Imported Upstream version 5.5.0

author: Yves-Alexis Perez <corsac@debian.org> 2016-07-16 15:19:53 +0200
committer: Yves-Alexis Perez <corsac@debian.org> 2016-07-16 15:19:53 +0200
commit: bf372706c469764d59e9f29c39e3ecbebd72b8d2 (patch)
tree: 0f0e296e2d50e4a7faf99ae6fa428d2681e81ea1 /testing/hosts
parent: 518dd33c94e041db0444c7d1f33da363bb8e3faf (diff)
download: vyos-strongswan-bf372706c469764d59e9f29c39e3ecbebd72b8d2.tar.gz
vyos-strongswan-bf372706c469764d59e9f29c39e3ecbebd72b8d2.zip
7 files changed, 44 insertions, 10 deletions
diff --git a/testing/hosts/default/etc/fstab b/testing/hosts/default/etc/fstab
index 12747232e..9b0f70203 100644
--- a/testing/hosts/default/etc/fstab
+++ b/testing/hosts/default/etc/fstab
@@ -1 +1,2 @@
+/dev/vda1	/			ext3	defaults,relatime,barrier=1	0	1
 /hostshare /root/shared 9p trans=virtio,version=9p2000.L 0 0
diff --git a/testing/hosts/default/etc/ssh/sshd_config b/testing/hosts/default/etc/ssh/sshd_config
index 07b7e78e5..ae2e4cc84 100644
--- a/testing/hosts/default/etc/ssh/sshd_config
+++ b/testing/hosts/default/etc/ssh/sshd_config
@@ -1,5 +1,6 @@
 Port 22
 Protocol 2
+Ciphers arcfour
 HostKey /etc/ssh/ssh_host_rsa_key
 HostKey /etc/ssh/ssh_host_dsa_key
 HostKey /etc/ssh/ssh_host_ecdsa_key
diff --git a/testing/hosts/default/usr/local/bin/expect-connection b/testing/hosts/default/usr/local/bin/expect-connection
index 17e2b7fbe..ded9f791c 100755
--- a/testing/hosts/default/usr/local/bin/expect-connection
+++ b/testing/hosts/default/usr/local/bin/expect-connection
@@ -17,7 +17,7 @@ secs=$2
 
 cmd="swanctl --list-conns"
 grep 'load.*stroke' /etc/strongswan.conf >/dev/null
-if [ $? -eq 0 ]; then
+if [ $? -eq 0 -o -n "$DAEMON_NAME" ]; then
 	cmd="ipsec statusall"
 fi
 
diff --git a/testing/hosts/winnetou/etc/apache2/conf-enabled/testresults-as-text.conf b/testing/hosts/winnetou/etc/apache2/conf-enabled/testresults-as-text.conf
new file mode 100644
index 000000000..6f5f3011c
--- /dev/null
+++ b/testing/hosts/winnetou/etc/apache2/conf-enabled/testresults-as-text.conf
@@ -0,0 +1 @@
+AddType text/plain .iptables .log .sql
diff --git a/testing/hosts/winnetou/etc/apache2/sites-available/000-default.conf b/testing/hosts/winnetou/etc/apache2/sites-available/000-default.conf
new file mode 100644
index 000000000..933589906
--- /dev/null
+++ b/testing/hosts/winnetou/etc/apache2/sites-available/000-default.conf
@@ -0,0 +1,12 @@
+<VirtualHost *:80>
+        ServerAdmin webmaster@localhost
+
+        DocumentRoot /var/www
+        <Directory /var/www/>
+                Options Indexes FollowSymLinks MultiViews
+        </Directory>
+
+        LogLevel warn
+        ErrorLog ${APACHE_LOG_DIR}/error.log
+        CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>
diff --git a/testing/hosts/winnetou/etc/apache2/sites-enabled/001-ocsp_vhost b/testing/hosts/winnetou/etc/apache2/sites-enabled/001-ocsp_vhost.conf
index b76080e37..0772c34ea 100644
--- a/testing/hosts/winnetou/etc/apache2/sites-enabled/001-ocsp_vhost
+++ b/testing/hosts/winnetou/etc/apache2/sites-enabled/001-ocsp_vhost.conf
@@ -11,9 +11,14 @@ AddHandler cgi-script .cgi
     ServerAlias	 192.168.0.150
     DirectoryIndex ocsp.cgi
     <Directory "/etc/openssl/ocsp">
-       Options  +ExecCGI
-       Order allow,deny
-       Allow from all
+        Options  +ExecCGI
+        <IfModule mod_authz_core.c>
+            Require all granted
+        </IfModule>
+        <IfModule !mod_authz_core.c>
+            Order deny,allow
+            Allow from all
+        </IfModule>
    </Directory>
    ErrorLog     /var/log/apache2/ocsp/error_log
    CustomLog    /var/log/apache2/ocsp/access_log combined
@@ -28,9 +33,14 @@ Listen 8881
     ServerAlias	 ocsp.strongswan.org 192.168.0.150
     DirectoryIndex ocsp.cgi
     <Directory "/etc/openssl/research/ocsp">
-       Options +ExecCGI
-       Order allow,deny
-       Allow from all
+        Options +ExecCGI
+        <IfModule mod_authz_core.c>
+            Require all granted
+        </IfModule>
+        <IfModule !mod_authz_core.c>
+            Order deny,allow
+            Allow from all
+        </IfModule>
    </Directory>
    ErrorLog     /var/log/apache2/ocsp/error_log
    CustomLog    /var/log/apache2/ocsp/access_log combined
@@ -45,9 +55,14 @@ Listen 8882
     ServerAlias	 ocsp.strongswan.org 192.168.0.150
     DirectoryIndex ocsp.cgi
     <Directory "/etc/openssl/sales/ocsp">
-       Options +ExecCGI
-       Order allow,deny
-       Allow from all
+        Options +ExecCGI
+        <IfModule mod_authz_core.c>
+            Require all granted
+        </IfModule>
+        <IfModule !mod_authz_core.c>
+            Order deny,allow
+            Allow from all
+        </IfModule>
    </Directory>
    ErrorLog     /var/log/apache2/ocsp/error_log
    CustomLog    /var/log/apache2/ocsp/access_log combined
diff --git a/testing/hosts/winnetou/etc/openssl/generate-crl b/testing/hosts/winnetou/etc/openssl/generate-crl
index de3c13dcf..fd75ed0f3 100755
--- a/testing/hosts/winnetou/etc/openssl/generate-crl
+++ b/testing/hosts/winnetou/etc/openssl/generate-crl
@@ -14,6 +14,10 @@
 # or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 # for more details.
 
+# libgnutls, if pulled in by libcurl, does not properly cleanup all memory,
+# which causes invalid frees during shutdown when leak detective is used
+export LEAK_DETECTIVE_DISABLE=1
+
 export COMMON_NAME=strongSwan
 
 ROOT=/var/www
author	Yves-Alexis Perez <corsac@debian.org>	2016-07-16 15:19:53 +0200
committer	Yves-Alexis Perez <corsac@debian.org>	2016-07-16 15:19:53 +0200
commit	bf372706c469764d59e9f29c39e3ecbebd72b8d2 (patch)
tree	0f0e296e2d50e4a7faf99ae6fa428d2681e81ea1 /testing/hosts
parent	518dd33c94e041db0444c7d1f33da363bb8e3faf (diff)
download	vyos-strongswan-bf372706c469764d59e9f29c39e3ecbebd72b8d2.tar.gz vyos-strongswan-bf372706c469764d59e9f29c39e3ecbebd72b8d2.zip