diff options
Diffstat (limited to 'testing/tests/ikev1/esp-alg-strict-fail')
7 files changed, 0 insertions, 91 deletions
diff --git a/testing/tests/ikev1/esp-alg-strict-fail/description.txt b/testing/tests/ikev1/esp-alg-strict-fail/description.txt deleted file mode 100644 index 252080e80..000000000 --- a/testing/tests/ikev1/esp-alg-strict-fail/description.txt +++ /dev/null @@ -1,5 +0,0 @@ -The roadwarrior <b>carol</b> proposes <b>3DES_CBC</b> encryption with HMAC_SHA1 authentication -as the only cipher suite for both the ISAKMP and IPsec SA. The gateway <b>moon</b> defines -<b>ike=aes128-sha1</b> only, but will accept any other support algorithm proposed by the peer, -leading to a successful negotiation of Phase 1. Because for Phase 2 <b>moon</b> enforces -<b>esp=aes128-sha1!</b> by using the strict flag '!', the ISAKMP SA will fail. diff --git a/testing/tests/ikev1/esp-alg-strict-fail/evaltest.dat b/testing/tests/ikev1/esp-alg-strict-fail/evaltest.dat deleted file mode 100644 index 83d99bea1..000000000 --- a/testing/tests/ikev1/esp-alg-strict-fail/evaltest.dat +++ /dev/null @@ -1,9 +0,0 @@ -carol::ipsec status::home.*STATE_MAIN_I4.*ISAKMP SA established::YES -carol::ipsec statusall::IKE proposal: 3DES_CBC/HMAC_SHA1::YES -moon::ipsec status::rw.*STATE_MAIN_R3.*ISAKMP SA established::YES -moon::ipsec statusall::IKE proposal: 3DES_CBC/HMAC_SHA1::YES -carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::NO -carol::cat /var/log/auth.log::NO_PROPOSAL_CHOSEN::YES -moon::ipsec status::rw.*STATE_QUICK_R2.*ISAKMP SA established::NO -moon::cat /var/log/auth.log::IPSec Transform.*3DES_CBC (192), HMAC_SHA1.*refused due to strict flag::YES -moon::cat /var/log/auth.log::no acceptable Proposal in IPsec SA::YES diff --git a/testing/tests/ikev1/esp-alg-strict-fail/hosts/carol/etc/ipsec.conf b/testing/tests/ikev1/esp-alg-strict-fail/hosts/carol/etc/ipsec.conf deleted file mode 100755 index 46a619016..000000000 --- a/testing/tests/ikev1/esp-alg-strict-fail/hosts/carol/etc/ipsec.conf +++ /dev/null @@ -1,25 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - plutodebug=control - crlcheckinterval=180 - strictcrlpolicy=no - charonstart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - ike=3des-sha1 - esp=3des-sha1 - -conn home - left=PH_IP_CAROL - leftcert=carolCert.pem - leftid=carol@strongswan.org - right=PH_IP_MOON - rightsubnet=10.1.0.0/16 - rightid=@moon.strongswan.org - auto=add diff --git a/testing/tests/ikev1/esp-alg-strict-fail/hosts/moon/etc/ipsec.conf b/testing/tests/ikev1/esp-alg-strict-fail/hosts/moon/etc/ipsec.conf deleted file mode 100755 index 86a15c96d..000000000 --- a/testing/tests/ikev1/esp-alg-strict-fail/hosts/moon/etc/ipsec.conf +++ /dev/null @@ -1,25 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - plutodebug=control - crlcheckinterval=180 - strictcrlpolicy=no - charonstart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - ike=aes128-sha1 - esp=aes128-sha1! - -conn rw - left=PH_IP_MOON - leftcert=moonCert.pem - leftid=@moon.strongswan.org - leftsubnet=10.1.0.0/16 - right=%any - rightid=carol@strongswan.org - auto=add diff --git a/testing/tests/ikev1/esp-alg-strict-fail/posttest.dat b/testing/tests/ikev1/esp-alg-strict-fail/posttest.dat deleted file mode 100644 index c6d6235f9..000000000 --- a/testing/tests/ikev1/esp-alg-strict-fail/posttest.dat +++ /dev/null @@ -1,2 +0,0 @@ -moon::ipsec stop -carol::ipsec stop diff --git a/testing/tests/ikev1/esp-alg-strict-fail/pretest.dat b/testing/tests/ikev1/esp-alg-strict-fail/pretest.dat deleted file mode 100644 index f5aa989fe..000000000 --- a/testing/tests/ikev1/esp-alg-strict-fail/pretest.dat +++ /dev/null @@ -1,4 +0,0 @@ -carol::ipsec start -moon::ipsec start -carol::sleep 2 -carol::ipsec up home diff --git a/testing/tests/ikev1/esp-alg-strict-fail/test.conf b/testing/tests/ikev1/esp-alg-strict-fail/test.conf deleted file mode 100644 index 2b240d895..000000000 --- a/testing/tests/ikev1/esp-alg-strict-fail/test.conf +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# -# This configuration file provides information on the -# UML instances used for this test - -# All UML instances that are required for this test -# -UMLHOSTS="moon carol winnetou" - -# Corresponding block diagram -# -DIAGRAM="m-c-w.png" - -# UML instances on which tcpdump is to be started -# -TCPDUMPHOSTS="" - -# UML instances on which IPsec is started -# Used for IPsec logging purposes -# -IPSECHOSTS="moon carol" |