sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity
18,697 Commits 101 Branches 327 Tags
Commit Graph

40 Commits

Author SHA1 Message Date
Tobias Brunner
3a52fc83f8 testing: Load kdf plugin in all scenarios that require it 
Once we use plugin-provided prf+() these won't work otherwise.
 2022-04-14 19:02:48 +02:00
Andreas Steffen
cfeae14b06 testing: Deleting dynamic test keys and certificates 2019-05-08 14:56:48 +02:00
Tobias Brunner
35392aa869 testing: Use renamed systemd unit 
While the alias is available after enabling the unit, we don't
actually do that in our testing environment (adding a symlink manually
would work too, then again, why not just use the proper name?).
 2019-04-24 13:57:48 +02:00
Andreas Steffen
1cab8ed5f8 testing: Migrated openssl alg-ecp-low scenarios to swanctl 2018-11-09 12:42:14 +01:00
Andreas Steffen
21735750df testing: Migrated openssl alg-ecp-high scenarios 2018-11-09 11:52:59 +01:00
Andreas Steffen
a4c085978c testing: Migrated openssl alg-camellia scenarios to swanctl 2018-11-09 10:02:26 +01:00
Andreas Steffen
99b66151fd testing: Moved openssl ecdsa-certs scenarios to swanctl 2018-11-08 21:16:32 +01:00
Andreas Steffen
295493f46f testing: Renewed ECDSA certificates 2018-06-13 17:07:25 +02:00
Andreas Steffen
99c03e9a11 testing: make curve25519 the default DH group 2016-11-14 16:20:51 +01:00
Tobias Brunner
aacf84d837 testing: Add expect-connection calls for all tests and hosts 
There are some exceptions (e.g. those that use auto=start or p2pnat).
 2016-06-16 14:35:18 +02:00
Tobias Brunner
8f56bbc82b testing: Update test scenarios for Debian jessie 
The main difference is that ping now reports icmp_seq instead of
icmp_req, so we match for icmp_.eq, which works with both releases.

tcpdump now also reports port 4500 as ipsec-nat-t.
 2016-06-16 14:04:11 +02:00
Thomas Egerer
beb4a07ea8 ikev1: Log successful authentication with signature scheme 
Output is now identical to that of the IKEv2 pubkey authenticator.

Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
 2016-02-01 15:58:53 +01:00
Andreas Steffen
5e2b740a00 128 bit default security strength requires 3072 bit prime DH group 2015-12-14 10:39:40 +01:00
Tobias Brunner
f519acd42f testing: Remove nearly all sleep calls from pretest and posttest scripts 
By consistently using the `expect-connection` helper we can avoid pretty
much all previously needed calls to sleep.
 2015-11-09 15:18:35 +01:00
Martin Willi
44b6a34d43 configure: Load fetcher plugins after crypto base plugins 
Some fetcher plugins (such as curl) might build upon OpenSSL to implement
HTTPS fetching. As we set (and can't unset) threading callbacks in our
openssl plugin, we must ensure that OpenSSL functions don't get called after
openssl plugin unloading.

We achieve that by loading curl and all other fetcher plugins after the base
crypto plugins, including openssl.
 2014-09-24 17:34:54 +02:00
Andreas Steffen
b1f1e5e5f2 5.1.0 changes for test cases 2013-06-29 00:07:15 +02:00
Tobias Brunner
b1169a880a Updated comments in test.conf of all tests 2013-01-17 16:56:02 +01:00
Tobias Brunner
7699a928f7 Renamed $UMLHOSTS to $VIRTHOSTS 2013-01-17 16:56:02 +01:00
Andreas Steffen
44047e7adb converted all openssl-ikev1 iptables scenarios 2013-01-17 16:55:01 +01:00
Reto Buerki
533177003c Adapt test configurations 
Adapt test configurations to the new Debian-based system.
 2013-01-17 15:22:07 +01:00
Andreas Steffen
daa857029f removed plutostart parameter 2012-06-13 21:19:05 +02:00
Andreas Steffen
31c83b973e load nonce plugin 2012-05-23 15:05:57 +02:00
Andreas Steffen
0e1c6fa2a9 suppress leak detective output 2012-05-11 05:48:11 +02:00
Andreas Steffen
1e9b62ad50 deleted unneeded openssl-ikev1 files 2012-05-04 12:11:57 +02:00
Andreas Steffen
90e941fb97 upgraded openssl-ikev1 scenarios to 5.0.0 2012-05-04 12:06:45 +02:00
Andreas Steffen
566311862f moved random plugin in front of openssl in order to prefer gmp 2011-11-05 07:24:17 +01:00
Andreas Steffen
84babfb895 define explicit IKEv1 key exchange mode 2010-10-07 07:31:44 +02:00
Tobias Brunner
91ea48352c testing: Adding kernel-netlink to pluto.load statements. 2010-09-02 19:04:22 +02:00
Tobias Brunner
cc9cfc2e11 testing: Added missing host alice to test.conf. 2010-09-02 19:04:22 +02:00
Andreas Steffen
5b6200888b remove x509 plugin from openssl-ikev1 scenarios 2010-05-28 23:22:15 +02:00
Andreas Steffen
b75002bc95 added openssl-ikev1/alg-camellia scenario 2009-12-15 19:55:58 +01:00
Andreas Steffen
f3e9eae283 the ikev1 scenarios need the x509 plugin 2009-10-06 14:38:34 +02:00
Martin Willi
41f57038e4 tests load pem/pkcs1 plugins, pubkey plugin not needed anymore 2009-08-26 11:23:55 +02:00
Andreas Steffen
f179ba474e enable integrity test in all rw-cert scenarios 2009-07-17 20:52:14 +02:00
Andreas Steffen
bd33859fb8 some more scenario adaptations 2009-06-16 21:03:13 +02:00
Andreas Steffen
c8db70156d test-vector support in rw-cert scenarios 2009-06-16 20:53:41 +02:00
Andreas Steffen
0002de3b98 adaptations of UML scenarios to 4.3.2 2009-06-16 07:33:22 +02:00
Andreas Steffen
1930cb22ff updated pluto.load configuration in ikev1 scenarios 2009-06-13 08:56:05 +02:00
Andreas Steffen
80873f2c5e added openssl-ikev1/ecdsa-certs scenario 2009-06-13 08:43:34 +02:00
Andreas Steffen
eca36f44de split openssl scenarios into openssl-ikev1 and openssl-ikev2 2009-06-12 19:59:48 +02:00