03d673620d
Cleaned configuration files in PT-TLS client scenario
2013-08-22 17:24:20 +02:00
aff4367907
Flush iptables rules on alice
2013-08-19 12:20:57 +02:00
f859645b12
Fixes in tnc scenarios
2013-08-19 11:44:51 +02:00
10c7ca2399
Added tnc/tnccs-20-pt-tls scenario
2013-08-19 11:36:23 +02:00
2cfe88aacb
testing: enforce xauth-eap in ikev1/xauth-rsa-eap-md5-radius
...
As eap-radius now provides its own XAuth backend and eap-radius is loaded before
xauth-eap, we have to enforce the exact XAuth backend to use.
2013-07-29 10:35:59 +02:00
9d75f04eee
testing: add a testcase for plain XAuth RADIUS authentication
2013-07-29 09:00:49 +02:00
2b1ac51c9c
fixed typo
2013-07-19 20:07:32 +02:00
645e9291f0
updated some TNC scenarios
2013-07-19 19:36:07 +02:00
9e7a45bec2
testing: Don't load certificates explicitly and delete CA certificates in PKCS#12 scenarios
...
Certificates are now properly extracted from PKCS#12 files.
2013-07-15 11:27:07 +02:00
0a013e1af5
Override policy recommendation in enforcement
2013-07-11 10:34:00 +02:00
9e0182b922
openssl plugin can replace random, hmac, and gcm plugins
2013-07-10 20:38:07 +02:00
3910fb3715
Added openssl-ikev2/net2net-pkcs12 scenario
2013-07-10 20:25:49 +02:00
49a26e5b57
Added ikev2/net2net-pkcs12 scenario
2013-07-10 20:17:44 +02:00
3b569df215
conntrack -F makes ikev2/nat-rw scenario to work always
2013-07-10 17:50:25 +02:00
9844f240f8
Register packages under Debian 7.0 x86_64
2013-07-04 22:53:41 +02:00
1d728758ed
Ping from dave before shutting down tcpdump in libipsec/rw-suite-b test case
2013-07-01 13:48:21 +02:00
bb802daacc
Fixed libipsec/rw-suite-b scenario
2013-07-01 12:32:45 +02:00
3405156f97
Added libipsec/rw-suite-b scenario
2013-07-01 11:04:14 +02:00
156e552caf
Added libipsec/net2net-cert scenario
2013-06-29 22:23:45 +02:00
1cfefd38a2
Add type=transport to tkm/host2host-* connections
...
Explicitly specify transport mode in connection configuration of the
responding host (sun).
2013-06-29 15:07:10 +02:00
b1f1e5e5f2
5.1.0 changes for test cases
2013-06-29 00:07:15 +02:00
50daffb784
dhcp: Use chunk_hash_static() to calculate ID-based MAC addresses
2013-06-28 17:00:29 +02:00
87692be215
Load any type (RSA/ECDSA) of public key via left|rightsigkey
2013-05-07 17:08:31 +02:00
fa1d3d39dc
left|rightrsasigkey accepts SSH keys but the key format has to be specified explicitly
...
The default is now PKCS#1. With the dns: and ssh: prefixes other formats
can be selected.
2013-05-07 15:38:28 +02:00
0f499f41dc
Use attest database in tnc/tnccs-20-os scenario
2013-04-21 16:31:23 +02:00
1b912ad384
check for successful activation of FIPS mode
2013-04-19 18:46:52 +02:00
545df30c18
Added openssl-ikev2/rw-cpa scenario
2013-04-19 18:34:35 +02:00
8d384fb7df
disable reauth, too
2013-04-15 20:21:27 +02:00
654c88bca8
Added charon.initiator_only option which causes charon to ignore IKE initiation requests by peers
2013-04-14 19:57:49 +02:00
2a4915e87a
cleaned up XML code in tnccs-11 plugin
2013-04-04 17:12:07 +02:00
8f72ba4aff
Added Framed-IP-Address information to RADIUS accounting records
2013-03-22 23:52:01 +01:00
0b6c43f038
Added ikev2/rw-eap-framed-ip-radius scenario
2013-03-22 19:08:42 +01:00
1eada67bcb
Added ikev2/ip-two-pools-v4v6-db scenario
2013-03-22 12:18:43 +01:00
8484f2bc5c
Implement multiple-clients integration test
...
Two transport connections to gateway sun are set up, one from client
carol and the other from client dave. The gateway sun uses the Trusted
Key Manager (TKM) and is the responder for both connections. The
authentication is based on X.509 certificates. In order to test the
connections, both carol and dave ping gateway sun.
2013-03-19 15:23:51 +01:00
a520e4a010
Implement net2net-xfrmproxy integration test
2013-03-19 15:23:50 +01:00
847d320950
Implement net2net-initiator integration test
2013-03-19 15:23:50 +01:00
d8b2064a34
Add xfrm_proxy integration test
2013-03-19 15:23:50 +01:00
3150dbd3e3
Add TKM responder integration test
2013-03-19 15:23:50 +01:00
117375ed00
Add initial TKM integration test
...
A connection between the hosts moon and sun is set up. The host moon
uses the Trusted Key Manager (TKM) and is the initiator of the transport
connection. The authentication is based on X.509 certificates.
2013-03-19 15:23:50 +01:00
f7580a5a67
added openssl-ikev2/alg-aes-gcm scenario
2013-03-03 11:43:52 +01:00
81419b9748
use DNs in tnc/tnccs-20-tls scenario
2013-03-03 10:47:17 +01:00
f0c102cbfa
Added ikev2/rw-dnssec scenario
2013-02-19 12:25:01 +01:00
1d4ff25fb8
Added ikev2/net2net-dnssec scenario
2013-02-19 12:25:01 +01:00
5374fe3a09
added ikev1/net2net-fragmentation scenario
2013-02-12 23:01:48 +01:00
7d355f853d
use EAP identity in tnc/tnccs-20-pdp scenario
2013-02-12 20:41:37 +01:00
812cd9c18a
Removed UML from description of ikev2/default-keys test
2013-01-17 16:56:02 +01:00
b1169a880a
Updated comments in test.conf of all tests
2013-01-17 16:56:02 +01:00
7699a928f7
Renamed $UMLHOSTS to $VIRTHOSTS
2013-01-17 16:56:02 +01:00
88bffacfdc
Drop vim swap file
2013-01-17 16:55:04 +01:00
c25f850601
Drop obsolete Gentoo dhcpd init script
2013-01-17 16:55:03 +01:00
Andreas Steffen