Martin Willi
b656f63efe
testing: support a .gitignored testing.conf.local for site-local configurations
2013-08-29 15:55:23 +02:00
Andreas Steffen
03d673620d
Cleaned configuration files in PT-TLS client scenario
2013-08-22 17:24:20 +02:00
Andreas Steffen
aff4367907
Flush iptables rules on alice
2013-08-19 12:20:57 +02:00
Andreas Steffen
f859645b12
Fixes in tnc scenarios
2013-08-19 11:44:51 +02:00
Andreas Steffen
10c7ca2399
Added tnc/tnccs-20-pt-tls scenario
2013-08-19 11:36:23 +02:00
Andreas Steffen
b38d9d5a54
Implemented SWID prototype IMC/IMV pair
2013-08-15 23:34:23 +02:00
Andreas Steffen
4c961168cc
Updated PTS database scheme to new workitems model
2013-07-29 11:41:47 +02:00
Martin Willi
2cfe88aacb
testing: enforce xauth-eap in ikev1/xauth-rsa-eap-md5-radius
...
As eap-radius now provides its own XAuth backend and eap-radius is loaded before
xauth-eap, we have to enforce the exact XAuth backend to use.
2013-07-29 10:35:59 +02:00
Martin Willi
9d75f04eee
testing: add a testcase for plain XAuth RADIUS authentication
2013-07-29 09:00:49 +02:00
Andreas Steffen
2b1ac51c9c
fixed typo
2013-07-19 20:07:32 +02:00
Andreas Steffen
645e9291f0
updated some TNC scenarios
2013-07-19 19:36:07 +02:00
Tobias Brunner
9e7a45bec2
testing: Don't load certificates explicitly and delete CA certificates in PKCS#12 scenarios
...
Certificates are now properly extracted from PKCS#12 files.
2013-07-15 11:27:07 +02:00
Andreas Steffen
0a013e1af5
Override policy recommendation in enforcement
2013-07-11 10:34:00 +02:00
Andreas Steffen
9e0182b922
openssl plugin can replace random, hmac, and gcm plugins
2013-07-10 20:38:07 +02:00
Andreas Steffen
3910fb3715
Added openssl-ikev2/net2net-pkcs12 scenario
2013-07-10 20:25:49 +02:00
Andreas Steffen
49a26e5b57
Added ikev2/net2net-pkcs12 scenario
2013-07-10 20:17:44 +02:00
Andreas Steffen
3b569df215
conntrack -F makes ikev2/nat-rw scenario to work always
2013-07-10 17:50:25 +02:00
Andreas Steffen
ef13480699
Added config-3.10
2013-07-04 23:17:10 +02:00
Andreas Steffen
9844f240f8
Register packages under Debian 7.0 x86_64
2013-07-04 22:53:41 +02:00
Tobias Brunner
1d728758ed
Ping from dave before shutting down tcpdump in libipsec/rw-suite-b test case
2013-07-01 13:48:21 +02:00
Andreas Steffen
2ea32e7964
Enable libipsec and charon-cmd in strongSwan recipe
2013-07-01 12:32:45 +02:00
Andreas Steffen
bb802daacc
Fixed libipsec/rw-suite-b scenario
2013-07-01 12:32:45 +02:00
Andreas Steffen
3405156f97
Added libipsec/rw-suite-b scenario
2013-07-01 11:04:14 +02:00
Andreas Steffen
9ea77350ce
Fixed index.txt for strongSwan EC CA
2013-07-01 11:01:11 +02:00
Andreas Steffen
156e552caf
Added libipsec/net2net-cert scenario
2013-06-29 22:23:45 +02:00
Reto Buerki
1cfefd38a2
Add type=transport to tkm/host2host-* connections
...
Explicitly specify transport mode in connection configuration of the
responding host (sun).
2013-06-29 15:07:10 +02:00
Andreas Steffen
b1f1e5e5f2
5.1.0 changes for test cases
2013-06-29 00:07:15 +02:00
Tobias Brunner
50daffb784
dhcp: Use chunk_hash_static() to calculate ID-based MAC addresses
2013-06-28 17:00:29 +02:00
Andreas Steffen
4f9aabbfd7
implemented policy rules for OS IMV
2013-06-21 23:25:22 +02:00
Tobias Brunner
62516a7465
testing: Increase base image size so there is space for test results on winnetou
2013-06-11 11:01:26 +02:00
Tobias Brunner
053ad34959
testing: Ignore errors when searching for imcv log entries in daemon.log
2013-06-10 18:52:32 +02:00
Tobias Brunner
c6e1eda6d0
testing: Set terminal title when logging in via SSH
...
Since we always log in as root use a simpler command prompt. And don't
store duplicate commands in the bash command history.
2013-05-15 10:35:48 +02:00
Tobias Brunner
87692be215
Load any type (RSA/ECDSA) of public key via left|rightsigkey
2013-05-07 17:08:31 +02:00
Tobias Brunner
fa1d3d39dc
left|rightrsasigkey accepts SSH keys but the key format has to be specified explicitly
...
The default is now PKCS#1. With the dns: and ssh: prefixes other formats
can be selected.
2013-05-07 15:38:28 +02:00
Tobias Brunner
e74bca9e19
testing: Don't run tests when building tkm
...
The problem with XML/Ada described in 9c2aba27
actually occurs when
running the tests here.
Really fixes #336 .
2013-05-07 10:19:37 +02:00
Tobias Brunner
9c2aba2735
testing: Don't run tests when building tkm-rpc
...
There are issues with some versions of the XML/Ada library on i386,
blocking the build of the testing environment when these tests are run.
TKM tests won't work in such a case but at least make-testing does not
block with this patch.
Fixes #336 .
2013-05-06 18:17:58 +02:00
Andreas Steffen
0f499f41dc
Use attest database in tnc/tnccs-20-os scenario
2013-04-21 16:31:23 +02:00
Andreas Steffen
1b912ad384
check for successful activation of FIPS mode
2013-04-19 18:46:52 +02:00
Andreas Steffen
b97dd59ba8
install FIPS-aware OpenSSL Debian packages
2013-04-19 18:36:38 +02:00
Andreas Steffen
545df30c18
Added openssl-ikev2/rw-cpa scenario
2013-04-19 18:34:35 +02:00
Andreas Steffen
70312e6596
build openssl-fips in KVM root-image
2013-04-19 18:34:35 +02:00
Andreas Steffen
ef934caba8
build soup plugin in KVM test environment
2013-04-15 20:23:41 +02:00
Andreas Steffen
8d384fb7df
disable reauth, too
2013-04-15 20:21:27 +02:00
Andreas Steffen
654c88bca8
Added charon.initiator_only option which causes charon to ignore IKE initiation requests by peers
2013-04-14 19:57:49 +02:00
Andreas Steffen
8dade2d146
fixed configure options
2013-04-04 21:09:07 +02:00
Andreas Steffen
2a4915e87a
cleaned up XML code in tnccs-11 plugin
2013-04-04 17:12:07 +02:00
Andreas Steffen
fec7c824b8
fix start of wpa_supplicant
2013-03-31 19:48:07 +02:00
Martin Willi
c59f3dcb68
Use new strongSwan HA kernel patchset keeping iptables ABI
...
Allows us to install stock debian iptables without the need for patching and
compiling our own.
2013-03-26 10:31:29 +01:00
Martin Willi
b5f3c1f785
Define SSHCONF from strongswan testing directory, not TESTDIR
...
This fixes the use of SSHCONF in the ssh wrapper script before ./do-tests
had a chance to create the required symlinks.
2013-03-26 10:31:29 +01:00
Martin Willi
0ba8842348
Lazy unmount guest filesystem after building image, as it still might be busy
2013-03-26 10:31:29 +01:00