Tobias Brunner
bde5bd47bd
ike-sa-manager: Rename checkout_new() to create_new()
...
We don't actually check that SA out (i.e. it's not registered with the
manager). That was originally different but had to be changed with
86993d6b90
to avoid that SAs created for rekeying don't block other
threads on the manager.
2021-02-12 15:49:08 +01:00
Tobias Brunner
610745e724
unit-tests: Free allocated SPIs in mock IPsec backend
2020-10-27 16:42:01 +01:00
Josh Soref
b3ab7a48cc
Spelling fixes
...
* accumulating
* acquire
* alignment
* appropriate
* argument
* assign
* attribute
* authenticate
* authentication
* authenticator
* authority
* auxiliary
* brackets
* callback
* camellia
* can't
* cancelability
* certificate
* choinyambuu
* chunk
* collector
* collision
* communicating
* compares
* compatibility
* compressed
* confidentiality
* configuration
* connection
* consistency
* constraint
* construction
* constructor
* database
* decapsulated
* declaration
* decrypt
* derivative
* destination
* destroyed
* details
* devised
* dynamic
* ecapsulation
* encoded
* encoding
* encrypted
* enforcing
* enumerator
* establishment
* excluded
* exclusively
* exited
* expecting
* expire
* extension
* filter
* firewall
* foundation
* fulfillment
* gateways
* hashing
* hashtable
* heartbeats
* identifier
* identifiers
* identities
* identity
* implementers
* indicating
* initialize
* initiate
* initiation
* initiator
* inner
* instantiate
* legitimate
* libraries
* libstrongswan
* logger
* malloc
* manager
* manually
* measurement
* mechanism
* message
* network
* nonexistent
* object
* occurrence
* optional
* outgoing
* packages
* packets
* padding
* particular
* passphrase
* payload
* periodically
* policies
* possible
* previously
* priority
* proposal
* protocol
* provide
* provider
* pseudo
* pseudonym
* public
* qualifier
* quantum
* quintuplets
* reached
* reading
* recommendation to
* recommendation
* recursive
* reestablish
* referencing
* registered
* rekeying
* reliable
* replacing
* representing
* represents
* request
* request
* resolver
* result
* resulting
* resynchronization
* retriable
* revocation
* right
* rollback
* rule
* rules
* runtime
* scenario
* scheduled
* security
* segment
* service
* setting
* signature
* specific
* specified
* speed
* started
* steffen
* strongswan
* subjectaltname
* supported
* threadsafe
* traffic
* tremendously
* treshold
* unique
* uniqueness
* unknown
* until
* upper
* using
* validator
* verification
* version
* version
* warrior
Closes strongswan/strongswan#164 .
2020-02-11 18:23:07 +01:00
Tobias Brunner
1b19469c67
unit-tests: Make childless initiation configurable
2019-04-25 15:23:19 +02:00
Tobias Brunner
e0678a8cc6
unit-tests: Add helper to create but not yet establish two IKE_SAs
2019-04-25 15:23:19 +02:00
Tobias Brunner
202fb101b8
unit-tests: Add macros to assert certain payloads are (not) in a message
2019-04-25 15:23:19 +02:00
Tobias Brunner
9486a2e5b0
ike-cfg: Pass arguments as struct
2019-04-25 14:31:33 +02:00
Tobias Brunner
35e49ffd2f
unit-tests: Add mock implementation of kernel_net_t
...
This is required for DPDs via ike-mobike task to work (it does a source
address lookup).
2018-06-22 09:20:30 +02:00
Tobias Brunner
2c116ef589
child-sa: Use flags to track installation of outbound SA and policies separately
2017-08-07 10:44:05 +02:00
Tobias Brunner
67ad553a2c
unit-tests: Stringify direction in message asserts early
...
x86_64-w64-mingw32-gcc on Windows requires this.
2017-07-28 11:18:59 +02:00
Tobias Brunner
525cc46cab
Change interface for enumerator_create_filter() callback
...
This avoids the unportable 5 pointer hack, but requires enumerating in
the callback.
2017-05-26 13:56:44 +02:00
Tobias Brunner
72655fe411
unit-tests: Add assert to check for installed IPsec SAs
2017-05-23 18:46:50 +02:00
Tobias Brunner
2b581b59f0
unit-tests: Migrate cached IPsec SAs to new IKE_SAs during rekeying
2017-05-23 18:46:49 +02:00
Tobias Brunner
d80055baae
unit-tests: Keep track of installed IPsec SAs in mock kernel_ipsec_t implementation
2017-05-23 18:46:49 +02:00
Tobias Brunner
d94c122439
unit-tests: Overload helper macro to check for outbound SA state
2017-05-23 18:46:49 +02:00
Tobias Brunner
9665686bd8
daemon: Use separate method to set default loggers
...
This way it is not necessary to pass the same values to reload the
loggers.
2017-01-25 14:58:09 +01:00
Tobias Brunner
40d9a4c892
unit-tests: Only deliver messages to the SA they are addressed to
2016-06-17 18:48:05 +02:00
Tobias Brunner
d7b3ee6cca
unit-tests: Add asserts against IKE_SAs
2016-06-17 18:48:04 +02:00
Tobias Brunner
735bd4ca14
unit-tests: Make sure to flush the IKE_SA manager before destroying the sender
...
As the static plugin that creates and destroys the default sender was
not initialized because of the missing socket the daemon won't destroy
our sender. Test cases will eventually have to flush the IKE_SA manager to
satisfy the leak detective. However, in case of a test failure and if there
are IKE_SAs in the manager the daemon will flush the SAs when deinitializing,
which will cause deletes to get sent. This crashes if the sender is already
destroyed.
2016-06-17 18:48:04 +02:00
Tobias Brunner
b76c1decd4
unit-tests: Return status from process_message()
2016-06-17 18:48:04 +02:00
Tobias Brunner
7c6e0c2979
unit-tests: Use wrapper for add_listener in bus_t related asserts
2016-06-17 18:48:04 +02:00
Tobias Brunner
5d10ef316d
unit-tests: Provide a wrapper around bus_t::add_listener and unregister them during cleanup
...
In case listeners on the stack are triggered while cleaning up after a
test failed (e.g. via ike_sa_manager_t::flush) remaining listeners defined on
the stack would cause a segmentation fault.
2016-06-17 18:48:04 +02:00
Tobias Brunner
557e262f04
unit-tests: Make IKE and ESP proposals configurable
2016-06-17 18:48:03 +02:00
Tobias Brunner
62a2567b06
unit-tests: Add asserts against job scheduling
2016-06-17 18:48:03 +02:00
Tobias Brunner
b79beba518
unit-tests: Add asserts against task queues of IKE_SAs
2016-06-17 18:48:03 +02:00
Tobias Brunner
14588d99a4
unit-tests: Add asserts against ike|child_rekey hooks
2016-06-17 18:48:02 +02:00
Tobias Brunner
5d7f03dcaa
unit-tests: Match in and outbound SPIs in SA asserts
...
Since we use unique sequential SPIs that should be OK.
2016-06-17 18:48:02 +02:00
Tobias Brunner
dda5aab0f4
unit-tests: Register nonce generator and make first nonce byte configurable
2016-06-17 18:48:02 +02:00
Tobias Brunner
c1289eb578
unit-tests: Add mock nonce generator
...
We don't make the full nonces configurable but only the first byte,
which should be enough to force a nonce to be smaller than others.
2016-06-17 18:48:02 +02:00
Tobias Brunner
fbb0b3cb0a
unit-tests: Make message asserts more flexible
2016-06-17 18:48:02 +02:00
Tobias Brunner
7e5424868d
unit-tests: Register mock DH implementation as static plugin feature
2016-06-17 18:48:02 +02:00
Tobias Brunner
1f73a74be0
unit-tests: Add mock DH implementation that's basically a noop
...
If the openssl plugin is built DH isn't that much of an overhead as
ecp256 is used, but the default MODP group is now modp3072.
2016-06-17 18:48:01 +02:00
Tobias Brunner
29f1637b9a
unit-tests: Make IKE SPIs predictable
2016-06-17 18:48:01 +02:00
Tobias Brunner
5d97e5c30f
unit-tests: Call methods on IKE_SAs in their context
2016-06-17 18:48:01 +02:00
Tobias Brunner
632ba2a21e
unit-tests: Add asserts against hooks on listener_t and messages captured there
2016-06-17 18:48:01 +02:00
Tobias Brunner
735b0cdd01
unit-tests: Add asserts against SAs (e.g. their states)
2016-06-17 18:48:01 +02:00
Tobias Brunner
c7f5259cde
unit-tests: Add helper class/object to test IKE exchanges
2016-06-17 18:48:01 +02:00
Tobias Brunner
7a5dd544f6
unit-tests: Add mock kernel_ipsec_t implementation for unit tests
...
Provides predictable sequential SPIs.
2016-06-17 18:48:01 +02:00
Tobias Brunner
87539617f1
unit-tests: Add mock sender_t implementation for unit testing
...
This allows to retrieve packets sent by an IKE_SA and pass it to another
IKE_SA directly via process_message().
2016-06-17 18:48:01 +02:00