summaryrefslogtreecommitdiff
path: root/testing/tests/ikev1/xauth-psk
diff options
context:
space:
mode:
Diffstat (limited to 'testing/tests/ikev1/xauth-psk')
-rw-r--r--testing/tests/ikev1/xauth-psk/evaltest.dat20
-rw-r--r--testing/tests/ikev1/xauth-psk/hosts/carol/etc/ipsec.conf10
-rw-r--r--testing/tests/ikev1/xauth-psk/hosts/carol/etc/strongswan.conf6
-rw-r--r--testing/tests/ikev1/xauth-psk/hosts/dave/etc/ipsec.conf10
-rw-r--r--testing/tests/ikev1/xauth-psk/hosts/dave/etc/strongswan.conf6
-rw-r--r--testing/tests/ikev1/xauth-psk/hosts/moon/etc/ipsec.conf11
-rw-r--r--testing/tests/ikev1/xauth-psk/hosts/moon/etc/strongswan.conf6
7 files changed, 29 insertions, 40 deletions
diff --git a/testing/tests/ikev1/xauth-psk/evaltest.dat b/testing/tests/ikev1/xauth-psk/evaltest.dat
index 786043065..988a6c541 100644
--- a/testing/tests/ikev1/xauth-psk/evaltest.dat
+++ b/testing/tests/ikev1/xauth-psk/evaltest.dat
@@ -1,13 +1,15 @@
-carol::cat /var/log/auth.log::extended authentication was successful::YES
-dave::cat /var/log/auth.log::extended authentication was successful::YES
-moon::cat /var/log/auth.log::xauth user name is .*carol@strongswan.org::YES
-moon::cat /var/log/auth.log::xauth user name is .*dave@strongswan.org::YES
-moon::cat /var/log/auth.log::extended authentication was successful::YES
-carol::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES
-dave::ipsec status::home.*STATE_QUICK_I2.*IPsec SA established::YES
-moon::ipsec status::rw.*STATE_QUICK_R2.*IPsec SA established::YES
+carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
+dave:: ipsec status 2> /dev/null::home.*ESTABLISHED.*dave@strongswan.org.*moon.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[1]: ESTABLISHED.*moon.strongswan.org.*carol.strongswan.org::YES
+moon:: ipsec status 2> /dev/null::rw\[2]: ESTABLISHED.*moon.strongswan.org.*dave.strongswan.org::YES
+carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+dave:: ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]1}.*INSTALLED, TUNNEL::YES
+moon:: ipsec status 2> /dev/null::rw[{]2}.*INSTALLED, TUNNEL::YES
+moon:: cat /var/log/daemon.log::XAuth authentication of.*carol@strongswan.org.*successful::YES
+moon:: cat /var/log/daemon.log::XAuth authentication of.*dave@strongswan.org.*successful::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
+dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
diff --git a/testing/tests/ikev1/xauth-psk/hosts/carol/etc/ipsec.conf b/testing/tests/ikev1/xauth-psk/hosts/carol/etc/ipsec.conf
index 1c7d7002e..a6bba5b04 100644
--- a/testing/tests/ikev1/xauth-psk/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/xauth-psk/hosts/carol/etc/ipsec.conf
@@ -1,10 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- plutodebug=control
- crlcheckinterval=180
- strictcrlpolicy=no
- charonstart=no
conn %default
ikelifetime=60m
@@ -12,13 +8,15 @@ conn %default
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
- authby=xauthpsk
conn home
left=PH_IP_CAROL
leftid=carol@strongswan.org
+ leftauth=psk
+ leftauth2=xauth
leftfirewall=yes
right=PH_IP_MOON
- rightid=moon.strongswan.org
rightsubnet=10.1.0.0/16
+ rightid=@moon.strongswan.org
+ rightauth=psk
auto=add
diff --git a/testing/tests/ikev1/xauth-psk/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/xauth-psk/hosts/carol/etc/strongswan.conf
index c9eb0bc97..61260f891 100644
--- a/testing/tests/ikev1/xauth-psk/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-psk/hosts/carol/etc/strongswan.conf
@@ -1,11 +1,9 @@
# /etc/strongswan.conf - strongSwan configuration file
-pluto {
- load = sha1 sha2 md5 aes des hmac gmp random xauth kernel-netlink
+charon {
+ load = sha1 sha2 md5 aes des hmac gmp random nonce xauth-generic kernel-netlink socket-default updown stroke
}
-# pluto uses optimized DH exponent sizes (RFC 3526)
-
libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-psk/hosts/dave/etc/ipsec.conf b/testing/tests/ikev1/xauth-psk/hosts/dave/etc/ipsec.conf
index 782c160c9..5b80edb9f 100644
--- a/testing/tests/ikev1/xauth-psk/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/ikev1/xauth-psk/hosts/dave/etc/ipsec.conf
@@ -1,10 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- plutodebug=control
- crlcheckinterval=180
- strictcrlpolicy=no
- charonstart=no
conn %default
ikelifetime=60m
@@ -12,13 +8,15 @@ conn %default
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
- authby=xauthpsk
conn home
left=PH_IP_DAVE
leftid=dave@strongswan.org
leftfirewall=yes
+ leftauth=psk
+ leftauth2=xauth
right=PH_IP_MOON
- rightid=moon.strongswan.org
rightsubnet=10.1.0.0/16
+ rightid=@moon.strongswan.org
+ rightauth=psk
auto=add
diff --git a/testing/tests/ikev1/xauth-psk/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/xauth-psk/hosts/dave/etc/strongswan.conf
index c9eb0bc97..61260f891 100644
--- a/testing/tests/ikev1/xauth-psk/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-psk/hosts/dave/etc/strongswan.conf
@@ -1,11 +1,9 @@
# /etc/strongswan.conf - strongSwan configuration file
-pluto {
- load = sha1 sha2 md5 aes des hmac gmp random xauth kernel-netlink
+charon {
+ load = sha1 sha2 md5 aes des hmac gmp random nonce xauth-generic kernel-netlink socket-default updown stroke
}
-# pluto uses optimized DH exponent sizes (RFC 3526)
-
libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-psk/hosts/moon/etc/ipsec.conf b/testing/tests/ikev1/xauth-psk/hosts/moon/etc/ipsec.conf
index 595e6588c..7e79c11f8 100644
--- a/testing/tests/ikev1/xauth-psk/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/xauth-psk/hosts/moon/etc/ipsec.conf
@@ -1,10 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- plutodebug=control
- crlcheckinterval=180
- strictcrlpolicy=no
- charonstart=no
conn %default
ikelifetime=60m
@@ -12,13 +8,14 @@ conn %default
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
- authby=xauthpsk
- xauth=server
conn rw
left=PH_IP_MOON
- leftid=moon.strongswan.org
+ leftid=@moon.strongswan.org
leftsubnet=10.1.0.0/16
+ leftauth=psk
leftfirewall=yes
right=%any
+ rightauth=psk
+ rightauth2=xauth
auto=add
diff --git a/testing/tests/ikev1/xauth-psk/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/xauth-psk/hosts/moon/etc/strongswan.conf
index c9eb0bc97..61260f891 100644
--- a/testing/tests/ikev1/xauth-psk/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-psk/hosts/moon/etc/strongswan.conf
@@ -1,11 +1,9 @@
# /etc/strongswan.conf - strongSwan configuration file
-pluto {
- load = sha1 sha2 md5 aes des hmac gmp random xauth kernel-netlink
+charon {
+ load = sha1 sha2 md5 aes des hmac gmp random nonce xauth-generic kernel-netlink socket-default updown stroke
}
-# pluto uses optimized DH exponent sizes (RFC 3526)
-
libstrongswan {
dh_exponent_ansi_x9_42 = no
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 17:46:24 +0000