sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity
16,865 Commits 101 Branches 327 Tags
Commit Graph

1153 Commits

Author SHA1 Message Date
Andreas Steffen
873a6ab0ef testing: Removed openssl alg-aes-gcm and alg-blowfish scenarios 2018-11-08 21:28:19 +01:00
Andreas Steffen
fcaa081825 testing: Removed openssl suite B scenarios 2018-11-08 21:23:10 +01:00
Andreas Steffen
99b66151fd testing: Moved openssl ecdsa-certs scenarios to swanctl 2018-11-08 21:16:32 +01:00
Andreas Steffen
9be6dee6a4 botan: SHA-3 support 2018-10-30 16:06:15 +01:00
Andreas Steffen
e660f4579b testing: Fixed evaluation in swanctl/rw-cert-pss scenario 2018-10-27 08:47:57 +02:00
Andreas Steffen
534ab34df6 testing: Added botan/net2net-ed25519 scenario 2018-10-26 18:46:59 +02:00
Andreas Steffen
9a4b47ef96 testing: Extended Botan scenarios 2018-09-16 09:30:18 +02:00
Andreas Steffen
72a6831e7c testing: Added botan/rw-cert scenario 2018-09-12 16:25:00 +02:00
Tobias Brunner
d1c5e6816d testing: Add some PPK scenarios 2018-09-10 18:04:23 +02:00
Tobias Brunner
47ec761674 testing: Fix checks after changing fragmentation log messages 2018-07-09 17:15:07 +02:00
Tobias Brunner
df411bfa30 testing: The dhcp plugin uses the DHCP client port again by default 
This reverts parts of commit becf027cd9b0af162247015a9fff6c00e59fd6ce.

Fixes: 707b70725a7d ("dhcp: Only use DHCP server port if explicitly configured")
 2018-07-05 18:14:54 +02:00
Tobias Brunner
1ecac75f37 testing: Fix IKE proposal in swanctl/net2net-gw scenario 
Also simplify config by using references.
 2018-06-28 18:46:42 +02:00
Tobias Brunner
2ad1df9571 Replace 'inacceptable' with the more common 'unacceptable' 2018-06-28 18:46:42 +02:00
Andreas Steffen
424de401b4 testing: Added swanctl/rw-ed25519-certpol scenario 2018-06-22 10:39:40 +02:00
Andreas Steffen
60719e39bf testing: Fixed evaltest of tnc/tnccs-20-pdp-pt-tls scenario 2018-06-13 17:57:10 +02:00
Andreas Steffen
295493f46f testing: Renewed ECDSA certificates 2018-06-13 17:07:25 +02:00
Andreas Steffen
ce4b8f65d6 testing: Removed TCG SWID IMC/IMV scenarios 2018-06-12 21:47:39 +02:00
Tobias Brunner
89bd016ef4 Fixed some typos, courtesy of codespell 2018-05-23 16:33:02 +02:00
Tobias Brunner
9746c308ff testing: Add ikev2/multi-level-ca-skipped scenario 2018-05-22 09:50:47 +02:00
Tobias Brunner
7b660944b6 dhcp: Only send client identifier if identity_lease is enabled 
The client identifier serves as unique identifier just like a unique MAC
address would, so even with identity_leases disabled some DHCP servers
might assign unique leases per identity.
 2018-05-18 18:04:01 +02:00
Tobias Brunner
becf027cd9 dhcp: Bind server port when a specific server address is specified 
DHCP servers will respond to port 67 if giaddr is non-zero, which we set
if we are not broadcasting.  While such messages are received fine via
RAW socket the kernel will respond with an ICMP port unreachable if no
socket is bound to that port.  Instead of opening a dummy socket on port
67 just to avoid the ICMPs we can also just operate with a single
socket, bind it to port 67 and send our requests from that port.

Since SO_REUSEADDR behaves on Linux like SO_REUSEPORT does on other
systems we can bind that port even if a DHCP server is running on the
same host as the daemon (this might have to be adapted to make this work
on other systems, but due to the raw socket the plugin is not that portable
anyway).
 2018-05-18 18:04:01 +02:00
Andreas Steffen
51d5b35f51 testing: Fixed ikev2/alg-chacha20poly1305 scenario 2018-04-19 16:33:04 +02:00
Tobias Brunner
2db6d5b8b3 Fixed some typos, courtesy of codespell 2018-02-13 12:19:54 +01:00
Tobias Brunner
ad14f2084e testing: Add ikev2/mobike-virtual-ip-nat scenario 
This tests moving from a public IP behind a NAT and back (with proper
changes of the UDP encapsulation).
 2018-02-09 11:21:02 +01:00
Tobias Brunner
351a08e1ff testing: Fix swanctl --list-sas checks in some scenarios 
::YES was missing (or written as ::YES]) rendering those checks void.
Turns out some of them actually were wrong.
 2017-12-22 10:22:47 +01:00
Tobias Brunner
b3a793541d testing: Add route-based/net2net-gre scenario 2017-12-22 10:22:47 +01:00
Robin McCorkell
e71593d91c testing: Add route-based/net2net-vti scenario 2017-12-22 10:22:47 +01:00
Robin McCorkell
ff7129ee6a testing: Added route-based/rw-shared-vti-ip6-in-ip4 scenario 2017-12-22 10:22:47 +01:00
Robin McCorkell
a35416af1c testing: Added route-based/rw-shared-vti scenario 2017-12-22 10:22:47 +01:00
Andreas Steffen
f60b08ba0d testing: Added swanctl/rw-cert-pss scenario 2017-11-17 22:42:07 +01:00
Tobias Brunner
ce4aebe00a testing: Configure logging via syslog in strongswan.conf 
Globally configure logging in strongswan.conf.testing and replace all
charondebug statements with strongswan.conf settings.
 2017-11-15 17:24:04 +01:00
Tobias Brunner
be214cb17e testing: Globally define logging via syslog for charon-systemd 
We could make the same change for charon (actually setting it for charon
in strongswan.conf.testing would work for charon-systemd too), however,
there are dozens of test cases that currently set charondebug in
ipsec.conf.
 2017-11-15 17:09:55 +01:00
Andreas Steffen
859cb93d28 testing: Do not remove all swanctl subdirectories 2017-11-11 19:23:01 +01:00
Andreas Steffen
13a3f20f2e testing: Converterd tnc to systemd 2017-11-11 16:41:16 +01:00
Andreas Steffen
323f0b05d7 testing: Converted sql to systemd 2017-11-11 16:41:15 +01:00
Andreas Steffen
70dc5bb8ad testing: Converted swanctl to systemd 2017-11-11 16:41:15 +01:00
Andreas Steffen
65f74cd13d testing: Added legacy ipv6-stroke scenarios 2017-11-11 16:41:15 +01:00
Andreas Steffen
4402013f05 testing: Converted ipv6/rw-ip6-in-ip4-ikev2 to swanctl 2017-11-10 13:54:51 +01:00
Andreas Steffen
b3ccfcd05e testing: Converted ipv6/rw-ip6-in-ip4-ikev1 to swanctl 2017-11-10 13:54:50 +01:00
Andreas Steffen
da5aa6ae6a testing: Converted ipv6/net2net-ip6-in-ip4-ikev2 to swanctl 2017-11-10 13:54:50 +01:00
Andreas Steffen
12dbca721e testing: Converted ipv6/net2net-ip6-in-ip4-ikev1 to swanctl 2017-11-10 13:54:50 +01:00
Andreas Steffen
f0476c4a82 testing: Converted ipv6/rw-rfc3779-ikev2 to swanctl 2017-11-10 13:54:50 +01:00
Andreas Steffen
96d7d9392f testing: Converted ipv6/rw-compress-ikev2 to swanctl 2017-11-10 13:54:50 +01:00
Andreas Steffen
34acd584e5 testing: Converted ipv6/rw-psk-ikev2 to swanctl 2017-11-10 11:49:49 +01:00
Andreas Steffen
0770b37f8f testing: Converted ipv6/rw-psk-ikev1 to swanctl 2017-11-10 11:49:41 +01:00
Andreas Steffen
ffe0d82c03 testing: Converted ipv6/rw-ikev2 to swanctl 2017-11-10 11:49:41 +01:00
Andreas Steffen
a96238a0d0 testing: Converted ipv6/rw-ikev1 to swanctl 2017-11-10 11:49:41 +01:00
Andreas Steffen
8215681a4a testing: Converted ipv6/net2net-rfc3779-ikev2 to swanctl 2017-11-10 11:49:41 +01:00
Andreas Steffen
04b79bc98c testing: Converted ipv6/net2net-ip4-in-ip6-ikev2 to swanctl 2017-11-10 11:49:40 +01:00
Andreas Steffen
fd3f6871c9 testing: Converted ipv6/net2net-ip4-in-ip6-ikev1 to swanctl 2017-11-10 11:49:40 +01:00