summaryrefslogtreecommitdiff
path: root/testing/tests/ikev2
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@corsac.net>2017-11-21 10:22:31 +0100
committerYves-Alexis Perez <corsac@corsac.net>2017-11-21 10:22:31 +0100
commite1d78dc2faaa06e7c3f71ef674a71e4de2f0758e (patch)
treeae0c8b5f4cd8289d0797882ea18969f33ea59a1e /testing/tests/ikev2
parent11d6b62db969bdd808d0f56706cb18f113927a31 (diff)
downloadvyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.tar.gz
vyos-strongswan-e1d78dc2faaa06e7c3f71ef674a71e4de2f0758e.zip
New upstream version 5.6.1
Diffstat (limited to 'testing/tests/ikev2')
-rw-r--r--testing/tests/ikev2/alg-blowfish/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/alg-blowfish/hosts/carol/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/alg-blowfish/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/alg-blowfish/hosts/moon/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/nat-rw-mark/hosts/sun/etc/ipsec.conf5
-rw-r--r--testing/tests/ikev2/nat-rw-mark/hosts/sun/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/net2net-ah/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/net2net-ah/hosts/moon/etc/strongswan.conf6
-rw-r--r--testing/tests/ikev2/net2net-ah/hosts/sun/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/net2net-ah/hosts/sun/etc/strongswan.conf6
-rw-r--r--testing/tests/ikev2/net2net-esn/hosts/moon/etc/ipsec.conf5
-rw-r--r--testing/tests/ikev2/net2net-esn/hosts/moon/etc/strongswan.conf6
-rw-r--r--testing/tests/ikev2/net2net-esn/hosts/sun/etc/ipsec.conf7
-rw-r--r--testing/tests/ikev2/net2net-esn/hosts/sun/etc/strongswan.conf6
-rw-r--r--testing/tests/ikev2/net2net-ntru-bandwidth/hosts/moon/etc/ipsec.conf5
-rw-r--r--testing/tests/ikev2/net2net-ntru-bandwidth/hosts/moon/etc/strongswan.conf8
-rw-r--r--testing/tests/ikev2/net2net-ntru-bandwidth/hosts/sun/etc/ipsec.conf7
-rw-r--r--testing/tests/ikev2/net2net-ntru-bandwidth/hosts/sun/etc/strongswan.conf6
-rw-r--r--testing/tests/ikev2/net2net-ntru-cert/hosts/moon/etc/ipsec.conf5
-rw-r--r--testing/tests/ikev2/net2net-ntru-cert/hosts/moon/etc/strongswan.conf6
-rw-r--r--testing/tests/ikev2/net2net-ntru-cert/hosts/sun/etc/ipsec.conf7
-rw-r--r--testing/tests/ikev2/net2net-ntru-cert/hosts/sun/etc/strongswan.conf6
-rw-r--r--testing/tests/ikev2/net2net-psk-dscp/hosts/moon/etc/ipsec.conf5
-rw-r--r--testing/tests/ikev2/net2net-psk-dscp/hosts/moon/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/net2net-psk-dscp/hosts/sun/etc/ipsec.conf7
-rw-r--r--testing/tests/ikev2/net2net-psk-dscp/hosts/sun/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/net2net-rekey/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/net2net-rekey/hosts/moon/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/ipsec.conf5
-rw-r--r--testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/ipsec.conf7
-rw-r--r--testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/redirect-active/hosts/carol/etc/ipsec.conf2
-rw-r--r--testing/tests/ikev2/redirect-active/hosts/carol/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-tls-fragments/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-tls-fragments/hosts/carol/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-tls-fragments/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-tls-fragments/hosts/moon/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-tls-only/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-tls-only/hosts/carol/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-tls-only/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-tls-only/hosts/moon/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-only/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-only/hosts/moon/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/carol/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/dave/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/moon/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/rw-mark-in-out/hosts/sun/etc/ipsec.conf5
-rw-r--r--testing/tests/ikev2/rw-mark-in-out/hosts/sun/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/trap-any/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/trap-any/hosts/carol/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/trap-any/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/trap-any/hosts/dave/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/trap-any/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/trap-any/hosts/moon/etc/strongswan.conf5
-rw-r--r--testing/tests/ikev2/trap-any/hosts/sun/etc/ipsec.conf3
-rw-r--r--testing/tests/ikev2/trap-any/hosts/sun/etc/strongswan.conf5
70 files changed, 201 insertions, 122 deletions
diff --git a/testing/tests/ikev2/alg-blowfish/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/alg-blowfish/hosts/carol/etc/ipsec.conf
index 89674b2a1..7456a9d8a 100644
--- a/testing/tests/ikev2/alg-blowfish/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev2/alg-blowfish/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="cfg 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/alg-blowfish/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/alg-blowfish/hosts/carol/etc/strongswan.conf
index d69a7b808..99d3c61d9 100644
--- a/testing/tests/ikev2/alg-blowfish/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/alg-blowfish/hosts/carol/etc/strongswan.conf
@@ -2,4 +2,9 @@
charon {
load = random nonce aes blowfish md5 sha1 sha2 pem pkcs1 gmp curl x509 revocation hmac stroke kernel-netlink socket-default updown
+ syslog {
+ daemon {
+ cfg = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/alg-blowfish/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/alg-blowfish/hosts/moon/etc/ipsec.conf
index 82804a0fe..3c0578d4b 100644
--- a/testing/tests/ikev2/alg-blowfish/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/alg-blowfish/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="cfg 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/alg-blowfish/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/alg-blowfish/hosts/moon/etc/strongswan.conf
index a3c9999f7..99a0e8940 100644
--- a/testing/tests/ikev2/alg-blowfish/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/alg-blowfish/hosts/moon/etc/strongswan.conf
@@ -2,4 +2,9 @@
charon {
load = random nonce blowfish sha1 sha2 pem pkcs1 gmp curl x509 revocation hmac stroke kernel-netlink socket-default updown
+ syslog {
+ daemon {
+ cfg = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/nat-rw-mark/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/nat-rw-mark/hosts/sun/etc/ipsec.conf
index aac963e91..eee4e6edc 100644
--- a/testing/tests/ikev2/nat-rw-mark/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/ikev2/nat-rw-mark/hosts/sun/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="knl 2"
-
conn %default
ikelifetime=60m
keylife=20m
@@ -10,7 +7,7 @@ conn %default
keyingtries=1
keyexchange=ikev2
-conn alice
+conn alice
rightid=alice@strongswan.org
mark=10/0xffffffff
also=sun
diff --git a/testing/tests/ikev2/nat-rw-mark/hosts/sun/etc/strongswan.conf b/testing/tests/ikev2/nat-rw-mark/hosts/sun/etc/strongswan.conf
index 93f434598..9691dd22f 100644
--- a/testing/tests/ikev2/nat-rw-mark/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev2/nat-rw-mark/hosts/sun/etc/strongswan.conf
@@ -2,4 +2,9 @@
charon {
load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
+ syslog {
+ daemon {
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/net2net-ah/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/net2net-ah/hosts/moon/etc/ipsec.conf
index 7af65a55d..e8eaa4887 100644
--- a/testing/tests/ikev2/net2net-ah/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-ah/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="cfg 2, knl 2"
-
conn %default
keyexchange=ikev2
ike=aes128-sha256-modp3072!
diff --git a/testing/tests/ikev2/net2net-ah/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/net2net-ah/hosts/moon/etc/strongswan.conf
index 02ae5affa..ca7ff4f59 100644
--- a/testing/tests/ikev2/net2net-ah/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-ah/hosts/moon/etc/strongswan.conf
@@ -3,4 +3,10 @@
charon {
load = random nonce aes sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ cfg = 2
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/net2net-ah/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/net2net-ah/hosts/sun/etc/ipsec.conf
index 82da6cb7a..95e90fd09 100644
--- a/testing/tests/ikev2/net2net-ah/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-ah/hosts/sun/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="cfg 2, knl 2"
-
conn %default
keyexchange=ikev2
ike=aes128-sha256-modp3072!
diff --git a/testing/tests/ikev2/net2net-ah/hosts/sun/etc/strongswan.conf b/testing/tests/ikev2/net2net-ah/hosts/sun/etc/strongswan.conf
index 02ae5affa..ca7ff4f59 100644
--- a/testing/tests/ikev2/net2net-ah/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-ah/hosts/sun/etc/strongswan.conf
@@ -3,4 +3,10 @@
charon {
load = random nonce aes sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ cfg = 2
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/net2net-esn/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/net2net-esn/hosts/moon/etc/ipsec.conf
index 8cce0c957..71f5442c0 100644
--- a/testing/tests/ikev2/net2net-esn/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-esn/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="cfg 2, knl 2"
-
conn %default
ikelifetime=60m
keylife=20m
@@ -13,7 +10,7 @@ conn %default
esp=aes128-sha256-esn-noesn!
mobike=no
-conn net-net
+conn net-net
left=PH_IP_MOON
leftcert=moonCert.pem
leftid=@moon.strongswan.org
diff --git a/testing/tests/ikev2/net2net-esn/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/net2net-esn/hosts/moon/etc/strongswan.conf
index 02ae5affa..ca7ff4f59 100644
--- a/testing/tests/ikev2/net2net-esn/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-esn/hosts/moon/etc/strongswan.conf
@@ -3,4 +3,10 @@
charon {
load = random nonce aes sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ cfg = 2
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/net2net-esn/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/net2net-esn/hosts/sun/etc/ipsec.conf
index 1fd5ddb03..9e0df8111 100644
--- a/testing/tests/ikev2/net2net-esn/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-esn/hosts/sun/etc/ipsec.conf
@@ -1,19 +1,16 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="cfg 2, knl 2"
-
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
- keyingtries=1
+ keyingtries=1
keyexchange=ikev2
ike=aes128-sha256-modp3072!
esp=aes128-sha256-esn!
mobike=no
-conn net-net
+conn net-net
left=PH_IP_SUN
leftcert=sunCert.pem
leftid=@sun.strongswan.org
diff --git a/testing/tests/ikev2/net2net-esn/hosts/sun/etc/strongswan.conf b/testing/tests/ikev2/net2net-esn/hosts/sun/etc/strongswan.conf
index 02ae5affa..ca7ff4f59 100644
--- a/testing/tests/ikev2/net2net-esn/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-esn/hosts/sun/etc/strongswan.conf
@@ -3,4 +3,10 @@
charon {
load = random nonce aes sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ cfg = 2
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/moon/etc/ipsec.conf
index 01d114dd9..4251ecd68 100644
--- a/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="ike 4, lib 4"
-
conn %default
ikelifetime=60m
keylife=20m
@@ -13,7 +10,7 @@ conn %default
esp=aes128-sha256!
mobike=no
-conn net-net
+conn net-net
left=PH_IP_MOON
leftcert=moonCert.pem
leftid=@moon.strongswan.org
diff --git a/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/moon/etc/strongswan.conf
index 49077484a..2dd0446ce 100644
--- a/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/moon/etc/strongswan.conf
@@ -6,9 +6,15 @@ charon {
multiple_authentication = no
send_vendor_id = yes
+ syslog {
+ daemon {
+ ike = 4
+ lib = 4
+ }
+ }
plugins {
ntru {
- parameter_set = x9_98_bandwidth
+ parameter_set = x9_98_bandwidth
}
}
}
diff --git a/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/sun/etc/ipsec.conf
index e57bec965..449ee7989 100644
--- a/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/sun/etc/ipsec.conf
@@ -1,19 +1,16 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="ike 4, lib 4"
-
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
- keyingtries=1
+ keyingtries=1
keyexchange=ikev2
ike=aes128-sha256-ntru128!
esp=aes128-sha256!
mobike=no
-conn net-net
+conn net-net
left=PH_IP_SUN
leftcert=sunCert.pem
leftid=@sun.strongswan.org
diff --git a/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/sun/etc/strongswan.conf b/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/sun/etc/strongswan.conf
index 1dcbd6c27..2dd0446ce 100644
--- a/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-ntru-bandwidth/hosts/sun/etc/strongswan.conf
@@ -6,6 +6,12 @@ charon {
multiple_authentication = no
send_vendor_id = yes
+ syslog {
+ daemon {
+ ike = 4
+ lib = 4
+ }
+ }
plugins {
ntru {
parameter_set = x9_98_bandwidth
diff --git a/testing/tests/ikev2/net2net-ntru-cert/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/net2net-ntru-cert/hosts/moon/etc/ipsec.conf
index 9da45bcba..f29a8b2a2 100644
--- a/testing/tests/ikev2/net2net-ntru-cert/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-ntru-cert/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="ike 4, lib 4"
-
conn %default
ikelifetime=60m
keylife=20m
@@ -13,7 +10,7 @@ conn %default
esp=aes256-sha512!
mobike=no
-conn net-net
+conn net-net
left=PH_IP_MOON
leftcert=moonCert.pem
leftid=@moon.strongswan.org
diff --git a/testing/tests/ikev2/net2net-ntru-cert/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/net2net-ntru-cert/hosts/moon/etc/strongswan.conf
index 38df6a919..759b92285 100644
--- a/testing/tests/ikev2/net2net-ntru-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-ntru-cert/hosts/moon/etc/strongswan.conf
@@ -6,6 +6,12 @@ charon {
multiple_authentication = no
send_vendor_id = yes
+ syslog {
+ daemon {
+ ike = 4
+ lib = 4
+ }
+ }
plugins {
ntru {
parameter_set = optimum
diff --git a/testing/tests/ikev2/net2net-ntru-cert/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/net2net-ntru-cert/hosts/sun/etc/ipsec.conf
index 50be98057..76fbc8024 100644
--- a/testing/tests/ikev2/net2net-ntru-cert/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-ntru-cert/hosts/sun/etc/ipsec.conf
@@ -1,19 +1,16 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="ike 4, lib 4"
-
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
- keyingtries=1
+ keyingtries=1
keyexchange=ikev2
ike=aes256-sha512-ntru256!
esp=aes256-sha512!
mobike=no
-conn net-net
+conn net-net
left=PH_IP_SUN
leftcert=sunCert.pem
leftid=@sun.strongswan.org
diff --git a/testing/tests/ikev2/net2net-ntru-cert/hosts/sun/etc/strongswan.conf b/testing/tests/ikev2/net2net-ntru-cert/hosts/sun/etc/strongswan.conf
index 0b31f738c..d461bda50 100644
--- a/testing/tests/ikev2/net2net-ntru-cert/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-ntru-cert/hosts/sun/etc/strongswan.conf
@@ -4,4 +4,10 @@ charon {
load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl mgf1 ntru revocation hmac stroke kernel-netlink socket-default updown
multiple_authentication = no
send_vendor_id = yes
+ syslog {
+ daemon {
+ ike = 4
+ lib = 4
+ }
+ }
}
diff --git a/testing/tests/ikev2/net2net-psk-dscp/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/net2net-psk-dscp/hosts/moon/etc/ipsec.conf
index aeaebe1f4..8c7918b80 100644
--- a/testing/tests/ikev2/net2net-psk-dscp/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-psk-dscp/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="knl 2"
-
conn %default
ikelifetime=60m
keylife=20m
@@ -25,7 +22,7 @@ conn dscp-ef
also=net-net
auto=add
-conn net-net
+conn net-net
left=PH_IP_MOON
leftsubnet=10.1.0.0/16
leftfirewall=yes
diff --git a/testing/tests/ikev2/net2net-psk-dscp/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/net2net-psk-dscp/hosts/moon/etc/strongswan.conf
index 3cf8c8807..a0be3ce18 100644
--- a/testing/tests/ikev2/net2net-psk-dscp/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-psk-dscp/hosts/moon/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 curve25519 hmac curl stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/net2net-psk-dscp/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/net2net-psk-dscp/hosts/sun/etc/ipsec.conf
index 8b54476fd..3c4d0a07f 100644
--- a/testing/tests/ikev2/net2net-psk-dscp/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-psk-dscp/hosts/sun/etc/ipsec.conf
@@ -1,13 +1,10 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="knl 2"
-
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
- keyingtries=1
+ keyingtries=1
keyexchange=ikev2
mobike=no
@@ -25,7 +22,7 @@ conn dscp-ef
also=net-net
auto=add
-conn net-net
+conn net-net
left=PH_IP_SUN
leftsubnet=10.2.0.0/16
leftfirewall=yes
diff --git a/testing/tests/ikev2/net2net-psk-dscp/hosts/sun/etc/strongswan.conf b/testing/tests/ikev2/net2net-psk-dscp/hosts/sun/etc/strongswan.conf
index 3cf8c8807..a0be3ce18 100644
--- a/testing/tests/ikev2/net2net-psk-dscp/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-psk-dscp/hosts/sun/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 curve25519 hmac curl stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/net2net-rekey/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/net2net-rekey/hosts/moon/etc/ipsec.conf
index dcd98b4de..ec3daa00a 100644
--- a/testing/tests/ikev2/net2net-rekey/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-rekey/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="knl 2"
-
conn %default
ikelifetime=60m
lifetime=10s
diff --git a/testing/tests/ikev2/net2net-rekey/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/net2net-rekey/hosts/moon/etc/strongswan.conf
index 3dcbf76ea..8d26c1381 100644
--- a/testing/tests/ikev2/net2net-rekey/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-rekey/hosts/moon/etc/strongswan.conf
@@ -4,4 +4,9 @@ charon {
load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
# remove rekeyed inbound SA a bit quicker for the test scenario
delete_rekeyed_delay = 2
+ syslog {
+ daemon {
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/ipsec.conf
index 9ba918893..ec7d9a79a 100644
--- a/testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="cfg 2"
-
conn %default
ikelifetime=60m
keylife=20m
@@ -11,7 +8,7 @@ conn %default
keyexchange=ikev2
mobike=no
-conn net-net
+conn net-net
left=PH_IP_MOON
leftcert=moonCert.pem
leftid=@moon.strongswan.org
diff --git a/testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/strongswan.conf
index 18ed6a4c4..c9a56d748 100644
--- a/testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation addrblock hmac stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ cfg = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/ipsec.conf
index d41e43a5c..cc86ebc0a 100644
--- a/testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/ipsec.conf
@@ -1,17 +1,14 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="cfg 2"
-
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
- keyingtries=1
+ keyingtries=1
keyexchange=ikev2
mobike=no
-conn net-net
+conn net-net
left=PH_IP_SUN
leftcert=sunCert.pem
leftid=@sun.strongswan.org
diff --git a/testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/strongswan.conf b/testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/strongswan.conf
index 18ed6a4c4..c9a56d748 100644
--- a/testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation addrblock hmac stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ cfg = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/redirect-active/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/redirect-active/hosts/carol/etc/ipsec.conf
index a5c2cc5fc..cdcf4e6f2 100644
--- a/testing/tests/ikev2/redirect-active/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev2/redirect-active/hosts/carol/etc/ipsec.conf
@@ -1,7 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="knl 2"
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/redirect-active/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/redirect-active/hosts/carol/etc/strongswan.conf
index af5fa19ef..6bc136a9b 100644
--- a/testing/tests/ikev2/redirect-active/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/redirect-active/hosts/carol/etc/strongswan.conf
@@ -2,4 +2,9 @@
charon {
load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
+ syslog {
+ daemon {
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/rw-eap-tls-fragments/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-tls-fragments/hosts/carol/etc/ipsec.conf
index b7b27b720..10d92873d 100644
--- a/testing/tests/ikev2/rw-eap-tls-fragments/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-tls-fragments/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-tls-fragments/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-tls-fragments/hosts/carol/etc/strongswan.conf
index 6b0ab0dcc..58a2f2243 100644
--- a/testing/tests/ikev2/rw-eap-tls-fragments/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-tls-fragments/hosts/carol/etc/strongswan.conf
@@ -4,6 +4,11 @@ charon {
load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl hmac gcm stroke kernel-netlink socket-default eap-tls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
plugins {
eap-tls {
max_message_count = 40
diff --git a/testing/tests/ikev2/rw-eap-tls-fragments/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-tls-fragments/hosts/moon/etc/ipsec.conf
index ee4bfd27d..0ab0c4772 100644
--- a/testing/tests/ikev2/rw-eap-tls-fragments/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-tls-fragments/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-tls-fragments/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-tls-fragments/hosts/moon/etc/strongswan.conf
index 6b0ab0dcc..58a2f2243 100644
--- a/testing/tests/ikev2/rw-eap-tls-fragments/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-tls-fragments/hosts/moon/etc/strongswan.conf
@@ -4,6 +4,11 @@ charon {
load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl hmac gcm stroke kernel-netlink socket-default eap-tls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
plugins {
eap-tls {
max_message_count = 40
diff --git a/testing/tests/ikev2/rw-eap-tls-only/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-tls-only/hosts/carol/etc/ipsec.conf
index 5e06976d1..756e3835c 100644
--- a/testing/tests/ikev2/rw-eap-tls-only/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-tls-only/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-tls-only/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-tls-only/hosts/carol/etc/strongswan.conf
index 2261fc3e1..74881b5cf 100644
--- a/testing/tests/ikev2/rw-eap-tls-only/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-tls-only/hosts/carol/etc/strongswan.conf
@@ -4,4 +4,9 @@ charon {
load = random nonce aes md5 sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac gcm stroke kernel-netlink socket-default eap-tls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/rw-eap-tls-only/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-tls-only/hosts/moon/etc/ipsec.conf
index 37fa2b435..4a645d741 100644
--- a/testing/tests/ikev2/rw-eap-tls-only/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-tls-only/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-tls-only/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-tls-only/hosts/moon/etc/strongswan.conf
index 8865bd52c..797d27cc2 100644
--- a/testing/tests/ikev2/rw-eap-tls-only/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-tls-only/hosts/moon/etc/strongswan.conf
@@ -4,6 +4,11 @@ charon {
load = random nonce aes md5 sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac gcm stroke kernel-netlink socket-default eap-tls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
}
libtls {
diff --git a/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/ipsec.conf
index fc6f1e633..6aaeb160f 100644
--- a/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/strongswan.conf
index 84d571482..ef5666914 100644
--- a/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/strongswan.conf
@@ -3,6 +3,11 @@
charon {
load = random nonce aes md5 sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default eap-tls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
}
libtls {
diff --git a/testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/ipsec.conf
index 8ff3c2ab6..576d2cb99 100644
--- a/testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/strongswan.conf
index 951002690..fa1febe0f 100644
--- a/testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/ipsec.conf
index 367c0b527..ba52ec31e 100644
--- a/testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/strongswan.conf
index 951002690..fa1febe0f 100644
--- a/testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/rw-eap-ttls-only/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-ttls-only/hosts/moon/etc/ipsec.conf
index cd93a48e7..738481257 100644
--- a/testing/tests/ikev2/rw-eap-ttls-only/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-only/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-ttls-only/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-ttls-only/hosts/moon/etc/strongswan.conf
index 242329b3b..02899fdb7 100644
--- a/testing/tests/ikev2/rw-eap-ttls-only/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-only/hosts/moon/etc/strongswan.conf
@@ -4,6 +4,11 @@ charon {
load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
plugins {
eap-ttls {
phase2_method = md5
diff --git a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/carol/etc/ipsec.conf
index 8ff3c2ab6..576d2cb99 100644
--- a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/carol/etc/strongswan.conf
index 951002690..fa1febe0f 100644
--- a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/carol/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/dave/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/dave/etc/ipsec.conf
index 367c0b527..ba52ec31e 100644
--- a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/dave/etc/strongswan.conf
index 951002690..fa1febe0f 100644
--- a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/dave/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/moon/etc/ipsec.conf
index cd93a48e7..738481257 100644
--- a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/moon/etc/strongswan.conf
index 20afebf81..0ff7725ca 100644
--- a/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/moon/etc/strongswan.conf
@@ -4,6 +4,11 @@ charon {
load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
plugins {
eap-ttls {
phase2_method = md5
diff --git a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/ipsec.conf
index 5b1ac90a3..c18df1c73 100644
--- a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/strongswan.conf
index 1d380c409..443332acc 100644
--- a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes md5 sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/ipsec.conf
index 8aa168745..2b58fbfca 100644
--- a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="tls 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/strongswan.conf
index 1d380c409..443332acc 100644
--- a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes md5 sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls updown
multiple_authentication=no
+ syslog {
+ daemon {
+ tls = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/rw-mark-in-out/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/rw-mark-in-out/hosts/sun/etc/ipsec.conf
index 4b549cbd5..f0094e4d7 100644
--- a/testing/tests/ikev2/rw-mark-in-out/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/ikev2/rw-mark-in-out/hosts/sun/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="knl 2"
-
conn %default
ikelifetime=60m
keylife=20m
@@ -10,7 +7,7 @@ conn %default
keyingtries=1
keyexchange=ikev2
-conn alice
+conn alice
rightid=alice@strongswan.org
mark_in=10/0xffffffff
mark_out=11/0xffffffff
diff --git a/testing/tests/ikev2/rw-mark-in-out/hosts/sun/etc/strongswan.conf b/testing/tests/ikev2/rw-mark-in-out/hosts/sun/etc/strongswan.conf
index 93f434598..9691dd22f 100644
--- a/testing/tests/ikev2/rw-mark-in-out/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-mark-in-out/hosts/sun/etc/strongswan.conf
@@ -2,4 +2,9 @@
charon {
load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
+ syslog {
+ daemon {
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/trap-any/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/trap-any/hosts/carol/etc/ipsec.conf
index a2d62296f..0e4eaa1ea 100644
--- a/testing/tests/ikev2/trap-any/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev2/trap-any/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="knl 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/trap-any/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/trap-any/hosts/carol/etc/strongswan.conf
index dbcd7d844..709e0c5e4 100644
--- a/testing/tests/ikev2/trap-any/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/trap-any/hosts/carol/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 md5 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/trap-any/hosts/dave/etc/ipsec.conf b/testing/tests/ikev2/trap-any/hosts/dave/etc/ipsec.conf
index 3c7adfbf9..47792af99 100644
--- a/testing/tests/ikev2/trap-any/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/ikev2/trap-any/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="knl 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/trap-any/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2/trap-any/hosts/dave/etc/strongswan.conf
index 8d89cd0bb..5e900fd1b 100644
--- a/testing/tests/ikev2/trap-any/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev2/trap-any/hosts/dave/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/trap-any/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/trap-any/hosts/moon/etc/ipsec.conf
index 409bee2cb..650ebddd9 100644
--- a/testing/tests/ikev2/trap-any/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev2/trap-any/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="knl 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/trap-any/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/trap-any/hosts/moon/etc/strongswan.conf
index 8d89cd0bb..5e900fd1b 100644
--- a/testing/tests/ikev2/trap-any/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev2/trap-any/hosts/moon/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ knl = 2
+ }
+ }
}
diff --git a/testing/tests/ikev2/trap-any/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/trap-any/hosts/sun/etc/ipsec.conf
index 71edc4c14..ef99cc768 100644
--- a/testing/tests/ikev2/trap-any/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/ikev2/trap-any/hosts/sun/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
-config setup
- charondebug="knl 2"
-
conn %default
ikelifetime=60m
keylife=20m
diff --git a/testing/tests/ikev2/trap-any/hosts/sun/etc/strongswan.conf b/testing/tests/ikev2/trap-any/hosts/sun/etc/strongswan.conf
index 8d89cd0bb..5e900fd1b 100644
--- a/testing/tests/ikev2/trap-any/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev2/trap-any/hosts/sun/etc/strongswan.conf
@@ -3,4 +3,9 @@
charon {
load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-netlink socket-default updown
multiple_authentication = no
+ syslog {
+ daemon {
+ knl = 2
+ }
+ }
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 17:34:35 +0000