diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2007-04-12 20:41:31 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2007-04-12 20:41:31 +0000 |
| commit | 774a362e87feab25f1be16fbca08269ddc7121a4 (patch) | |
| tree | cf71f4e7466468ac3edc2127125f333224a9acfb /testing/tests/ocsp-strict | |
| parent | c54a140a445bfe7aa66721f68bb0781f26add91c (diff) | |
| download | vyos-strongswan-774a362e87feab25f1be16fbca08269ddc7121a4.tar.gz vyos-strongswan-774a362e87feab25f1be16fbca08269ddc7121a4.zip | |
Major new upstream release, just ran svn-upgrade for now (and wrote some
debian/changelong entries).
Diffstat (limited to 'testing/tests/ocsp-strict')
| -rw-r--r-- | testing/tests/ocsp-strict/description.txt | 6 | ||||
| -rw-r--r-- | testing/tests/ocsp-strict/evaltest.dat | 8 | ||||
| -rwxr-xr-x | testing/tests/ocsp-strict/hosts/carol/etc/ipsec.conf | 29 | ||||
| -rwxr-xr-x | testing/tests/ocsp-strict/hosts/moon/etc/ipsec.conf | 40 | ||||
| -rw-r--r-- | testing/tests/ocsp-strict/posttest.dat | 3 | ||||
| -rw-r--r-- | testing/tests/ocsp-strict/pretest.dat | 5 | ||||
| -rw-r--r-- | testing/tests/ocsp-strict/test.conf | 21 |
7 files changed, 0 insertions, 112 deletions
diff --git a/testing/tests/ocsp-strict/description.txt b/testing/tests/ocsp-strict/description.txt deleted file mode 100644 index 7cb983140..000000000 --- a/testing/tests/ocsp-strict/description.txt +++ /dev/null @@ -1,6 +0,0 @@ -By setting <b>strictcrlpolicy=yes</b> a <b>strict CRL policy</b> is enforced on -both roadwarrior <b>carol</b> and gateway <b>moon</b>. Thus when <b>carol</b> initiates -the connection and no current revocation information is available, the Main Mode -negotiation fails but an OCSP request is issued to the OCSP server <b>winnetou</b>. -When the second Main Mode trial comes around, the OCSP response will be available -and the IKE negotiation completes. diff --git a/testing/tests/ocsp-strict/evaltest.dat b/testing/tests/ocsp-strict/evaltest.dat deleted file mode 100644 index 66b27aaac..000000000 --- a/testing/tests/ocsp-strict/evaltest.dat +++ /dev/null @@ -1,8 +0,0 @@ -moon::cat /var/log/auth.log::X.509 certificate rejected::YES -carol::cat /var/log/auth.log::X.509 certificate rejected::YES -moon::cat /var/log/auth.log::ignoring informational payload, type INVALID_KEY_INFORMATION::YES -carol::cat /var/log/auth.log::ignoring informational payload, type INVALID_KEY_INFORMATION::YES -moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES -carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES -moon::ipsec listocsp:: good::YES -carol::ipsec listocsp:: good::YES diff --git a/testing/tests/ocsp-strict/hosts/carol/etc/ipsec.conf b/testing/tests/ocsp-strict/hosts/carol/etc/ipsec.conf deleted file mode 100755 index b34719401..000000000 --- a/testing/tests/ocsp-strict/hosts/carol/etc/ipsec.conf +++ /dev/null @@ -1,29 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -version 2.0 # conforms to second version of ipsec.conf specification - -config setup - plutodebug=control - crlcheckinterval=180 - strictcrlpolicy=yes - -ca strongswan - cacert=strongswanCert.pem - ocspuri=http://ocsp.strongswan.org:8880 - auto=add - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - left=PH_IP_CAROL - leftnexthop=%direct - leftcert=carolCert.pem - leftid=carol@strongswan.org - -conn home - right=PH_IP_MOON - rightsubnet=10.1.0.0/16 - rightid=@moon.strongswan.org - auto=add diff --git a/testing/tests/ocsp-strict/hosts/moon/etc/ipsec.conf b/testing/tests/ocsp-strict/hosts/moon/etc/ipsec.conf deleted file mode 100755 index 7134b6ee9..000000000 --- a/testing/tests/ocsp-strict/hosts/moon/etc/ipsec.conf +++ /dev/null @@ -1,40 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -version 2.0 # conforms to second version of ipsec.conf specification - -config setup - plutodebug=control - crlcheckinterval=180 - strictcrlpolicy=yes - -ca strongswan - cacert=strongswanCert.pem - ocspuri=http://ocsp.strongswan.org:8880 - auto=add - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - left=PH_IP_MOON - leftnexthop=%direct - leftcert=moonCert.pem - leftid=@moon.strongswan.org - -conn net-net - leftsubnet=10.1.0.0/16 - right=PH_IP_SUN - rightsubnet=10.2.0.0/16 - rightid=@sun.strongswan.org - auto=add - -conn host-host - right=PH_IP_SUN - rightid=@sun.strongswan.org - auto=add - -conn rw - leftsubnet=10.1.0.0/16 - right=%any - auto=add diff --git a/testing/tests/ocsp-strict/posttest.dat b/testing/tests/ocsp-strict/posttest.dat deleted file mode 100644 index 117f625f6..000000000 --- a/testing/tests/ocsp-strict/posttest.dat +++ /dev/null @@ -1,3 +0,0 @@ -moon::ipsec stop -carol::ipsec stop -winnetou::killall openssl diff --git a/testing/tests/ocsp-strict/pretest.dat b/testing/tests/ocsp-strict/pretest.dat deleted file mode 100644 index d5516fd3b..000000000 --- a/testing/tests/ocsp-strict/pretest.dat +++ /dev/null @@ -1,5 +0,0 @@ -winnetou::/etc/openssl/start-ocsp -moon::ipsec start -carol::ipsec start -carol::sleep 2 -carol::ipsec up home diff --git a/testing/tests/ocsp-strict/test.conf b/testing/tests/ocsp-strict/test.conf deleted file mode 100644 index 2b240d895..000000000 --- a/testing/tests/ocsp-strict/test.conf +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# -# This configuration file provides information on the -# UML instances used for this test - -# All UML instances that are required for this test -# -UMLHOSTS="moon carol winnetou" - -# Corresponding block diagram -# -DIAGRAM="m-c-w.png" - -# UML instances on which tcpdump is to be started -# -TCPDUMPHOSTS="" - -# UML instances on which IPsec is started -# Used for IPsec logging purposes -# -IPSECHOSTS="moon carol" |