dee01d019b
testing: Only load selected plugins in swanctl
...
The main issue is that the ldap and curl plugins, or rather the libraries
they use, initialize GnuTLS (curl, strangely, even when it is, by its own
account, linked against OpenSSL). Some of these allocations are only freed
once the libraries are unloaded. This means that the leak detective causes
invalid frees when swanctl is terminated and libraries are unloaded after the
leak detective is already deinitialized.
2016-06-20 18:23:45 +02:00
eb25b1a73d
testing: Fix expect-connection for tkm tests
...
We don't use swanctl there but there is no load statement either.
2016-06-16 14:35:26 +02:00
5c71cbfa94
testing: Add root to fstab
...
This seems to be required for systemd to remount it.
2016-06-15 16:24:44 +02:00
1c616eccae
testing: Update Apache config for newer Debian releases
...
It is still compatible with the current release as the config in
sites-available will be ignored, while conf-enabled does not exist and
is not included in the main config.
2016-06-15 16:24:44 +02:00
2b0a6811ab
testing: Explicitly enable RC4 in SSH server config
...
Newer OpenSSH versions disable this by default because it's unsafe.
Since this is not relevant for our use case we enable it due to its
speed.
2016-06-15 16:24:44 +02:00
76397efa21
testing: Disable leak detective when generating CRLs
...
GnuTLS, which can get loaded by the curl plugin, does not properly cleanup
some allocated memory when deinitializing. This causes invalid frees if
leak detective is active. Other invalid frees are related to time
conversions (tzset).
References #1382 .
2016-04-06 11:16:59 +02:00
d163aa5eaf
testing: Generate a CRL that has moon's actual certificate revoked
2016-03-10 11:07:15 +01:00
9db530493f
testing: Change sql scenarios to swanctl
2016-01-03 06:28:48 +01:00
b77e25c381
testing: The expect-connection helper may use swanctl to check for connections
...
Depending on the plugin configuration in the test scenario either
`ipsec statusall` or `swanctl --list-conns` is used to check for a named
connection.
2015-12-11 18:26:53 +01:00
dddb32329c
testing: Updated expired mars.strongswan.org certificate
2015-11-26 09:55:28 +01:00
8713e32435
testing: Only send two retransmits after 1 second each to fail negative tests earlier
2015-11-09 15:18:34 +01:00
9a0871ab94
testing: Add a base strongswan.conf file used by all hosts in all scenarios
...
We will use this to set some defaults (e.g. timeouts to make testing
negative tests quicker). We don't want these settings to show up in the
configs of the actual scenarios though.
2015-11-09 15:18:34 +01:00
a98360a64c
testing: BLISS CA uses SHA-3 in its CRL
2015-11-03 21:35:09 +01:00
626b2e85f0
testing: Update AAA certificate on Freeradius as well
2015-08-05 10:01:21 +02:00
9b1eaf083f
testing: Updated expired AAA server certificate
2015-08-04 21:50:01 +02:00
fbcac07043
testing: Regenerated BLISS certificates due to oracle changes
2015-07-27 22:09:08 +02:00
aaeb524cea
testing: Updated loop ca certificates
2015-07-22 17:11:00 +02:00
362e87e3e0
testing: Updated carol's certificate from research CA and dave's certificate from sales CA
2015-04-26 16:52:06 +02:00
c2aca9eed2
Implemented improved BLISS-B signature algorithm
2015-02-25 21:45:34 +01:00
5028644943
Updated RFC3779 certificates
2014-12-28 12:53:16 +01:00
c44f481ae0
Updated BLISS scenario keys and certificates to new format
2014-12-12 12:00:20 +01:00
c02ebf1ecd
Renewed expired certificates
2014-11-29 14:51:18 +01:00
43d9247599
Created ikev2/rw-ntru-bliss scenario
2014-11-29 14:51:18 +01:00
b7b2f9379d
testing: Enable virtio console for guests
...
This allows accessing the guests with `virsh console <name>`.
Using a serial console would also be possible but our kernel configs
have no serial drivers enabled, CONFIG_VIRTIO_CONSOLE is enabled though.
So to avoid having to recompile the kernels let's do it this way, only
requires rebuilding the guest images.
References #729 .
2014-10-10 19:03:28 +02:00
030295dd44
testing: Updated swanctl certificates and keys
2014-10-03 12:50:08 +02:00
1bab64e7cb
testing: Update public keys and certificates in DNS zone
2014-10-03 12:44:13 +02:00
51da5b920b
Generated new test certificates
2014-08-28 21:34:40 +02:00
b09016377a
Define default swanctl credentials in hosts directory
2014-06-10 16:19:00 +02:00
2721832a45
First swanctl scenario
2014-06-01 21:12:15 +02:00
2382d45b1c
Test SWID REST API ins tnc/tnccs-20-pdp scenarios
2014-05-31 21:25:46 +02:00
edd2ed860f
Renewed expired user certificate
2014-04-15 09:28:37 +02:00
7afd217ff9
Renewed self-signed OCSP signer certificate
2014-03-27 22:52:11 +01:00
bee64a82d7
Updated expired certificates issued by the Research and Sales Intermediate CAs
2014-03-24 23:38:45 +01:00
2d79f6d81e
Renewed revoked Research CA certificate
2014-03-22 15:16:15 +01:00
9942e43dc6
testing: Use installed PTS SQL schema and data instead of local copy
2014-02-12 14:08:34 +01:00
96e8715e32
testing: Use installed SQL schema instead of local copy
2014-02-12 14:08:34 +01:00
d6804e3041
Added missing semicolon in SQL statements
2014-02-05 10:15:56 +01:00
523c2874fb
Added Android 4.3.1 to products database table
2014-02-04 19:49:34 +01:00
2a43f7fd9e
Added new Android versions to PTS database
2014-02-04 06:59:01 +01:00
eeaa8a2417
Added TPMRA workitem support in PTS database
2014-01-16 01:46:55 +01:00
b891c22aa9
Updated and split data.sql
2013-10-23 00:26:02 +02:00
cae778147a
Define aaa.strongswan.org in /etc/hosts
2013-10-11 20:16:59 +02:00
a4d6a5a359
testing: Provide moon's and sun's certificate as CERT RR
2013-10-11 15:45:42 +02:00
71d468ec90
testing: Allow AH packets in default INPUT/OUTPUT chains
2013-10-11 10:15:22 +02:00
9b8137fdd3
Added tags table and some tag samples
2013-09-05 11:29:23 +02:00
86f00e6aff
Added regids table and some sample reqid data
2013-09-02 12:00:47 +02:00
4c961168cc
Updated PTS database scheme to new workitems model
2013-07-29 11:41:47 +02:00
9844f240f8
Register packages under Debian 7.0 x86_64
2013-07-04 22:53:41 +02:00
9ea77350ce
Fixed index.txt for strongSwan EC CA
2013-07-01 11:01:11 +02:00
b1f1e5e5f2
5.1.0 changes for test cases
2013-06-29 00:07:15 +02:00
Tobias Brunner