sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-07 00:01:49 -04:00
Code Issues Projects Releases Wiki Activity
14,372 Commits 100 Branches 327 Tags
Commit Graph

1371 Commits

Author SHA1 Message Date
Tobias Brunner
50dd7de226 testing: Suppress errors when checking for running hosts 
If libvirt is not running virsh can't connect to it and will complain that
the socket does not exist.
 2015-08-03 12:54:09 +02:00
Andreas Steffen
493ad293b7 testing: Adapted ha/both-active scenario to new jhash values 2015-07-31 14:43:40 +02:00
Tobias Brunner
1f406f3e6e testing: Fix initial kernel build 
The directory does not exist yet if the kernel was never built.

Fixes: a4a13d0be29b ("testing: Extract and patch each kernel version only once")
 2015-07-31 12:34:44 +02:00
Andreas Steffen
fbcac07043 testing: Regenerated BLISS certificates due to oracle changes 2015-07-27 22:09:08 +02:00
Andreas Steffen
aaeb524cea testing: Updated loop ca certificates 2015-07-22 17:11:00 +02:00
Andreas Steffen
450c6e8dd9 testing: Added swanctl --list-authorities output to do-tests 2015-07-22 13:27:08 +02:00
Andreas Steffen
73cbd5c7f8 testing: Updated all swanctl scenarios and added some new ones 2015-07-22 13:27:08 +02:00
Andreas Steffen
db69295d2e tests: Introduced IPV6 flag in tests.conf 2015-07-21 23:17:14 +02:00
Andreas Steffen
6b265c5e5c tests: Introduced SWANCTL flag in test.conf 2015-07-21 23:17:14 +02:00
Andreas Steffen
3d9bfb607c tests: fixed evaltest of swanctl/rw-cert scenario 2015-07-21 23:17:13 +02:00
Andreas Steffen
f335e2f848 tests: fixed description of swanctl ip-pool scenarios 2015-07-21 23:17:13 +02:00
Tobias Brunner
170e8d141c testing: Do not attempt to start the test environment if hosts are still running 2015-07-15 16:53:37 +02:00
Martin Willi
918dfce551 testing: Enable AESNI/PCLMULQD in moon/sun guests, if supported 2015-07-12 13:54:08 +02:00
Martin Willi
2a75c6e487 testing: Do not overwrite kernel configuration if it already exists 
This allows us to do changes to the kernel configuration using menuconfig
and friends, and update the kernel with make-testing.
 2015-07-12 13:54:08 +02:00
Martin Willi
a4a13d0be2 testing: Extract and patch each kernel version only once 
This allows us to do modifications to the kernel tree and rebuild that kernel
using make-testing. We can even have a git kernel tree in a directory to
do kernel development.
 2015-07-12 13:54:08 +02:00
Martin Willi
6f913def3c testing: Build with --enable-chapoly 2015-07-12 13:54:08 +02:00
Andreas Steffen
b8399a2edc testing: use a decent PSK 2015-05-30 16:56:41 +02:00
Andreas Steffen
1047d44b57 testing: Added ha/active-passive scenario 2015-05-30 16:48:17 +02:00
Tobias Brunner
13497e6cc1 testing: Include iperf and htop in base image 2015-05-22 13:30:10 +02:00
Tobias Brunner
682aab205e testing: Don't check parent dir (and subdirs) when downloading OpenSSL packages 2015-05-21 09:32:37 +02:00
Tobias Brunner
c077642cbd testing: Fix kernel download URL for kernel versions != 4.x 2015-05-19 17:00:06 +02:00
Tobias Brunner
966efbc10d testing: Fix URL to TNC@FHH project in scenario descriptions 2015-05-05 11:48:56 +02:00
Reto Buerki
41e9a261ac testing: Update TKM assert strings 2015-05-05 10:55:14 +02:00
Reto Buerki
3ff0edd804 testing: Update alog to version 0.3.1 2015-05-05 10:55:14 +02:00
Reto Buerki
2fc53e76f8 testing: Update tkm to version 0.1.2 2015-05-05 10:55:14 +02:00
Reto Buerki
3c13ff0a97 testing: Update tkm-rpc to version 0.2 2015-05-05 10:55:14 +02:00
Andreas Steffen
362e87e3e0 testing: Updated carol's certificate from research CA and dave's certificate from sales CA 2015-04-26 16:52:06 +02:00
Andreas Steffen
d04e47a9eb testing: Wait for DH crypto tests to complete 2015-04-26 11:51:49 +02:00
Andreas Steffen
79b5a33c11 imv_policy_manager: Added capability to execute an allow or block shell command string 2015-04-26 10:55:24 +02:00
Andreas Steffen
ce354443bf testing: Migration of KVM framework to Linux 4.x kernel 2015-04-25 18:05:00 +02:00
Andreas Steffen
883c11caa0 Added tnc/tnccs-20-fail-init and tnc/tnccs-20-fail-resp scenarios 2015-03-27 20:56:44 +01:00
Andreas Steffen
193e057509 Added configurations for 3.18 and 3.19 KMV guest kernels 2015-03-27 20:56:44 +01:00
Andreas Steffen
85aa509e84 Added tnc/tnccs-20-pt-tls scenario 2015-03-27 20:56:43 +01:00
Andreas Steffen
be04f90815 testing: added tnc/tnccs-20-mutual scenario 2015-03-23 23:01:13 +01:00
Tobias Brunner
3d964213f5 testing: Remove obsolete leftnexthop option from configs 2015-03-12 15:51:25 +01:00
Martin Willi
2b0f34a2ef testing: Don't check for exact IKEv1 fragment size 
Similar to 7a9c0d51, the exact packet size depends on many factors we don't
want to consider in this test case.
 2015-03-10 10:21:16 +01:00
Martin Willi
58c3e09918 testing: Fix active/passive role description in ha/both-active test case 2015-03-10 10:02:21 +01:00
Tobias Brunner
8b2af616ac testing: Update modified updown scripts to the latest template 
This avoids confusion and makes identifying the changes needed for each
scenario easier.
 2015-03-06 16:51:50 +01:00
Andreas Steffen
3fcb59b62a use SHA512 for moon's BLISS signature 2015-03-04 14:08:37 +01:00
Tobias Brunner
26ebe5fea8 testing: Test classic public key authentication in ikev2/net2net-cert scenario 2015-03-04 13:54:12 +01:00
Tobias Brunner
53217d70b0 testing: Disable signature authentication on dave in openssl-ikev2/ecdsa-certs scenario 2015-03-04 13:54:12 +01:00
Tobias Brunner
7a9c0d51f4 testing: Don't check for exact IKEv2 fragment size 
Because SHA-256 is now used for signatures the size of the two IKE_AUTH
messages changed.
 2015-03-04 13:54:10 +01:00
Tobias Brunner
4aa24d4c13 testing: Update test conditions because signature schemes are now logged 
RFC 7427 signature authentication is now used between strongSwan hosts
by default, which causes the actual signature schemes to get logged.
 2015-03-04 13:54:10 +01:00
Tobias Brunner
2f1b2d9183 testing: Add ikev2/rw-sig-auth scenario 2015-03-04 13:54:10 +01:00
Tobias Brunner
3b31245a0f testing: Add ikev2/net2net-cert-sha2 scenario 2015-03-04 13:54:10 +01:00
Andreas Steffen
c2aca9eed2 Implemented improved BLISS-B signature algorithm 2015-02-25 21:45:34 +01:00
Martin Willi
c10b2be967 testing: Add a forecast test case 2015-02-20 16:34:55 +01:00
Martin Willi
3748fc70a7 testing: Build forecast plugin 2015-02-20 16:34:55 +01:00
Martin Willi
9ed09d5f77 testing: Add a connmark plugin test 
In this test two hosts establish a transport mode connection from behind
moon. sun uses the connmark plugin to distinguish the flows.

This is an example that shows how one can terminate L2TP/IPsec connections
from two hosts behind the same NAT. For simplification of the test, we use
an SSH connection instead, but this works for any connection initiated flow
that conntrack can track.
 2015-02-20 16:34:54 +01:00
Martin Willi
15f392d9ed testing: Build strongSwan with the connmark plugin 2015-02-20 16:34:54 +01:00