summaryrefslogtreecommitdiff
path: root/testing/tests/ikev1/multi-level-ca-ldap
diff options
context:
space:
mode:
Diffstat (limited to 'testing/tests/ikev1/multi-level-ca-ldap')
-rw-r--r--testing/tests/ikev1/multi-level-ca-ldap/evaltest.dat2
-rw-r--r--testing/tests/ikev1/multi-level-ca-ldap/hosts/carol/etc/strongswan.conf11
-rw-r--r--testing/tests/ikev1/multi-level-ca-ldap/hosts/dave/etc/strongswan.conf11
-rw-r--r--testing/tests/ikev1/multi-level-ca-ldap/hosts/moon/etc/strongswan.conf11
4 files changed, 34 insertions, 1 deletions
diff --git a/testing/tests/ikev1/multi-level-ca-ldap/evaltest.dat b/testing/tests/ikev1/multi-level-ca-ldap/evaltest.dat
index f504706e2..9cfa502aa 100644
--- a/testing/tests/ikev1/multi-level-ca-ldap/evaltest.dat
+++ b/testing/tests/ikev1/multi-level-ca-ldap/evaltest.dat
@@ -2,7 +2,7 @@ moon::cat /var/log/auth.log::PH_IP_CAROL.*X.509 certificate rejected::YES
carol::cat /var/log/auth.log::ignoring informational payload, type INVALID_KEY_INFORMATION::YES
moon::cat /var/log/auth.log::PH_IP_DAVE.*X.509 certificate rejected::YES
dave::cat /var/log/auth.log::ignoring informational payload, type INVALID_KEY_INFORMATION::YES
-moon::cat /var/log/auth.log::Trying LDAP URL::YES
+moon::cat /var/log/auth.log::fetching crl from .*ldap://ldap.strongswan.org::YES
carol::ipsec status::alice.*STATE_QUICK_I2.*IPsec SA established::YES
moon::ipsec status::alice.*PH_IP_CAROL.*STATE_QUICK_R2.*IPsec SA established::YES
carol::ipsec status::venus.*STATE_QUICK_I2.*IPsec SA established::NO
diff --git a/testing/tests/ikev1/multi-level-ca-ldap/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/multi-level-ca-ldap/hosts/carol/etc/strongswan.conf
new file mode 100644
index 000000000..b15cf2d3f
--- /dev/null
+++ b/testing/tests/ikev1/multi-level-ca-ldap/hosts/carol/etc/strongswan.conf
@@ -0,0 +1,11 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+pluto {
+ load = sha1 sha2 md5 aes des hmac gmp pubkey random curl ldap
+}
+
+# pluto uses optimized DH exponent sizes (RFC 3526)
+
+libstrongswan {
+ dh_exponent_ansi_x9_42 = no
+}
diff --git a/testing/tests/ikev1/multi-level-ca-ldap/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/multi-level-ca-ldap/hosts/dave/etc/strongswan.conf
new file mode 100644
index 000000000..b15cf2d3f
--- /dev/null
+++ b/testing/tests/ikev1/multi-level-ca-ldap/hosts/dave/etc/strongswan.conf
@@ -0,0 +1,11 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+pluto {
+ load = sha1 sha2 md5 aes des hmac gmp pubkey random curl ldap
+}
+
+# pluto uses optimized DH exponent sizes (RFC 3526)
+
+libstrongswan {
+ dh_exponent_ansi_x9_42 = no
+}
diff --git a/testing/tests/ikev1/multi-level-ca-ldap/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/multi-level-ca-ldap/hosts/moon/etc/strongswan.conf
new file mode 100644
index 000000000..b15cf2d3f
--- /dev/null
+++ b/testing/tests/ikev1/multi-level-ca-ldap/hosts/moon/etc/strongswan.conf
@@ -0,0 +1,11 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+pluto {
+ load = sha1 sha2 md5 aes des hmac gmp pubkey random curl ldap
+}
+
+# pluto uses optimized DH exponent sizes (RFC 3526)
+
+libstrongswan {
+ dh_exponent_ansi_x9_42 = no
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-01 02:44:19 +0000