summaryrefslogtreecommitdiff
path: root/testing/tests/tnc/tnccs-20
diff options
context:
space:
mode:
Diffstat (limited to 'testing/tests/tnc/tnccs-20')
-rw-r--r--testing/tests/tnc/tnccs-20/evaltest.dat24
-rw-r--r--[-rwxr-xr-x]testing/tests/tnc/tnccs-20/hosts/carol/etc/ipsec.conf2
-rw-r--r--testing/tests/tnc/tnccs-20/hosts/carol/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/tnc/tnccs-20/hosts/dave/etc/ipsec.conf2
-rw-r--r--testing/tests/tnc/tnccs-20/hosts/dave/etc/strongswan.conf2
-rw-r--r--[-rwxr-xr-x]testing/tests/tnc/tnccs-20/hosts/moon/etc/ipsec.conf2
-rw-r--r--testing/tests/tnc/tnccs-20/hosts/moon/etc/strongswan.conf2
7 files changed, 17 insertions, 19 deletions
diff --git a/testing/tests/tnc/tnccs-20/evaltest.dat b/testing/tests/tnc/tnccs-20/evaltest.dat
index 737c9b9ef..3d84f81e3 100644
--- a/testing/tests/tnc/tnccs-20/evaltest.dat
+++ b/testing/tests/tnc/tnccs-20/evaltest.dat
@@ -2,18 +2,18 @@ carol::cat /var/log/daemon.log::PB-TNC access recommendation is 'Access Allowed'
carol::cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established ::YES
carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
carol::cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.100/32 === 10.1.0.0/28::YES
-dave::cat /var/log/daemon.log::PB-TNC access recommendation is 'Quarantined'::YES
-dave::cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established ::YES
-dave::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
-dave::cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.200/32 === 10.1.0.16/28::YES
-moon::cat /var/log/daemon.log::added group membership 'allow'::YES
-moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
-moon::cat /var/log/daemon.log::added group membership 'isolate'::YES
-moon::cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with EAP successful::YES
-moon::ipsec statusall::rw-allow.*10.1.0.0/28 === 192.168.0.100/32::YES
-moon::ipsec statusall::rw-isolate.*10.1.0.16/28 === 192.168.0.200/32::YES
+dave:: cat /var/log/daemon.log::PB-TNC access recommendation is 'Quarantined'::YES
+dave:: cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established ::YES
+dave:: cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
+dave:: cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.200/32 === 10.1.0.16/28::YES
+moon:: cat /var/log/daemon.log::added group membership 'allow'::YES
+moon:: cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
+moon:: cat /var/log/daemon.log::added group membership 'isolate'::YES
+moon:: cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with EAP successful::YES
+moon:: ipsec statusall 2> /dev/null::rw-allow.*10.1.0.0/28 === 192.168.0.100/32::YES
+moon:: ipsec statusall 2> /dev/null::rw-isolate.*10.1.0.16/28 === 192.168.0.200/32::YES
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES
carol::ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_ALICE: icmp_seq=1::NO
-dave::ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
-dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_VENUS: icmp_seq=1::NO
+dave:: ping -c 1 PH_IP_VENUS::64 bytes from PH_IP_VENUS: icmp_seq=1::YES
+dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_VENUS: icmp_seq=1::NO
diff --git a/testing/tests/tnc/tnccs-20/hosts/carol/etc/ipsec.conf b/testing/tests/tnc/tnccs-20/hosts/carol/etc/ipsec.conf
index 847ca2e7f..a483d6df8 100755..100644
--- a/testing/tests/tnc/tnccs-20/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20/hosts/carol/etc/ipsec.conf
@@ -1,7 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- plutostart=no
charondebug="tnc 3, imc 2"
conn %default
@@ -18,6 +17,7 @@ conn home
leftfirewall=yes
right=PH_IP_MOON
rightid=@moon.strongswan.org
+ rightauth=any
rightsendcert=never
rightsubnet=10.1.0.0/16
auto=add
diff --git a/testing/tests/tnc/tnccs-20/hosts/carol/etc/strongswan.conf b/testing/tests/tnc/tnccs-20/hosts/carol/etc/strongswan.conf
index 50d7af66b..6d8c10eab 100644
--- a/testing/tests/tnc/tnccs-20/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-20/hosts/carol/etc/strongswan.conf
@@ -1,7 +1,7 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-tnccs tnc-imc tnccs-20 updown
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-tnccs tnc-imc tnccs-20 updown
multiple_authentication=no
plugins {
eap-tnc {
diff --git a/testing/tests/tnc/tnccs-20/hosts/dave/etc/ipsec.conf b/testing/tests/tnc/tnccs-20/hosts/dave/etc/ipsec.conf
index f0ad4721f..11378131a 100755..100644
--- a/testing/tests/tnc/tnccs-20/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20/hosts/dave/etc/ipsec.conf
@@ -1,7 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- plutostart=no
charondebug="tnc 3, imc 2"
conn %default
@@ -18,6 +17,7 @@ conn home
leftfirewall=yes
right=PH_IP_MOON
rightid=@moon.strongswan.org
+ rightauth=any
rightsendcert=never
rightsubnet=10.1.0.0/16
auto=add
diff --git a/testing/tests/tnc/tnccs-20/hosts/dave/etc/strongswan.conf b/testing/tests/tnc/tnccs-20/hosts/dave/etc/strongswan.conf
index b67541c3c..3a3c2a069 100644
--- a/testing/tests/tnc/tnccs-20/hosts/dave/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-20/hosts/dave/etc/strongswan.conf
@@ -1,7 +1,7 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-md5 eap-ttls eap-tnc tnc-imc tnc-tnccs tnccs-20 updown
multiple_authentication=no
plugins {
eap-tnc {
diff --git a/testing/tests/tnc/tnccs-20/hosts/moon/etc/ipsec.conf b/testing/tests/tnc/tnccs-20/hosts/moon/etc/ipsec.conf
index 9eec48402..b1093d46d 100755..100644
--- a/testing/tests/tnc/tnccs-20/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20/hosts/moon/etc/ipsec.conf
@@ -1,8 +1,6 @@
# /etc/ipsec.conf - strongSwan IPsec configuration file
config setup
- strictcrlpolicy=no
- plutostart=no
charondebug="tnc 3, imv 2"
conn %default
diff --git a/testing/tests/tnc/tnccs-20/hosts/moon/etc/strongswan.conf b/testing/tests/tnc/tnccs-20/hosts/moon/etc/strongswan.conf
index 9e4ebcf04..032ae7e91 100644
--- a/testing/tests/tnc/tnccs-20/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-20/hosts/moon/etc/strongswan.conf
@@ -1,7 +1,7 @@
# /etc/strongswan.conf - strongSwan configuration file
charon {
- load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-imv tnc-tnccs tnccs-20 updown
+ load = curl aes des sha1 sha2 md5 pem pkcs1 gmp random nonce x509 revocation hmac stroke kernel-netlink socket-default eap-identity eap-ttls eap-md5 eap-tnc tnc-imv tnc-tnccs tnccs-20 updown
multiple_authentication=no
plugins {
eap-ttls {
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-20 20:32:46 +0000