scenarios
2013-01-17 16:55:01 +01:00
533177003c
Adapt test configurations
...
Adapt test configurations to the new Debian-based system.
2013-01-17 15:22:07 +01:00
daa857029f
removed plutostart parameter
2012-06-13 21:19:05 +02:00
31c83b973e
load nonce plugin
2012-05-23 15:05:57 +02:00
0e1c6fa2a9
suppress leak detective output
2012-05-11 05:48:11 +02:00
1e9b62ad50
deleted unneeded openssl-ikev1 files
2012-05-04 12:11:57 +02:00
90e941fb97
upgraded openssl-ikev1 scenarios to 5.0.0
2012-05-04 12:06:45 +02:00
566311862f
moved random plugin in front of openssl in order to prefer gmp
2011-11-05 07:24:17 +01:00
84babfb895
define explicit IKEv1 key exchange mode
2010-10-07 07:31:44 +02:00
91ea48352c
testing: Adding kernel-netlink to pluto.load statements.
2010-09-02 19:04:22 +02:00
cc9cfc2e11
testing: Added missing host alice to test.conf.
2010-09-02 19:04:22 +02:00
5b6200888b
remove x509 plugin from openssl-ikev1 scenarios
2010-05-28 23:22:15 +02:00
b75002bc95
added openssl-ikev1/alg-camellia scenario
2009-12-15 19:55:58 +01:00
f3e9eae283
the ikev1 scenarios need the x509 plugin
2009-10-06 14:38:34 +02:00
41f57038e4
tests load pem/pkcs1 plugins, pubkey plugin not needed anymore
2009-08-26 11:23:55 +02:00
f179ba474e
enable integrity test in all rw-cert scenarios
2009-07-17 20:52:14 +02:00
bd33859fb8
some more scenario adaptations
2009-06-16 21:03:13 +02:00
c8db70156d
test-vector support in rw-cert scenarios
2009-06-16 20:53:41 +02:00
0002de3b98
adaptations of UML scenarios to 4.3.2
2009-06-16 07:33:22 +02:00
1930cb22ff
updated pluto.load configuration in ikev1 scenarios
2009-06-13 08:56:05 +02:00
80873f2c5e
added openssl-ikev1/ecdsa-certs scenario
2009-06-13 08:43:34 +02:00
eca36f44de
split openssl scenarios into openssl-ikev1 and openssl-ikev2
2009-06-12 19:59:48 +02:00
Andreas Steffen