sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-15 00:00:16 -04:00
Code Issues Projects Releases Wiki Activity
16,226 Commits 101 Branches 327 Tags
Commit Graph

53 Commits

Author SHA1 Message Date
Andreas Steffen
88b941939f testing: Fixed typo in openssl-ikev2/rw-suite-b-192 scenario 2017-07-08 23:19:18 +02:00
Andreas Steffen
99c03e9a11 testing: make curve25519 the default DH group 2016-11-14 16:20:51 +01:00
Tobias Brunner
aacf84d837 testing: Add expect-connection calls for all tests and hosts 
There are some exceptions (e.g. those that use auto=start or p2pnat).
 2016-06-16 14:35:18 +02:00
Tobias Brunner
8f56bbc82b testing: Update test scenarios for Debian jessie 
The main difference is that ping now reports icmp_seq instead of
icmp_req, so we match for icmp_.eq, which works with both releases.

tcpdump now also reports port 4500 as ipsec-nat-t.
 2016-06-16 14:04:11 +02:00
Andreas Steffen
5e2b740a00 128 bit default security strength requires 3072 bit prime DH group 2015-12-14 10:39:40 +01:00
Tobias Brunner
f519acd42f testing: Remove nearly all sleep calls from pretest and posttest scripts 
By consistently using the `expect-connection` helper we can avoid pretty
much all previously needed calls to sleep.
 2015-11-09 15:18:35 +01:00
Tobias Brunner
f36b6d49af testing: Adapt tests to retransmission settings and reduce DPD delay/timeout 2015-11-09 15:18:34 +01:00
Andreas Steffen
d04e47a9eb testing: Wait for DH crypto tests to complete 2015-04-26 11:51:49 +02:00
Tobias Brunner
53217d70b0 testing: Disable signature authentication on dave in openssl-ikev2/ecdsa-certs scenario 2015-03-04 13:54:12 +01:00
Tobias Brunner
4aa24d4c13 testing: Update test conditions because signature schemes are now logged 
RFC 7427 signature authentication is now used between strongSwan hosts
by default, which causes the actual signature schemes to get logged.
 2015-03-04 13:54:10 +01:00
Andreas Steffen
006518e859 The critical-extension scenarios need the old private keys 2014-10-05 20:58:03 +02:00
Tobias Brunner
09f1fb82f9 testing: Update PKCS#12 containers 2014-10-03 12:44:13 +02:00
Martin Willi
44b6a34d43 configure: Load fetcher plugins after crypto base plugins 
Some fetcher plugins (such as curl) might build upon OpenSSL to implement
HTTPS fetching. As we set (and can't unset) threading callbacks in our
openssl plugin, we must ensure that OpenSSL functions don't get called after
openssl plugin unloading.

We achieve that by loading curl and all other fetcher plugins after the base
crypto plugins, including openssl.
 2014-09-24 17:34:54 +02:00
Andreas Steffen
96e3142c39 Test TLS AEAD cipher suites 2014-04-01 10:12:15 +02:00
Andreas Steffen
07e7cb146f Added openssl-ikev2/net2net-pgp-v3 scenario 2014-03-22 09:55:03 +01:00
Andreas Steffen
c683b389ba Merged libstrongswan options into charon section 2014-03-15 14:07:34 +01:00
Andreas Steffen
7967876257 Encrypt carol's PKCS#8 private key in openssl-ikve2/rw-suite-b-128|192 scenarios 2013-10-30 20:46:32 +01:00
Andreas Steffen
2efe61e07b Added two Brainpool IKEv2 scenarios 2013-10-23 21:11:28 +02:00
Andreas Steffen
1486fe786a Use bold font to display key size 2013-10-11 21:23:10 +02:00
Tobias Brunner
9e7a45bec2 testing: Don't load certificates explicitly and delete CA certificates in PKCS#12 scenarios 
Certificates are now properly extracted from PKCS#12 files.
 2013-07-15 11:27:07 +02:00
Andreas Steffen
9e0182b922 openssl plugin can replace random, hmac, and gcm plugins 2013-07-10 20:38:07 +02:00
Andreas Steffen
3910fb3715 Added openssl-ikev2/net2net-pkcs12 scenario 2013-07-10 20:25:49 +02:00
Andreas Steffen
b1f1e5e5f2 5.1.0 changes for test cases 2013-06-29 00:07:15 +02:00
Andreas Steffen
1b912ad384 check for successful activation of FIPS mode 2013-04-19 18:46:52 +02:00
Andreas Steffen
545df30c18 Added openssl-ikev2/rw-cpa scenario 2013-04-19 18:34:35 +02:00
Andreas Steffen
f7580a5a67 added openssl-ikev2/alg-aes-gcm scenario 2013-03-03 11:43:52 +01:00
Tobias Brunner
b1169a880a Updated comments in test.conf of all tests 2013-01-17 16:56:02 +01:00
Tobias Brunner
7699a928f7 Renamed $UMLHOSTS to $VIRTHOSTS 2013-01-17 16:56:02 +01:00
Andreas Steffen
8fbb9458d6 converted all openssl-ikev2 iptables scenarios 2013-01-17 16:55:01 +01:00
Reto Buerki
533177003c Adapt test configurations 
Adapt test configurations to the new Debian-based system.
 2013-01-17 15:22:07 +01:00
Andreas Steffen
daa857029f removed plutostart parameter 2012-06-13 21:19:05 +02:00
Andreas Steffen
31c83b973e load nonce plugin 2012-05-23 15:05:57 +02:00
Andreas Steffen
0e1c6fa2a9 suppress leak detective output 2012-05-11 05:48:11 +02:00
Andreas Steffen
3805e569f6 upgraded openssl-ikev2 scenarios to 5.0.0 2012-05-04 12:03:05 +02:00
Andreas Steffen
5ff8fe5d48 activated cmac plugin in UML test suites 2012-04-22 22:22:25 +02:00
Andreas Steffen
2af22e1135 adapted debug output check in openssl-ikev2/rw-eap-tls-only scenario 2012-02-07 20:31:17 +01:00
Andreas Steffen
48bf8ce9bd added openssl-ikev2/ecdsa-pkcs8 scenario 2012-02-03 11:44:04 +01:00
Andreas Steffen
566311862f moved random plugin in front of openssl in order to prefer gmp 2011-11-05 07:24:17 +01:00
Andreas Steffen
2ecafc7316 added openssl-ikev2/critical-extension scenario 2011-02-08 22:58:31 +01:00
Andreas Steffen
2774826995 added openssl-ikev2/rw-eap-tls-only scenario 2010-09-07 17:14:32 +02:00
Tobias Brunner
cc9cfc2e11 testing: Added missing host alice to test.conf. 2010-09-02 19:04:22 +02:00
Andreas Steffen
8eb74facfe added ctr ccm and gcm plugins to openssl-ikev2/rw-cert scenario 2010-08-29 21:09:25 +02:00
Andreas Steffen
001787b3eb all x509 based openssl-ikev2 scenarios require the revocation plugin 2010-07-15 22:33:05 +02:00
Andreas Steffen
bd371ccac7 remove x509 plugin from remaining openssl-ikev2 scenarios 2010-05-25 15:49:58 +02:00
Andreas Steffen
2996cb3163 openssl-ikev2/rw-cert scenario doesn't need x509 plugin any more 2010-05-25 15:26:46 +02:00
Tobias Brunner
a5166b16a1 Adding socket-default to the plugin list in all test cases. 2010-03-09 17:43:21 +01:00
Andreas Steffen
3e4b1010b0 adapted openssl-ikev2/alg scenarios 2009-12-09 15:51:43 +01:00
Martin Willi
41f57038e4 tests load pem/pkcs1 plugins, pubkey plugin not needed anymore 2009-08-26 11:23:55 +02:00
Andreas Steffen
f53088c657 added openssl-ikev2/alg-camellia scenario 2009-08-06 16:48:41 +02:00
Andreas Steffen
f179ba474e enable integrity test in all rw-cert scenarios 2009-07-17 20:52:14 +02:00