Merge tag 'upstream/5.0.1'

Upstream version 5.0.1

9 files changed, 43 insertions, 31 deletions

diff --git a/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/ipsec.conf b/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/ipsec.conf
index 0d2a5d2c4..3214ace92 100755..100644
--- a/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,6 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
-	plutodebug=control
-	charonstart=no
 
 conn %default
 	ikelifetime=60m
diff --git a/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/ipsec.secrets b/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/ipsec.secrets
index 69313b289..18a074472 100644
--- a/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/ipsec.secrets
+++ b/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/ipsec.secrets
@@ -1,7 +1,3 @@
 # /etc/ipsec.secrets - strongSwan IPsec secrets file
 
-PH_IP_CAROL PH_IP_MOON : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL
-
-
-
-
+192.168.0.100 : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx
diff --git a/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/strongswan.conf
index 453cdc07c..d84cba2b0 100644
--- a/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/strongswan.conf
@@ -1,11 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
-pluto {
-  load = sha1 sha2 md5 aes des hmac gmp random kernel-netlink
-}
-
-# pluto uses optimized DH exponent sizes (RFC 3526)
-
-libstrongswan {
-  dh_exponent_ansi_x9_42 = no
+charon {
+  load = aes des sha1 sha2 md5 gmp random nonce hmac stroke kernel-netlink socket-default updown
 }
diff --git a/testing/tests/ikev1/rw-psk-ipv4/hosts/dave/etc/ipsec.conf b/testing/tests/ikev1/rw-psk-ipv4/hosts/dave/etc/ipsec.conf
new file mode 100644
index 000000000..f59de5f72
--- /dev/null
+++ b/testing/tests/ikev1/rw-psk-ipv4/hosts/dave/etc/ipsec.conf
@@ -0,0 +1,18 @@
+# /etc/ipsec.conf - strongSwan IPsec configuration file
+
+config setup
+
+conn %default
+	ikelifetime=60m
+	keylife=20m
+	rekeymargin=3m
+	keyingtries=1
+	keyexchange=ikev1
+	authby=secret
+	
+conn home
+	left=PH_IP_DAVE
+	leftfirewall=yes
+	right=PH_IP_MOON
+	rightsubnet=10.1.0.0/16
+	auto=add
diff --git a/testing/tests/ikev1/rw-psk-ipv4/hosts/dave/etc/ipsec.secrets b/testing/tests/ikev1/rw-psk-ipv4/hosts/dave/etc/ipsec.secrets
new file mode 100644
index 000000000..a048cb5f2
--- /dev/null
+++ b/testing/tests/ikev1/rw-psk-ipv4/hosts/dave/etc/ipsec.secrets
@@ -0,0 +1,3 @@
+# /etc/ipsec.secrets - strongSwan IPsec secrets file
+
+192.168.0.200 : PSK 0sjVzONCF02ncsgiSlmIXeqhGN
diff --git a/testing/tests/ikev1/rw-psk-ipv4/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/rw-psk-ipv4/hosts/dave/etc/strongswan.conf
new file mode 100644
index 000000000..d84cba2b0
--- /dev/null
+++ b/testing/tests/ikev1/rw-psk-ipv4/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,5 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon {
+  load = aes des sha1 sha2 md5 gmp random nonce hmac stroke kernel-netlink socket-default updown
+}
diff --git a/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/ipsec.conf b/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/ipsec.conf
index 41582eaef..b6bb51c0c 100755..100644
--- a/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,6 @@
 # /etc/ipsec.conf - strongSwan IPsec configuration file
 
 config setup
-	plutodebug=control
-	charonstart=no
 
 conn %default
 	ikelifetime=60m
@@ -11,10 +9,18 @@ conn %default
 	keyingtries=1
 	keyexchange=ikev1
 	authby=secret
+
+conn rw-carol
+	also=rw
+	right=PH_IP_CAROL
+	auto=add
+
+conn rw-dave
+	also=rw
+	right=PH_IP_DAVE
+	auto=add
 	
 conn rw
 	left=PH_IP_MOON
 	leftsubnet=10.1.0.0/16
 	leftfirewall=yes
-	right=%any
-	auto=add
diff --git a/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/ipsec.secrets b/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/ipsec.secrets
index a8e367950..55c639704 100644
--- a/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/ipsec.secrets
+++ b/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/ipsec.secrets
@@ -1,7 +1,5 @@
 # /etc/ipsec.secrets - strongSwan IPsec secrets file
 
-PH_IP_MOON %any : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL
-
-
-
+192.168.0.1 192.168.0.100 : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx
 
+192.168.0.1 192.168.0.200 : PSK 0sjVzONCF02ncsgiSlmIXeqhGN
diff --git a/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/strongswan.conf
index 453cdc07c..d84cba2b0 100644
--- a/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/rw-psk-ipv4/hosts/moon/etc/strongswan.conf
@@ -1,11 +1,5 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
-pluto {
-  load = sha1 sha2 md5 aes des hmac gmp random kernel-netlink
-}
-
-# pluto uses optimized DH exponent sizes (RFC 3526)
-
-libstrongswan {
-  dh_exponent_ansi_x9_42 = no
+charon {
+  load = aes des sha1 sha2 md5 gmp random nonce hmac stroke kernel-netlink socket-default updown
 }