bde5bd47bd
ike-sa-manager: Rename checkout_new() to create_new()
...
We don't actually check that SA out (i.e. it's not registered with the
manager). That was originally different but had to be changed with
86993d6b90
2021-02-12 15:49:08 +01:00
610745e724
unit-tests: Free allocated SPIs in mock IPsec backend
2020-10-27 16:42:01 +01:00
b3ab7a48cc
Spelling fixes
...
* accumulating
* acquire
* alignment
* appropriate
* argument
* assign
* attribute
* authenticate
* authentication
* authenticator
* authority
* auxiliary
* brackets
* callback
* camellia
* can't
* cancelability
* certificate
* choinyambuu
* chunk
* collector
* collision
* communicating
* compares
* compatibility
* compressed
* confidentiality
* configuration
* connection
* consistency
* constraint
* construction
* constructor
* database
* decapsulated
* declaration
* decrypt
* derivative
* destination
* destroyed
* details
* devised
* dynamic
* ecapsulation
* encoded
* encoding
* encrypted
* enforcing
* enumerator
* establishment
* excluded
* exclusively
* exited
* expecting
* expire
* extension
* filter
* firewall
* foundation
* fulfillment
* gateways
* hashing
* hashtable
* heartbeats
* identifier
* identifiers
* identities
* identity
* implementers
* indicating
* initialize
* initiate
* initiation
* initiator
* inner
* instantiate
* legitimate
* libraries
* libstrongswan
* logger
* malloc
* manager
* manually
* measurement
* mechanism
* message
* network
* nonexistent
* object
* occurrence
* optional
* outgoing
* packages
* packets
* padding
* particular
* passphrase
* payload
* periodically
* policies
* possible
* previously
* priority
* proposal
* protocol
* provide
* provider
* pseudo
* pseudonym
* public
* qualifier
* quantum
* quintuplets
* reached
* reading
* recommendation to
* recommendation
* recursive
* reestablish
* referencing
* registered
* rekeying
* reliable
* replacing
* representing
* represents
* request
* request
* resolver
* result
* resulting
* resynchronization
* retriable
* revocation
* right
* rollback
* rule
* rules
* runtime
* scenario
* scheduled
* security
* segment
* service
* setting
* signature
* specific
* specified
* speed
* started
* steffen
* strongswan
* subjectaltname
* supported
* threadsafe
* traffic
* tremendously
* treshold
* unique
* uniqueness
* unknown
* until
* upper
* using
* validator
* verification
* version
* version
* warrior
Closes strongswan/strongswan#164 .
2020-02-11 18:23:07 +01:00
1b19469c67
unit-tests: Make childless initiation configurable
2019-04-25 15:23:19 +02:00
e0678a8cc6
unit-tests: Add helper to create but not yet establish two IKE_SAs
2019-04-25 15:23:19 +02:00
202fb101b8
unit-tests: Add macros to assert certain payloads are (not) in a message
2019-04-25 15:23:19 +02:00
9486a2e5b0
ike-cfg: Pass arguments as struct
2019-04-25 14:31:33 +02:00
35e49ffd2f
unit-tests: Add mock implementation of kernel_net_t
...
This is required for DPDs via ike-mobike task to work (it does a source
address lookup).
2018-06-22 09:20:30 +02:00
2c116ef589
child-sa: Use flags to track installation of outbound SA and policies separately
2017-08-07 10:44:05 +02:00
67ad553a2c
unit-tests: Stringify direction in message asserts early
...
x86_64-w64-mingw32-gcc on Windows requires this.
2017-07-28 11:18:59 +02:00
525cc46cab
Change interface for enumerator_create_filter() callback
...
This avoids the unportable 5 pointer hack, but requires enumerating in
the callback.
2017-05-26 13:56:44 +02:00
72655fe411
unit-tests: Add assert to check for installed IPsec SAs
2017-05-23 18:46:50 +02:00
2b581b59f0
unit-tests: Migrate cached IPsec SAs to new IKE_SAs during rekeying
2017-05-23 18:46:49 +02:00
d80055baae
unit-tests: Keep track of installed IPsec SAs in mock kernel_ipsec_t implementation
2017-05-23 18:46:49 +02:00
d94c122439
unit-tests: Overload helper macro to check for outbound SA state
2017-05-23 18:46:49 +02:00
9665686bd8
daemon: Use separate method to set default loggers
...
This way it is not necessary to pass the same values to reload the
loggers.
2017-01-25 14:58:09 +01:00
40d9a4c892
unit-tests: Only deliver messages to the SA they are addressed to
2016-06-17 18:48:05 +02:00
d7b3ee6cca
unit-tests: Add asserts against IKE_SAs
2016-06-17 18:48:04 +02:00
735bd4ca14
unit-tests: Make sure to flush the IKE_SA manager before destroying the sender
...
As the static plugin that creates and destroys the default sender was
not initialized because of the missing socket the daemon won't destroy
our sender. Test cases will eventually have to flush the IKE_SA manager to
satisfy the leak detective. However, in case of a test failure and if there
are IKE_SAs in the manager the daemon will flush the SAs when deinitializing,
which will cause deletes to get sent. This crashes if the sender is already
destroyed.
2016-06-17 18:48:04 +02:00
b76c1decd4
unit-tests: Return status from process_message()
2016-06-17 18:48:04 +02:00
7c6e0c2979
unit-tests: Use wrapper for add_listener in bus_t related asserts
2016-06-17 18:48:04 +02:00
5d10ef316d
unit-tests: Provide a wrapper around bus_t::add_listener and unregister them during cleanup
...
In case listeners on the stack are triggered while cleaning up after a
test failed (e.g. via ike_sa_manager_t::flush) remaining listeners defined on
the stack would cause a segmentation fault.
2016-06-17 18:48:04 +02:00
557e262f04
unit-tests: Make IKE and ESP proposals configurable
2016-06-17 18:48:03 +02:00
62a2567b06
unit-tests: Add asserts against job scheduling
2016-06-17 18:48:03 +02:00
b79beba518
unit-tests: Add asserts against task queues of IKE_SAs
2016-06-17 18:48:03 +02:00
14588d99a4
unit-tests: Add asserts against ike|child_rekey hooks
2016-06-17 18:48:02 +02:00
5d7f03dcaa
unit-tests: Match in and outbound SPIs in SA asserts
...
Since we use unique sequential SPIs that should be OK.
2016-06-17 18:48:02 +02:00
dda5aab0f4
unit-tests: Register nonce generator and make first nonce byte configurable
2016-06-17 18:48:02 +02:00
c1289eb578
unit-tests: Add mock nonce generator
...
We don't make the full nonces configurable but only the first byte,
which should be enough to force a nonce to be smaller than others.
2016-06-17 18:48:02 +02:00
fbb0b3cb0a
unit-tests: Make message asserts more flexible
2016-06-17 18:48:02 +02:00
7e5424868d
unit-tests: Register mock DH implementation as static plugin feature
2016-06-17 18:48:02 +02:00
1f73a74be0
unit-tests: Add mock DH implementation that's basically a noop
...
If the openssl plugin is built DH isn't that much of an overhead as
ecp256 is used, but the default MODP group is now modp3072.
2016-06-17 18:48:01 +02:00
29f1637b9a
unit-tests: Make IKE SPIs predictable
2016-06-17 18:48:01 +02:00
5d97e5c30f
unit-tests: Call methods on IKE_SAs in their context
2016-06-17 18:48:01 +02:00
632ba2a21e
unit-tests: Add asserts against hooks on listener_t and messages captured there
2016-06-17 18:48:01 +02:00
735b0cdd01
unit-tests: Add asserts against SAs (e.g. their states)
2016-06-17 18:48:01 +02:00
c7f5259cde
unit-tests: Add helper class/object to test IKE exchanges
2016-06-17 18:48:01 +02:00
7a5dd544f6
unit-tests: Add mock kernel_ipsec_t implementation for unit tests
...
Provides predictable sequential SPIs.
2016-06-17 18:48:01 +02:00
87539617f1
unit-tests: Add mock sender_t implementation for unit testing
...
This allows to retrieve packets sent by an IKE_SA and pass it to another
IKE_SA directly via process_message().
2016-06-17 18:48:01 +02:00
Tobias Brunner