Tobias Brunner
dee01d019b
testing: Only load selected plugins in swanctl
...
The main issue is that the ldap and curl plugins, or rather the libraries
they use, initialize GnuTLS (curl, strangely, even when it is, by its own
account, linked against OpenSSL). Some of these allocations are only freed
once the libraries are unloaded. This means that the leak detective causes
invalid frees when swanctl is terminated and libraries are unloaded after the
leak detective is already deinitialized.
2016-06-20 18:23:45 +02:00
Tobias Brunner
eb25b1a73d
testing: Fix expect-connection for tkm tests
...
We don't use swanctl there but there is no load statement either.
2016-06-16 14:35:26 +02:00
Tobias Brunner
5c71cbfa94
testing: Add root to fstab
...
This seems to be required for systemd to remount it.
2016-06-15 16:24:44 +02:00
Tobias Brunner
1c616eccae
testing: Update Apache config for newer Debian releases
...
It is still compatible with the current release as the config in
sites-available will be ignored, while conf-enabled does not exist and
is not included in the main config.
2016-06-15 16:24:44 +02:00
Tobias Brunner
2b0a6811ab
testing: Explicitly enable RC4 in SSH server config
...
Newer OpenSSH versions disable this by default because it's unsafe.
Since this is not relevant for our use case we enable it due to its
speed.
2016-06-15 16:24:44 +02:00
Tobias Brunner
76397efa21
testing: Disable leak detective when generating CRLs
...
GnuTLS, which can get loaded by the curl plugin, does not properly cleanup
some allocated memory when deinitializing. This causes invalid frees if
leak detective is active. Other invalid frees are related to time
conversions (tzset).
References #1382 .
2016-04-06 11:16:59 +02:00
Tobias Brunner
d163aa5eaf
testing: Generate a CRL that has moon's actual certificate revoked
2016-03-10 11:07:15 +01:00
Andreas Steffen
9db530493f
testing: Change sql scenarios to swanctl
2016-01-03 06:28:48 +01:00
Tobias Brunner
b77e25c381
testing: The expect-connection helper may use swanctl to check for connections
...
Depending on the plugin configuration in the test scenario either
`ipsec statusall` or `swanctl --list-conns` is used to check for a named
connection.
2015-12-11 18:26:53 +01:00
Andreas Steffen
dddb32329c
testing: Updated expired mars.strongswan.org certificate
2015-11-26 09:55:28 +01:00
Tobias Brunner
8713e32435
testing: Only send two retransmits after 1 second each to fail negative tests earlier
2015-11-09 15:18:34 +01:00
Tobias Brunner
9a0871ab94
testing: Add a base strongswan.conf file used by all hosts in all scenarios
...
We will use this to set some defaults (e.g. timeouts to make testing
negative tests quicker). We don't want these settings to show up in the
configs of the actual scenarios though.
2015-11-09 15:18:34 +01:00
Andreas Steffen
a98360a64c
testing: BLISS CA uses SHA-3 in its CRL
2015-11-03 21:35:09 +01:00
Andreas Steffen
626b2e85f0
testing: Update AAA certificate on Freeradius as well
2015-08-05 10:01:21 +02:00
Andreas Steffen
9b1eaf083f
testing: Updated expired AAA server certificate
2015-08-04 21:50:01 +02:00
Andreas Steffen
fbcac07043
testing: Regenerated BLISS certificates due to oracle changes
2015-07-27 22:09:08 +02:00
Andreas Steffen
aaeb524cea
testing: Updated loop ca certificates
2015-07-22 17:11:00 +02:00
Andreas Steffen
362e87e3e0
testing: Updated carol's certificate from research CA and dave's certificate from sales CA
2015-04-26 16:52:06 +02:00
Andreas Steffen
c2aca9eed2
Implemented improved BLISS-B signature algorithm
2015-02-25 21:45:34 +01:00
Andreas Steffen
5028644943
Updated RFC3779 certificates
2014-12-28 12:53:16 +01:00
Andreas Steffen
c44f481ae0
Updated BLISS scenario keys and certificates to new format
2014-12-12 12:00:20 +01:00
Andreas Steffen
c02ebf1ecd
Renewed expired certificates
2014-11-29 14:51:18 +01:00
Andreas Steffen
43d9247599
Created ikev2/rw-ntru-bliss scenario
2014-11-29 14:51:18 +01:00
Tobias Brunner
b7b2f9379d
testing: Enable virtio console for guests
...
This allows accessing the guests with `virsh console <name>`.
Using a serial console would also be possible but our kernel configs
have no serial drivers enabled, CONFIG_VIRTIO_CONSOLE is enabled though.
So to avoid having to recompile the kernels let's do it this way, only
requires rebuilding the guest images.
References #729 .
2014-10-10 19:03:28 +02:00
Tobias Brunner
030295dd44
testing: Updated swanctl certificates and keys
2014-10-03 12:50:08 +02:00
Tobias Brunner
1bab64e7cb
testing: Update public keys and certificates in DNS zone
2014-10-03 12:44:13 +02:00
Andreas Steffen
51da5b920b
Generated new test certificates
2014-08-28 21:34:40 +02:00
Andreas Steffen
b09016377a
Define default swanctl credentials in hosts directory
2014-06-10 16:19:00 +02:00
Andreas Steffen
2721832a45
First swanctl scenario
2014-06-01 21:12:15 +02:00
Andreas Steffen
2382d45b1c
Test SWID REST API ins tnc/tnccs-20-pdp scenarios
2014-05-31 21:25:46 +02:00
Andreas Steffen
edd2ed860f
Renewed expired user certificate
2014-04-15 09:28:37 +02:00
Andreas Steffen
7afd217ff9
Renewed self-signed OCSP signer certificate
2014-03-27 22:52:11 +01:00
Andreas Steffen
bee64a82d7
Updated expired certificates issued by the Research and Sales Intermediate CAs
2014-03-24 23:38:45 +01:00
Andreas Steffen
2d79f6d81e
Renewed revoked Research CA certificate
2014-03-22 15:16:15 +01:00
Tobias Brunner
9942e43dc6
testing: Use installed PTS SQL schema and data instead of local copy
2014-02-12 14:08:34 +01:00
Tobias Brunner
96e8715e32
testing: Use installed SQL schema instead of local copy
2014-02-12 14:08:34 +01:00
Andreas Steffen
d6804e3041
Added missing semicolon in SQL statements
2014-02-05 10:15:56 +01:00
Andreas Steffen
523c2874fb
Added Android 4.3.1 to products database table
2014-02-04 19:49:34 +01:00
Andreas Steffen
2a43f7fd9e
Added new Android versions to PTS database
2014-02-04 06:59:01 +01:00
Andreas Steffen
eeaa8a2417
Added TPMRA workitem support in PTS database
2014-01-16 01:46:55 +01:00
Andreas Steffen
b891c22aa9
Updated and split data.sql
2013-10-23 00:26:02 +02:00
Andreas Steffen
cae778147a
Define aaa.strongswan.org in /etc/hosts
2013-10-11 20:16:59 +02:00
Tobias Brunner
a4d6a5a359
testing: Provide moon's and sun's certificate as CERT RR
2013-10-11 15:45:42 +02:00
Martin Willi
71d468ec90
testing: Allow AH packets in default INPUT/OUTPUT chains
2013-10-11 10:15:22 +02:00
Andreas Steffen
9b8137fdd3
Added tags table and some tag samples
2013-09-05 11:29:23 +02:00
Andreas Steffen
86f00e6aff
Added regids table and some sample reqid data
2013-09-02 12:00:47 +02:00
Andreas Steffen
4c961168cc
Updated PTS database scheme to new workitems model
2013-07-29 11:41:47 +02:00
Andreas Steffen
9844f240f8
Register packages under Debian 7.0 x86_64
2013-07-04 22:53:41 +02:00
Andreas Steffen
9ea77350ce
Fixed index.txt for strongSwan EC CA
2013-07-01 11:01:11 +02:00
Andreas Steffen
b1f1e5e5f2
5.1.0 changes for test cases
2013-06-29 00:07:15 +02:00