Imported Upstream version 5.2.0

4 files changed, 12 insertions, 30 deletions

diff --git a/testing/tests/tnc/tnccs-20-tls/description.txt b/testing/tests/tnc/tnccs-20-tls/description.txt
index a032d2d05..f193bd27b 100644
--- a/testing/tests/tnc/tnccs-20-tls/description.txt
+++ b/testing/tests/tnc/tnccs-20-tls/description.txt
@@ -1,9 +1,10 @@
 The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each to gateway <b>moon</b>,
 both ends doing certificate-based EAP-TLS authentication only.
-In a next step the EAP-TNC protocol is used within the EAP-TTLS tunnel to determine the
-health of <b>carol</b> and <b>dave</b> via the <b>IF-TNCCS 2.0 </b> client-server interface
-compliant with <b>RFC 5793 PB-TNC</b>. The IMC and IMV communicate are using the <b>IF-M</b>
-protocol defined by <b>RFC 5792 PA-TNC</b>.
+<p/>
+In a next step the <b>RFC 7171 PT-EAP</b> transport protocol is used within the EAP-TTLS
+tunnel to determine the health of <b>carol</b> and <b>dave</b> via the <b>IF-TNCCS 2.0 </b>
+client-server interface compliant with <b>RFC 5793 PB-TNC</b>. The IMCs and IMVs exchange
+messages over the <b>IF-M</b> protocol defined by <b>RFC 5792 PA-TNC</b>.
 <p>
 <b>carol</b> passes the health test and <b>dave</b> fails. Based on these measurements the
 clients are connected by gateway <b>moon</b> to the "rw-allow" and "rw-isolate" subnets,
diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/strongswan.conf
index ada13a325..1cf2f0e72 100644
--- a/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/strongswan.conf
@@ -2,12 +2,8 @@
 
 charon {
   load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown
-  multiple_authentication=no
-  plugins {
-    eap-tnc {
-      protocol = tnccs-2.0
-    }
-  }
+
+  multiple_authentication = no
 }
 
 libimcv {
diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/strongswan.conf
index 0870ca667..0e63eaba4 100644
--- a/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/strongswan.conf
@@ -2,12 +2,8 @@
 
 charon {
   load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown
-  multiple_authentication=no
-  plugins {
-    eap-tnc {
-      protocol = tnccs-2.0
-    }
-  }
+
+  multiple_authentication = no
 }
 
 libimcv {
diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/strongswan.conf
index bc1d421c1..1a4dc8521 100644
--- a/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/strongswan.conf
@@ -2,25 +2,14 @@
 
 charon {
   load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-tnccs tnccs-20 tnc-imv updown
-  multiple_authentication=no
+
+  multiple_authentication = no
+
   plugins {
     eap-ttls {
       request_peer_auth = yes
       phase2_piggyback = yes
       phase2_tnc = yes
     }
-    eap-tnc {
-      protocol = tnccs-2.0
-    }
-  }
-}
-
-libimcv {
-  plugins {
-    imv-scanner {
-      closed_port_policy = no
-      tcp_ports = 80 443
-      udp_ports =
-    }
   }
 }