summaryrefslogtreecommitdiff
path: root/testing/tests/ikev1/esp-alg-strict-fail
diff options
context:
space:
mode:
Diffstat (limited to 'testing/tests/ikev1/esp-alg-strict-fail')
-rw-r--r--testing/tests/ikev1/esp-alg-strict-fail/description.txt5
-rw-r--r--testing/tests/ikev1/esp-alg-strict-fail/evaltest.dat9
-rwxr-xr-xtesting/tests/ikev1/esp-alg-strict-fail/hosts/carol/etc/ipsec.conf25
-rwxr-xr-xtesting/tests/ikev1/esp-alg-strict-fail/hosts/moon/etc/ipsec.conf25
-rw-r--r--testing/tests/ikev1/esp-alg-strict-fail/posttest.dat2
-rw-r--r--testing/tests/ikev1/esp-alg-strict-fail/pretest.dat4
-rw-r--r--testing/tests/ikev1/esp-alg-strict-fail/test.conf21
7 files changed, 0 insertions, 91 deletions
diff --git a/testing/tests/ikev1/esp-alg-strict-fail/description.txt b/testing/tests/ikev1/esp-alg-strict-fail/description.txt
deleted file mode 100644
index 252080e80..000000000
--- a/testing/tests/ikev1/esp-alg-strict-fail/description.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-The roadwarrior <b>carol</b> proposes <b>3DES_CBC</b> encryption with HMAC_SHA1 authentication
-as the only cipher suite for both the ISAKMP and IPsec SA. The gateway <b>moon</b> defines
-<b>ike=aes128-sha1</b> only, but will accept any other support algorithm proposed by the peer,
-leading to a successful negotiation of Phase 1. Because for Phase 2 <b>moon</b> enforces
-<b>esp=aes128-sha1!</b> by using the strict flag '!', the ISAKMP SA will fail.
diff --git a/testing/tests/ikev1/esp-alg-strict-fail/evaltest.dat b/testing/tests/ikev1/esp-alg-strict-fail/evaltest.dat
deleted file mode 100644
index 83d99bea1..000000000
--- a/testing/tests/ikev1/esp-alg-strict-fail/evaltest.dat
+++ /dev/null
@@ -1,9 +0,0 @@
-carol::ipsec status::home.*STATE_MAIN_I4.*ISAKMP SA established::YES
-carol::ipsec statusall::IKE proposal: 3DES_CBC/HMAC_SHA1::YES
-moon::ipsec status::rw.*STATE_MAIN_R3.*ISAKMP SA established::YES
-moon::ipsec statusall::IKE proposal: 3DES_CBC/HMAC_SHA1::YES
-carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::NO
-carol::cat /var/log/auth.log::NO_PROPOSAL_CHOSEN::YES
-moon::ipsec status::rw.*STATE_QUICK_R2.*ISAKMP SA established::NO
-moon::cat /var/log/auth.log::IPSec Transform.*3DES_CBC (192), HMAC_SHA1.*refused due to strict flag::YES
-moon::cat /var/log/auth.log::no acceptable Proposal in IPsec SA::YES
diff --git a/testing/tests/ikev1/esp-alg-strict-fail/hosts/carol/etc/ipsec.conf b/testing/tests/ikev1/esp-alg-strict-fail/hosts/carol/etc/ipsec.conf
deleted file mode 100755
index 46a619016..000000000
--- a/testing/tests/ikev1/esp-alg-strict-fail/hosts/carol/etc/ipsec.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
- plutodebug=control
- crlcheckinterval=180
- strictcrlpolicy=no
- charonstart=no
-
-conn %default
- ikelifetime=60m
- keylife=20m
- rekeymargin=3m
- keyingtries=1
- keyexchange=ikev1
- ike=3des-sha1
- esp=3des-sha1
-
-conn home
- left=PH_IP_CAROL
- leftcert=carolCert.pem
- leftid=carol@strongswan.org
- right=PH_IP_MOON
- rightsubnet=10.1.0.0/16
- rightid=@moon.strongswan.org
- auto=add
diff --git a/testing/tests/ikev1/esp-alg-strict-fail/hosts/moon/etc/ipsec.conf b/testing/tests/ikev1/esp-alg-strict-fail/hosts/moon/etc/ipsec.conf
deleted file mode 100755
index 86a15c96d..000000000
--- a/testing/tests/ikev1/esp-alg-strict-fail/hosts/moon/etc/ipsec.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-config setup
- plutodebug=control
- crlcheckinterval=180
- strictcrlpolicy=no
- charonstart=no
-
-conn %default
- ikelifetime=60m
- keylife=20m
- rekeymargin=3m
- keyingtries=1
- keyexchange=ikev1
- ike=aes128-sha1
- esp=aes128-sha1!
-
-conn rw
- left=PH_IP_MOON
- leftcert=moonCert.pem
- leftid=@moon.strongswan.org
- leftsubnet=10.1.0.0/16
- right=%any
- rightid=carol@strongswan.org
- auto=add
diff --git a/testing/tests/ikev1/esp-alg-strict-fail/posttest.dat b/testing/tests/ikev1/esp-alg-strict-fail/posttest.dat
deleted file mode 100644
index c6d6235f9..000000000
--- a/testing/tests/ikev1/esp-alg-strict-fail/posttest.dat
+++ /dev/null
@@ -1,2 +0,0 @@
-moon::ipsec stop
-carol::ipsec stop
diff --git a/testing/tests/ikev1/esp-alg-strict-fail/pretest.dat b/testing/tests/ikev1/esp-alg-strict-fail/pretest.dat
deleted file mode 100644
index f5aa989fe..000000000
--- a/testing/tests/ikev1/esp-alg-strict-fail/pretest.dat
+++ /dev/null
@@ -1,4 +0,0 @@
-carol::ipsec start
-moon::ipsec start
-carol::sleep 2
-carol::ipsec up home
diff --git a/testing/tests/ikev1/esp-alg-strict-fail/test.conf b/testing/tests/ikev1/esp-alg-strict-fail/test.conf
deleted file mode 100644
index 2b240d895..000000000
--- a/testing/tests/ikev1/esp-alg-strict-fail/test.conf
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# UML instances used for this test
-
-# All UML instances that are required for this test
-#
-UMLHOSTS="moon carol winnetou"
-
-# Corresponding block diagram
-#
-DIAGRAM="m-c-w.png"
-
-# UML instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS=""
-
-# UML instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="moon carol"