From 5dca9ea0e2931f0e2a056c7964d311bcc30a01b8 Mon Sep 17 00:00:00 2001 From: Yves-Alexis Perez Date: Thu, 22 Oct 2015 11:43:58 +0200 Subject: Imported Upstream version 5.3.3 --- .../hosts/carol/etc/strongswan.conf | 17 +++++++++ .../hosts/carol/etc/swanctl/swanctl.conf | 40 ++++++++++++++++++++++ .../rw-hash-and-url/hosts/dave/etc/strongswan.conf | 17 +++++++++ .../hosts/dave/etc/swanctl/swanctl.conf | 40 ++++++++++++++++++++++ .../rw-hash-and-url/hosts/moon/etc/strongswan.conf | 17 +++++++++ .../hosts/moon/etc/swanctl/swanctl.conf | 38 ++++++++++++++++++++ 6 files changed, 169 insertions(+) create mode 100755 testing/tests/swanctl/rw-hash-and-url/hosts/carol/etc/strongswan.conf create mode 100755 testing/tests/swanctl/rw-hash-and-url/hosts/carol/etc/swanctl/swanctl.conf create mode 100755 testing/tests/swanctl/rw-hash-and-url/hosts/dave/etc/strongswan.conf create mode 100755 testing/tests/swanctl/rw-hash-and-url/hosts/dave/etc/swanctl/swanctl.conf create mode 100755 testing/tests/swanctl/rw-hash-and-url/hosts/moon/etc/strongswan.conf create mode 100755 testing/tests/swanctl/rw-hash-and-url/hosts/moon/etc/swanctl/swanctl.conf (limited to 'testing/tests/swanctl/rw-hash-and-url/hosts') diff --git a/testing/tests/swanctl/rw-hash-and-url/hosts/carol/etc/strongswan.conf b/testing/tests/swanctl/rw-hash-and-url/hosts/carol/etc/strongswan.conf new file mode 100755 index 000000000..4b0e31118 --- /dev/null +++ b/testing/tests/swanctl/rw-hash-and-url/hosts/carol/etc/strongswan.conf @@ -0,0 +1,17 @@ +# /etc/strongswan.conf - strongSwan configuration file + +swanctl { + load = pem pkcs1 x509 revocation constraints pubkey openssl random +} + +charon { + load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation constraints pubkey gmp random nonce curl kernel-netlink socket-default updown vici + + start-scripts { + creds = /usr/local/sbin/swanctl --load-creds + auths = /usr/local/sbin/swanctl --load-authorities + conns = /usr/local/sbin/swanctl --load-conns + } + + hash_and_url = yes +} diff --git a/testing/tests/swanctl/rw-hash-and-url/hosts/carol/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-hash-and-url/hosts/carol/etc/swanctl/swanctl.conf new file mode 100755 index 000000000..7b0b2adba --- /dev/null +++ b/testing/tests/swanctl/rw-hash-and-url/hosts/carol/etc/swanctl/swanctl.conf @@ -0,0 +1,40 @@ +connections { + + home { + local_addrs = 192.168.0.100 + remote_addrs = 192.168.0.1 + + local { + auth = pubkey + certs = carolCert.pem + id = carol@strongswan.org + } + remote { + auth = pubkey + id = moon.strongswan.org + } + children { + home { + remote_ts = 10.1.0.0/16 + + start_action = none + updown = /usr/local/libexec/ipsec/_updown iptables + rekey_time = 10m + esp_proposals = aes128gcm128-modp2048 + } + } + + version = 2 + reauth_time = 60m + rekey_time = 20m + proposals = aes128-sha256-modp2048 + } +} + +authorities { + + strongswan { + cacert = strongswanCert.pem + cert_uri_base = http://winnetou.strongswan.org/certs/ + } +} diff --git a/testing/tests/swanctl/rw-hash-and-url/hosts/dave/etc/strongswan.conf b/testing/tests/swanctl/rw-hash-and-url/hosts/dave/etc/strongswan.conf new file mode 100755 index 000000000..4b0e31118 --- /dev/null +++ b/testing/tests/swanctl/rw-hash-and-url/hosts/dave/etc/strongswan.conf @@ -0,0 +1,17 @@ +# /etc/strongswan.conf - strongSwan configuration file + +swanctl { + load = pem pkcs1 x509 revocation constraints pubkey openssl random +} + +charon { + load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation constraints pubkey gmp random nonce curl kernel-netlink socket-default updown vici + + start-scripts { + creds = /usr/local/sbin/swanctl --load-creds + auths = /usr/local/sbin/swanctl --load-authorities + conns = /usr/local/sbin/swanctl --load-conns + } + + hash_and_url = yes +} diff --git a/testing/tests/swanctl/rw-hash-and-url/hosts/dave/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-hash-and-url/hosts/dave/etc/swanctl/swanctl.conf new file mode 100755 index 000000000..b4d82096a --- /dev/null +++ b/testing/tests/swanctl/rw-hash-and-url/hosts/dave/etc/swanctl/swanctl.conf @@ -0,0 +1,40 @@ +connections { + + home { + local_addrs = 192.168.0.200 + remote_addrs = 192.168.0.1 + + local { + auth = pubkey + certs = daveCert.pem + id = dave@strongswan.org + } + remote { + auth = pubkey + id = moon.strongswan.org + } + children { + home { + remote_ts = 10.1.0.0/16 + + start_action = none + updown = /usr/local/libexec/ipsec/_updown iptables + rekey_time = 10m + esp_proposals = aes128gcm128-modp2048 + } + } + + version = 2 + reauth_time = 60m + rekey_time = 20m + proposals = aes128-sha256-modp2048 + } +} + +authorities { + + strongswan { + cacert = strongswanCert.pem + cert_uri_base = http://winnetou.strongswan.org/certs/ + } +} diff --git a/testing/tests/swanctl/rw-hash-and-url/hosts/moon/etc/strongswan.conf b/testing/tests/swanctl/rw-hash-and-url/hosts/moon/etc/strongswan.conf new file mode 100755 index 000000000..4b0e31118 --- /dev/null +++ b/testing/tests/swanctl/rw-hash-and-url/hosts/moon/etc/strongswan.conf @@ -0,0 +1,17 @@ +# /etc/strongswan.conf - strongSwan configuration file + +swanctl { + load = pem pkcs1 x509 revocation constraints pubkey openssl random +} + +charon { + load = sha1 sha2 md5 aes des hmac pem pkcs1 x509 revocation constraints pubkey gmp random nonce curl kernel-netlink socket-default updown vici + + start-scripts { + creds = /usr/local/sbin/swanctl --load-creds + auths = /usr/local/sbin/swanctl --load-authorities + conns = /usr/local/sbin/swanctl --load-conns + } + + hash_and_url = yes +} diff --git a/testing/tests/swanctl/rw-hash-and-url/hosts/moon/etc/swanctl/swanctl.conf b/testing/tests/swanctl/rw-hash-and-url/hosts/moon/etc/swanctl/swanctl.conf new file mode 100755 index 000000000..258d9e87c --- /dev/null +++ b/testing/tests/swanctl/rw-hash-and-url/hosts/moon/etc/swanctl/swanctl.conf @@ -0,0 +1,38 @@ +connections { + + rw { + local_addrs = 192.168.0.1 + + local { + auth = pubkey + certs = moonCert.pem + id = moon.strongswan.org + } + remote { + auth = pubkey + } + children { + net { + local_ts = 10.1.0.0/16 + + start_action = none + updown = /usr/local/libexec/ipsec/_updown iptables + rekey_time = 10m + esp_proposals = aes128gcm128-modp2048 + } + } + + version = 2 + reauth_time = 60m + rekey_time = 20m + proposals = aes128-sha256-modp2048 + } +} + +authorities { + + strongswan { + cacert = strongswanCert.pem + cert_uri_base = http://winnetou.strongswan.org/certs/ + } +} -- cgit v1.2.3