From b34738ed08c2227300d554b139e2495ca5da97d6 Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Thu, 28 Jun 2012 21:16:07 +0200 Subject: Imported Upstream version 4.6.4 --- testing/tests/ikev2/rw-pkcs8/description.txt | 10 ++++++++ testing/tests/ikev2/rw-pkcs8/evaltest.dat | 10 ++++++++ .../ikev2/rw-pkcs8/hosts/carol/etc/ipsec.conf | 23 +++++++++++++++++ .../hosts/carol/etc/ipsec.d/private/carolKey.pem | 29 +++++++++++++++++++++ .../ikev2/rw-pkcs8/hosts/carol/etc/ipsec.secrets | 3 +++ .../ikev2/rw-pkcs8/hosts/carol/etc/strongswan.conf | 5 ++++ .../tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.conf | 23 +++++++++++++++++ .../hosts/dave/etc/ipsec.d/private/daveKey.pem | 30 ++++++++++++++++++++++ .../ikev2/rw-pkcs8/hosts/dave/etc/ipsec.secrets | 3 +++ .../ikev2/rw-pkcs8/hosts/dave/etc/strongswan.conf | 5 ++++ .../tests/ikev2/rw-pkcs8/hosts/moon/etc/ipsec.conf | 22 ++++++++++++++++ .../hosts/moon/etc/ipsec.d/private/moonKey.pem | 28 ++++++++++++++++++++ .../ikev2/rw-pkcs8/hosts/moon/etc/strongswan.conf | 5 ++++ testing/tests/ikev2/rw-pkcs8/posttest.dat | 6 +++++ testing/tests/ikev2/rw-pkcs8/pretest.dat | 9 +++++++ testing/tests/ikev2/rw-pkcs8/test.conf | 21 +++++++++++++++ 16 files changed, 232 insertions(+) create mode 100644 testing/tests/ikev2/rw-pkcs8/description.txt create mode 100644 testing/tests/ikev2/rw-pkcs8/evaltest.dat create mode 100755 testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.conf create mode 100644 testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.d/private/carolKey.pem create mode 100644 testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.secrets create mode 100644 testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/strongswan.conf create mode 100755 testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.conf create mode 100644 testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.d/private/daveKey.pem create mode 100644 testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.secrets create mode 100644 testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/strongswan.conf create mode 100755 testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/ipsec.conf create mode 100644 testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/ipsec.d/private/moonKey.pem create mode 100644 testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/strongswan.conf create mode 100644 testing/tests/ikev2/rw-pkcs8/posttest.dat create mode 100644 testing/tests/ikev2/rw-pkcs8/pretest.dat create mode 100644 testing/tests/ikev2/rw-pkcs8/test.conf (limited to 'testing/tests/ikev2/rw-pkcs8') diff --git a/testing/tests/ikev2/rw-pkcs8/description.txt b/testing/tests/ikev2/rw-pkcs8/description.txt new file mode 100644 index 000000000..d5d817f52 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/description.txt @@ -0,0 +1,10 @@ +The roadwarriors carol and dave set up a connection each +to gateway moon. The authentication is based on X.509 certificates +and matching RSA private keys stored in the PKCS#8 format. moon's key +is unencrypted, carol's key is encrypted with the default PKCS#5 v1.5 +DES algorithm and dave's key with the PKCS#5 v2.0 3DES algorithm. +

+Upon the successful establishment of the IPsec tunnels, leftfirewall=yes +automatically inserts iptables-based firewall rules that let pass the tunneled traffic. +In order to test both tunnel and firewall, both carol and dave ping +the client alice behind the gateway moon. diff --git a/testing/tests/ikev2/rw-pkcs8/evaltest.dat b/testing/tests/ikev2/rw-pkcs8/evaltest.dat new file mode 100644 index 000000000..06a0f8cda --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/evaltest.dat @@ -0,0 +1,10 @@ +moon::ipsec statusall::rw.*ESTABLISHED::YES +carol::ipsec statusall::home.*ESTABLISHED::YES +dave::ipsec statusall::home.*ESTABLISHED::YES +carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES +dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES +moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES +moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES +moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES +moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES + diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.conf new file mode 100755 index 000000000..bcdb8641b --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.conf @@ -0,0 +1,23 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + crlcheckinterval=180 + strictcrlpolicy=no + plutostart=no + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + +conn home + left=PH_IP_CAROL + leftcert=carolCert.pem + leftid=carol@strongswan.org + leftfirewall=yes + right=PH_IP_MOON + rightid=@moon.strongswan.org + rightsubnet=10.1.0.0/16 + keyexchange=ikev2 + auto=add diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.d/private/carolKey.pem b/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.d/private/carolKey.pem new file mode 100644 index 000000000..15d775dc8 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.d/private/carolKey.pem @@ -0,0 +1,29 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIE6TAbBgkqhkiG9w0BBQMwDgQI+eazNjQUVoACAggABIIEyMUe2rc1ZsQgFwUm +MiU+qAl2g7uzI1Pz6XzgvjZrV5n62XXAbIbG4WP08slkD2VXA5iVTnfI7nj0HEtD +d2eaLU0GKNwmW7eSAXmhwBiUA623Xo0Y/X4eAY9VUfSlVshnNKOsgETQxQhUsKK1 +NXSpXfAjSgd+HDwQ+uvFQQD9WgibO3rIxfuO9+QqwnYXWz/p2bmc128mBibaFxwa +SdVlYhR9l1hhFHN5cdD5AXFsflbLzGVR6gJpArU1m1soOEYp6q314L75KALYAVaY +tQTC6gcPtXRZZvNsg9iRttPKsky0XJF7t5YGIqM4NNu5b534iXATm5Lt9jkrNKqm +3SGD+KDLrk2aIaU9jCgY73Um1MJOls8AzUU0ZqwmAQAYoaZOwMDZ/P0Uw/du3Oaz +O9FbzfPoS46muRZHMDVXEB0Zt8laSjwryeIU26MNye1xEU0aJJRaQQP2Vq8FTGtM +Gi4gR9vdjyBhRE51z0kd5vPc7YkpqJNGB59KHRlHVmozo3v7zjkY/ROsiy1a0Vy/ +6ZkwtS0cnFzFhUBvUefzCsRKSiWWULqGIn3Qb7o+JQYc8vxuEua8DGnEmQEUBRgE +j/YeI8wtObYm+u6eE0lbTopdSkfHu5UzTDYpnYDhW5nwv5ZOKeRBdXyX4BOrITnR +xEsmp34/ql3/C9W1MXkjStaSRiWfbHt35gVlFaJNXZJXtKVOlFgxFxuslrawGI0c +DLhPu1aMfHNc8LlD8cN5W2OQ/jsYlQDDd+n1WPpn+9VuBqSlnDl/mn4/0R7Yy53m ++lgruhfA7S26NG+SxHPXBq8PE052ohDLylKRGEqBTJp2aXNEKKZLrK8I1zbdIx1h +0YAAtERtvqPu2xSvJ7lGuHD+87TlWa54p3H+0UM803RBQUcH5lsNUzQ4lAN/eFgg +7TK2BqRTqWTVm8he0tVY8XJ4dLPLsXxUKb/tiFvtjBdQM7bq0UlTxign8VGZro7v +dKkGqdsEEiFzCnOvDwyjOEG7wUVmO/ejWkuI510U80x/APuOUH0zQOTBhMSrz1Eh +AdWWeSvNuyWyRPNNzlQ4DJd3UKnu4BZu4zobe4imhwCCrkGkfE5FhnyXExA8FppT +2BNe5AmIfI1joEQyRgXm/nAvwvN9pawKfDxg8gmhBLjVfk50tAydWurhrhF6CnBL +4h/hhb+C6HZBbNpmY+O12bDk81unZ8Vvtbkix5n7/371XbaAQN1WYxNaH6SDeT1J +qDRWAZhGPBn7VLVaQ6ZmLB73U8vkcju8r6atWasZTPsZQl2eng9J/5UoL/0Ubri2 +Jlmj/fScAhlK7yM62dVYVwezYtKV8QUcaDmcqO8qhuVCnYlaqu6SO5ApYWkOMzMW +EpvY0SqD6QkfKvT8bVU9GOaNSMaEKUR7NPPgettVcEkg50TeyBRvXvOAexD6qcE0 +NO/sYx9do0WpY4u85DZt3Toper0hchbEmXVHlxh8CKPgUTFVsDQ6AVyrVWrtoY1k +VpJutwWV5sPIxq17bFLTJ7pP2NIvNBvwnDedn5WKNDFu9E2U8vAujVdzlQd/gsJi +JLCreDt+rcmJVBJHMxZC+SpLbR4kNMAe5vwwESVo6wBsxMuyn1b+82C8rum5qbJ9 +RGF8RGrZzrPWbBITPw== +-----END ENCRYPTED PRIVATE KEY----- diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.secrets b/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.secrets new file mode 100644 index 000000000..6a2aea811 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.secrets @@ -0,0 +1,3 @@ +# /etc/ipsec.secrets - strongSwan IPsec secrets file + +: RSA carolKey.pem "nH5ZQEWtku0RJEZ6" diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/strongswan.conf new file mode 100644 index 000000000..3c22edc23 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/strongswan.conf @@ -0,0 +1,5 @@ +# /etc/strongswan.conf - strongSwan configuration file + +charon { + load = curl aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random x509 revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown +} diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.conf b/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.conf new file mode 100755 index 000000000..ea8bc92a7 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.conf @@ -0,0 +1,23 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + crlcheckinterval=180 + strictcrlpolicy=no + plutostart=no + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + +conn home + left=PH_IP_DAVE + leftcert=daveCert.pem + leftid=dave@strongswan.org + leftfirewall=yes + right=PH_IP_MOON + rightid=@moon.strongswan.org + rightsubnet=10.1.0.0/16 + keyexchange=ikev2 + auto=add diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.d/private/daveKey.pem b/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.d/private/daveKey.pem new file mode 100644 index 000000000..199d78984 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.d/private/daveKey.pem @@ -0,0 +1,30 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIRwFyB7jCGskCAggA +MBQGCCqGSIb3DQMHBAjDqug87twvJwSCBMiBb1Y4B1FxGPGQwAgZd6aE8J6xH4VZ +MNpkm4+MPCVYBvpG1q3I1YcvIw0GcAlLQASGLXEytuVEH5xCUaGdCsa5zVpf+6Ex +i8Oyqf0dbRRafzN+K+jVLBa+higxXESE6jYxBP/auH4v5pcEy+fbljwDauyEP0bF +EgURF5nTsa5c+MTmWho+OMy/1pAuP92XmwLeeBXWuRWs+s3wkBOIe3SerW5MOyMN +mwqqu/6J4RU9VL7kooVE/B0oWJblvBTjeJoKDy5iX/iE2oRqXjihWPXYIhWqeCEB +2QCpZ1/9hEN7FLX87GBD7yivhhQMF/uBnTRIjmgbKmNtwY1+rybz0MUJrXVfS1iE +JYHlo4/cqudjsMjtjhTV9n4FJd9IsuSmZjMHVk3enIyhZ1oliugS25OpWKHnybzj +65cgxVGPTW31o21w/fEqRRR/KzrEaMZiPyO2EEMcKlB7xmEX9cIdvD99OvLMPEuQ +UA2hzRKO+A4roidNUT7yp8yy3BkQGLAr4JYaFINreeD+9BrIFx1jRbG3z8xqxtwh +8P+uR2pyLYaDxeyxkjM7zDV4ax/iV1+L+z3GiC5GnPZEKkpm89MdI7fzeChttVVk +CtpnxR3vxK2HqfcQFrTG5HNldzpAJk/tBrHRcyAnXrKs+XZhpOQ3gYoNY4fGeGYM +c9NyeAUZkqJ1nCfHBAR9bmmCEwZSmhSt5voqZ+zS3DWKG30WtNpYMNEEchtWq8Op +IEimZ341pZOjWqJ396zJ8qJ1XncffC/yAnRsb0xvhS149dwkDyH+17qVyF+V/pyb +5unjg6V9g0yZ9TKyH858sRG8acVXo6NhuxCg0w8mJ4LCxcJSTgDA0lXFQcuTBLlZ +YaXfD/dr60HfyH2ll4b5hlkww9jrg1uNW++FcsCHsZu5DV5QbhyVIYdhyp4dTV/7 +9SJJPmeMacQCNJqg783bpUyVaEecHAg8H/u+Zir0vWdRdpeekO28NLVqgQuPEqzs +Y53RCbjlbilzHud50HHUAqN3fKJK51I1GrjrSeV9xSVnB5psjmOjPvEagGu4kv+s +fu/fEge0HPx9FUA2xJR9u1/8swYsiAugoWxXFJVBSDJh2a4759ftd7b2mid0aX86 +OeJcY164mlLbu3d905Ez5mgVBHXDuk/LRwrvdprw48tqMB0Tv77egKbSeQzyQLD0 +ZhUQFIJ1cBlmFIw2ZdXUVlV2MJcK6XMlFkdyHRBTfiHI1V/Q2QFFLkTb64X3iTHC +Ckow0ibsT76pDCP+Buotfk7gho6WgiojC0URzZPG/KDHUHO173S6Nr23NBpVzxun +lKf5LiAC5LDoJmAx/XouYjh77LZLsi+jhuG3/DnIULZt8aSm5RKGZ6A3VgaaCXhp +tG3kSSCD6gKrYt7FrKHQ1dwPakPaDdOrBtd13823sPth7GMKmbhrC/x4Q768ml/i +Gk7DQoYbRkqi7t66aiYuJASxpYpsUWwO7MYOz2vGxDdskp/AukwnNJTA8e2rL0ki +seqJ2l7+snUXZ4SFJ/D+wfMK2WeQRTJB4hgu7AQyp543mQ+EYZaNMtKIdgQL86q7 +MZVAx5ad82GNtAMgGLyf72bE1mkTK44poT6dob25z7MxFsM7zjadNDzcgBiYdEHq +/8U= +-----END ENCRYPTED PRIVATE KEY----- diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.secrets b/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.secrets new file mode 100644 index 000000000..ff6a247f0 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.secrets @@ -0,0 +1,3 @@ +# /etc/ipsec.secrets - strongSwan IPsec secrets file + +: RSA daveKey.pem "OJlNZBx+80dLh4wC6fw5LmBd" diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/strongswan.conf b/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/strongswan.conf new file mode 100644 index 000000000..3c22edc23 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/strongswan.conf @@ -0,0 +1,5 @@ +# /etc/strongswan.conf - strongSwan configuration file + +charon { + load = curl aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random x509 revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown +} diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/ipsec.conf new file mode 100755 index 000000000..274521386 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/ipsec.conf @@ -0,0 +1,22 @@ +# /etc/ipsec.conf - strongSwan IPsec configuration file + +config setup + crlcheckinterval=180 + strictcrlpolicy=no + plutostart=no + +conn %default + ikelifetime=60m + keylife=20m + rekeymargin=3m + keyingtries=1 + +conn rw + left=PH_IP_MOON + leftcert=moonCert.pem + leftid=@moon.strongswan.org + leftsubnet=10.1.0.0/16 + leftfirewall=yes + right=%any + keyexchange=ikev2 + auto=add diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/ipsec.d/private/moonKey.pem b/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/ipsec.d/private/moonKey.pem new file mode 100644 index 000000000..02045f510 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/ipsec.d/private/moonKey.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDKL2M91Lu6BYYh +WxWgMS9z9TMSTwszm5rhO7ZIsCtMRo4PAeYw+++SGXt3CPXb/+p+SWKGlm11rPE7 +1eQ3ehgh2C3hAurfmWO0iQQaCw+fdreeIVCqOQIOP6UqZ327h5yYYpHk8VQv4vBJ +TpxclU1PqnWheqe1ZlLxsW773LRml/fQt/UgvJkCBTZZONLNMfK+7TDnYaVsAtnc +gvDN78nUNEe2qY92KK7SrBJ6SpUEg49m51F+XgsGcsgWVHS85on3Om/G48crLEVJ +jdu8CxewSRVgb+lPJWzHd8QsU0Vg/7vlqs3ZRMyNtNKrr4opSvVbA6agGlTXhDCr +eDiXU8KHAgMBAAECggEAIEUH9epqO/p9uf0rqnGvPTa5fAaZpxcC1UgOg/N6NaZd +LhADiXXseskOZ6VKeF6UMqvLyedgeROtPPuafTBDgcNbLzqj+iQlQb9MpEt3pt/v +1pFCqqiGp3eJCQeTjcbLO5cf6gaKhUoXR9wAINbDjB+MvsUw10cJngHP0Osc7/Kw +d70Hqu9JibdVlGFLFqd4iRouSQNp0qlXHd9c0WUzFjioo8lhhKglnrWIyqs7v6uc +D3e2bIMOzw8pTcG2el82t14+CV4keGTxmrIS/b804JJTFsoTw0K0ukZOz5PSqOOe +7iTdY93dk4EBqfS48N6Qdl4cH9pcYuFhzHEnlK6uoQKBgQD4XWCmmQRHkm2hq523 +8JSl1DWxH3DF/vlUGongWJgAEZDP3GUbiiPMv+jnvazSJXdvAWmdBr5a5avEaQ/p +m4H9nzaelzQ3+8ui79vh3G+Difsr5444R/TwUyOyx7a2pMhcoKpyZCdHQ09DWPC6 +8Qqxc/nD8k6WdFcBed3iPGwkjQKBgQDQZpPrXJK21Rb2MLebG5jqORDLxMRCpHec +4W9bCYJchY6k38xNM+6z5N6XGn+l0qFT6ag+ZfdSfKd7k+/CV5YOrdjOW1flkNkY +nlQmUq42d8YjNDo5wdFtvvMGlAbqpJE+66BuCjrzyFOdvUvn2crzzNZUrjl65/qn +K6gj5LAgYwKBgQDvK8TySfKEFe97O6/TPVt4YeYenn9UPBjQNApIQCiIEGJauQuo +vJuDBd/8onx1llzwSfTxoVfYYsnJh78qIHXKzfKkQEmqC9FrI/6j/0pn6o01F3Su +oCSw9e8vsAE023STNqlNJUNp7di7qz+PVqYMgvmoB4REgN50bm4M+lDN1QKBgHsy +2Ok/rcAGEu/xdulsFCcLG0HLDdbz0X5dyu2/nmBB2EThxK4zMD8K4wfi82k9LoAj +1oEk2GPcK0qj9w4lpyEAZvX/C+Q7kAu8tbR+Fl0+y1ROcMlqKfu98X+HDNuz8+WF +eC71P0qUt9G9cV0b5J3iDya6ZGKjNwuShHDLpc9PAoGAMk/6z3BeZ0b3QdJP9qoL +sUqtVcukHrd1jmzA1R9A/qxrSkWc43SvQkKH9gKwYUUgB5tDa46QzeDd/2eTBOnv +3XSi/7/m5OG9EjbDYEE/LSZW4As+PLIXVnZxv3OnIqIi5ehdEJ/ix3yvWVH1ufQX +HHRK+nF/5+kwZIjmq4c0Epg= +-----END PRIVATE KEY----- diff --git a/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/strongswan.conf b/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/strongswan.conf new file mode 100644 index 000000000..9333bcdf4 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/strongswan.conf @@ -0,0 +1,5 @@ +# /etc/strongswan.conf - strongSwan configuration file + +charon { + load = curl test-vectors aes des sha1 sha2 md5 pem pkcs1 pkcs8 gmp random x509 revocation hmac xcbc ctr ccm gcm stroke kernel-netlink socket-default updown +} diff --git a/testing/tests/ikev2/rw-pkcs8/posttest.dat b/testing/tests/ikev2/rw-pkcs8/posttest.dat new file mode 100644 index 000000000..7cebd7f25 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/posttest.dat @@ -0,0 +1,6 @@ +moon::ipsec stop +carol::ipsec stop +dave::ipsec stop +moon::/etc/init.d/iptables stop 2> /dev/null +carol::/etc/init.d/iptables stop 2> /dev/null +dave::/etc/init.d/iptables stop 2> /dev/null diff --git a/testing/tests/ikev2/rw-pkcs8/pretest.dat b/testing/tests/ikev2/rw-pkcs8/pretest.dat new file mode 100644 index 000000000..42e9d7c24 --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/pretest.dat @@ -0,0 +1,9 @@ +moon::/etc/init.d/iptables start 2> /dev/null +carol::/etc/init.d/iptables start 2> /dev/null +dave::/etc/init.d/iptables start 2> /dev/null +moon::ipsec start +carol::ipsec start +dave::ipsec start +carol::sleep 1 +carol::ipsec up home +dave::ipsec up home diff --git a/testing/tests/ikev2/rw-pkcs8/test.conf b/testing/tests/ikev2/rw-pkcs8/test.conf new file mode 100644 index 000000000..70416826e --- /dev/null +++ b/testing/tests/ikev2/rw-pkcs8/test.conf @@ -0,0 +1,21 @@ +#!/bin/bash +# +# This configuration file provides information on the +# UML instances used for this test + +# All UML instances that are required for this test +# +UMLHOSTS="alice moon carol winnetou dave" + +# Corresponding block diagram +# +DIAGRAM="a-m-c-w-d.png" + +# UML instances on which tcpdump is to be started +# +TCPDUMPHOSTS="moon" + +# UML instances on which IPsec is started +# Used for IPsec logging purposes +# +IPSECHOSTS="moon carol dave" -- cgit v1.2.3