From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Thu, 20 Oct 2022 08:17:32 +0000 (+0200)
Subject: testing: Migrated libipsec scenarios to new default plugins
X-Git-Tag: 6.0.0rc1~9^2~8
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bd93dfb09b9e7bb72cd8d99a655358fca3eb9f0f;p=thirdparty%2Fstrongswan.git

testing: Migrated libipsec scenarios to new default plugins
---

diff --git a/testing/tests/libipsec/host2host-cert-raw/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/host2host-cert-raw/hosts/moon/etc/strongswan.conf
index ac1b855642..9ff1eb85bc 100644
--- a/testing/tests/libipsec/host2host-cert-raw/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/host2host-cert-raw/hosts/moon/etc/strongswan.conf
@@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
 
   multiple_authentication = no
 
diff --git a/testing/tests/libipsec/host2host-cert-raw/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/host2host-cert-raw/hosts/sun/etc/strongswan.conf
index ac1b855642..9ff1eb85bc 100644
--- a/testing/tests/libipsec/host2host-cert-raw/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/host2host-cert-raw/hosts/sun/etc/strongswan.conf
@@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
 
   multiple_authentication = no
 
diff --git a/testing/tests/libipsec/host2host-cert/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/host2host-cert/hosts/moon/etc/strongswan.conf
index 38bcce263d..9adf2aa998 100644
--- a/testing/tests/libipsec/host2host-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/host2host-cert/hosts/moon/etc/strongswan.conf
@@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
 
   multiple_authentication = no
 
diff --git a/testing/tests/libipsec/host2host-cert/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/host2host-cert/hosts/sun/etc/strongswan.conf
index 38bcce263d..9adf2aa998 100644
--- a/testing/tests/libipsec/host2host-cert/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/host2host-cert/hosts/sun/etc/strongswan.conf
@@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
 
   multiple_authentication = no
 
diff --git a/testing/tests/libipsec/net2net-3des/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/net2net-3des/hosts/moon/etc/strongswan.conf
index 141a52e18d..c98c6731ea 100644
--- a/testing/tests/libipsec/net2net-3des/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-3des/hosts/moon/etc/strongswan.conf
@@ -1,10 +1,10 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce des sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
 }
diff --git a/testing/tests/libipsec/net2net-3des/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/net2net-3des/hosts/sun/etc/strongswan.conf
index 141a52e18d..c98c6731ea 100644
--- a/testing/tests/libipsec/net2net-3des/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-3des/hosts/sun/etc/strongswan.conf
@@ -1,10 +1,10 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce des sha1 sha2 pem pkcs1 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
 }
diff --git a/testing/tests/libipsec/net2net-cert-ip6-in-ip4/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/net2net-cert-ip6-in-ip4/hosts/moon/etc/strongswan.conf
index 6870d32fe6..5304b76e47 100644
--- a/testing/tests/libipsec/net2net-cert-ip6-in-ip4/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-cert-ip6-in-ip4/hosts/moon/etc/strongswan.conf
@@ -1,10 +1,10 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce pem pkcs1 x509 openssl curl revocation vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 openssl curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
 }
diff --git a/testing/tests/libipsec/net2net-cert-ip6-in-ip4/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/net2net-cert-ip6-in-ip4/hosts/sun/etc/strongswan.conf
index 6870d32fe6..5304b76e47 100644
--- a/testing/tests/libipsec/net2net-cert-ip6-in-ip4/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-cert-ip6-in-ip4/hosts/sun/etc/strongswan.conf
@@ -1,10 +1,10 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce pem pkcs1 x509 openssl curl revocation vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 openssl curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
 }
diff --git a/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/moon/etc/strongswan.conf
index e2c90b0bfa..734f05b5fc 100644
--- a/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/moon/etc/strongswan.conf
@@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 gcm pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
   plugins {
     kernel-libipsec {
diff --git a/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/sun/etc/strongswan.conf
index fa2a2a49c7..734f05b5fc 100644
--- a/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/sun/etc/strongswan.conf
@@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 gcm pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici ker_nel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
   plugins {
     kernel-libipsec {
diff --git a/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/sun/etc/swanctl/swanctl.conf b/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/sun/etc/swanctl/swanctl.conf
index 6d3bb72260..4e5ad5a072 100755
--- a/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/sun/etc/swanctl/swanctl.conf
+++ b/testing/tests/libipsec/net2net-cert-ip6-in-ip6-raw/hosts/sun/etc/swanctl/swanctl.conf
@@ -19,7 +19,6 @@ connections {
             remote_ts = fec1::0/16
 
             updown = /etc/updown
-            updown = /usr/local/libexec/ipsec/_updown iptables
             esp_proposals = aes128gcm128-x25519
          }
       }
diff --git a/testing/tests/libipsec/net2net-cert-raw/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/net2net-cert-raw/hosts/moon/etc/strongswan.conf
index e2c90b0bfa..734f05b5fc 100644
--- a/testing/tests/libipsec/net2net-cert-raw/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-cert-raw/hosts/moon/etc/strongswan.conf
@@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 gcm pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
   plugins {
     kernel-libipsec {
diff --git a/testing/tests/libipsec/net2net-cert-raw/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/net2net-cert-raw/hosts/sun/etc/strongswan.conf
index fa2a2a49c7..734f05b5fc 100644
--- a/testing/tests/libipsec/net2net-cert-raw/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-cert-raw/hosts/sun/etc/strongswan.conf
@@ -1,11 +1,11 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 gcm pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici ker_nel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
   plugins {
     kernel-libipsec {
diff --git a/testing/tests/libipsec/net2net-cert-raw/hosts/sun/etc/swanctl/swanctl.conf b/testing/tests/libipsec/net2net-cert-raw/hosts/sun/etc/swanctl/swanctl.conf
index 36229552b5..892678746a 100755
--- a/testing/tests/libipsec/net2net-cert-raw/hosts/sun/etc/swanctl/swanctl.conf
+++ b/testing/tests/libipsec/net2net-cert-raw/hosts/sun/etc/swanctl/swanctl.conf
@@ -19,7 +19,6 @@ connections {
             remote_ts = 10.1.0.0/16
 
             updown = /etc/updown
-            updown = /usr/local/libexec/ipsec/_updown iptables
             esp_proposals = aes128gcm128-x25519
          }
       }
diff --git a/testing/tests/libipsec/net2net-cert/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/net2net-cert/hosts/moon/etc/strongswan.conf
index 8ce7c2a783..c98c6731ea 100644
--- a/testing/tests/libipsec/net2net-cert/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-cert/hosts/moon/etc/strongswan.conf
@@ -1,10 +1,10 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 gcm pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
 }
diff --git a/testing/tests/libipsec/net2net-cert/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/net2net-cert/hosts/sun/etc/strongswan.conf
index 8ce7c2a783..c98c6731ea 100644
--- a/testing/tests/libipsec/net2net-cert/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-cert/hosts/sun/etc/strongswan.conf
@@ -1,10 +1,10 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 gcm pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
 }
diff --git a/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf
index 9e2091f317..23cdf9acb4 100644
--- a/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-null/hosts/moon/etc/strongswan.conf
@@ -1,10 +1,10 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce pem pkcs1 revocation openssl curl vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 revocation openssl curl vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
 }
diff --git a/testing/tests/libipsec/net2net-null/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/net2net-null/hosts/sun/etc/strongswan.conf
index 9e2091f317..23cdf9acb4 100644
--- a/testing/tests/libipsec/net2net-null/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-null/hosts/sun/etc/strongswan.conf
@@ -1,10 +1,10 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce pem pkcs1 revocation openssl curl vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 revocation openssl curl vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
 }
diff --git a/testing/tests/libipsec/net2net-trap/hosts/moon/etc/strongswan.conf b/testing/tests/libipsec/net2net-trap/hosts/moon/etc/strongswan.conf
index 8ce7c2a783..c98c6731ea 100644
--- a/testing/tests/libipsec/net2net-trap/hosts/moon/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-trap/hosts/moon/etc/strongswan.conf
@@ -1,10 +1,10 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 gcm pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
 }
diff --git a/testing/tests/libipsec/net2net-trap/hosts/sun/etc/strongswan.conf b/testing/tests/libipsec/net2net-trap/hosts/sun/etc/strongswan.conf
index 8ce7c2a783..c98c6731ea 100644
--- a/testing/tests/libipsec/net2net-trap/hosts/sun/etc/strongswan.conf
+++ b/testing/tests/libipsec/net2net-trap/hosts/sun/etc/strongswan.conf
@@ -1,10 +1,10 @@
 # /etc/strongswan.conf - strongSwan configuration file
 
 swanctl {
-  load = pem pkcs1 x509 revocation constraints pubkey openssl random
+  load = pem pkcs1 revocation constraints pubkey openssl random
 }
 
 charon-systemd {
-  load = random nonce aes sha1 sha2 gcm pem pkcs1 curve25519 gmp x509 curl revocation hmac kdf vici kernel-libipsec kernel-netlink socket-default updown
+  load = random nonce openssl pem pkcs1 curl revocation vici kernel-libipsec kernel-netlink socket-default updown
   multiple_authentication = no
 }