diff options
Diffstat (limited to 'testing/tests/ikev1/ocsp-strict')
| -rw-r--r-- | testing/tests/ikev1/ocsp-strict/description.txt | 6 | ||||
| -rw-r--r-- | testing/tests/ikev1/ocsp-strict/evaltest.dat | 8 | ||||
| -rwxr-xr-x | testing/tests/ikev1/ocsp-strict/hosts/carol/etc/ipsec.conf | 28 | ||||
| -rwxr-xr-x | testing/tests/ikev1/ocsp-strict/hosts/moon/etc/ipsec.conf | 39 | ||||
| -rw-r--r-- | testing/tests/ikev1/ocsp-strict/posttest.dat | 2 | ||||
| -rw-r--r-- | testing/tests/ikev1/ocsp-strict/pretest.dat | 4 | ||||
| -rw-r--r-- | testing/tests/ikev1/ocsp-strict/test.conf | 21 |
7 files changed, 0 insertions, 108 deletions
diff --git a/testing/tests/ikev1/ocsp-strict/description.txt b/testing/tests/ikev1/ocsp-strict/description.txt deleted file mode 100644 index 7cb983140..000000000 --- a/testing/tests/ikev1/ocsp-strict/description.txt +++ /dev/null @@ -1,6 +0,0 @@ -By setting <b>strictcrlpolicy=yes</b> a <b>strict CRL policy</b> is enforced on -both roadwarrior <b>carol</b> and gateway <b>moon</b>. Thus when <b>carol</b> initiates -the connection and no current revocation information is available, the Main Mode -negotiation fails but an OCSP request is issued to the OCSP server <b>winnetou</b>. -When the second Main Mode trial comes around, the OCSP response will be available -and the IKE negotiation completes. diff --git a/testing/tests/ikev1/ocsp-strict/evaltest.dat b/testing/tests/ikev1/ocsp-strict/evaltest.dat deleted file mode 100644 index 66b27aaac..000000000 --- a/testing/tests/ikev1/ocsp-strict/evaltest.dat +++ /dev/null @@ -1,8 +0,0 @@ -moon::cat /var/log/auth.log::X.509 certificate rejected::YES -carol::cat /var/log/auth.log::X.509 certificate rejected::YES -moon::cat /var/log/auth.log::ignoring informational payload, type INVALID_KEY_INFORMATION::YES -carol::cat /var/log/auth.log::ignoring informational payload, type INVALID_KEY_INFORMATION::YES -moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES -carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES -moon::ipsec listocsp:: good::YES -carol::ipsec listocsp:: good::YES diff --git a/testing/tests/ikev1/ocsp-strict/hosts/carol/etc/ipsec.conf b/testing/tests/ikev1/ocsp-strict/hosts/carol/etc/ipsec.conf deleted file mode 100755 index c79b1c3e2..000000000 --- a/testing/tests/ikev1/ocsp-strict/hosts/carol/etc/ipsec.conf +++ /dev/null @@ -1,28 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - plutodebug=control - crlcheckinterval=180 - strictcrlpolicy=yes - charonstart=no - -ca strongswan - cacert=strongswanCert.pem - ocspuri=http://ocsp.strongswan.org:8880 - auto=add - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - left=PH_IP_CAROL - leftcert=carolCert.pem - leftid=carol@strongswan.org - -conn home - right=PH_IP_MOON - rightsubnet=10.1.0.0/16 - rightid=@moon.strongswan.org - auto=add diff --git a/testing/tests/ikev1/ocsp-strict/hosts/moon/etc/ipsec.conf b/testing/tests/ikev1/ocsp-strict/hosts/moon/etc/ipsec.conf deleted file mode 100755 index cd2ab0aca..000000000 --- a/testing/tests/ikev1/ocsp-strict/hosts/moon/etc/ipsec.conf +++ /dev/null @@ -1,39 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - plutodebug=control - crlcheckinterval=180 - strictcrlpolicy=yes - charonstart=no - -ca strongswan - cacert=strongswanCert.pem - ocspuri=http://ocsp.strongswan.org:8880 - auto=add - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - left=PH_IP_MOON - leftcert=moonCert.pem - leftid=@moon.strongswan.org - -conn net-net - leftsubnet=10.1.0.0/16 - right=PH_IP_SUN - rightsubnet=10.2.0.0/16 - rightid=@sun.strongswan.org - auto=add - -conn host-host - right=PH_IP_SUN - rightid=@sun.strongswan.org - auto=add - -conn rw - leftsubnet=10.1.0.0/16 - right=%any - auto=add diff --git a/testing/tests/ikev1/ocsp-strict/posttest.dat b/testing/tests/ikev1/ocsp-strict/posttest.dat deleted file mode 100644 index c6d6235f9..000000000 --- a/testing/tests/ikev1/ocsp-strict/posttest.dat +++ /dev/null @@ -1,2 +0,0 @@ -moon::ipsec stop -carol::ipsec stop diff --git a/testing/tests/ikev1/ocsp-strict/pretest.dat b/testing/tests/ikev1/ocsp-strict/pretest.dat deleted file mode 100644 index d92333d86..000000000 --- a/testing/tests/ikev1/ocsp-strict/pretest.dat +++ /dev/null @@ -1,4 +0,0 @@ -moon::ipsec start -carol::ipsec start -carol::sleep 2 -carol::ipsec up home diff --git a/testing/tests/ikev1/ocsp-strict/test.conf b/testing/tests/ikev1/ocsp-strict/test.conf deleted file mode 100644 index 2b240d895..000000000 --- a/testing/tests/ikev1/ocsp-strict/test.conf +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# -# This configuration file provides information on the -# UML instances used for this test - -# All UML instances that are required for this test -# -UMLHOSTS="moon carol winnetou" - -# Corresponding block diagram -# -DIAGRAM="m-c-w.png" - -# UML instances on which tcpdump is to be started -# -TCPDUMPHOSTS="" - -# UML instances on which IPsec is started -# Used for IPsec logging purposes -# -IPSECHOSTS="moon carol" |