summaryrefslogtreecommitdiff
path: root/testing/tests/tnc/tnccs-20-os
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@debian.org>2013-08-25 15:37:26 +0200
committerYves-Alexis Perez <corsac@debian.org>2013-08-25 15:37:26 +0200
commit6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349 (patch)
tree009fc492961e13860d2a4bc2de8caf2bbe2975e7 /testing/tests/tnc/tnccs-20-os
parentc83921a2b566aa9d55d8ccc7258f04fca6292ee6 (diff)
downloadvyos-strongswan-6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349.tar.gz
vyos-strongswan-6b99c8d9cff7b3e8ae8f3204b99e7ea40f791349.zip
Imported Upstream version 5.1.0
Diffstat (limited to 'testing/tests/tnc/tnccs-20-os')
-rw-r--r--testing/tests/tnc/tnccs-20-os/description.txt13
-rw-r--r--testing/tests/tnc/tnccs-20-os/evaltest.dat4
-rw-r--r--testing/tests/tnc/tnccs-20-os/hosts/dave/etc/strongswan.conf4
-rw-r--r--testing/tests/tnc/tnccs-20-os/hosts/moon/etc/pts/data.sql892
-rw-r--r--testing/tests/tnc/tnccs-20-os/hosts/moon/etc/pts/data.sql~852
-rw-r--r--testing/tests/tnc/tnccs-20-os/hosts/moon/etc/strongswan.conf9
-rw-r--r--testing/tests/tnc/tnccs-20-os/pretest.dat3
7 files changed, 1757 insertions, 20 deletions
diff --git a/testing/tests/tnc/tnccs-20-os/description.txt b/testing/tests/tnc/tnccs-20-os/description.txt
index b5d12fc8c..f660a0b63 100644
--- a/testing/tests/tnc/tnccs-20-os/description.txt
+++ b/testing/tests/tnc/tnccs-20-os/description.txt
@@ -9,12 +9,13 @@ exchange PA-TNC attributes.
<p>
<b>carol</b> sends information on her operating system consisting of the PA-TNC attributes
<em>Product Information</em>, <em>String Version</em>, <em>Numeric Version</em>,
-<em>Operational Status</em>, <em>Forwarding Enabled</em>, and
-<em>Factory Default Password Enabled</em> up-front, whereas <b>dave</b> must be prompted
-by the IMV to do so via an <em>Attribute Request</em> PA-TNC attribute. <b>carol</b> is
-then prompted to send a list of installed packages using the <em>Installed Packages</em>
-PA-TNC attribute whereas <b>dave</b>'s "Windows 1.2.3" operating system is not supported
-and thus <b>dave</b> receives a <em>Remediation Instructions</em> PA-TNC attribute.
+<em>Operational Status</em>, <em>Forwarding Enabled</em>, <em>Factory Default Password Enabled</em>
+and <em>Device ID> up-front, whereas <b>dave</b> must be prompted by the IMV to do so via an
+<em>Attribute Request</em> PA-TNC attribute. <b>carol</b> is then prompted to send a list of
+installed packages using the <em>Installed Packages</em> PA-TNC attribute. Since <b>dave</b>
+successfully connected to the VPN gateway shortly before, no new list of installed packages is
+requested again but because IP forwarding is enabled <b>dave</b> receives a corresponding
+<em>Remediation Instructions</em> PA-TNC attribute.
<p>
<b>carol</b> passes the health test and <b>dave</b> fails. Based on these assessments
which are communicated to the IMCs using the <em>Assessment Result</em> PA-TNC attribute,
diff --git a/testing/tests/tnc/tnccs-20-os/evaltest.dat b/testing/tests/tnc/tnccs-20-os/evaltest.dat
index c780c4a48..0d3f55b45 100644
--- a/testing/tests/tnc/tnccs-20-os/evaltest.dat
+++ b/testing/tests/tnc/tnccs-20-os/evaltest.dat
@@ -6,10 +6,10 @@ dave:: cat /var/log/daemon.log::PB-TNC access recommendation is 'Quarantined'::Y
dave:: cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established::YES
dave:: cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
dave:: cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.200/32 === 10.1.0.16/28::YES
-moon:: ipsec attest --devices 2> /dev/null::Debian 7.0 x86_64.*carol@strongswan.org::YES
+moon:: ipsec attest --sessions 2> /dev/null::Debian 7.0 x86_64.*carol@strongswan.org - allow::YES
moon:: cat /var/log/daemon.log::added group membership 'allow'::YES
moon:: cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
-moon:: ipsec attest --devices 2> /dev/null::Windows 1.2.3.*dave@strongswan.org::YES
+moon:: ipsec attest --sessions 2> /dev/null::Debian 7.0 x86_64.*dave@strongswan.org - isolate::YES
moon:: cat /var/log/daemon.log::added group membership 'isolate'::YES
moon:: cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with EAP successful::YES
moon:: ipsec statusall 2> /dev/null::rw-allow.*10.1.0.0/28 === 192.168.0.100/32::YES
diff --git a/testing/tests/tnc/tnccs-20-os/hosts/dave/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-os/hosts/dave/etc/strongswan.conf
index 149f51d65..49f778f5b 100644
--- a/testing/tests/tnc/tnccs-20-os/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-20-os/hosts/dave/etc/strongswan.conf
@@ -14,10 +14,6 @@ charon {
}
libimcv {
- os_info {
- name = Windows
- version = 1.2.3
- }
plugins {
imc-os {
push_info = no
diff --git a/testing/tests/tnc/tnccs-20-os/hosts/moon/etc/pts/data.sql b/testing/tests/tnc/tnccs-20-os/hosts/moon/etc/pts/data.sql
new file mode 100644
index 000000000..d17aac15e
--- /dev/null
+++ b/testing/tests/tnc/tnccs-20-os/hosts/moon/etc/pts/data.sql
@@ -0,0 +1,892 @@
+/* Products */
+
+INSERT INTO products ( /* 1 */
+ name
+) VALUES (
+ 'Debian 6.0 i686'
+);
+
+INSERT INTO products ( /* 2 */
+ name
+) VALUES (
+ 'Debian 6.0 x86_64'
+);
+
+INSERT INTO products ( /* 3 */
+ name
+) VALUES (
+ 'Debian 7.0 i686'
+);
+
+INSERT INTO products ( /* 4 */
+ name
+) VALUES (
+ 'Debian 7.0 x86_64'
+);
+
+INSERT INTO products ( /* 5 */
+ name
+) VALUES (
+ 'Debian 8.0 i686'
+);
+
+INSERT INTO products ( /* 6 */
+ name
+) VALUES (
+ 'Debian 8.0 x86_64'
+);
+
+INSERT INTO products ( /* 7 */
+ name
+) VALUES (
+ 'Ubuntu 10.04 i686'
+);
+
+INSERT INTO products ( /* 8 */
+ name
+) VALUES (
+ 'Ubuntu 10.04 x86_64'
+);
+
+INSERT INTO products ( /* 9 */
+ name
+) VALUES (
+ 'Ubuntu 10.10 i686'
+);
+
+INSERT INTO products ( /* 10 */
+ name
+) VALUES (
+ 'Ubuntu 10.10 x86_64'
+);
+
+INSERT INTO products ( /* 11 */
+ name
+) VALUES (
+ 'Ubuntu 11.04 i686'
+);
+
+INSERT INTO products ( /* 12 */
+ name
+) VALUES (
+ 'Ubuntu 11.04 x86_64'
+);
+
+INSERT INTO products ( /* 13 */
+ name
+) VALUES (
+ 'Ubuntu 11.10 i686'
+);
+
+INSERT INTO products ( /* 14 */
+ name
+) VALUES (
+ 'Ubuntu 11.10 x86_64'
+);
+
+INSERT INTO products ( /* 15 */
+ name
+) VALUES (
+ 'Ubuntu 12.04 i686'
+);
+
+INSERT INTO products ( /* 16 */
+ name
+) VALUES (
+ 'Ubuntu 12.04 x86_64'
+);
+
+INSERT INTO products ( /* 17 */
+ name
+) VALUES (
+ 'Ubuntu 12.10 i686'
+);
+
+INSERT INTO products ( /* 18 */
+ name
+) VALUES (
+ 'Ubuntu 12.10 x86_64'
+);
+
+INSERT INTO products ( /* 19 */
+ name
+) VALUES (
+ 'Ubuntu 13.04 i686'
+);
+
+INSERT INTO products ( /* 20 */
+ name
+) VALUES (
+ 'Ubuntu 13.04 x86_64'
+);
+
+INSERT INTO products ( /* 21 */
+ name
+) VALUES (
+ 'Android 4.1.1'
+);
+
+INSERT INTO products ( /* 22 */
+ name
+) VALUES (
+ 'Android 4.2.1'
+);
+
+/* Directories */
+
+INSERT INTO directories ( /* 1 */
+ path
+) VALUES (
+ '/bin'
+);
+
+INSERT INTO directories ( /* 2 */
+ path
+) VALUES (
+ '/etc'
+);
+
+INSERT INTO directories ( /* 3 */
+ path
+) VALUES (
+ '/lib'
+);
+
+INSERT INTO directories ( /* 4 */
+ path
+) VALUES (
+ '/lib/i386-linux-gnu'
+);
+
+INSERT INTO directories ( /* 5 */
+ path
+) VALUES (
+ '/lib/x86_64-linux-gnu'
+);
+
+INSERT INTO directories ( /* 6 */
+ path
+) VALUES (
+ '/lib/xtables'
+);
+
+INSERT INTO directories ( /* 7 */
+ path
+) VALUES (
+ '/sbin'
+);
+
+INSERT INTO directories ( /* 8 */
+ path
+) VALUES (
+ '/usr/bin'
+);
+
+INSERT INTO directories ( /* 9 */
+ path
+) VALUES (
+ '/usr/lib'
+);
+
+INSERT INTO directories ( /* 10 */
+ path
+) VALUES (
+ '/usr/lib/i386-linux-gnu'
+);
+
+INSERT INTO directories ( /* 11 */
+ path
+) VALUES (
+ '/usr/lib/x86_64-linux-gnu'
+);
+
+INSERT INTO directories ( /* 12 */
+ path
+) VALUES (
+ '/usr/sbin'
+);
+
+INSERT INTO directories ( /* 13 */
+ path
+) VALUES (
+ '/system/bin'
+);
+
+INSERT INTO directories ( /* 14 */
+ path
+) VALUES (
+ '/system/lib'
+);
+
+/* Files */
+
+INSERT INTO files ( /* 1 */
+ name, dir
+) VALUES (
+ 'libcrypto.so.1.0.0', 5
+);
+
+INSERT INTO files ( /* 2 */
+ name, dir
+) VALUES (
+ 'libcrypto.so.1.0.0', 11
+);
+
+INSERT INTO files ( /* 3 */
+ name, dir
+) VALUES (
+ 'libssl.so.1.0.0', 5
+);
+
+INSERT INTO files ( /* 4 */
+ name, dir
+) VALUES (
+ 'libssl.so.1.0.0', 11
+);
+
+INSERT INTO files ( /* 5 */
+ name, dir
+) VALUES (
+ 'openssl', 8
+);
+
+INSERT INTO files ( /* 6 */
+ name, dir
+) VALUES (
+ 'tnc_config', 2
+);
+
+/* Algorithms */
+
+INSERT INTO algorithms (
+ id, name
+) VALUES (
+ 65536, 'SHA1-IMA'
+);
+
+INSERT INTO algorithms (
+ id, name
+) VALUES (
+ 32768, 'SHA1'
+);
+
+INSERT INTO algorithms (
+ id, name
+) VALUES (
+ 16384, 'SHA256'
+);
+
+INSERT INTO algorithms (
+ id, name
+) VALUES (
+ 8192, 'SHA384'
+);
+
+/* File Hashes */
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 2, 32768, X'6c6f8e12f6cbfba612e780374c4cdcd40f20968a'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 2, 16384, X'dbcecd19d59310183cf5c31ddee29e8d7bec64d3f9583aad074330a1b3024b07'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 2, 8192, X'197c5385e5853003188833d4f991136c1b0875fa416a60b1159f64e57e457b3184762c884a802a2bda194c058e3bd953'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 4, 32768, X'3ad204f99eb7262efab79cfca02628870ea76361'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 4, 16384, X'3a2170aad92fdd58b55e0e199822bc873cf587b2d1eb1ed7ed8dcea97ae86376'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 4, 8192, X'f778076baa876b5e4b502494a3db081fb09dd870dee6991d54104a74b7e009c58fe261db5ffd13c11e08ef0cefcfa59f'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 5, 32768, X'ecd9c7076cc0572724c7a67db7f19c2831e0445f'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 5, 16384, X'28f3ea5afd34444c8232ea75003131e294a0c9b847de300e4b205d38c1a41305'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 5, 8192, X'51921a8b9322f2d3f06d55002ff40a79da67e70cb563b2a50977642d603dfac2ccbb68b3d32a8bb350769b75d6254208'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 1, 32768, X'd9309b9e45928239d7a7b18711e690792632cce4'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 1, 16384, X'dbfa1856d278d8707c4989b30dd065b4bcd309908f0f2e6e66ff2aa83ff93f59'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 1, 8192, X'fb8d027f03bb5ebb47741ed247eb9e174127b714d20229885feb37e0979aeb14a1b74020cded891d680441093625729c'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 3, 32768, X'3715f2f94016a91fab5bbc503f0f1d43c5a9fc2b'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 3, 16384, X'c03a5296b5decb87b01517f9927a8b2349dfb29ff9f5ba084f994c155ca5d4be'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 3, 8192, X'b8bc345f56115235cc6091f61e312ce43ea54a5b99e7295002ae7b415fd35e06ec4c731ab70ad00d784bb53a318a2fa0'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 5, 32768, X'e59602f4edf24c1b36199588886d06665d4adcd7'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 5, 16384, X'090e1b77bda7fe665e498c6b5e09dbb7ddc5cfe57f213de48f4fb6736484f500'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 5, 8192, X'7cbdb4612a13443dba910ecdef5161f2213e52c9b4a2eef14bcee5d287e9df931cd022e9e9715518ad9c9b6e3384a668'
+);
+
+/* Packages */
+
+INSERT INTO packages ( /* 1 */
+ name
+) VALUES (
+ 'libssl-dev'
+);
+
+INSERT INTO packages ( /* 2 */
+ name
+) VALUES (
+ 'libssl1.0.0'
+);
+
+INSERT INTO packages ( /* 3 */
+ name
+) VALUES (
+ 'libssl1.0.0-dbg'
+);
+
+INSERT INTO packages ( /* 4 */
+ name
+) VALUES (
+ 'openssl'
+);
+
+/* Versions */
+
+INSERT INTO versions (
+ package, product, release, time
+) VALUES (
+ 1, 4, '1.0.1e-2', 1366531494
+);
+
+INSERT INTO versions (
+ package, product, release, time
+) VALUES (
+ 2, 4, '1.0.1e-2', 1366531494
+);
+
+INSERT INTO versions (
+ package, product, release, time
+) VALUES (
+ 3, 4, '1.0.1e-2', 1366531494
+);
+
+INSERT INTO versions (
+ package, product, release, time
+) VALUES (
+ 4, 4, '1.0.1e-2', 1366531494
+);
+
+/* Components */
+
+INSERT INTO components (
+ vendor_id, name, qualifier
+) VALUES (
+ 36906, 1, 33 /* ITA TGRUB */
+);
+
+INSERT INTO components (
+ vendor_id, name, qualifier
+) VALUES (
+ 36906, 2, 33 /* ITA TBOOT */
+);
+
+INSERT INTO components (
+ vendor_id, name, qualifier
+) VALUES (
+ 36906, 3, 33 /* ITA IMA - Trusted Platform */
+);
+
+INSERT INTO components (
+ vendor_id, name, qualifier
+) VALUES (
+ 36906, 3, 34 /* ITA IMA - Operating System */
+);
+
+/* Groups */
+
+INSERT INTO groups ( /* 1 */
+ name
+) VALUES (
+ 'Default'
+);
+
+INSERT INTO groups ( /* 2 */
+ name, parent
+) VALUES (
+ 'Linux', 1
+);
+
+INSERT INTO groups ( /* 3 */
+ name, parent
+) VALUES (
+ 'Android', 1
+);
+
+INSERT INTO groups ( /* 4 */
+ name, parent
+) VALUES (
+ 'Debian i686', 2
+);
+
+INSERT INTO groups ( /* 5 */
+ name, parent
+) VALUES (
+ 'Debian x86_64', 2
+);
+
+INSERT INTO groups ( /* 6 */
+ name, parent
+) VALUES (
+ 'Ubuntu i686', 2
+);
+
+INSERT INTO groups ( /* 7 */
+ name, parent
+) VALUES (
+ 'Ubuntu x86_64', 2
+);
+
+INSERT INTO groups ( /* 8 */
+ name
+) VALUES (
+ 'Reference'
+);
+
+INSERT INTO groups ( /* 9 */
+ name, parent
+) VALUES (
+ 'Ref. Android', 8
+);
+
+INSERT INTO groups ( /* 10 */
+ name, parent
+) VALUES (
+ 'Ref. Linux', 8
+);
+
+/* Default Product Groups */
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 4, 1
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 4, 3
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 4, 5
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 5, 2
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 5, 4
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 5, 6
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 7
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 9
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 11
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 13
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 15
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 17
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 19
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 8
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 10
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 12
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 14
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 16
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 18
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 20
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 3, 21
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 3, 22
+);
+
+/* Devices */
+
+INSERT INTO devices ( /* 1 */
+ value, product, created
+) VALUES (
+ 'aabbccddeeff11223344556677889900', 4, 1372330615
+);
+
+/* Groups Members */
+
+INSERT INTO groups_members (
+ group_id, device_id
+) VALUES (
+ 5, 1
+);
+
+/* Identities */
+
+INSERT INTO identities (
+ type, value
+) VALUES ( /* dave@strongswan.org */
+ 4, X'64617665407374726f6e677377616e2e6f7267'
+);
+
+/* Sessions */
+
+INSERT INTO sessions (
+ time, connection, identity, device, product, rec
+) VALUES (
+ NOW, 1, 1, 1, 4, 0
+);
+
+/* Results */
+
+INSERT INTO results (
+ session, policy, rec, result
+) VALUES (
+ 1, 1, 0, 'processed 355 packages: 0 not updated, 0 blacklisted, 4 ok, 351 not found'
+);
+
+/* Policies */
+
+INSERT INTO policies ( /* 1 */
+ type, name, rec_fail, rec_noresult
+) VALUES (
+ 1, 'Installed Packages', 2, 2
+);
+
+INSERT INTO policies ( /* 2 */
+ type, name, rec_fail, rec_noresult
+) VALUES (
+ 2, 'Unknown Source', 2, 2
+);
+
+INSERT INTO policies ( /* 3 */
+ type, name, rec_fail, rec_noresult
+) VALUES (
+ 3, 'IP Forwarding Enabled', 1, 1
+);
+
+INSERT INTO policies ( /* 4 */
+ type, name, rec_fail, rec_noresult
+) VALUES (
+ 4, 'Default Factory Password Enabled', 1, 1
+);
+
+INSERT INTO policies ( /* 5 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 6, 'Measure /lib/x86_64-linux-gnu/libcrypto.so.1.0.0', 1, 2, 2
+);
+
+INSERT INTO policies ( /* 6 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 6, 'Measure /lib/x86_64-linux-gnu/libssl.so.1.0.0', 3, 2, 2
+);
+
+INSERT INTO policies ( /* 7 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 6, 'Measure /usr/bin/openssl', 5, 2, 2
+);
+
+INSERT INTO policies ( /* 8 */
+ type, name, rec_fail, rec_noresult
+) VALUES (
+ 11, 'No Open TCP Ports', 1, 1
+);
+
+INSERT INTO policies ( /* 9 */
+ type, name, argument, rec_fail, rec_noresult
+) VALUES (
+ 13, 'Open UDP Ports', '500 4500 10000-65000', 1, 1
+);
+
+INSERT INTO policies ( /* 10 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 7, 'Metadata of /etc/tnc_config', 6, 0, 0
+);
+
+INSERT INTO policies ( /* 11 */
+ type, name, dir, rec_fail, rec_noresult
+) VALUES (
+ 8, 'Get /bin', 1, 0, 0
+);
+
+INSERT INTO policies ( /* 12 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 6, 'Measure /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0', 2, 2, 2
+);
+
+INSERT INTO policies ( /* 13 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 6, 'Measure /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0', 4, 2, 2
+);
+
+INSERT INTO policies ( /* 14 */
+ type, name, dir, rec_fail, rec_noresult
+) VALUES (
+ 8, 'Get /system/bin', 13, 0, 0
+);
+
+INSERT INTO policies ( /* 15 */
+ type, name, dir, rec_fail, rec_noresult
+) VALUES (
+ 8, 'Get /system/lib', 14, 0, 0
+);
+
+INSERT INTO policies ( /* 16 */
+ type, name, dir, rec_fail, rec_noresult
+) VALUES (
+ 9, 'Measure /bin', 1, 2, 2
+);
+
+/* Enforcements */
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 1, 1, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 2, 3, 0
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age, rec_fail, rec_noresult
+) VALUES (
+ 3, 2, 0, 2, 2
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 5, 7, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 6, 7, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 7, 2, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 8, 1, 60
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 9, 1, 60
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 10, 2, 60
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 11, 10, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 12, 5, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 13, 5, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 14, 9, 0
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 15, 9, 0
+);
+
diff --git a/testing/tests/tnc/tnccs-20-os/hosts/moon/etc/pts/data.sql~ b/testing/tests/tnc/tnccs-20-os/hosts/moon/etc/pts/data.sql~
new file mode 100644
index 000000000..7373dd4b6
--- /dev/null
+++ b/testing/tests/tnc/tnccs-20-os/hosts/moon/etc/pts/data.sql~
@@ -0,0 +1,852 @@
+/* Products */
+
+INSERT INTO products ( /* 1 */
+ name
+) VALUES (
+ 'Debian 6.0 i686'
+);
+
+INSERT INTO products ( /* 2 */
+ name
+) VALUES (
+ 'Debian 6.0 x86_64'
+);
+
+INSERT INTO products ( /* 3 */
+ name
+) VALUES (
+ 'Debian 7.0 i686'
+);
+
+INSERT INTO products ( /* 4 */
+ name
+) VALUES (
+ 'Debian 7.0 x86_64'
+);
+
+INSERT INTO products ( /* 5 */
+ name
+) VALUES (
+ 'Debian 8.0 i686'
+);
+
+INSERT INTO products ( /* 6 */
+ name
+) VALUES (
+ 'Debian 8.0 x86_64'
+);
+
+INSERT INTO products ( /* 7 */
+ name
+) VALUES (
+ 'Ubuntu 10.04 i686'
+);
+
+INSERT INTO products ( /* 8 */
+ name
+) VALUES (
+ 'Ubuntu 10.04 x86_64'
+);
+
+INSERT INTO products ( /* 9 */
+ name
+) VALUES (
+ 'Ubuntu 10.10 i686'
+);
+
+INSERT INTO products ( /* 10 */
+ name
+) VALUES (
+ 'Ubuntu 10.10 x86_64'
+);
+
+INSERT INTO products ( /* 11 */
+ name
+) VALUES (
+ 'Ubuntu 11.04 i686'
+);
+
+INSERT INTO products ( /* 12 */
+ name
+) VALUES (
+ 'Ubuntu 11.04 x86_64'
+);
+
+INSERT INTO products ( /* 13 */
+ name
+) VALUES (
+ 'Ubuntu 11.10 i686'
+);
+
+INSERT INTO products ( /* 14 */
+ name
+) VALUES (
+ 'Ubuntu 11.10 x86_64'
+);
+
+INSERT INTO products ( /* 15 */
+ name
+) VALUES (
+ 'Ubuntu 12.04 i686'
+);
+
+INSERT INTO products ( /* 16 */
+ name
+) VALUES (
+ 'Ubuntu 12.04 x86_64'
+);
+
+INSERT INTO products ( /* 17 */
+ name
+) VALUES (
+ 'Ubuntu 12.10 i686'
+);
+
+INSERT INTO products ( /* 18 */
+ name
+) VALUES (
+ 'Ubuntu 12.10 x86_64'
+);
+
+INSERT INTO products ( /* 19 */
+ name
+) VALUES (
+ 'Ubuntu 13.04 i686'
+);
+
+INSERT INTO products ( /* 20 */
+ name
+) VALUES (
+ 'Ubuntu 13.04 x86_64'
+);
+
+INSERT INTO products ( /* 21 */
+ name
+) VALUES (
+ 'Android 4.1.1'
+);
+
+INSERT INTO products ( /* 22 */
+ name
+) VALUES (
+ 'Android 4.2.1'
+);
+
+/* Directories */
+
+INSERT INTO directories ( /* 1 */
+ path
+) VALUES (
+ '/bin'
+);
+
+INSERT INTO directories ( /* 2 */
+ path
+) VALUES (
+ '/etc'
+);
+
+INSERT INTO directories ( /* 3 */
+ path
+) VALUES (
+ '/lib'
+);
+
+INSERT INTO directories ( /* 4 */
+ path
+) VALUES (
+ '/lib/i386-linux-gnu'
+);
+
+INSERT INTO directories ( /* 5 */
+ path
+) VALUES (
+ '/lib/x86_64-linux-gnu'
+);
+
+INSERT INTO directories ( /* 6 */
+ path
+) VALUES (
+ '/lib/xtables'
+);
+
+INSERT INTO directories ( /* 7 */
+ path
+) VALUES (
+ '/sbin'
+);
+
+INSERT INTO directories ( /* 8 */
+ path
+) VALUES (
+ '/usr/bin'
+);
+
+INSERT INTO directories ( /* 9 */
+ path
+) VALUES (
+ '/usr/lib'
+);
+
+INSERT INTO directories ( /* 10 */
+ path
+) VALUES (
+ '/usr/lib/i386-linux-gnu'
+);
+
+INSERT INTO directories ( /* 11 */
+ path
+) VALUES (
+ '/usr/lib/x86_64-linux-gnu'
+);
+
+INSERT INTO directories ( /* 12 */
+ path
+) VALUES (
+ '/usr/sbin'
+);
+
+INSERT INTO directories ( /* 13 */
+ path
+) VALUES (
+ '/system/bin'
+);
+
+INSERT INTO directories ( /* 14 */
+ path
+) VALUES (
+ '/system/lib'
+);
+
+/* Files */
+
+INSERT INTO files ( /* 1 */
+ name, dir
+) VALUES (
+ 'libcrypto.so.1.0.0', 5
+);
+
+INSERT INTO files ( /* 2 */
+ name, dir
+) VALUES (
+ 'libcrypto.so.1.0.0', 11
+);
+
+INSERT INTO files ( /* 3 */
+ name, dir
+) VALUES (
+ 'libssl.so.1.0.0', 5
+);
+
+INSERT INTO files ( /* 4 */
+ name, dir
+) VALUES (
+ 'libssl.so.1.0.0', 11
+);
+
+INSERT INTO files ( /* 5 */
+ name, dir
+) VALUES (
+ 'openssl', 8
+);
+
+INSERT INTO files ( /* 6 */
+ name, dir
+) VALUES (
+ 'tnc_config', 2
+);
+
+/* Algorithms */
+
+INSERT INTO algorithms (
+ id, name
+) VALUES (
+ 65536, 'SHA1-IMA'
+);
+
+INSERT INTO algorithms (
+ id, name
+) VALUES (
+ 32768, 'SHA1'
+);
+
+INSERT INTO algorithms (
+ id, name
+) VALUES (
+ 16384, 'SHA256'
+);
+
+INSERT INTO algorithms (
+ id, name
+) VALUES (
+ 8192, 'SHA384'
+);
+
+/* File Hashes */
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 2, 32768, X'6c6f8e12f6cbfba612e780374c4cdcd40f20968a'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 2, 16384, X'dbcecd19d59310183cf5c31ddee29e8d7bec64d3f9583aad074330a1b3024b07'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 2, 8192, X'197c5385e5853003188833d4f991136c1b0875fa416a60b1159f64e57e457b3184762c884a802a2bda194c058e3bd953'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 4, 32768, X'3ad204f99eb7262efab79cfca02628870ea76361'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 4, 16384, X'3a2170aad92fdd58b55e0e199822bc873cf587b2d1eb1ed7ed8dcea97ae86376'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 4, 8192, X'f778076baa876b5e4b502494a3db081fb09dd870dee6991d54104a74b7e009c58fe261db5ffd13c11e08ef0cefcfa59f'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 5, 32768, X'ecd9c7076cc0572724c7a67db7f19c2831e0445f'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 5, 16384, X'28f3ea5afd34444c8232ea75003131e294a0c9b847de300e4b205d38c1a41305'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 4, 5, 8192, X'51921a8b9322f2d3f06d55002ff40a79da67e70cb563b2a50977642d603dfac2ccbb68b3d32a8bb350769b75d6254208'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 1, 32768, X'd9309b9e45928239d7a7b18711e690792632cce4'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 1, 16384, X'dbfa1856d278d8707c4989b30dd065b4bcd309908f0f2e6e66ff2aa83ff93f59'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 1, 8192, X'fb8d027f03bb5ebb47741ed247eb9e174127b714d20229885feb37e0979aeb14a1b74020cded891d680441093625729c'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 3, 32768, X'3715f2f94016a91fab5bbc503f0f1d43c5a9fc2b'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 3, 16384, X'c03a5296b5decb87b01517f9927a8b2349dfb29ff9f5ba084f994c155ca5d4be'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 3, 8192, X'b8bc345f56115235cc6091f61e312ce43ea54a5b99e7295002ae7b415fd35e06ec4c731ab70ad00d784bb53a318a2fa0'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 5, 32768, X'e59602f4edf24c1b36199588886d06665d4adcd7'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 5, 16384, X'090e1b77bda7fe665e498c6b5e09dbb7ddc5cfe57f213de48f4fb6736484f500'
+);
+
+INSERT INTO file_hashes (
+ product, file, algo, hash
+) VALUES (
+ 18, 5, 8192, X'7cbdb4612a13443dba910ecdef5161f2213e52c9b4a2eef14bcee5d287e9df931cd022e9e9715518ad9c9b6e3384a668'
+);
+
+/* Packages */
+
+INSERT INTO packages ( /* 1 */
+ name
+) VALUES (
+ 'libssl-dev'
+);
+
+INSERT INTO packages ( /* 2 */
+ name
+) VALUES (
+ 'libssl1.0.0'
+);
+
+INSERT INTO packages ( /* 3 */
+ name
+) VALUES (
+ 'libssl1.0.0-dbg'
+);
+
+INSERT INTO packages ( /* 4 */
+ name
+) VALUES (
+ 'openssl'
+);
+
+/* Versions */
+
+INSERT INTO versions (
+ package, product, release, time
+) VALUES (
+ 1, 4, '1.0.1e-2', 1366531494
+);
+
+INSERT INTO versions (
+ package, product, release, time
+) VALUES (
+ 2, 4, '1.0.1e-2', 1366531494
+);
+
+INSERT INTO versions (
+ package, product, release, time
+) VALUES (
+ 3, 4, '1.0.1e-2', 1366531494
+);
+
+INSERT INTO versions (
+ package, product, release, time
+) VALUES (
+ 4, 4, '1.0.1e-2', 1366531494
+);
+
+/* Components */
+
+INSERT INTO components (
+ vendor_id, name, qualifier
+) VALUES (
+ 36906, 1, 33 /* ITA TGRUB */
+);
+
+INSERT INTO components (
+ vendor_id, name, qualifier
+) VALUES (
+ 36906, 2, 33 /* ITA TBOOT */
+);
+
+INSERT INTO components (
+ vendor_id, name, qualifier
+) VALUES (
+ 36906, 3, 33 /* ITA IMA - Trusted Platform */
+);
+
+INSERT INTO components (
+ vendor_id, name, qualifier
+) VALUES (
+ 36906, 3, 34 /* ITA IMA - Operating System */
+);
+
+/* Groups */
+
+INSERT INTO groups ( /* 1 */
+ name
+) VALUES (
+ 'Default'
+);
+
+INSERT INTO groups ( /* 2 */
+ name, parent
+) VALUES (
+ 'Linux', 1
+);
+
+INSERT INTO groups ( /* 3 */
+ name, parent
+) VALUES (
+ 'Android', 1
+);
+
+INSERT INTO groups ( /* 4 */
+ name, parent
+) VALUES (
+ 'Debian i686', 2
+);
+
+INSERT INTO groups ( /* 5 */
+ name, parent
+) VALUES (
+ 'Debian x86_64', 2
+);
+
+INSERT INTO groups ( /* 6 */
+ name, parent
+) VALUES (
+ 'Ubuntu i686', 2
+);
+
+INSERT INTO groups ( /* 7 */
+ name, parent
+) VALUES (
+ 'Ubuntu x86_64', 2
+);
+
+INSERT INTO groups ( /* 8 */
+ name
+) VALUES (
+ 'Reference'
+);
+
+INSERT INTO groups ( /* 9 */
+ name, parent
+) VALUES (
+ 'Ref. Android', 8
+);
+
+INSERT INTO groups ( /* 10 */
+ name, parent
+) VALUES (
+ 'Ref. Linux', 8
+);
+
+/* Default Product Groups */
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 4, 1
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 4, 3
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 4, 5
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 5, 2
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 5, 4
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 5, 6
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 7
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 9
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 11
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 13
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 15
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 17
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 6, 19
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 8
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 10
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 12
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 14
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 16
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 18
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 7, 20
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 3, 21
+);
+
+INSERT INTO groups_product_defaults (
+ group_id, product_id
+) VALUES (
+ 3, 22
+);
+
+/* Policies */
+
+INSERT INTO policies ( /* 1 */
+ type, name, rec_fail, rec_noresult
+) VALUES (
+ 1, 'Installed Packages', 2, 2
+);
+
+INSERT INTO policies ( /* 2 */
+ type, name, rec_fail, rec_noresult
+) VALUES (
+ 2, 'Unknown Source', 2, 2
+);
+
+INSERT INTO policies ( /* 3 */
+ type, name, rec_fail, rec_noresult
+) VALUES (
+ 3, 'IP Forwarding Enabled', 1, 1
+);
+
+INSERT INTO policies ( /* 4 */
+ type, name, rec_fail, rec_noresult
+) VALUES (
+ 4, 'Default Factory Password Enabled', 1, 1
+);
+
+INSERT INTO policies ( /* 5 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 6, 'Measure /lib/x86_64-linux-gnu/libcrypto.so.1.0.0', 1, 2, 2
+);
+
+INSERT INTO policies ( /* 6 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 6, 'Measure /lib/x86_64-linux-gnu/libssl.so.1.0.0', 3, 2, 2
+);
+
+INSERT INTO policies ( /* 7 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 6, 'Measure /usr/bin/openssl', 5, 2, 2
+);
+
+INSERT INTO policies ( /* 8 */
+ type, name, rec_fail, rec_noresult
+) VALUES (
+ 11, 'No Open TCP Ports', 1, 1
+);
+
+INSERT INTO policies ( /* 9 */
+ type, name, argument, rec_fail, rec_noresult
+) VALUES (
+ 13, 'Open UDP Ports', '500 4500 10000-65000', 1, 1
+);
+
+INSERT INTO policies ( /* 10 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 7, 'Metadata of /etc/tnc_config', 6, 0, 0
+);
+
+INSERT INTO policies ( /* 11 */
+ type, name, dir, rec_fail, rec_noresult
+) VALUES (
+ 8, 'Get /bin', 1, 0, 0
+);
+
+INSERT INTO policies ( /* 12 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 6, 'Measure /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0', 2, 2, 2
+);
+
+INSERT INTO policies ( /* 13 */
+ type, name, file, rec_fail, rec_noresult
+) VALUES (
+ 6, 'Measure /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0', 4, 2, 2
+);
+
+INSERT INTO policies ( /* 14 */
+ type, name, dir, rec_fail, rec_noresult
+) VALUES (
+ 8, 'Get /system/bin', 13, 0, 0
+);
+
+INSERT INTO policies ( /* 15 */
+ type, name, dir, rec_fail, rec_noresult
+) VALUES (
+ 8, 'Get /system/lib', 14, 0, 0
+);
+
+INSERT INTO policies ( /* 16 */
+ type, name, dir, rec_fail, rec_noresult
+) VALUES (
+ 9, 'Measure /bin', 1, 2, 2
+);
+
+/* Enforcements */
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 1, 1, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 2, 3, 0
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age, rec_fail, rec_noresult
+) VALUES (
+ 3, 2, 0, 2, 2
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 5, 7, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 6, 7, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 7, 2, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 8, 1, 60
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 9, 1, 60
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 10, 2, 60
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 11, 10, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 12, 5, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 13, 5, 86400
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 14, 9, 0
+);
+
+INSERT INTO enforcements (
+ policy, group_id, max_age
+) VALUES (
+ 15, 9, 0
+);
+
diff --git a/testing/tests/tnc/tnccs-20-os/hosts/moon/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-os/hosts/moon/etc/strongswan.conf
index 0927c88b0..3e017e905 100644
--- a/testing/tests/tnc/tnccs-20-os/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-20-os/hosts/moon/etc/strongswan.conf
@@ -16,16 +16,11 @@ charon {
}
libimcv {
- plugins {
- imv-os {
- database = sqlite:///etc/pts/config.db
- request_installed_packages = yes
- }
- }
+ database = sqlite:///etc/pts/config.db
+ policy_script = ipsec imv_policy_manager
}
attest {
load = random nonce openssl sqlite
database = sqlite:///etc/pts/config.db
}
-
diff --git a/testing/tests/tnc/tnccs-20-os/pretest.dat b/testing/tests/tnc/tnccs-20-os/pretest.dat
index 28f2f339c..333ac7462 100644
--- a/testing/tests/tnc/tnccs-20-os/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-os/pretest.dat
@@ -14,5 +14,6 @@ carol::sleep 1
carol::ipsec up home
dave::ipsec up home
dave::sleep 1
-moon::ipsec attest --packages --product 'Debian 7.0'
+moon::ipsec attest --packages --product 'Debian 7.0 x86_64'
+moon::ipsec attest --sessions
moon::ipsec attest --devices
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 12:35:57 +0000