summaryrefslogtreecommitdiff
path: root/testing/tests/ikev1
diff options
context:
space:
mode:
Diffstat (limited to 'testing/tests/ikev1')
-rw-r--r--testing/tests/ikev1/alg-3des-md5/evaltest.dat4
-rw-r--r--testing/tests/ikev1/alg-sha256/evaltest.dat8
-rw-r--r--testing/tests/ikev1/alg-sha256/hosts/carol/etc/ipsec.conf4
-rw-r--r--testing/tests/ikev1/alg-sha256/hosts/moon/etc/ipsec.conf4
-rw-r--r--testing/tests/ikev1/alg-sha384/evaltest.dat4
-rw-r--r--testing/tests/ikev1/alg-sha512/evaltest.dat4
-rw-r--r--testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-rsa-eap-md5-radius/evaltest.dat2
-rw-r--r--testing/tests/ikev1/xauth-rsa-radius/evaltest.dat2
9 files changed, 16 insertions, 18 deletions
diff --git a/testing/tests/ikev1/alg-3des-md5/evaltest.dat b/testing/tests/ikev1/alg-3des-md5/evaltest.dat
index abd29e97e..ad0ebd48c 100644
--- a/testing/tests/ikev1/alg-3des-md5/evaltest.dat
+++ b/testing/tests/ikev1/alg-3des-md5/evaltest.dat
@@ -5,8 +5,8 @@ carol::ipsec status 2> /dev/null::home.*INSTALLED::YES
moon:: ipsec statusall 2> /dev/null::rw.*IKE proposal.*3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024::YES
carol::ipsec statusall 2> /dev/null::home.*IKE proposal.*3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024::YES
carol::ping -c 1 -s 120 -p deadbeef PH_IP_ALICE::128 bytes from PH_IP_ALICE: icmp_req=1::YES
-moon:: ipsec statusall 2> /dev/null::rw.*3DES_CBC/HMAC_MD5_96,::YES
-carol::ipsec statusall 2> /dev/null::home.*3DES_CBC/HMAC_MD5_96,::YES
+moon:: ipsec statusall 2> /dev/null::rw.*3DES_CBC/HMAC_MD5_96/MODP_1024,::YES
+carol::ipsec statusall 2> /dev/null::home.*3DES_CBC/HMAC_MD5_96/MODP_1024,::YES
moon:: ip xfrm state::enc cbc(des3_ede)::YES
carol::ip xfrm state::enc cbc(des3_ede)::YES
moon:: ip xfrm state::auth-trunc hmac(md5)::YES
diff --git a/testing/tests/ikev1/alg-sha256/evaltest.dat b/testing/tests/ikev1/alg-sha256/evaltest.dat
index eba856742..364d89f59 100644
--- a/testing/tests/ikev1/alg-sha256/evaltest.dat
+++ b/testing/tests/ikev1/alg-sha256/evaltest.dat
@@ -2,11 +2,11 @@ moon:: ipsec status 2> /dev/null::rw.*ESTABLISHED.*moon.strongswan.org.*carol@st
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
moon:: ipsec status 2> /dev/null::rw.*INSTALLED, TUNNEL::YES
carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
-moon:: ipsec statusall 2> /dev/null::rw.*IKE proposal.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048::YES
-carol::ipsec statusall 2> /dev/null::home.*IKE proposal.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048::YES
+moon:: ipsec statusall 2> /dev/null::rw.*IKE proposal.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072::YES
+carol::ipsec statusall 2> /dev/null::home.*IKE proposal.*AES_CBC_128/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_3072::YES
carol::ping -c 1 -s 120 -p deadbeef PH_IP_ALICE::128 bytes from PH_IP_ALICE: icmp_req=1::YES
-moon:: ipsec statusall 2> /dev/null::rw.*AES_CBC_128/HMAC_SHA2_256_128,::YES
-carol::ipsec statusall 2> /dev/null::home.*AES_CBC_128/HMAC_SHA2_256_128,::YES
+moon:: ipsec statusall 2> /dev/null::rw.*AES_CBC_128/HMAC_SHA2_256_128/MODP_3072,::YES
+carol::ipsec statusall 2> /dev/null::home.*AES_CBC_128/HMAC_SHA2_256_128/MODP_3072,::YES
moon:: ip xfrm state::auth-trunc hmac(sha256)::YES
carol::ip xfrm state::auth-trunc hmac(sha256)::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP.*length 200::YES
diff --git a/testing/tests/ikev1/alg-sha256/hosts/carol/etc/ipsec.conf b/testing/tests/ikev1/alg-sha256/hosts/carol/etc/ipsec.conf
index 73e25710b..1c227978e 100644
--- a/testing/tests/ikev1/alg-sha256/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha256/hosts/carol/etc/ipsec.conf
@@ -8,8 +8,8 @@ conn %default
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
- ike=aes128-sha256-modp2048!
- esp=aes128-sha256-modp2048!
+ ike=aes128-sha256-modp3072!
+ esp=aes128-sha256-modp3072!
conn home
left=PH_IP_CAROL
diff --git a/testing/tests/ikev1/alg-sha256/hosts/moon/etc/ipsec.conf b/testing/tests/ikev1/alg-sha256/hosts/moon/etc/ipsec.conf
index 0a6f48e69..177aebf52 100644
--- a/testing/tests/ikev1/alg-sha256/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/ikev1/alg-sha256/hosts/moon/etc/ipsec.conf
@@ -8,8 +8,8 @@ conn %default
rekeymargin=3m
keyingtries=1
keyexchange=ikev1
- ike=aes128-sha256-modp2048!
- esp=aes128-sha256-modp2048!
+ ike=aes128-sha256-modp3072!
+ esp=aes128-sha256-modp3072!
conn rw
left=PH_IP_MOON
diff --git a/testing/tests/ikev1/alg-sha384/evaltest.dat b/testing/tests/ikev1/alg-sha384/evaltest.dat
index 3b24217c5..14f0ba479 100644
--- a/testing/tests/ikev1/alg-sha384/evaltest.dat
+++ b/testing/tests/ikev1/alg-sha384/evaltest.dat
@@ -5,8 +5,8 @@ carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
moon:: ipsec statusall 2> /dev/null::rw.*IKE proposal.*AES_CBC_192/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_3072::YES
carol::ipsec statusall 2> /dev/null::home.*IKE proposal.*AES_CBC_192/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_3072::YES
carol::ping -c 1 -s 120 -p deadbeef PH_IP_ALICE::128 bytes from PH_IP_ALICE: icmp_req=1::YES
-moon:: ipsec statusall 2> /dev/null::rw.*AES_CBC_192/HMAC_SHA2_384_192,::YES
-carol::ipsec statusall 2> /dev/null::home.*AES_CBC_192/HMAC_SHA2_384_192,::YES
+moon:: ipsec statusall 2> /dev/null::rw.*AES_CBC_192/HMAC_SHA2_384_192/MODP_3072,::YES
+carol::ipsec statusall 2> /dev/null::home.*AES_CBC_192/HMAC_SHA2_384_192/MODP_3072,::YES
moon:: ip xfrm state::auth-trunc hmac(sha384)::YES
carol::ip xfrm state::auth-trunc hmac(sha384)::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP.*length 208::YES
diff --git a/testing/tests/ikev1/alg-sha512/evaltest.dat b/testing/tests/ikev1/alg-sha512/evaltest.dat
index 6bdceeb44..6f8c05d5b 100644
--- a/testing/tests/ikev1/alg-sha512/evaltest.dat
+++ b/testing/tests/ikev1/alg-sha512/evaltest.dat
@@ -5,8 +5,8 @@ carol::ipsec status 2> /dev/null::home.*INSTALLED, TUNNEL::YES
moon:: ipsec statusall 2> /dev/null::rw.*IKE proposal.*AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096::YES
carol::ipsec statusall 2> /dev/null::home.*IKE proposal.*AES_CBC_256/HMAC_SHA2_512_256/PRF_HMAC_SHA2_512/MODP_4096::YES
carol::ping -c 1 -s 120 -p deadbeef PH_IP_ALICE::128 bytes from PH_IP_ALICE: icmp_req=1::YES
-moon:: ipsec statusall 2> /dev/null::rw.*AES_CBC_256/HMAC_SHA2_512_256,::YES
-carol::ipsec statusall 2> /dev/null::home.*AES_CBC_256/HMAC_SHA2_512_256,::YES
+moon:: ipsec statusall 2> /dev/null::rw.*AES_CBC_256/HMAC_SHA2_512_256/MODP_4096,::YES
+carol::ipsec statusall 2> /dev/null::home.*AES_CBC_256/HMAC_SHA2_512_256/MODP_4096,::YES
moon:: ip xfrm state::auth-trunc hmac(sha512)::YES
carol::ip xfrm state::auth-trunc hmac(sha512)::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP.*length 216::YES
diff --git a/testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf
index 6c22fd548..7d97dd229 100644
--- a/testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/ip-pool-db/hosts/moon/etc/strongswan.conf
@@ -2,9 +2,7 @@
charon {
load = aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 curl revocation hmac xcbc stroke kernel-netlink socket-default sqlite attr-sql updown
-}
-libhydra {
plugins {
attr-sql {
database = sqlite:///etc/db.d/ipsec.db
diff --git a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/evaltest.dat b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/evaltest.dat
index d568273d1..fe148cd10 100644
--- a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/evaltest.dat
+++ b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/evaltest.dat
@@ -1,4 +1,4 @@
-carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA successful::YES
+carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_NULL successful::YES
moon:: cat /var/log/daemon.log::RADIUS authentication of 'carol@strongswan.org' successful::YES
moon:: cat /var/log/daemon.log::XAuth authentication of 'carol@strongswan.org' successful::YES
moon:: ipsec status 2> /dev/null::rw.*ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
diff --git a/testing/tests/ikev1/xauth-rsa-radius/evaltest.dat b/testing/tests/ikev1/xauth-rsa-radius/evaltest.dat
index ee60292a3..a88debd3e 100644
--- a/testing/tests/ikev1/xauth-rsa-radius/evaltest.dat
+++ b/testing/tests/ikev1/xauth-rsa-radius/evaltest.dat
@@ -1,4 +1,4 @@
-carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA successful::YES
+carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA_EMSA_PKCS1_NULL successful::YES
moon:: cat /var/log/daemon.log::XAuth authentication of 'carol@strongswan.org' successful::YES
moon:: ipsec status 2> /dev/null::rw.*ESTABLISHED.*moon.strongswan.org.*carol@strongswan.org::YES
carol::ipsec status 2> /dev/null::home.*ESTABLISHED.*carol@strongswan.org.*moon.strongswan.org::YES
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 10:48:53 +0000