diff options
author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2007-04-12 20:41:31 +0000 |
---|---|---|
committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2007-04-12 20:41:31 +0000 |
commit | 774a362e87feab25f1be16fbca08269ddc7121a4 (patch) | |
tree | cf71f4e7466468ac3edc2127125f333224a9acfb /testing/tests/ikev2/ocsp-timeouts-good/hosts | |
parent | c54a140a445bfe7aa66721f68bb0781f26add91c (diff) | |
download | vyos-strongswan-774a362e87feab25f1be16fbca08269ddc7121a4.tar.gz vyos-strongswan-774a362e87feab25f1be16fbca08269ddc7121a4.zip |
Major new upstream release, just ran svn-upgrade for now (and wrote some
debian/changelong entries).
Diffstat (limited to 'testing/tests/ikev2/ocsp-timeouts-good/hosts')
6 files changed, 125 insertions, 0 deletions
diff --git a/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.conf new file mode 100755 index 000000000..b53de16e4 --- /dev/null +++ b/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.conf @@ -0,0 +1,28 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + crlcheckinterval=180 + strictcrlpolicy=yes + plutostart=no + +ca strongswan-ca + cacert=strongswanCert.pem + ocspuri2=http://bob.strongswan.org:8800 + auto=add + +conn %default + keyexchange=ikev2 + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + left=PH_IP_CAROL + leftnexthop=%direct + leftcert=carolCert-ocsp.pem + leftid=carol@strongswan.org + +conn home + right=PH_IP_MOON + rightsubnet=10.1.0.0/16 + rightid=@moon.strongswan.org + auto=add diff --git a/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.d/certs/carolCert-ocsp.pem b/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.d/certs/carolCert-ocsp.pem new file mode 100644 index 000000000..aeca7e1db --- /dev/null +++ b/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.d/certs/carolCert-ocsp.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEWzCCA0OgAwIBAgIBEzANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJDSDEZ +MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS +b290IENBMB4XDTA3MDIyNTA3NTg1N1oXDTEyMDIyNDA3NTg1N1owVjELMAkGA1UE +BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xDTALBgNVBAsTBE9DU1Ax +HTAbBgNVBAMUFGNhcm9sQHN0cm9uZ3N3YW4ub3JnMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAyO4WxrPomcQSspX+ZnPit3t+tzYE/wi1E8rH3h5aO3e5 +vVZX3YxNvBqge2RPB3oQHrWwWT8vKmqzZNjJUx4bRIqd1JdTRI7L0f6XJHjnrRv8 +G7M2uHe+JbHQKPRT7IefJ4PZ1FEA8SCwKfWs5vk1/w/cabM6DVzzjtWTV9DXKD6J +5rRlvXtJDbhAvI2w8pCC1Gt6H8qjVSb7ItJ+SD3BlW3tq3nBsYFJRL24TyQg+Kdt +kkCRQYirog29q+J59SErjolse59dte+MhNTv+SnVFgpQE9IGEo6yaKMAWLSTv0If +pPr/QaEV9rcsYFmR3RtHc+QaaP0hvDAPMaKdhQMIUwIDAQABo4IBQzCCAT8wCQYD +VR0TBAIwADALBgNVHQ8EBAMCA6gwHQYDVR0OBBYEFDRTWKccFIi95BslK3U92mIQ +2rWGMG0GA1UdIwRmMGSAFF2n3XAGUTJ+57Zts7Xl4GDqLk3voUmkRzBFMQswCQYD +VQQGEwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ry +b25nU3dhbiBSb290IENBggEAMB8GA1UdEQQYMBaBFGNhcm9sQHN0cm9uZ3N3YW4u +b3JnMDsGCCsGAQUFBwEBBC8wLTArBggrBgEFBQcwAYYfaHR0cDovL29jc3Auc3Ry +b25nc3dhbi5vcmc6ODg4MDA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0 +cm9uZ3N3YW4ub3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQAc +1bBYLYcc+js3UsHVk7W17Nr/qoNFzQZJ5Er3RjhNAgzAX1wOTrNgKXztwZde1Alj +o05ZLXUFkB4coQwl7xo7I3EMJPUmSdHoyYyG7c7AgfcL/wwnzz4rWQl74WIZjySc +ON0Ny9vrzbVboktYof/9Yp/+HgeKopfsaIiuNCAwmAWxiYqvDmlxxn16oOXeJFV8 +pFzZMirQ5l7QRD9iuabOdcnBp8ASH+5AbD4KjFQjo5RBVg92LwOkJo3Pf1twI57s +pObrcM4JbHVohDornYQYfr9ymkMxJbqqkEgD8oIip0NFSbziam4ZkwgUlRIMUMU1 +/xsH+BXYZtKJbYjlnyc8 +-----END CERTIFICATE----- diff --git a/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.d/private/carolKey-ocsp.pem b/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.d/private/carolKey-ocsp.pem new file mode 100644 index 000000000..603f071d0 --- /dev/null +++ b/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.d/private/carolKey-ocsp.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEAyO4WxrPomcQSspX+ZnPit3t+tzYE/wi1E8rH3h5aO3e5vVZX +3YxNvBqge2RPB3oQHrWwWT8vKmqzZNjJUx4bRIqd1JdTRI7L0f6XJHjnrRv8G7M2 +uHe+JbHQKPRT7IefJ4PZ1FEA8SCwKfWs5vk1/w/cabM6DVzzjtWTV9DXKD6J5rRl +vXtJDbhAvI2w8pCC1Gt6H8qjVSb7ItJ+SD3BlW3tq3nBsYFJRL24TyQg+KdtkkCR +QYirog29q+J59SErjolse59dte+MhNTv+SnVFgpQE9IGEo6yaKMAWLSTv0IfpPr/ +QaEV9rcsYFmR3RtHc+QaaP0hvDAPMaKdhQMIUwIDAQABAoIBAFTGd5+gmpv96TGm +LW8Gp/poRX+BcDw2bUgLf6aMwd9jVV+4RVw5bTbXOSy2ls19x71dRSlyijDoUgZT +nSXPhwu1PIBM1JoRcZeJRjXiOUWFkCoTxBuykeyPiFcvNxWN5y2h6M822iHie9FI +UYomTYzvIT0LnIu00yJJpGAhwhW9BcL+Mo9lfWmhv4I1hXC9RTqZZ4rjPojDeFvL +maZNCk3kX2pxIJ1kG41/PJjg3JD2uEVrvV7SRuOknM+7f3SDtY60/Wnqx8dfBtjJ +hEdIxG+XXEOafdqwEPmmM++6V76uD8Rs1eFrrI4rfK6/H2PjppJCYtQeryug0q+0 +UN2u00kCgYEA5qJOcDSzb7CQAi58yYicYc3ShEbaL75V7G5rlnFg4/G1axU19hXQ +wEPDf87So9hnVroCMewjyDiNgI/OyYK2cv1TABUGAEFAHPzj99jtBT0/R0kX+Jd2 +kPwCU4/T2cHrezwNobrJf010JAvwc52b+U3lWtHxBWeq5KALUVT+BhcCgYEA3wdx +OwVxTf+OBOBcxPPGUcfsKbf9uVTcXFLNRSBbjzRIOR/bIVgUQaBXem2fJJTm1mWN +Yl/U14G5orv9693GKgE5IDAMMrDF7mOsX808o3pcXM04MTAyGmQEDDEO8tgmWzWo +nrYzxe9uBR1tej9IsiEPlD9ZLtWix9C2uV7EcSUCgYBKOrDuMjgSWYxv91BYeOyE +Gf+IbVlqBmOXPg7Ik+MwWioetevxMSJHz0eLyiBHda4E3sc4FB2MIo+AckiG2Ngp ++FiPbTTKPjYJXmds7NeUWRsVsXPSocUactG43VC9BEnrFu/4Pqr9mwsnUuRoAbEi +syx/Z5SgPbZl8RDTc3xyrwKBgBFpB1HQLvQjyvZefV9ymDyyGqF3F3tsQHeEjzmi +OQOI1UqATh7gPVSSK8IG5LF6XjrGWq8fRAI+wjsN6diLy3hj+A2nMoySeCEP7tjb +sKwiVSt5abWNSZv9ysMY4U3bycK9AZjCKHB/LFuB3JX6crZVFl5AQ7oAO2DVzi3S +VAtxAoGALzFZH7o1ZvVJGa23dW7p96G5vgop6Ulp2DLz4Qg6NYIeatZhwX3lls2J +P7ZxmHiECC7zR67xwv5QKjKfg6t/sOKU/bsyp6c3hOWQjcFbWU3AwlO1TeVX9TMG +SmPYcKM+KQ969qKD3aP9MQ+t4FERvlQcBAr0Qun3quN2i3eDkDo= +-----END RSA PRIVATE KEY----- diff --git a/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.secrets b/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.secrets new file mode 100644 index 000000000..a89065443 --- /dev/null +++ b/testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.secrets @@ -0,0 +1,3 @@ +# /etc/ipsec.secrets - strongSwan IPsec secrets file + +: RSA carolKey-ocsp.pem diff --git a/testing/tests/ikev2/ocsp-timeouts-good/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/ocsp-timeouts-good/hosts/moon/etc/ipsec.conf new file mode 100755 index 000000000..f3b19d292 --- /dev/null +++ b/testing/tests/ikev2/ocsp-timeouts-good/hosts/moon/etc/ipsec.conf @@ -0,0 +1,27 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + crlcheckinterval=180 + strictcrlpolicy=yes + plutostart=no + +ca strongswan-ca + cacert=strongswanCert.pem + ocspuri2=http://ocsp2.strongswan.org:8880 + auto=add + +conn %default + keyexchange=ikev2 + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + +conn rw + left=PH_IP_MOON + leftnexthop=%direct + leftcert=moonCert.pem + leftid=@moon.strongswan.org + leftsubnet=10.1.0.0/16 + right=%any + auto=add diff --git a/testing/tests/ikev2/ocsp-timeouts-good/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi b/testing/tests/ikev2/ocsp-timeouts-good/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi new file mode 100755 index 000000000..92aa920aa --- /dev/null +++ b/testing/tests/ikev2/ocsp-timeouts-good/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi @@ -0,0 +1,14 @@ +#!/bin/bash + +cd /etc/openssl + +echo "Content-type: application/ocsp-response" +echo "" + +# simulate a delayed response +sleep 5 + +/usr/bin/openssl ocsp -index index.txt -CA strongswanCert.pem \ + -rkey ocspKey.pem -rsigner ocspCert.pem \ + -nmin 5 \ + -reqin /dev/stdin -respout /dev/stdout |