7d8cb1f952
added ikev2/rw-eap-tnc-block scenario
2010-10-11 16:58:12 +02:00
8efd583a64
explicit ikev1 key exchange for ikev1/esp-alg-null scenario
2010-10-09 22:07:51 +02:00
1e6c92789e
fixed typo
2010-10-09 22:05:26 +02:00
74e14ed631
define explicit IKEv1 key exchange mode II
2010-10-09 20:04:00 +02:00
ed08f7ce83
use DBG_TNC for TNC debugging output
2010-10-09 16:01:19 +02:00
db24b600fb
changed filter attribute from access to allow
2010-10-09 01:01:19 +02:00
a1afa8d810
added ikev2/rw-eap-tnc scenario
2010-10-09 00:59:31 +02:00
8dcc56dcc0
created tnc-imc and tnc-imv plugins
2010-10-07 23:31:23 +02:00
84babfb895
define explicit IKEv1 key exchange mode
2010-10-07 07:31:44 +02:00
9b201cf859
host venus is used in ikev2/rw-eap-tnc-radius scenario
2010-10-06 10:38:18 +02:00
541666b89f
added ikev2/rw-eap-tnc-radius-block scenario
2010-10-06 10:32:50 +02:00
48e16e0ae1
final version of ikev2/rw-eap-tnc-radius scenario
2010-10-05 20:38:34 +02:00
9ffa3f71f2
fixed typo in image path
2010-10-05 09:09:58 +02:00
e7104a6ec9
updated ikev2/rw-eap-tnc-radius scenario
2010-10-05 07:56:57 +02:00
30f14b7066
added configuration files for dummyimc.so IMC
2010-10-01 00:14:44 +02:00
ea893a5de2
The TNC@FHH TNC Serve does not like symbolic links
2010-09-30 23:35:24 +02:00
cae4668ffb
added tnc_config files to TNC scenario
2010-09-30 12:42:18 +02:00
440231e863
load tnccs-11 plugin in ikev2/rw-eap-tnc-radius scenario
2010-09-28 23:52:59 +02:00
4e8e74fcfa
moved TNCCS layer out of eap_tnc plugin
2010-09-28 23:34:04 +02:00
280c8ea2f0
stop gateway after clients in order to check release of virtual IP
2010-09-26 11:31:39 +02:00
1e6cc07ee4
stop gateway after clients in order to check release of virtual IP
2010-09-26 10:58:28 +02:00
234aaf2df2
stop gateway after clients in order to check release of virtual IP
2010-09-26 10:35:12 +02:00
939c4bf2e8
added ikev1/net2net-same-nets scenario
2010-09-09 13:37:30 +02:00
2774826995
added openssl-ikev2/rw-eap-tls-only scenario
2010-09-07 17:14:32 +02:00
6d71f4dcb9
updown script variable is called PLUTO_UDP_ENC
2010-09-03 12:58:10 +02:00
6deeacd965
adapted debug options
2010-09-03 09:29:56 +02:00
4cbe758cd4
adapted debug options
2010-09-03 09:27:16 +02:00
5175adee66
optimized FreeRadius scenarios for debug output
2010-09-02 22:19:37 +02:00
0fb2980281
added ikev2/rw-eap-tnc-radius scenario
2010-09-02 22:19:37 +02:00
c0cecc0a0e
added radius init script mit increased debugging
2010-09-02 22:19:37 +02:00
f9cfb5c836
display configuration and log of FreeRadius servers
2010-09-02 22:19:37 +02:00
fe962bc788
testing: Added ikev1 xfrm mark scenarios.
2010-09-02 19:04:25 +02:00
f23e7394ae
pluto: Added PLUTO_UDP_ENC argument to updown script.
...
This contains the remote UDP port in case of UDP encapsulated ESP.
2010-09-02 19:04:25 +02:00
80c0328eec
testing: Print output of 'make oldconfig' to STDOUT, besides logging it.
2010-09-02 19:04:23 +02:00
f32c0ce7b6
testing: Only sleep after a host has actually been started.
2010-09-02 19:04:22 +02:00
ad808bc2a2
testing: Build strongSwan a bit faster using make -j.
2010-09-02 19:04:22 +02:00
38dd45c480
testing: Force the UML Kernel to x86.
2010-09-02 19:04:22 +02:00
91ea48352c
testing: Adding kernel-netlink to pluto.load statements.
2010-09-02 19:04:22 +02:00
cc9cfc2e11
testing: Added missing host alice to test.conf.
2010-09-02 19:04:22 +02:00
4171cbd60b
adapted evaltest.dat to new RULE_OCSP_VALIDATION
2010-09-01 22:22:27 +02:00
873604dd7f
defined aaa_identity
2010-09-01 00:16:19 +02:00
d93e2e5409
created an eap-tnc method hull
2010-08-30 15:36:34 +02:00
1bc8690f54
replaced ikev2/esp-alg-aes-ctr by ikev2/alg-aes-ctr
2010-08-29 21:52:08 +02:00
6297dc390f
added ctr ccm and gcm plugins to ikev2/rw-cert scenario
2010-08-29 21:11:00 +02:00
8eb74facfe
added ctr ccm and gcm plugins to openssl-ikev2/rw-cert scenario
2010-08-29 21:09:25 +02:00
6aa82ec280
added ctr ccm and gcm plugins to gcrypt-ikev2/rw-cert scenario
2010-08-29 20:50:37 +02:00
4f2a0bd839
replaced ikev2/esp-alg-aes-gcm by ikev2/alg-aes-gcm
2010-08-29 20:39:51 +02:00
8318d88450
replaced ikev2/esp-alg-aes-ccm by ikev2/alg-aes-ccm
2010-08-29 20:24:12 +02:00
421a529f88
added ikev2/rw-eap-tls-fragments scenario
2010-08-24 10:12:15 +02:00
234aa8ee03
use correct network diagram
2010-08-24 10:09:58 +02:00
906680029d
enable the ccm and gcm plugins in the UML scenarios
2010-08-20 12:47:44 +02:00
f9a2d4bfcb
describe EAP-TTLS phase2 start options using the phase2_piggyback parameter
2010-08-16 19:29:39 +02:00
cf95e162f2
added ikev2/rw-eap-ttls-phase2-piggyback scenario
2010-08-16 18:32:00 +02:00
f2b9b9725c
changed ikev2/rw-eap-ttls-only description
2010-08-16 18:30:41 +02:00
d2be215a99
added ikev2/rw-eap-ttls-only scenario
2010-08-16 16:44:13 +02:00
758d7283fb
used default ipsec.secrets
2010-08-15 12:49:14 +02:00
d662a7ffad
included bad case in ikev2/rw-eap-ttls-radius scenario
2010-08-15 11:13:41 +02:00
eb4c9c609c
version bumps in testing.conf
2010-08-14 21:41:52 +02:00
4618430f83
enable the eap-ttls and ctr plugins in the uml scenarios
2010-08-14 21:40:05 +02:00
e8f971ee4e
added rw-eap-ttls-radius scenario
2010-08-14 20:05:21 +02:00
6ac797ad3a
added ikev2/rw-eap-tls-radius
2010-08-05 19:28:06 +02:00
6b717cc28d
no need for strongSwan VID since the EAP_ONLY notification has been officially registered with IANA
2010-08-05 12:47:09 +02:00
8e7920eea1
generated aaa certificate
2010-08-04 12:44:47 +02:00
f8bb082f1f
added ikev2/rw-eap-tls-only scenario
2010-08-04 08:36:27 +02:00
9dffc26b73
--enable eap-tls and --disable-load-warning in uml build
2010-08-04 07:48:19 +02:00
b599b80013
version bump to 4.4.2
2010-07-30 22:26:14 +02:00
ff7b0dd289
added NETMAP rules for the reverse direction
2010-07-27 21:16:44 +02:00
c100dd6b5f
fixed description of ikev2/net2net-same-nets scenario
2010-07-27 20:50:28 +02:00
c74c4c2a20
added net2net-same-nets
2010-07-25 11:56:33 +02:00
e93f452825
remove the private updown scripts after use
2010-07-17 23:25:15 +02:00
15fd135564
minor fixes in the ikev2/rw-mark-in-out scenarios
2010-07-17 17:36:04 +02:00
f5baa5c4cf
some reformulations
2010-07-17 17:19:26 +02:00
d2d7ed9227
the ikev2/nat-two-rw-mark and ikev2/rw-mark-in-out scenarios use the PLUTO_MARK_IN and PLUTO_ESP_ENC variables in the mark_update script
2010-07-17 16:32:47 +02:00
34e93c0280
fix html error in scenario description
2010-07-17 13:09:28 +02:00
cde633d632
all x509 based sql scenarios require the revocation plugin
2010-07-15 23:19:52 +02:00
c349a68b2e
all x509 based pfkey scenarios require the revocation plugin
2010-07-15 23:17:37 +02:00
f5731b4579
all x509 based p2pnat scenarios require the revocation plugin
2010-07-15 23:07:12 +02:00
295d9cc313
all x509 based ipv6/*-ikev2 scenarios require the revocation plugin
2010-07-15 23:02:17 +02:00
84fe65bd43
all x509 based ike scenarios require the revocation plugin
2010-07-15 22:40:20 +02:00
001787b3eb
all x509 based openssl-ikev2 scenarios require the revocation plugin
2010-07-15 22:33:05 +02:00
6c2bd2a7d8
all x509 based gcrypt-ikev2 scenarios require the revocation plugin
2010-07-15 22:03:16 +02:00
2cf4d34f2f
all x509 based ikev2 scenarios require the revocation plugin
2010-07-15 21:39:01 +02:00
afe5d482db
ikev2/net2net-psk-dscp does not need certificate support
2010-07-15 21:37:45 +02:00
a3527c39dd
add revocation plugin to ikev2/rw-cert scenario
2010-07-15 20:03:11 +02:00
fccf00576f
activate --enable-addrblock configure option in UML scenarios
2010-07-13 21:04:20 +02:00
f90d465ce2
Added addrblock plugin to RFC3779 test cases
2010-07-13 10:26:07 +02:00
1f457546c1
Added revocation plugin to ikev2 crl/ocsp test cases
2010-07-13 10:26:07 +02:00
bb021fbbc9
updated ikev2/ip-two-pools-db scenario to support pool and identity based dns attributes
2010-07-12 20:54:40 +02:00
ab635e029e
updated SQL templates to support attribute pool and identity parameters
2010-07-12 20:28:34 +02:00
ec7adea007
Added support for named attribute groups
...
Add the possibility to group attributes by a name and assign these
groups to connections. This allows a more granular configuration of
which client will receive what atrributes.
2010-07-09 13:09:31 +02:00
f65e0dc80f
added ikev2/net2net-psk-dscp2 DiffServ scenario
2010-07-09 11:55:01 +02:00
9f94906815
added ikev2/nat-two-rw-mark-in-out scenario
2010-07-09 09:36:03 +02:00
bcf608c848
some changes to the ikev2/nat-two-rw-mark scenario
2010-07-09 09:35:02 +02:00
36b3c0a8dd
regenerated loop intermediate CA certificates
2010-07-03 18:18:30 +02:00
342fc85e9e
added ikev2/nat-two-rw-mark scenario
2010-07-03 13:25:09 +02:00
b3f65304ba
check for installed aead algorithms in kernel
2010-06-27 22:26:00 +02:00
39e3b58fe4
use --addattr
2010-06-05 13:49:01 +02:00
88613f159d
use --addattr
2010-06-05 13:47:23 +02:00
4321d19d1e
added ikev2/nat-virtual-ip scenario
2010-06-05 13:42:28 +02:00
b2be7dd621
remove stray carolReq.pem
2010-06-05 13:36:39 +02:00
5a9a255ae5
share pool in ikev1/mode-config-multiple scenario
2010-06-05 13:17:51 +02:00
6d989d356b
use --addattr
2010-06-05 13:15:03 +02:00
bdd28aa9c5
remove stray scenario files
2010-06-05 13:10:39 +02:00
5b6200888b
remove x509 plugin from openssl-ikev1 scenarios
2010-05-28 23:22:15 +02:00
bd371ccac7
remove x509 plugin from remaining openssl-ikev2 scenarios
2010-05-25 15:49:58 +02:00
2996cb3163
openssl-ikev2/rw-cert scenario doesn't need x509 plugin any more
2010-05-25 15:26:46 +02:00
b596f4f260
updated ikev1/rw-cert scenario to support xauth integrity test
2010-05-19 08:31:39 +02:00
73434ce9eb
updated ikev1/xauth-rsa-mode-config scenario to support xauth plugin
2010-05-18 22:57:12 +02:00
1fe5d973cb
updated ikev1/xauth-psk-mode-config scenario to support xauth plugin
2010-05-18 22:56:42 +02:00
17adc8d074
updated ikev1/xauth-psk-mode-config scenario to support xauth plugin
2010-05-18 22:48:37 +02:00
efde96b38e
updated ikev1/xauth-rsa-nosecret scenario to support xauth plugin
2010-05-18 20:20:55 +02:00
4f1110ab7b
created ikev1/xauth-id-psk scenario
2010-05-18 20:04:52 +02:00
dc5d63a599
updated ikev1/xauth-psk scenario to support xauth plugin
2010-05-18 20:04:02 +02:00
8ebc3da64c
updated ikev1/xauth-rsa-fail scenario to xauth plugin
2010-05-18 16:54:25 +02:00
2549ff7849
created ikev1/xauth-id-rsa scenario using XAUTH identities
2010-05-18 16:54:25 +02:00
0a6085b13e
updated ikev1/xauth-rsa scenario to xauth plugin
2010-05-18 16:54:25 +02:00
ee1bdd85d3
it's too late on Saturday evening
2010-05-15 18:52:59 +02:00
3399c3dca0
roll back some changes
2010-05-15 18:48:35 +02:00
31b39e5f7c
encoding of MODE_TUNNEL changed
2010-05-15 18:36:14 +02:00
20ae6eccf5
the keyid is a subjectKeyIdentifier
2010-05-15 17:03:04 +02:00
ccfd54e68d
fixed keyids in sql/rw-psk-rsa-split scenario
2010-05-15 16:55:08 +02:00
4636f1579c
fixed keyids in sql/rw-eap-aka-rsa scenario
2010-05-15 16:44:53 +02:00
88e180489a
fixed keyids in sql/rw-cert scenario
2010-05-15 16:34:50 +02:00
829b790e5b
fixed keyids in sql/net2net-cert scenario
2010-05-15 16:20:34 +02:00
d147de932e
inserted newline
2010-05-15 16:13:22 +02:00
c572f93ed7
fixed keyids in sql/ip-split-pools-db-restart scenario
2010-05-15 16:11:08 +02:00
2948e3d0c2
fixed keyids in sql/ip-split-pools-db scenario
2010-05-15 13:40:11 +02:00
1ae9353d8a
fixed keyids in sql/ip-pool-db-restart scenario
2010-05-15 13:22:49 +02:00
f2c84bd890
fixed keyids in sql/ip-pool-db-expired scenario
2010-05-15 13:07:22 +02:00
0ee2c5e9be
fixed keyids in sql/ip-pool-db scenario
2010-05-15 13:06:48 +02:00
b8520ad50d
adapted evaltest of ikev1/ip-pool-db-push scenario to resolve plugin
2010-05-14 17:26:59 +02:00
9e229e284f
adapted evaltest of ikev1/ip-pool-db scenario to resolve plugin
2010-05-14 17:20:28 +02:00
a273546854
adapted evaltest of ikev1/mode-config-push scenario to resolve plugin
2010-05-14 15:12:03 +02:00
3cbf6db653
adapted evaltest to resolve plugin
2010-05-14 11:07:26 +02:00
a784c540e5
version bump to 4.4.1
2010-05-03 09:09:43 +02:00
4c9b5e742a
updated options in testing.conf
2010-05-02 11:47:24 +02:00
cb9c497a86
added ikev1/alg-esp-aes-gmac scenario
2010-04-27 13:48:37 +02:00
6f7dac0d72
added ikev2/alg-esp-aes-gmac scenario
2010-04-27 13:13:10 +02:00
6207b63d76
added ikev1/alg-modp-subgroup scenario
2010-04-23 15:23:54 +02:00
9239fc4a15
added ikev2/alg-modp-subgroup scenario
2010-04-23 15:03:16 +02:00
2dbff1bf53
added ikev2/dhcp-static-client-id scenario
2010-04-23 12:56:59 +02:00
55fe05d489
fixed optional dnsmasq.conf in the ikev2/dhcp-static-mac scenario
2010-04-23 12:38:30 +02:00
837e9fda57
added ikev2/dhcp-static-mac scenario
2010-04-23 12:33:11 +02:00
bcd20cc987
added ikev2/dhcp-dynamic scenario
2010-04-23 11:52:37 +02:00
355c3a66b1
When logging to the database, the IDs of an IKE SA are initially NULL.
2010-04-12 13:51:10 +02:00
9391b485f7
updated DER versions of research and sales CAs
2010-04-11 22:00:01 +02:00
6e939d2f94
added ikev1/ip-two-pools-mixed scenario
2010-04-11 17:05:42 +02:00
2544e08ec7
IKEv1 uses Mode Config payload
2010-04-11 16:09:09 +02:00
b87edeaade
added ikev1/ip-two-pools scenario
2010-04-11 16:05:54 +02:00
a4b2332fd2
remove virtual interfaces after scenario
2010-04-11 16:05:04 +02:00
Andreas Steffen