New upstream version 5.5.2

author: Yves-Alexis Perez <corsac@corsac.net> 2017-04-01 16:26:44 +0200
committer: Yves-Alexis Perez <corsac@corsac.net> 2017-04-01 16:26:44 +0200
commit: 05ddd767992d68bb38c7f16ece142e8c2e9ae016 (patch)
tree: 302c618be306d4ed3c7f9fc58a1f6aaad4dd252f /testing/tests/swanctl/protoport-range/hosts
parent: 25663e04c3ab01ef8dc9f906608282319cfea2db (diff)
download: vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.tar.gz
vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.zip
4 files changed, 10 insertions, 10 deletions
diff --git a/testing/tests/swanctl/protoport-range/hosts/carol/etc/strongswan.conf b/testing/tests/swanctl/protoport-range/hosts/carol/etc/strongswan.conf
index 5cf4d0cf1..383a24213 100644
--- a/testing/tests/swanctl/protoport-range/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/swanctl/protoport-range/hosts/carol/etc/strongswan.conf
@@ -1,7 +1,7 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 charon {
-  load = random nonce aes sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac vici kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac vici kernel-netlink socket-default updown
 
   start-scripts {
     creds = /usr/local/sbin/swanctl --load-creds 
diff --git a/testing/tests/swanctl/protoport-range/hosts/carol/etc/swanctl/swanctl.conf b/testing/tests/swanctl/protoport-range/hosts/carol/etc/swanctl/swanctl.conf
index 441417274..a752c2660 100755
--- a/testing/tests/swanctl/protoport-range/hosts/carol/etc/swanctl/swanctl.conf
+++ b/testing/tests/swanctl/protoport-range/hosts/carol/etc/swanctl/swanctl.conf
@@ -19,24 +19,24 @@ connections {
             remote_ts = 10.1.0.0/16[icmp/2048]
 
             updown = /usr/local/libexec/ipsec/_updown iptables
-            esp_proposals = aes128gcm128-modp3072
+            esp_proposals = aes128gcm128-x25519
          }
          icmp-rep {
             local_ts  = dynamic[icmp/0]
             remote_ts = 10.1.0.0/16[icmp/0]
 
             updown = /usr/local/libexec/ipsec/_updown iptables
-            esp_proposals = aes128gcm128-modp3072
+            esp_proposals = aes128gcm128-x25519
          }
          ftp-ssh {
             local_ts  = dynamic[tcp/32768-65535]
             remote_ts = 10.1.0.0/16[tcp/21-22]
             
             updown = /usr/local/libexec/ipsec/_updown iptables
-            esp_proposals = aes128gcm128-modp3072
+            esp_proposals = aes128gcm128-x25519
          }
       }
       version = 2
-      proposals = aes128-sha256-modp3072
+      proposals = aes128-sha256-x25519
    }
 }
diff --git a/testing/tests/swanctl/protoport-range/hosts/moon/etc/strongswan.conf b/testing/tests/swanctl/protoport-range/hosts/moon/etc/strongswan.conf
index 1065d9ab0..383a24213 100644
--- a/testing/tests/swanctl/protoport-range/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/swanctl/protoport-range/hosts/moon/etc/strongswan.conf
@@ -1,7 +1,7 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 charon {
-  load = random nonce aes sha1 sha2 pem pkcs1 gmp random nonce x509 curl revocation hmac vici kernel-netlink socket-default updown
+  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac vici kernel-netlink socket-default updown
 
   start-scripts {
     creds = /usr/local/sbin/swanctl --load-creds 
diff --git a/testing/tests/swanctl/protoport-range/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/swanctl/protoport-range/hosts/moon/etc/swanctl/swanctl.conf
index c5a2a7150..3d140a335 100755
--- a/testing/tests/swanctl/protoport-range/hosts/moon/etc/swanctl/swanctl.conf
+++ b/testing/tests/swanctl/protoport-range/hosts/moon/etc/swanctl/swanctl.conf
@@ -18,7 +18,7 @@ connections {
 
             hostaccess = yes
             updown = /usr/local/libexec/ipsec/_updown iptables
-            esp_proposals = aes128gcm128-modp3072
+            esp_proposals = aes128gcm128-x25519
          }
          icmp-rep {
             local_ts  = 10.1.0.0/16[icmp/0]
@@ -26,7 +26,7 @@ connections {
 
             hostaccess = yes
             updown = /usr/local/libexec/ipsec/_updown iptables
-            esp_proposals = aes128gcm128-modp3072
+            esp_proposals = aes128gcm128-x25519
          }
          ftp-ssh {
             local_ts  = 10.1.0.0/16[tcp/21-22]
@@ -34,10 +34,10 @@ connections {
 
             hostaccess = yes
             updown = /usr/local/libexec/ipsec/_updown iptables
-            esp_proposals = aes128gcm128-modp3072
+            esp_proposals = aes128gcm128-x25519
          }
       }
       version = 2
-      proposals = aes128-sha256-modp3072
+      proposals = aes128-sha256-x25519
    }
 }
author	Yves-Alexis Perez <corsac@corsac.net>	2017-04-01 16:26:44 +0200
committer	Yves-Alexis Perez <corsac@corsac.net>	2017-04-01 16:26:44 +0200
commit	05ddd767992d68bb38c7f16ece142e8c2e9ae016 (patch)
tree	302c618be306d4ed3c7f9fc58a1f6aaad4dd252f /testing/tests/swanctl/protoport-range/hosts
parent	25663e04c3ab01ef8dc9f906608282319cfea2db (diff)
download	vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.tar.gz vyos-strongswan-05ddd767992d68bb38c7f16ece142e8c2e9ae016.zip