summaryrefslogtreecommitdiff
path: root/testing/tests/sql
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@debian.org>2013-01-02 14:18:20 +0100
committerYves-Alexis Perez <corsac@debian.org>2013-01-02 14:18:20 +0100
commitc1343b3278cdf99533b7902744d15969f9d6fdc1 (patch)
treed5ed3dc5677a59260ec41cd39bb284d3e94c91b3 /testing/tests/sql
parentb34738ed08c2227300d554b139e2495ca5da97d6 (diff)
downloadvyos-strongswan-c1343b3278cdf99533b7902744d15969f9d6fdc1.tar.gz
vyos-strongswan-c1343b3278cdf99533b7902744d15969f9d6fdc1.zip
Imported Upstream version 5.0.1
Diffstat (limited to 'testing/tests/sql')
-rw-r--r--testing/tests/sql/ip-pool-db-expired/evaltest.dat32
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/ip-pool-db-restart/evaltest.dat32
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/ip-pool-db/evaltest.dat46
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-pool-db/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-pool-db/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/ip-split-pools-db-restart/evaltest.dat28
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/ip-split-pools-db/evaltest.dat30
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/ip-split-pools-db/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-split-pools-db/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/ip-split-pools-db/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-split-pools-db/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/ip-split-pools-db/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/ip-split-pools-db/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/multi-level-ca/evaltest.dat27
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/multi-level-ca/hosts/carol/etc/ipsec.conf1
-rw-r--r--testing/tests/sql/multi-level-ca/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/multi-level-ca/hosts/dave/etc/ipsec.conf1
-rw-r--r--testing/tests/sql/multi-level-ca/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/multi-level-ca/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/multi-level-ca/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/net2net-cert/evaltest.dat6
-rw-r--r--testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/net2net-cert/hosts/moon/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/net2net-cert/hosts/sun/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/net2net-psk/evaltest.dat6
-rw-r--r--testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/net2net-psk/hosts/moon/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/net2net-psk/hosts/sun/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/net2net-route-pem/evaltest.dat26
-rw-r--r--testing/tests/sql/net2net-route-pem/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/net2net-route-pem/hosts/moon/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/net2net-route-pem/hosts/sun/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/net2net-route-pem/hosts/sun/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/net2net-start-pem/evaltest.dat18
-rw-r--r--testing/tests/sql/net2net-start-pem/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/net2net-start-pem/hosts/moon/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/net2net-start-pem/hosts/sun/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/net2net-start-pem/hosts/sun/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/net2net-start-pem/pretest.dat2
-rw-r--r--testing/tests/sql/rw-cert/evaltest.dat14
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-cert/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-cert/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-cert/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-eap-aka-rsa/evaltest.dat8
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-psk-ipv4/evaltest.dat13
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-psk-ipv6/evaltest.dat13
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-psk-rsa-split/evaltest.dat19
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-rsa-keyid/evaltest.dat15
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-rsa/evaltest.dat14
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-rsa/hosts/carol/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-rsa/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/rw-rsa/hosts/dave/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-rsa/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/rw-rsa/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/rw-rsa/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/sql/shunt-policies/evaltest.dat20
-rw-r--r--testing/tests/sql/shunt-policies/hosts/moon/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/shunt-policies/hosts/moon/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/sql/shunt-policies/hosts/sun/etc/ipsec.conf3
-rw-r--r--testing/tests/sql/shunt-policies/hosts/sun/etc/strongswan.conf2
115 files changed, 263 insertions, 342 deletions
diff --git a/testing/tests/sql/ip-pool-db-expired/evaltest.dat b/testing/tests/sql/ip-pool-db-expired/evaltest.dat
index 9633fde10..3239dfe1f 100644
--- a/testing/tests/sql/ip-pool-db-expired/evaltest.dat
+++ b/testing/tests/sql/ip-pool-db-expired/evaltest.dat
@@ -1,21 +1,25 @@
carol::cat /var/log/daemon.log::installing new virtual IP PH_IP_CAROL1::YES
carol::ip addr list dev eth0::PH_IP_CAROL1::YES
carol::ip route list table 220::10.1.0.0/16.*src PH_IP_CAROL1::YES
-carol::ipsec status::home.*INSTALLED::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
-dave::ip addr list dev eth0::PH_IP_DAVE1::YES
-dave::ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
-dave::ipsec status::home.*INSTALLED::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::cat /var/log/daemon.log::peer requested virtual IP %any::YES
-moon::cat /var/log/daemon.log::acquired new lease for address.*in pool.*bigpool::YES
-moon::cat /var/log/daemon.log::assigning virtual IP::YES
-moon::ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*1h.*2::YES
-moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
-moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
-moon::ipsec status::rw.*ESTABLISHED.*carol@strongswan.org::YES
-moon::ipsec status::rw.*ESTABLISHED.*dave@strongswan.org::YES
+dave:: cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
+dave:: ip addr list dev eth0::PH_IP_DAVE1::YES
+dave:: ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
+dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon:: cat /var/log/daemon.log::peer requested virtual IP %any::YES
+moon:: cat /var/log/daemon.log::acquired new lease for address.*in pool.*bigpool::YES
+moon:: cat /var/log/daemon.log::assigning virtual IP::YES
+moon:: ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*1h.*2::YES
+moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
+moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.conf b/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/strongswan.conf b/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.conf b/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/strongswan.conf b/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.conf b/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf b/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf
index 3300d3ee8..69f7bb692 100644
--- a/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf
@@ -6,7 +6,7 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
}
libhydra {
diff --git a/testing/tests/sql/ip-pool-db-restart/evaltest.dat b/testing/tests/sql/ip-pool-db-restart/evaltest.dat
index f4c713c9f..58706fa48 100644
--- a/testing/tests/sql/ip-pool-db-restart/evaltest.dat
+++ b/testing/tests/sql/ip-pool-db-restart/evaltest.dat
@@ -1,21 +1,25 @@
carol::cat /var/log/daemon.log::installing new virtual IP PH_IP_CAROL1::YES
carol::ip addr list dev eth0::PH_IP_CAROL1::YES
carol::ip route list table 220::10.1.0.0/16.*src PH_IP_CAROL1::YES
-carol::ipsec status::home.*INSTALLED::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
-dave::ip addr list dev eth0::PH_IP_DAVE1::YES
-dave::ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
-dave::ipsec status::home.*INSTALLED::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::cat /var/log/daemon.log::peer requested virtual IP %any::YES
-moon::cat /var/log/daemon.log::acquired existing lease for address.*in pool.*bigpool::YES
-moon::cat /var/log/daemon.log::assigning virtual IP::YES
-moon::ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*static.*2::YES
-moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
-moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
-moon::ipsec status::rw.*ESTABLISHED.*carol@strongswan.org::YES
-moon::ipsec status::rw.*ESTABLISHED.*dave@strongswan.org::YES
+dave:: cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
+dave:: ip addr list dev eth0::PH_IP_DAVE1::YES
+dave:: ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
+dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon:: cat /var/log/daemon.log::peer requested virtual IP %any::YES
+moon:: cat /var/log/daemon.log::acquired existing lease for address.*in pool.*bigpool::YES
+moon:: cat /var/log/daemon.log::assigning virtual IP::YES
+moon:: ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*static.*2::YES
+moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
+moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.conf b/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/strongswan.conf b/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.conf b/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/strongswan.conf b/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.conf b/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf b/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf
index 3300d3ee8..69f7bb692 100644
--- a/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf
@@ -6,7 +6,7 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
}
libhydra {
diff --git a/testing/tests/sql/ip-pool-db/evaltest.dat b/testing/tests/sql/ip-pool-db/evaltest.dat
index 11be09d38..3910ab9c2 100644
--- a/testing/tests/sql/ip-pool-db/evaltest.dat
+++ b/testing/tests/sql/ip-pool-db/evaltest.dat
@@ -5,28 +5,32 @@ carol::cat /var/log/daemon.log::handling INTERNAL_IP4_NBNS attribute failed::YES
carol::cat /var/log/daemon.log::handling APPLICATION_VERSION attribute failed::YES
carol::ip addr list dev eth0::PH_IP_CAROL1::YES
carol::ip route list table 220::10.1.0.0/16.*src PH_IP_CAROL1::YES
-carol::ipsec status::home.*INSTALLED::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
-dave::cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
-dave::cat /var/log/daemon.log::installing DNS server PH_IP_WINNETOU::YES
-dave::cat /var/log/daemon.log::installing DNS server PH_IP_VENUS::YES
-dave::cat /var/log/daemon.log::handling INTERNAL_IP4_NBNS attribute failed::YES
-dave::cat /var/log/daemon.log::handling APPLICATION_VERSION attribute failed::YES
-dave::ip addr list dev eth0::PH_IP_DAVE1::YES
-dave::ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
-dave::ipsec status::home.*INSTALLED::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::cat /var/log/daemon.log::peer requested virtual IP %any::YES
-moon::cat /var/log/daemon.log::acquired new lease for address.*in pool.*bigpool::YES
-moon::cat /var/log/daemon.log::assigning virtual IP::YES
-moon::ipsec pool --status 2> /dev/null::dns servers: PH_IP_WINNETOU PH_IP_VENUS::YES
-moon::ipsec pool --status 2> /dev/null::nbns servers: PH_IP_VENUS::YES
-moon::ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*static.*2::YES
-moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
-moon::ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
-moon::ipsec status::rw.*ESTABLISHED.*carol@strongswan.org::YES
-moon::ipsec status::rw.*ESTABLISHED.*dave@strongswan.org::YES
+dave:: cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
+dave:: cat /var/log/daemon.log::installing new virtual IP PH_IP_DAVE1::YES
+dave:: cat /var/log/daemon.log::installing DNS server PH_IP_WINNETOU::YES
+dave:: cat /var/log/daemon.log::installing DNS server PH_IP_VENUS::YES
+dave:: cat /var/log/daemon.log::handling INTERNAL_IP4_NBNS attribute failed::YES
+dave:: cat /var/log/daemon.log::handling APPLICATION_VERSION attribute failed::YES
+dave:: ip addr list dev eth0::PH_IP_DAVE1::YES
+dave:: ip route list table 220::10.1.0.0/16.*src PH_IP_DAVE1::YES
+dave:: ipsec status 2> /dev/null::.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon:: cat /var/log/daemon.log::peer requested virtual IP %any::YES
+moon:: cat /var/log/daemon.log::acquired new lease for address.*in pool.*bigpool::YES
+moon:: cat /var/log/daemon.log::assigning virtual IP::YES
+moon:: ipsec pool --status 2> /dev/null::dns servers: PH_IP_WINNETOU PH_IP_VENUS::YES
+moon:: ipsec pool --status 2> /dev/null::nbns servers: PH_IP_VENUS::YES
+moon:: ipsec pool --status 2> /dev/null::bigpool.*10.3.0.1.*10.3.0.6.*static.*2::YES
+moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
+moon:: ipsec pool --leases --filter pool=bigpool,addr=10.3.0.2,id=dave@strongswan.org 2> /dev/null::online::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.conf b/testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-pool-db/hosts/carol/etc/strongswan.conf b/testing/tests/sql/ip-pool-db/hosts/carol/etc/strongswan.conf
index d09387c35..145ca9029 100644
--- a/testing/tests/sql/ip-pool-db/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql resolve
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql resolve
}
diff --git a/testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.conf b/testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-pool-db/hosts/dave/etc/strongswan.conf b/testing/tests/sql/ip-pool-db/hosts/dave/etc/strongswan.conf
index d09387c35..145ca9029 100644
--- a/testing/tests/sql/ip-pool-db/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db/hosts/dave/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql resolve
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql resolve
}
diff --git a/testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.conf b/testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf b/testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf
index 3300d3ee8..69f7bb692 100644
--- a/testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf
@@ -6,7 +6,7 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
}
libhydra {
diff --git a/testing/tests/sql/ip-split-pools-db-restart/evaltest.dat b/testing/tests/sql/ip-split-pools-db-restart/evaltest.dat
index 6c912eb47..5f7f5ec3d 100644
--- a/testing/tests/sql/ip-split-pools-db-restart/evaltest.dat
+++ b/testing/tests/sql/ip-split-pools-db-restart/evaltest.dat
@@ -1,14 +1,18 @@
dave::cat /var/log/daemon.log::installing new virtual IP 10.3.1.1::YES
-dave::ipsec status::home.*INSTALLED::YES
+dave::ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
+dave::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
carol::cat /var/log/daemon.log::installing new virtual IP 10.3.0.1::YES
-carol::ipsec status::home.*INSTALLED::YES
-moon::cat /var/log/daemon.log::acquired existing lease for address 10.3.1.1 in pool.*pool1::YES
-moon::cat /var/log/daemon.log::assigning virtual IP 10.3.1.1 to peer::YES
-moon::cat /var/log/daemon.log::acquired existing lease for address 10.3.0.1 in pool.*pool0::YES
-moon::cat /var/log/daemon.log::assigning virtual IP 10.3.0.1 to peer::YES
-moon::ipsec pool --status 2> /dev/null::pool0.*10.3.0.1.*10.3.0.2.*static.*2 .*1 .*1 ::YES
-moon::ipsec pool --status 2> /dev/null::pool1.*10.3.1.1.*10.3.1.2.*static.*2 .*1 .*1 ::YES
-moon::ipsec pool --leases --filter pool=pool0,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
-moon::ipsec pool --leases --filter pool=pool1,addr=10.3.1.1,id=dave@strongswan.org 2> /dev/null::online::YES
-moon::ipsec status::rw.*ESTABLISHED.*dave@strongswan.org::YES
-moon::ipsec status::rw.*ESTABLISHED.*carol@strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+moon:: cat /var/log/daemon.log::acquired existing lease for address 10.3.1.1 in pool.*pool1::YES
+moon:: cat /var/log/daemon.log::assigning virtual IP 10.3.1.1 to peer::YES
+moon:: cat /var/log/daemon.log::acquired existing lease for address 10.3.0.1 in pool.*pool0::YES
+moon:: cat /var/log/daemon.log::assigning virtual IP 10.3.0.1 to peer::YES
+moon:: ipsec pool --status 2> /dev/null::pool0.*10.3.0.1.*10.3.0.2.*static.*2 .*1 .*1 ::YES
+moon:: ipsec pool --status 2> /dev/null::pool1.*10.3.1.1.*10.3.1.2.*static.*2 .*1 .*1 ::YES
+moon:: ipsec pool --leases --filter pool=pool0,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
+moon:: ipsec pool --leases --filter pool=pool1,addr=10.3.1.1,id=dave@strongswan.org 2> /dev/null::online::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
diff --git a/testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/ipsec.conf b/testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/strongswan.conf b/testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/ipsec.conf b/testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/strongswan.conf b/testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/ipsec.conf b/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/strongswan.conf b/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/strongswan.conf
index 3300d3ee8..69f7bb692 100644
--- a/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/strongswan.conf
@@ -6,7 +6,7 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
}
libhydra {
diff --git a/testing/tests/sql/ip-split-pools-db/evaltest.dat b/testing/tests/sql/ip-split-pools-db/evaltest.dat
index f358b62c8..f186d8927 100644
--- a/testing/tests/sql/ip-split-pools-db/evaltest.dat
+++ b/testing/tests/sql/ip-split-pools-db/evaltest.dat
@@ -1,15 +1,17 @@
carol::cat /var/log/daemon.log::installing new virtual IP 10.3.0.1::YES
-carol::ipsec status::home.*INSTALLED::YES
-dave::cat /var/log/daemon.log::installing new virtual IP 10.3.1.1::YES
-dave::ipsec status::home.*INSTALLED::YES
-moon::cat /var/log/daemon.log::acquired new lease for address 10.3.0.1 in pool.*pool0::YES
-moon::cat /var/log/daemon.log::assigning virtual IP 10.3.0.1 to peer::YES
-moon::cat /var/log/daemon.log::no available address found in pool.*pool0::YES
-moon::cat /var/log/daemon.log::acquired new lease for address 10.3.1.1 in pool.*pool1::YES
-moon::cat /var/log/daemon.log::assigning virtual IP 10.3.1.1 to peer::YES
-moon::ipsec pool --status 2> /dev/null::pool0.*10.3.0.1.*10.3.0.1.*static.*1 .*1 .*1 ::YES
-moon::ipsec pool --status 2> /dev/null::pool1.*10.3.1.1.*10.3.1.1.*static.*1 .*1 .*1 ::YES
-moon::ipsec pool --leases --filter pool=pool0,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
-moon::ipsec pool --leases --filter pool=pool1,addr=10.3.1.1,id=dave@strongswan.org 2> /dev/null::online::YES
-moon::ipsec status::rw.*ESTABLISHED.*carol@strongswan.org::YES
-moon::ipsec status::rw.*ESTABLISHED.*dave@strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: cat /var/log/daemon.log::installing new virtual IP 10.3.1.1::YES
+dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+moon:: cat /var/log/daemon.log::acquired new lease for address 10.3.0.1 in pool.*pool0::YES
+moon:: cat /var/log/daemon.log::assigning virtual IP 10.3.0.1 to peer::YES
+moon:: cat /var/log/daemon.log::no available address found in pool.*pool0::YES
+moon:: cat /var/log/daemon.log::acquired new lease for address 10.3.1.1 in pool.*pool1::YES
+moon:: cat /var/log/daemon.log::assigning virtual IP 10.3.1.1 to peer::YES
+moon:: ipsec pool --status 2> /dev/null::pool0.*10.3.0.1.*10.3.0.1.*static.*1 .*1 .*1 ::YES
+moon:: ipsec pool --status 2> /dev/null::pool1.*10.3.1.1.*10.3.1.1.*static.*1 .*1 .*1 ::YES
+moon:: ipsec pool --leases --filter pool=pool0,addr=10.3.0.1,id=carol@strongswan.org 2> /dev/null::online::YES
+moon:: ipsec pool --leases --filter pool=pool1,addr=10.3.1.1,id=dave@strongswan.org 2> /dev/null::online::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
diff --git a/testing/tests/sql/ip-split-pools-db/hosts/carol/etc/ipsec.conf b/testing/tests/sql/ip-split-pools-db/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/ip-split-pools-db/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/ip-split-pools-db/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-split-pools-db/hosts/carol/etc/strongswan.conf b/testing/tests/sql/ip-split-pools-db/hosts/carol/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/ip-split-pools-db/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/ip-split-pools-db/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/ip-split-pools-db/hosts/dave/etc/ipsec.conf b/testing/tests/sql/ip-split-pools-db/hosts/dave/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/ip-split-pools-db/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/ip-split-pools-db/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-split-pools-db/hosts/dave/etc/strongswan.conf b/testing/tests/sql/ip-split-pools-db/hosts/dave/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/ip-split-pools-db/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/ip-split-pools-db/hosts/dave/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/ipsec.conf b/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/strongswan.conf b/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/strongswan.conf
index 3300d3ee8..69f7bb692 100644
--- a/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/ip-split-pools-db/hosts/moon/etc/strongswan.conf
@@ -6,7 +6,7 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql attr-sql
}
libhydra {
diff --git a/testing/tests/sql/multi-level-ca/evaltest.dat b/testing/tests/sql/multi-level-ca/evaltest.dat
index 91113ce11..dfdd36a51 100644
--- a/testing/tests/sql/multi-level-ca/evaltest.dat
+++ b/testing/tests/sql/multi-level-ca/evaltest.dat
@@ -1,16 +1,21 @@
carol::cat /var/log/daemon.log::sending issuer cert.*CN=Research CA::YES
-dave::cat /var/log/daemon.log::sending issuer cert.*CN=Sales CA::YES
-moon::cat /var/log/daemon.log::fetching crl from.*http.*research.crl::YES
-moon::cat /var/log/daemon.log::crl correctly signed by.*Research CA::YES
-moon::cat /var/log/daemon.log::fetching crl from.*http.*sales.crl::YES
-moon::cat /var/log/daemon.log::crl correctly signed by.*Sales CA::YES
-moon::cat /var/log/daemon.log::fetching crl from.*http.*strongswan.crl::YES
-moon::cat /var/log/daemon.log::crl correctly signed by.*strongSwan Root CA::YES
-moon::ipsec statusall::rw.*ESTABLISHED::YES
-carol::ipsec statusall::home.*ESTABLISHED::YES
-dave::ipsec statusall::home.*ESTABLISHED::YES
+dave:: cat /var/log/daemon.log::sending issuer cert.*CN=Sales CA::YES
+moon:: cat /var/log/daemon.log::fetching crl from.*http.*research.crl::YES
+moon:: cat /var/log/daemon.log::crl correctly signed by.*Research CA::YES
+moon:: cat /var/log/daemon.log::fetching crl from.*http.*sales.crl::YES
+moon:: cat /var/log/daemon.log::crl correctly signed by.*Sales CA::YES
+moon:: cat /var/log/daemon.log::fetching crl from.*http.*strongswan.crl::YES
+moon:: cat /var/log/daemon.log::crl correctly signed by.*strongSwan Root CA::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
+dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/multi-level-ca/hosts/carol/etc/ipsec.conf b/testing/tests/sql/multi-level-ca/hosts/carol/etc/ipsec.conf
index 96eb832ae..d77a4c0c9 100755..100644
--- a/testing/tests/sql/multi-level-ca/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/multi-level-ca/hosts/carol/etc/ipsec.conf
@@ -2,6 +2,5 @@
config setup
strictcrlpolicy=yes
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/multi-level-ca/hosts/carol/etc/strongswan.conf b/testing/tests/sql/multi-level-ca/hosts/carol/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/multi-level-ca/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/multi-level-ca/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/multi-level-ca/hosts/dave/etc/ipsec.conf b/testing/tests/sql/multi-level-ca/hosts/dave/etc/ipsec.conf
index 96eb832ae..d77a4c0c9 100755..100644
--- a/testing/tests/sql/multi-level-ca/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/multi-level-ca/hosts/dave/etc/ipsec.conf
@@ -2,6 +2,5 @@
config setup
strictcrlpolicy=yes
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/multi-level-ca/hosts/dave/etc/strongswan.conf b/testing/tests/sql/multi-level-ca/hosts/dave/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/multi-level-ca/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/multi-level-ca/hosts/dave/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/multi-level-ca/hosts/moon/etc/ipsec.conf b/testing/tests/sql/multi-level-ca/hosts/moon/etc/ipsec.conf
index 96eb832ae..296ed1e93 100644
--- a/testing/tests/sql/multi-level-ca/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/multi-level-ca/hosts/moon/etc/ipsec.conf
@@ -1,7 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- strictcrlpolicy=yes
- plutostart=no
+ strictcrlpolicy=yes
# configuration is read from SQLite database
diff --git a/testing/tests/sql/multi-level-ca/hosts/moon/etc/strongswan.conf b/testing/tests/sql/multi-level-ca/hosts/moon/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/multi-level-ca/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/multi-level-ca/hosts/moon/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/net2net-cert/evaltest.dat b/testing/tests/sql/net2net-cert/evaltest.dat
index e67c39a08..dbd06104f 100644
--- a/testing/tests/sql/net2net-cert/evaltest.dat
+++ b/testing/tests/sql/net2net-cert/evaltest.dat
@@ -1,5 +1,7 @@
-moon::ipsec statusall::net-net.*ESTABLISHED::YES
-sun::ipsec statusall::net-net.*ESTABLISHED::YES
+moon:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES
+sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
+sun:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.conf b/testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/net2net-cert/hosts/moon/etc/strongswan.conf b/testing/tests/sql/net2net-cert/hosts/moon/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/net2net-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/net2net-cert/hosts/moon/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.conf b/testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/net2net-cert/hosts/sun/etc/strongswan.conf b/testing/tests/sql/net2net-cert/hosts/sun/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/net2net-cert/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/sql/net2net-cert/hosts/sun/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/net2net-psk/evaltest.dat b/testing/tests/sql/net2net-psk/evaltest.dat
index e67c39a08..dbd06104f 100644
--- a/testing/tests/sql/net2net-psk/evaltest.dat
+++ b/testing/tests/sql/net2net-psk/evaltest.dat
@@ -1,5 +1,7 @@
-moon::ipsec statusall::net-net.*ESTABLISHED::YES
-sun::ipsec statusall::net-net.*ESTABLISHED::YES
+moon:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES
+sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
+sun:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.conf b/testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/net2net-psk/hosts/moon/etc/strongswan.conf b/testing/tests/sql/net2net-psk/hosts/moon/etc/strongswan.conf
index 1120fe649..5e4eb1246 100644
--- a/testing/tests/sql/net2net-psk/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/net2net-psk/hosts/moon/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.conf b/testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/net2net-psk/hosts/sun/etc/strongswan.conf b/testing/tests/sql/net2net-psk/hosts/sun/etc/strongswan.conf
index 1120fe649..5e4eb1246 100644
--- a/testing/tests/sql/net2net-psk/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/sql/net2net-psk/hosts/sun/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/net2net-route-pem/evaltest.dat b/testing/tests/sql/net2net-route-pem/evaltest.dat
index eaca715d5..719ba09ff 100644
--- a/testing/tests/sql/net2net-route-pem/evaltest.dat
+++ b/testing/tests/sql/net2net-route-pem/evaltest.dat
@@ -1,16 +1,16 @@
-moon::ipsec statusall::net-1.*ROUTED::YES
-sun::ipsec statusall::net-1.*ROUTED::YES
-moon::ipsec statusall::net-2.*ROUTED::YES
-sun::ipsec statusall::net-2.*ROUTED::YES
-moon::cat /var/log/daemon.log::creating acquire job for policy 10.1.0.10/32\[icmp/8\] === 10.2.0.10/32\[icmp\] with reqid {1}::YES
-moon::ipsec statusall::net-1.*INSTALLED::YES
-sun::ipsec statusall::net-1.*INSTALLED::YES
-sun::cat /var/log/daemon.log::creating acquire job for policy 10.2.0.10/32\[icmp/8\] === 10.1.0.20/32\[icmp\] with reqid {2}::YES
-moon::ipsec statusall::net-2.*INSTALLED::YES
-sun::ipsec statusall::net-2.*INSTALLED::YES
-moon::ipsec statusall::net-net.*ESTABLISHED::YES
-sun::ipsec statusall::net-net.*ESTABLISHED::YES
+moon:: ipsec status 2> /dev/null::net-1.*ROUTED, TUNNEL::YES
+sun:: ipsec status 2> /dev/null::net-1.*ROUTED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::net-2.*ROUTED, TUNNEL::YES
+sun:: ipsec status 2> /dev/null::net-2.*ROUTED, TUNNEL::YES
+moon:: cat /var/log/daemon.log::creating acquire job for policy 10.1.0.10/32\[icmp/8\] === 10.2.0.10/32\[icmp\] with reqid {1}::YES
+moon:: ipsec status 2> /dev/null::net-1.*INSTALLED, TUNNEL::YES
+sun:: ipsec status 2> /dev/null::net-1.*INSTALLED. TUNNEL::YES
+sun:: cat /var/log/daemon.log::creating acquire job for policy 10.2.0.10/32\[icmp/8\] === 10.1.0.20/32\[icmp\] with reqid {2}::YES
+moon:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES
+sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::net-2.*INSTALLED, TUNNEL::YES
+sun:: ipsec status 2> /dev/null::net-2.*INSTALLED, TUNNEL::YES
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
-bob:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
+bob:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/net2net-route-pem/hosts/moon/etc/ipsec.conf b/testing/tests/sql/net2net-route-pem/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/net2net-route-pem/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/net2net-route-pem/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/net2net-route-pem/hosts/moon/etc/strongswan.conf b/testing/tests/sql/net2net-route-pem/hosts/moon/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/net2net-route-pem/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/net2net-route-pem/hosts/moon/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/net2net-route-pem/hosts/sun/etc/ipsec.conf b/testing/tests/sql/net2net-route-pem/hosts/sun/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/net2net-route-pem/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/sql/net2net-route-pem/hosts/sun/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/net2net-route-pem/hosts/sun/etc/strongswan.conf b/testing/tests/sql/net2net-route-pem/hosts/sun/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/net2net-route-pem/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/sql/net2net-route-pem/hosts/sun/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/net2net-start-pem/evaltest.dat b/testing/tests/sql/net2net-start-pem/evaltest.dat
index eaacd0133..e6b8890f9 100644
--- a/testing/tests/sql/net2net-start-pem/evaltest.dat
+++ b/testing/tests/sql/net2net-start-pem/evaltest.dat
@@ -1,12 +1,12 @@
-moon::ipsec statusall::net-net.*ESTABLISHED::YES
-sun::ipsec statusall::net-net.*ESTABLISHED::YES
-moon::ipsec statusall::net-1.*INSTALLED::YES
-sun::ipsec statusall::net-1.*INSTALLED::YES
-moon::ipsec statusall::net-2.*INSTALLED::YES
-sun::ipsec statusall::net-2.*INSTALLED::YES
-moon::ipsec statusall::net-3.*INSTALLED::YES
-sun::ipsec statusall::net-3.*INSTALLED::YES
+moon:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES
+sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::net-1.*INSTALLED, TUNNEL::YES
+sun:: ipsec status 2> /dev/null::net-1.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::net-2.*INSTALLED, TUNNEL::YES
+sun:: ipsec status 2> /dev/null::net-2.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::net-3.*INSTALLED, TUNNEL::YES
+sun:: ipsec status 2> /dev/null::net-3.*INSTALLED, TUNNEL::YES
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
-bob:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
+bob:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/net2net-start-pem/hosts/moon/etc/ipsec.conf b/testing/tests/sql/net2net-start-pem/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/net2net-start-pem/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/net2net-start-pem/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/net2net-start-pem/hosts/moon/etc/strongswan.conf b/testing/tests/sql/net2net-start-pem/hosts/moon/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/net2net-start-pem/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/net2net-start-pem/hosts/moon/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/net2net-start-pem/hosts/sun/etc/ipsec.conf b/testing/tests/sql/net2net-start-pem/hosts/sun/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/net2net-start-pem/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/sql/net2net-start-pem/hosts/sun/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/net2net-start-pem/hosts/sun/etc/strongswan.conf b/testing/tests/sql/net2net-start-pem/hosts/sun/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/net2net-start-pem/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/sql/net2net-start-pem/hosts/sun/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/net2net-start-pem/pretest.dat b/testing/tests/sql/net2net-start-pem/pretest.dat
index 3e168960d..c09d50f08 100644
--- a/testing/tests/sql/net2net-start-pem/pretest.dat
+++ b/testing/tests/sql/net2net-start-pem/pretest.dat
@@ -8,4 +8,4 @@ moon::/etc/init.d/iptables start 2> /dev/null
sun::/etc/init.d/iptables start 2> /dev/null
sun::ipsec start
moon::ipsec start
-moon::sleep 2
+moon::sleep 3
diff --git a/testing/tests/sql/rw-cert/evaltest.dat b/testing/tests/sql/rw-cert/evaltest.dat
index 06a0f8cda..b545c2289 100644
--- a/testing/tests/sql/rw-cert/evaltest.dat
+++ b/testing/tests/sql/rw-cert/evaltest.dat
@@ -1,10 +1,14 @@
-moon::ipsec statusall::rw.*ESTABLISHED::YES
-carol::ipsec statusall::home.*ESTABLISHED::YES
-dave::ipsec statusall::home.*ESTABLISHED::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
+dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
-
diff --git a/testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.conf b/testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-cert/hosts/carol/etc/strongswan.conf b/testing/tests/sql/rw-cert/hosts/carol/etc/strongswan.conf
index a09081afe..7cd88f5da 100644
--- a/testing/tests/sql/rw-cert/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/rw-cert/hosts/carol/etc/strongswan.conf
@@ -6,7 +6,7 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
libstrongswan {
diff --git a/testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.conf b/testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-cert/hosts/dave/etc/strongswan.conf b/testing/tests/sql/rw-cert/hosts/dave/etc/strongswan.conf
index a09081afe..7cd88f5da 100644
--- a/testing/tests/sql/rw-cert/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/rw-cert/hosts/dave/etc/strongswan.conf
@@ -6,7 +6,7 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
libstrongswan {
diff --git a/testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.conf b/testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-cert/hosts/moon/etc/strongswan.conf b/testing/tests/sql/rw-cert/hosts/moon/etc/strongswan.conf
index a09081afe..7cd88f5da 100644
--- a/testing/tests/sql/rw-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/rw-cert/hosts/moon/etc/strongswan.conf
@@ -6,7 +6,7 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
libstrongswan {
diff --git a/testing/tests/sql/rw-eap-aka-rsa/evaltest.dat b/testing/tests/sql/rw-eap-aka-rsa/evaltest.dat
index aca7b045b..65a7c8e09 100644
--- a/testing/tests/sql/rw-eap-aka-rsa/evaltest.dat
+++ b/testing/tests/sql/rw-eap-aka-rsa/evaltest.dat
@@ -1,8 +1,10 @@
carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA signature successful::YES
carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
-moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
-moon::ipsec statusall::rw-eap-aka.*ESTABLISHED::YES
-carol::ipsec statusall::home.*ESTABLISHED::YES
+moon:: cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw-eap-aka.*ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw-eap-aka.*INSTALLED, TUNNEL::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/ipsec.conf b/testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/strongswan.conf b/testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/strongswan.conf
index 2fdfe3282..f48c123d1 100644
--- a/testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 fips-prf pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql eap-aka eap-aka-3gpp2
+ load = curl aes des sha1 sha2 md5 fips-prf pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql eap-aka eap-aka-3gpp2
}
diff --git a/testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/ipsec.conf b/testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/strongswan.conf b/testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/strongswan.conf
index 3661a7bb9..41951083c 100644
--- a/testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = aes des sha1 sha2 md5 fips-prf pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql eap-aka eap-aka-3gpp2
+ load = aes des sha1 sha2 md5 fips-prf pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql eap-aka eap-aka-3gpp2
}
diff --git a/testing/tests/sql/rw-psk-ipv4/evaltest.dat b/testing/tests/sql/rw-psk-ipv4/evaltest.dat
index 06a0f8cda..1ad36fcaf 100644
--- a/testing/tests/sql/rw-psk-ipv4/evaltest.dat
+++ b/testing/tests/sql/rw-psk-ipv4/evaltest.dat
@@ -1,8 +1,13 @@
-moon::ipsec statusall::rw.*ESTABLISHED::YES
-carol::ipsec statusall::home.*ESTABLISHED::YES
-dave::ipsec statusall::home.*ESTABLISHED::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*\[192.168.0.100].*\[192.168.0.1]::YES
+dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*\[192.168.0.200].*\[192.168.0.1]::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*\[192.168.0.1].*\[192.168.0.100]::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*\[192.168.0.1].*\[192.168.0.200]::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.conf b/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/strongswan.conf b/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/strongswan.conf
index 1120fe649..5e4eb1246 100644
--- a/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.conf b/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/strongswan.conf b/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/strongswan.conf
index 1120fe649..5e4eb1246 100644
--- a/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.conf b/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/strongswan.conf b/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/strongswan.conf
index 1120fe649..5e4eb1246 100644
--- a/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-psk-ipv6/evaltest.dat b/testing/tests/sql/rw-psk-ipv6/evaltest.dat
index cee1853c4..344dfa809 100644
--- a/testing/tests/sql/rw-psk-ipv6/evaltest.dat
+++ b/testing/tests/sql/rw-psk-ipv6/evaltest.dat
@@ -1,8 +1,13 @@
-moon::ipsec statusall::rw.*ESTABLISHED::YES
-carol::ipsec statusall::home.*ESTABLISHED::YES
-dave::ipsec statusall::home.*ESTABLISHED::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*\[fec0.*10].*\[fec0.*1]::YES
+dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*\[fec0.*20].*\[fec0.*1]::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*\[fec0.*1].*\[fec0.*10]::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*\[fec0.*1].*\[fec0.*20]::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
carol::ping6 -c 1 ip6-alice.strongswan.org::64 bytes from ip6-alice.strongswan.org: icmp_seq=1::YES
-dave::ping6 -c 1 ip6-alice.strongswan.org::64 bytes from ip6-alice.strongswan.org: icmp_seq=1::YES
+dave:: ping6 -c 1 ip6-alice.strongswan.org::64 bytes from ip6-alice.strongswan.org: icmp_seq=1::YES
moon::tcpdump::IP6 ip6-carol.strongswan.org > ip6-moon.strongswan.org: ESP::YES
moon::tcpdump::IP6 ip6-moon.strongswan.org > ip6-carol.strongswan.org: ESP::YES
moon::tcpdump::IP6 ip6-dave.strongswan.org > ip6-moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.conf b/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/strongswan.conf b/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/strongswan.conf
index 1120fe649..5e4eb1246 100644
--- a/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.conf b/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/strongswan.conf b/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/strongswan.conf
index 1120fe649..5e4eb1246 100644
--- a/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.conf b/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/strongswan.conf b/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/strongswan.conf
index 1120fe649..5e4eb1246 100644
--- a/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = aes des sha1 sha2 md5 pem pkcs1 gmp random hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-psk-rsa-split/evaltest.dat b/testing/tests/sql/rw-psk-rsa-split/evaltest.dat
index 0e5bd03db..9a1ab3f8f 100644
--- a/testing/tests/sql/rw-psk-rsa-split/evaltest.dat
+++ b/testing/tests/sql/rw-psk-rsa-split/evaltest.dat
@@ -1,11 +1,16 @@
-moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with pre-shared key successful::YES
-moon::cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with pre-shared key successful::YES
-moon::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' (myself) with RSA signature successful::YES
-moon::ipsec statusall::rw.*INSTALLED::YES
-carol::ipsec statusall::home.*ESTABLISHED::YES
-dave::ipsec statusall::home.*ESTABLISHED::YES
+moon:: cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with pre-shared key successful::YES
+moon:: cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with pre-shared key successful::YES
+moon:: cat /var/log/daemon.log::authentication of 'moon.strongswan.org' (myself) with RSA signature successful::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
+dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.conf b/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/strongswan.conf b/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.conf b/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/strongswan.conf b/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.conf b/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/strongswan.conf b/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-rsa-keyid/evaltest.dat b/testing/tests/sql/rw-rsa-keyid/evaltest.dat
index 941df6ac9..26f82653a 100644
--- a/testing/tests/sql/rw-rsa-keyid/evaltest.dat
+++ b/testing/tests/sql/rw-rsa-keyid/evaltest.dat
@@ -1,11 +1,14 @@
-moon::ipsec statusall::rw.*ESTABLISHED.*6a:9c:.*:29:2e.*1f:a1:.*:6e:7c::YES
-moon::ipsec statusall::rw.*ESTABLISHED.*6a:9c:.*:29:2e.*ee:7f:.*:8e:0e::YES
-carol::ipsec statusall::home.*ESTABLISHED.*1f:a1:.*:6e:7c.*6a:9c:.*:29:2e::YES
-dave::ipsec statusall::home.*ESTABLISHED.*ee:7f:.*:8e:0e.*6a:9c:.*:29:2e::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*1f:a1:.*:6e:7c.*6a:9c:.*:29:2e::YES
+dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*ee:7f:.*:8e:0e.*6a:9c:.*:29:2e::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*6a:9c:.*:29:2e.*1f:a1:.*:6e:7c::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*6a:9c:.*:29:2e.*ee:7f:.*:8e:0e::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES
-
diff --git a/testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/ipsec.conf b/testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/strongswan.conf b/testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/strongswan.conf
index 137aecdeb..d37a13039 100644
--- a/testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/ipsec.conf b/testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/strongswan.conf b/testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/strongswan.conf
index 137aecdeb..d37a13039 100644
--- a/testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/ipsec.conf b/testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/strongswan.conf b/testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/strongswan.conf
index 137aecdeb..d37a13039 100644
--- a/testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-rsa/evaltest.dat b/testing/tests/sql/rw-rsa/evaltest.dat
index cc565fb98..f8cfb111b 100644
--- a/testing/tests/sql/rw-rsa/evaltest.dat
+++ b/testing/tests/sql/rw-rsa/evaltest.dat
@@ -1,9 +1,13 @@
-moon::ipsec statusall::rw.*ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
-moon::ipsec statusall::rw.*ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
-carol::ipsec statusall::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
-dave::ipsec statusall::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
+dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave@strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/sql/rw-rsa/hosts/carol/etc/ipsec.conf b/testing/tests/sql/rw-rsa/hosts/carol/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-rsa/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/sql/rw-rsa/hosts/carol/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-rsa/hosts/carol/etc/strongswan.conf b/testing/tests/sql/rw-rsa/hosts/carol/etc/strongswan.conf
index 137aecdeb..d37a13039 100644
--- a/testing/tests/sql/rw-rsa/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/sql/rw-rsa/hosts/carol/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-rsa/hosts/dave/etc/ipsec.conf b/testing/tests/sql/rw-rsa/hosts/dave/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/rw-rsa/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/sql/rw-rsa/hosts/dave/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-rsa/hosts/dave/etc/strongswan.conf b/testing/tests/sql/rw-rsa/hosts/dave/etc/strongswan.conf
index 137aecdeb..d37a13039 100644
--- a/testing/tests/sql/rw-rsa/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/sql/rw-rsa/hosts/dave/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/rw-rsa/hosts/moon/etc/ipsec.conf b/testing/tests/sql/rw-rsa/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/rw-rsa/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/rw-rsa/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/rw-rsa/hosts/moon/etc/strongswan.conf b/testing/tests/sql/rw-rsa/hosts/moon/etc/strongswan.conf
index 137aecdeb..d37a13039 100644
--- a/testing/tests/sql/rw-rsa/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/rw-rsa/hosts/moon/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 pubkey gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
diff --git a/testing/tests/sql/shunt-policies/evaltest.dat b/testing/tests/sql/shunt-policies/evaltest.dat
index 2f6e1a91f..70aea411e 100644
--- a/testing/tests/sql/shunt-policies/evaltest.dat
+++ b/testing/tests/sql/shunt-policies/evaltest.dat
@@ -1,15 +1,19 @@
-moon::ipsec statusall::net-net.*ESTABLISHED::YES
-sun::ipsec statusall::net-net.*ESTABLISHED::YES
+moon:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*moon.strongswan.org.*sun.strongswan.org::YES
+sun:: ipsec status 2> /dev/null::net-net.*ESTABLISHED.*sun.strongswan.org.*moon.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
+sun:: ipsec status 2> /dev/null::net-net.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::local-net.*PASS::YES
+moon:: ipsec status 2> /dev/null::venus-icmp.*DROP::YES
alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
alice::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES
venus::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::NO
venus::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES
-moon::ping -c 1 -I PH_IP_MOON1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
-moon::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-moon::ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
-bob::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-bob::ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES
-bob::ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::NO
+moon:: ping -c 1 -I PH_IP_MOON1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
+moon:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+moon:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
+bob:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+bob:: ping -c 1 PH_IP_MOON1::64 bytes from PH_IP_MOON1: icmp_seq=1::YES
+bob:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::NO
sun::tcpdump::IP moon.strongswan.org > sun.strongswan.org: ESP::YES
sun::tcpdump::IP sun.strongswan.org > moon.strongswan.org: ESP::YES
venus::ssh PH_IP_BOB hostname::bob::YES
diff --git a/testing/tests/sql/shunt-policies/hosts/moon/etc/ipsec.conf b/testing/tests/sql/shunt-policies/hosts/moon/etc/ipsec.conf
index 3bc29625f..a7fa09213 100644
--- a/testing/tests/sql/shunt-policies/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/sql/shunt-policies/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/shunt-policies/hosts/moon/etc/strongswan.conf b/testing/tests/sql/shunt-policies/hosts/moon/etc/strongswan.conf
index 90be03f69..b3a7bc0de 100644
--- a/testing/tests/sql/shunt-policies/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/sql/shunt-policies/hosts/moon/etc/strongswan.conf
@@ -6,6 +6,6 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
install_routes = no
}
diff --git a/testing/tests/sql/shunt-policies/hosts/sun/etc/ipsec.conf b/testing/tests/sql/shunt-policies/hosts/sun/etc/ipsec.conf
index 3bc29625f..a7fa09213 100755..100644
--- a/testing/tests/sql/shunt-policies/hosts/sun/etc/ipsec.conf
+++ b/testing/tests/sql/shunt-policies/hosts/sun/etc/ipsec.conf
@@ -1,8 +1,5 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- crlcheckinterval=180
- strictcrlpolicy=no
- plutostart=no
# configuration is read from SQLite database
diff --git a/testing/tests/sql/shunt-policies/hosts/sun/etc/strongswan.conf b/testing/tests/sql/shunt-policies/hosts/sun/etc/strongswan.conf
index ee9fbbc66..930b72578 100644
--- a/testing/tests/sql/shunt-policies/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/sql/shunt-policies/hosts/sun/etc/strongswan.conf
@@ -6,5 +6,5 @@ charon {
database = sqlite:///etc/ipsec.d/ipsec.db
}
}
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown sqlite sql
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-10 13:16:42 +0000