New upstream version 5.5.1

author: Yves-Alexis Perez <corsac@debian.org> 2016-10-20 16:18:38 +0200
committer: Yves-Alexis Perez <corsac@debian.org> 2016-10-20 16:18:38 +0200
commit: 25663e04c3ab01ef8dc9f906608282319cfea2db (patch)
tree: a0ca5e70f66d74dbe552c996a4f3a285cdfc35e4 /testing/tests/swanctl/rw-newhope-bliss/hosts/dave
parent: bf372706c469764d59e9f29c39e3ecbebd72b8d2 (diff)
download: vyos-strongswan-25663e04c3ab01ef8dc9f906608282319cfea2db.tar.gz
vyos-strongswan-25663e04c3ab01ef8dc9f906608282319cfea2db.zip
5 files changed, 46 insertions, 0 deletions
diff --git a/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/strongswan.conf b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/strongswan.conf
new file mode 100755
index 000000000..83cfb4ee0
--- /dev/null
+++ b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,17 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+swanctl {
+  load = pem pkcs1 x509 revocation constraints pubkey openssl random 
+}
+
+charon {
+  load = random nonce sha1 sha2 sha3 aes chapoly newhope mgf1 bliss hmac pem pkcs1 x509 revocation constraints pubkey gmp random nonce curl kernel-netlink socket-default updown vici 
+
+  send_vendor_id = yes
+  fragment_size = 1500
+
+  start-scripts {
+    creds = /usr/local/sbin/swanctl --load-creds 
+    conns = /usr/local/sbin/swanctl --load-conns
+  } 
+}
diff --git a/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/bliss/daveKey.der b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/bliss/daveKey.der
new file mode 100644
index 000000000..0ec528ddf
--- /dev/null
+++ b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/bliss/daveKey.der
diff --git a/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf
new file mode 100755
index 000000000..13407ed44
--- /dev/null
+++ b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/swanctl.conf
@@ -0,0 +1,29 @@
+connections {
+
+   home {
+      local_addrs  = 192.168.0.200
+      remote_addrs = 192.168.0.1 
+      vips = 0.0.0.0
+
+      local {
+         auth = pubkey
+         certs = daveCert.der
+         id = dave@strongswan.org
+      }
+      remote {
+         auth = pubkey
+         id = moon.strongswan.org 
+      }
+      children {
+         home {
+            remote_ts = 10.1.0.0/16 
+
+            updown = /usr/local/libexec/ipsec/_updown iptables
+            esp_proposals = aes256gcm128-newhope128
+         }
+      }
+      version = 2
+      proposals = aes256-sha256-newhope128
+      fragmentation = yes
+   }
+}
diff --git a/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/x509/daveCert.der b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/x509/daveCert.der
new file mode 100644
index 000000000..75a114339
--- /dev/null
+++ b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/x509/daveCert.der
diff --git a/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/x509ca/strongswan_blissCert.der b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/x509ca/strongswan_blissCert.der
new file mode 100644
index 000000000..fdfd39f13
--- /dev/null
+++ b/testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/x509ca/strongswan_blissCert.der
author	Yves-Alexis Perez <corsac@debian.org>	2016-10-20 16:18:38 +0200
committer	Yves-Alexis Perez <corsac@debian.org>	2016-10-20 16:18:38 +0200
commit	25663e04c3ab01ef8dc9f906608282319cfea2db (patch)
tree	a0ca5e70f66d74dbe552c996a4f3a285cdfc35e4 /testing/tests/swanctl/rw-newhope-bliss/hosts/dave
parent	bf372706c469764d59e9f29c39e3ecbebd72b8d2 (diff)
download	vyos-strongswan-25663e04c3ab01ef8dc9f906608282319cfea2db.tar.gz vyos-strongswan-25663e04c3ab01ef8dc9f906608282319cfea2db.zip