diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2008-07-09 21:02:41 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2008-07-09 21:02:41 +0000 |
| commit | db67c87db3c9089ea8d2e14f617bf3d9e2af261f (patch) | |
| tree | 665c0caea83d34c11c1517c4c57137bb58cba6fb /testing/tests/ikev2/ocsp-no-signer-cert | |
| parent | 1c088a8b6237ec67f63c23f97a0f2dc4e99af869 (diff) | |
| download | vyos-strongswan-db67c87db3c9089ea8d2e14f617bf3d9e2af261f.tar.gz vyos-strongswan-db67c87db3c9089ea8d2e14f617bf3d9e2af261f.zip | |
[svn-upgrade] Integrating new upstream version, strongswan (4.2.4)
Diffstat (limited to 'testing/tests/ikev2/ocsp-no-signer-cert')
5 files changed, 16 insertions, 3 deletions
diff --git a/testing/tests/ikev2/ocsp-no-signer-cert/evaltest.dat b/testing/tests/ikev2/ocsp-no-signer-cert/evaltest.dat index f185536a6..939817d58 100644 --- a/testing/tests/ikev2/ocsp-no-signer-cert/evaltest.dat +++ b/testing/tests/ikev2/ocsp-no-signer-cert/evaltest.dat @@ -1,5 +1,6 @@ -moon::cat /var/log/daemon.log::received valid http response::YES -moon::cat /var/log/daemon.log::received certificate is no ocsp signer - rejected::YES -moon::cat /var/log/daemon.log::certificate status unknown::YES +moon::cat /var/log/daemon.log::requesting ocsp status from::YES +moon::cat /var/log/daemon.log::ocsp response verification failed::YES +moon::cat /var/log/daemon.log::certificate status is not available::YES +moon::cat /var/log/daemon.log::constraint check failed.*VALIDATION_FAILED.*VALIDATION_GOOD::YES moon::ipsec status::rw.*ESTABLISHED::NO carol::ipsec status::home.*ESTABLISHED::NO diff --git a/testing/tests/ikev2/ocsp-no-signer-cert/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/ocsp-no-signer-cert/hosts/carol/etc/strongswan.conf new file mode 100644 index 000000000..ca22de61f --- /dev/null +++ b/testing/tests/ikev2/ocsp-no-signer-cert/hosts/carol/etc/strongswan.conf @@ -0,0 +1,5 @@ +# /etc/strongswan.conf - strongSwan configuration file + +charon { + load = curl aes des sha1 sha2 md5 gmp random x509 pubkey hmac xcbc stroke +} diff --git a/testing/tests/ikev2/ocsp-no-signer-cert/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/ocsp-no-signer-cert/hosts/moon/etc/strongswan.conf new file mode 100644 index 000000000..ca22de61f --- /dev/null +++ b/testing/tests/ikev2/ocsp-no-signer-cert/hosts/moon/etc/strongswan.conf @@ -0,0 +1,5 @@ +# /etc/strongswan.conf - strongSwan configuration file + +charon { + load = curl aes des sha1 sha2 md5 gmp random x509 pubkey hmac xcbc stroke +} diff --git a/testing/tests/ikev2/ocsp-no-signer-cert/posttest.dat b/testing/tests/ikev2/ocsp-no-signer-cert/posttest.dat index c6d6235f9..1af117cf0 100644 --- a/testing/tests/ikev2/ocsp-no-signer-cert/posttest.dat +++ b/testing/tests/ikev2/ocsp-no-signer-cert/posttest.dat @@ -1,2 +1,3 @@ moon::ipsec stop carol::ipsec stop +moon::iptables -F diff --git a/testing/tests/ikev2/ocsp-no-signer-cert/pretest.dat b/testing/tests/ikev2/ocsp-no-signer-cert/pretest.dat index d92333d86..afb64c3ed 100644 --- a/testing/tests/ikev2/ocsp-no-signer-cert/pretest.dat +++ b/testing/tests/ikev2/ocsp-no-signer-cert/pretest.dat @@ -1,3 +1,4 @@ +moon::iptables -I OUTPUT -d PH_IP_WINNETOU -p tcp --dport 80 -j DROP moon::ipsec start carol::ipsec start carol::sleep 2 |