diff options
Diffstat (limited to 'testing/tests/ikev1/req-pkcs10')
13 files changed, 0 insertions, 144 deletions
diff --git a/testing/tests/ikev1/req-pkcs10/description.txt b/testing/tests/ikev1/req-pkcs10/description.txt deleted file mode 100644 index a958cb8e8..000000000 --- a/testing/tests/ikev1/req-pkcs10/description.txt +++ /dev/null @@ -1,11 +0,0 @@ -Both the roadwarrior <b>carol</b> and the gateway <b>moon</b> generate a -PKCS#1 RSA private key and a PKCS#10 certificate request using the -<b>ipsec scepclient</b> function. Because the UML testing environment -does not offer enough entropy, the non-blocking /dev/urandom device is -used in place of /dev/random for generating the random primes. -<p> -The certificate requests are copied to <b>winnetou</b> where a certification -authority based on OpenSSL issues X.509 certificates by verifying and -signing the PCKS#10 requests. The certificates are then copied back to -the corresponding hosts and used to set up a road warrior connection -initiated by <b>carol</b> diff --git a/testing/tests/ikev1/req-pkcs10/evaltest.dat b/testing/tests/ikev1/req-pkcs10/evaltest.dat deleted file mode 100644 index c7657801e..000000000 --- a/testing/tests/ikev1/req-pkcs10/evaltest.dat +++ /dev/null @@ -1,5 +0,0 @@ -carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES -moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES -carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES -moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES -moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES diff --git a/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/ipsec.conf b/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/ipsec.conf deleted file mode 100755 index 7c2bb3a98..000000000 --- a/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/ipsec.conf +++ /dev/null @@ -1,28 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - plutodebug=control - crlcheckinterval=180 - strictcrlpolicy=no - charonstart=no - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - -conn home - left=PH_IP_CAROL - leftcert=myCert.pem - leftid=carol@strongswan.org - leftfirewall=yes - right=PH_IP_MOON - rightsubnet=10.1.0.0/16 - rightid=@moon.strongswan.org - auto=add - - - - diff --git a/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/ipsec.secrets b/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/ipsec.secrets deleted file mode 100644 index 167d743df..000000000 --- a/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/ipsec.secrets +++ /dev/null @@ -1,3 +0,0 @@ -# /etc/ipsec.secrets - strongSwan IPsec secrets file - -: RSA myKey.der diff --git a/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/scepclient.conf b/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/scepclient.conf deleted file mode 100644 index 6afd3fa11..000000000 --- a/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/scepclient.conf +++ /dev/null @@ -1,3 +0,0 @@ ---debug-control ---out pkcs1 ---out pkcs10 diff --git a/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/strongswan.conf deleted file mode 100644 index e589a9425..000000000 --- a/testing/tests/ikev1/req-pkcs10/hosts/carol/etc/strongswan.conf +++ /dev/null @@ -1,15 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -pluto { - load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 gmp random curl kernel-netlink -} - -scepclient { - load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 gmp random -} - -# pluto uses optimized DH exponent sizes (RFC 3526) - -libstrongswan { - dh_exponent_ansi_x9_42 = no -} diff --git a/testing/tests/ikev1/req-pkcs10/hosts/moon/etc/ipsec.secrets b/testing/tests/ikev1/req-pkcs10/hosts/moon/etc/ipsec.secrets deleted file mode 100644 index b9ec17dbc..000000000 --- a/testing/tests/ikev1/req-pkcs10/hosts/moon/etc/ipsec.secrets +++ /dev/null @@ -1,3 +0,0 @@ -# /etc/ipsec.secrets - strongSwan IPsec secrets file - -: RSA moonKey.der diff --git a/testing/tests/ikev1/req-pkcs10/hosts/moon/etc/scepclient.conf b/testing/tests/ikev1/req-pkcs10/hosts/moon/etc/scepclient.conf deleted file mode 100644 index da8177348..000000000 --- a/testing/tests/ikev1/req-pkcs10/hosts/moon/etc/scepclient.conf +++ /dev/null @@ -1,4 +0,0 @@ ---debug-control ---keylength 2064 ---out pkcs1=moonKey.der ---out pkcs10=moonReq.der diff --git a/testing/tests/ikev1/req-pkcs10/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/req-pkcs10/hosts/moon/etc/strongswan.conf deleted file mode 100644 index e589a9425..000000000 --- a/testing/tests/ikev1/req-pkcs10/hosts/moon/etc/strongswan.conf +++ /dev/null @@ -1,15 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -pluto { - load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 gmp random curl kernel-netlink -} - -scepclient { - load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 gmp random -} - -# pluto uses optimized DH exponent sizes (RFC 3526) - -libstrongswan { - dh_exponent_ansi_x9_42 = no -} diff --git a/testing/tests/ikev1/req-pkcs10/hosts/winnetou/etc/openssl/yy.txt b/testing/tests/ikev1/req-pkcs10/hosts/winnetou/etc/openssl/yy.txt deleted file mode 100644 index 9b48ee4cf..000000000 --- a/testing/tests/ikev1/req-pkcs10/hosts/winnetou/etc/openssl/yy.txt +++ /dev/null @@ -1,2 +0,0 @@ -y -y diff --git a/testing/tests/ikev1/req-pkcs10/posttest.dat b/testing/tests/ikev1/req-pkcs10/posttest.dat deleted file mode 100644 index 933b4b6c4..000000000 --- a/testing/tests/ikev1/req-pkcs10/posttest.dat +++ /dev/null @@ -1,11 +0,0 @@ -moon::ipsec stop -carol::ipsec stop -moon::/etc/init.d/iptables stop 2> /dev/null -carol::/etc/init.d/iptables stop 2> /dev/null -carol::rm /etc/ipsec.d/private/* -carol::rm /etc/ipsec.d/certs/* -carol::rm /etc/ipsec.d/reqs/* -moon::rm /etc/ipsec.d/private/* -moon::rm /etc/ipsec.d/reqs/* -winnetou::rm /etc/openssl/carol* -winnetou::rm /etc/openssl/moon* diff --git a/testing/tests/ikev1/req-pkcs10/pretest.dat b/testing/tests/ikev1/req-pkcs10/pretest.dat deleted file mode 100644 index cb4355efa..000000000 --- a/testing/tests/ikev1/req-pkcs10/pretest.dat +++ /dev/null @@ -1,23 +0,0 @@ -moon::/etc/init.d/iptables start 2> /dev/null -carol::/etc/init.d/iptables start 2> /dev/null -carol::rm /etc/ipsec.d/private/* -carol::rm /etc/ipsec.d/certs/* -carol::cat /etc/scepclient.conf -carol::ipsec scepclient --dn \"C=CH, O=Linux strongSwan, CN=carol@strongswan.org\" --optionsfrom /etc/scepclient.conf -winnetou::scp carol:/etc/ipsec.d/reqs/myReq.der /etc/openssl/carolReq.der -winnetou::openssl req -inform der -in /etc/openssl/carolReq.der -out /etc/openssl/carolReq.pem -winnetou::cd /etc/openssl; COMMON_NAME="carol@strongswan.org" openssl ca -in carolReq.pem -out carolCert.pem -notext -config openssl.cnf -extensions user_ext < yy.txt -winnetou::scp /etc/openssl/carolCert.pem carol:/etc/ipsec.d/certs/myCert.pem -moon::rm /etc/ipsec.d/private/* -moon::rm /etc/ipsec.d/certs/* -moon::cat /etc/scepclient.conf -moon::ipsec scepclient --dn \"C=CH, O=Linux strongSwan, SN=01, CN=moon.strongswan.org\" --optionsfrom /etc/scepclient.conf -winnetou::scp moon:/etc/ipsec.d/reqs/moonReq.der /etc/openssl/ -winnetou::openssl req -inform der -in /etc/openssl/moonReq.der -out /etc/openssl/moonReq.pem -winnetou::cd /etc/openssl; COMMON_NAME="moon.strongswan.org" openssl ca -in moonReq.pem -out moonCert.pem -notext -config openssl.cnf -extensions host_ext < yy.txt -winnetou::scp /etc/openssl/moonCert.pem moon:/etc/ipsec.d/certs/ -carol::sleep 2 -carol::ipsec start -moon::ipsec start -carol::sleep 2 -carol::ipsec up home diff --git a/testing/tests/ikev1/req-pkcs10/test.conf b/testing/tests/ikev1/req-pkcs10/test.conf deleted file mode 100644 index 9cd583b16..000000000 --- a/testing/tests/ikev1/req-pkcs10/test.conf +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# -# This configuration file provides information on the -# UML instances used for this test - -# All UML instances that are required for this test -# -UMLHOSTS="alice moon carol winnetou" - -# Corresponding block diagram -# -DIAGRAM="a-m-c-w.png" - -# UML instances on which tcpdump is to be started -# -TCPDUMPHOSTS="moon" - -# UML instances on which IPsec is started -# Used for IPsec logging purposes -# -IPSECHOSTS="moon carol" |