9e7a45bec2
testing: Don't load certificates explicitly and delete CA certificates in PKCS#12 scenarios
...
Certificates are now properly extracted from PKCS#12 files.
2013-07-15 11:27:07 +02:00
0a013e1af5
Override policy recommendation in enforcement
2013-07-11 10:34:00 +02:00
9e0182b922
openssl plugin can replace random, hmac, and gcm plugins
2013-07-10 20:38:07 +02:00
3910fb3715
Added openssl-ikev2/net2net-pkcs12 scenario
2013-07-10 20:25:49 +02:00
49a26e5b57
Added ikev2/net2net-pkcs12 scenario
2013-07-10 20:17:44 +02:00
3b569df215
conntrack -F makes ikev2/nat-rw scenario to work always
2013-07-10 17:50:25 +02:00
ef13480699
Added config-3.10
2013-07-04 23:17:10 +02:00
9844f240f8
Register packages under Debian 7.0 x86_64
2013-07-04 22:53:41 +02:00
1d728758ed
Ping from dave before shutting down tcpdump in libipsec/rw-suite-b test case
2013-07-01 13:48:21 +02:00
2ea32e7964
Enable libipsec and charon-cmd in strongSwan recipe
2013-07-01 12:32:45 +02:00
bb802daacc
Fixed libipsec/rw-suite-b scenario
2013-07-01 12:32:45 +02:00
3405156f97
Added libipsec/rw-suite-b scenario
2013-07-01 11:04:14 +02:00
9ea77350ce
Fixed index.txt for strongSwan EC CA
2013-07-01 11:01:11 +02:00
156e552caf
Added libipsec/net2net-cert scenario
2013-06-29 22:23:45 +02:00
1cfefd38a2
Add type=transport to tkm/host2host-* connections
...
Explicitly specify transport mode in connection configuration of the
responding host (sun).
2013-06-29 15:07:10 +02:00
b1f1e5e5f2
5.1.0 changes for test cases
2013-06-29 00:07:15 +02:00
50daffb784
dhcp: Use chunk_hash_static() to calculate ID-based MAC addresses
2013-06-28 17:00:29 +02:00
4f9aabbfd7
implemented policy rules for OS IMV
2013-06-21 23:25:22 +02:00
62516a7465
testing: Increase base image size so there is space for test results on winnetou
2013-06-11 11:01:26 +02:00
053ad34959
testing: Ignore errors when searching for imcv log entries in daemon.log
2013-06-10 18:52:32 +02:00
c6e1eda6d0
testing: Set terminal title when logging in via SSH
...
Since we always log in as root use a simpler command prompt. And don't
store duplicate commands in the bash command history.
2013-05-15 10:35:48 +02:00
87692be215
Load any type (RSA/ECDSA) of public key via left|rightsigkey
2013-05-07 17:08:31 +02:00
fa1d3d39dc
left|rightrsasigkey accepts SSH keys but the key format has to be specified explicitly
...
The default is now PKCS#1. With the dns: and ssh: prefixes other formats
can be selected.
2013-05-07 15:38:28 +02:00
e74bca9e19
testing: Don't run tests when building tkm
...
The problem with XML/Ada described in 9c2aba27fixes #336 .
2013-05-07 10:19:37 +02:00
9c2aba2735
testing: Don't run tests when building tkm-rpc
...
There are issues with some versions of the XML/Ada library on i386,
blocking the build of the testing environment when these tests are run.
TKM tests won't work in such a case but at least make-testing does not
block with this patch.
Fixes #336 .
2013-05-06 18:17:58 +02:00
0f499f41dc
Use attest database in tnc/tnccs-20-os scenario
2013-04-21 16:31:23 +02:00
1b912ad384
check for successful activation of FIPS mode
2013-04-19 18:46:52 +02:00
b97dd59ba8
install FIPS-aware OpenSSL Debian packages
2013-04-19 18:36:38 +02:00
545df30c18
Added openssl-ikev2/rw-cpa scenario
2013-04-19 18:34:35 +02:00
70312e6596
build openssl-fips in KVM root-image
2013-04-19 18:34:35 +02:00
ef934caba8
build soup plugin in KVM test environment
2013-04-15 20:23:41 +02:00
8d384fb7df
disable reauth, too
2013-04-15 20:21:27 +02:00
654c88bca8
Added charon.initiator_only option which causes charon to ignore IKE initiation requests by peers
2013-04-14 19:57:49 +02:00
8dade2d146
fixed configure options
2013-04-04 21:09:07 +02:00
2a4915e87a
cleaned up XML code in tnccs-11 plugin
2013-04-04 17:12:07 +02:00
fec7c824b8
fix start of wpa_supplicant
2013-03-31 19:48:07 +02:00
c59f3dcb68
Use new strongSwan HA kernel patchset keeping iptables ABI
...
Allows us to install stock debian iptables without the need for patching and
compiling our own.
2013-03-26 10:31:29 +01:00
b5f3c1f785
Define SSHCONF from strongswan testing directory, not TESTDIR
...
This fixes the use of SSHCONF in the ssh wrapper script before ./do-tests
had a chance to create the required symlinks.
2013-03-26 10:31:29 +01:00
0ba8842348
Lazy unmount guest filesystem after building image, as it still might be busy
2013-03-26 10:31:29 +01:00
f7fea72e46
Recipes: Disable Anet unit tests
...
Some Anet unit tests may fail because of the network configuration on
the testing host. These failures do not indicate a problem in Anet but
are a result of unpredictable events.
2013-03-25 16:49:30 +01:00
7e20062fdf
Added hostapd package to base image
2013-03-22 23:53:39 +01:00
8f72ba4aff
Added Framed-IP-Address information to RADIUS accounting records
2013-03-22 23:52:01 +01:00
0b6c43f038
Added ikev2/rw-eap-framed-ip-radius scenario
2013-03-22 19:08:42 +01:00
4a3c1cdc2b
Store debug output from standalone IMC/IMVs
2013-03-22 16:45:24 +01:00
1eada67bcb
Added ikev2/ip-two-pools-v4v6-db scenario
2013-03-22 12:18:43 +01:00
3db17b0ccc
Fixed TKM build
2013-03-22 10:35:48 +01:00
2c80ab3def
Build TNC-enabled wpa_supplicant
2013-03-22 10:33:39 +01:00
8484f2bc5c
Implement multiple-clients integration test
...
Two transport connections to gateway sun are set up, one from client
carol and the other from client dave. The gateway sun uses the Trusted
Key Manager (TKM) and is the responder for both connections. The
authentication is based on X.509 certificates. In order to test the
connections, both carol and dave ping gateway sun.
2013-03-19 15:23:51 +01:00
a520e4a010
Implement net2net-xfrmproxy integration test
2013-03-19 15:23:50 +01:00
847d320950
Implement net2net-initiator integration test
2013-03-19 15:23:50 +01:00
Tobias Brunner