Imported Upstream version 5.0.3

author: Yves-Alexis Perez <corsac@debian.org> 2013-04-26 14:57:47 +0200
committer: Yves-Alexis Perez <corsac@debian.org> 2013-04-26 14:57:47 +0200
commit: 10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43 (patch)
tree: bf1d05a2e37dbd1911b86fcc026fbe49b0239c71 /testing/tests/tnc
parent: 7585facf05d927eb6df3929ce09ed5e60d905437 (diff)
download: vyos-strongswan-10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43.tar.gz
vyos-strongswan-10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43.zip
16 files changed, 25 insertions, 25 deletions
diff --git a/testing/tests/tnc/tnccs-11-fhh/pretest.dat b/testing/tests/tnc/tnccs-11-fhh/pretest.dat
index 997c70a8e..8fab1fb6c 100644
--- a/testing/tests/tnc/tnccs-11-fhh/pretest.dat
+++ b/testing/tests/tnc/tnccs-11-fhh/pretest.dat
@@ -6,9 +6,9 @@ carol::cat /etc/tnc_config
 dave::cat /etc/tnc_config
 carol::cat /etc/tnc/dummyimc.file
 dave::cat /etc/tnc/dummyimc.file
-moon::LEAK_DETECTIVE_DISABLE=1 LOG4CXX_CONFIGURATION=/etc/tnc/log4cxx.properties ipsec start
-carol::LEAK_DETECTIVE_DISABLE=1 LOG4CXX_CONFIGURATION=/etc/tnc/log4cxx.properties ipsec start
-dave::LEAK_DETECTIVE_DISABLE=1 LOG4CXX_CONFIGURATION=/etc/tnc/log4cxx.properties ipsec start
+moon::LOG4CXX_CONFIGURATION=/etc/tnc/log4cxx.properties ipsec start
+carol::LOG4CXX_CONFIGURATION=/etc/tnc/log4cxx.properties ipsec start
+dave::LOG4CXX_CONFIGURATION=/etc/tnc/log4cxx.properties ipsec start
 carol::sleep 1
 carol::ipsec up home
 dave::ipsec up home
diff --git a/testing/tests/tnc/tnccs-11-radius-block/pretest.dat b/testing/tests/tnc/tnccs-11-radius-block/pretest.dat
index c8f2139a8..96163aa36 100644
--- a/testing/tests/tnc/tnccs-11-radius-block/pretest.dat
+++ b/testing/tests/tnc/tnccs-11-radius-block/pretest.dat
@@ -6,8 +6,8 @@ alice::ln -s /etc/freeradius/sites-available/inner-tunnel-second /etc/freeradius
 alice::cat /etc/freeradius/sites-enabled/inner-tunnel-second
 alice::LEAK_DETECTIVE_DISABLE=1 LOG4CXX_CONFIGURATION=/etc/tnc/log4cxx.properties radiusd
 moon::ipsec start
-carol::LEAK_DETECTIVE_DISABLE=1 ipsec start
-dave::LEAK_DETECTIVE_DISABLE=1 ipsec start
+carol::ipsec start
+dave::ipsec start
 carol::sleep 1
 carol::ipsec up home
 dave::ipsec up home
diff --git a/testing/tests/tnc/tnccs-11-radius/pretest.dat b/testing/tests/tnc/tnccs-11-radius/pretest.dat
index 8f79c776a..71dff71b7 100644
--- a/testing/tests/tnc/tnccs-11-radius/pretest.dat
+++ b/testing/tests/tnc/tnccs-11-radius/pretest.dat
@@ -8,8 +8,8 @@ alice::cat /etc/tnc_config
 carol::cat /etc/tnc_config
 dave::cat /etc/tnc_config
 moon::ipsec start
-carol::LEAK_DETECTIVE_DISABLE=1 ipsec start
-dave::LEAK_DETECTIVE_DISABLE=1 ipsec start
+carol::ipsec start
+dave::ipsec start
 carol::sleep 1
 carol::ipsec up home
 dave::ipsec up home
diff --git a/testing/tests/tnc/tnccs-11/pretest.dat b/testing/tests/tnc/tnccs-11/pretest.dat
index 7bfcf0d07..cac1cfafc 100644
--- a/testing/tests/tnc/tnccs-11/pretest.dat
+++ b/testing/tests/tnc/tnccs-11/pretest.dat
@@ -4,9 +4,9 @@ dave::iptables-restore < /etc/iptables.rules
 moon::cat /etc/tnc_config
 carol::cat /etc/tnc_config
 dave::cat /etc/tnc_config
-moon::LEAK_DETECTIVE_DISABLE=1 ipsec start
-carol::LEAK_DETECTIVE_DISABLE=1 ipsec start
-dave::LEAK_DETECTIVE_DISABLE=1 ipsec start
+moon::ipsec start
+carol::ipsec start
+dave::ipsec start
 carol::sleep 1
 carol::ipsec up home
 dave::ipsec up home
diff --git a/testing/tests/tnc/tnccs-20-pdp/evaltest.dat b/testing/tests/tnc/tnccs-20-pdp/evaltest.dat
index e969774c5..f028ec609 100644
--- a/testing/tests/tnc/tnccs-20-pdp/evaltest.dat
+++ b/testing/tests/tnc/tnccs-20-pdp/evaltest.dat
@@ -7,9 +7,11 @@ dave:: cat /var/log/daemon.log::PB-TNC access recommendation is .*Quarantined::Y
 dave:: cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established::YES
 dave:: cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.200/32 === 10.1.0.16/28::YES
 moon:: cat /var/log/daemon.log::received RADIUS attribute Filter-Id: 'allow'::YES
-moon:: cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
+moon:: cat /var/log/daemon.log::RADIUS authentication of 'carol' successful::YES
+moon:: cat /var/log/daemon.log::authentication of '192.168.0.100' with EAP successful::YES
 moon:: cat /var/log/daemon.log::received RADIUS attribute Filter-Id: 'isolate'::YES
-moon:: cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with EAP successful::YES
+moon:: cat /var/log/daemon.log::RADIUS authentication of 'dave' successful::YES
+moon:: cat /var/log/daemon.log::authentication of '192.168.0.200' with EAP successful::YES
 moon:: ipsec statusall 2>/dev/null::rw-allow.*10.1.0.0/28 === 192.168.0.100/32::YES
 moon:: ipsec statusall 2>/dev/null::rw-isolate.*10.1.0.16/28 === 192.168.0.200/32::YES
 carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_req=1::YES
diff --git a/testing/tests/tnc/tnccs-20-pdp/hosts/alice/etc/ipsec.secrets b/testing/tests/tnc/tnccs-20-pdp/hosts/alice/etc/ipsec.secrets
index 96b9a8dd5..11d45cd14 100644
--- a/testing/tests/tnc/tnccs-20-pdp/hosts/alice/etc/ipsec.secrets
+++ b/testing/tests/tnc/tnccs-20-pdp/hosts/alice/etc/ipsec.secrets
@@ -2,5 +2,5 @@
 
 : RSA aaaKey.pem
 
-carol@strongswan.org : EAP "Ar3etTnp"
-dave@strongswan.org  : EAP "W7R0g3do"
+carol : EAP "Ar3etTnp"
+dave  : EAP "W7R0g3do"
diff --git a/testing/tests/tnc/tnccs-20-pdp/hosts/carol/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-pdp/hosts/carol/etc/ipsec.conf
index e9152e0d8..59563730b 100644
--- a/testing/tests/tnc/tnccs-20-pdp/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20-pdp/hosts/carol/etc/ipsec.conf
@@ -12,12 +12,12 @@ conn %default
 
 conn home
 	left=PH_IP_CAROL
-	leftid=carol@strongswan.org
 	leftauth=eap
 	leftfirewall=yes
 	right=PH_IP_MOON
 	rightid=@moon.strongswan.org
 	rightsubnet=10.1.0.0/16
 	rightauth=pubkey
+	eap_identity=carol
 	aaa_identity="C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"
 	auto=add
diff --git a/testing/tests/tnc/tnccs-20-pdp/hosts/carol/etc/ipsec.secrets b/testing/tests/tnc/tnccs-20-pdp/hosts/carol/etc/ipsec.secrets
index 74942afda..23d79cf2e 100644
--- a/testing/tests/tnc/tnccs-20-pdp/hosts/carol/etc/ipsec.secrets
+++ b/testing/tests/tnc/tnccs-20-pdp/hosts/carol/etc/ipsec.secrets
@@ -1,3 +1,3 @@
 # /etc/ipsec.secrets - strongSwan IPsec secrets file
 
-carol@strongswan.org : EAP "Ar3etTnp"
+carol : EAP "Ar3etTnp"
diff --git a/testing/tests/tnc/tnccs-20-pdp/hosts/dave/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-pdp/hosts/dave/etc/ipsec.conf
index 25589bcf1..8c27c78d2 100644
--- a/testing/tests/tnc/tnccs-20-pdp/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20-pdp/hosts/dave/etc/ipsec.conf
@@ -12,12 +12,12 @@ conn %default
 
 conn home
 	left=PH_IP_DAVE
-	leftid=dave@strongswan.org
 	leftauth=eap
 	leftfirewall=yes
 	right=PH_IP_MOON
 	rightid=@moon.strongswan.org
 	rightsubnet=10.1.0.0/16
 	rightauth=pubkey
+	eap_identity=dave
 	aaa_identity="C=CH, O=Linux strongSwan, CN=aaa.strongswan.org"
 	auto=add
diff --git a/testing/tests/tnc/tnccs-20-pdp/hosts/dave/etc/ipsec.secrets b/testing/tests/tnc/tnccs-20-pdp/hosts/dave/etc/ipsec.secrets
index 5496df7ad..02e0c9963 100644
--- a/testing/tests/tnc/tnccs-20-pdp/hosts/dave/etc/ipsec.secrets
+++ b/testing/tests/tnc/tnccs-20-pdp/hosts/dave/etc/ipsec.secrets
@@ -1,3 +1,3 @@
 # /etc/ipsec.secrets - strongSwan IPsec secrets file
 
-dave@strongswan.org : EAP "W7R0g3do"
+dave : EAP "W7R0g3do"
diff --git a/testing/tests/tnc/tnccs-20-pdp/hosts/moon/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-pdp/hosts/moon/etc/ipsec.conf
index 294964fe7..02ada5665 100644
--- a/testing/tests/tnc/tnccs-20-pdp/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20-pdp/hosts/moon/etc/ipsec.conf
@@ -28,6 +28,6 @@ conn rw-eap
 	leftauth=pubkey
 	leftfirewall=yes
 	rightauth=eap-radius
-	rightid=*@strongswan.org
 	rightsendcert=never
 	right=%any
+	eap_identity=%any
diff --git a/testing/tests/tnc/tnccs-20-pdp/hosts/moon/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-pdp/hosts/moon/etc/strongswan.conf
index 15655daf2..d32951866 100644
--- a/testing/tests/tnc/tnccs-20-pdp/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-20-pdp/hosts/moon/etc/strongswan.conf
@@ -1,7 +1,7 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 charon {
-  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-radius updown
+  load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-radius updown
   multiple_authentication=no
   plugins {
     eap-radius {
diff --git a/testing/tests/tnc/tnccs-20-tls/evaltest.dat b/testing/tests/tnc/tnccs-20-tls/evaltest.dat
index bac7294b2..40d5e24d5 100644
--- a/testing/tests/tnc/tnccs-20-tls/evaltest.dat
+++ b/testing/tests/tnc/tnccs-20-tls/evaltest.dat
@@ -7,9 +7,9 @@ dave:: cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established::
 dave:: cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
 dave:: cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.200/32 === 10.1.0.16/28::YES
 moon:: cat /var/log/daemon.log::added group membership 'allow'::YES
-moon:: cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
+moon:: cat /var/log/daemon.log::authentication of 'C=CH, O=Linux strongSwan, OU=Research, CN=carol@strongswan.org' with EAP successful::YES
 moon:: cat /var/log/daemon.log::added group membership 'isolate'::YES
-moon:: cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with EAP successful::YES
+moon:: cat /var/log/daemon.log::authentication of 'C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org' with EAP successful::YES
 moon:: ipsec statusall 2> /dev/null::rw-allow.*10.1.0.0/28 === 192.168.0.100/32::YES
 moon:: ipsec statusall 2> /dev/null::rw-isolate.*10.1.0.16/28 === 192.168.0.200/32::YES
 carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_req=1::YES
diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf
index e9b78bc01..eece9f294 100644
--- a/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf
@@ -13,7 +13,6 @@ conn %default
 conn home
 	left=PH_IP_CAROL
 	leftcert=carolCert.pem
-	leftid=carol@strongswan.org
 	leftauth=eap
 	leftfirewall=yes
 	right=PH_IP_MOON
diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf
index 75d84e25a..362042656 100644
--- a/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf
@@ -13,7 +13,6 @@ conn %default
 conn home
 	left=PH_IP_DAVE
 	leftcert=daveCert.pem
-	leftid=dave@strongswan.org
 	leftauth=eap
 	leftfirewall=yes
 	right=PH_IP_MOON
diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf
index 2ffc7e9ae..0ec930286 100644
--- a/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf
@@ -29,6 +29,6 @@ conn rw-eap
 	leftauth=eap-ttls
 	leftfirewall=yes
 	rightauth=eap-ttls
-	rightid=*@strongswan.org
+	rightid="C=CH, O=Linux strongSwan, OU=*, CN=*"
 	rightsendcert=never
 	right=%any
author	Yves-Alexis Perez <corsac@debian.org>	2013-04-26 14:57:47 +0200
committer	Yves-Alexis Perez <corsac@debian.org>	2013-04-26 14:57:47 +0200
commit	10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43 (patch)
tree	bf1d05a2e37dbd1911b86fcc026fbe49b0239c71 /testing/tests/tnc
parent	7585facf05d927eb6df3929ce09ed5e60d905437 (diff)
download	vyos-strongswan-10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43.tar.gz vyos-strongswan-10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43.zip