summaryrefslogtreecommitdiff
path: root/testing/tests/libipsec
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@corsac.net>2017-04-01 16:26:44 +0200
committerYves-Alexis Perez <corsac@corsac.net>2017-04-01 16:26:44 +0200
commit05ddd767992d68bb38c7f16ece142e8c2e9ae016 (patch)
tree302c618be306d4ed3c7f9fc58a1f6aaad4dd252f /testing/tests/libipsec
parent25663e04c3ab01ef8dc9f906608282319cfea2db (diff)
downloadvyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.tar.gz
vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.zip
New upstream version 5.5.2
Diffstat (limited to 'testing/tests/libipsec')
-rw-r--r--testing/tests/libipsec/host2host-cert/hosts/moon/etc/strongswan.conf3
-rw-r--r--testing/tests/libipsec/host2host-cert/hosts/sun/etc/strongswan.conf3
-rw-r--r--testing/tests/libipsec/net2net-3des/evaltest.dat4
-rw-r--r--testing/tests/libipsec/net2net-3des/hosts/moon/etc/ipsec.conf4
-rw-r--r--testing/tests/libipsec/net2net-3des/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/libipsec/net2net-3des/hosts/sun/etc/ipsec.conf4
-rw-r--r--testing/tests/libipsec/net2net-3des/hosts/sun/etc/strongswan.conf2
-rw-r--r--testing/tests/libipsec/net2net-cert/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/libipsec/net2net-cert/hosts/sun/etc/strongswan.conf2
-rw-r--r--testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/libipsec/net2net-null/hosts/sun/etc/strongswan.conf2
-rw-r--r--testing/tests/libipsec/rw-suite-b/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/libipsec/rw-suite-b/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/libipsec/rw-suite-b/hosts/moon/etc/strongswan.conf2
14 files changed, 19 insertions, 17 deletions
diff --git a/testing/tests/libipsec/host2host-cert/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/host2host-cert/hosts/moon/etc/strongswan.conf
index 71180e05b..c8897b084 100644
--- a/testing/tests/libipsec/host2host-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/host2host-cert/hosts/moon/etc/strongswan.conf
@@ -1,8 +1,9 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
+ load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
multiple_authentication = no
+
plugins {
kernel-netlink {
fwmark = !0x42
diff --git a/testing/tests/libipsec/host2host-cert/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/host2host-cert/hosts/sun/etc/strongswan.conf
index 71180e05b..c8897b084 100644
--- a/testing/tests/libipsec/host2host-cert/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/host2host-cert/hosts/sun/etc/strongswan.conf
@@ -1,8 +1,9 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
+ load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
multiple_authentication = no
+
plugins {
kernel-netlink {
fwmark = !0x42
diff --git a/testing/tests/libipsec/net2net-3des/evaltest.dat b/testing/tests/libipsec/net2net-3des/evaltest.dat
index e71456ef7..9365a8f44 100644
--- a/testing/tests/libipsec/net2net-3des/evaltest.dat
+++ b/testing/tests/libipsec/net2net-3des/evaltest.dat
@@ -2,8 +2,8 @@ moon::ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.
sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
moon::ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
sun:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
-moon::ipsec statusall 2> /dev/null::net-net\[1].*3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024::YES
-sun:: ipsec statusall 2> /dev/null::net-net\[1].*3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024::YES
+moon::ipsec statusall 2> /dev/null::net-net\[1].*3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048::YES
+sun:: ipsec statusall 2> /dev/null::net-net\[1].*3DES_CBC/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048::YES
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_.eq=1::YES
moon::ipsec statusall 2> /dev/null::net-net[{]1}.*3DES_CBC/HMAC_SHA1_96::YES
sun:: ipsec statusall 2> /dev/null::net-net[{]1}.*3DES_CBC/HMAC_SHA1_96::YES
diff --git a/testing/tests/libipsec/net2net-3des/hosts/moon/etc/ipsec.conf b/testing/tests/libipsec/net2net-3des/hosts/moon/etc/ipsec.conf
index f1d328fe5..141b4a3ed 100644
--- a/testing/tests/libipsec/net2net-3des/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/libipsec/net2net-3des/hosts/moon/etc/ipsec.conf
@@ -8,8 +8,8 @@ conn %default
rekeymargin=3m
keyingtries=1
keyexchange=ikev2
- ike=3des-sha1-modp1024!
- esp=3des-sha1-modp1024!
+ ike=3des-sha1-modp2048!
+ esp=3des-sha1-modp2048!
mobike=no
conn net-net
diff --git a/testing/tests/libipsec/net2net-3des/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/net2net-3des/hosts/moon/etc/strongswan.conf
index 19d636b3e..467da3ac9 100644
--- a/testing/tests/libipsec/net2net-3des/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-3des/hosts/moon/etc/strongswan.conf
@@ -1,6 +1,6 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
+ load = random nonce des sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
multiple_authentication = no
}
diff --git a/testing/tests/libipsec/net2net-3des/hosts/sun/etc/ipsec.conf b/testing/tests/libipsec/net2net-3des/hosts/sun/etc/ipsec.conf
index 3bd31c61f..0108a04a3 100644
--- a/testing/tests/libipsec/net2net-3des/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/libipsec/net2net-3des/hosts/sun/etc/ipsec.conf
@@ -8,8 +8,8 @@ conn %default
rekeymargin=3m
keyingtries=1
keyexchange=ikev2
- ike=3des-sha1-modp1024!
- esp=3des-sha1-modp1024!
+ ike=3des-sha1-modp2048!
+ esp=3des-sha1-modp2048!
mobike=no
conn net-net
diff --git a/testing/tests/libipsec/net2net-3des/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/net2net-3des/hosts/sun/etc/strongswan.conf
index 19d636b3e..467da3ac9 100644
--- a/testing/tests/libipsec/net2net-3des/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-3des/hosts/sun/etc/strongswan.conf
@@ -1,6 +1,6 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
+ load = random nonce des sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
multiple_authentication = no
}
diff --git a/testing/tests/libipsec/net2net-cert/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/net2net-cert/hosts/moon/etc/strongswan.conf
index 19d636b3e..fa7c0ece2 100644
--- a/testing/tests/libipsec/net2net-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-cert/hosts/moon/etc/strongswan.conf
@@ -1,6 +1,6 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
+ load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
multiple_authentication = no
}
diff --git a/testing/tests/libipsec/net2net-cert/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/net2net-cert/hosts/sun/etc/strongswan.conf
index 19d636b3e..fa7c0ece2 100644
--- a/testing/tests/libipsec/net2net-cert/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-cert/hosts/sun/etc/strongswan.conf
@@ -1,6 +1,6 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
+ load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac stroke kernel-libipsec kernel-netlink socket-default updown
multiple_authentication = no
}
diff --git a/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf
index c283474db..2beff1b76 100644
--- a/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf
@@ -1,6 +1,6 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = pem pkcs1 random nonce revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown
+ load = random nonce pem pkcs1 revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown
multiple_authentication = no
}
diff --git a/testing/tests/libipsec/net2net-null/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/net2net-null/hosts/sun/etc/strongswan.conf
index c283474db..2beff1b76 100644
--- a/testing/tests/libipsec/net2net-null/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-null/hosts/sun/etc/strongswan.conf
@@ -1,6 +1,6 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = pem pkcs1 random nonce revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown
+ load = random nonce pem pkcs1 revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown
multiple_authentication = no
}
diff --git a/testing/tests/libipsec/rw-suite-b/hosts/carol/etc/strongswan.conf b/testing/tests/libipsec/rw-suite-b/hosts/carol/etc/strongswan.conf
index 8acfbbffa..4ab9a617f 100644
--- a/testing/tests/libipsec/rw-suite-b/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/libipsec/rw-suite-b/hosts/carol/etc/strongswan.conf
@@ -1,7 +1,7 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = pem pkcs1 pkcs8 random nonce x509 revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown
+ load = random nonce pem pkcs1 pkcs8 x509 revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown
initiator_only = yes
diff --git a/testing/tests/libipsec/rw-suite-b/hosts/dave/etc/strongswan.conf b/testing/tests/libipsec/rw-suite-b/hosts/dave/etc/strongswan.conf
index 8acfbbffa..4ab9a617f 100644
--- a/testing/tests/libipsec/rw-suite-b/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/libipsec/rw-suite-b/hosts/dave/etc/strongswan.conf
@@ -1,7 +1,7 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = pem pkcs1 pkcs8 random nonce x509 revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown
+ load = random nonce pem pkcs1 pkcs8 x509 revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown
initiator_only = yes
diff --git a/testing/tests/libipsec/rw-suite-b/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/rw-suite-b/hosts/moon/etc/strongswan.conf
index 5f39be37e..d68b6e57a 100644
--- a/testing/tests/libipsec/rw-suite-b/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/rw-suite-b/hosts/moon/etc/strongswan.conf
@@ -1,7 +1,7 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = pem pkcs1 pkcs8 random nonce x509 revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown
+ load = random nonce pem pkcs1 pkcs8 x509 revocation openssl curl stroke kernel-libipsec kernel-netlink socket-default updown
plugins {
openssl {
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-11 05:38:40 +0000