summaryrefslogtreecommitdiff
path: root/testing/tests/ikev1
diff options
context:
space:
mode:
Diffstat (limited to 'testing/tests/ikev1')
-rw-r--r--testing/tests/ikev1/double-nat-net/posttest.dat2
-rw-r--r--testing/tests/ikev1/double-nat/posttest.dat2
-rw-r--r--testing/tests/ikev1/dynamic-initiator/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/dynamic-initiator/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/dynamic-responder/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/dynamic-responder/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/dynamic-responder/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/dynamic-two-peers/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/dynamic-two-peers/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/dynamic-two-peers/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/nat-rw/posttest.dat1
-rw-r--r--testing/tests/ikev1/nat-virtual-ip/posttest.dat1
-rw-r--r--testing/tests/ikev1/nat-virtual-ip/pretest.dat3
-rw-r--r--testing/tests/ikev1/net2net-cert/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/net2net-cert/hosts/sun/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/net2net-fragmentation/hosts/moon/etc/strongswan.conf3
-rw-r--r--testing/tests/ikev1/net2net-fragmentation/hosts/sun/etc/strongswan.conf3
-rw-r--r--testing/tests/ikev1/net2net-ntru-cert/hosts/moon/etc/strongswan.conf3
-rw-r--r--testing/tests/ikev1/net2net-psk/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/net2net-psk/hosts/sun/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/rw-cert-aggressive/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/rw-cert-aggressive/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/rw-cert-aggressive/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/rw-cert-unity/hosts/carol/etc/strongswan.conf4
-rw-r--r--testing/tests/ikev1/rw-cert-unity/hosts/moon/etc/strongswan.conf7
-rw-r--r--testing/tests/ikev1/rw-cert/hosts/carol/etc/strongswan.conf3
-rw-r--r--testing/tests/ikev1/rw-cert/hosts/dave/etc/strongswan.conf3
-rw-r--r--testing/tests/ikev1/rw-cert/hosts/moon/etc/strongswan.conf3
-rw-r--r--testing/tests/ikev1/xauth-id-psk-config/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-id-psk-config/hosts/dave/etc/strongswan.conf4
-rw-r--r--testing/tests/ikev1/xauth-id-psk-config/hosts/moon/etc/strongswan.conf4
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-config/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-config/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-config/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-psk/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-psk/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-psk/hosts/moon/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/strongswan.conf1
-rw-r--r--testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/moon/etc/strongswan.conf3
-rw-r--r--testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/strongswan.conf1
-rw-r--r--testing/tests/ikev1/xauth-rsa-radius/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-rsa-radius/hosts/moon/etc/strongswan.conf3
-rw-r--r--testing/tests/ikev1/xauth-rsa/hosts/carol/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-rsa/hosts/dave/etc/strongswan.conf2
-rw-r--r--testing/tests/ikev1/xauth-rsa/hosts/moon/etc/strongswan.conf2
53 files changed, 19 insertions, 103 deletions
diff --git a/testing/tests/ikev1/double-nat-net/posttest.dat b/testing/tests/ikev1/double-nat-net/posttest.dat
index 63d4f98e7..ec663e70d 100644
--- a/testing/tests/ikev1/double-nat-net/posttest.dat
+++ b/testing/tests/ikev1/double-nat-net/posttest.dat
@@ -4,6 +4,4 @@ alice::iptables-restore < /etc/iptables.flush
bob::iptables-restore < /etc/iptables.flush
moon::iptables -t nat -F
sun::iptables -t nat -F
-moon::conntrack -F
-sun::conntrack -F
sun::ip route del 10.1.0.0/16 via PH_IP_BOB
diff --git a/testing/tests/ikev1/double-nat/posttest.dat b/testing/tests/ikev1/double-nat/posttest.dat
index aa806bfc9..f434b336c 100644
--- a/testing/tests/ikev1/double-nat/posttest.dat
+++ b/testing/tests/ikev1/double-nat/posttest.dat
@@ -4,5 +4,3 @@ alice::iptables-restore < /etc/iptables.flush
bob::iptables-restore < /etc/iptables.flush
moon::iptables -t nat -F
sun::iptables -t nat -F
-moon::conntrack -F
-sun::conntrack -F
diff --git a/testing/tests/ikev1/dynamic-initiator/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/dynamic-initiator/hosts/carol/etc/strongswan.conf
index bad10ca43..73bbf6805 100644
--- a/testing/tests/ikev1/dynamic-initiator/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-initiator/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/strongswan.conf
index bad10ca43..73bbf6805 100644
--- a/testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/dynamic-initiator/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/dynamic-initiator/hosts/moon/etc/strongswan.conf
index bad10ca43..73bbf6805 100644
--- a/testing/tests/ikev1/dynamic-initiator/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-initiator/hosts/moon/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/dynamic-responder/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/dynamic-responder/hosts/carol/etc/strongswan.conf
index bad10ca43..73bbf6805 100644
--- a/testing/tests/ikev1/dynamic-responder/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-responder/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/dynamic-responder/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/dynamic-responder/hosts/dave/etc/strongswan.conf
index bad10ca43..73bbf6805 100644
--- a/testing/tests/ikev1/dynamic-responder/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-responder/hosts/dave/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/dynamic-responder/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/dynamic-responder/hosts/moon/etc/strongswan.conf
index bad10ca43..73bbf6805 100644
--- a/testing/tests/ikev1/dynamic-responder/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-responder/hosts/moon/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/dynamic-two-peers/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/dynamic-two-peers/hosts/carol/etc/strongswan.conf
index bad10ca43..73bbf6805 100644
--- a/testing/tests/ikev1/dynamic-two-peers/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-two-peers/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/dynamic-two-peers/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/dynamic-two-peers/hosts/dave/etc/strongswan.conf
index bad10ca43..73bbf6805 100644
--- a/testing/tests/ikev1/dynamic-two-peers/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-two-peers/hosts/dave/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/dynamic-two-peers/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/dynamic-two-peers/hosts/moon/etc/strongswan.conf
index bad10ca43..73bbf6805 100644
--- a/testing/tests/ikev1/dynamic-two-peers/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/dynamic-two-peers/hosts/moon/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/nat-rw/posttest.dat b/testing/tests/ikev1/nat-rw/posttest.dat
index 4643a3a7b..bc7d23771 100644
--- a/testing/tests/ikev1/nat-rw/posttest.dat
+++ b/testing/tests/ikev1/nat-rw/posttest.dat
@@ -5,4 +5,3 @@ alice::iptables-restore < /etc/iptables.flush
venus::iptables-restore < /etc/iptables.flush
sun::iptables-restore < /etc/iptables.flush
moon::iptables -t nat -F
-moon::conntrack -F
diff --git a/testing/tests/ikev1/nat-virtual-ip/posttest.dat b/testing/tests/ikev1/nat-virtual-ip/posttest.dat
index 11bd19da7..b9fbde7cb 100644
--- a/testing/tests/ikev1/nat-virtual-ip/posttest.dat
+++ b/testing/tests/ikev1/nat-virtual-ip/posttest.dat
@@ -2,5 +2,4 @@ moon::ipsec stop
sun::ipsec stop
moon::iptables-restore < /etc/iptables.flush
sun::iptables-restore < /etc/iptables.flush
-moon::conntrack -F
moon::rm /etc/nat_updown
diff --git a/testing/tests/ikev1/nat-virtual-ip/pretest.dat b/testing/tests/ikev1/nat-virtual-ip/pretest.dat
index eb0c28c7f..8945d87b9 100644
--- a/testing/tests/ikev1/nat-virtual-ip/pretest.dat
+++ b/testing/tests/ikev1/nat-virtual-ip/pretest.dat
@@ -1,8 +1,7 @@
moon::iptables-restore < /etc/iptables.rules
sun::iptables-restore < /etc/iptables.rules
-moon::conntrack -F
moon::ipsec start
sun::ipsec start
-moon::sleep 1
+moon::sleep 1
moon::ipsec up net-net
moon::sleep 1
diff --git a/testing/tests/ikev1/net2net-cert/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/net2net-cert/hosts/moon/etc/strongswan.conf
index bad10ca43..73bbf6805 100644
--- a/testing/tests/ikev1/net2net-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/net2net-cert/hosts/moon/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/net2net-cert/hosts/sun/etc/strongswan.conf b/testing/tests/ikev1/net2net-cert/hosts/sun/etc/strongswan.conf
index bad10ca43..73bbf6805 100644
--- a/testing/tests/ikev1/net2net-cert/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev1/net2net-cert/hosts/sun/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/net2net-fragmentation/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/net2net-fragmentation/hosts/moon/etc/strongswan.conf
index 9caf4fa37..8cc4192c6 100644
--- a/testing/tests/ikev1/net2net-fragmentation/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/net2net-fragmentation/hosts/moon/etc/strongswan.conf
@@ -4,8 +4,5 @@ charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
fragment_size = 1024
-}
-
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/net2net-fragmentation/hosts/sun/etc/strongswan.conf b/testing/tests/ikev1/net2net-fragmentation/hosts/sun/etc/strongswan.conf
index 9caf4fa37..8cc4192c6 100644
--- a/testing/tests/ikev1/net2net-fragmentation/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev1/net2net-fragmentation/hosts/sun/etc/strongswan.conf
@@ -4,8 +4,5 @@ charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default updown
fragment_size = 1024
-}
-
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/net2net-ntru-cert/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/net2net-ntru-cert/hosts/moon/etc/strongswan.conf
index f4fd948fd..4de997a66 100644
--- a/testing/tests/ikev1/net2net-ntru-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/net2net-ntru-cert/hosts/moon/etc/strongswan.conf
@@ -2,11 +2,10 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 ntru revocation hmac stroke kernel-netlink socket-default updown
+
multiple_authentication = no
send_vendor_id = yes
-}
-libstrongswan {
plugins {
ntru {
parameter_set = optimum
diff --git a/testing/tests/ikev1/net2net-psk/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/net2net-psk/hosts/moon/etc/strongswan.conf
index 238ec24b7..248642530 100644
--- a/testing/tests/ikev1/net2net-psk/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/net2net-psk/hosts/moon/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = aes des sha1 sha2 md5 gmp random nonce hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/net2net-psk/hosts/sun/etc/strongswan.conf b/testing/tests/ikev1/net2net-psk/hosts/sun/etc/strongswan.conf
index 238ec24b7..248642530 100644
--- a/testing/tests/ikev1/net2net-psk/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/ikev1/net2net-psk/hosts/sun/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = aes des sha1 sha2 md5 gmp random nonce hmac stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/rw-cert-aggressive/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/rw-cert-aggressive/hosts/carol/etc/strongswan.conf
index c032d8291..eb8b1400a 100644
--- a/testing/tests/ikev1/rw-cert-aggressive/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/rw-cert-aggressive/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random nonce x509 revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/rw-cert-aggressive/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/rw-cert-aggressive/hosts/dave/etc/strongswan.conf
index c032d8291..eb8b1400a 100644
--- a/testing/tests/ikev1/rw-cert-aggressive/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/rw-cert-aggressive/hosts/dave/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random nonce x509 revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/rw-cert-aggressive/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/rw-cert-aggressive/hosts/moon/etc/strongswan.conf
index c032d8291..eb8b1400a 100644
--- a/testing/tests/ikev1/rw-cert-aggressive/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/rw-cert-aggressive/hosts/moon/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random nonce x509 revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/rw-cert-unity/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/rw-cert-unity/hosts/carol/etc/strongswan.conf
index 14e061408..38bfed070 100644
--- a/testing/tests/ikev1/rw-cert-unity/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/rw-cert-unity/hosts/carol/etc/strongswan.conf
@@ -2,9 +2,7 @@
charon {
load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random nonce x509 revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default unity
+
cisco_unity = yes
-}
-
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/rw-cert-unity/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/rw-cert-unity/hosts/moon/etc/strongswan.conf
index cbc51d38c..dbf1bee46 100644
--- a/testing/tests/ikev1/rw-cert-unity/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/rw-cert-unity/hosts/moon/etc/strongswan.conf
@@ -2,14 +2,13 @@
charon {
load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random nonce x509 revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default attr unity
+
cisco_unity = yes
+ dh_exponent_ansi_x9_42 = no
+
plugins {
attr {
split-exclude = 192.168.0.0/24
}
}
}
-
-libstrongswan {
- dh_exponent_ansi_x9_42 = no
-}
diff --git a/testing/tests/ikev1/rw-cert/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/rw-cert/hosts/carol/etc/strongswan.conf
index 8822cae64..0792a3f52 100644
--- a/testing/tests/ikev1/rw-cert/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/rw-cert/hosts/carol/etc/strongswan.conf
@@ -2,11 +2,10 @@
charon {
load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random nonce x509 revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
integrity_test = yes
+
crypto_test {
on_add = yes
}
diff --git a/testing/tests/ikev1/rw-cert/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/rw-cert/hosts/dave/etc/strongswan.conf
index 8822cae64..0792a3f52 100644
--- a/testing/tests/ikev1/rw-cert/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/rw-cert/hosts/dave/etc/strongswan.conf
@@ -2,11 +2,10 @@
charon {
load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random nonce x509 revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
integrity_test = yes
+
crypto_test {
on_add = yes
}
diff --git a/testing/tests/ikev1/rw-cert/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/rw-cert/hosts/moon/etc/strongswan.conf
index 8822cae64..0792a3f52 100644
--- a/testing/tests/ikev1/rw-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/rw-cert/hosts/moon/etc/strongswan.conf
@@ -2,11 +2,10 @@
charon {
load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random nonce x509 revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
integrity_test = yes
+
crypto_test {
on_add = yes
}
diff --git a/testing/tests/ikev1/xauth-id-psk-config/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-psk-config/hosts/carol/etc/strongswan.conf
index 1fb5d14b1..c08fab86e 100644
--- a/testing/tests/ikev1/xauth-id-psk-config/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-psk-config/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac gmp random nonce xauth-generic resolve kernel-netlink socket-default stroke updown
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-id-psk-config/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-psk-config/hosts/dave/etc/strongswan.conf
index 1fb5d14b1..66054d0f9 100644
--- a/testing/tests/ikev1/xauth-id-psk-config/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-psk-config/hosts/dave/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac gmp random nonce xauth-generic resolve kernel-netlink socket-default stroke updown
-}
-
-libstrongswan {
+
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-id-psk-config/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-psk-config/hosts/moon/etc/strongswan.conf
index 422538cec..02e7618d3 100644
--- a/testing/tests/ikev1/xauth-id-psk-config/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-psk-config/hosts/moon/etc/strongswan.conf
@@ -2,10 +2,8 @@
charon {
load = sha1 sha2 md5 aes des hmac gmp random nonce xauth-generic attr kernel-netlink socket-default stroke updown
+
dns1 = 192.168.0.150
dns2 = 10.1.0.20
-}
-
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/carol/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/dave/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/dave/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/moon/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/moon/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-id-rsa-config/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-rsa-config/hosts/carol/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-id-rsa-config/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-rsa-config/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-id-rsa-config/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-rsa-config/hosts/dave/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-id-rsa-config/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-rsa-config/hosts/dave/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-id-rsa-config/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-rsa-config/hosts/moon/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-id-rsa-config/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-rsa-config/hosts/moon/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/carol/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/dave/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/dave/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/moon/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/moon/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-psk/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/xauth-psk/hosts/carol/etc/strongswan.conf
index 61260f891..f65197bef 100644
--- a/testing/tests/ikev1/xauth-psk/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-psk/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac gmp random nonce xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-psk/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/xauth-psk/hosts/dave/etc/strongswan.conf
index 61260f891..f65197bef 100644
--- a/testing/tests/ikev1/xauth-psk/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-psk/hosts/dave/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac gmp random nonce xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-psk/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/xauth-psk/hosts/moon/etc/strongswan.conf
index 61260f891..f65197bef 100644
--- a/testing/tests/ikev1/xauth-psk/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-psk/hosts/moon/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac gmp random nonce xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/strongswan.conf b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/strongswan.conf
new file mode 100644
index 000000000..e79fe2c92
--- /dev/null
+++ b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/strongswan.conf
@@ -0,0 +1 @@
+# /etc/strongswan.conf - strongSwan configuration file
diff --git a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/carol/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/moon/etc/strongswan.conf
index e2e2164ae..ba37a47cf 100644
--- a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/moon/etc/strongswan.conf
@@ -2,6 +2,9 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default fips-prf eap-radius eap-md5 xauth-eap updown
+
+ dh_exponent_ansi_x9_42 = no
+
plugins {
eap-radius {
secret = gv6URkSs
diff --git a/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/strongswan.conf b/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/strongswan.conf
new file mode 100644
index 000000000..e79fe2c92
--- /dev/null
+++ b/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/strongswan.conf
@@ -0,0 +1 @@
+# /etc/strongswan.conf - strongSwan configuration file
diff --git a/testing/tests/ikev1/xauth-rsa-radius/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/xauth-rsa-radius/hosts/carol/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-rsa-radius/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-rsa-radius/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-rsa-radius/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/xauth-rsa-radius/hosts/moon/etc/strongswan.conf
index 77266cfa0..7114a3fe4 100644
--- a/testing/tests/ikev1/xauth-rsa-radius/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-rsa-radius/hosts/moon/etc/strongswan.conf
@@ -2,6 +2,9 @@
charon {
load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default fips-prf eap-radius updown
+
+ dh_exponent_ansi_x9_42 = no
+
plugins {
eap-radius {
secret = gv6URkSs
diff --git a/testing/tests/ikev1/xauth-rsa/hosts/carol/etc/strongswan.conf b/testing/tests/ikev1/xauth-rsa/hosts/carol/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-rsa/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-rsa/hosts/carol/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-rsa/hosts/dave/etc/strongswan.conf b/testing/tests/ikev1/xauth-rsa/hosts/dave/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-rsa/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-rsa/hosts/dave/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}
diff --git a/testing/tests/ikev1/xauth-rsa/hosts/moon/etc/strongswan.conf b/testing/tests/ikev1/xauth-rsa/hosts/moon/etc/strongswan.conf
index 5cd9bf11e..ca3372f7d 100644
--- a/testing/tests/ikev1/xauth-rsa/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/ikev1/xauth-rsa/hosts/moon/etc/strongswan.conf
@@ -2,8 +2,6 @@
charon {
load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation gmp random nonce curl xauth-generic kernel-netlink socket-default updown stroke
-}
-libstrongswan {
dh_exponent_ansi_x9_42 = no
}