summaryrefslogtreecommitdiff
path: root/testing/tests/ikev1
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@debian.org>2015-11-18 14:49:27 +0100
committerYves-Alexis Perez <corsac@debian.org>2015-11-18 14:49:27 +0100
commit1e980d6be0ef0e243c6fe82b5e855454b97e24a4 (patch)
tree0d59eec2ce2ed332434ae80fc78a44db9ad293c5 /testing/tests/ikev1
parent5dca9ea0e2931f0e2a056c7964d311bcc30a01b8 (diff)
downloadvyos-strongswan-1e980d6be0ef0e243c6fe82b5e855454b97e24a4.tar.gz
vyos-strongswan-1e980d6be0ef0e243c6fe82b5e855454b97e24a4.zip
Imported Upstream version 5.3.4
Diffstat (limited to 'testing/tests/ikev1')
-rw-r--r--testing/tests/ikev1/alg-3des-md5/pretest.dat2
-rw-r--r--testing/tests/ikev1/alg-blowfish/pretest.dat3
-rw-r--r--testing/tests/ikev1/alg-modp-subgroup/pretest.dat3
-rw-r--r--testing/tests/ikev1/alg-sha256/pretest.dat2
-rw-r--r--testing/tests/ikev1/alg-sha384/pretest.dat2
-rw-r--r--testing/tests/ikev1/alg-sha512/pretest.dat2
-rw-r--r--testing/tests/ikev1/compress/pretest.dat2
-rw-r--r--testing/tests/ikev1/config-payload-push/pretest.dat4
-rw-r--r--testing/tests/ikev1/config-payload/pretest.dat4
-rw-r--r--testing/tests/ikev1/double-nat-net/pretest.dat3
-rw-r--r--testing/tests/ikev1/double-nat/pretest.dat3
-rw-r--r--testing/tests/ikev1/dpd-clear/description.txt2
-rw-r--r--testing/tests/ikev1/dpd-clear/evaltest.dat4
-rw-r--r--testing/tests/ikev1/dpd-clear/hosts/moon/etc/ipsec.conf4
-rw-r--r--testing/tests/ikev1/dpd-clear/pretest.dat2
-rw-r--r--testing/tests/ikev1/dpd-restart/description.txt6
-rw-r--r--testing/tests/ikev1/dpd-restart/evaltest.dat4
-rw-r--r--testing/tests/ikev1/dpd-restart/hosts/carol/etc/ipsec.conf4
-rw-r--r--testing/tests/ikev1/dpd-restart/pretest.dat2
-rw-r--r--testing/tests/ikev1/dynamic-initiator/posttest.dat1
-rw-r--r--testing/tests/ikev1/dynamic-initiator/pretest.dat5
-rw-r--r--testing/tests/ikev1/dynamic-responder/posttest.dat1
-rw-r--r--testing/tests/ikev1/dynamic-responder/pretest.dat7
-rw-r--r--testing/tests/ikev1/dynamic-two-peers/posttest.dat1
-rw-r--r--testing/tests/ikev1/dynamic-two-peers/pretest.dat4
-rw-r--r--testing/tests/ikev1/esp-alg-aes-ccm/pretest.dat2
-rw-r--r--testing/tests/ikev1/esp-alg-aes-ctr/pretest.dat2
-rw-r--r--testing/tests/ikev1/esp-alg-aes-gcm/pretest.dat2
-rw-r--r--testing/tests/ikev1/esp-alg-aes-gmac/pretest.dat2
-rw-r--r--testing/tests/ikev1/esp-alg-aes-xcbc/pretest.dat2
-rw-r--r--testing/tests/ikev1/esp-alg-null/pretest.dat3
-rw-r--r--testing/tests/ikev1/host2host-ah/pretest.dat2
-rw-r--r--testing/tests/ikev1/host2host-cert/pretest.dat2
-rw-r--r--testing/tests/ikev1/host2host-transport/pretest.dat2
-rw-r--r--testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/ip-pool-db/posttest.dat1
-rw-r--r--testing/tests/ikev1/ip-pool-db/pretest.dat10
-rw-r--r--testing/tests/ikev1/ip-pool-db/test.conf4
-rw-r--r--testing/tests/ikev1/ip-pool/pretest.dat4
-rw-r--r--testing/tests/ikev1/multi-level-ca-cr-init/pretest.dat3
-rw-r--r--testing/tests/ikev1/multi-level-ca-cr-resp/pretest.dat3
-rw-r--r--testing/tests/ikev1/multi-level-ca/pretest.dat5
-rw-r--r--testing/tests/ikev1/nat-rw/pretest.dat5
-rw-r--r--testing/tests/ikev1/nat-virtual-ip/pretest.dat3
-rw-r--r--testing/tests/ikev1/net2net-ah/pretest.dat4
-rw-r--r--testing/tests/ikev1/net2net-cert/pretest.dat4
-rw-r--r--testing/tests/ikev1/net2net-fragmentation/pretest.dat4
-rw-r--r--testing/tests/ikev1/net2net-ntru-cert/pretest.dat2
-rw-r--r--testing/tests/ikev1/net2net-psk-fail/pretest.dat4
-rw-r--r--testing/tests/ikev1/net2net-psk/pretest.dat4
-rw-r--r--testing/tests/ikev1/protoport-dual/pretest.dat3
-rw-r--r--testing/tests/ikev1/rw-cert-aggressive/pretest.dat3
-rw-r--r--testing/tests/ikev1/rw-cert-unity/pretest.dat2
-rw-r--r--testing/tests/ikev1/rw-cert/pretest.dat4
-rw-r--r--testing/tests/ikev1/rw-initiator-only/hosts/dave/etc/strongswan.conf4
-rw-r--r--testing/tests/ikev1/rw-initiator-only/pretest.dat3
-rw-r--r--testing/tests/ikev1/rw-ntru-psk/pretest.dat4
-rw-r--r--testing/tests/ikev1/rw-psk-aggressive/pretest.dat5
-rw-r--r--testing/tests/ikev1/rw-psk-fqdn/pretest.dat5
-rw-r--r--testing/tests/ikev1/rw-psk-ipv4/pretest.dat5
-rw-r--r--testing/tests/ikev1/virtual-ip/pretest.dat3
-rw-r--r--testing/tests/ikev1/xauth-id-psk-config/pretest.dat3
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-aggressive/pretest.dat3
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-config/pretest.dat3
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-hybrid/pretest.dat3
-rw-r--r--testing/tests/ikev1/xauth-psk/pretest.dat3
-rw-r--r--testing/tests/ikev1/xauth-rsa-eap-md5-radius/pretest.dat3
-rw-r--r--testing/tests/ikev1/xauth-rsa-radius/pretest.dat3
-rw-r--r--testing/tests/ikev1/xauth-rsa/pretest.dat3
69 files changed, 117 insertions, 106 deletions
diff --git a/testing/tests/ikev1/alg-3des-md5/pretest.dat b/testing/tests/ikev1/alg-3des-md5/pretest.dat
index 4fc25772b..de4acbbf0 100644
--- a/testing/tests/ikev1/alg-3des-md5/pretest.dat
+++ b/testing/tests/ikev1/alg-3des-md5/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/alg-blowfish/pretest.dat b/testing/tests/ikev1/alg-blowfish/pretest.dat
index 8bbea1412..f1a4b964c 100644
--- a/testing/tests/ikev1/alg-blowfish/pretest.dat
+++ b/testing/tests/ikev1/alg-blowfish/pretest.dat
@@ -4,6 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
dave::ipsec start
-carol::sleep 1
+carol::expect-connection home
+dave::expect-connection home
carol::ipsec up home
dave::ipsec up home
diff --git a/testing/tests/ikev1/alg-modp-subgroup/pretest.dat b/testing/tests/ikev1/alg-modp-subgroup/pretest.dat
index 8bbea1412..f1a4b964c 100644
--- a/testing/tests/ikev1/alg-modp-subgroup/pretest.dat
+++ b/testing/tests/ikev1/alg-modp-subgroup/pretest.dat
@@ -4,6 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
dave::ipsec start
-carol::sleep 1
+carol::expect-connection home
+dave::expect-connection home
carol::ipsec up home
dave::ipsec up home
diff --git a/testing/tests/ikev1/alg-sha256/pretest.dat b/testing/tests/ikev1/alg-sha256/pretest.dat
index 4fc25772b..de4acbbf0 100644
--- a/testing/tests/ikev1/alg-sha256/pretest.dat
+++ b/testing/tests/ikev1/alg-sha256/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/alg-sha384/pretest.dat b/testing/tests/ikev1/alg-sha384/pretest.dat
index 4fc25772b..de4acbbf0 100644
--- a/testing/tests/ikev1/alg-sha384/pretest.dat
+++ b/testing/tests/ikev1/alg-sha384/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/alg-sha512/pretest.dat b/testing/tests/ikev1/alg-sha512/pretest.dat
index 4fc25772b..de4acbbf0 100644
--- a/testing/tests/ikev1/alg-sha512/pretest.dat
+++ b/testing/tests/ikev1/alg-sha512/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/compress/pretest.dat b/testing/tests/ikev1/compress/pretest.dat
index f5aa989fe..8230de058 100644
--- a/testing/tests/ikev1/compress/pretest.dat
+++ b/testing/tests/ikev1/compress/pretest.dat
@@ -1,4 +1,4 @@
carol::ipsec start
moon::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/config-payload-push/pretest.dat b/testing/tests/ikev1/config-payload-push/pretest.dat
index 3864bdac3..c0ec6a7a4 100644
--- a/testing/tests/ikev1/config-payload-push/pretest.dat
+++ b/testing/tests/ikev1/config-payload-push/pretest.dat
@@ -4,7 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
carol::ipsec start
dave::ipsec start
moon::ipsec start
-carol::sleep 2
+carol::expect-connection home
+dave::expect-connection home
carol::ipsec up home
dave::ipsec up home
-carol::sleep 1
diff --git a/testing/tests/ikev1/config-payload/pretest.dat b/testing/tests/ikev1/config-payload/pretest.dat
index 3864bdac3..c0ec6a7a4 100644
--- a/testing/tests/ikev1/config-payload/pretest.dat
+++ b/testing/tests/ikev1/config-payload/pretest.dat
@@ -4,7 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
carol::ipsec start
dave::ipsec start
moon::ipsec start
-carol::sleep 2
+carol::expect-connection home
+dave::expect-connection home
carol::ipsec up home
dave::ipsec up home
-carol::sleep 1
diff --git a/testing/tests/ikev1/double-nat-net/pretest.dat b/testing/tests/ikev1/double-nat-net/pretest.dat
index 17a4fe5eb..d300a276f 100644
--- a/testing/tests/ikev1/double-nat-net/pretest.dat
+++ b/testing/tests/ikev1/double-nat-net/pretest.dat
@@ -7,6 +7,5 @@ sun::iptables -t nat -A PREROUTING -i eth0 -s PH_IP_MOON -p udp -j DNAT --to-des
sun::ip route add 10.1.0.0/16 via PH_IP_BOB
alice::ipsec start
bob::ipsec start
-alice::sleep 2
+alice::expect-connection nat-t
alice::ipsec up nat-t
-alice::sleep 1
diff --git a/testing/tests/ikev1/double-nat/pretest.dat b/testing/tests/ikev1/double-nat/pretest.dat
index 65f18b756..6a861d29f 100644
--- a/testing/tests/ikev1/double-nat/pretest.dat
+++ b/testing/tests/ikev1/double-nat/pretest.dat
@@ -6,6 +6,5 @@ sun::iptables -t nat -A POSTROUTING -o eth0 -s 10.2.0.0/16 -p tcp -j SNAT --to-s
sun::iptables -t nat -A PREROUTING -i eth0 -s PH_IP_MOON -p udp -j DNAT --to-destination PH_IP_BOB
alice::ipsec start
bob::ipsec start
-alice::sleep 2
+alice::expect-connection nat-t
alice::ipsec up nat-t
-alice::sleep 1
diff --git a/testing/tests/ikev1/dpd-clear/description.txt b/testing/tests/ikev1/dpd-clear/description.txt
index 7f62dc576..0fb2f1064 100644
--- a/testing/tests/ikev1/dpd-clear/description.txt
+++ b/testing/tests/ikev1/dpd-clear/description.txt
@@ -1,5 +1,5 @@
The roadwarrior <b>carol</b> sets up an IPsec tunnel connection to the gateway <b>moon</b>
which in turn activates <b>Dead Peer Detection</b> (DPD) with a polling interval of 10 s.
When the network connectivity between <b>carol</b> and <b>moon</b> is forcefully disrupted,
-<b>moon</b> clears the connection after 4 unsuccessful retransmits.
+<b>moon</b> clears the connection after a number of unsuccessful retransmits.
diff --git a/testing/tests/ikev1/dpd-clear/evaltest.dat b/testing/tests/ikev1/dpd-clear/evaltest.dat
index f6f18212c..8d4fa03a8 100644
--- a/testing/tests/ikev1/dpd-clear/evaltest.dat
+++ b/testing/tests/ikev1/dpd-clear/evaltest.dat
@@ -1,7 +1,7 @@
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
moon:: ipsec status 2> /dev/null::rw.*INSTALLED, TUNNEL::YES
carol::iptables -A INPUT -i eth0 -s PH_IP_MOON -j DROP::no output expected::NO
-moon:: sleep 60::no output expected::NO
+moon:: sleep 16::no output expected::NO
moon:: cat /var/log/daemon.log::sending DPD request::YES
-moon::cat /var/log/daemon.log::DPD check timed out, enforcing DPD action::YES
+moon:: cat /var/log/daemon.log::DPD check timed out, enforcing DPD action::YES
moon:: ipsec status 2> /dev/null::rw.*INSTALLED::NO
diff --git a/testing/tests/ikev1/dpd-clear/hosts/moon/etc/ipsec.conf b/testing/tests/ikev1/dpd-clear/hosts/moon/etc/ipsec.conf
index 83f2849a4..9219e7028 100644
--- a/testing/tests/ikev1/dpd-clear/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/dpd-clear/hosts/moon/etc/ipsec.conf
@@ -9,8 +9,8 @@ conn %default
keyingtries=1
keyexchange=ikev1
dpdaction=clear
- dpddelay=10
- dpdtimeout=45
+ dpddelay=5
+ dpdtimeout=15
conn rw
left=PH_IP_MOON
diff --git a/testing/tests/ikev1/dpd-clear/pretest.dat b/testing/tests/ikev1/dpd-clear/pretest.dat
index 14ed95322..3a1982f8a 100644
--- a/testing/tests/ikev1/dpd-clear/pretest.dat
+++ b/testing/tests/ikev1/dpd-clear/pretest.dat
@@ -1,4 +1,4 @@
moon::ipsec start
carol::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/dpd-restart/description.txt b/testing/tests/ikev1/dpd-restart/description.txt
index 410d3d636..6f4af9439 100644
--- a/testing/tests/ikev1/dpd-restart/description.txt
+++ b/testing/tests/ikev1/dpd-restart/description.txt
@@ -1,7 +1,7 @@
The roadwarrior <b>carol</b> sets up an IPsec tunnel connection to the gateway
<b>moon</b>. Both end points activate <b>Dead Peer Detection</b> (DPD) with a
-polling interval of 10 s. When the network connectivity between <b>carol</b>
-and <b>moon</b> is forcefully disrupted for a duration of 100 s, <b>moon</b>
-clears the connection after 4 unsuccessful retransmits whereas <b>carol</b>
+polling interval of 10s. When the network connectivity between <b>carol</b>
+and <b>moon</b> is forcefully disrupted for a duration of 100s, <b>moon</b>
+clears the connection after a number of unsuccessful retransmits whereas <b>carol</b>
also takes down the connection but immediately tries to reconnect which succeeds
as soon as the connection becomes available again.
diff --git a/testing/tests/ikev1/dpd-restart/evaltest.dat b/testing/tests/ikev1/dpd-restart/evaltest.dat
index 6a749b826..a685ce166 100644
--- a/testing/tests/ikev1/dpd-restart/evaltest.dat
+++ b/testing/tests/ikev1/dpd-restart/evaltest.dat
@@ -2,12 +2,12 @@ carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
moon:: ipsec status 2> /dev/null::rw.*INSTALLED, TUNNEL::YES
moon:: iptables -A INPUT -i eth0 -s PH_IP_CAROL -j DROP::no output expected::NO
carol::iptables -A INPUT -i eth0 -s PH_IP_MOON -j DROP::no output expected::NO
-carol::sleep 60::no output expected::NO
+carol::sleep 16::no output expected::NO
carol::cat /var/log/daemon.log::sending DPD request::YES
carol::cat /var/log/daemon.log::DPD check timed out, enforcing DPD action::YES
carol::cat /var/log/daemon.log::restarting CHILD_SA home::YES
carol::iptables -D INPUT -i eth0 -s PH_IP_MOON -j DROP::no output expected::NO
moon:: iptables -D INPUT -i eth0 -s PH_IP_CAROL -j DROP::no output expected::NO
-carol::sleep 10::no output expected::NO
+carol::sleep 2::no output expected::NO
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
moon:: ipsec status 2> /dev/null::rw.*INSTALLED, TUNNEL::YES
diff --git a/testing/tests/ikev1/dpd-restart/hosts/carol/etc/ipsec.conf b/testing/tests/ikev1/dpd-restart/hosts/carol/etc/ipsec.conf
index d3c105c31..4e142d699 100644
--- a/testing/tests/ikev1/dpd-restart/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/dpd-restart/hosts/carol/etc/ipsec.conf
@@ -9,8 +9,8 @@ conn %default
keyingtries=1
keyexchange=ikev1
dpdaction=restart
- dpddelay=10
- dpdtimeout=45
+ dpddelay=5
+ dpdtimeout=15
conn home
left=PH_IP_CAROL
diff --git a/testing/tests/ikev1/dpd-restart/pretest.dat b/testing/tests/ikev1/dpd-restart/pretest.dat
index 14ed95322..3a1982f8a 100644
--- a/testing/tests/ikev1/dpd-restart/pretest.dat
+++ b/testing/tests/ikev1/dpd-restart/pretest.dat
@@ -1,4 +1,4 @@
moon::ipsec start
carol::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/dynamic-initiator/posttest.dat b/testing/tests/ikev1/dynamic-initiator/posttest.dat
index 32ac12ddc..6898bd567 100644
--- a/testing/tests/ikev1/dynamic-initiator/posttest.dat
+++ b/testing/tests/ikev1/dynamic-initiator/posttest.dat
@@ -1,6 +1,5 @@
dave::ipsec stop
carol::ipsec stop
-dave::sleep 1
moon::ipsec stop
carol::iptables-restore < /etc/iptables.flush
dave::rm /etc/ipsec.d/certs/*
diff --git a/testing/tests/ikev1/dynamic-initiator/pretest.dat b/testing/tests/ikev1/dynamic-initiator/pretest.dat
index 9aadb2a4c..7e6ad46df 100644
--- a/testing/tests/ikev1/dynamic-initiator/pretest.dat
+++ b/testing/tests/ikev1/dynamic-initiator/pretest.dat
@@ -2,10 +2,9 @@ carol::iptables-restore < /etc/iptables.rules
carol::ipsec start
dave::ipsec start
moon::ipsec start
-carol::sleep 2
+carol::expect-connection moon
carol::ipsec up moon
-carol::sleep 1
carol::iptables -D INPUT -i eth0 -p udp --dport 500 --sport 500 -j ACCEPT
carol::iptables -D OUTPUT -o eth0 -p udp --dport 500 --sport 500 -j ACCEPT
+dave::expect-connection moon
dave::ipsec up moon
-dave::sleep 2
diff --git a/testing/tests/ikev1/dynamic-responder/posttest.dat b/testing/tests/ikev1/dynamic-responder/posttest.dat
index 32ac12ddc..6898bd567 100644
--- a/testing/tests/ikev1/dynamic-responder/posttest.dat
+++ b/testing/tests/ikev1/dynamic-responder/posttest.dat
@@ -1,6 +1,5 @@
dave::ipsec stop
carol::ipsec stop
-dave::sleep 1
moon::ipsec stop
carol::iptables-restore < /etc/iptables.flush
dave::rm /etc/ipsec.d/certs/*
diff --git a/testing/tests/ikev1/dynamic-responder/pretest.dat b/testing/tests/ikev1/dynamic-responder/pretest.dat
index 8dc744f9a..0c423aeec 100644
--- a/testing/tests/ikev1/dynamic-responder/pretest.dat
+++ b/testing/tests/ikev1/dynamic-responder/pretest.dat
@@ -2,10 +2,11 @@ carol::iptables-restore < /etc/iptables.rules
carol::ipsec start
dave::ipsec start
moon::ipsec start
-moon::sleep 2
+moon::expect-connection carol
moon::ipsec up carol
-moon::sleep 1
+moon::sleep 0.5
carol::iptables -D INPUT -i eth0 -p udp --dport 500 --sport 500 -j ACCEPT
carol::iptables -D OUTPUT -o eth0 -p udp --dport 500 --sport 500 -j ACCEPT
+dave::expect-connection moon
dave::ipsec up moon
-dave::sleep 2
+moon::sleep 0.5
diff --git a/testing/tests/ikev1/dynamic-two-peers/posttest.dat b/testing/tests/ikev1/dynamic-two-peers/posttest.dat
index 7b2609846..119c8e45a 100644
--- a/testing/tests/ikev1/dynamic-two-peers/posttest.dat
+++ b/testing/tests/ikev1/dynamic-two-peers/posttest.dat
@@ -1,6 +1,5 @@
carol::ipsec stop
dave::ipsec stop
-moon::sleep 1
moon::ipsec stop
moon::mv /etc/hosts.ori /etc/hosts
moon::iptables-restore < /etc/iptables.flush
diff --git a/testing/tests/ikev1/dynamic-two-peers/pretest.dat b/testing/tests/ikev1/dynamic-two-peers/pretest.dat
index 4bb2a4686..c19b38fcd 100644
--- a/testing/tests/ikev1/dynamic-two-peers/pretest.dat
+++ b/testing/tests/ikev1/dynamic-two-peers/pretest.dat
@@ -6,7 +6,7 @@ dave::iptables-restore < /etc/iptables.rules
carol::ipsec start
dave::ipsec start
moon::ipsec start
-carol::sleep 2
+carol::expect-connection moon
+dave::expect-connection moon
carol::ipsec up moon
dave::ipsec up moon
-carol::sleep 1
diff --git a/testing/tests/ikev1/esp-alg-aes-ccm/pretest.dat b/testing/tests/ikev1/esp-alg-aes-ccm/pretest.dat
index 4fc25772b..de4acbbf0 100644
--- a/testing/tests/ikev1/esp-alg-aes-ccm/pretest.dat
+++ b/testing/tests/ikev1/esp-alg-aes-ccm/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/esp-alg-aes-ctr/pretest.dat b/testing/tests/ikev1/esp-alg-aes-ctr/pretest.dat
index 4fc25772b..de4acbbf0 100644
--- a/testing/tests/ikev1/esp-alg-aes-ctr/pretest.dat
+++ b/testing/tests/ikev1/esp-alg-aes-ctr/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/esp-alg-aes-gcm/pretest.dat b/testing/tests/ikev1/esp-alg-aes-gcm/pretest.dat
index 4fc25772b..de4acbbf0 100644
--- a/testing/tests/ikev1/esp-alg-aes-gcm/pretest.dat
+++ b/testing/tests/ikev1/esp-alg-aes-gcm/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/esp-alg-aes-gmac/pretest.dat b/testing/tests/ikev1/esp-alg-aes-gmac/pretest.dat
index 4fc25772b..de4acbbf0 100644
--- a/testing/tests/ikev1/esp-alg-aes-gmac/pretest.dat
+++ b/testing/tests/ikev1/esp-alg-aes-gmac/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/esp-alg-aes-xcbc/pretest.dat b/testing/tests/ikev1/esp-alg-aes-xcbc/pretest.dat
index f5aa989fe..8230de058 100644
--- a/testing/tests/ikev1/esp-alg-aes-xcbc/pretest.dat
+++ b/testing/tests/ikev1/esp-alg-aes-xcbc/pretest.dat
@@ -1,4 +1,4 @@
carol::ipsec start
moon::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/esp-alg-null/pretest.dat b/testing/tests/ikev1/esp-alg-null/pretest.dat
index 886fdf55c..de4acbbf0 100644
--- a/testing/tests/ikev1/esp-alg-null/pretest.dat
+++ b/testing/tests/ikev1/esp-alg-null/pretest.dat
@@ -2,6 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
-carol::sleep 1
diff --git a/testing/tests/ikev1/host2host-ah/pretest.dat b/testing/tests/ikev1/host2host-ah/pretest.dat
index 99789b90f..997a48167 100644
--- a/testing/tests/ikev1/host2host-ah/pretest.dat
+++ b/testing/tests/ikev1/host2host-ah/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
moon::ipsec start
sun::ipsec start
-moon::sleep 2
+moon::expect-connection host-host
moon::ipsec up host-host
diff --git a/testing/tests/ikev1/host2host-cert/pretest.dat b/testing/tests/ikev1/host2host-cert/pretest.dat
index 3bce9f6e5..997a48167 100644
--- a/testing/tests/ikev1/host2host-cert/pretest.dat
+++ b/testing/tests/ikev1/host2host-cert/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
moon::ipsec start
sun::ipsec start
-moon::sleep 1
+moon::expect-connection host-host
moon::ipsec up host-host
diff --git a/testing/tests/ikev1/host2host-transport/pretest.dat b/testing/tests/ikev1/host2host-transport/pretest.dat
index 99789b90f..997a48167 100644
--- a/testing/tests/ikev1/host2host-transport/pretest.dat
+++ b/testing/tests/ikev1/host2host-transport/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
moon::ipsec start
sun::ipsec start
-moon::sleep 2
+moon::expect-connection host-host
moon::ipsec up host-host
diff --git a/testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf
index a4542db77..6c22fd548 100644
--- a/testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf
@@ -7,7 +7,7 @@ charon {
libhydra {
plugins {
attr-sql {
- database = sqlite:///etc/ipsec.d/ipsec.db
+ database = sqlite:///etc/db.d/ipsec.db
}
}
}
diff --git a/testing/tests/ikev1/ip-pool-db/posttest.dat b/testing/tests/ikev1/ip-pool-db/posttest.dat
index c99f347e3..37436a3d9 100644
--- a/testing/tests/ikev1/ip-pool-db/posttest.dat
+++ b/testing/tests/ikev1/ip-pool-db/posttest.dat
@@ -7,4 +7,3 @@ dave::iptables-restore < /etc/iptables.flush
moon::ipsec pool --del bigpool 2> /dev/null
moon::ipsec pool --del dns 2> /dev/null
moon::ipsec pool --del nbns 2> /dev/null
-moon::rm /etc/ipsec.d/ipsec.*
diff --git a/testing/tests/ikev1/ip-pool-db/pretest.dat b/testing/tests/ikev1/ip-pool-db/pretest.dat
index 2327eb983..337ccb297 100644
--- a/testing/tests/ikev1/ip-pool-db/pretest.dat
+++ b/testing/tests/ikev1/ip-pool-db/pretest.dat
@@ -1,5 +1,5 @@
-moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/ipsec.d/ipsec.sql
-moon::cat /etc/ipsec.d/ipsec.sql | sqlite3 /etc/ipsec.d/ipsec.db
+moon::cat /usr/local/share/strongswan/templates/database/sql/sqlite.sql > /etc/db.d/ipsec.sql
+moon::cat /etc/db.d/ipsec.sql | sqlite3 /etc/db.d/ipsec.db
moon::ipsec pool --add bigpool --start 10.3.0.1 --end 10.3.3.232 --timeout 0 2> /dev/null
moon::ipsec pool --addattr dns --server PH_IP_WINNETOU 2> /dev/null
moon::ipsec pool --addattr dns --server PH_IP_VENUS 2> /dev/null
@@ -7,10 +7,10 @@ moon::ipsec pool --addattr nbns --server PH_IP_VENUS 2> /dev/null
moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
dave::iptables-restore < /etc/iptables.rules
+moon::ipsec start
carol::ipsec start
dave::ipsec start
-moon::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
-carol::sleep 1
diff --git a/testing/tests/ikev1/ip-pool-db/test.conf b/testing/tests/ikev1/ip-pool-db/test.conf
index 164b07ff9..31820ea1a 100644
--- a/testing/tests/ikev1/ip-pool-db/test.conf
+++ b/testing/tests/ikev1/ip-pool-db/test.conf
@@ -19,3 +19,7 @@ TCPDUMPHOSTS="moon alice"
# Used for IPsec logging purposes
#
IPSECHOSTS="moon carol dave"
+
+# Guest instances on which databases are used
+#
+DBHOSTS="moon"
diff --git a/testing/tests/ikev1/ip-pool/pretest.dat b/testing/tests/ikev1/ip-pool/pretest.dat
index 3864bdac3..2d09e88ce 100644
--- a/testing/tests/ikev1/ip-pool/pretest.dat
+++ b/testing/tests/ikev1/ip-pool/pretest.dat
@@ -4,7 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
carol::ipsec start
dave::ipsec start
moon::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
-carol::sleep 1
diff --git a/testing/tests/ikev1/multi-level-ca-cr-init/pretest.dat b/testing/tests/ikev1/multi-level-ca-cr-init/pretest.dat
index 2eebc0f84..bee9bc792 100644
--- a/testing/tests/ikev1/multi-level-ca-cr-init/pretest.dat
+++ b/testing/tests/ikev1/multi-level-ca-cr-init/pretest.dat
@@ -1,6 +1,7 @@
carol::ipsec start
dave::ipsec start
moon::ipsec start
-moon::sleep 2
+moon::expect-connection alice
+moon::expect-connection venus
moon::ipsec up alice
moon::ipsec up venus
diff --git a/testing/tests/ikev1/multi-level-ca-cr-resp/pretest.dat b/testing/tests/ikev1/multi-level-ca-cr-resp/pretest.dat
index 86dd31e83..be0051e0b 100644
--- a/testing/tests/ikev1/multi-level-ca-cr-resp/pretest.dat
+++ b/testing/tests/ikev1/multi-level-ca-cr-resp/pretest.dat
@@ -1,6 +1,7 @@
carol::ipsec start
dave::ipsec start
moon::ipsec start
-carol::sleep 2
+carol::expect-connection alice
carol::ipsec up alice
+dave::expect-connection venus
dave::ipsec up venus
diff --git a/testing/tests/ikev1/multi-level-ca/pretest.dat b/testing/tests/ikev1/multi-level-ca/pretest.dat
index 755564cbc..2134d6bea 100644
--- a/testing/tests/ikev1/multi-level-ca/pretest.dat
+++ b/testing/tests/ikev1/multi-level-ca/pretest.dat
@@ -1,8 +1,11 @@
carol::ipsec start
dave::ipsec start
moon::ipsec start
-carol::sleep 2
+carol::expect-connection alice
+carol::expect-connection venus
carol::ipsec up alice
carol::ipsec up venus
+dave::expect-connection alice
+dave::expect-connection venus
dave::ipsec up venus
dave::ipsec up alice
diff --git a/testing/tests/ikev1/nat-rw/pretest.dat b/testing/tests/ikev1/nat-rw/pretest.dat
index d701a1d61..e3d9fc858 100644
--- a/testing/tests/ikev1/nat-rw/pretest.dat
+++ b/testing/tests/ikev1/nat-rw/pretest.dat
@@ -6,8 +6,7 @@ moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-
alice::ipsec start
venus::ipsec start
sun::ipsec start
-alice::sleep 2
+alice::expect-connection nat-t
alice::ipsec up nat-t
-venus::sleep 2
+venus::expect-connection nat-t
venus::ipsec up nat-t
-venus::sleep 2
diff --git a/testing/tests/ikev1/nat-virtual-ip/pretest.dat b/testing/tests/ikev1/nat-virtual-ip/pretest.dat
index 8945d87b9..1732d6efa 100644
--- a/testing/tests/ikev1/nat-virtual-ip/pretest.dat
+++ b/testing/tests/ikev1/nat-virtual-ip/pretest.dat
@@ -2,6 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
moon::ipsec start
sun::ipsec start
-moon::sleep 1
+moon::expect-connection net-net
moon::ipsec up net-net
-moon::sleep 1
diff --git a/testing/tests/ikev1/net2net-ah/pretest.dat b/testing/tests/ikev1/net2net-ah/pretest.dat
index 81a98fa41..25e393c8e 100644
--- a/testing/tests/ikev1/net2net-ah/pretest.dat
+++ b/testing/tests/ikev1/net2net-ah/pretest.dat
@@ -1,6 +1,6 @@
moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
-moon::ipsec start
sun::ipsec start
-moon::sleep 1
+moon::ipsec start
+moon::expect-connection net-net
moon::ipsec up net-net
diff --git a/testing/tests/ikev1/net2net-cert/pretest.dat b/testing/tests/ikev1/net2net-cert/pretest.dat
index c724e5df8..25e393c8e 100644
--- a/testing/tests/ikev1/net2net-cert/pretest.dat
+++ b/testing/tests/ikev1/net2net-cert/pretest.dat
@@ -1,6 +1,6 @@
moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
-moon::ipsec start
sun::ipsec start
-moon::sleep 1
+moon::ipsec start
+moon::expect-connection net-net
moon::ipsec up net-net
diff --git a/testing/tests/ikev1/net2net-fragmentation/pretest.dat b/testing/tests/ikev1/net2net-fragmentation/pretest.dat
index c724e5df8..25e393c8e 100644
--- a/testing/tests/ikev1/net2net-fragmentation/pretest.dat
+++ b/testing/tests/ikev1/net2net-fragmentation/pretest.dat
@@ -1,6 +1,6 @@
moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
-moon::ipsec start
sun::ipsec start
-moon::sleep 1
+moon::ipsec start
+moon::expect-connection net-net
moon::ipsec up net-net
diff --git a/testing/tests/ikev1/net2net-ntru-cert/pretest.dat b/testing/tests/ikev1/net2net-ntru-cert/pretest.dat
index c724e5df8..1732d6efa 100644
--- a/testing/tests/ikev1/net2net-ntru-cert/pretest.dat
+++ b/testing/tests/ikev1/net2net-ntru-cert/pretest.dat
@@ -2,5 +2,5 @@ moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
moon::ipsec start
sun::ipsec start
-moon::sleep 1
+moon::expect-connection net-net
moon::ipsec up net-net
diff --git a/testing/tests/ikev1/net2net-psk-fail/pretest.dat b/testing/tests/ikev1/net2net-psk-fail/pretest.dat
index 0f4ae0f4f..fe4223a44 100644
--- a/testing/tests/ikev1/net2net-psk-fail/pretest.dat
+++ b/testing/tests/ikev1/net2net-psk-fail/pretest.dat
@@ -2,7 +2,7 @@ moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
moon::rm /etc/ipsec.d/cacerts/*
sun::rm /etc/ipsec.d/cacerts/*
-moon::ipsec start
sun::ipsec start
-moon::sleep 2
+moon::ipsec start
+moon::expect-connection net-net
moon::ipsec up net-net
diff --git a/testing/tests/ikev1/net2net-psk/pretest.dat b/testing/tests/ikev1/net2net-psk/pretest.dat
index 0f4ae0f4f..fe4223a44 100644
--- a/testing/tests/ikev1/net2net-psk/pretest.dat
+++ b/testing/tests/ikev1/net2net-psk/pretest.dat
@@ -2,7 +2,7 @@ moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
moon::rm /etc/ipsec.d/cacerts/*
sun::rm /etc/ipsec.d/cacerts/*
-moon::ipsec start
sun::ipsec start
-moon::sleep 2
+moon::ipsec start
+moon::expect-connection net-net
moon::ipsec up net-net
diff --git a/testing/tests/ikev1/protoport-dual/pretest.dat b/testing/tests/ikev1/protoport-dual/pretest.dat
index efb2e5712..4759fdb7b 100644
--- a/testing/tests/ikev1/protoport-dual/pretest.dat
+++ b/testing/tests/ikev1/protoport-dual/pretest.dat
@@ -2,6 +2,7 @@ moon::iptables-restore < /etc/iptables.rules
carol::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
-carol::sleep 2
+carol::expect-connection home-icmp
+carol::expect-connection home-ssh
carol::ipsec up home-icmp
carol::ipsec up home-ssh
diff --git a/testing/tests/ikev1/rw-cert-aggressive/pretest.dat b/testing/tests/ikev1/rw-cert-aggressive/pretest.dat
index 8bbea1412..a55cf37b2 100644
--- a/testing/tests/ikev1/rw-cert-aggressive/pretest.dat
+++ b/testing/tests/ikev1/rw-cert-aggressive/pretest.dat
@@ -4,6 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
dave::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
diff --git a/testing/tests/ikev1/rw-cert-unity/pretest.dat b/testing/tests/ikev1/rw-cert-unity/pretest.dat
index 4fbe475bf..3a1982f8a 100644
--- a/testing/tests/ikev1/rw-cert-unity/pretest.dat
+++ b/testing/tests/ikev1/rw-cert-unity/pretest.dat
@@ -1,4 +1,4 @@
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/rw-cert/pretest.dat b/testing/tests/ikev1/rw-cert/pretest.dat
index 8bbea1412..e87a8ee47 100644
--- a/testing/tests/ikev1/rw-cert/pretest.dat
+++ b/testing/tests/ikev1/rw-cert/pretest.dat
@@ -4,6 +4,8 @@ dave::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
dave::ipsec start
-carol::sleep 1
+moon::expect-connection rw
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
diff --git a/testing/tests/ikev1/rw-initiator-only/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/rw-initiator-only/hosts/dave/etc/strongswan.conf
index 2b80853c6..094e0effa 100644
--- a/testing/tests/ikev1/rw-initiator-only/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/rw-initiator-only/hosts/dave/etc/strongswan.conf
@@ -2,8 +2,4 @@
charon {
load = test-vectors aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random nonce x509 curl revocation hmac xcbc cmac ctr ccm gcm stroke kernel-netlink socket-default updown
-
- retransmit_timeout = 2
- retransmit_base = 1.5
- retransmit_tries = 3
}
diff --git a/testing/tests/ikev1/rw-initiator-only/pretest.dat b/testing/tests/ikev1/rw-initiator-only/pretest.dat
index fc7173430..5a972079b 100644
--- a/testing/tests/ikev1/rw-initiator-only/pretest.dat
+++ b/testing/tests/ikev1/rw-initiator-only/pretest.dat
@@ -4,6 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
dave::ipsec start
-carol::sleep 1
+dave::expect-connection peer
dave::ipsec up peer
+carol::expect-connection home
carol::ipsec up home
diff --git a/testing/tests/ikev1/rw-ntru-psk/pretest.dat b/testing/tests/ikev1/rw-ntru-psk/pretest.dat
index 40eaede87..e827687f8 100644
--- a/testing/tests/ikev1/rw-ntru-psk/pretest.dat
+++ b/testing/tests/ikev1/rw-ntru-psk/pretest.dat
@@ -7,7 +7,7 @@ dave::rm /etc/ipsec.d/cacerts/*
carol::ipsec start
dave::ipsec start
moon::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
-carol::sleep 1
diff --git a/testing/tests/ikev1/rw-psk-aggressive/pretest.dat b/testing/tests/ikev1/rw-psk-aggressive/pretest.dat
index 44f41f995..ab5e18da2 100644
--- a/testing/tests/ikev1/rw-psk-aggressive/pretest.dat
+++ b/testing/tests/ikev1/rw-psk-aggressive/pretest.dat
@@ -4,9 +4,10 @@ dave::iptables-restore < /etc/iptables.rules
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
+moon::ipsec start
carol::ipsec start
dave::ipsec start
-moon::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
diff --git a/testing/tests/ikev1/rw-psk-fqdn/pretest.dat b/testing/tests/ikev1/rw-psk-fqdn/pretest.dat
index 44f41f995..ab5e18da2 100644
--- a/testing/tests/ikev1/rw-psk-fqdn/pretest.dat
+++ b/testing/tests/ikev1/rw-psk-fqdn/pretest.dat
@@ -4,9 +4,10 @@ dave::iptables-restore < /etc/iptables.rules
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
+moon::ipsec start
carol::ipsec start
dave::ipsec start
-moon::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
diff --git a/testing/tests/ikev1/rw-psk-ipv4/pretest.dat b/testing/tests/ikev1/rw-psk-ipv4/pretest.dat
index 44f41f995..ab5e18da2 100644
--- a/testing/tests/ikev1/rw-psk-ipv4/pretest.dat
+++ b/testing/tests/ikev1/rw-psk-ipv4/pretest.dat
@@ -4,9 +4,10 @@ dave::iptables-restore < /etc/iptables.rules
moon::rm /etc/ipsec.d/cacerts/*
carol::rm /etc/ipsec.d/cacerts/*
dave::rm /etc/ipsec.d/cacerts/*
+moon::ipsec start
carol::ipsec start
dave::ipsec start
-moon::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
diff --git a/testing/tests/ikev1/virtual-ip/pretest.dat b/testing/tests/ikev1/virtual-ip/pretest.dat
index 1765a83cd..2d09e88ce 100644
--- a/testing/tests/ikev1/virtual-ip/pretest.dat
+++ b/testing/tests/ikev1/virtual-ip/pretest.dat
@@ -4,6 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
carol::ipsec start
dave::ipsec start
moon::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
diff --git a/testing/tests/ikev1/xauth-id-psk-config/pretest.dat b/testing/tests/ikev1/xauth-id-psk-config/pretest.dat
index 88a91ae86..ab5e18da2 100644
--- a/testing/tests/ikev1/xauth-id-psk-config/pretest.dat
+++ b/testing/tests/ikev1/xauth-id-psk-config/pretest.dat
@@ -7,6 +7,7 @@ dave::rm /etc/ipsec.d/cacerts/*
moon::ipsec start
carol::ipsec start
dave::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
diff --git a/testing/tests/ikev1/xauth-id-rsa-aggressive/pretest.dat b/testing/tests/ikev1/xauth-id-rsa-aggressive/pretest.dat
index e5a06d44c..a55cf37b2 100644
--- a/testing/tests/ikev1/xauth-id-rsa-aggressive/pretest.dat
+++ b/testing/tests/ikev1/xauth-id-rsa-aggressive/pretest.dat
@@ -4,6 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
dave::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
diff --git a/testing/tests/ikev1/xauth-id-rsa-config/pretest.dat b/testing/tests/ikev1/xauth-id-rsa-config/pretest.dat
index e5a06d44c..a55cf37b2 100644
--- a/testing/tests/ikev1/xauth-id-rsa-config/pretest.dat
+++ b/testing/tests/ikev1/xauth-id-rsa-config/pretest.dat
@@ -4,6 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
dave::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
diff --git a/testing/tests/ikev1/xauth-id-rsa-hybrid/pretest.dat b/testing/tests/ikev1/xauth-id-rsa-hybrid/pretest.dat
index e5a06d44c..a55cf37b2 100644
--- a/testing/tests/ikev1/xauth-id-rsa-hybrid/pretest.dat
+++ b/testing/tests/ikev1/xauth-id-rsa-hybrid/pretest.dat
@@ -4,6 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
dave::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
diff --git a/testing/tests/ikev1/xauth-psk/pretest.dat b/testing/tests/ikev1/xauth-psk/pretest.dat
index 88a91ae86..ab5e18da2 100644
--- a/testing/tests/ikev1/xauth-psk/pretest.dat
+++ b/testing/tests/ikev1/xauth-psk/pretest.dat
@@ -7,6 +7,7 @@ dave::rm /etc/ipsec.d/cacerts/*
moon::ipsec start
carol::ipsec start
dave::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home
diff --git a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/pretest.dat b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/pretest.dat
index 9adc43d3e..c65fbda83 100644
--- a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/pretest.dat
+++ b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/pretest.dat
@@ -3,6 +3,5 @@ carol::iptables-restore < /etc/iptables.rules
alice::radiusd
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
-carol::sleep 1
diff --git a/testing/tests/ikev1/xauth-rsa-radius/pretest.dat b/testing/tests/ikev1/xauth-rsa-radius/pretest.dat
index 9adc43d3e..c65fbda83 100644
--- a/testing/tests/ikev1/xauth-rsa-radius/pretest.dat
+++ b/testing/tests/ikev1/xauth-rsa-radius/pretest.dat
@@ -3,6 +3,5 @@ carol::iptables-restore < /etc/iptables.rules
alice::radiusd
moon::ipsec start
carol::ipsec start
-carol::sleep 1
+carol::expect-connection home
carol::ipsec up home
-carol::sleep 1
diff --git a/testing/tests/ikev1/xauth-rsa/pretest.dat b/testing/tests/ikev1/xauth-rsa/pretest.dat
index e5a06d44c..a55cf37b2 100644
--- a/testing/tests/ikev1/xauth-rsa/pretest.dat
+++ b/testing/tests/ikev1/xauth-rsa/pretest.dat
@@ -4,6 +4,7 @@ dave::iptables-restore < /etc/iptables.rules
moon::ipsec start
carol::ipsec start
dave::ipsec start
-carol::sleep 2
+carol::expect-connection home
carol::ipsec up home
+dave::expect-connection home
dave::ipsec up home