# strongSwan Root CA
cd /etc/ca
+# copy default web page
+cp index.html ${ROOT}
+
# copy strongsSwan CA certificate
cp strongswanCert.pem ${ROOT}
cp strongswanCert.der ${ROOT}
CA_DIR="${DIR}/hosts/winnetou/etc/ca"
CA_KEY="${CA_DIR}/strongswanKey.pem"
CA_CERT="${CA_DIR}/strongswanCert.pem"
+CA_CERT_DER="${CA_DIR}/strongswanCert.der"
CA_CRL="${CA_DIR}/strongswan.crl"
CA_LAST_CRL="${CA_DIR}/strongswan_last.crl"
CA_CDP="http://crl.strongswan.org/strongswan.crl"
RESEARCH_DIR="${CA_DIR}/research"
RESEARCH_KEY="${RESEARCH_DIR}/researchKey.pem"
RESEARCH_CERT="${RESEARCH_DIR}/researchCert.pem"
+RESEARCH_CERT_DER="${RESEARCH_DIR}/researchCert.der"
RESEARCH_CDP="http://crl.strongswan.org/research.crl"
#
SALES_DIR="${CA_DIR}/sales"
SALES_KEY="${SALES_DIR}/salesKey.pem"
SALES_CERT="${SALES_DIR}/salesCert.pem"
+SALES_CERT_DER="${SALES_DIR}/salesCert.der"
SALES_CDP="http://crl.strongswan.org/sales.crl"
#
DUCK_DIR="${CA_DIR}/duck"
# Create directories
mkdir -p ${CA_DIR}/certs
+mkdir -p ${CA_DIR}/keys
mkdir -p ${RESEARCH_DIR}/certs
+mkdir -p ${RESEARCH_DIR}/keys
mkdir -p ${SALES_DIR}/certs
+mkdir -p ${SALES_DIR}/keys
mkdir -p ${DUCK_DIR}/certs
mkdir -p ${ECDSA_DIR}/certs
mkdir -p ${RFC3779_DIR}/certs
# Put a copy onto the alice FreeRADIUS server
cp ${CA_CERT} ${DIR}/hosts/alice/etc/raddb/certs
+# Convert strongSwan Root CA certificate into DER format
+openssl x509 -in ${CA_CERT} -outform der -out ${CA_CERT_DER}
+
# Gernerate a stale CRL
pki --signcrl --cakey ${CA_KEY} --cacert ${CA_CERT} \
--this-update "${START}" --lifetime 1 > ${CA_LAST_CRL}
# Put a copy into swanctl directory tree
cp ${HOST_KEY} ${HOST_DIR}/${SWANCTL_DIR}/rsa
+
+ # Convert host key into DER format
+ openssl rsa -in ${HOST_KEY} -outform der -out ${CA_DIR}/keys/${h}Key.der \
+ 2> /dev/null
done
-# Convert moon private key and Root CA certificate into DER format
+# Put DER-encoded moon private key and Root CA certificate into tkm scenarios
for t in host2host-initiator host2host-responder host2host-xfrmproxy \
net2net-initiator net2net-xfrmproxy xfrmproxy-expire xfrmproxy-rekey
do
- HOST_KEY=${DIR}/hosts/moon/${SWANCTL_DIR}/rsa/moonKey.pem
TEST="${TEST_DIR}/tkm/${t}"
- TEST_KEY=${TEST}/hosts/moon/${TKM_DIR}/moonKey.der
- TEST_CERT=${TEST}/hosts/moon/${TKM_DIR}/strongswanCert.der
- openssl rsa -in ${HOST_KEY} -outform der -out ${TEST_KEY} 2> /dev/null
- openssl x509 -in ${CA_CERT} -outform der -out ${TEST_CERT}
+ cp ${CA_DIR}/keys/moonKey.der ${CA_CERT_DER} ${TEST}/hosts/moon/${TKM_DIR}
done
-# Convert sun private key and Root CA certificate into DER format
+# Put DER_encoded sun private key and Root CA certificate into tkm scenarios
for t in multiple-clients
do
- HOST_KEY=${DIR}/hosts/sun/${SWANCTL_DIR}/rsa/sunKey.pem
TEST="${TEST_DIR}/tkm/${t}"
- TEST_KEY=${TEST}/hosts/sun/${TKM_DIR}/sunKey.der
- TEST_CERT=${TEST}/hosts/sun/${TKM_DIR}/strongswanCert.der
- openssl rsa -in ${HOST_KEY} -outform der -out ${TEST_KEY} 2> /dev/null
- openssl x509 -in ${CA_CERT} -outform der -out ${TEST_CERT}
+ cp ${CA_DIR}/keys/sunKey.der ${CA_CERT_DER} ${TEST}/hosts/sun/${TKM_DIR}
done
# Put DER-encoded moon private key and Root CA certificate into tkm scenarios
TEST="${TEST_DIR}/swanctl/ocsp-multi-level"
cp ${RESEARCH_CERT} ${TEST}/hosts/moon/${SWANCTL_DIR}/x509ca
+# Convert Research CA certificate into DER format
+openssl x509 -in ${RESEARCH_CERT} -outform der -out ${RESEARCH_CERT_DER}
+
# Generate Research CA with the same private key as above but invalid CDP
TEST="${TEST_DIR}/ikev2/multi-level-ca-skipped"
TEST_CERT="${TEST}/hosts/moon/${IPSEC_DIR}/cacerts/researchCert.pem"
TEST="${TEST_DIR}/swanctl/ocsp-multi-level"
cp ${SALES_CERT} ${TEST}/hosts/moon/${SWANCTL_DIR}/x509ca
+# Convert Sales CA certificate into DER format
+openssl x509 -in ${SALES_CERT} -outform der -out ${SALES_CERT_DER}
+
# Generate an AES-128 encrypted moon key and a SHA-224 hashed certificate
TEST="${TEST_DIR}/ikev2/strong-keys-certs"
TEST_KEY="${TEST}/hosts/moon/${IPSEC_DIR}/private/moonKey-aes128.pem"
--crl ${RESEARCH_CDP} --outform pem > ${TEST_CERT}
cp ${TEST_CERT} ${RESEARCH_DIR}/certs/${SERIAL}.pem
+# Save a copy of the private key in DER format
+openssl rsa -in ${TEST_KEY} -outform der \
+ -out ${RESEARCH_DIR}/keys/${SERIAL}.der 2> /dev/null
+
# Put a copy in the ikev2/multilevel-ca-cr-init scenario
TEST="${TEST_DIR}/ikev2/multi-level-ca-cr-init"
cp ${TEST_KEY} ${TEST}/hosts/carol/${IPSEC_DIR}/private
--crl ${SALES_CDP} --outform pem > ${TEST_CERT}
cp ${TEST_CERT} ${SALES_DIR}/certs/${SERIAL}.pem
+# Save a copy of the private key in DER format
+openssl rsa -in ${TEST_KEY} -outform der \
+ -out ${SALES_DIR}/keys/${SERIAL}.der 2> /dev/null
+
# Put a copy in the ikev2/multilevel-ca-cr-init scenario
TEST="${TEST_DIR}/ikev2/multi-level-ca-cr-init"
cp ${TEST_KEY} ${TEST}/hosts/dave/${IPSEC_DIR}/private
TEST="${TEST_DIR}/swanctl/rw-ntru-bliss"
cp ${TEST_KEY} ${TEST}/hosts/moon/${SWANCTL_DIR}/bliss/
cp ${TEST_CERT} ${TEST}/hosts/moon/${SWANCTL_DIR}/x509/
+
+################################################################################
+# SQL Data #
+################################################################################
+
+CA_SPK_HEX=`pki --keyid --type rsa --format hex --id spk --in ${CA_KEY}`
+CA_SPKI_HEX=`pki --keyid --type rsa --format hex --id spki --in ${CA_KEY}`
+CA_CERT_HEX=`cat ${CA_CERT_DER} | hexdump -v -e '/1 "%02x"'`
+CA_CERT_PEM_HEX=`cat ${CA_CERT} | hexdump -v -e '/1 "%02x"'`
+#
+MOON_CERT="${DIR}/hosts/moon/${SWANCTL_DIR}/x509/moonCert.pem"
+MOON_KEY="${CA_DIR}/keys/moonKey.der"
+MOON_KEY_PEM="${DIR}/hosts/moon/${SWANCTL_DIR}/rsa/moonKey.pem"
+MOON_KEY_PEM_HEX=`cat ${MOON_KEY_PEM} | hexdump -v -e '/1 "%02x"'`
+MOON_KEY_HEX=`cat ${MOON_KEY} | hexdump -v -e '/1 "%02x"'`
+MOON_SPK_HEX=`pki --keyid --type rsa --format hex --id spk --in ${MOON_KEY}`
+MOON_PUB_HEX=`pki --pub --type rsa --in ${MOON_KEY} | hexdump -v -e '/1 "%02x"'`
+MOON_CERT_HEX=`openssl x509 -in ${MOON_CERT} -outform der | hexdump -v -e '/1 "%02x"'`
+MOON_CERT_PEM_HEX=`cat ${MOON_CERT} | hexdump -v -e '/1 "%02x"'`
+#
+SUN_CERT="${DIR}/hosts/sun/${SWANCTL_DIR}/x509/sunCert.pem"
+SUN_KEY="${CA_DIR}/keys/sunKey.der"
+SUN_KEY_PEM="${DIR}/hosts/sun/${SWANCTL_DIR}/rsa/sunKey.pem"
+SUN_KEY_PEM_HEX=`cat ${SUN_KEY_PEM} | hexdump -v -e '/1 "%02x"'`
+SUN_KEY_HEX=`cat ${SUN_KEY} | hexdump -v -e '/1 "%02x"'`
+SUN_SPK_HEX=`pki --keyid --type rsa --format hex --id spk --in ${SUN_KEY}`
+SUN_CERT_HEX=`openssl x509 -in ${SUN_CERT} -outform der | hexdump -v -e '/1 "%02x"'`
+SUN_CERT_PEM_HEX=`cat ${SUN_CERT} | hexdump -v -e '/1 "%02x"'`
+#
+CAROL_CERT="${DIR}/hosts/carol/${SWANCTL_DIR}/x509/carolCert.pem"
+CAROL_KEY="${CA_DIR}/keys/carolKey.der"
+CAROL_KEY_HEX=`cat ${CAROL_KEY} | hexdump -v -e '/1 "%02x"'`
+CAROL_SPK_HEX=`pki --keyid --type rsa --format hex --id spk --in ${CAROL_KEY}`
+CAROL_PUB_HEX=`pki --pub --type rsa --in ${CAROL_KEY} | hexdump -v -e '/1 "%02x"'`
+CAROL_CERT_HEX=`openssl x509 -in ${CAROL_CERT} -outform der | hexdump -v -e '/1 "%02x"'`
+#
+DAVE_CERT="${DIR}/hosts/dave/${SWANCTL_DIR}/x509/daveCert.pem"
+DAVE_KEY="${CA_DIR}/keys/daveKey.der"
+DAVE_KEY_HEX=`cat ${DAVE_KEY} | hexdump -v -e '/1 "%02x"'`
+DAVE_SPK_HEX=`pki --keyid --type rsa --format hex --id spk --in ${DAVE_KEY}`
+DAVE_PUB_HEX=`pki --pub --type rsa --in ${DAVE_KEY} | hexdump -v -e '/1 "%02x"'`
+DAVE_CERT_HEX=`openssl x509 -in ${DAVE_CERT} -outform der | hexdump -v -e '/1 "%02x"'`
+#
+ALICE_CERT="${DIR}/hosts/alice/${SWANCTL_DIR}/x509/aliceCert.pem"
+ALICE_KEY="${CA_DIR}/keys/aliceKey.der"
+ALICE_KEY_HEX=`cat ${ALICE_KEY} | hexdump -v -e '/1 "%02x"'`
+ALICE_SPK_HEX=`pki --keyid --type rsa --format hex --id spk --in ${ALICE_KEY}`
+ALICE_CERT_HEX=`openssl x509 -in ${ALICE_CERT} -outform der | hexdump -v -e '/1 "%02x"'`
+#
+VENUS_CERT="${DIR}/hosts/venus/${SWANCTL_DIR}/x509/venusCert.pem"
+VENUS_KEY="${CA_DIR}/keys/venusKey.der"
+VENUS_KEY_HEX=`cat ${VENUS_KEY} | hexdump -v -e '/1 "%02x"'`
+VENUS_SPK_HEX=`pki --keyid --type rsa --format hex --id spk --in ${VENUS_KEY}`
+VENUS_CERT_HEX=`openssl x509 -in ${VENUS_CERT} -outform der | hexdump -v -e '/1 "%02x"'`
+#
+RESEARCH_SPK_HEX=`pki --keyid --type rsa --format hex --id spk --in ${RESEARCH_KEY}`
+RESEARCH_SPKI_HEX=`pki --keyid --type rsa --format hex --id spki --in ${RESEARCH_KEY}`
+RESEARCH_CERT_HEX=`cat ${RESEARCH_CERT_DER} | hexdump -v -e '/1 "%02x"'`
+#
+CAROL_R_CERT="${RESEARCH_DIR}/certs/01.pem"
+CAROL_R_KEY="${RESEARCH_DIR}/keys/01.der"
+CAROL_R_KEY_HEX=`cat ${CAROL_R_KEY} | hexdump -v -e '/1 "%02x"'`
+CAROL_R_SPK_HEX=`pki --keyid --type rsa --format hex --id spk --in ${CAROL_R_KEY}`
+CAROL_R_CERT_HEX=`openssl x509 -in ${CAROL_R_CERT} -outform der | hexdump -v -e '/1 "%02x"'`
+#
+SALES_SPK_HEX=`pki --keyid --type rsa --format hex --id spk --in ${SALES_KEY}`
+SALES_SPKI_HEX=`pki --keyid --type rsa --format hex --id spki --in ${SALES_KEY}`
+SALES_CERT_HEX=`cat ${SALES_CERT_DER} | hexdump -v -e '/1 "%02x"'`
+#
+DAVE_S_CERT="${SALES_DIR}/certs/01.pem"
+DAVE_S_KEY="${SALES_DIR}/keys/01.der"
+DAVE_S_KEY_HEX=`cat ${DAVE_S_KEY} | hexdump -v -e '/1 "%02x"'`
+DAVE_S_SPK_HEX=`pki --keyid --type rsa --format hex --id spk --in ${DAVE_S_KEY}`
+DAVE_S_CERT_HEX=`openssl x509 -in ${DAVE_S_CERT} -outform der | hexdump -v -e '/1 "%02x"'`
+#
+for t in ip-pool-db ip-pool-db-expired ip-pool-db-restart ip-split-pools-db \
+ ip-split-pools-db-restart multi-level-ca rw-cert rw-psk-rsa-split \
+ rw-psk-ipv4 rw-psk-ipv6 rw-rsa rw-rsa-keyid
+do
+ for h in carol dave moon
+ do
+ TEST_DATA="${TEST_DIR}/sql/${t}/hosts/${h}/${IPSEC_DIR}/data.sql"
+ sed -e "s/CA_SPK_HEX/${CA_SPK_HEX}/g" \
+ -e "s/CA_SPKI_HEX/${CA_SPKI_HEX}/g" \
+ -e "s/CA_CERT_HEX/${CA_CERT_HEX}/g" \
+ -e "s/MOON_KEY_HEX/${MOON_KEY_HEX}/g" \
+ -e "s/MOON_SPK_HEX/${MOON_SPK_HEX}/g" \
+ -e "s/MOON_PUB_HEX/${MOON_PUB_HEX}/g" \
+ -e "s/MOON_CERT_HEX/${MOON_CERT_HEX}/g" \
+ -e "s/CAROL_KEY_HEX/${CAROL_KEY_HEX}/g" \
+ -e "s/CAROL_SPK_HEX/${CAROL_SPK_HEX}/g" \
+ -e "s/CAROL_PUB_HEX/${CAROL_PUB_HEX}/g" \
+ -e "s/CAROL_CERT_HEX/${CAROL_CERT_HEX}/g" \
+ -e "s/DAVE_KEY_HEX/${DAVE_KEY_HEX}/g" \
+ -e "s/DAVE_SPK_HEX/${DAVE_SPK_HEX}/g" \
+ -e "s/DAVE_PUB_HEX/${DAVE_PUB_HEX}/g" \
+ -e "s/DAVE_CERT_HEX/${DAVE_CERT_HEX}/g" \
+ -e "s/RESEARCH_SPK_HEX/${RESEARCH_SPK_HEX}/g" \
+ -e "s/RESEARCH_SPKI_HEX/${RESEARCH_SPKI_HEX}/g" \
+ -e "s/RESEARCH_CERT_HEX/${RESEARCH_CERT_HEX}/g" \
+ -e "s/CAROL_R_KEY_HEX/${CAROL_R_KEY_HEX}/g" \
+ -e "s/CAROL_R_SPK_HEX/${CAROL_R_SPK_HEX}/g" \
+ -e "s/CAROL_R_CERT_HEX/${CAROL_R_CERT_HEX}/g" \
+ -e "s/SALES_SPK_HEX/${SALES_SPK_HEX}/g" \
+ -e "s/SALES_SPKI_HEX/${SALES_SPKI_HEX}/g" \
+ -e "s/SALES_CERT_HEX/${SALES_CERT_HEX}/g" \
+ -e "s/DAVE_S_KEY_HEX/${DAVE_S_KEY_HEX}/g" \
+ -e "s/DAVE_S_SPK_HEX/${DAVE_S_SPK_HEX}/g" \
+ -e "s/DAVE_S_CERT_HEX/${DAVE_S_CERT_HEX}/g" \
+ ${TEST_DATA}.in > ${TEST_DATA}
+ done
+done
+#
+for t in rw-eap-aka-rsa
+do
+ for h in carol moon
+ do
+ TEST_DATA="${TEST_DIR}/sql/${t}/hosts/${h}/${IPSEC_DIR}/data.sql"
+ sed -e "s/CA_SPK_HEX/${CA_SPK_HEX}/g" \
+ -e "s/CA_SPKI_HEX/${CA_SPKI_HEX}/g" \
+ -e "s/CA_CERT_HEX/${CA_CERT_HEX}/g" \
+ -e "s/MOON_KEY_HEX/${MOON_KEY_HEX}/g" \
+ -e "s/MOON_SPK_HEX/${MOON_SPK_HEX}/g" \
+ -e "s/MOON_CERT_HEX/${MOON_CERT_HEX}/g" \
+ ${TEST_DATA}.in > ${TEST_DATA}
+ done
+done
+#
+for t in net2net-cert net2net-psk net2net-route-pem net2net-start-pem
+do
+ for h in moon sun
+ do
+ TEST_DATA="${TEST_DIR}/sql/${t}/hosts/${h}/${IPSEC_DIR}/data.sql"
+ sed -e "s/CA_SPK_HEX/${CA_SPK_HEX}/g" \
+ -e "s/CA_SPKI_HEX/${CA_SPKI_HEX}/g" \
+ -e "s/CA_CERT_HEX/${CA_CERT_HEX}/g" \
+ -e "s/CA_CERT_PEM_HEX/${CA_CERT_PEM_HEX}/g" \
+ -e "s/MOON_KEY_PEM_HEX/${MOON_KEY_PEM_HEX}/g" \
+ -e "s/MOON_KEY_HEX/${MOON_KEY_HEX}/g" \
+ -e "s/MOON_SPK_HEX/${MOON_SPK_HEX}/g" \
+ -e "s/MOON_CERT_HEX/${MOON_CERT_HEX}/g" \
+ -e "s/MOON_CERT_PEM_HEX/${MOON_CERT_PEM_HEX}/g" \
+ -e "s/SUN_KEY_PEM_HEX/${SUN_KEY_PEM_HEX}/g" \
+ -e "s/SUN_KEY_HEX/${SUN_KEY_HEX}/g" \
+ -e "s/SUN_SPK_HEX/${SUN_SPK_HEX}/g" \
+ -e "s/SUN_CERT_HEX/${SUN_CERT_HEX}/g" \
+ -e "s/SUN_CERT_PEM_HEX/${SUN_CERT_PEM_HEX}/g" \
+ ${TEST_DATA}.in > ${TEST_DATA}
+ done
+done
+#
+for t in shunt-policies-nat-rw
+do
+ for h in alice venus sun
+ do
+ TEST_DATA="${TEST_DIR}/sql/${t}/hosts/${h}/${IPSEC_DIR}/data.sql"
+ sed -e "s/CA_SPK_HEX/${CA_SPK_HEX}/g" \
+ -e "s/CA_SPKI_HEX/${CA_SPKI_HEX}/g" \
+ -e "s/CA_CERT_HEX/${CA_CERT_HEX}/g" \
+ -e "s/ALICE_KEY_HEX/${ALICE_KEY_HEX}/g" \
+ -e "s/ALICE_SPK_HEX/${ALICE_SPK_HEX}/g" \
+ -e "s/ALICE_CERT_HEX/${ALICE_CERT_HEX}/g" \
+ -e "s/VENUS_KEY_HEX/${VENUS_KEY_HEX}/g" \
+ -e "s/VENUS_SPK_HEX/${VENUS_SPK_HEX}/g" \
+ -e "s/VENUS_CERT_HEX/${VENUS_CERT_HEX}/g" \
+ -e "s/SUN_KEY_HEX/${SUN_KEY_HEX}/g" \
+ -e "s/SUN_SPK_HEX/${SUN_SPK_HEX}/g" \
+ -e "s/SUN_CERT_HEX/${SUN_CERT_HEX}/g" \
+ ${TEST_DATA}.in > ${TEST_DATA}
+ done
+done
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 11, X'5c597062572d2a249c5c94569b895ee5c505b6bd'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=carol@strongswan.org */
- 1, 1, X'308204223082030aa003020102020130300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135303533365a170d3139303832363135303533365a305a310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e3111300f060355040b13085265736561726368311d301b060355040314146361726f6c407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001a38201063082010230090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e041604145c597062572d2a249c5c94569b895ee5c505b6bd306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301f0603551d110418301681146361726f6c407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010055a93c340d100113073090cb03917d72217e2538301a76f4aafcf3ff3377ba56864e5c1a61290bea80081a0a993ebc05e81cd3c89a0faf4557986c8792d04da5328e67290bbb302b3c4692fdecf3072fb365cd10624be0822916821e094980266d7f0735b1aa67adc85e32865ab7e1b28e7c8a54d4c987f42d1a6e502fd0d129ad76e41f604bd16d753d01921c48b19e13b0439e4eabf97478b16dcef1f8cc044cbe80c4dada3ea7c86edefc727b080773e92316184e50d5636170af61b4462f629c433f199140b09494892ca84ea42cc99873cce984fe62b8d09b41bfe960fa93ce6b8b42f30f3dd8a10ab27457f5dc57f94eafaf742da088cdc20f2abdc52e'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 1, X'308204a40201000282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001028201003f9bdaf82a0c071e61c7edb3dbc64ad63703d8283f6f7af64494a3130320bab5fd7e2b9344823252310c424a88f630265ebc0f7f1ebe77bc2a1c70de4f7e01f6f1ac950f9dd4b973afa79b06e81cec2d9fed3af207c03483e8c3108437c0244c6c36fc5d9443f4d86769f1f3b34e42459326fa6288c4a41e6c3ffe0879ea7fe25a02139cbe3c62e8959766c79c4987b83e248478582f074f4da0e945ee361731583c750aca01c0f56a0eb1a14f5b943a5caffcfafb557c8cf7d7ac9769e463287c694cf3ec8f3627d3339945bb706e89afb5a221710b84f946f7be26623e582ba560c5acc4ca0e943e13105986a3d6755458e3dd12a12a97055206ba2edf02d902818100da39de9827fd7560925b6643238109e12ea06df26cac90fa757dd8fa2072d5555c2a62f426167945590bafe581b2acbb52deb825ed99cb7cf47599e97929f5aec846ce2d7063b3b1ed80858039c6123ea5f823d0b8106d22abe212d838401ef9036722156b16e524db5e2384a5ae2d93a1bee91eaf83bc2d9f5b7caaa47113af02818100d7cb36691879640f5b4182035c61cdcec0d04f52ff42b6aad18d4015818fe245ef76947cca2dbb77e4845c0d98d7d432f39c57ab0d7b9e122d3d25be303e1ec9d0f1fdf1bf315219488de65a2fb68c654afebe4bf422959e95db0d88e782c14028ab0326eb76842ab93f3b04b9aaef2075a3e8b3619588d9dc9c98f4caea263f02818100d4e96320e6db665adb50ab7c53b681321f70ccf49a4cdf824d818461bda8ec35451fe1bdbd2f6e1057e98c2b0a988de891d8d4a7c4a2a9a3774b09e87d9b8fa580a77c5f5ee917984055856aee732eb7caec47dd4ac8540260dac87206a7a0d0691e85658a3f23400b7b548205b7e3a5c748615fdbf45673d8a7c501244162e7028181009fdd2cdee8c1ad4def15f5a255c322fbc33dcf3636628efeb725444f6a5f548ae8ded91c258f81ad4d3e7d0f99a672ce9848bf6dba1c553b340673ba94f4c04c549da1ba8120a1a89766803b59d38be8d2892c230aa6c05eeeb78c2c5b0e33ea3af68dec3c4ddd95e50ca1c55b62f5a9ff5cc15c7ab393e18a1cfcf78487b87302818051fe2f4ccdf6f253640c7c97434fec3e4f2d3149d699e662af1860605d90986f32b4052b670d4cf7e690419ad9a7a872c0f44ceb897c65038295ad6a19774da51a66e6c50a4dfc789542e2dc0015aa3a38311080c95b223a086bc3743c1b86b863f778a84cae36404d869654a7f95542bf9feedb98fefad2daf4d9ef197e929a'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_CAROL', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'home', 1, 4, 6, '0.0.0.0'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 11, X'CAROL_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=carol@strongswan.org */
+ 1, 1, X'CAROL_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 1, X'CAROL_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_CAROL', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'home', 1, 4, 6, '0.0.0.0'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 11, X'ec16639928815e01cc0227c0b9cb1feab7987037'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=dave@strongswan.org */
- 1, 1, X'308204223082030aa003020102020131300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135313230325a170d3139303832363135313230325a305b310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e31133011060355040b130a4163636f756e74696e67311c301a0603550403141364617665407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e56430203010001a38201053082010130090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414ec16639928815e01cc0227c0b9cb1feab7987037306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d1104173015811364617665407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010042a0be7f8ebc627b4aeaac2c0a500f53043041281319f71e707404233fd2fc6f6d10e120e9d6f023845afe031828c3bea9a8768b0eb77ba85284b01b653741b965739a548d3196869e7f52b5d779a44af62a6ef519362fda4dbddbb48e27ac27ed8f9f0400cf1396f6168cc3a22d83c084dfed7ce4d3694ce862e459f6feb77c762edd488cbcda23034bb139eaf245175b71079cbb89361010a39a436ef8490da0b36f18e0b8b048eaec6cb89f9db1793b8efeb23b788b7b0944b7f63f4eb6229025f2d5221d18cfea39963885d0eca8c64a581bf729a1589bd5165da8bd43b07116710c5807ef12486fed78bc62348671bcf1d47b3be2d3d1de92cc5dbc0ef7'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 1, X'308204a40201000282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e564302030100010282010100b628d1791f35281af55fd54c5257e0eeababfdf4f47bd5bb8b808244804ce09e281e4eca1a23d89a27cbc410cf10fbf32278c2308b7f67fe137513949d825c75ae1af7cf9d7005cb5f1573b0d10a24b3bee938fdd5d337aa9d6e5ed769641b1392dc715fddc08650c70c4471e9170d4dca1cbe4f96d5d503bbfe41715c6ef3a01e1b304b7f7d0f2ccd2192dfce9c3e5c5663c93a1284652fb0b50b68cfb093b6a20a4085bc37717b180255ecc5b8e10ffbc7dd68a8592775bc6a392da9b4cf36b391d3758a16f5c7b664727db3cfe2dce317f15bf26e9ba2592c785a22dcde728256b87af70a2f3ba2d30434e60c04f1f0e9ace4163d542017d72a48924ebb6102818100fef9ec239ad2bb059962fe1b9327fca60b47ff83c8238213e9976fc8443efb640faaa69447d1e65f477e7f004683858ab5d25b082d1582071eb294e10b69fe4009823f7a329a66b0e755f51a3ddbba2f367a7a5171903cce53fde7a666d33f64633f2541dd4d66b9645a6db2039c371e9fd2b84ef8b6ce3c2c733c1c2df1b0bd02818100d71910a4d9045e8c4ff85aa9bfb5fe2208a12ed123e0279e21d8dd623aca860a1094cbc4fceb104caf4d6bf2a302280365d7d603670ef76c748c98f435c7627e1286c79b16162b433723cc4dd7dc91d71d21003dc85dab8b2bcb43e8c8b66f5eb82703bc7faa577e08983b53f2f575acb6105ff5e005eb6cfa065b17495a12ff028180722a35313c015efc02d1f035288e9ef139dbe2ec7e90678dc2e9ab83600b53445a3f6e96b611a5b4c3ae3fef3fa36407d7a1786110ceb089bf94f6544d68080f64328d79896ed8cc1cc8c0161fdc6261016395a121d81361cef9c0df20eb35571d990875954132dd8fb16dac67316afcab530e734da98c6e24f8f3d12a412d810281810087313ad3d18ebc7a461d1ba6cb56f0b6a563e15013d3643330a4e46843f95c8be0e614b8e81a3a31689129c2e40f8be4aed31cb120ca385ad35a371c6edcb59bf5bafea40c1abcf04f2cd1d12f5673d7977851758384d437f1bb9d20275efadab6b5d6d4580d515666c27faf80ea241efc83883cbaa41dd76dc226e898f2e33302818079d917d98e48201e6a1fd3fef3c1af4c1dd79c74b783db0d54d41f3b6febb849e74487f300241e6430472d6a1dacb57fa32c93f897431e65f41fdf4d0cf8206eeaaf17ca0c3cdab5abf5f3229bc4b18fad56b3e823e46ed8d8ca373a1994675609d01aefe308285bdfcd86fec468e25d69112a5ba275031d8642620597ef2f2c'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_DAVE', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'home', 1, 4, 6, '0.0.0.0'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=dave@strongswan.org' */
+ 11, X'DAVE_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=dave@strongswan.org */
+ 1, 1, X'DAVE_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=dave@strongswan.org' */
+ 1, X'DAVE_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_DAVE', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'home', 1, 4, 6, '0.0.0.0'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* alice@strongswan.org */
- 3, X'616c696365407374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'308204223082030aa00302010202012b300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343435365a170d3139303832363134343435365a3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f0203010001a382011a3082011630090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414d8263d21ec7cdbbe5a390c5b70cb038021deae13306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d110417301582136d6f6f6e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b05000382010100a99e3e8d73e3ee3cb3e2e04de0e61c8992be55672ed24a095cb35bb254fda67f08fa251f522dde7e24eb0bd5a0939b4cbda8b72a75b1c1c46f222cd2edc15294decd615781083b7b1a1dee175048f137d6c3b4b584a1eab98a99985fc449fdf5ca47cffcbeeac10113f6c6ed7ec2ac048729a9e230661742d5a2f4f5fa8f86847ebacc8267c77cd1f41b5f32469e2faf34e21af1db281ea297a86ee1af30343c1dc9cc07d394ed8f1f2b4a18d6450b97a85fdfa2b90293c0ebbebab1144a46f0522a599588a4904eae5ae1cf200960196ed753f8dfdf6bc84a0e566de6ad741208d3a837c64e3e74c4abc09deabb5dd7ca9986069c85a834b63d81af0d3b35fc'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f02030100010282010004035ea5faaf11950d0ead7d0dea6d252e29a56138c393e40e99489a50c9c63e09856c2cd90ca17b335fa9540e1947fcb7ad7267b4dce00a30cefb2469fdc18cc78fe45cac3b84f796366e1fe887575685a19ea16ea96d2c29bc3d05ce440aa40365382affe5b96d57199b9c77ed23fb0606f5101886a5e7739113e8e0575f922ba234a00216882a54da866960c02da7b5b13a782c009686b64fff9b67241fe4fcb951f07bd809f47667124f88a3a05749c30d36bb1b77627ea50ef9c105dfcc71331c08fe125856ce1b5ce5779fa87c3f0dfa4f0d7fe56f2dd5a12a1a82acec56e531ecbca5833203c53b1bf4741538b8c3cce43ebe7db65e3ee0502123c0b902818100d84660baecc97714485814a7232ce90b37ea9b4120c9ba5e2ee2557f35a56b4c8a588e8078b85672bfbba3d504f270901d57df22b8235a4b2373f4b9161cc2f536121e93daf133e079b4d02b85719cff50921fd74692630aa809f24d8c6257876316be00a42fff6e723612dda3090d474894d646e269844930fd168a0026740502818100c2b25e6372c06b03a46a52453054ed2d7b2a644f754c5c0cb7d4d09f3cac187dd0ebef4dfaaca94b92827aceb9d3eaa0af005546644d7358b1ca54e83f707404a639383fc1c0cc752ffcd23b7c7b2386436ac0aedf7cb6ba418b7154b1af14cf4c675df1f8448953b50835dc334f3f9127906b4e3d27cce263733ee0d0dc865302818100c365423b5f76dd38dbeb882d40e070640c4ecf99d5cfabab2fdc98b5e777de2b36caaf646eaccc9dbb9001829187a01ef403d1bb02761e3bc87a18dda796b0a4ee070ccd347fbb08d1ac846eed8f29f2998e8b69e97e9430aa84e1ff22182f50483be1c99e8d26cf582c767afbb34fe5d9336f2c779e3140171c716298a42529028180724a107c62552fbca09c4515166d141959aea5d9baea8b32700b3e37eb7ebe95c4b96aeda4940c812f4ce6d8495f6be0cd39edd4f7763b9aba2b22b27ee2fd47e967b76c3dc9767be8228a2a9f450db2780ac7771ffbeeabe16400b00de9cfd66c6c554a8049832f9f1a65bb906719d2949e034f9738b0ddc831539cd71e4cbf0281807b9d01a2ef8a8228a41a58cceb0ad8eb449fa350ed2c07d012c452e947cac687a9a9f9a04c663356e661e8af30373d863d182d7038eebc901d3c78bc1e4dbf74c8fcba141ba56b0af66fa1c40e5defe7ed382ec008c98fb79f139e46cbc9570d110dc8930fd6f89fdcdda21fc790d4049ff24ffe82704d9234a56124905037d5'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, pool
-) VALUES (
- 'rw', 1, 4, 6, 'bigpool'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'rw', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
-/* Pools */
-
-INSERT INTO pools (
- name, start, end, timeout
-) VALUES (
- 'bigpool', X'0a030001', X'0a030006', 3600
-);
-
-INSERT INTO addresses (
- pool, address, identity, acquired, released
-) VALUES (
- 1, X'0a030001', 8, 1211299013 , 1211299205
-);
-
-INSERT INTO addresses (
- pool, address, identity, acquired, released
-) VALUES (
- 1, X'0a030002', 9, 1211299031, 1211299187
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030003'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030004'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030005'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030006'
-);
-
-INSERT INTO leases (
- address, identity, acquired, released
-) VALUES (
- 1, 8, 1211299013 , 1211299205
-);
-
-INSERT INTO leases (
- address, identity, acquired, released
-) VALUES (
- 2, 9, 1211299031, 1211299187
-);
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* alice@strongswan.org */
+ 3, X'616c696365407374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, pool
+) VALUES (
+ 'rw', 1, 4, 6, 'bigpool'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'rw', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+
+/* Pools */
+
+INSERT INTO pools (
+ name, start, end, timeout
+) VALUES (
+ 'bigpool', X'0a030001', X'0a030006', 3600
+);
+
+INSERT INTO addresses (
+ pool, address, identity, acquired, released
+) VALUES (
+ 1, X'0a030001', 8, 1211299013 , 1211299205
+);
+
+INSERT INTO addresses (
+ pool, address, identity, acquired, released
+) VALUES (
+ 1, X'0a030002', 9, 1211299031, 1211299187
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030003'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030004'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030005'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030006'
+);
+
+INSERT INTO leases (
+ address, identity, acquired, released
+) VALUES (
+ 1, 8, 1211299013 , 1211299205
+);
+
+INSERT INTO leases (
+ address, identity, acquired, released
+) VALUES (
+ 2, 9, 1211299031, 1211299187
+);
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 11, X'5c597062572d2a249c5c94569b895ee5c505b6bd'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=carol@strongswan.org */
- 1, 1, X'308204223082030aa003020102020130300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135303533365a170d3139303832363135303533365a305a310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e3111300f060355040b13085265736561726368311d301b060355040314146361726f6c407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001a38201063082010230090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e041604145c597062572d2a249c5c94569b895ee5c505b6bd306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301f0603551d110418301681146361726f6c407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010055a93c340d100113073090cb03917d72217e2538301a76f4aafcf3ff3377ba56864e5c1a61290bea80081a0a993ebc05e81cd3c89a0faf4557986c8792d04da5328e67290bbb302b3c4692fdecf3072fb365cd10624be0822916821e094980266d7f0735b1aa67adc85e32865ab7e1b28e7c8a54d4c987f42d1a6e502fd0d129ad76e41f604bd16d753d01921c48b19e13b0439e4eabf97478b16dcef1f8cc044cbe80c4dada3ea7c86edefc727b080773e92316184e50d5636170af61b4462f629c433f199140b09494892ca84ea42cc99873cce984fe62b8d09b41bfe960fa93ce6b8b42f30f3dd8a10ab27457f5dc57f94eafaf742da088cdc20f2abdc52e'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 1, X'308204a40201000282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001028201003f9bdaf82a0c071e61c7edb3dbc64ad63703d8283f6f7af64494a3130320bab5fd7e2b9344823252310c424a88f630265ebc0f7f1ebe77bc2a1c70de4f7e01f6f1ac950f9dd4b973afa79b06e81cec2d9fed3af207c03483e8c3108437c0244c6c36fc5d9443f4d86769f1f3b34e42459326fa6288c4a41e6c3ffe0879ea7fe25a02139cbe3c62e8959766c79c4987b83e248478582f074f4da0e945ee361731583c750aca01c0f56a0eb1a14f5b943a5caffcfafb557c8cf7d7ac9769e463287c694cf3ec8f3627d3339945bb706e89afb5a221710b84f946f7be26623e582ba560c5acc4ca0e943e13105986a3d6755458e3dd12a12a97055206ba2edf02d902818100da39de9827fd7560925b6643238109e12ea06df26cac90fa757dd8fa2072d5555c2a62f426167945590bafe581b2acbb52deb825ed99cb7cf47599e97929f5aec846ce2d7063b3b1ed80858039c6123ea5f823d0b8106d22abe212d838401ef9036722156b16e524db5e2384a5ae2d93a1bee91eaf83bc2d9f5b7caaa47113af02818100d7cb36691879640f5b4182035c61cdcec0d04f52ff42b6aad18d4015818fe245ef76947cca2dbb77e4845c0d98d7d432f39c57ab0d7b9e122d3d25be303e1ec9d0f1fdf1bf315219488de65a2fb68c654afebe4bf422959e95db0d88e782c14028ab0326eb76842ab93f3b04b9aaef2075a3e8b3619588d9dc9c98f4caea263f02818100d4e96320e6db665adb50ab7c53b681321f70ccf49a4cdf824d818461bda8ec35451fe1bdbd2f6e1057e98c2b0a988de891d8d4a7c4a2a9a3774b09e87d9b8fa580a77c5f5ee917984055856aee732eb7caec47dd4ac8540260dac87206a7a0d0691e85658a3f23400b7b548205b7e3a5c748615fdbf45673d8a7c501244162e7028181009fdd2cdee8c1ad4def15f5a255c322fbc33dcf3636628efeb725444f6a5f548ae8ded91c258f81ad4d3e7d0f99a672ce9848bf6dba1c553b340673ba94f4c04c549da1ba8120a1a89766803b59d38be8d2892c230aa6c05eeeb78c2c5b0e33ea3af68dec3c4ddd95e50ca1c55b62f5a9ff5cc15c7ab393e18a1cfcf78487b87302818051fe2f4ccdf6f253640c7c97434fec3e4f2d3149d699e662af1860605d90986f32b4052b670d4cf7e690419ad9a7a872c0f44ceb897c65038295ad6a19774da51a66e6c50a4dfc789542e2dc0015aa3a38311080c95b223a086bc3743c1b86b863f778a84cae36404d869654a7f95542bf9feedb98fefad2daf4d9ef197e929a'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_CAROL', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'home', 1, 4, 6, '0.0.0.0'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 11, X'CAROL_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=carol@strongswan.org */
+ 1, 1, X'CAROL_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 1, X'CAROL_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_CAROL', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'home', 1, 4, 6, '0.0.0.0'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 11, X'ec16639928815e01cc0227c0b9cb1feab7987037'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=dave@strongswan.org */
- 1, 1, X'308204223082030aa003020102020131300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135313230325a170d3139303832363135313230325a305b310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e31133011060355040b130a4163636f756e74696e67311c301a0603550403141364617665407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e56430203010001a38201053082010130090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414ec16639928815e01cc0227c0b9cb1feab7987037306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d1104173015811364617665407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010042a0be7f8ebc627b4aeaac2c0a500f53043041281319f71e707404233fd2fc6f6d10e120e9d6f023845afe031828c3bea9a8768b0eb77ba85284b01b653741b965739a548d3196869e7f52b5d779a44af62a6ef519362fda4dbddbb48e27ac27ed8f9f0400cf1396f6168cc3a22d83c084dfed7ce4d3694ce862e459f6feb77c762edd488cbcda23034bb139eaf245175b71079cbb89361010a39a436ef8490da0b36f18e0b8b048eaec6cb89f9db1793b8efeb23b788b7b0944b7f63f4eb6229025f2d5221d18cfea39963885d0eca8c64a581bf729a1589bd5165da8bd43b07116710c5807ef12486fed78bc62348671bcf1d47b3be2d3d1de92cc5dbc0ef7'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 1, X'308204a40201000282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e564302030100010282010100b628d1791f35281af55fd54c5257e0eeababfdf4f47bd5bb8b808244804ce09e281e4eca1a23d89a27cbc410cf10fbf32278c2308b7f67fe137513949d825c75ae1af7cf9d7005cb5f1573b0d10a24b3bee938fdd5d337aa9d6e5ed769641b1392dc715fddc08650c70c4471e9170d4dca1cbe4f96d5d503bbfe41715c6ef3a01e1b304b7f7d0f2ccd2192dfce9c3e5c5663c93a1284652fb0b50b68cfb093b6a20a4085bc37717b180255ecc5b8e10ffbc7dd68a8592775bc6a392da9b4cf36b391d3758a16f5c7b664727db3cfe2dce317f15bf26e9ba2592c785a22dcde728256b87af70a2f3ba2d30434e60c04f1f0e9ace4163d542017d72a48924ebb6102818100fef9ec239ad2bb059962fe1b9327fca60b47ff83c8238213e9976fc8443efb640faaa69447d1e65f477e7f004683858ab5d25b082d1582071eb294e10b69fe4009823f7a329a66b0e755f51a3ddbba2f367a7a5171903cce53fde7a666d33f64633f2541dd4d66b9645a6db2039c371e9fd2b84ef8b6ce3c2c733c1c2df1b0bd02818100d71910a4d9045e8c4ff85aa9bfb5fe2208a12ed123e0279e21d8dd623aca860a1094cbc4fceb104caf4d6bf2a302280365d7d603670ef76c748c98f435c7627e1286c79b16162b433723cc4dd7dc91d71d21003dc85dab8b2bcb43e8c8b66f5eb82703bc7faa577e08983b53f2f575acb6105ff5e005eb6cfa065b17495a12ff028180722a35313c015efc02d1f035288e9ef139dbe2ec7e90678dc2e9ab83600b53445a3f6e96b611a5b4c3ae3fef3fa36407d7a1786110ceb089bf94f6544d68080f64328d79896ed8cc1cc8c0161fdc6261016395a121d81361cef9c0df20eb35571d990875954132dd8fb16dac67316afcab530e734da98c6e24f8f3d12a412d810281810087313ad3d18ebc7a461d1ba6cb56f0b6a563e15013d3643330a4e46843f95c8be0e614b8e81a3a31689129c2e40f8be4aed31cb120ca385ad35a371c6edcb59bf5bafea40c1abcf04f2cd1d12f5673d7977851758384d437f1bb9d20275efadab6b5d6d4580d515666c27faf80ea241efc83883cbaa41dd76dc226e898f2e33302818079d917d98e48201e6a1fd3fef3c1af4c1dd79c74b783db0d54d41f3b6febb849e74487f300241e6430472d6a1dacb57fa32c93f897431e65f41fdf4d0cf8206eeaaf17ca0c3cdab5abf5f3229bc4b18fad56b3e823e46ed8d8ca373a1994675609d01aefe308285bdfcd86fec468e25d69112a5ba275031d8642620597ef2f2c'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_DAVE', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'home', 1, 4, 6, '0.0.0.0'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=dave@strongswan.org' */
+ 11, X'DAVE_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=dave@strongswan.org */
+ 1, 1, X'DAVE_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=dave@strongswan.org' */
+ 1, X'DAVE_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_DAVE', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'home', 1, 4, 6, '0.0.0.0'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'308204223082030aa00302010202012b300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343435365a170d3139303832363134343435365a3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f0203010001a382011a3082011630090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414d8263d21ec7cdbbe5a390c5b70cb038021deae13306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d110417301582136d6f6f6e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b05000382010100a99e3e8d73e3ee3cb3e2e04de0e61c8992be55672ed24a095cb35bb254fda67f08fa251f522dde7e24eb0bd5a0939b4cbda8b72a75b1c1c46f222cd2edc15294decd615781083b7b1a1dee175048f137d6c3b4b584a1eab98a99985fc449fdf5ca47cffcbeeac10113f6c6ed7ec2ac048729a9e230661742d5a2f4f5fa8f86847ebacc8267c77cd1f41b5f32469e2faf34e21af1db281ea297a86ee1af30343c1dc9cc07d394ed8f1f2b4a18d6450b97a85fdfa2b90293c0ebbebab1144a46f0522a599588a4904eae5ae1cf200960196ed753f8dfdf6bc84a0e566de6ad741208d3a837c64e3e74c4abc09deabb5dd7ca9986069c85a834b63d81af0d3b35fc'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f02030100010282010004035ea5faaf11950d0ead7d0dea6d252e29a56138c393e40e99489a50c9c63e09856c2cd90ca17b335fa9540e1947fcb7ad7267b4dce00a30cefb2469fdc18cc78fe45cac3b84f796366e1fe887575685a19ea16ea96d2c29bc3d05ce440aa40365382affe5b96d57199b9c77ed23fb0606f5101886a5e7739113e8e0575f922ba234a00216882a54da866960c02da7b5b13a782c009686b64fff9b67241fe4fcb951f07bd809f47667124f88a3a05749c30d36bb1b77627ea50ef9c105dfcc71331c08fe125856ce1b5ce5779fa87c3f0dfa4f0d7fe56f2dd5a12a1a82acec56e531ecbca5833203c53b1bf4741538b8c3cce43ebe7db65e3ee0502123c0b902818100d84660baecc97714485814a7232ce90b37ea9b4120c9ba5e2ee2557f35a56b4c8a588e8078b85672bfbba3d504f270901d57df22b8235a4b2373f4b9161cc2f536121e93daf133e079b4d02b85719cff50921fd74692630aa809f24d8c6257876316be00a42fff6e723612dda3090d474894d646e269844930fd168a0026740502818100c2b25e6372c06b03a46a52453054ed2d7b2a644f754c5c0cb7d4d09f3cac187dd0ebef4dfaaca94b92827aceb9d3eaa0af005546644d7358b1ca54e83f707404a639383fc1c0cc752ffcd23b7c7b2386436ac0aedf7cb6ba418b7154b1af14cf4c675df1f8448953b50835dc334f3f9127906b4e3d27cce263733ee0d0dc865302818100c365423b5f76dd38dbeb882d40e070640c4ecf99d5cfabab2fdc98b5e777de2b36caaf646eaccc9dbb9001829187a01ef403d1bb02761e3bc87a18dda796b0a4ee070ccd347fbb08d1ac846eed8f29f2998e8b69e97e9430aa84e1ff22182f50483be1c99e8d26cf582c767afbb34fe5d9336f2c779e3140171c716298a42529028180724a107c62552fbca09c4515166d141959aea5d9baea8b32700b3e37eb7ebe95c4b96aeda4940c812f4ce6d8495f6be0cd39edd4f7763b9aba2b22b27ee2fd47e967b76c3dc9767be8228a2a9f450db2780ac7771ffbeeabe16400b00de9cfd66c6c554a8049832f9f1a65bb906719d2949e034f9738b0ddc831539cd71e4cbf0281807b9d01a2ef8a8228a41a58cceb0ad8eb449fa350ed2c07d012c452e947cac687a9a9f9a04c663356e661e8af30373d863d182d7038eebc901d3c78bc1e4dbf74c8fcba141ba56b0af66fa1c40e5defe7ed382ec008c98fb79f139e46cbc9570d110dc8930fd6f89fdcdda21fc790d4049ff24ffe82704d9234a56124905037d5'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, pool
-) VALUES (
- 'rw', 1, 4, 6, 'bigpool'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'rw', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
-/* Pools */
-
-INSERT INTO pools (
- name, start, end, timeout
-) VALUES (
- 'bigpool', X'0a030001', X'0a030006', 0
-);
-
-INSERT INTO addresses (
- pool, address, identity, acquired, released
-) VALUES (
- 1, X'0a030001', 7, 1211299013 , 1211299205
-);
-
-INSERT INTO addresses (
- pool, address, identity, acquired, released
-) VALUES (
- 1, X'0a030002', 8, 1211299031, 1211299187
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030003'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030004'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030005'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030006'
-);
-
-INSERT INTO leases (
- address, identity, acquired, released
-) VALUES (
- 1, 7, 1211299013 , 1211299205
-);
-
-INSERT INTO leases (
- address, identity, acquired, released
-) VALUES (
- 2, 8, 1211299031, 1211299187
-);
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, pool
+) VALUES (
+ 'rw', 1, 4, 6, 'bigpool'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'rw', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+
+/* Pools */
+
+INSERT INTO pools (
+ name, start, end, timeout
+) VALUES (
+ 'bigpool', X'0a030001', X'0a030006', 0
+);
+
+INSERT INTO addresses (
+ pool, address, identity, acquired, released
+) VALUES (
+ 1, X'0a030001', 7, 1211299013 , 1211299205
+);
+
+INSERT INTO addresses (
+ pool, address, identity, acquired, released
+) VALUES (
+ 1, X'0a030002', 8, 1211299031, 1211299187
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030003'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030004'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030005'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030006'
+);
+
+INSERT INTO leases (
+ address, identity, acquired, released
+) VALUES (
+ 1, 7, 1211299013 , 1211299205
+);
+
+INSERT INTO leases (
+ address, identity, acquired, released
+) VALUES (
+ 2, 8, 1211299031, 1211299187
+);
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 11, X'5c597062572d2a249c5c94569b895ee5c505b6bd'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=carol@strongswan.org */
- 1, 1, X'308204223082030aa003020102020130300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135303533365a170d3139303832363135303533365a305a310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e3111300f060355040b13085265736561726368311d301b060355040314146361726f6c407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001a38201063082010230090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e041604145c597062572d2a249c5c94569b895ee5c505b6bd306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301f0603551d110418301681146361726f6c407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010055a93c340d100113073090cb03917d72217e2538301a76f4aafcf3ff3377ba56864e5c1a61290bea80081a0a993ebc05e81cd3c89a0faf4557986c8792d04da5328e67290bbb302b3c4692fdecf3072fb365cd10624be0822916821e094980266d7f0735b1aa67adc85e32865ab7e1b28e7c8a54d4c987f42d1a6e502fd0d129ad76e41f604bd16d753d01921c48b19e13b0439e4eabf97478b16dcef1f8cc044cbe80c4dada3ea7c86edefc727b080773e92316184e50d5636170af61b4462f629c433f199140b09494892ca84ea42cc99873cce984fe62b8d09b41bfe960fa93ce6b8b42f30f3dd8a10ab27457f5dc57f94eafaf742da088cdc20f2abdc52e'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 1, X'308204a40201000282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001028201003f9bdaf82a0c071e61c7edb3dbc64ad63703d8283f6f7af64494a3130320bab5fd7e2b9344823252310c424a88f630265ebc0f7f1ebe77bc2a1c70de4f7e01f6f1ac950f9dd4b973afa79b06e81cec2d9fed3af207c03483e8c3108437c0244c6c36fc5d9443f4d86769f1f3b34e42459326fa6288c4a41e6c3ffe0879ea7fe25a02139cbe3c62e8959766c79c4987b83e248478582f074f4da0e945ee361731583c750aca01c0f56a0eb1a14f5b943a5caffcfafb557c8cf7d7ac9769e463287c694cf3ec8f3627d3339945bb706e89afb5a221710b84f946f7be26623e582ba560c5acc4ca0e943e13105986a3d6755458e3dd12a12a97055206ba2edf02d902818100da39de9827fd7560925b6643238109e12ea06df26cac90fa757dd8fa2072d5555c2a62f426167945590bafe581b2acbb52deb825ed99cb7cf47599e97929f5aec846ce2d7063b3b1ed80858039c6123ea5f823d0b8106d22abe212d838401ef9036722156b16e524db5e2384a5ae2d93a1bee91eaf83bc2d9f5b7caaa47113af02818100d7cb36691879640f5b4182035c61cdcec0d04f52ff42b6aad18d4015818fe245ef76947cca2dbb77e4845c0d98d7d432f39c57ab0d7b9e122d3d25be303e1ec9d0f1fdf1bf315219488de65a2fb68c654afebe4bf422959e95db0d88e782c14028ab0326eb76842ab93f3b04b9aaef2075a3e8b3619588d9dc9c98f4caea263f02818100d4e96320e6db665adb50ab7c53b681321f70ccf49a4cdf824d818461bda8ec35451fe1bdbd2f6e1057e98c2b0a988de891d8d4a7c4a2a9a3774b09e87d9b8fa580a77c5f5ee917984055856aee732eb7caec47dd4ac8540260dac87206a7a0d0691e85658a3f23400b7b548205b7e3a5c748615fdbf45673d8a7c501244162e7028181009fdd2cdee8c1ad4def15f5a255c322fbc33dcf3636628efeb725444f6a5f548ae8ded91c258f81ad4d3e7d0f99a672ce9848bf6dba1c553b340673ba94f4c04c549da1ba8120a1a89766803b59d38be8d2892c230aa6c05eeeb78c2c5b0e33ea3af68dec3c4ddd95e50ca1c55b62f5a9ff5cc15c7ab393e18a1cfcf78487b87302818051fe2f4ccdf6f253640c7c97434fec3e4f2d3149d699e662af1860605d90986f32b4052b670d4cf7e690419ad9a7a872c0f44ceb897c65038295ad6a19774da51a66e6c50a4dfc789542e2dc0015aa3a38311080c95b223a086bc3743c1b86b863f778a84cae36404d869654a7f95542bf9feedb98fefad2daf4d9ef197e929a'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_CAROL', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'home', 1, 4, 6, '0.0.0.0'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 11, X'CAROL_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=carol@strongswan.org */
+ 1, 1, X'CAROL_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 1, X'CAROL_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_CAROL', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'home', 1, 4, 6, '0.0.0.0'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 11, X'ec16639928815e01cc0227c0b9cb1feab7987037'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=dave@strongswan.org */
- 1, 1, X'308204223082030aa003020102020131300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135313230325a170d3139303832363135313230325a305b310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e31133011060355040b130a4163636f756e74696e67311c301a0603550403141364617665407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e56430203010001a38201053082010130090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414ec16639928815e01cc0227c0b9cb1feab7987037306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d1104173015811364617665407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010042a0be7f8ebc627b4aeaac2c0a500f53043041281319f71e707404233fd2fc6f6d10e120e9d6f023845afe031828c3bea9a8768b0eb77ba85284b01b653741b965739a548d3196869e7f52b5d779a44af62a6ef519362fda4dbddbb48e27ac27ed8f9f0400cf1396f6168cc3a22d83c084dfed7ce4d3694ce862e459f6feb77c762edd488cbcda23034bb139eaf245175b71079cbb89361010a39a436ef8490da0b36f18e0b8b048eaec6cb89f9db1793b8efeb23b788b7b0944b7f63f4eb6229025f2d5221d18cfea39963885d0eca8c64a581bf729a1589bd5165da8bd43b07116710c5807ef12486fed78bc62348671bcf1d47b3be2d3d1de92cc5dbc0ef7'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 1, X'308204a40201000282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e564302030100010282010100b628d1791f35281af55fd54c5257e0eeababfdf4f47bd5bb8b808244804ce09e281e4eca1a23d89a27cbc410cf10fbf32278c2308b7f67fe137513949d825c75ae1af7cf9d7005cb5f1573b0d10a24b3bee938fdd5d337aa9d6e5ed769641b1392dc715fddc08650c70c4471e9170d4dca1cbe4f96d5d503bbfe41715c6ef3a01e1b304b7f7d0f2ccd2192dfce9c3e5c5663c93a1284652fb0b50b68cfb093b6a20a4085bc37717b180255ecc5b8e10ffbc7dd68a8592775bc6a392da9b4cf36b391d3758a16f5c7b664727db3cfe2dce317f15bf26e9ba2592c785a22dcde728256b87af70a2f3ba2d30434e60c04f1f0e9ace4163d542017d72a48924ebb6102818100fef9ec239ad2bb059962fe1b9327fca60b47ff83c8238213e9976fc8443efb640faaa69447d1e65f477e7f004683858ab5d25b082d1582071eb294e10b69fe4009823f7a329a66b0e755f51a3ddbba2f367a7a5171903cce53fde7a666d33f64633f2541dd4d66b9645a6db2039c371e9fd2b84ef8b6ce3c2c733c1c2df1b0bd02818100d71910a4d9045e8c4ff85aa9bfb5fe2208a12ed123e0279e21d8dd623aca860a1094cbc4fceb104caf4d6bf2a302280365d7d603670ef76c748c98f435c7627e1286c79b16162b433723cc4dd7dc91d71d21003dc85dab8b2bcb43e8c8b66f5eb82703bc7faa577e08983b53f2f575acb6105ff5e005eb6cfa065b17495a12ff028180722a35313c015efc02d1f035288e9ef139dbe2ec7e90678dc2e9ab83600b53445a3f6e96b611a5b4c3ae3fef3fa36407d7a1786110ceb089bf94f6544d68080f64328d79896ed8cc1cc8c0161fdc6261016395a121d81361cef9c0df20eb35571d990875954132dd8fb16dac67316afcab530e734da98c6e24f8f3d12a412d810281810087313ad3d18ebc7a461d1ba6cb56f0b6a563e15013d3643330a4e46843f95c8be0e614b8e81a3a31689129c2e40f8be4aed31cb120ca385ad35a371c6edcb59bf5bafea40c1abcf04f2cd1d12f5673d7977851758384d437f1bb9d20275efadab6b5d6d4580d515666c27faf80ea241efc83883cbaa41dd76dc226e898f2e33302818079d917d98e48201e6a1fd3fef3c1af4c1dd79c74b783db0d54d41f3b6febb849e74487f300241e6430472d6a1dacb57fa32c93f897431e65f41fdf4d0cf8206eeaaf17ca0c3cdab5abf5f3229bc4b18fad56b3e823e46ed8d8ca373a1994675609d01aefe308285bdfcd86fec468e25d69112a5ba275031d8642620597ef2f2c'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_DAVE', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'home', 1, 4, 6, '0.0.0.0'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=dave@strongswan.org' */
+ 11, X'DAVE_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=dave@strongswan.org */
+ 1, 1, X'DAVE_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=dave@strongswan.org' */
+ 1, X'DAVE_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_DAVE', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'home', 1, 4, 6, '0.0.0.0'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'308204223082030aa00302010202012b300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343435365a170d3139303832363134343435365a3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f0203010001a382011a3082011630090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414d8263d21ec7cdbbe5a390c5b70cb038021deae13306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d110417301582136d6f6f6e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b05000382010100a99e3e8d73e3ee3cb3e2e04de0e61c8992be55672ed24a095cb35bb254fda67f08fa251f522dde7e24eb0bd5a0939b4cbda8b72a75b1c1c46f222cd2edc15294decd615781083b7b1a1dee175048f137d6c3b4b584a1eab98a99985fc449fdf5ca47cffcbeeac10113f6c6ed7ec2ac048729a9e230661742d5a2f4f5fa8f86847ebacc8267c77cd1f41b5f32469e2faf34e21af1db281ea297a86ee1af30343c1dc9cc07d394ed8f1f2b4a18d6450b97a85fdfa2b90293c0ebbebab1144a46f0522a599588a4904eae5ae1cf200960196ed753f8dfdf6bc84a0e566de6ad741208d3a837c64e3e74c4abc09deabb5dd7ca9986069c85a834b63d81af0d3b35fc'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f02030100010282010004035ea5faaf11950d0ead7d0dea6d252e29a56138c393e40e99489a50c9c63e09856c2cd90ca17b335fa9540e1947fcb7ad7267b4dce00a30cefb2469fdc18cc78fe45cac3b84f796366e1fe887575685a19ea16ea96d2c29bc3d05ce440aa40365382affe5b96d57199b9c77ed23fb0606f5101886a5e7739113e8e0575f922ba234a00216882a54da866960c02da7b5b13a782c009686b64fff9b67241fe4fcb951f07bd809f47667124f88a3a05749c30d36bb1b77627ea50ef9c105dfcc71331c08fe125856ce1b5ce5779fa87c3f0dfa4f0d7fe56f2dd5a12a1a82acec56e531ecbca5833203c53b1bf4741538b8c3cce43ebe7db65e3ee0502123c0b902818100d84660baecc97714485814a7232ce90b37ea9b4120c9ba5e2ee2557f35a56b4c8a588e8078b85672bfbba3d504f270901d57df22b8235a4b2373f4b9161cc2f536121e93daf133e079b4d02b85719cff50921fd74692630aa809f24d8c6257876316be00a42fff6e723612dda3090d474894d646e269844930fd168a0026740502818100c2b25e6372c06b03a46a52453054ed2d7b2a644f754c5c0cb7d4d09f3cac187dd0ebef4dfaaca94b92827aceb9d3eaa0af005546644d7358b1ca54e83f707404a639383fc1c0cc752ffcd23b7c7b2386436ac0aedf7cb6ba418b7154b1af14cf4c675df1f8448953b50835dc334f3f9127906b4e3d27cce263733ee0d0dc865302818100c365423b5f76dd38dbeb882d40e070640c4ecf99d5cfabab2fdc98b5e777de2b36caaf646eaccc9dbb9001829187a01ef403d1bb02761e3bc87a18dda796b0a4ee070ccd347fbb08d1ac846eed8f29f2998e8b69e97e9430aa84e1ff22182f50483be1c99e8d26cf582c767afbb34fe5d9336f2c779e3140171c716298a42529028180724a107c62552fbca09c4515166d141959aea5d9baea8b32700b3e37eb7ebe95c4b96aeda4940c812f4ce6d8495f6be0cd39edd4f7763b9aba2b22b27ee2fd47e967b76c3dc9767be8228a2a9f450db2780ac7771ffbeeabe16400b00de9cfd66c6c554a8049832f9f1a65bb906719d2949e034f9738b0ddc831539cd71e4cbf0281807b9d01a2ef8a8228a41a58cceb0ad8eb449fa350ed2c07d012c452e947cac687a9a9f9a04c663356e661e8af30373d863d182d7038eebc901d3c78bc1e4dbf74c8fcba141ba56b0af66fa1c40e5defe7ed382ec008c98fb79f139e46cbc9570d110dc8930fd6f89fdcdda21fc790d4049ff24ffe82704d9234a56124905037d5'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, pool
-) VALUES (
- 'rw', 1, 4, 6, 'bigpool'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'rw', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
-/* Pools */
-
-INSERT INTO pools (
- name, start, end, timeout
-) VALUES (
- 'bigpool', X'0a030001', X'0a030006', 0
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030001'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030002'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030003'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030004'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030005'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030006'
-);
-
-INSERT INTO attributes (
- type, value
-) VALUES (
- 3, X'c0a80096'
-);
-
-INSERT INTO attributes (
- type, value
-) VALUES (
- 3, X'0a010014'
-);
-
-INSERT INTO attributes (
- type, value
-) VALUES (
- 4, X'0a010014'
-);
-
-INSERT INTO attributes (
- type, value
-) VALUES (
- 7, X'7374726f6e675377616e20342e332e36'
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, pool
+) VALUES (
+ 'rw', 1, 4, 6, 'bigpool'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'rw', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+
+/* Pools */
+
+INSERT INTO pools (
+ name, start, end, timeout
+) VALUES (
+ 'bigpool', X'0a030001', X'0a030006', 0
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030001'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030002'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030003'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030004'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030005'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030006'
+);
+
+INSERT INTO attributes (
+ type, value
+) VALUES (
+ 3, X'c0a80096'
+);
+
+INSERT INTO attributes (
+ type, value
+) VALUES (
+ 3, X'0a010014'
+);
+
+INSERT INTO attributes (
+ type, value
+) VALUES (
+ 4, X'0a010014'
+);
+
+INSERT INTO attributes (
+ type, value
+) VALUES (
+ 7, X'7374726f6e675377616e20342e332e36'
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 11, X'5c597062572d2a249c5c94569b895ee5c505b6bd'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=carol@strongswan.org */
- 1, 1, X'308204223082030aa003020102020130300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135303533365a170d3139303832363135303533365a305a310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e3111300f060355040b13085265736561726368311d301b060355040314146361726f6c407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001a38201063082010230090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e041604145c597062572d2a249c5c94569b895ee5c505b6bd306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301f0603551d110418301681146361726f6c407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010055a93c340d100113073090cb03917d72217e2538301a76f4aafcf3ff3377ba56864e5c1a61290bea80081a0a993ebc05e81cd3c89a0faf4557986c8792d04da5328e67290bbb302b3c4692fdecf3072fb365cd10624be0822916821e094980266d7f0735b1aa67adc85e32865ab7e1b28e7c8a54d4c987f42d1a6e502fd0d129ad76e41f604bd16d753d01921c48b19e13b0439e4eabf97478b16dcef1f8cc044cbe80c4dada3ea7c86edefc727b080773e92316184e50d5636170af61b4462f629c433f199140b09494892ca84ea42cc99873cce984fe62b8d09b41bfe960fa93ce6b8b42f30f3dd8a10ab27457f5dc57f94eafaf742da088cdc20f2abdc52e'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 1, X'308204a40201000282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001028201003f9bdaf82a0c071e61c7edb3dbc64ad63703d8283f6f7af64494a3130320bab5fd7e2b9344823252310c424a88f630265ebc0f7f1ebe77bc2a1c70de4f7e01f6f1ac950f9dd4b973afa79b06e81cec2d9fed3af207c03483e8c3108437c0244c6c36fc5d9443f4d86769f1f3b34e42459326fa6288c4a41e6c3ffe0879ea7fe25a02139cbe3c62e8959766c79c4987b83e248478582f074f4da0e945ee361731583c750aca01c0f56a0eb1a14f5b943a5caffcfafb557c8cf7d7ac9769e463287c694cf3ec8f3627d3339945bb706e89afb5a221710b84f946f7be26623e582ba560c5acc4ca0e943e13105986a3d6755458e3dd12a12a97055206ba2edf02d902818100da39de9827fd7560925b6643238109e12ea06df26cac90fa757dd8fa2072d5555c2a62f426167945590bafe581b2acbb52deb825ed99cb7cf47599e97929f5aec846ce2d7063b3b1ed80858039c6123ea5f823d0b8106d22abe212d838401ef9036722156b16e524db5e2384a5ae2d93a1bee91eaf83bc2d9f5b7caaa47113af02818100d7cb36691879640f5b4182035c61cdcec0d04f52ff42b6aad18d4015818fe245ef76947cca2dbb77e4845c0d98d7d432f39c57ab0d7b9e122d3d25be303e1ec9d0f1fdf1bf315219488de65a2fb68c654afebe4bf422959e95db0d88e782c14028ab0326eb76842ab93f3b04b9aaef2075a3e8b3619588d9dc9c98f4caea263f02818100d4e96320e6db665adb50ab7c53b681321f70ccf49a4cdf824d818461bda8ec35451fe1bdbd2f6e1057e98c2b0a988de891d8d4a7c4a2a9a3774b09e87d9b8fa580a77c5f5ee917984055856aee732eb7caec47dd4ac8540260dac87206a7a0d0691e85658a3f23400b7b548205b7e3a5c748615fdbf45673d8a7c501244162e7028181009fdd2cdee8c1ad4def15f5a255c322fbc33dcf3636628efeb725444f6a5f548ae8ded91c258f81ad4d3e7d0f99a672ce9848bf6dba1c553b340673ba94f4c04c549da1ba8120a1a89766803b59d38be8d2892c230aa6c05eeeb78c2c5b0e33ea3af68dec3c4ddd95e50ca1c55b62f5a9ff5cc15c7ab393e18a1cfcf78487b87302818051fe2f4ccdf6f253640c7c97434fec3e4f2d3149d699e662af1860605d90986f32b4052b670d4cf7e690419ad9a7a872c0f44ceb897c65038295ad6a19774da51a66e6c50a4dfc789542e2dc0015aa3a38311080c95b223a086bc3743c1b86b863f778a84cae36404d869654a7f95542bf9feedb98fefad2daf4d9ef197e929a'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_CAROL', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'home', 1, 4, 6, '0.0.0.0'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 11, X'CAROL_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=carol@strongswan.org */
+ 1, 1, X'CAROL_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 1, X'CAROL_KEY_HEX');
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_CAROL', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'home', 1, 4, 6, '0.0.0.0'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 11, X'ec16639928815e01cc0227c0b9cb1feab7987037'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=dave@strongswan.org */
- 1, 1, X'308204223082030aa003020102020131300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135313230325a170d3139303832363135313230325a305b310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e31133011060355040b130a4163636f756e74696e67311c301a0603550403141364617665407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e56430203010001a38201053082010130090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414ec16639928815e01cc0227c0b9cb1feab7987037306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d1104173015811364617665407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010042a0be7f8ebc627b4aeaac2c0a500f53043041281319f71e707404233fd2fc6f6d10e120e9d6f023845afe031828c3bea9a8768b0eb77ba85284b01b653741b965739a548d3196869e7f52b5d779a44af62a6ef519362fda4dbddbb48e27ac27ed8f9f0400cf1396f6168cc3a22d83c084dfed7ce4d3694ce862e459f6feb77c762edd488cbcda23034bb139eaf245175b71079cbb89361010a39a436ef8490da0b36f18e0b8b048eaec6cb89f9db1793b8efeb23b788b7b0944b7f63f4eb6229025f2d5221d18cfea39963885d0eca8c64a581bf729a1589bd5165da8bd43b07116710c5807ef12486fed78bc62348671bcf1d47b3be2d3d1de92cc5dbc0ef7'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 1, X'308204a40201000282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e564302030100010282010100b628d1791f35281af55fd54c5257e0eeababfdf4f47bd5bb8b808244804ce09e281e4eca1a23d89a27cbc410cf10fbf32278c2308b7f67fe137513949d825c75ae1af7cf9d7005cb5f1573b0d10a24b3bee938fdd5d337aa9d6e5ed769641b1392dc715fddc08650c70c4471e9170d4dca1cbe4f96d5d503bbfe41715c6ef3a01e1b304b7f7d0f2ccd2192dfce9c3e5c5663c93a1284652fb0b50b68cfb093b6a20a4085bc37717b180255ecc5b8e10ffbc7dd68a8592775bc6a392da9b4cf36b391d3758a16f5c7b664727db3cfe2dce317f15bf26e9ba2592c785a22dcde728256b87af70a2f3ba2d30434e60c04f1f0e9ace4163d542017d72a48924ebb6102818100fef9ec239ad2bb059962fe1b9327fca60b47ff83c8238213e9976fc8443efb640faaa69447d1e65f477e7f004683858ab5d25b082d1582071eb294e10b69fe4009823f7a329a66b0e755f51a3ddbba2f367a7a5171903cce53fde7a666d33f64633f2541dd4d66b9645a6db2039c371e9fd2b84ef8b6ce3c2c733c1c2df1b0bd02818100d71910a4d9045e8c4ff85aa9bfb5fe2208a12ed123e0279e21d8dd623aca860a1094cbc4fceb104caf4d6bf2a302280365d7d603670ef76c748c98f435c7627e1286c79b16162b433723cc4dd7dc91d71d21003dc85dab8b2bcb43e8c8b66f5eb82703bc7faa577e08983b53f2f575acb6105ff5e005eb6cfa065b17495a12ff028180722a35313c015efc02d1f035288e9ef139dbe2ec7e90678dc2e9ab83600b53445a3f6e96b611a5b4c3ae3fef3fa36407d7a1786110ceb089bf94f6544d68080f64328d79896ed8cc1cc8c0161fdc6261016395a121d81361cef9c0df20eb35571d990875954132dd8fb16dac67316afcab530e734da98c6e24f8f3d12a412d810281810087313ad3d18ebc7a461d1ba6cb56f0b6a563e15013d3643330a4e46843f95c8be0e614b8e81a3a31689129c2e40f8be4aed31cb120ca385ad35a371c6edcb59bf5bafea40c1abcf04f2cd1d12f5673d7977851758384d437f1bb9d20275efadab6b5d6d4580d515666c27faf80ea241efc83883cbaa41dd76dc226e898f2e33302818079d917d98e48201e6a1fd3fef3c1af4c1dd79c74b783db0d54d41f3b6febb849e74487f300241e6430472d6a1dacb57fa32c93f897431e65f41fdf4d0cf8206eeaaf17ca0c3cdab5abf5f3229bc4b18fad56b3e823e46ed8d8ca373a1994675609d01aefe308285bdfcd86fec468e25d69112a5ba275031d8642620597ef2f2c'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_DAVE', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'home', 1, 4, 6, '0.0.0.0'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=dave@strongswan.org' */
+ 11, X'DAVE_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=dave@strongswan.org */
+ 1, 1, X'DAVE_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=dave@strongswan.org' */
+ 1, X'DAVE_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_DAVE', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'home', 1, 4, 6, '0.0.0.0'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'308204223082030aa00302010202012b300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343435365a170d3139303832363134343435365a3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f0203010001a382011a3082011630090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414d8263d21ec7cdbbe5a390c5b70cb038021deae13306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d110417301582136d6f6f6e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b05000382010100a99e3e8d73e3ee3cb3e2e04de0e61c8992be55672ed24a095cb35bb254fda67f08fa251f522dde7e24eb0bd5a0939b4cbda8b72a75b1c1c46f222cd2edc15294decd615781083b7b1a1dee175048f137d6c3b4b584a1eab98a99985fc449fdf5ca47cffcbeeac10113f6c6ed7ec2ac048729a9e230661742d5a2f4f5fa8f86847ebacc8267c77cd1f41b5f32469e2faf34e21af1db281ea297a86ee1af30343c1dc9cc07d394ed8f1f2b4a18d6450b97a85fdfa2b90293c0ebbebab1144a46f0522a599588a4904eae5ae1cf200960196ed753f8dfdf6bc84a0e566de6ad741208d3a837c64e3e74c4abc09deabb5dd7ca9986069c85a834b63d81af0d3b35fc'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f02030100010282010004035ea5faaf11950d0ead7d0dea6d252e29a56138c393e40e99489a50c9c63e09856c2cd90ca17b335fa9540e1947fcb7ad7267b4dce00a30cefb2469fdc18cc78fe45cac3b84f796366e1fe887575685a19ea16ea96d2c29bc3d05ce440aa40365382affe5b96d57199b9c77ed23fb0606f5101886a5e7739113e8e0575f922ba234a00216882a54da866960c02da7b5b13a782c009686b64fff9b67241fe4fcb951f07bd809f47667124f88a3a05749c30d36bb1b77627ea50ef9c105dfcc71331c08fe125856ce1b5ce5779fa87c3f0dfa4f0d7fe56f2dd5a12a1a82acec56e531ecbca5833203c53b1bf4741538b8c3cce43ebe7db65e3ee0502123c0b902818100d84660baecc97714485814a7232ce90b37ea9b4120c9ba5e2ee2557f35a56b4c8a588e8078b85672bfbba3d504f270901d57df22b8235a4b2373f4b9161cc2f536121e93daf133e079b4d02b85719cff50921fd74692630aa809f24d8c6257876316be00a42fff6e723612dda3090d474894d646e269844930fd168a0026740502818100c2b25e6372c06b03a46a52453054ed2d7b2a644f754c5c0cb7d4d09f3cac187dd0ebef4dfaaca94b92827aceb9d3eaa0af005546644d7358b1ca54e83f707404a639383fc1c0cc752ffcd23b7c7b2386436ac0aedf7cb6ba418b7154b1af14cf4c675df1f8448953b50835dc334f3f9127906b4e3d27cce263733ee0d0dc865302818100c365423b5f76dd38dbeb882d40e070640c4ecf99d5cfabab2fdc98b5e777de2b36caaf646eaccc9dbb9001829187a01ef403d1bb02761e3bc87a18dda796b0a4ee070ccd347fbb08d1ac846eed8f29f2998e8b69e97e9430aa84e1ff22182f50483be1c99e8d26cf582c767afbb34fe5d9336f2c779e3140171c716298a42529028180724a107c62552fbca09c4515166d141959aea5d9baea8b32700b3e37eb7ebe95c4b96aeda4940c812f4ce6d8495f6be0cd39edd4f7763b9aba2b22b27ee2fd47e967b76c3dc9767be8228a2a9f450db2780ac7771ffbeeabe16400b00de9cfd66c6c554a8049832f9f1a65bb906719d2949e034f9738b0ddc831539cd71e4cbf0281807b9d01a2ef8a8228a41a58cceb0ad8eb449fa350ed2c07d012c452e947cac687a9a9f9a04c663356e661e8af30373d863d182d7038eebc901d3c78bc1e4dbf74c8fcba141ba56b0af66fa1c40e5defe7ed382ec008c98fb79f139e46cbc9570d110dc8930fd6f89fdcdda21fc790d4049ff24ffe82704d9234a56124905037d5'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, pool
-) VALUES (
- 'rw', 1, 4, 6, 'pool0,pool1'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'rw', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
-/* Pools */
-
-INSERT INTO pools (
- name, start, end, timeout
-) VALUES (
- 'pool0', X'0a030001', X'0a030002', 0
-);
-
-INSERT INTO pools (
- name, start, end, timeout
-) VALUES (
- 'pool1', X'0a030101', X'0a030102', 0
-);
-
-INSERT INTO addresses (
- pool, address, identity, acquired, released
-) VALUES (
- 1, X'0a030001', 7, 1247817255, 1247817277
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030002'
-);
-
-INSERT INTO addresses (
- pool, address, identity, acquired, released
-) VALUES (
- 2, X'0a030101', 8, 1247817257, 1247817278
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 2, X'0a030102'
-);
-
-INSERT INTO leases (
- address, identity, acquired, released
-) VALUES (
- 1, 7, 1247817255, 1247817277
-);
-
-INSERT INTO leases (
- address, identity, acquired, released
-) VALUES (
- 3, 8, 1247817257, 1247817278
-);
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, pool
+) VALUES (
+ 'rw', 1, 4, 6, 'pool0,pool1'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'rw', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+
+/* Pools */
+
+INSERT INTO pools (
+ name, start, end, timeout
+) VALUES (
+ 'pool0', X'0a030001', X'0a030002', 0
+);
+
+INSERT INTO pools (
+ name, start, end, timeout
+) VALUES (
+ 'pool1', X'0a030101', X'0a030102', 0
+);
+
+INSERT INTO addresses (
+ pool, address, identity, acquired, released
+) VALUES (
+ 1, X'0a030001', 7, 1247817255, 1247817277
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030002'
+);
+
+INSERT INTO addresses (
+ pool, address, identity, acquired, released
+) VALUES (
+ 2, X'0a030101', 8, 1247817257, 1247817278
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 2, X'0a030102'
+);
+
+INSERT INTO leases (
+ address, identity, acquired, released
+) VALUES (
+ 1, 7, 1247817255, 1247817277
+);
+
+INSERT INTO leases (
+ address, identity, acquired, released
+) VALUES (
+ 3, 8, 1247817257, 1247817278
+);
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 11, X'5c597062572d2a249c5c94569b895ee5c505b6bd'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=carol@strongswan.org */
- 1, 1, X'308204223082030aa003020102020130300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135303533365a170d3139303832363135303533365a305a310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e3111300f060355040b13085265736561726368311d301b060355040314146361726f6c407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001a38201063082010230090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e041604145c597062572d2a249c5c94569b895ee5c505b6bd306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301f0603551d110418301681146361726f6c407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010055a93c340d100113073090cb03917d72217e2538301a76f4aafcf3ff3377ba56864e5c1a61290bea80081a0a993ebc05e81cd3c89a0faf4557986c8792d04da5328e67290bbb302b3c4692fdecf3072fb365cd10624be0822916821e094980266d7f0735b1aa67adc85e32865ab7e1b28e7c8a54d4c987f42d1a6e502fd0d129ad76e41f604bd16d753d01921c48b19e13b0439e4eabf97478b16dcef1f8cc044cbe80c4dada3ea7c86edefc727b080773e92316184e50d5636170af61b4462f629c433f199140b09494892ca84ea42cc99873cce984fe62b8d09b41bfe960fa93ce6b8b42f30f3dd8a10ab27457f5dc57f94eafaf742da088cdc20f2abdc52e'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 1, X'308204a40201000282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001028201003f9bdaf82a0c071e61c7edb3dbc64ad63703d8283f6f7af64494a3130320bab5fd7e2b9344823252310c424a88f630265ebc0f7f1ebe77bc2a1c70de4f7e01f6f1ac950f9dd4b973afa79b06e81cec2d9fed3af207c03483e8c3108437c0244c6c36fc5d9443f4d86769f1f3b34e42459326fa6288c4a41e6c3ffe0879ea7fe25a02139cbe3c62e8959766c79c4987b83e248478582f074f4da0e945ee361731583c750aca01c0f56a0eb1a14f5b943a5caffcfafb557c8cf7d7ac9769e463287c694cf3ec8f3627d3339945bb706e89afb5a221710b84f946f7be26623e582ba560c5acc4ca0e943e13105986a3d6755458e3dd12a12a97055206ba2edf02d902818100da39de9827fd7560925b6643238109e12ea06df26cac90fa757dd8fa2072d5555c2a62f426167945590bafe581b2acbb52deb825ed99cb7cf47599e97929f5aec846ce2d7063b3b1ed80858039c6123ea5f823d0b8106d22abe212d838401ef9036722156b16e524db5e2384a5ae2d93a1bee91eaf83bc2d9f5b7caaa47113af02818100d7cb36691879640f5b4182035c61cdcec0d04f52ff42b6aad18d4015818fe245ef76947cca2dbb77e4845c0d98d7d432f39c57ab0d7b9e122d3d25be303e1ec9d0f1fdf1bf315219488de65a2fb68c654afebe4bf422959e95db0d88e782c14028ab0326eb76842ab93f3b04b9aaef2075a3e8b3619588d9dc9c98f4caea263f02818100d4e96320e6db665adb50ab7c53b681321f70ccf49a4cdf824d818461bda8ec35451fe1bdbd2f6e1057e98c2b0a988de891d8d4a7c4a2a9a3774b09e87d9b8fa580a77c5f5ee917984055856aee732eb7caec47dd4ac8540260dac87206a7a0d0691e85658a3f23400b7b548205b7e3a5c748615fdbf45673d8a7c501244162e7028181009fdd2cdee8c1ad4def15f5a255c322fbc33dcf3636628efeb725444f6a5f548ae8ded91c258f81ad4d3e7d0f99a672ce9848bf6dba1c553b340673ba94f4c04c549da1ba8120a1a89766803b59d38be8d2892c230aa6c05eeeb78c2c5b0e33ea3af68dec3c4ddd95e50ca1c55b62f5a9ff5cc15c7ab393e18a1cfcf78487b87302818051fe2f4ccdf6f253640c7c97434fec3e4f2d3149d699e662af1860605d90986f32b4052b670d4cf7e690419ad9a7a872c0f44ceb897c65038295ad6a19774da51a66e6c50a4dfc789542e2dc0015aa3a38311080c95b223a086bc3743c1b86b863f778a84cae36404d869654a7f95542bf9feedb98fefad2daf4d9ef197e929a'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_CAROL', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'home', 1, 4, 6, '0.0.0.0'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 11, X'CAROL_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=carol@strongswan.org */
+ 1, 1, X'CAROL_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 1, X'CAROL_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_CAROL', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'home', 1, 4, 6, '0.0.0.0'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 11, X'ec16639928815e01cc0227c0b9cb1feab7987037'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=dave@strongswan.org */
- 1, 1, X'308204223082030aa003020102020131300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135313230325a170d3139303832363135313230325a305b310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e31133011060355040b130a4163636f756e74696e67311c301a0603550403141364617665407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e56430203010001a38201053082010130090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414ec16639928815e01cc0227c0b9cb1feab7987037306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d1104173015811364617665407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010042a0be7f8ebc627b4aeaac2c0a500f53043041281319f71e707404233fd2fc6f6d10e120e9d6f023845afe031828c3bea9a8768b0eb77ba85284b01b653741b965739a548d3196869e7f52b5d779a44af62a6ef519362fda4dbddbb48e27ac27ed8f9f0400cf1396f6168cc3a22d83c084dfed7ce4d3694ce862e459f6feb77c762edd488cbcda23034bb139eaf245175b71079cbb89361010a39a436ef8490da0b36f18e0b8b048eaec6cb89f9db1793b8efeb23b788b7b0944b7f63f4eb6229025f2d5221d18cfea39963885d0eca8c64a581bf729a1589bd5165da8bd43b07116710c5807ef12486fed78bc62348671bcf1d47b3be2d3d1de92cc5dbc0ef7'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 1, X'308204a40201000282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e564302030100010282010100b628d1791f35281af55fd54c5257e0eeababfdf4f47bd5bb8b808244804ce09e281e4eca1a23d89a27cbc410cf10fbf32278c2308b7f67fe137513949d825c75ae1af7cf9d7005cb5f1573b0d10a24b3bee938fdd5d337aa9d6e5ed769641b1392dc715fddc08650c70c4471e9170d4dca1cbe4f96d5d503bbfe41715c6ef3a01e1b304b7f7d0f2ccd2192dfce9c3e5c5663c93a1284652fb0b50b68cfb093b6a20a4085bc37717b180255ecc5b8e10ffbc7dd68a8592775bc6a392da9b4cf36b391d3758a16f5c7b664727db3cfe2dce317f15bf26e9ba2592c785a22dcde728256b87af70a2f3ba2d30434e60c04f1f0e9ace4163d542017d72a48924ebb6102818100fef9ec239ad2bb059962fe1b9327fca60b47ff83c8238213e9976fc8443efb640faaa69447d1e65f477e7f004683858ab5d25b082d1582071eb294e10b69fe4009823f7a329a66b0e755f51a3ddbba2f367a7a5171903cce53fde7a666d33f64633f2541dd4d66b9645a6db2039c371e9fd2b84ef8b6ce3c2c733c1c2df1b0bd02818100d71910a4d9045e8c4ff85aa9bfb5fe2208a12ed123e0279e21d8dd623aca860a1094cbc4fceb104caf4d6bf2a302280365d7d603670ef76c748c98f435c7627e1286c79b16162b433723cc4dd7dc91d71d21003dc85dab8b2bcb43e8c8b66f5eb82703bc7faa577e08983b53f2f575acb6105ff5e005eb6cfa065b17495a12ff028180722a35313c015efc02d1f035288e9ef139dbe2ec7e90678dc2e9ab83600b53445a3f6e96b611a5b4c3ae3fef3fa36407d7a1786110ceb089bf94f6544d68080f64328d79896ed8cc1cc8c0161fdc6261016395a121d81361cef9c0df20eb35571d990875954132dd8fb16dac67316afcab530e734da98c6e24f8f3d12a412d810281810087313ad3d18ebc7a461d1ba6cb56f0b6a563e15013d3643330a4e46843f95c8be0e614b8e81a3a31689129c2e40f8be4aed31cb120ca385ad35a371c6edcb59bf5bafea40c1abcf04f2cd1d12f5673d7977851758384d437f1bb9d20275efadab6b5d6d4580d515666c27faf80ea241efc83883cbaa41dd76dc226e898f2e33302818079d917d98e48201e6a1fd3fef3c1af4c1dd79c74b783db0d54d41f3b6febb849e74487f300241e6430472d6a1dacb57fa32c93f897431e65f41fdf4d0cf8206eeaaf17ca0c3cdab5abf5f3229bc4b18fad56b3e823e46ed8d8ca373a1994675609d01aefe308285bdfcd86fec468e25d69112a5ba275031d8642620597ef2f2c'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_DAVE', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'home', 1, 4, 6, '0.0.0.0'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=dave@strongswan.org' */
+ 11, X'DAVE_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=dave@strongswan.org */
+ 1, 1, X'DAVE_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=dave@strongswan.org' */
+ 1, X'DAVE_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_DAVE', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'home', 1, 4, 6, '0.0.0.0'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'308204223082030aa00302010202012b300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343435365a170d3139303832363134343435365a3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f0203010001a382011a3082011630090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414d8263d21ec7cdbbe5a390c5b70cb038021deae13306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d110417301582136d6f6f6e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b05000382010100a99e3e8d73e3ee3cb3e2e04de0e61c8992be55672ed24a095cb35bb254fda67f08fa251f522dde7e24eb0bd5a0939b4cbda8b72a75b1c1c46f222cd2edc15294decd615781083b7b1a1dee175048f137d6c3b4b584a1eab98a99985fc449fdf5ca47cffcbeeac10113f6c6ed7ec2ac048729a9e230661742d5a2f4f5fa8f86847ebacc8267c77cd1f41b5f32469e2faf34e21af1db281ea297a86ee1af30343c1dc9cc07d394ed8f1f2b4a18d6450b97a85fdfa2b90293c0ebbebab1144a46f0522a599588a4904eae5ae1cf200960196ed753f8dfdf6bc84a0e566de6ad741208d3a837c64e3e74c4abc09deabb5dd7ca9986069c85a834b63d81af0d3b35fc'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f02030100010282010004035ea5faaf11950d0ead7d0dea6d252e29a56138c393e40e99489a50c9c63e09856c2cd90ca17b335fa9540e1947fcb7ad7267b4dce00a30cefb2469fdc18cc78fe45cac3b84f796366e1fe887575685a19ea16ea96d2c29bc3d05ce440aa40365382affe5b96d57199b9c77ed23fb0606f5101886a5e7739113e8e0575f922ba234a00216882a54da866960c02da7b5b13a782c009686b64fff9b67241fe4fcb951f07bd809f47667124f88a3a05749c30d36bb1b77627ea50ef9c105dfcc71331c08fe125856ce1b5ce5779fa87c3f0dfa4f0d7fe56f2dd5a12a1a82acec56e531ecbca5833203c53b1bf4741538b8c3cce43ebe7db65e3ee0502123c0b902818100d84660baecc97714485814a7232ce90b37ea9b4120c9ba5e2ee2557f35a56b4c8a588e8078b85672bfbba3d504f270901d57df22b8235a4b2373f4b9161cc2f536121e93daf133e079b4d02b85719cff50921fd74692630aa809f24d8c6257876316be00a42fff6e723612dda3090d474894d646e269844930fd168a0026740502818100c2b25e6372c06b03a46a52453054ed2d7b2a644f754c5c0cb7d4d09f3cac187dd0ebef4dfaaca94b92827aceb9d3eaa0af005546644d7358b1ca54e83f707404a639383fc1c0cc752ffcd23b7c7b2386436ac0aedf7cb6ba418b7154b1af14cf4c675df1f8448953b50835dc334f3f9127906b4e3d27cce263733ee0d0dc865302818100c365423b5f76dd38dbeb882d40e070640c4ecf99d5cfabab2fdc98b5e777de2b36caaf646eaccc9dbb9001829187a01ef403d1bb02761e3bc87a18dda796b0a4ee070ccd347fbb08d1ac846eed8f29f2998e8b69e97e9430aa84e1ff22182f50483be1c99e8d26cf582c767afbb34fe5d9336f2c779e3140171c716298a42529028180724a107c62552fbca09c4515166d141959aea5d9baea8b32700b3e37eb7ebe95c4b96aeda4940c812f4ce6d8495f6be0cd39edd4f7763b9aba2b22b27ee2fd47e967b76c3dc9767be8228a2a9f450db2780ac7771ffbeeabe16400b00de9cfd66c6c554a8049832f9f1a65bb906719d2949e034f9738b0ddc831539cd71e4cbf0281807b9d01a2ef8a8228a41a58cceb0ad8eb449fa350ed2c07d012c452e947cac687a9a9f9a04c663356e661e8af30373d863d182d7038eebc901d3c78bc1e4dbf74c8fcba141ba56b0af66fa1c40e5defe7ed382ec008c98fb79f139e46cbc9570d110dc8930fd6f89fdcdda21fc790d4049ff24ffe82704d9234a56124905037d5'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, pool
-) VALUES (
- 'rw', 1, 4, 6, 'pool0,pool1'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'rw', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
-/* Pools */
-
-INSERT INTO pools (
- name, start, end, timeout
-) VALUES (
- 'pool0', X'0a030001', X'0a030001', 0
-);
-
-INSERT INTO pools (
- name, start, end, timeout
-) VALUES (
- 'pool1', X'0a030101', X'0a030101', 0
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030001'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 2, X'0a030101'
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, pool
+) VALUES (
+ 'rw', 1, 4, 6, 'pool0,pool1'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'rw', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+
+/* Pools */
+
+INSERT INTO pools (
+ name, start, end, timeout
+) VALUES (
+ 'pool0', X'0a030001', X'0a030001', 0
+);
+
+INSERT INTO pools (
+ name, start, end, timeout
+) VALUES (
+ 'pool1', X'0a030101', X'0a030101', 0
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030001'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 2, X'0a030101'
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, OU=Research, CN=Research CA */
- 9, X'3051310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e3111300f060355040b13085265736561726368311430120603550403130b5265736561726368204341'
-);
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, OU=Research, CN=Research CA' */
- 11, X'e775f0a0f2ad20cdcd6023ccc7c80f29f3dd5420');
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, OU=Research, CN=Research CA' */
- 11, X'c71449851517718914a496532a1ee801b21c6aa5');
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, OU=Research, CN=carol@strongswan.org' */
- 11, X'5da9f9ef80718d3a883938e2de6e6624989fdf69'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, OU=Research, CN=Research CA */
- 1, 1, X'308203c1308202a9a003020102020120300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3130303430363039353335305a170d3139303430343039353335305a3051310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e3111300f060355040b13085265736561726368311430120603550403130b526573656172636820434130820122300d06092a864886f70d01010105000382010f003082010a0282010100b639b23aa6e0075b58a73f4fb25a856a72f71b5d3db1e780137a95b9e961a1dfaf19c6b2f9831421591c277b7a046a43f02e2471dc12fdc351d7c9596032a559d4bdd95ca79f21063a717d33d73fd203071cd0690c94cec13120658e5546367bbc49e412819d7564a24de1b58e07af519da8d87edcb1266de809067813452471e0f289e7814efdbefc2d4cc1fab331af3c70fe59c8f2312602d2a5ba043b73d6ae31e142cfe3669527e74a85a11cde6a9bed2234acb40bedb922e13c36afa2de3b41888f01c01a87637bb622e7e5521f4d73d77f47abc6b113cc1ecdf45f51dafe6d14838f78fb0c2ac1f1016518f3c4c98c17fd521b82351374c3389decae390203010001a381af3081ac300f0603551d130101ff040530030101ff300b0603551d0f040403020106301d0603551d0e04160414e775f0a0f2ad20cdcd6023ccc7c80f29f3dd5420306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b050003820101008d6da16d1b2dcc815c0a3215e2ca1b2e1289b70d059b3fae80a173051abf47e8c8b74260c60528478738bbc8b1322389fa58e0c3f2dd20604395e972ce6f385c16f7b8cce987c1caa8f1e3eeea4c1a8e68b31705b789dcb230432262ae9a8767396c3ac71c8710a370c00c3ce0469968e974ea942e82e5c17f44161040dab11907589a9a06d4279339791344b9b9bcc51e816b0ff4391cffb6dfadc42f63c5c8c7a099ce155d2cb3b5ecddddf63ea86f286801c6354b672ab7cc3feb306db15d5c8a3d4e3acde94c08fd5476c33adad2f5730022e2ca246b4d8642b3ffaf00611eddb66c930de2036ce4d4af8537638e0c156332eeeb7205601bd6f2c1668992'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, OU=Research, CN=carol@strongswan.org */
- 1, 1, X'3082042c30820314a00302010202010b300d06092a864886f70d01010b05003051310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e3111300f060355040b13085265736561726368311430120603550403130b5265736561726368204341301e170d3135303432363130323530345a170d3139303430333130323530345a305a310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e3111300f060355040b13085265736561726368311d301b060355040314146361726f6c407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100aba9b87a9452a4ae7ec12d8d24d91244c5b131965d09306682db00f3656783d5d03c758eedf146f56d8d01cddd3b31e88b01d493b793f74c131c2db5b78103c1caa0a630f82146f3ee9759453eb414f9c65c1ae6c755507228f0e9f5c7b45bdecf910e1276fd8bc27ff1f5dda3ada86f8bed7cadecec11419371e06c7ad2c814d9986bf56b0cb2558941e4bddaf6ba52219837873aa91372ad2f734d9109d3289bb5f961774ecb2dc833fa31ea09d51c3cae20f3e4c7f070ad7a4d27d9046edc87db10cfa2e846998d426ad64a7a93d1c0220291e3cafd1d5937cc1b16241a3ab31527f3f6af14ce78bddc03f0d00294d9fdc686c45ec3b78f01a58dce666f8d0203010001a38201043082010030090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e041604145da9f9ef80718d3a883938e2de6e6624989fdf69306d0603551d23046630648014e775f0a0f2ad20cdcd6023ccc7c80f29f3dd5420a149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820120301f0603551d110418301681146361726f6c407374726f6e677377616e2e6f726730370603551d1f0430302e302ca02aa0288626687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f72657365617263682e63726c300d06092a864886f70d01010b050003820101004e05096d72fcdded75173a3e5c6310db815fc5d52f95ec7d21c9e73599e3b32e1c61a521a1f748d402243a1761ed1e22f5db5d7db14b2d0477a9cda398bf6e6dd40ff3716265940e5d7e795d5e7f19be04e20d93d9953c6a16f2f99cd0b047088c67a8b7b7d17dbc54adc8e720ac5977b26c412691e39accacd714390a454f6d76baba2352782b12801e682e54484897b05d753fae7851e8d1f0309ccf02e2e1006f8d14c7ddb70c0b9ec58ec5add67fca081d3c752d288c3f93fba94deffd4ac8bade7913729d7cdcd460259f91b4dc8bf09bd493153d6662390130e098fb78a110ea73951f695825a5f69ef6f1d6f79a4d15b039b58dd39fdcf2b55ddd8f27');
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 3, 7
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 3, 8
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, OU=Research, CN=carol@strongswan.org' */
- 1, X'308204a40201000282010100aba9b87a9452a4ae7ec12d8d24d91244c5b131965d09306682db00f3656783d5d03c758eedf146f56d8d01cddd3b31e88b01d493b793f74c131c2db5b78103c1caa0a630f82146f3ee9759453eb414f9c65c1ae6c755507228f0e9f5c7b45bdecf910e1276fd8bc27ff1f5dda3ada86f8bed7cadecec11419371e06c7ad2c814d9986bf56b0cb2558941e4bddaf6ba52219837873aa91372ad2f734d9109d3289bb5f961774ecb2dc833fa31ea09d51c3cae20f3e4c7f070ad7a4d27d9046edc87db10cfa2e846998d426ad64a7a93d1c0220291e3cafd1d5937cc1b16241a3ab31527f3f6af14ce78bddc03f0d00294d9fdc686c45ec3b78f01a58dce666f8d020301000102820100426a6be1a1394855eadcbacefd0eaf2ec47e05fd7309771c724c6155ca49fe8bdf01454a836cf2534a8b5fc35270f0a25405e54531a5a1ec610869f700847dfba075ff56bae9c515e39dd300237e710f225bc85cb98a9c914e9dc7273c98df62995439e992f80df6b6a1daca61e5726195f5d0634a631b5a0fbde3629532b00e1ed0a7024d324f65a513ef5e7cb4ee5e8648402c7e21ca3a2f0a7c242999616da97d493d728f5d8ba502979d02f80e5172fa6c13b0997170b3100ab3d3a785cf88a6810bb34122da79dba917bedcc8f775de70f637bf9819f5ab58a6dda8632e42799face41665ff78ae53ac423c82cdb1c8788b49b174fe0c1293d12c04210102818100d6672852209839c41c03e16d48ef1bcb34aed2e4193b5712fd5112e666ed448b8ba37dcbd0fd326d59c121f93789a06aef4194f7c5e3842194c0dc100d09becdb2cafa9fa3fb82f66b2be3b4e579aa5d1bda093a7b2459a17d787afb26c42d8e16a1a6183f9578f378a4ff90dfd40c085bdfdba04cb4a1f25d09e4c00eb51b7d02818100ccf7c72e9de24fdc4baa9a7dccff63da6f53b3a9bafd4cf3b9ace9ce5eeb60c94b91de9f05606ab90e3aa9b3b95aff923bbc9969653b3ae5867bace78355564ab2c166544c7eefb37b5b8411335d79d448f39f27bf56cc9479adf7e4626603a065eec7dc3e1d2e986b42b242f2d96c68fd0659845991feb89fedfb2995f6415102818100c8a7266f261e1101de0e2bacf1730599f9a61bac6988c586fa18240e0909c8faa826cc163172a4fcfde0e800aadf5c88777df302a7eab3c011cd24a6c8ecf3eae2876062833f6163690d5c3ff1fb195ba6333a2bc70f4feaf8d8069081c95bb0fcb13016c57b08052445970068d9b4a1260aad2aaa5eeaa93e358225d41ddea90281801d21feb296884b37919daf15c0647069e4b6edeb6b0383c384999a25d601f8a0c3d7f8df7b6127ea23a69ce649ab3076357d6a04bbf9be364f7616ae555174d16b34e7f98561e96a06578c9ef1411106e65392449102a2535c3428eed23993bc61a09dd1a5167abff946e295777505deaa5013bb270c043b73a7dcb21d7981f102818100aeb7b4ac389d03b60a738dab58cca061e375a0c236de47245ec93e8e5ae3e22d488a41837c5b9a1da59e75ce8aef171bba8843230335ecd24d736cce3f11a430c1ab5311917465031832f9b8e9fd277613777d8d0ed04358cd9112e43adf0a06e83e59ab5a855ec54df11030963bc84ed1f2e6c2a20af05e0453c072395b0772'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 7
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 8
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_CAROL', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'home', 1, 7, 9
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, OU=Research, CN=Research CA */
+ 9, X'3053310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a6563743111300f060355040b13085265736561726368311430120603550403130b5265736561726368204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, OU=Research, CN=Research CA' */
+ 11, X'RESEARCH_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, OU=Research, CN=Research CA' */
+ 11, X'RESEARCH_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, OU=Research, CN=carol@strongswan.org' */
+ 11, X'CAROL_R_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, OU=Research, CN=Research CA */
+ 1, 1, X'RESEARCH_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, OU=Research, CN=carol@strongswan.org */
+ 1, 1, X'CAROL_R_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 3, 7
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 3, 8
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, OU=Research, CN=carol@strongswan.org' */
+ 1, X'CAROL_R_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 7
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 8
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_CAROL', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'home', 1, 7, 9
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, OU=Sales, CN=Sales CA */
- 9, X'304b310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e310e300c060355040b130553616c65733111300f0603550403130853616c6573204341'
-);
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, OU=Sales, CN=Sales CA' */
- 11, X'5f9b1346f92072c800d588b5a74c2e97ea0b9328'
-);
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, OU=Sales, CN=Sales CA' */
- 11, X'c9ca6b980be96d5f210d7fed1529eb6c567ec26c'
-);
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, OU=Sales, CN=dave@strongswan.org' */
- 11, X'81c0c1dfa134c6f60e0b9a42ff901977b6145fc7'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, OU=Sales CN=Sales CA */
- 1, 1, X'308203bb308202a3a003020102020121300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3130303430363039353433335a170d3139303430343039353433335a304b310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e310e300c060355040b130553616c65733111300f0603550403130853616c657320434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c24e4d26998c37b9511fa125ba1d704e34581c569beaf41620fe14b736734847fd07169b55dfaa773da9a3cf1a8c4ed817f05e01441df39d4331c6bad861b2f74c3e49963f5677b83af0b1caab98bcaae0923cedec527a7d608260951226f9e53e1f371ad320625aa1ee899fdbfd6701b607e52bde7140ff075c91276a27173a5cbf4329c464dd3c59b6ff52b837ed13d1bbf3b3ba3c94b27f2518865773d4465ee4f4ec52801b049d030d7271df9eb6903b5f41dc1ecdab742c0c8eb1569b62aff41bf7c16702cb7abe2a185dbedc2b2f3fb8cd5e785161e4afdbee22da602381b0512350378aaa14dcdab5bcf02aceb7a4388fd157d1eb7bd2f5afc5f574810203010001a381af3081ac300f0603551d130101ff040530030101ff300b0603551d0f040403020106301d0603551d0e041604145f9b1346f92072c800d588b5a74c2e97ea0b9328306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010024654ea5cc8c7cbbafbad69eaff4f721674dde9dfb2e8a9078fd92f612039abbc587663f7238f983f6aa93e762349ec9f302978648c8c5e77d46f3e4ebee5e9e12092d2021427a98aebee5fd5add449d07809ed0e7789a45084262f32850914aa7615a8573349ae5f814f56b977df9a2d600be52da9a94a103e01bae0c3e0872dd2c946f8a817a9964dc9751ffa3a00392d078db4b888ed8fdd6cc33646f9f6f38448231a764ea3761eea7a04d2c7bfa7cb8b1749a4cfa71bb6631987feedd9ee63a64386f22dd7ccebff69f510b0503e13394a3621190219566373343aca19500ab5ae4b1bc0700468b4b9773d7c15d645c7df237375fc8663fe86f9b775828'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, OU=Sales, CN=dave@strongswan.org */
- 1, 1, X'3082041c30820304a003020102020109300d06092a864886f70d01010b0500304b310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e310e300c060355040b130553616c65733111300f0603550403130853616c6573204341301e170d3135303432363130323232305a170d3139303430333130323232305a3056310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e310e300c060355040b130553616c6573311c301a0603550403141364617665407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100bcd9eb80441d113a64758fcf6928fd29e36b83cf8c0b0087fd23e4504ea28c89fefb2ca16996a38b926b037cfdc9afac8b447fe0f8f1b20c23baaaf1011578806eb78ca3a638b58c2bd111d3f00fafd2a65df9e615d76a67096d19da3d8660e20508a611dbef2b85cae27036058fa92746f9828fb93f88086c750de461a1d6edf847ff490c2bd7d471e721898abf81110f94db3839ca0e347b293deaf10cbe0c49dd8e2fb66353562e8b7c5ceca7a82356f488b466cefce74c33575833d64926e1076d7b49dd95442efa049b4bbb8cf8054f120774646636dde7005761ec36d08679c8ff3a7b10e33f3e81220a25fc04a9eba656c49b6629a5968e667f797b8f0203010001a381ff3081fc30090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e0416041481c0c1dfa134c6f60e0b9a42ff901977b6145fc7306d0603551d230466306480145f9b1346f92072c800d588b5a74c2e97ea0b9328a149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820121301e0603551d1104173015811364617665407374726f6e677377616e2e6f726730340603551d1f042d302b3029a027a0258623687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f73616c65732e63726c300d06092a864886f70d01010b05000382010100b955fba1ace12b097ea795f9f38172011e17964df72ea1b373d5c45ab5d2064595412c892d9108c006c5fadadd307022788143204f40f1811fdb6500eff6da79aba6e8e5724cf9b164b9fd0d88f99efb0f4eafe55872eca29631e71c5deb8a12b66453815e5da463aebbb6218530bdc18e16984151c0d19b127dedc0bb171c92ed14db974934bab5f804e3783bb27bcfcd26a4bde5805c319cd68b01bf5603059827a2ca00286d69889362ce8a3145a4d376c920a22e29ae790a7f0cede405d5a585a7a5dc47bd9640396eaa05721a5b1c7f1e40ac8e2e14670762e4fd1842de61881635b5dbbb0976375692ba3250b7a99d42cbc90400ea3cbeb44bb85d9d82'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 3, 7
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 3, 8
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, OU=Sales, CN=dave@strongswan.org' */
- 1, X'308204a40201000282010100bcd9eb80441d113a64758fcf6928fd29e36b83cf8c0b0087fd23e4504ea28c89fefb2ca16996a38b926b037cfdc9afac8b447fe0f8f1b20c23baaaf1011578806eb78ca3a638b58c2bd111d3f00fafd2a65df9e615d76a67096d19da3d8660e20508a611dbef2b85cae27036058fa92746f9828fb93f88086c750de461a1d6edf847ff490c2bd7d471e721898abf81110f94db3839ca0e347b293deaf10cbe0c49dd8e2fb66353562e8b7c5ceca7a82356f488b466cefce74c33575833d64926e1076d7b49dd95442efa049b4bbb8cf8054f120774646636dde7005761ec36d08679c8ff3a7b10e33f3e81220a25fc04a9eba656c49b6629a5968e667f797b8f020301000102820100079e7315d5a9a68c488945a8048216d49dcc34a126f13ab041d234dfd88c4e4732f64732abe3dbed4196f7a90f4417c64a481530aa5a75e86f789474ecaa45164961365753d96dd99ddaed71337a2e89bd14858476d51e01d22b88a3795ff680a7db5577dafba731daa1900d5de411daf7ce112a633ae0ee161212e167def3a0cc5bbb3e065853d6f85d0fe7955697207fb432aae3c7d5ac70b151fbd67d58f1f1f65ccbe768200280921e56bf3564def51657617f0fc7c1e8e6bc49df7217bdd4380364a2379b3a0614cc05f0b84d5bdd72311442908d8d6e2eb3d5d411043a45266bec230375aa78acb10d7d1e751a23079430d15a4c6a7debc82581d7a46102818100edc6707a7610fc83764a6044302092878e41e84de990823eca82da736a614154568b4c8ec0bc292f60625a7f879d274ef9de386a247af4ca53178a447816ecd9b38453544ee72c14f3691b534273aeed677e3629933a8f54511e16c859b9ba8edf8e5c50cb27944090b26b0398c765951897b23d781a9df0f08215c72650e36d02818100cb53823e5c2baf9ecf121416c23461a6aa4f3bd083dbae66effed1bba4c38dd3f0f7c00dc4d9f4d69464e17d95705a742028156ffa2b17d41930fca7b4646cf66d9fcca198913018417d57c8286f2b7bd249d6350e02b62910105db1e5d70e55a866dde904dc2298c5dda344f637418fb33e573508d00176d5c79651b283016b02818100d714d395d2cad6bfcbf6c751a6ff2fccb2dfe754e2dbb7153976584862880ae2514ebc37bd1bf75d45a072203df9e81ec6633f40b4330ccf1f8e81a221c70b047a204e884abf4ddebdb7ebe1ca907e417d866b53fc3bd27f00c968ee5e4b64f7ec3d084085240e34c12ec32283c68a9aed9dfabb23b35fff1c6f6f67afbf279902818100c6dfc997014461a4add97af8bfbfc87be23d59be1c1af5bd0da56ab364f73974424fb1f445c5022c183d8c28efd053491e62d6850e66b409eb11f52e7bcd769e9a9f20e2367e5c527d4c025e6ede3de400cde3cd4504f5f3b818a9ec656932462a4f63629634534aa6cea0f1c4fa4b10293c22c466f83d5664c7b189fb57143d0281807d11912b6f18a0363dea94b10c36811880f0917eb334fe7ff55e05d39d1784c6b5fe80b0f0a9d7432fd55030fa0d27a70559dbb5b477ab2670f4c3b0b736a22051b3856c0d06f47b247e2bd7b11570947effdb53557b6c36980b4ad2c00a98d98ea71ebe96bc16038e0f91d7f86a84b407c7a19af727558963d96e75a22498fb'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 7
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 8
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_DAVE', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'home', 1, 7, 9
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, OU=Sales, CN=Sales CA */
+ 9, X'304d310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374310e300c060355040b130553616c65733111300f0603550403130853616c6573204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, OU=Sales, CN=Sales CA' */
+ 11, X'SALES_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, OU=Sales, CN=Sales CA' */
+ 11, X'SALES_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, OU=Sales, CN=dave@strongswan.org' */
+ 11, X'DAVE_S_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, OU=Sales CN=Sales CA */
+ 1, 1, X'SALES_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, OU=Sales, CN=dave@strongswan.org */
+ 1, 1, X'DAVE_S_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 3, 7
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 3, 8
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, OU=Sales, CN=dave@strongswan.org' */
+ 1, X'DAVE_S_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 7
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 8
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_DAVE', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'home', 1, 7, 9
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'308204223082030aa00302010202012b300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343435365a170d3139303832363134343435365a3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f0203010001a382011a3082011630090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414d8263d21ec7cdbbe5a390c5b70cb038021deae13306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d110417301582136d6f6f6e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b05000382010100a99e3e8d73e3ee3cb3e2e04de0e61c8992be55672ed24a095cb35bb254fda67f08fa251f522dde7e24eb0bd5a0939b4cbda8b72a75b1c1c46f222cd2edc15294decd615781083b7b1a1dee175048f137d6c3b4b584a1eab98a99985fc449fdf5ca47cffcbeeac10113f6c6ed7ec2ac048729a9e230661742d5a2f4f5fa8f86847ebacc8267c77cd1f41b5f32469e2faf34e21af1db281ea297a86ee1af30343c1dc9cc07d394ed8f1f2b4a18d6450b97a85fdfa2b90293c0ebbebab1144a46f0522a599588a4904eae5ae1cf200960196ed753f8dfdf6bc84a0e566de6ad741208d3a837c64e3e74c4abc09deabb5dd7ca9986069c85a834b63d81af0d3b35fc'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f02030100010282010004035ea5faaf11950d0ead7d0dea6d252e29a56138c393e40e99489a50c9c63e09856c2cd90ca17b335fa9540e1947fcb7ad7267b4dce00a30cefb2469fdc18cc78fe45cac3b84f796366e1fe887575685a19ea16ea96d2c29bc3d05ce440aa40365382affe5b96d57199b9c77ed23fb0606f5101886a5e7739113e8e0575f922ba234a00216882a54da866960c02da7b5b13a782c009686b64fff9b67241fe4fcb951f07bd809f47667124f88a3a05749c30d36bb1b77627ea50ef9c105dfcc71331c08fe125856ce1b5ce5779fa87c3f0dfa4f0d7fe56f2dd5a12a1a82acec56e531ecbca5833203c53b1bf4741538b8c3cce43ebe7db65e3ee0502123c0b902818100d84660baecc97714485814a7232ce90b37ea9b4120c9ba5e2ee2557f35a56b4c8a588e8078b85672bfbba3d504f270901d57df22b8235a4b2373f4b9161cc2f536121e93daf133e079b4d02b85719cff50921fd74692630aa809f24d8c6257876316be00a42fff6e723612dda3090d474894d646e269844930fd168a0026740502818100c2b25e6372c06b03a46a52453054ed2d7b2a644f754c5c0cb7d4d09f3cac187dd0ebef4dfaaca94b92827aceb9d3eaa0af005546644d7358b1ca54e83f707404a639383fc1c0cc752ffcd23b7c7b2386436ac0aedf7cb6ba418b7154b1af14cf4c675df1f8448953b50835dc334f3f9127906b4e3d27cce263733ee0d0dc865302818100c365423b5f76dd38dbeb882d40e070640c4ecf99d5cfabab2fdc98b5e777de2b36caaf646eaccc9dbb9001829187a01ef403d1bb02761e3bc87a18dda796b0a4ee070ccd347fbb08d1ac846eed8f29f2998e8b69e97e9430aa84e1ff22182f50483be1c99e8d26cf582c767afbb34fe5d9336f2c779e3140171c716298a42529028180724a107c62552fbca09c4515166d141959aea5d9baea8b32700b3e37eb7ebe95c4b96aeda4940c812f4ce6d8495f6be0cd39edd4f7763b9aba2b22b27ee2fd47e967b76c3dc9767be8228a2a9f450db2780ac7771ffbeeabe16400b00de9cfd66c6c554a8049832f9f1a65bb906719d2949e034f9738b0ddc831539cd71e4cbf0281807b9d01a2ef8a8228a41a58cceb0ad8eb449fa350ed2c07d012c452e947cac687a9a9f9a04c663356e661e8af30373d863d182d7038eebc901d3c78bc1e4dbf74c8fcba141ba56b0af66fa1c40e5defe7ed382ec008c98fb79f139e46cbc9570d110dc8930fd6f89fdcdda21fc790d4049ff24ffe82704d9234a56124905037d5'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-INSERT INTO certificate_authorities (
- certificate
-) VALUES (
- 1
-);
-
-INSERT INTO certificate_distribution_points (
- ca, type, uri
-) VALUES (
- 1, 1, 'http://crl.strongswan.org/strongswan.crl'
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'rw', 1, 4, 6
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'rw', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+INSERT INTO certificate_authorities (
+ certificate
+) VALUES (
+ 1
+);
+
+INSERT INTO certificate_distribution_points (
+ ca, type, uri
+) VALUES (
+ 1, 1, 'http://crl.strongswan.org/strongswan.crl'
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'rw', 1, 4, 6
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'rw', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* sun.strongswan.org */
- 2, X'73756e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'308204223082030aa00302010202012b300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343435365a170d3139303832363134343435365a3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f0203010001a382011a3082011630090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414d8263d21ec7cdbbe5a390c5b70cb038021deae13306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d110417301582136d6f6f6e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b05000382010100a99e3e8d73e3ee3cb3e2e04de0e61c8992be55672ed24a095cb35bb254fda67f08fa251f522dde7e24eb0bd5a0939b4cbda8b72a75b1c1c46f222cd2edc15294decd615781083b7b1a1dee175048f137d6c3b4b584a1eab98a99985fc449fdf5ca47cffcbeeac10113f6c6ed7ec2ac048729a9e230661742d5a2f4f5fa8f86847ebacc8267c77cd1f41b5f32469e2faf34e21af1db281ea297a86ee1af30343c1dc9cc07d394ed8f1f2b4a18d6450b97a85fdfa2b90293c0ebbebab1144a46f0522a599588a4904eae5ae1cf200960196ed753f8dfdf6bc84a0e566de6ad741208d3a837c64e3e74c4abc09deabb5dd7ca9986069c85a834b63d81af0d3b35fc'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f02030100010282010004035ea5faaf11950d0ead7d0dea6d252e29a56138c393e40e99489a50c9c63e09856c2cd90ca17b335fa9540e1947fcb7ad7267b4dce00a30cefb2469fdc18cc78fe45cac3b84f796366e1fe887575685a19ea16ea96d2c29bc3d05ce440aa40365382affe5b96d57199b9c77ed23fb0606f5101886a5e7739113e8e0575f922ba234a00216882a54da866960c02da7b5b13a782c009686b64fff9b67241fe4fcb951f07bd809f47667124f88a3a05749c30d36bb1b77627ea50ef9c105dfcc71331c08fe125856ce1b5ce5779fa87c3f0dfa4f0d7fe56f2dd5a12a1a82acec56e531ecbca5833203c53b1bf4741538b8c3cce43ebe7db65e3ee0502123c0b902818100d84660baecc97714485814a7232ce90b37ea9b4120c9ba5e2ee2557f35a56b4c8a588e8078b85672bfbba3d504f270901d57df22b8235a4b2373f4b9161cc2f536121e93daf133e079b4d02b85719cff50921fd74692630aa809f24d8c6257876316be00a42fff6e723612dda3090d474894d646e269844930fd168a0026740502818100c2b25e6372c06b03a46a52453054ed2d7b2a644f754c5c0cb7d4d09f3cac187dd0ebef4dfaaca94b92827aceb9d3eaa0af005546644d7358b1ca54e83f707404a639383fc1c0cc752ffcd23b7c7b2386436ac0aedf7cb6ba418b7154b1af14cf4c675df1f8448953b50835dc334f3f9127906b4e3d27cce263733ee0d0dc865302818100c365423b5f76dd38dbeb882d40e070640c4ecf99d5cfabab2fdc98b5e777de2b36caaf646eaccc9dbb9001829187a01ef403d1bb02761e3bc87a18dda796b0a4ee070ccd347fbb08d1ac846eed8f29f2998e8b69e97e9430aa84e1ff22182f50483be1c99e8d26cf582c767afbb34fe5d9336f2c779e3140171c716298a42529028180724a107c62552fbca09c4515166d141959aea5d9baea8b32700b3e37eb7ebe95c4b96aeda4940c812f4ce6d8495f6be0cd39edd4f7763b9aba2b22b27ee2fd47e967b76c3dc9767be8228a2a9f450db2780ac7771ffbeeabe16400b00de9cfd66c6c554a8049832f9f1a65bb906719d2949e034f9738b0ddc831539cd71e4cbf0281807b9d01a2ef8a8228a41a58cceb0ad8eb449fa350ed2c07d012c452e947cac687a9a9f9a04c663356e661e8af30373d863d182d7038eebc901d3c78bc1e4dbf74c8fcba141ba56b0af66fa1c40e5defe7ed382ec008c98fb79f139e46cbc9570d110dc8930fd6f89fdcdda21fc790d4049ff24ffe82704d9234a56124905037d5'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 6
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', 'PH_IP_SUN'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, mobike, dpd_delay
-) VALUES (
- 'net-net', 1, 4, 5, 0, 0
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'net-net', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a020000', X'0a02ffff'
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 1
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* sun.strongswan.org */
+ 2, X'73756e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 6
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', 'PH_IP_SUN'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, mobike, dpd_delay
+) VALUES (
+ 'net-net', 1, 4, 5, 0, 0
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'net-net', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a020000', X'0a02ffff'
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 1
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* sun.strongswan.org */
- 2, X'73756e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=sun.strongswan.org' */
- 11, X'edcd6347cdd12fb63000b605430713544c9d318a'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=sun.strongswan.org */
- 1, 1, X'3082042030820308a00302010202012a300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343234355a170d3139303832363134343234355a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b30190603550403131273756e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100c72220047d4a5b330c984612d46af5e08501835db4bddb0bb8dc10bb3bb6daa2079d6201481d8bd2590b381634018777c22f443579dbd0c3894c57c4e582758294990a74b79bd1ea8139a661e677995c520b84c95aeda854abe8b314a8e5f015be3555434f3d1ed8c8b31d8147fd2a2d0f65676754b544a7f64a218d4e6aa64b4e7c9f57b93423f5d05f6b96e940c2682d40401963cc47eb0f6814706f7e14ba5be6a0ec8865328612c1fa733518d3e766f2250a9a43fb4b77c4423cefe7a0e4df3ac9705cbb8a3f3bbaef5693f5ec6ae1c0ab98c744470c149c043a3f5913443ab9fcfd0f6341496bcb4ebed02855618f91df6f251c00646a81ffac1eb925210203010001a38201193082011530090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414edcd6347cdd12fb63000b605430713544c9d318a306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301d0603551d1104163014821273756e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b050003820101005677bfe472a991bbfbe5e1e4c78e1a315593d0307a485ea75eb3904b317b395d45c8d8f6be26c0f6001a8959c15cffabefdf0c0edc03ff4377dd3425408476ac626a92872c0937148905bac4b0cee8098908101a25b7394448cd4fe1e77638ccb108e7d4dc98f2141bca8c3564e439e37cc263e025ec0dd8714b4848b2c7e043083f73a7d4f14cdab58c52ad47a12a36925ec0c2ffa892fa2ac7a49feff4b69a3ddd606bfee5e015a209012f79910971291870bee9ee955b99c661260844f901443d85e22981e3e298511ef8191a29a1a7ad1ff4c545b0ea8925817f62f73e8dad5c43e27c8be481abd45c89feb5d80c850f41a5537cc8480f5cb33959d69f56'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=sun.strongswan.org' */
- 1, X'308204a30201000282010100c72220047d4a5b330c984612d46af5e08501835db4bddb0bb8dc10bb3bb6daa2079d6201481d8bd2590b381634018777c22f443579dbd0c3894c57c4e582758294990a74b79bd1ea8139a661e677995c520b84c95aeda854abe8b314a8e5f015be3555434f3d1ed8c8b31d8147fd2a2d0f65676754b544a7f64a218d4e6aa64b4e7c9f57b93423f5d05f6b96e940c2682d40401963cc47eb0f6814706f7e14ba5be6a0ec8865328612c1fa733518d3e766f2250a9a43fb4b77c4423cefe7a0e4df3ac9705cbb8a3f3bbaef5693f5ec6ae1c0ab98c744470c149c043a3f5913443ab9fcfd0f6341496bcb4ebed02855618f91df6f251c00646a81ffac1eb92521020301000102820100061dd137f2153f99e0d0288ed981738df2e7e9fe0dd82b0b40215a4e35f656ded5370b5498bf7794fd712fc6d6d019361f7bce2f8a4fab28e665b6e87058427dc14cb61a81ad42945e65c3eb8be5ae8b3c65e82d3b22c3a1de29e69e42d5d53b05bda3a1cea444f749aadec422ceeee5b56c5af1bc9358c983f220f7b329e973a6d337152995f99de4ce319bf43a62c016e1e037db9f68d0fdb03fd1a5a4312e34c698d4ded8ff3de546a41046d60540468631a90c70d5b7e5523154a034fa638693a6075a3f6bdce539ac08cd110b30fb12d41c777471651e01bba65fbfcf60fbca09642794e926450d0f0d762ffc015b29be4da88efcf8ae47d1f872d05cf502818100ea6aff13b6f5b6b68f0408bf3835eef245a3d8fa38b4d8dbc04899e7119b835b531ec4ec4e9155a6e2d36d27ae8b145709338249f8cf33e3393b95e660aabb86aaff39cf52075fdc975250c039c13fe1999f63e16a9fb3bd056148eeb37329287803801808a0e4daf25885729ad422ce53d8f33b18e2d386248bc4342bf0463702818100d97780eed84257e60d9616647e41c48556e45ec31d7332796f446becc1fdadae24467263352396d01d6c690fa3c40a4de2128bf523f36c62a4c51ff6388e569d8a6f1dcf0b1d325b61d32862123ed0a67f7983d4ebda01e0e0524d6758c0413f9a2457bc559930ea50d69aafa09b43519725b94869bd9f5dcbcfcb447877c3670281802664ebee60b3120008a092862f40b6283c3bbfd80bdda2ff2b19390bdd9869055631ddf30e53438217f8a51230c65ac87e9b4f25aa78d578cbf0f4764d32e98fff05da84185d58d81a78c2fd18f88bebf96b5fc295e21e60413753e8b4bf91e82ceff5d4f9e4d057040677a4f3b2f7187027427f556e2153013d5b1f686aec3502818100be0e0f04aec3ec860641b1784a4fb82cc06ffdd1901f69716fa8e0999e40d2556b269639d5eb3096d9e0314195e2730ef61137781adf574e2eaa88f06b251ad5bc72b81e869c11b283a0439ed24b4b96f7b97f59ca765145f3467a97639d42690f91cb8bb1539cc86bb5e2a2b33e7e6b0429d7f04d5987ba35b178f8724058e90281804c5d9b475b2868c77cffa037e7faf6c12e1f85c5466231483ce3d7ffd951447845a9fb388900132edc63f4a6bb852171e252e9af8e8c641d84aff0ccd5713fbf805be74bf89a4e2fe36edd32fdb8c80d142941d58d2d27bc033c93e692ee88df8e89cbfd1209c96079740f443e641c08b100370eb644a7923a23c23f154403cf'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 6
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_SUN', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, mobike, dpd_delay
-) VALUES (
- 'net-net', 1, 5, 4, 0, 0
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'net-net', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a020000', X'0a02ffff'
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* sun.strongswan.org */
+ 2, X'73756e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=sun.strongswan.org' */
+ 11, X'SUN_SPK_HEX'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=sun.strongswan.org */
+ 1, 1, X'SUN_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=sun.strongswan.org' */
+ 1, X'SUN_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 6
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_SUN', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, mobike, dpd_delay
+) VALUES (
+ 'net-net', 1, 5, 4, 0, 0
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'net-net', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a020000', X'0a02ffff'
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* sun.strongswan.org */
- 2, X'73756e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'2d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d494944754443434171436741774942416749424144414e42676b71686b69473977304241517346414442464d517377435159445651514745774a445344455a0a4d4263474131554543684d5154476c7564586767633352796232356e55336468626a45624d426b474131554541784d53633352796232356e55336468626942530a6232393049454e424d423458445441304d446b784d4445774d4445784f466f58445445354d446b774e7a45774d4445784f466f775254454c4d416b47413155450a42684d43513067784754415842674e5642416f5445457870626e563449484e30636d39755a314e3359573478477a415a42674e5642414d54456e4e30636d39750a5a314e3359573467556d39766443424451544343415349774451594a4b6f5a496876634e4151454242514144676745504144434341516f4367674542414c2f790a58324c7150565a75574c5049656b6e4b383678687a366c6a64334e4e6843327a2b5031756f43503373424d755a695a51456a467a686e4b6362587843656f32660a466e76684f4f6a727269735375566b7a757538326f7858443366496b7a7553376d395634453130455a7a676d4b5749662b57754e52666267417555494e6d4c630a345947415842514c50797a7050344f75343868687a2f59516f3538426963733650487935763334714356524f4958447671686a39315038672b70532b4632312f0a37502b4348326a5263564945485a7447384d2f507765545051393564507a705964324f7636535a2f553745576d624d6d5438566355596e3161436878466d79350a6777655642576c6b48364d502b31446545302f744c35633837786f354b4365474b3854647170653773425243347050454548445163695455766b65754a3150720a4b2b314c77647152786f3748674d5269447738434177454141614f42736a4342727a415342674e5648524d4241663845434441474151482f416745424d4173470a413155644477514541774942426a416442674e5648513445466751555861666463415a524d6e376e746d327a74655867594f6f7554653877625159445652306a0a424759775a4941555861666463415a524d6e376e746d327a74655867594f6f7554652b68536152484d455578437a414a42674e5642415954416b4e494d526b770a467759445651514b4578424d615735316543427a64484a76626d6454643246754d527377475159445651514445784a7a64484a76626d64546432467549464a760a6233516751304743415141774451594a4b6f5a496876634e4151454c425141446767454241434f536d71454274424c52396156335579434938676d7a5235696e0a4c74653961555858532b716973364632683253746634734e2b4e6c36476a37524543365370664548347757647769554c354a30434a68796f4f6a5175446c336e0a314477336445342f7a714d5a6479444b455954553735546d7675734e4a426447734c6b726637454154416a6f692f6e72544f5950506853555a7650702f442b590a764f524a39456a353147586c4b316e774542356941382b7444596e694e516e364244314d456749656a7a4b2b66626979376272615a42316b71686f45723253690a376c7542536e55393132737734393445383861324557626d4d766732545648504e7a4370566b704e6b376b69664369776d7739566c646b71597939792f6c43610a45707970376c54664b77376362443034566b38514a573738324c36437375786b6c333436623137776d4f716e38415a6970733374467375415933773d0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'2d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d494945496a43434177716741774942416749424b7a414e42676b71686b69473977304241517346414442464d517377435159445651514745774a445344455a0a4d4263474131554543684d5154476c7564586767633352796232356e55336468626a45624d426b474131554541784d53633352796232356e55336468626942530a6232393049454e424d423458445445304d4467794e7a45304e4451314e6c6f58445445354d4467794e6a45304e4451314e6c6f77526a454c4d416b47413155450a42684d43513067784754415842674e5642416f5445457870626e563449484e30636d39755a314e33595734784844416142674e5642414d5445323176623234750a633352796232356e6333646862693576636d6377676745694d4130474353714753496233445145424151554141344942447741776767454b416f49424151436b0a664158367852644230663562426a4e30387a4f6d4f37434559613865437959467148556843772b7831307632426e4b4236764f6c4d7a572b39446952744736380a54644a6c59742f32346f52754a425830674147767a7376306b4339726e6f516367434a5179346278614c4e5673676f694643566c7a784c61596a414262516c7a0a6f536165676d2f32506f582b3155503337724738776c764163754c53487346513732304655732f4c765a68345930466a6f4b6876674b73363455346e49414a370a4d6e754c32396e35664d352b64656d37756f76514f42672f2b66615a6f38516b59534b394d573665516b502b596e774e357a49744e42787947774b50625858770a4579352f61714e57666852593849454736484a67726e4377424d4855413134433255562b416637437934654e6e43314d6d7537546d555963466e635861466e300a3837727946556473686c6d5070494878666a756641674d424141476a676745614d494942466a414a42674e5648524d45416a41414d41734741315564447751450a417749447144416442674e5648513445466751553243593949657838323735614f517862634d73446743486572684d77625159445652306a424759775a4941550a5861666463415a524d6e376e746d327a74655867594f6f7554652b68536152484d455578437a414a42674e5642415954416b4e494d526b77467759445651514b0a4578424d615735316543427a64484a76626d6454643246754d527377475159445651514445784a7a64484a76626d64546432467549464a7662335167513047430a4151417748675944565230524242637746594954625739766269357a64484a76626d647a643246754c6d39795a7a415442674e56485355454444414b426767720a42674546425163444154413542674e56485238454d6a41774d4336674c4b41716869686f644852774f69387659334a734c6e4e30636d39755a334e33595734750a62334a6e4c334e30636d39755a334e335957347559334a734d4130474353714753496233445145424377554141344942415143706e6a364e632b5075504c50690a344533673568794a6b7235565a79375353676c63733175795650326d66776a364a5239534c64352b4a4f734c316143546d307939714c637164624842784738690a4c4e4c7477564b5533733168563445494f3373614865345855456a784e396244744c57456f65713569706d595838524a2f66584b52382f3876757242415250320a7875312b7771774568796d70346a426d46304c566f7654312b6f2b47684836367a494a6e78337a52394274664d6b61654c36383034687278327967656f70656f0a627547764d44513848636e4d42394f55375938664b306f59316b554c6c36686633364b3541705041363736367352524b527642534b6c6d56694b5351547135610a346338674357415a627464542b4e2f666138684b446c5a743571313045676a5471446647546a3530784b76416e6571375864664b6d5959476e49576f4e4c59390a6761384e4f7a58380a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'2d2d2d2d2d424547494e205253412050524956415445204b45592d2d2d2d2d0a4d4949456f77494241414b4341514541704877462b7355585164482b5777597a64504d7a706a7577684747764867736d42616831495173507364644c39675a790a6765727a70544d31767651346b625275764533535a574c6639754b4562695156394941427238374c394a41766135364548494169554d75473857697a5662494b0a4968516c5a633853326d49774157304a6336456d6e6f4a76396a36462f745644392b3678764d4a6277484c6930683742554f397442564c507937325965474e420a5936436f623443724f75464f4a794143657a4a376939765a2b587a4f666e58707537714c30446759502f6e326d6150454a474569765446756e6b4a442f6d4a380a446563794c545163636873436a32313138424d756632716a566e34555750434242756879594b35777341544231414e6541746c466667482b777375486a5a77740a544a727530356c4748425a334632685a39504f363868564862495a5a6a365342385834376e77494441514142416f4942414151445871583672784756445136740a66513371625355754b6156684f4d4f543541365a534a70517963592b435956734c4e6b4d6f58737a58366c5544686c482f4c6574636d6530334f414b4d4d37370a4a476e3977597a486a2b5263724475453935593262682f6f68316457686147656f57367062537770764430467a6b514b70414e6c4f43722f35626c7456786d620a6e486674492f7347427655514749616c35334f52452b6a6756312b534b3649306f41495769437055326f5a70594d4174703757784f6e6773414a6147746b2f2f0a6d32636b482b5438755648776539674a39485a6e456b2b496f36425853634d4e4e72736264324a2b70513735775158667a48457a48416a2b456c68577a6874630a355865667148772f4466705044582f6c627933566f536f6167717a7356755578374c796c677a494478547362394851564f4c6a447a4f512b766e3232586a37670a5543456a774c6b436759454132455a6775757a4a647852495742536e49797a70437a66716d304567796270654c754a56667a576c6130794b57493641654c68570a63722b376f395545386e4351485666664972676a576b736a632f533546687a43395459534870506138545067656254514b3456786e5039516b682f5852704a6a0a4371674a386b324d596c65485978612b414b51762f3235794e684c646f776b4e52306955316b62696159524a4d5030576967416d644155436759454177724a650a59334c4161774f6b616c4a464d4654744c5873715a4539315446774d743954516e7a797347483351362b394e2b71797053354b4365733635302b7167727742560a526d524e63316978796c546f50334230424b59354f442f42774d78314c2f7a534f33783749345a446173437533337932756b474c6356537872785450544764640a3866684569564f31434458634d30382f6b536551613034394a387a6959334d2b344e4463686c4d4367594541773256434f31393233546a6236346774514f42770a5a41784f7a356e567a3675724c39795974656433336973327971396b62717a4d6e62755141594b52683641653941505275774a32486a764965686a64703561770a704f3448444d30306637734930617945627532504b664b5a6a6f7470365836554d4b7145346638694743395153447668795a364e4a7339594c485a362b374e500a35646b7a627978336e6a4641467878785970696b4a536b436759427953684238596c5576764b4363525255576252515a5761366c32627271697a4a77437a34330a3633362b6c6353356175326b6c4179424c307a6d32456c66612b444e4f653355393359376d726f7249724a2b34763148365765336244334a646e766f496f6f710a6e30554e736e674b783363662b2b367234575141734133707a395a736246564b67456d444c3538615a6275515a786e536c4a344454356334734e33494d564f630a3178354d76774b426748756441614c76696f496f704270597a4f734b324f74456e364e513753774830424c4555756c487973614871616e356f45786d4d31626d0a596569764d446339686a30594c58413437727951485478347642354e763354492f4c6f554736567243765a766f63514f58652f6e3754677577416a4a6a3765660a4535354779386c584452454e794a4d5031766966334e32694838655131415366386b2f2b676e424e6b6a536c59535351554466560a2d2d2d2d2d454e44205253412050524956415445204b45592d2d2d2d2d0a'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 6
-);
-
-/* Proposals */
-
-INSERT INTO proposals (
- proposal
-) VALUES (
- 'aes128-aes192-aes256-sha256-sha384-sha512-modp3072-modp4096-modp8192'
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', 'PH_IP_SUN'
-);
-
-INSERT INTO ike_config_proposal (
- ike_cfg, prio, prop
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, mobike, dpd_delay
-) VALUES (
- 'net-net', 1, 4, 5, 0, 30
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-1', '/usr/local/libexec/ipsec/_updown iptables', 1, 1
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-2', '/usr/local/libexec/ipsec/_updown iptables', 1, 1
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-3', '/usr/local/libexec/ipsec/_updown iptables', 0, 0
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 2
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 3
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 2, 1, 1
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 3, 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010000', X'0a01000f'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010010', X'0a01001f'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010200', X'0a0103ff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a020000', X'0a0201ff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a020200', X'0a0203ff'
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 4, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 2, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 4, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 3, 3, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 3, 5, 1
-);
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* sun.strongswan.org */
+ 2, X'73756e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_PEM_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_PEM_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_PEM_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 6
+);
+
+/* Proposals */
+
+INSERT INTO proposals (
+ proposal
+) VALUES (
+ 'aes128-aes192-aes256-sha256-sha384-sha512-modp3072-modp4096-modp8192'
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', 'PH_IP_SUN'
+);
+
+INSERT INTO ike_config_proposal (
+ ike_cfg, prio, prop
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, mobike, dpd_delay
+) VALUES (
+ 'net-net', 1, 4, 5, 0, 30
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-1', '/usr/local/libexec/ipsec/_updown iptables', 1, 1
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-2', '/usr/local/libexec/ipsec/_updown iptables', 1, 1
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-3', '/usr/local/libexec/ipsec/_updown iptables', 0, 0
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 2, 1, 1
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 3, 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010000', X'0a01000f'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010010', X'0a01001f'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010200', X'0a0103ff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a020000', X'0a0201ff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a020200', X'0a0203ff'
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 4, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 2, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 4, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 3, 3, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 3, 5, 1
+);
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* sun.strongswan.org */
- 2, X'73756e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=sun.strongswan.org' */
- 11, X'edcd6347cdd12fb63000b605430713544c9d318a'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'2d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d494944754443434171436741774942416749424144414e42676b71686b69473977304241517346414442464d517377435159445651514745774a445344455a0a4d4263474131554543684d5154476c7564586767633352796232356e55336468626a45624d426b474131554541784d53633352796232356e55336468626942530a6232393049454e424d423458445441304d446b784d4445774d4445784f466f58445445354d446b774e7a45774d4445784f466f775254454c4d416b47413155450a42684d43513067784754415842674e5642416f5445457870626e563449484e30636d39755a314e3359573478477a415a42674e5642414d54456e4e30636d39750a5a314e3359573467556d39766443424451544343415349774451594a4b6f5a496876634e4151454242514144676745504144434341516f4367674542414c2f790a58324c7150565a75574c5049656b6e4b383678687a366c6a64334e4e6843327a2b5031756f43503373424d755a695a51456a467a686e4b6362587843656f32660a466e76684f4f6a727269735375566b7a757538326f7858443366496b7a7553376d395634453130455a7a676d4b5749662b57754e52666267417555494e6d4c630a345947415842514c50797a7050344f75343868687a2f59516f3538426963733650487935763334714356524f4958447671686a39315038672b70532b4632312f0a37502b4348326a5263564945485a7447384d2f507765545051393564507a705964324f7636535a2f553745576d624d6d5438566355596e3161436878466d79350a6777655642576c6b48364d502b31446545302f744c35633837786f354b4365474b3854647170653773425243347050454548445163695455766b65754a3150720a4b2b314c77647152786f3748674d5269447738434177454141614f42736a4342727a415342674e5648524d4241663845434441474151482f416745424d4173470a413155644477514541774942426a416442674e5648513445466751555861666463415a524d6e376e746d327a74655867594f6f7554653877625159445652306a0a424759775a4941555861666463415a524d6e376e746d327a74655867594f6f7554652b68536152484d455578437a414a42674e5642415954416b4e494d526b770a467759445651514b4578424d615735316543427a64484a76626d6454643246754d527377475159445651514445784a7a64484a76626d64546432467549464a760a6233516751304743415141774451594a4b6f5a496876634e4151454c425141446767454241434f536d71454274424c52396156335579434938676d7a5235696e0a4c74653961555858532b716973364632683253746634734e2b4e6c36476a37524543365370664548347757647769554c354a30434a68796f4f6a5175446c336e0a314477336445342f7a714d5a6479444b455954553735546d7675734e4a426447734c6b726637454154416a6f692f6e72544f5950506853555a7650702f442b590a764f524a39456a353147586c4b316e774542356941382b7444596e694e516e364244314d456749656a7a4b2b66626979376272615a42316b71686f45723253690a376c7542536e55393132737734393445383861324557626d4d766732545648504e7a4370566b704e6b376b69664369776d7739566c646b71597939792f6c43610a45707970376c54664b77376362443034566b38514a573738324c36437375786b6c333436623137776d4f716e38415a6970733374467375415933773d0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=sun.strongswan.org */
- 1, 1, X'2d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d494945494443434177696741774942416749424b6a414e42676b71686b69473977304241517346414442464d517377435159445651514745774a445344455a0a4d4263474131554543684d5154476c7564586767633352796232356e55336468626a45624d426b474131554541784d53633352796232356e55336468626942530a6232393049454e424d423458445445304d4467794e7a45304e4449304e566f58445445354d4467794e6a45304e4449304e566f775254454c4d416b47413155450a42684d43513067784754415842674e5642416f5445457870626e563449484e30636d39755a314e3359573478477a415a42674e5642414d54456e4e316269357a0a64484a76626d647a643246754c6d39795a7a4343415349774451594a4b6f5a496876634e4151454242514144676745504144434341516f4367674542414d63690a49415239536c737a444a6847457452713965434641594e64744c336243376a63454c733774747169423531694155676469394a5a437a67574e414748643849760a524456353239444469557858784f574364594b556d51703074357652366f4535706d486d64356c63556775457956727471465372364c4d55714f5877466234310a56554e5050523759794c4d64675566394b6930505a57646e564c5645702f5a4b4959314f61715a4c546e796656376b30492f58515832755736554443614331410a51426c6a7a456672443267556347392b464c7062357144736947557968684c422b6e4d31474e506e5a76496c437070442b30743378454938372b6567354e38360a7958426375346f2f4f3772765670503137477268774b7559783052484442536342446f2f57524e454f726e382f51396a51556c727930362b3043685659592b520a3332386c4841426b616f482f724236354a5345434177454141614f4341526b77676745564d416b4741315564457751434d4141774377594456523050424151440a41674f6f4d4230474131556444675157424254747a574e487a644576746a41417467564442784e55544a3078696a427442674e5648534d455a6a426b674252640a70393177426c45796675653262624f31356542673669354e3736464a704563775254454c4d416b474131554542684d43513067784754415842674e5642416f540a45457870626e563449484e30636d39755a314e3359573478477a415a42674e5642414d54456e4e30636d39755a314e3359573467556d397664434244515949420a4144416442674e5648524545466a415567684a7a64573475633352796232356e6333646862693576636d6377457759445652306c42417777436759494b7759420a42515548417745774f51594456523066424449774d4441756f4379674b6f596f6148523063446f764c324e796243357a64484a76626d647a643246754c6d39790a5a79397a64484a76626d647a643246754c6d4e796244414e42676b71686b6947397730424151734641414f4341514541566e652f35484b706b6276373565486b0a783434614d565754304442365346366e58724f51537a46374f563146794e6a32766962413967416169566e4258502b723739384d447477442f304e333354516c0a5149523272474a716b6f63734354635569515736784c444f36416d4a434241614a62633552456a4e542b486e646a6a4d73516a6e314e795938685162796f77310a5a4f513534337a43592b416c3741335963557449534c4c4834454d4950334f6e3150464d3272574d557131486f536f326b6c374177762b6f6b766f71783653660a372f53326d6a33645947762b356541566f676b424c336d52435845704748432b3665365657356e475953594952506b425244324634696d42342b4b59555237340a47526f706f616574482f5446526244716953574266324c33506f3274584550696649766b6761765558496e2b7464674d6851394270564e3879456750584c4d350a5764616656673d3d0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=sun.strongswan.org' */
- 1, X'2d2d2d2d2d424547494e205253412050524956415445204b45592d2d2d2d2d0a4d4949456f77494241414b4341514541787949674248314b577a4d4d6d4559533147723134495542673132307664734c754e7751757a7532327149486e5749420a5342324c306c6b4c4f42593041596433776939454e586e62304d4f4a5446664535594a316770535a436e53336d39487167546d6d59655a336d5678534334544a0a5775326f564b766f7378536f35664156766a56565130383948746a4973783242522f30714c51396c5a3264557455536e396b6f686a553571706b744f664a39580a7554516a3964426661356270514d4a6f4c5542414757504d522b73506142527762333455756c766d6f4f79495a544b4745734836637a5559302b646d3869554b0a6d6b503753336645516a7a763536446b337a724a63467937696a3837757539576b2f58736175484171356a485245634d464a77454f6a395a4530513675667a390a44324e425357764c547237514b4656686a354866627955634147527167662b7348726b6c4951494441514142416f4942414159643054667946542b5a344e416f0a6a746d4263343379352b6e2b4464677243304168576b3431396c62653154634c564a692f6435543963532f473174415a4e6839377a692b4b5436736f356d57320a36484259516e3342544c5961676131436c46356c772b754c3561364c5047586f4c547369773648654b656165517458564f7757396f36484f70455433536172650a78434c4f3775573162467278764a4e59795950794950657a4b656c7a70744d3346536d562b5a336b7a6a47623944706977426268344466626e326a512f62412f0a3061576b4d53343078706a5533746a2f506556477042424731675641526f5978715178773162666c556a46556f44543659346154706764615032766335546d730a434d3052437a443745745163643352785a52344275365a66763839672b386f4a5a43655536535a464451384e64692f3841567370766b326f6a767a34726b66520a2b484c515850554367594541366d722f45376231747261504241692f4f445875386b576a32506f34744e6a627745695a357847626731745448735473547046560a70754c54625365756978525843544f4353666a504d2b4d354f35586d594b71376871722f4f63395342312f636c314a5177446e42502b475a6e32506861702b7a0a76515668534f367a63796b6f65414f4147416967354e7279574956796d7451697a6c5059387a735934744f474a4976454e437677526a634367594541325865410a37746843562b594e6c685a6b666b48456856626b58734d64637a4a3562305272374d48397261346b526e4a6a4e534f573042317361512b6a7841704e34684b4c0a3953507a62474b6b78522f324f4935576e5970764863384c48544a6259644d6f5968492b304b5a2f6559505536396f42344f4253545764597745452f6d6952580a7646575a4d4f7051317071766f4a7444555a636c75556870765a396479382f4c52486833773263436759416d5a4f7675594c4d53414169676b6f5976514c596f0a5044752f324176646f76387247546b4c335a68704256597833664d4f55304f43462f696c456a44475773682b6d30386c716e6a56654d767739485a4e4d756d500a2f77586168426864574e6761654d4c394750694c362f6c7258384b563468356751546454364c532f6b656773372f58552b655451567751476436547a737663590a634364436631567549564d4250567366614772734e514b426751432b446738457273507368675a427358684b5437677377472f39305a416661584676714f435a0a6e6b44535657736d6c6a6e56367a435732654178515a586963773732455464344774395854693671695042724a52725676484b34486f616345624b446f454f650a306b744c6c76653566316e4b646c464638305a366c324f64516d6b506b63754c73564f637947753134714b7a506e357242436e583845315a68376f3173586a340a636b425936514b42674578646d3064624b476a4866502b674e2b66363973457548345846526d497853447a6a312f2f5a5555523452616e374f496b41457937630a592f536d7534556863654a5336612b4f6a475164684b2f777a4e567850372b41572b644c2b4a704f4c2b4e7533544c39754d674e46436c42315930744a3777440a504a506d6b7536493334364a792f305343636c67655851505244356b484169784144634f746b536e6b6a6f6a776a3856524150500a2d2d2d2d2d454e44205253412050524956415445204b45592d2d2d2d2d0a'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 6
-);
-
-/* Proposals */
-
-INSERT INTO proposals (
- proposal
-) VALUES (
- 'aes128-sha256-modp3072'
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_SUN', 'PH_IP_MOON'
-);
-
-INSERT INTO ike_config_proposal (
- ike_cfg, prio, prop
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, mobike, dpd_delay
-) VALUES (
- 'net-net', 1, 5, 4, 0, 30
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-1', '/usr/local/libexec/ipsec/_updown iptables', 1, 1
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-2', '/usr/local/libexec/ipsec/_updown iptables', 1, 1
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-3', '/usr/local/libexec/ipsec/_updown iptables', 0, 0
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 2
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 3
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 2, 1, 1
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 3, 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010000', X'0a01000f'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010010', X'0a01001f'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010200', X'0a0103ff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a020000', X'0a0201ff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a020200', X'0a0203ff'
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 4, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 2, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 4, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 3, 3, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 3, 5, 0
-);
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* sun.strongswan.org */
+ 2, X'73756e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=sun.strongswan.org' */
+ 11, X'SUN_SPK_HEX'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_PEM_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=sun.strongswan.org */
+ 1, 1, X'SUN_CERT_PEM_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=sun.strongswan.org' */
+ 1, X'SUN_KEY_PEM_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 6
+);
+
+/* Proposals */
+
+INSERT INTO proposals (
+ proposal
+) VALUES (
+ 'aes128-sha256-modp3072'
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_SUN', 'PH_IP_MOON'
+);
+
+INSERT INTO ike_config_proposal (
+ ike_cfg, prio, prop
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, mobike, dpd_delay
+) VALUES (
+ 'net-net', 1, 5, 4, 0, 30
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-1', '/usr/local/libexec/ipsec/_updown iptables', 1, 1
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-2', '/usr/local/libexec/ipsec/_updown iptables', 1, 1
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-3', '/usr/local/libexec/ipsec/_updown iptables', 0, 0
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 2, 1, 1
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 3, 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010000', X'0a01000f'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010010', X'0a01001f'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010200', X'0a0103ff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a020000', X'0a0201ff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a020200', X'0a0203ff'
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 4, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 2, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 4, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 3, 3, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 3, 5, 0
+);
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* sun.strongswan.org */
- 2, X'73756e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'2d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d494944754443434171436741774942416749424144414e42676b71686b69473977304241517346414442464d517377435159445651514745774a445344455a0a4d4263474131554543684d5154476c7564586767633352796232356e55336468626a45624d426b474131554541784d53633352796232356e55336468626942530a6232393049454e424d423458445441304d446b784d4445774d4445784f466f58445445354d446b774e7a45774d4445784f466f775254454c4d416b47413155450a42684d43513067784754415842674e5642416f5445457870626e563449484e30636d39755a314e3359573478477a415a42674e5642414d54456e4e30636d39750a5a314e3359573467556d39766443424451544343415349774451594a4b6f5a496876634e4151454242514144676745504144434341516f4367674542414c2f790a58324c7150565a75574c5049656b6e4b383678687a366c6a64334e4e6843327a2b5031756f43503373424d755a695a51456a467a686e4b6362587843656f32660a466e76684f4f6a727269735375566b7a757538326f7858443366496b7a7553376d395634453130455a7a676d4b5749662b57754e52666267417555494e6d4c630a345947415842514c50797a7050344f75343868687a2f59516f3538426963733650487935763334714356524f4958447671686a39315038672b70532b4632312f0a37502b4348326a5263564945485a7447384d2f507765545051393564507a705964324f7636535a2f553745576d624d6d5438566355596e3161436878466d79350a6777655642576c6b48364d502b31446545302f744c35633837786f354b4365474b3854647170653773425243347050454548445163695455766b65754a3150720a4b2b314c77647152786f3748674d5269447738434177454141614f42736a4342727a415342674e5648524d4241663845434441474151482f416745424d4173470a413155644477514541774942426a416442674e5648513445466751555861666463415a524d6e376e746d327a74655867594f6f7554653877625159445652306a0a424759775a4941555861666463415a524d6e376e746d327a74655867594f6f7554652b68536152484d455578437a414a42674e5642415954416b4e494d526b770a467759445651514b4578424d615735316543427a64484a76626d6454643246754d527377475159445651514445784a7a64484a76626d64546432467549464a760a6233516751304743415141774451594a4b6f5a496876634e4151454c425141446767454241434f536d71454274424c52396156335579434938676d7a5235696e0a4c74653961555858532b716973364632683253746634734e2b4e6c36476a37524543365370664548347757647769554c354a30434a68796f4f6a5175446c336e0a314477336445342f7a714d5a6479444b455954553735546d7675734e4a426447734c6b726637454154416a6f692f6e72544f5950506853555a7650702f442b590a764f524a39456a353147586c4b316e774542356941382b7444596e694e516e364244314d456749656a7a4b2b66626979376272615a42316b71686f45723253690a376c7542536e55393132737734393445383861324557626d4d766732545648504e7a4370566b704e6b376b69664369776d7739566c646b71597939792f6c43610a45707970376c54664b77376362443034566b38514a573738324c36437375786b6c333436623137776d4f716e38415a6970733374467375415933773d0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'2d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d494945496a43434177716741774942416749424b7a414e42676b71686b69473977304241517346414442464d517377435159445651514745774a445344455a0a4d4263474131554543684d5154476c7564586767633352796232356e55336468626a45624d426b474131554541784d53633352796232356e55336468626942530a6232393049454e424d423458445445304d4467794e7a45304e4451314e6c6f58445445354d4467794e6a45304e4451314e6c6f77526a454c4d416b47413155450a42684d43513067784754415842674e5642416f5445457870626e563449484e30636d39755a314e33595734784844416142674e5642414d5445323176623234750a633352796232356e6333646862693576636d6377676745694d4130474353714753496233445145424151554141344942447741776767454b416f49424151436b0a664158367852644230663562426a4e30387a4f6d4f37434559613865437959467148556843772b7831307632426e4b4236764f6c4d7a572b39446952744736380a54644a6c59742f32346f52754a425830674147767a7376306b4339726e6f516367434a5179346278614c4e5673676f694643566c7a784c61596a414262516c7a0a6f536165676d2f32506f582b3155503337724738776c764163754c53487346513732304655732f4c765a68345930466a6f4b6876674b73363455346e49414a370a4d6e754c32396e35664d352b64656d37756f76514f42672f2b66615a6f38516b59534b394d573665516b502b596e774e357a49744e42787947774b50625858770a4579352f61714e57666852593849454736484a67726e4377424d4855413134433255562b416637437934654e6e43314d6d7537546d555963466e635861466e300a3837727946556473686c6d5070494878666a756641674d424141476a676745614d494942466a414a42674e5648524d45416a41414d41734741315564447751450a417749447144416442674e5648513445466751553243593949657838323735614f517862634d73446743486572684d77625159445652306a424759775a4941550a5861666463415a524d6e376e746d327a74655867594f6f7554652b68536152484d455578437a414a42674e5642415954416b4e494d526b77467759445651514b0a4578424d615735316543427a64484a76626d6454643246754d527377475159445651514445784a7a64484a76626d64546432467549464a7662335167513047430a4151417748675944565230524242637746594954625739766269357a64484a76626d647a643246754c6d39795a7a415442674e56485355454444414b426767720a42674546425163444154413542674e56485238454d6a41774d4336674c4b41716869686f644852774f69387659334a734c6e4e30636d39755a334e33595734750a62334a6e4c334e30636d39755a334e335957347559334a734d4130474353714753496233445145424377554141344942415143706e6a364e632b5075504c50690a344533673568794a6b7235565a79375353676c63733175795650326d66776a364a5239534c64352b4a4f734c316143546d307939714c637164624842784738690a4c4e4c7477564b5533733168563445494f3373614865345855456a784e396244744c57456f65713569706d595838524a2f66584b52382f3876757242415250320a7875312b7771774568796d70346a426d46304c566f7654312b6f2b47684836367a494a6e78337a52394274664d6b61654c36383034687278327967656f70656f0a627547764d44513848636e4d42394f55375938664b306f59316b554c6c36686633364b3541705041363736367352524b527642534b6c6d56694b5351547135610a346338674357415a627464542b4e2f666138684b446c5a743571313045676a5471446647546a3530784b76416e6571375864664b6d5959476e49576f4e4c59390a6761384e4f7a58380a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'2d2d2d2d2d424547494e205253412050524956415445204b45592d2d2d2d2d0a4d4949456f77494241414b4341514541704877462b7355585164482b5777597a64504d7a706a7577684747764867736d42616831495173507364644c39675a790a6765727a70544d31767651346b625275764533535a574c6639754b4562695156394941427238374c394a41766135364548494169554d75473857697a5662494b0a4968516c5a633853326d49774157304a6336456d6e6f4a76396a36462f745644392b3678764d4a6277484c6930683742554f397442564c507937325965474e420a5936436f623443724f75464f4a794143657a4a376939765a2b587a4f666e58707537714c30446759502f6e326d6150454a474569765446756e6b4a442f6d4a380a446563794c545163636873436a32313138424d756632716a566e34555750434242756879594b35777341544231414e6541746c466667482b777375486a5a77740a544a727530356c4748425a334632685a39504f363868564862495a5a6a365342385834376e77494441514142416f4942414151445871583672784756445136740a66513371625355754b6156684f4d4f543541365a534a70517963592b435956734c4e6b4d6f58737a58366c5544686c482f4c6574636d6530334f414b4d4d37370a4a476e3977597a486a2b5263724475453935593262682f6f68316457686147656f57367062537770764430467a6b514b70414e6c4f43722f35626c7456786d620a6e486674492f7347427655514749616c35334f52452b6a6756312b534b3649306f41495769437055326f5a70594d4174703757784f6e6773414a6147746b2f2f0a6d32636b482b5438755648776539674a39485a6e456b2b496f36425853634d4e4e72736264324a2b70513735775158667a48457a48416a2b456c68577a6874630a355865667148772f4466705044582f6c627933566f536f6167717a7356755578374c796c677a494478547362394851564f4c6a447a4f512b766e3232586a37670a5543456a774c6b436759454132455a6775757a4a647852495742536e49797a70437a66716d304567796270654c754a56667a576c6130794b57493641654c68570a63722b376f395545386e4351485666664972676a576b736a632f533546687a43395459534870506138545067656254514b3456786e5039516b682f5852704a6a0a4371674a386b324d596c65485978612b414b51762f3235794e684c646f776b4e52306955316b62696159524a4d5030576967416d644155436759454177724a650a59334c4161774f6b616c4a464d4654744c5873715a4539315446774d743954516e7a797347483351362b394e2b71797053354b4365733635302b7167727742560a526d524e63316978796c546f50334230424b59354f442f42774d78314c2f7a534f33783749345a446173437533337932756b474c6356537872785450544764640a3866684569564f31434458634d30382f6b536551613034394a387a6959334d2b344e4463686c4d4367594541773256434f31393233546a6236346774514f42770a5a41784f7a356e567a3675724c39795974656433336973327971396b62717a4d6e62755141594b52683641653941505275774a32486a764965686a64703561770a704f3448444d30306637734930617945627532504b664b5a6a6f7470365836554d4b7145346638694743395153447668795a364e4a7339594c485a362b374e500a35646b7a627978336e6a4641467878785970696b4a536b436759427953684238596c5576764b4363525255576252515a5761366c32627271697a4a77437a34330a3633362b6c6353356175326b6c4179424c307a6d32456c66612b444e4f653355393359376d726f7249724a2b34763148365765336244334a646e766f496f6f710a6e30554e736e674b783363662b2b367234575141734133707a395a736246564b67456d444c3538615a6275515a786e536c4a344454356334734e33494d564f630a3178354d76774b426748756441614c76696f496f704270597a4f734b324f74456e364e513753774830424c4555756c487973614871616e356f45786d4d31626d0a596569764d446339686a30594c58413437727951485478347642354e763354492f4c6f554736567243765a766f63514f58652f6e3754677577416a4a6a3765660a4535354779386c584452454e794a4d5031766966334e32694838655131415366386b2f2b676e424e6b6a536c59535351554466560a2d2d2d2d2d454e44205253412050524956415445204b45592d2d2d2d2d0a'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 6
-);
-
-/* Proposals */
-
-INSERT INTO proposals (
- proposal
-) VALUES (
- 'aes128-sha256-modp3072'
-);
-
-INSERT INTO proposals (
- proposal
-) VALUES (
- 'aes192-sha384-modp8192'
-);
-
-INSERT INTO proposals (
- proposal
-) VALUES (
- 'aes128gcm16-modp3072'
-);
-
-INSERT INTO proposals (
- proposal
-) VALUES (
- 'aes192gcm16-modp8192'
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', 'PH_IP_SUN'
-);
-
-INSERT INTO ike_config_proposal (
- ike_cfg, prio, prop
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO ike_config_proposal (
- ike_cfg, prio, prop
-) VALUES (
- 1, 2, 2
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, mobike, dpd_delay
-) VALUES (
- 'net-net', 1, 4, 5, 0, 30
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-1', '/usr/local/libexec/ipsec/_updown iptables', 2, 2
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-2', '/usr/local/libexec/ipsec/_updown iptables', 2, 2
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-3', '/usr/local/libexec/ipsec/_updown iptables', 2, 2
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 2
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 3
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 1, 1, 3
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 2, 1, 4
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 3, 1, 3
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 3, 2, 4
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010000', X'0a01000f'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010010', X'0a01001f'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010200', X'0a0103ff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a020000', X'0a0201ff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a020200', X'0a0203ff'
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 4, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 2, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 4, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 3, 3, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 3, 5, 1
-);
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* sun.strongswan.org */
+ 2, X'73756e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_PEM_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_PEM_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_PEM_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 6
+);
+
+/* Proposals */
+
+INSERT INTO proposals (
+ proposal
+) VALUES (
+ 'aes128-sha256-modp3072'
+);
+
+INSERT INTO proposals (
+ proposal
+) VALUES (
+ 'aes192-sha384-modp8192'
+);
+
+INSERT INTO proposals (
+ proposal
+) VALUES (
+ 'aes128gcm16-modp3072'
+);
+
+INSERT INTO proposals (
+ proposal
+) VALUES (
+ 'aes192gcm16-modp8192'
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', 'PH_IP_SUN'
+);
+
+INSERT INTO ike_config_proposal (
+ ike_cfg, prio, prop
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO ike_config_proposal (
+ ike_cfg, prio, prop
+) VALUES (
+ 1, 2, 2
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, mobike, dpd_delay
+) VALUES (
+ 'net-net', 1, 4, 5, 0, 30
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-1', '/usr/local/libexec/ipsec/_updown iptables', 2, 2
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-2', '/usr/local/libexec/ipsec/_updown iptables', 2, 2
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-3', '/usr/local/libexec/ipsec/_updown iptables', 2, 2
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 1, 1, 3
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 2, 1, 4
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 3, 1, 3
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 3, 2, 4
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010000', X'0a01000f'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010010', X'0a01001f'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010200', X'0a0103ff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a020000', X'0a0201ff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a020200', X'0a0203ff'
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 4, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 2, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 4, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 3, 3, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 3, 5, 1
+);
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* sun.strongswan.org */
- 2, X'73756e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=sun.strongswan.org' */
- 11, X'edcd6347cdd12fb63000b605430713544c9d318a'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'2d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d494944754443434171436741774942416749424144414e42676b71686b69473977304241517346414442464d517377435159445651514745774a445344455a0a4d4263474131554543684d5154476c7564586767633352796232356e55336468626a45624d426b474131554541784d53633352796232356e55336468626942530a6232393049454e424d423458445441304d446b784d4445774d4445784f466f58445445354d446b774e7a45774d4445784f466f775254454c4d416b47413155450a42684d43513067784754415842674e5642416f5445457870626e563449484e30636d39755a314e3359573478477a415a42674e5642414d54456e4e30636d39750a5a314e3359573467556d39766443424451544343415349774451594a4b6f5a496876634e4151454242514144676745504144434341516f4367674542414c2f790a58324c7150565a75574c5049656b6e4b383678687a366c6a64334e4e6843327a2b5031756f43503373424d755a695a51456a467a686e4b6362587843656f32660a466e76684f4f6a727269735375566b7a757538326f7858443366496b7a7553376d395634453130455a7a676d4b5749662b57754e52666267417555494e6d4c630a345947415842514c50797a7050344f75343868687a2f59516f3538426963733650487935763334714356524f4958447671686a39315038672b70532b4632312f0a37502b4348326a5263564945485a7447384d2f507765545051393564507a705964324f7636535a2f553745576d624d6d5438566355596e3161436878466d79350a6777655642576c6b48364d502b31446545302f744c35633837786f354b4365474b3854647170653773425243347050454548445163695455766b65754a3150720a4b2b314c77647152786f3748674d5269447738434177454141614f42736a4342727a415342674e5648524d4241663845434441474151482f416745424d4173470a413155644477514541774942426a416442674e5648513445466751555861666463415a524d6e376e746d327a74655867594f6f7554653877625159445652306a0a424759775a4941555861666463415a524d6e376e746d327a74655867594f6f7554652b68536152484d455578437a414a42674e5642415954416b4e494d526b770a467759445651514b4578424d615735316543427a64484a76626d6454643246754d527377475159445651514445784a7a64484a76626d64546432467549464a760a6233516751304743415141774451594a4b6f5a496876634e4151454c425141446767454241434f536d71454274424c52396156335579434938676d7a5235696e0a4c74653961555858532b716973364632683253746634734e2b4e6c36476a37524543365370664548347757647769554c354a30434a68796f4f6a5175446c336e0a314477336445342f7a714d5a6479444b455954553735546d7675734e4a426447734c6b726637454154416a6f692f6e72544f5950506853555a7650702f442b590a764f524a39456a353147586c4b316e774542356941382b7444596e694e516e364244314d456749656a7a4b2b66626979376272615a42316b71686f45723253690a376c7542536e55393132737734393445383861324557626d4d766732545648504e7a4370566b704e6b376b69664369776d7739566c646b71597939792f6c43610a45707970376c54664b77376362443034566b38514a573738324c36437375786b6c333436623137776d4f716e38415a6970733374467375415933773d0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=sun.strongswan.org */
- 1, 1, X'2d2d2d2d2d424547494e2043455254494649434154452d2d2d2d2d0a4d494945494443434177696741774942416749424b6a414e42676b71686b69473977304241517346414442464d517377435159445651514745774a445344455a0a4d4263474131554543684d5154476c7564586767633352796232356e55336468626a45624d426b474131554541784d53633352796232356e55336468626942530a6232393049454e424d423458445445304d4467794e7a45304e4449304e566f58445445354d4467794e6a45304e4449304e566f775254454c4d416b47413155450a42684d43513067784754415842674e5642416f5445457870626e563449484e30636d39755a314e3359573478477a415a42674e5642414d54456e4e316269357a0a64484a76626d647a643246754c6d39795a7a4343415349774451594a4b6f5a496876634e4151454242514144676745504144434341516f4367674542414d63690a49415239536c737a444a6847457452713965434641594e64744c336243376a63454c733774747169423531694155676469394a5a437a67574e414748643849760a524456353239444469557858784f574364594b556d51703074357652366f4535706d486d64356c63556775457956727471465372364c4d55714f5877466234310a56554e5050523759794c4d64675566394b6930505a57646e564c5645702f5a4b4959314f61715a4c546e796656376b30492f58515832755736554443614331410a51426c6a7a456672443267556347392b464c7062357144736947557968684c422b6e4d31474e506e5a76496c437070442b30743378454938372b6567354e38360a7958426375346f2f4f3772765670503137477268774b7559783052484442536342446f2f57524e454f726e382f51396a51556c727930362b3043685659592b520a3332386c4841426b616f482f724236354a5345434177454141614f4341526b77676745564d416b4741315564457751434d4141774377594456523050424151440a41674f6f4d4230474131556444675157424254747a574e487a644576746a41417467564442784e55544a3078696a427442674e5648534d455a6a426b674252640a70393177426c45796675653262624f31356542673669354e3736464a704563775254454c4d416b474131554542684d43513067784754415842674e5642416f540a45457870626e563449484e30636d39755a314e3359573478477a415a42674e5642414d54456e4e30636d39755a314e3359573467556d397664434244515949420a4144416442674e5648524545466a415567684a7a64573475633352796232356e6333646862693576636d6377457759445652306c42417777436759494b7759420a42515548417745774f51594456523066424449774d4441756f4379674b6f596f6148523063446f764c324e796243357a64484a76626d647a643246754c6d39790a5a79397a64484a76626d647a643246754c6d4e796244414e42676b71686b6947397730424151734641414f4341514541566e652f35484b706b6276373565486b0a783434614d565754304442365346366e58724f51537a46374f563146794e6a32766962413967416169566e4258502b723739384d447477442f304e333354516c0a5149523272474a716b6f63734354635569515736784c444f36416d4a434241614a62633552456a4e542b486e646a6a4d73516a6e314e795938685162796f77310a5a4f513534337a43592b416c3741335963557449534c4c4834454d4950334f6e3150464d3272574d557131486f536f326b6c374177762b6f6b766f71783653660a372f53326d6a33645947762b356541566f676b424c336d52435845704748432b3665365657356e475953594952506b425244324634696d42342b4b59555237340a47526f706f616574482f5446526244716953574266324c33506f3274584550696649766b6761765558496e2b7464674d6851394270564e3879456750584c4d350a5764616656673d3d0a2d2d2d2d2d454e442043455254494649434154452d2d2d2d2d0a'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=sun.strongswan.org' */
- 1, X'2d2d2d2d2d424547494e205253412050524956415445204b45592d2d2d2d2d0a4d4949456f77494241414b4341514541787949674248314b577a4d4d6d4559533147723134495542673132307664734c754e7751757a7532327149486e5749420a5342324c306c6b4c4f42593041596433776939454e586e62304d4f4a5446664535594a316770535a436e53336d39487167546d6d59655a336d5678534334544a0a5775326f564b766f7378536f35664156766a56565130383948746a4973783242522f30714c51396c5a3264557455536e396b6f686a553571706b744f664a39580a7554516a3964426661356270514d4a6f4c5542414757504d522b73506142527762333455756c766d6f4f79495a544b4745734836637a5559302b646d3869554b0a6d6b503753336645516a7a763536446b337a724a63467937696a3837757539576b2f58736175484171356a485245634d464a77454f6a395a4530513675667a390a44324e425357764c547237514b4656686a354866627955634147527167662b7348726b6c4951494441514142416f4942414159643054667946542b5a344e416f0a6a746d4263343379352b6e2b4464677243304168576b3431396c62653154634c564a692f6435543963532f473174415a4e6839377a692b4b5436736f356d57320a36484259516e3342544c5961676131436c46356c772b754c3561364c5047586f4c547369773648654b656165517458564f7757396f36484f70455433536172650a78434c4f3775573162467278764a4e59795950794950657a4b656c7a70744d3346536d562b5a336b7a6a47623944706977426268344466626e326a512f62412f0a3061576b4d53343078706a5533746a2f506556477042424731675641526f5978715178773162666c556a46556f44543659346154706764615032766335546d730a434d3052437a443745745163643352785a52344275365a66763839672b386f4a5a43655536535a464451384e64692f3841567370766b326f6a767a34726b66520a2b484c515850554367594541366d722f45376231747261504241692f4f445875386b576a32506f34744e6a627745695a357847626731745448735473547046560a70754c54625365756978525843544f4353666a504d2b4d354f35586d594b71376871722f4f63395342312f636c314a5177446e42502b475a6e32506861702b7a0a76515668534f367a63796b6f65414f4147416967354e7279574956796d7451697a6c5059387a735934744f474a4976454e437677526a634367594541325865410a37746843562b594e6c685a6b666b48456856626b58734d64637a4a3562305272374d48397261346b526e4a6a4e534f573042317361512b6a7841704e34684b4c0a3953507a62474b6b78522f324f4935576e5970764863384c48544a6259644d6f5968492b304b5a2f6559505536396f42344f4253545764597745452f6d6952580a7646575a4d4f7051317071766f4a7444555a636c75556870765a396479382f4c52486833773263436759416d5a4f7675594c4d53414169676b6f5976514c596f0a5044752f324176646f76387247546b4c335a68704256597833664d4f55304f43462f696c456a44475773682b6d30386c716e6a56654d767739485a4e4d756d500a2f77586168426864574e6761654d4c394750694c362f6c7258384b563468356751546454364c532f6b656773372f58552b655451567751476436547a737663590a634364436631567549564d4250567366614772734e514b426751432b446738457273507368675a427358684b5437677377472f39305a416661584676714f435a0a6e6b44535657736d6c6a6e56367a435732654178515a586963773732455464344774395854693671695042724a52725676484b34486f616345624b446f454f650a306b744c6c76653566316e4b646c464638305a366c324f64516d6b506b63754c73564f637947753134714b7a506e357242436e583845315a68376f3173586a340a636b425936514b42674578646d3064624b476a4866502b674e2b66363973457548345846526d497853447a6a312f2f5a5555523452616e374f496b41457937630a592f536d7534556863654a5336612b4f6a475164684b2f777a4e567850372b41572b644c2b4a704f4c2b4e7533544c39754d674e46436c42315930744a3777440a504a506d6b7536493334364a792f305343636c67655851505244356b484169784144634f746b536e6b6a6f6a776a3856524150500a2d2d2d2d2d454e44205253412050524956415445204b45592d2d2d2d2d0a'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 6
-);
-
-/* Proposals */
-
-INSERT INTO proposals (
- proposal
-) VALUES (
- 'aes128-sha256-modp3072'
-);
-
-INSERT INTO proposals (
- proposal
-) VALUES (
- 'aes192-sha384-modp8192'
-);
-
-INSERT INTO proposals (
- proposal
-) VALUES (
- 'aes128gcm16-modp3072'
-);
-
-INSERT INTO proposals (
- proposal
-) VALUES (
- 'aes192gcm16-modp8192'
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_SUN', 'PH_IP_MOON'
-);
-
-INSERT INTO ike_config_proposal (
- ike_cfg, prio, prop
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO ike_config_proposal (
- ike_cfg, prio, prop
-) VALUES (
- 1, 2, 2
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, mobike, dpd_delay
-) VALUES (
- 'net-net', 1, 5, 4, 0, 30
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-1', '/usr/local/libexec/ipsec/_updown iptables', 0, 0
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-2', '/usr/local/libexec/ipsec/_updown iptables', 0, 0
-);
-
-INSERT INTO child_configs (
- name, updown, start_action, dpd_action
-) VALUES (
- 'net-3', '/usr/local/libexec/ipsec/_updown iptables', 0, 0
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 2
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 3
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 1, 1, 3
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 2, 1, 4
-);
-
-INSERT INTO child_config_proposal (
- child_cfg, prio, prop
-) VALUES (
- 3, 1, 4
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010000', X'0a01000f'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010010', X'0a01001f'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a010200', X'0a0103ff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a020000', X'0a0201ff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES (
- 7, X'0a020200', X'0a0203ff'
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 4, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 2, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 4, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 3, 3, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 3, 5, 0
-);
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* sun.strongswan.org */
+ 2, X'73756e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=sun.strongswan.org' */
+ 11, X'SUN_SPK_HEX'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_PEM_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=sun.strongswan.org */
+ 1, 1, X'SUN_CERT_PEM_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=sun.strongswan.org' */
+ 1, X'SUN_KEY_PEM_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 6
+);
+
+/* Proposals */
+
+INSERT INTO proposals (
+ proposal
+) VALUES (
+ 'aes128-sha256-modp3072'
+);
+
+INSERT INTO proposals (
+ proposal
+) VALUES (
+ 'aes192-sha384-modp8192'
+);
+
+INSERT INTO proposals (
+ proposal
+) VALUES (
+ 'aes128gcm16-modp3072'
+);
+
+INSERT INTO proposals (
+ proposal
+) VALUES (
+ 'aes192gcm16-modp8192'
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_SUN', 'PH_IP_MOON'
+);
+
+INSERT INTO ike_config_proposal (
+ ike_cfg, prio, prop
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO ike_config_proposal (
+ ike_cfg, prio, prop
+) VALUES (
+ 1, 2, 2
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, mobike, dpd_delay
+) VALUES (
+ 'net-net', 1, 5, 4, 0, 30
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-1', '/usr/local/libexec/ipsec/_updown iptables', 0, 0
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-2', '/usr/local/libexec/ipsec/_updown iptables', 0, 0
+);
+
+INSERT INTO child_configs (
+ name, updown, start_action, dpd_action
+) VALUES (
+ 'net-3', '/usr/local/libexec/ipsec/_updown iptables', 0, 0
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 1, 1, 3
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 2, 1, 4
+);
+
+INSERT INTO child_config_proposal (
+ child_cfg, prio, prop
+) VALUES (
+ 3, 1, 4
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010000', X'0a01000f'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010010', X'0a01001f'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a010200', X'0a0103ff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a020000', X'0a0201ff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES (
+ 7, X'0a020200', X'0a0203ff'
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 4, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 2, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 4, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 3, 3, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 3, 5, 0
+);
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 11, X'5c597062572d2a249c5c94569b895ee5c505b6bd'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=carol@strongswan.org */
- 1, 1, X'308204223082030aa003020102020130300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135303533365a170d3139303832363135303533365a305a310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e3111300f060355040b13085265736561726368311d301b060355040314146361726f6c407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001a38201063082010230090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e041604145c597062572d2a249c5c94569b895ee5c505b6bd306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301f0603551d110418301681146361726f6c407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010055a93c340d100113073090cb03917d72217e2538301a76f4aafcf3ff3377ba56864e5c1a61290bea80081a0a993ebc05e81cd3c89a0faf4557986c8792d04da5328e67290bbb302b3c4692fdecf3072fb365cd10624be0822916821e094980266d7f0735b1aa67adc85e32865ab7e1b28e7c8a54d4c987f42d1a6e502fd0d129ad76e41f604bd16d753d01921c48b19e13b0439e4eabf97478b16dcef1f8cc044cbe80c4dada3ea7c86edefc727b080773e92316184e50d5636170af61b4462f629c433f199140b09494892ca84ea42cc99873cce984fe62b8d09b41bfe960fa93ce6b8b42f30f3dd8a10ab27457f5dc57f94eafaf742da088cdc20f2abdc52e'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=carol@strongswan.org' */
- 1, X'308204a40201000282010100b7f3d43717cadfec3802e2d4867f45cb8f6b99bee1f892493db05565ab970de15237a2c0b7e0a0baed29a197e22f80b7cd99a25da675b1171693bef6ac579623f6bb47dec6a3f8981b99bacdc42c0f3610e2f4950d9a8408bc3b7a9a7e40cc05282fa1e26913035ed34520879de0ee14fb770f2d4a070f1aa4245aeb4820a4fd4fa7bf1db1cd8d1b58970f59947b29f204988e0fd0eaf57aa1fb6db9e3140fd351bfcc3663beab9d14665067f71a5345166831667b42251b9896d9f157b55c085a29a726ae62dfdf3e68c0c5b3d1ba11ca69c9f3233abcdc8c5fe5f4a3313965b8609f5855ff34610d5da981a8286444b1e6b821cd7b1c51a7db361754b5d2110203010001028201003f9bdaf82a0c071e61c7edb3dbc64ad63703d8283f6f7af64494a3130320bab5fd7e2b9344823252310c424a88f630265ebc0f7f1ebe77bc2a1c70de4f7e01f6f1ac950f9dd4b973afa79b06e81cec2d9fed3af207c03483e8c3108437c0244c6c36fc5d9443f4d86769f1f3b34e42459326fa6288c4a41e6c3ffe0879ea7fe25a02139cbe3c62e8959766c79c4987b83e248478582f074f4da0e945ee361731583c750aca01c0f56a0eb1a14f5b943a5caffcfafb557c8cf7d7ac9769e463287c694cf3ec8f3627d3339945bb706e89afb5a221710b84f946f7be26623e582ba560c5acc4ca0e943e13105986a3d6755458e3dd12a12a97055206ba2edf02d902818100da39de9827fd7560925b6643238109e12ea06df26cac90fa757dd8fa2072d5555c2a62f426167945590bafe581b2acbb52deb825ed99cb7cf47599e97929f5aec846ce2d7063b3b1ed80858039c6123ea5f823d0b8106d22abe212d838401ef9036722156b16e524db5e2384a5ae2d93a1bee91eaf83bc2d9f5b7caaa47113af02818100d7cb36691879640f5b4182035c61cdcec0d04f52ff42b6aad18d4015818fe245ef76947cca2dbb77e4845c0d98d7d432f39c57ab0d7b9e122d3d25be303e1ec9d0f1fdf1bf315219488de65a2fb68c654afebe4bf422959e95db0d88e782c14028ab0326eb76842ab93f3b04b9aaef2075a3e8b3619588d9dc9c98f4caea263f02818100d4e96320e6db665adb50ab7c53b681321f70ccf49a4cdf824d818461bda8ec35451fe1bdbd2f6e1057e98c2b0a988de891d8d4a7c4a2a9a3774b09e87d9b8fa580a77c5f5ee917984055856aee732eb7caec47dd4ac8540260dac87206a7a0d0691e85658a3f23400b7b548205b7e3a5c748615fdbf45673d8a7c501244162e7028181009fdd2cdee8c1ad4def15f5a255c322fbc33dcf3636628efeb725444f6a5f548ae8ded91c258f81ad4d3e7d0f99a672ce9848bf6dba1c553b340673ba94f4c04c549da1ba8120a1a89766803b59d38be8d2892c230aa6c05eeeb78c2c5b0e33ea3af68dec3c4ddd95e50ca1c55b62f5a9ff5cc15c7ab393e18a1cfcf78487b87302818051fe2f4ccdf6f253640c7c97434fec3e4f2d3149d699e662af1860605d90986f32b4052b670d4cf7e690419ad9a7a872c0f44ceb897c65038295ad6a19774da51a66e6c50a4dfc789542e2dc0015aa3a38311080c95b223a086bc3743c1b86b863f778a84cae36404d869654a7f95542bf9feedb98fefad2daf4d9ef197e929a'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_CAROL', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'home', 1, 4, 6
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 11, X'CAROL_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=carol@strongswan.org */
+ 1, 1, X'CAROL_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=carol@strongswan.org' */
+ 1, X'CAROL_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_CAROL', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'home', 1, 4, 6
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 11, X'ec16639928815e01cc0227c0b9cb1feab7987037'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=dave@strongswan.org */
- 1, 1, X'308204223082030aa003020102020131300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373135313230325a170d3139303832363135313230325a305b310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e31133011060355040b130a4163636f756e74696e67311c301a0603550403141364617665407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e56430203010001a38201053082010130090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414ec16639928815e01cc0227c0b9cb1feab7987037306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d1104173015811364617665407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b0500038201010042a0be7f8ebc627b4aeaac2c0a500f53043041281319f71e707404233fd2fc6f6d10e120e9d6f023845afe031828c3bea9a8768b0eb77ba85284b01b653741b965739a548d3196869e7f52b5d779a44af62a6ef519362fda4dbddbb48e27ac27ed8f9f0400cf1396f6168cc3a22d83c084dfed7ce4d3694ce862e459f6feb77c762edd488cbcda23034bb139eaf245175b71079cbb89361010a39a436ef8490da0b36f18e0b8b048eaec6cb89f9db1793b8efeb23b788b7b0944b7f63f4eb6229025f2d5221d18cfea39963885d0eca8c64a581bf729a1589bd5165da8bd43b07116710c5807ef12486fed78bc62348671bcf1d47b3be2d3d1de92cc5dbc0ef7'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
- 1, X'308204a40201000282010100d63cdc4dc584cd5fb5e205add1d242130f196297d6083e254f3d20ad7be17fe4fd80c1f1f6fc774a266f02af82053b93929b01c9da5411b402f4666feaa45dd45988402524ea91d98adf941f8e30dedb9cf98341e908d3d4f30c9b7d6b50b5f5e2319942768760de0c0127c6ba69d70b0a9d605de3c31e6218e4004ad1871f00f199416e4772190243fb2f06b69d22592e2bcfc6a2190d2f612f8ff435643096db1a19766aac1563e177df9fff2d51b6e38fb2cd74dfd68f1a2f03e5d7e3c77206af37e33beba6376ea239607821d821094c26817f8ce8a1305243a4ebd5c43907ffd5e75f49d71fee87fff60a91105db15816253790b9934cfcfda5c99e564302030100010282010100b628d1791f35281af55fd54c5257e0eeababfdf4f47bd5bb8b808244804ce09e281e4eca1a23d89a27cbc410cf10fbf32278c2308b7f67fe137513949d825c75ae1af7cf9d7005cb5f1573b0d10a24b3bee938fdd5d337aa9d6e5ed769641b1392dc715fddc08650c70c4471e9170d4dca1cbe4f96d5d503bbfe41715c6ef3a01e1b304b7f7d0f2ccd2192dfce9c3e5c5663c93a1284652fb0b50b68cfb093b6a20a4085bc37717b180255ecc5b8e10ffbc7dd68a8592775bc6a392da9b4cf36b391d3758a16f5c7b664727db3cfe2dce317f15bf26e9ba2592c785a22dcde728256b87af70a2f3ba2d30434e60c04f1f0e9ace4163d542017d72a48924ebb6102818100fef9ec239ad2bb059962fe1b9327fca60b47ff83c8238213e9976fc8443efb640faaa69447d1e65f477e7f004683858ab5d25b082d1582071eb294e10b69fe4009823f7a329a66b0e755f51a3ddbba2f367a7a5171903cce53fde7a666d33f64633f2541dd4d66b9645a6db2039c371e9fd2b84ef8b6ce3c2c733c1c2df1b0bd02818100d71910a4d9045e8c4ff85aa9bfb5fe2208a12ed123e0279e21d8dd623aca860a1094cbc4fceb104caf4d6bf2a302280365d7d603670ef76c748c98f435c7627e1286c79b16162b433723cc4dd7dc91d71d21003dc85dab8b2bcb43e8c8b66f5eb82703bc7faa577e08983b53f2f575acb6105ff5e005eb6cfa065b17495a12ff028180722a35313c015efc02d1f035288e9ef139dbe2ec7e90678dc2e9ab83600b53445a3f6e96b611a5b4c3ae3fef3fa36407d7a1786110ceb089bf94f6544d68080f64328d79896ed8cc1cc8c0161fdc6261016395a121d81361cef9c0df20eb35571d990875954132dd8fb16dac67316afcab530e734da98c6e24f8f3d12a412d810281810087313ad3d18ebc7a461d1ba6cb56f0b6a563e15013d3643330a4e46843f95c8be0e614b8e81a3a31689129c2e40f8be4aed31cb120ca385ad35a371c6edcb59bf5bafea40c1abcf04f2cd1d12f5673d7977851758384d437f1bb9d20275efadab6b5d6d4580d515666c27faf80ea241efc83883cbaa41dd76dc226e898f2e33302818079d917d98e48201e6a1fd3fef3c1af4c1dd79c74b783db0d54d41f3b6febb849e74487f300241e6430472d6a1dacb57fa32c93f897431e65f41fdf4d0cf8206eeaaf17ca0c3cdab5abf5f3229bc4b18fad56b3e823e46ed8d8ca373a1994675609d01aefe308285bdfcd86fec468e25d69112a5ba275031d8642620597ef2f2c'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_DAVE', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'home', 1, 4, 6
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
+ 11, X'DAVE_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=Linux strongSwan, CN=dave@strongswan.org */
+ 1, 1, X'DAVE_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=dave@strongswan.org' */
+ 1, X'DAVE_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_DAVE', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'home', 1, 4, 6
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'308204223082030aa00302010202012b300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343435365a170d3139303832363134343435365a3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f0203010001a382011a3082011630090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414d8263d21ec7cdbbe5a390c5b70cb038021deae13306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d110417301582136d6f6f6e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b05000382010100a99e3e8d73e3ee3cb3e2e04de0e61c8992be55672ed24a095cb35bb254fda67f08fa251f522dde7e24eb0bd5a0939b4cbda8b72a75b1c1c46f222cd2edc15294decd615781083b7b1a1dee175048f137d6c3b4b584a1eab98a99985fc449fdf5ca47cffcbeeac10113f6c6ed7ec2ac048729a9e230661742d5a2f4f5fa8f86847ebacc8267c77cd1f41b5f32469e2faf34e21af1db281ea297a86ee1af30343c1dc9cc07d394ed8f1f2b4a18d6450b97a85fdfa2b90293c0ebbebab1144a46f0522a599588a4904eae5ae1cf200960196ed753f8dfdf6bc84a0e566de6ad741208d3a837c64e3e74c4abc09deabb5dd7ca9986069c85a834b63d81af0d3b35fc'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f02030100010282010004035ea5faaf11950d0ead7d0dea6d252e29a56138c393e40e99489a50c9c63e09856c2cd90ca17b335fa9540e1947fcb7ad7267b4dce00a30cefb2469fdc18cc78fe45cac3b84f796366e1fe887575685a19ea16ea96d2c29bc3d05ce440aa40365382affe5b96d57199b9c77ed23fb0606f5101886a5e7739113e8e0575f922ba234a00216882a54da866960c02da7b5b13a782c009686b64fff9b67241fe4fcb951f07bd809f47667124f88a3a05749c30d36bb1b77627ea50ef9c105dfcc71331c08fe125856ce1b5ce5779fa87c3f0dfa4f0d7fe56f2dd5a12a1a82acec56e531ecbca5833203c53b1bf4741538b8c3cce43ebe7db65e3ee0502123c0b902818100d84660baecc97714485814a7232ce90b37ea9b4120c9ba5e2ee2557f35a56b4c8a588e8078b85672bfbba3d504f270901d57df22b8235a4b2373f4b9161cc2f536121e93daf133e079b4d02b85719cff50921fd74692630aa809f24d8c6257876316be00a42fff6e723612dda3090d474894d646e269844930fd168a0026740502818100c2b25e6372c06b03a46a52453054ed2d7b2a644f754c5c0cb7d4d09f3cac187dd0ebef4dfaaca94b92827aceb9d3eaa0af005546644d7358b1ca54e83f707404a639383fc1c0cc752ffcd23b7c7b2386436ac0aedf7cb6ba418b7154b1af14cf4c675df1f8448953b50835dc334f3f9127906b4e3d27cce263733ee0d0dc865302818100c365423b5f76dd38dbeb882d40e070640c4ecf99d5cfabab2fdc98b5e777de2b36caaf646eaccc9dbb9001829187a01ef403d1bb02761e3bc87a18dda796b0a4ee070ccd347fbb08d1ac846eed8f29f2998e8b69e97e9430aa84e1ff22182f50483be1c99e8d26cf582c767afbb34fe5d9336f2c779e3140171c716298a42529028180724a107c62552fbca09c4515166d141959aea5d9baea8b32700b3e37eb7ebe95c4b96aeda4940c812f4ce6d8495f6be0cd39edd4f7763b9aba2b22b27ee2fd47e967b76c3dc9767be8228a2a9f450db2780ac7771ffbeeabe16400b00de9cfd66c6c554a8049832f9f1a65bb906719d2949e034f9738b0ddc831539cd71e4cbf0281807b9d01a2ef8a8228a41a58cceb0ad8eb449fa350ed2c07d012c452e947cac687a9a9f9a04c663356e661e8af30373d863d182d7038eebc901d3c78bc1e4dbf74c8fcba141ba56b0af66fa1c40e5defe7ed382ec008c98fb79f139e46cbc9570d110dc8930fd6f89fdcdda21fc790d4049ff24ffe82704d9234a56124905037d5'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'rw', 1, 4, 6
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'rw', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'rw', 1, 4, 6
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'rw', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-/* Shared Secrets */
-
-INSERT INTO shared_secrets (
- type, data
-) VALUES (
- 2, X'4172336574546e703031716c704f6762'
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_CAROL', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, auth_method
-) VALUES (
- 'home', 1, 4, 5, 3
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+/* Shared Secrets */
+
+INSERT INTO shared_secrets (
+ type, data
+) VALUES (
+ 2, X'4172336574546e703031716c704f6762'
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_CAROL', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, auth_method
+) VALUES (
+ 'home', 1, 4, 5, 3
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, X''
-);
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'308204223082030aa00302010202012b300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343435365a170d3139303832363134343435365a3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f0203010001a382011a3082011630090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414d8263d21ec7cdbbe5a390c5b70cb038021deae13306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d110417301582136d6f6f6e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b05000382010100a99e3e8d73e3ee3cb3e2e04de0e61c8992be55672ed24a095cb35bb254fda67f08fa251f522dde7e24eb0bd5a0939b4cbda8b72a75b1c1c46f222cd2edc15294decd615781083b7b1a1dee175048f137d6c3b4b584a1eab98a99985fc449fdf5ca47cffcbeeac10113f6c6ed7ec2ac048729a9e230661742d5a2f4f5fa8f86847ebacc8267c77cd1f41b5f32469e2faf34e21af1db281ea297a86ee1af30343c1dc9cc07d394ed8f1f2b4a18d6450b97a85fdfa2b90293c0ebbebab1144a46f0522a599588a4904eae5ae1cf200960196ed753f8dfdf6bc84a0e566de6ad741208d3a837c64e3e74c4abc09deabb5dd7ca9986069c85a834b63d81af0d3b35fc'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f02030100010282010004035ea5faaf11950d0ead7d0dea6d252e29a56138c393e40e99489a50c9c63e09856c2cd90ca17b335fa9540e1947fcb7ad7267b4dce00a30cefb2469fdc18cc78fe45cac3b84f796366e1fe887575685a19ea16ea96d2c29bc3d05ce440aa40365382affe5b96d57199b9c77ed23fb0606f5101886a5e7739113e8e0575f922ba234a00216882a54da866960c02da7b5b13a782c009686b64fff9b67241fe4fcb951f07bd809f47667124f88a3a05749c30d36bb1b77627ea50ef9c105dfcc71331c08fe125856ce1b5ce5779fa87c3f0dfa4f0d7fe56f2dd5a12a1a82acec56e531ecbca5833203c53b1bf4741538b8c3cce43ebe7db65e3ee0502123c0b902818100d84660baecc97714485814a7232ce90b37ea9b4120c9ba5e2ee2557f35a56b4c8a588e8078b85672bfbba3d504f270901d57df22b8235a4b2373f4b9161cc2f536121e93daf133e079b4d02b85719cff50921fd74692630aa809f24d8c6257876316be00a42fff6e723612dda3090d474894d646e269844930fd168a0026740502818100c2b25e6372c06b03a46a52453054ed2d7b2a644f754c5c0cb7d4d09f3cac187dd0ebef4dfaaca94b92827aceb9d3eaa0af005546644d7358b1ca54e83f707404a639383fc1c0cc752ffcd23b7c7b2386436ac0aedf7cb6ba418b7154b1af14cf4c675df1f8448953b50835dc334f3f9127906b4e3d27cce263733ee0d0dc865302818100c365423b5f76dd38dbeb882d40e070640c4ecf99d5cfabab2fdc98b5e777de2b36caaf646eaccc9dbb9001829187a01ef403d1bb02761e3bc87a18dda796b0a4ee070ccd347fbb08d1ac846eed8f29f2998e8b69e97e9430aa84e1ff22182f50483be1c99e8d26cf582c767afbb34fe5d9336f2c779e3140171c716298a42529028180724a107c62552fbca09c4515166d141959aea5d9baea8b32700b3e37eb7ebe95c4b96aeda4940c812f4ce6d8495f6be0cd39edd4f7763b9aba2b22b27ee2fd47e967b76c3dc9767be8228a2a9f450db2780ac7771ffbeeabe16400b00de9cfd66c6c554a8049832f9f1a65bb906719d2949e034f9738b0ddc831539cd71e4cbf0281807b9d01a2ef8a8228a41a58cceb0ad8eb449fa350ed2c07d012c452e947cac687a9a9f9a04c663356e661e8af30373d863d182d7038eebc901d3c78bc1e4dbf74c8fcba141ba56b0af66fa1c40e5defe7ed382ec008c98fb79f139e46cbc9570d110dc8930fd6f89fdcdda21fc790d4049ff24ffe82704d9234a56124905037d5'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Shared Secrets */
-
-INSERT INTO shared_secrets (
- type, data
-) VALUES (
- 2, X'4172336574546e703031716c704f6762'
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 1, 7
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote, certreq
-) VALUES (
- 'PH_IP_MOON', '0.0.0.0', 0
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, eap_type
-) VALUES (
- 'rw-eap-aka', 1, 4, 6, 23
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'rw-eap-aka', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, X''
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Shared Secrets */
+
+INSERT INTO shared_secrets (
+ type, data
+) VALUES (
+ 2, X'4172336574546e703031716c704f6762'
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 1, 7
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote, certreq
+) VALUES (
+ 'PH_IP_MOON', '0.0.0.0', 0
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, eap_type
+) VALUES (
+ 'rw-eap-aka', 1, 4, 6, 23
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'rw-eap-aka', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-/* Shared Secrets */
-
-INSERT INTO shared_secrets (
- type, data
-) VALUES (
- 1, X'16964066a10de938bdb2ab7864fe4459cab1'
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_CAROL', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, auth_method
-) VALUES (
- 'home', 1, 4, 5, 2
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+/* Shared Secrets */
+
+INSERT INTO shared_secrets (
+ type, data
+) VALUES (
+ 1, X'16964066a10de938bdb2ab7864fe4459cab1'
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_CAROL', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, auth_method
+) VALUES (
+ 'home', 1, 4, 5, 2
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-/* Shared Secrets */
-
-INSERT INTO shared_secrets (
- type, data
-) VALUES (
- 1, X'8d5cce342174da772c8224a59885deaa118d'
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 1, 5
-);
-
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_DAVE', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, auth_method
-) VALUES (
- 'home', 1, 4, 5, 2
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+/* Shared Secrets */
+
+INSERT INTO shared_secrets (
+ type, data
+) VALUES (
+ 1, X'8d5cce342174da772c8224a59885deaa118d'
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 1, 5
+);
+
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_DAVE', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, auth_method
+) VALUES (
+ 'home', 1, 4, 5, 2
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 11, X'd8263d21ec7cdbbe5a390c5b70cb038021deae13'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=moon.strongswan.org */
- 1, 1, X'308204223082030aa00302010202012b300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343435365a170d3139303832363134343435365a3046310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311c301a060355040313136d6f6f6e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f0203010001a382011a3082011630090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414d8263d21ec7cdbbe5a390c5b70cb038021deae13306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301e0603551d110417301582136d6f6f6e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b05000382010100a99e3e8d73e3ee3cb3e2e04de0e61c8992be55672ed24a095cb35bb254fda67f08fa251f522dde7e24eb0bd5a0939b4cbda8b72a75b1c1c46f222cd2edc15294decd615781083b7b1a1dee175048f137d6c3b4b584a1eab98a99985fc449fdf5ca47cffcbeeac10113f6c6ed7ec2ac048729a9e230661742d5a2f4f5fa8f86847ebacc8267c77cd1f41b5f32469e2faf34e21af1db281ea297a86ee1af30343c1dc9cc07d394ed8f1f2b4a18d6450b97a85fdfa2b90293c0ebbebab1144a46f0522a599588a4904eae5ae1cf200960196ed753f8dfdf6bc84a0e566de6ad741208d3a837c64e3e74c4abc09deabb5dd7ca9986069c85a834b63d81af0d3b35fc'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100a47c05fac51741d1fe5b063374f333a63bb08461af1e0b2605a875210b0fb1d74bf6067281eaf3a53335bef43891b46ebc4dd26562dff6e2846e2415f48001afcecbf4902f6b9e841c802250cb86f168b355b20a22142565cf12da6230016d0973a1269e826ff63e85fed543f7eeb1bcc25bc072e2d21ec150ef6d0552cfcbbd9878634163a0a86f80ab3ae14e2720027b327b8bdbd9f97cce7e75e9bbba8bd038183ff9f699a3c4246122bd316e9e4243fe627c0de7322d341c721b028f6d75f0132e7f6aa3567e1458f08106e87260ae70b004c1d4035e02d9457e01fec2cb878d9c2d4c9aeed399461c1677176859f4f3baf215476c86598fa481f17e3b9f02030100010282010004035ea5faaf11950d0ead7d0dea6d252e29a56138c393e40e99489a50c9c63e09856c2cd90ca17b335fa9540e1947fcb7ad7267b4dce00a30cefb2469fdc18cc78fe45cac3b84f796366e1fe887575685a19ea16ea96d2c29bc3d05ce440aa40365382affe5b96d57199b9c77ed23fb0606f5101886a5e7739113e8e0575f922ba234a00216882a54da866960c02da7b5b13a782c009686b64fff9b67241fe4fcb951f07bd809f47667124f88a3a05749c30d36bb1b77627ea50ef9c105dfcc71331c08fe125856ce1b5ce5779fa87c3f0dfa4f0d7fe56f2dd5a12a1a82acec56e531ecbca5833203c53b1bf4741538b8c3cce43ebe7db65e3ee0502123c0b902818100d84660baecc97714485814a7232ce90b37ea9b4120c9ba5e2ee2557f35a56b4c8a588e8078b85672bfbba3d504f270901d57df22b8235a4b2373f4b9161cc2f536121e93daf133e079b4d02b85719cff50921fd74692630aa809f24d8c6257876316be00a42fff6e723612dda3090d474894d646e269844930fd168a0026740502818100c2b25e6372c06b03a46a52453054ed2d7b2a644f754c5c0cb7d4d09f3cac187dd0ebef4dfaaca94b92827aceb9d3eaa0af005546644d7358b1ca54e83f707404a639383fc1c0cc752ffcd23b7c7b2386436ac0aedf7cb6ba418b7154b1af14cf4c675df1f8448953b50835dc334f3f9127906b4e3d27cce263733ee0d0dc865302818100c365423b5f76dd38dbeb882d40e070640c4ecf99d5cfabab2fdc98b5e777de2b36caaf646eaccc9dbb9001829187a01ef403d1bb02761e3bc87a18dda796b0a4ee070ccd347fbb08d1ac846eed8f29f2998e8b69e97e9430aa84e1ff22182f50483be1c99e8d26cf582c767afbb34fe5d9336f2c779e3140171c716298a42529028180724a107c62552fbca09c4515166d141959aea5d9baea8b32700b3e37eb7ebe95c4b96aeda4940c812f4ce6d8495f6be0cd39edd4f7763b9aba2b22b27ee2fd47e967b76c3dc9767be8228a2a9f450db2780ac7771ffbeeabe16400b00de9cfd66c6c554a8049832f9f1a65bb906719d2949e034f9738b0ddc831539cd71e4cbf0281807b9d01a2ef8a8228a41a58cceb0ad8eb449fa350ed2c07d012c452e947cac687a9a9f9a04c663356e661e8af30373d863d182d7038eebc901d3c78bc1e4dbf74c8fcba141ba56b0af66fa1c40e5defe7ed382ec008c98fb79f139e46cbc9570d110dc8930fd6f89fdcdda21fc790d4049ff24ffe82704d9234a56124905037d5'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Shared Secrets */
-
-INSERT INTO shared_secrets (
- type, data
-) VALUES (
- 1, X'16964066a10de938bdb2ab7864fe4459cab1'
-);
-
-INSERT INTO shared_secrets (
- type, data
-) VALUES (
- 1, X'8d5cce342174da772c8224a59885deaa118d'
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 1, 7
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO shared_secret_identity (
- shared_secret, identity
-) VALUES (
- 2, 8
-);
-
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote, certreq
-) VALUES (
- 'PH_IP_MOON', '0.0.0.0', 0
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'rw', 1, 4, 6
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'rw', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 11, X'MOON_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=moon.strongswan.org */
+ 1, 1, X'MOON_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Shared Secrets */
+
+INSERT INTO shared_secrets (
+ type, data
+) VALUES (
+ 1, X'16964066a10de938bdb2ab7864fe4459cab1'
+);
+
+INSERT INTO shared_secrets (
+ type, data
+) VALUES (
+ 1, X'8d5cce342174da772c8224a59885deaa118d'
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 1, 7
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO shared_secret_identity (
+ shared_secret, identity
+) VALUES (
+ 2, 8
+);
+
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote, certreq
+) VALUES (
+ 'PH_IP_MOON', '0.0.0.0', 0
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'rw', 1, 4, 6
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'rw', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+
carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_.eq=1::YES
dave:: ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_.eq=1::YES
-carol::swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.100 local-port=4500 local-id=1f:a1:.*:6e:7c remote-host=192.168.0.1 remote-port=4500 remote-id=6a:9c:.*:29:2e initiator=yes.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*child-sas.*home.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128.*local-ts=\[192.168.0.100/32] remote-ts=\[10.1.0.0/16]::YES
-dave:: swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.200 local-port=4500 local-id=ee:7f:.*:8e:0e remote-host=192.168.0.1 remote-port=4500 remote-id=6a:9c:.*:29:2e initiator=yes.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*child-sas.*home.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128.*local-ts=\[192.168.0.200/32] remote-ts=\[10.1.0.0/16]::YES
-moon:: swanctl --list-sas --ike-id 2 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=6a:9c:.*:29:2e remote-host=192.168.0.200 remote-port=4500 remote-id=ee:7f:.*:8e:0e.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*rw.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128.*local-ts=\[10.1.0.0/16] remote-ts=\[192.168.0.200/32]::YES
-moon:: swanctl --list-sas --ike-id 1 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=6a:9c:.*:29:2e remote-host=192.168.0.100 remote-port=4500 remote-id=1f:a1:.*:6e:7c.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*rw.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128.*local-ts=\[10.1.0.0/16] remote-ts=\[192.168.0.100/32]::YES
+carol::swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.100 local-port=4500 local-id=..:..:.* remote-host=192.168.0.1 remote-port=4500 remote-id=..:..:.* initiator=yes.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*child-sas.*home.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128.*local-ts=\[192.168.0.100/32] remote-ts=\[10.1.0.0/16]::YES
+dave:: swanctl --list-sas --raw 2> /dev/null::home.*version=2 state=ESTABLISHED local-host=192.168.0.200 local-port=4500 local-id=..:..:.* remote-host=192.168.0.1 remote-port=4500 remote-id=..:..:.* initiator=yes.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*child-sas.*home.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128.*local-ts=\[192.168.0.200/32] remote-ts=\[10.1.0.0/16]::YES
+moon:: swanctl --list-sas --ike-id 2 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=..:..:.* remote-host=192.168.0.200 remote-port=4500 remote-id=..:..:.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*rw.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128.*local-ts=\[10.1.0.0/16] remote-ts=\[192.168.0.200/32]::YES
+moon:: swanctl --list-sas --ike-id 1 --raw 2> /dev/null::rw.*version=2 state=ESTABLISHED local-host=192.168.0.1 local-port=4500 local-id=..:..:.* remote-host=192.168.0.100 remote-port=4500 remote-id=..:..:.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128 prf-alg=PRF_HMAC_SHA2_256 dh-group=MODP_3072.*rw.*state=INSTALLED mode=TUNNEL protocol=ESP.*encr-alg=AES_CBC encr-keysize=128 integ-alg=HMAC_SHA2_256_128.*local-ts=\[10.1.0.0/16] remote-ts=\[192.168.0.100/32]::YES
moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES
moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES
moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of carol@strongswan.org */
- 11, X'1fa1a988d9648cb5a0a2546439b4f23d745d6e7c'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of moon.strongswan.org */
- 11, X'6a9c74d1f8897989f65a94e989f1fac3649d292e'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* carol@strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100d05d594f8117bc78972a3ec479ebe1400e53cf72410b93e6f74fa17cf1ea444fb23600bae92d81747e49a2e4407c3f6118033d22a3e67ce69a53907ffad646bfbc3b6abe0bdd9a5080a690dbd919a9a8e70d9694e319e93e5d9361eff9033ac53fc6cd6c95af574c62effbb72c03d41c3b696fc7aa4444483bbaabde555aef8bce0e9797108d11ecf462c66b37f7c2e812f6ab3280a8c05b207156f0e3a787e9c4638205e40ce466716bc35d8623bd99f3cda9c3dee5c8ac19852cff18c405049c7eae735dc393f5209c13946e4f51da030ad7bf31caf58a203eccea2fc79e71d46a06c5dba85d65397a0adfd4cb5a9517fd3dcf17af8ab7584293026b19ad510203010001'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* moon.strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100ca2f633dd4bbba0586215b15a0312f73f533124f0b339b9ae13bb648b02b4c468e0f01e630fbef92197b7708f5dbffea7e496286966d75acf13bd5e4377a1821d82de102eadf9963b489041a0b0f9f76b79e2150aa39020e3fa52a677dbb879c986291e4f1542fe2f0494e9c5c954d4faa75a17aa7b56652f1b16efbdcb46697f7d0b7f520bc990205365938d2cd31f2beed30e761a56c02d9dc82f0cdefc9d43447b6a98f7628aed2ac127a4a9504838f66e7517e5e0b0672c8165474bce689f73a6fc6e3c72b2c45498ddbbc0b17b04915606fe94f256cc777c42c534560ffbbe5aacdd944cc8db4d2abaf8a294af55b03a6a01a54d78430ab78389753c2870203010001'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of carol@strongswan.org' */
- 1, X'308204a40201000282010100d05d594f8117bc78972a3ec479ebe1400e53cf72410b93e6f74fa17cf1ea444fb23600bae92d81747e49a2e4407c3f6118033d22a3e67ce69a53907ffad646bfbc3b6abe0bdd9a5080a690dbd919a9a8e70d9694e319e93e5d9361eff9033ac53fc6cd6c95af574c62effbb72c03d41c3b696fc7aa4444483bbaabde555aef8bce0e9797108d11ecf462c66b37f7c2e812f6ab3280a8c05b207156f0e3a787e9c4638205e40ce466716bc35d8623bd99f3cda9c3dee5c8ac19852cff18c405049c7eae735dc393f5209c13946e4f51da030ad7bf31caf58a203eccea2fc79e71d46a06c5dba85d65397a0adfd4cb5a9517fd3dcf17af8ab7584293026b19ad51020301000102820101008a86f560a12fd9b2c6b5646395b757db116b7108c1ebe399f3a43275f213d0f4b743a5fa9e1a0dee1823f6b30f984b3ecf0b20330e8aa7515d1adf7fe6915d1a0e17e6a0911cf4823ef5fe6adb8c6f3a86da86d9579f1b6dc622bd4320e79fc411e1a72360e4e1023ce8d60df2aa5cf3a420361ba5bc9b34f6d8e578fc8067aef457ff2a5a91f7c7c8a4f242cc46ab1cff18d6d1a4d8b82b5791df1f18a04b8cb2da235c3a795900fa7ffbbcb4b1d079a504673794eeca5e75c8c16ad2558965453515f57180b8dc518710aa874cd3bcdeddf109d5b553c27a351437f9c1bcdf8940f3ff8632dd59f6c8e01107b4bbf49c6c5409b6e9ecb29eada333800fa5d102818100f5537045d067df4d786df67e1cfea01ce3ca6de3f06be48efd8b4dc48c1ec19a711003875ee202343c851c8f970d2160a2e4d1108da6437af6bccfae803f61fc450582a89aa0906cba65fc7033aa584c1a2a17e96b2f368951aedaa5261f6e1c14999cfa7f4c4091890eff281cb4e6f37209f4b6d5778607caeca0a15137746d02818100d96e379ba5b4ed604d84a7ed71678a1f23391b749a697289bd3bee5d17985af89264f5ec35d3e37b1e44d6fdafec8a78ae199e0bb680f59f9800bb894ba5b31ee964f3ddc142f361835cf49a1edb75330f44f33c26c56e0752ae3fe0df760838b6437b99a131cb544d64da996baf3bc3f5709cc75f134b048cdebbf8bed1a5f502818017e2d8e2a34909cff432d8b62cc289fa661f7695a3fa0d55f2cfd67195a704f8b19b7a8c7aab8cc563431ea5c87249d6abe595898411352ecac9557b4b1760c5fc3e6e1b567addb5086d17a8210fabeb34fcf6390eeb98e6c3e23f7da6f99671fb7b7d725264ad40be548c796e5a1ac6874afaddb6691dceb26e59b17b43e7fd02818100ac90cb559f089fb56510b9eebba8bf78c30dd9fa8b6ad15afc738a551c1af1688357d9cea5520c2374fc91dd3a38f4159fa7f945b68d576458d18c0605a1f72dbb734211680768fea5b1aaf87f31122d7a1af12976640f55848b836b482f778afb2d47f5c077b2b6afce31a8be4c8f949141d54c6eeaf309237ccb973a6b4dd902818025ec4178c7f7c017c46a93fbdb72e2e3b199ae33c9fa6834f81b75b481cd6756124c744c821b126b07ea9852dc58de40cc87f160209d8af3b4bac4862778d3e21cbfdfcdbbfaad8911500f43a43041b88eefb27c66adfffeb9c8add95d1a4ed05f0bd81a4eda79fd4a0885a4a3bad0dcddecf83401c19df721d6cc7163c4125e'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 3
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_CAROL', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'home', 1, 3, 4
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of carol@strongswan.org */
+ 11, X'CAROL_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of moon.strongswan.org */
+ 11, X'MOON_SPK_HEX'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* carol@strongswan.org */
+ 6, 1, X'CAROL_PUB_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* moon.strongswan.org */
+ 6, 1, X'MOON_PUB_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of carol@strongswan.org' */
+ 1, X'CAROL_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 3
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_CAROL', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'home', 1, 3, 4
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of dave@strongswan.org */
- 11, X'ee7f38daeea1b81a41777f78f2674be8439d8e0e'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of moon.strongswan.org */
- 11, X'6a9c74d1f8897989f65a94e989f1fac3649d292e'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* dave@strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100c007f2536f0558e68345d3ef017a175b73434e797f9b97448e720a5985aea76cc0503b8d63b4e239af95db83db0af65f8360e9d941912c121215643a0af32188fc520413e81645ff8e2e623c9362be1b57649530bf54fdad6563106105ace949d7de2895a4771c237090aaa2567bd7d9b08b2ad09f63f61bba87d7462046e89fa4570cb3c8e4322220a737af48c31cd0ec2140f3723b94742c4a14232e1d409f6b53c18aaa63e693fa5d3d06808e948db8273563d33dbd9ac44ecfd71e60426570885898b3e5538767eaf4ef713719e7fd89b32e4e3f60d972ef1617437d4dba14af4691fb8ec275a78552bae9d8aaf71c3d42aca793ef0ad09e1af353daab750203010001'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* moon.strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100ca2f633dd4bbba0586215b15a0312f73f533124f0b339b9ae13bb648b02b4c468e0f01e630fbef92197b7708f5dbffea7e496286966d75acf13bd5e4377a1821d82de102eadf9963b489041a0b0f9f76b79e2150aa39020e3fa52a677dbb879c986291e4f1542fe2f0494e9c5c954d4faa75a17aa7b56652f1b16efbdcb46697f7d0b7f520bc990205365938d2cd31f2beed30e761a56c02d9dc82f0cdefc9d43447b6a98f7628aed2ac127a4a9504838f66e7517e5e0b0672c8165474bce689f73a6fc6e3c72b2c45498ddbbc0b17b04915606fe94f256cc777c42c534560ffbbe5aacdd944cc8db4d2abaf8a294af55b03a6a01a54d78430ab78389753c2870203010001'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of dave@strongswan.org */
- 1, X'308204a50201000282010100c007f2536f0558e68345d3ef017a175b73434e797f9b97448e720a5985aea76cc0503b8d63b4e239af95db83db0af65f8360e9d941912c121215643a0af32188fc520413e81645ff8e2e623c9362be1b57649530bf54fdad6563106105ace949d7de2895a4771c237090aaa2567bd7d9b08b2ad09f63f61bba87d7462046e89fa4570cb3c8e4322220a737af48c31cd0ec2140f3723b94742c4a14232e1d409f6b53c18aaa63e693fa5d3d06808e948db8273563d33dbd9ac44ecfd71e60426570885898b3e5538767eaf4ef713719e7fd89b32e4e3f60d972ef1617437d4dba14af4691fb8ec275a78552bae9d8aaf71c3d42aca793ef0ad09e1af353daab750203010001028201010081e2de1d60f294f715c39d5e03f9b8e2ba4bc44099f77b917b67d76845eba48302714256982239021ba99918ce87d3ad3707ce248d1ccc5a4cb0fb61e7161c90b35a2637f0bb600d42f64cabfc64c58168d337b609344b81851a4471db8ce11e794c62d714af1bf13caa1d40408ef3a8e2a8bf04ed4a87a4a9be47f5becf3777d7254cf6ab0ff4f3e109235334796b030a1e03951a0ae64e224b3226a8e99174825eaa877efbc5cde0cd075687a9086f645654bda547f8927433f8eecd9ecfcb9b30ed6ff66bb4e5b7341f9626095798e279338e554045d0ae3ee94a1f10644ad88f10e7e7199923d45d5f8df2283859c3f4c41262426e654a04e895a21bb40102818100ea2e632ed6d314655c64eb6a18d4f492fea379ca091426bd7f381f1cbd7f1f79b73d694b9538ec693b245992f6a2a1b292279db9698eac40e43df3aa83b682ca5ab60ed07d02692e16c65cba91ee9aa9f768db2be9a1e0a213a93651a6886dcd35aa3f116ea73287a39a830cc2779bc02b9c8566c4cf8cd25ce99fa030ab965502818100d1ec351dafa33fff13a64c4a980a6f697735e705c1dc2a410b738210f4c059cd058579e4324d46e5bb0c1e6df4476d1a00206f66cf1be23645db193c69cbd04539f87e2b3f4617046031a1575a16a8e71b998844df2601d9d67958421f75c19943f53857b56a08583320b48a85def15b75c9ac5e4a232363824ab666b60ca0a102818100879dbf8083960fccb75a165f05ec658aaefe7aec3e9fb5e3adc611767263291632c0d4b699bf3261aa875d7c576a4d5bfd7a05c4375611792ef495a4dccc182819aa2f201c15065653882271454bb9b3ce7ca1d8675f80983bec95716990be8dc593471cd048f1614da4905a1650701934e85af4edeb083156ef50aad324bb5502818100814232ca9eb5a4d8499f2266e40bb8e275f708d3b0b502879ea777353d9f9b2bf4f46543affd896437b294a21bc24759b52e43aa4868e0f78e3804e80034f17f4edcc5c397686f0fd0b37ea72cdfbb0ce31fbc9abbd4c95afb0728e33e3fe1ff9faac510acb2278537a631c501fd6f1c6400d45412ce642207be3d662d3ec54102818055a928e09d9801f683ebb625e6ed97396ac1cd55b358d7aa06c8801759c2a51d517de1f88c537f532fea6cf563766d7818dc1de70b48d31c0102cad3562b7bf03a310b631428c22eabdc5555a90a5fc5310660a795d916ba1b57c09587f697d09dc092ac469e71f0e42fc6153c35ffe177898ea1e92aa6f28d3b86bfe30ad58c'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 3
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_DAVE', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'home', 1, 3, 4
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of dave@strongswan.org */
+ 11, X'DAVE_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of moon.strongswan.org */
+ 11, X'MOON_SPK_HEX'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* dave@strongswan.org */
+ 6, 1, X'DAVE_PUB_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* moon.strongswan.org */
+ 6, 1, X'MOON_PUB_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of dave@strongswan.org */
+ 1, X'DAVE_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 3
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_DAVE', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'home', 1, 3, 4
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of moon.strongswan.org */
- 11, X'6a9c74d1f8897989f65a94e989f1fac3649d292e'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of carol@strongswan.org */
- 11, X'1fa1a988d9648cb5a0a2546439b4f23d745d6e7c'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of dave@strongswan.org */
- 11, X'ee7f38daeea1b81a41777f78f2674be8439d8e0e'
- );
-
-/* Raw RSA public keys */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* moon.strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100ca2f633dd4bbba0586215b15a0312f73f533124f0b339b9ae13bb648b02b4c468e0f01e630fbef92197b7708f5dbffea7e496286966d75acf13bd5e4377a1821d82de102eadf9963b489041a0b0f9f76b79e2150aa39020e3fa52a677dbb879c986291e4f1542fe2f0494e9c5c954d4faa75a17aa7b56652f1b16efbdcb46697f7d0b7f520bc990205365938d2cd31f2beed30e761a56c02d9dc82f0cdefc9d43447b6a98f7628aed2ac127a4a9504838f66e7517e5e0b0672c8165474bce689f73a6fc6e3c72b2c45498ddbbc0b17b04915606fe94f256cc777c42c534560ffbbe5aacdd944cc8db4d2abaf8a294af55b03a6a01a54d78430ab78389753c2870203010001'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* carol@strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100d05d594f8117bc78972a3ec479ebe1400e53cf72410b93e6f74fa17cf1ea444fb23600bae92d81747e49a2e4407c3f6118033d22a3e67ce69a53907ffad646bfbc3b6abe0bdd9a5080a690dbd919a9a8e70d9694e319e93e5d9361eff9033ac53fc6cd6c95af574c62effbb72c03d41c3b696fc7aa4444483bbaabde555aef8bce0e9797108d11ecf462c66b37f7c2e812f6ab3280a8c05b207156f0e3a787e9c4638205e40ce466716bc35d8623bd99f3cda9c3dee5c8ac19852cff18c405049c7eae735dc393f5209c13946e4f51da030ad7bf31caf58a203eccea2fc79e71d46a06c5dba85d65397a0adfd4cb5a9517fd3dcf17af8ab7584293026b19ad510203010001'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* dave@strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100c007f2536f0558e68345d3ef017a175b73434e797f9b97448e720a5985aea76cc0503b8d63b4e239af95db83db0af65f8360e9d941912c121215643a0af32188fc520413e81645ff8e2e623c9362be1b57649530bf54fdad6563106105ace949d7de2895a4771c237090aaa2567bd7d9b08b2ad09f63f61bba87d7462046e89fa4570cb3c8e4322220a737af48c31cd0ec2140f3723b94742c4a14232e1d409f6b53c18aaa63e693fa5d3d06808e948db8273563d33dbd9ac44ecfd71e60426570885898b3e5538767eaf4ef713719e7fd89b32e4e3f60d972ef1617437d4dba14af4691fb8ec275a78552bae9d8aaf71c3d42aca793ef0ad09e1af353daab750203010001'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 5
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 3, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 3, 7
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100ca2f633dd4bbba0586215b15a0312f73f533124f0b339b9ae13bb648b02b4c468e0f01e630fbef92197b7708f5dbffea7e496286966d75acf13bd5e4377a1821d82de102eadf9963b489041a0b0f9f76b79e2150aa39020e3fa52a677dbb879c986291e4f1542fe2f0494e9c5c954d4faa75a17aa7b56652f1b16efbdcb46697f7d0b7f520bc990205365938d2cd31f2beed30e761a56c02d9dc82f0cdefc9d43447b6a98f7628aed2ac127a4a9504838f66e7517e5e0b0672c8165474bce689f73a6fc6e3c72b2c45498ddbbc0b17b04915606fe94f256cc777c42c534560ffbbe5aacdd944cc8db4d2abaf8a294af55b03a6a01a54d78430ab78389753c287020301000102820100204507f5ea6a3bfa7db9fd2baa71af3d36b97c0699a71702d5480e83f37a35a65d2e10038975ec7ac90e67a54a785e9432abcbc9e7607913ad3cfb9a7d304381c35b2f3aa3fa242541bf4ca44b77a6dfefd69142aaa886a777890907938dc6cb3b971fea068a854a1747dc0020d6c38c1f8cbec530d747099e01cfd0eb1ceff2b077bd07aaef4989b75594614b16a778891a2e490369d2a9571ddf5cd165331638a8a3c96184a8259eb588caab3bbfab9c0f77b66c830ecf0f294dc1b67a5f36b75e3e095e247864f19ab212fdbf34e0925316ca13c342b4ba464ecf93d2a8e39eee24dd63dddd938101a9f4b8f0de90765e1c1fda5c62e161cc712794aeaea102818100f85d60a6990447926da1ab9db7f094a5d435b11f70c5fef9541a89e05898001190cfdc651b8a23ccbfe8e7bdacd225776f01699d06be5ae5abc4690fe99b81fd9f369e973437fbcba2efdbe1dc6f8389fb2be78e3847f4f05323b2c7b6b6a4c85ca0aa72642747434f4358f0baf10ab173f9c3f24e9674570179dde23c6c248d02818100d06693eb5c92b6d516f630b79b1b98ea3910cbc4c442a4779ce16f5b09825c858ea4dfcc4d33eeb3e4de971a7fa5d2a153e9a83e65f7527ca77b93efc257960eadd8ce5b57e590d9189e542652ae3677c623343a39c1d16dbef3069406eaa4913eeba06e0a3af3c8539dbd4be7d9caf3ccd654ae397ae7faa72ba823e4b0206302818100ef2bc4f249f28415ef7b3bafd33d5b7861e61e9e7f543c18d0340a4840288810625ab90ba8bc9b8305dffca27c75965cf049f4f1a157d862c9c987bf2a2075cacdf2a44049aa0bd16b23fea3ff4a67ea8d351774aea024b0f5ef2fb00134db749336a94d254369edd8bbab3f8f56a60c82f9a807844480de746e6e0cfa50cdd50281807b32d8e93fadc00612eff176e96c14270b1b41cb0dd6f3d17e5dcaedbf9e6041d844e1c4ae33303f0ae307e2f3693d2e8023d68124d863dc2b4aa3f70e25a7210066f5ff0be43b900bbcb5b47e165d3ecb544e70c96a29fbbdf17f870cdbb3f3e585782ef53f4a94b7d1bd715d1be49de20f26ba6462a3370b928470cba5cf4f028180324ffacf705e6746f741d24ff6aa0bb14aad55cba41eb7758e6cc0d51f40feac6b4a459ce374af424287f602b0614520079b436b8e90cde0ddff679304e9efdd74a2ffbfe6e4e1bd1236c360413f2d2656e00b3e3cb217567671bf73a722a222e5e85d109fe2c77caf5951f5b9f4171c744afa717fe7e9306488e6ab87341298'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'rw', 1, 5, 4
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'rw', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of moon.strongswan.org */
+ 11, X'MOON_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of carol@strongswan.org */
+ 11, X'CAROL_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of dave@strongswan.org */
+ 11, X'DAVE_SPK_HEX'
+ );
+
+/* Raw RSA public keys */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* moon.strongswan.org */
+ 6, 1, X'MOON_PUB_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* carol@strongswan.org */
+ 6, 1, X'CAROL_PUB_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* dave@strongswan.org */
+ 6, 1, X'DAVE_PUB_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 5
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 3, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 3, 7
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'rw', 1, 5, 4
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'rw', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of carol@strongswan.org */
- 11, X'1fa1a988d9648cb5a0a2546439b4f23d745d6e7c'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of moon.strongswan.org */
- 11, X'6a9c74d1f8897989f65a94e989f1fac3649d292e'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* carol@strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100d05d594f8117bc78972a3ec479ebe1400e53cf72410b93e6f74fa17cf1ea444fb23600bae92d81747e49a2e4407c3f6118033d22a3e67ce69a53907ffad646bfbc3b6abe0bdd9a5080a690dbd919a9a8e70d9694e319e93e5d9361eff9033ac53fc6cd6c95af574c62effbb72c03d41c3b696fc7aa4444483bbaabde555aef8bce0e9797108d11ecf462c66b37f7c2e812f6ab3280a8c05b207156f0e3a787e9c4638205e40ce466716bc35d8623bd99f3cda9c3dee5c8ac19852cff18c405049c7eae735dc393f5209c13946e4f51da030ad7bf31caf58a203eccea2fc79e71d46a06c5dba85d65397a0adfd4cb5a9517fd3dcf17af8ab7584293026b19ad510203010001'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* moon.strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100ca2f633dd4bbba0586215b15a0312f73f533124f0b339b9ae13bb648b02b4c468e0f01e630fbef92197b7708f5dbffea7e496286966d75acf13bd5e4377a1821d82de102eadf9963b489041a0b0f9f76b79e2150aa39020e3fa52a677dbb879c986291e4f1542fe2f0494e9c5c954d4faa75a17aa7b56652f1b16efbdcb46697f7d0b7f520bc990205365938d2cd31f2beed30e761a56c02d9dc82f0cdefc9d43447b6a98f7628aed2ac127a4a9504838f66e7517e5e0b0672c8165474bce689f73a6fc6e3c72b2c45498ddbbc0b17b04915606fe94f256cc777c42c534560ffbbe5aacdd944cc8db4d2abaf8a294af55b03a6a01a54d78430ab78389753c2870203010001'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of carol@strongswan.org' */
- 1, X'308204a40201000282010100d05d594f8117bc78972a3ec479ebe1400e53cf72410b93e6f74fa17cf1ea444fb23600bae92d81747e49a2e4407c3f6118033d22a3e67ce69a53907ffad646bfbc3b6abe0bdd9a5080a690dbd919a9a8e70d9694e319e93e5d9361eff9033ac53fc6cd6c95af574c62effbb72c03d41c3b696fc7aa4444483bbaabde555aef8bce0e9797108d11ecf462c66b37f7c2e812f6ab3280a8c05b207156f0e3a787e9c4638205e40ce466716bc35d8623bd99f3cda9c3dee5c8ac19852cff18c405049c7eae735dc393f5209c13946e4f51da030ad7bf31caf58a203eccea2fc79e71d46a06c5dba85d65397a0adfd4cb5a9517fd3dcf17af8ab7584293026b19ad51020301000102820101008a86f560a12fd9b2c6b5646395b757db116b7108c1ebe399f3a43275f213d0f4b743a5fa9e1a0dee1823f6b30f984b3ecf0b20330e8aa7515d1adf7fe6915d1a0e17e6a0911cf4823ef5fe6adb8c6f3a86da86d9579f1b6dc622bd4320e79fc411e1a72360e4e1023ce8d60df2aa5cf3a420361ba5bc9b34f6d8e578fc8067aef457ff2a5a91f7c7c8a4f242cc46ab1cff18d6d1a4d8b82b5791df1f18a04b8cb2da235c3a795900fa7ffbbcb4b1d079a504673794eeca5e75c8c16ad2558965453515f57180b8dc518710aa874cd3bcdeddf109d5b553c27a351437f9c1bcdf8940f3ff8632dd59f6c8e01107b4bbf49c6c5409b6e9ecb29eada333800fa5d102818100f5537045d067df4d786df67e1cfea01ce3ca6de3f06be48efd8b4dc48c1ec19a711003875ee202343c851c8f970d2160a2e4d1108da6437af6bccfae803f61fc450582a89aa0906cba65fc7033aa584c1a2a17e96b2f368951aedaa5261f6e1c14999cfa7f4c4091890eff281cb4e6f37209f4b6d5778607caeca0a15137746d02818100d96e379ba5b4ed604d84a7ed71678a1f23391b749a697289bd3bee5d17985af89264f5ec35d3e37b1e44d6fdafec8a78ae199e0bb680f59f9800bb894ba5b31ee964f3ddc142f361835cf49a1edb75330f44f33c26c56e0752ae3fe0df760838b6437b99a131cb544d64da996baf3bc3f5709cc75f134b048cdebbf8bed1a5f502818017e2d8e2a34909cff432d8b62cc289fa661f7695a3fa0d55f2cfd67195a704f8b19b7a8c7aab8cc563431ea5c87249d6abe595898411352ecac9557b4b1760c5fc3e6e1b567addb5086d17a8210fabeb34fcf6390eeb98e6c3e23f7da6f99671fb7b7d725264ad40be548c796e5a1ac6874afaddb6691dceb26e59b17b43e7fd02818100ac90cb559f089fb56510b9eebba8bf78c30dd9fa8b6ad15afc738a551c1af1688357d9cea5520c2374fc91dd3a38f4159fa7f945b68d576458d18c0605a1f72dbb734211680768fea5b1aaf87f31122d7a1af12976640f55848b836b482f778afb2d47f5c077b2b6afce31a8be4c8f949141d54c6eeaf309237ccb973a6b4dd902818025ec4178c7f7c017c46a93fbdb72e2e3b199ae33c9fa6834f81b75b481cd6756124c744c821b126b07ea9852dc58de40cc87f160209d8af3b4bac4862778d3e21cbfdfcdbbfaad8911500f43a43041b88eefb27c66adfffeb9c8add95d1a4ed05f0bd81a4eda79fd4a0885a4a3bad0dcddecf83401c19df721d6cc7163c4125e'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 3
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_CAROL', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'home', 1, 1, 2
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of carol@strongswan.org */
+ 11, X'CAROL_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of moon.strongswan.org */
+ 11, X'MOON_SPK_HEX'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* carol@strongswan.org */
+ 6, 1, X'CAROL_PUB_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* moon.strongswan.org */
+ 6, 1, X'MOON_PUB_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of carol@strongswan.org' */
+ 1, X'CAROL_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 3
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_CAROL', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'home', 1, 1, 2
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of dave@strongswan.org */
- 11, X'ee7f38daeea1b81a41777f78f2674be8439d8e0e'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of moon.strongswan.org */
- 11, X'6a9c74d1f8897989f65a94e989f1fac3649d292e'
- );
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* dave@strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100c007f2536f0558e68345d3ef017a175b73434e797f9b97448e720a5985aea76cc0503b8d63b4e239af95db83db0af65f8360e9d941912c121215643a0af32188fc520413e81645ff8e2e623c9362be1b57649530bf54fdad6563106105ace949d7de2895a4771c237090aaa2567bd7d9b08b2ad09f63f61bba87d7462046e89fa4570cb3c8e4322220a737af48c31cd0ec2140f3723b94742c4a14232e1d409f6b53c18aaa63e693fa5d3d06808e948db8273563d33dbd9ac44ecfd71e60426570885898b3e5538767eaf4ef713719e7fd89b32e4e3f60d972ef1617437d4dba14af4691fb8ec275a78552bae9d8aaf71c3d42aca793ef0ad09e1af353daab750203010001'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* moon.strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100ca2f633dd4bbba0586215b15a0312f73f533124f0b339b9ae13bb648b02b4c468e0f01e630fbef92197b7708f5dbffea7e496286966d75acf13bd5e4377a1821d82de102eadf9963b489041a0b0f9f76b79e2150aa39020e3fa52a677dbb879c986291e4f1542fe2f0494e9c5c954d4faa75a17aa7b56652f1b16efbdcb46697f7d0b7f520bc990205365938d2cd31f2beed30e761a56c02d9dc82f0cdefc9d43447b6a98f7628aed2ac127a4a9504838f66e7517e5e0b0672c8165474bce689f73a6fc6e3c72b2c45498ddbbc0b17b04915606fe94f256cc777c42c534560ffbbe5aacdd944cc8db4d2abaf8a294af55b03a6a01a54d78430ab78389753c2870203010001'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-$INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of dave@strongswan.org */
- 1, X'308204a50201000282010100c007f2536f0558e68345d3ef017a175b73434e797f9b97448e720a5985aea76cc0503b8d63b4e239af95db83db0af65f8360e9d941912c121215643a0af32188fc520413e81645ff8e2e623c9362be1b57649530bf54fdad6563106105ace949d7de2895a4771c237090aaa2567bd7d9b08b2ad09f63f61bba87d7462046e89fa4570cb3c8e4322220a737af48c31cd0ec2140f3723b94742c4a14232e1d409f6b53c18aaa63e693fa5d3d06808e948db8273563d33dbd9ac44ecfd71e60426570885898b3e5538767eaf4ef713719e7fd89b32e4e3f60d972ef1617437d4dba14af4691fb8ec275a78552bae9d8aaf71c3d42aca793ef0ad09e1af353daab750203010001028201010081e2de1d60f294f715c39d5e03f9b8e2ba4bc44099f77b917b67d76845eba48302714256982239021ba99918ce87d3ad3707ce248d1ccc5a4cb0fb61e7161c90b35a2637f0bb600d42f64cabfc64c58168d337b609344b81851a4471db8ce11e794c62d714af1bf13caa1d40408ef3a8e2a8bf04ed4a87a4a9be47f5becf3777d7254cf6ab0ff4f3e109235334796b030a1e03951a0ae64e224b3226a8e99174825eaa877efbc5cde0cd075687a9086f645654bda547f8927433f8eecd9ecfcb9b30ed6ff66bb4e5b7341f9626095798e279338e554045d0ae3ee94a1f10644ad88f10e7e7199923d45d5f8df2283859c3f4c41262426e654a04e895a21bb40102818100ea2e632ed6d314655c64eb6a18d4f492fea379ca091426bd7f381f1cbd7f1f79b73d694b9538ec693b245992f6a2a1b292279db9698eac40e43df3aa83b682ca5ab60ed07d02692e16c65cba91ee9aa9f768db2be9a1e0a213a93651a6886dcd35aa3f116ea73287a39a830cc2779bc02b9c8566c4cf8cd25ce99fa030ab965502818100d1ec351dafa33fff13a64c4a980a6f697735e705c1dc2a410b738210f4c059cd058579e4324d46e5bb0c1e6df4476d1a00206f66cf1be23645db193c69cbd04539f87e2b3f4617046031a1575a16a8e71b998844df2601d9d67958421f75c19943f53857b56a08583320b48a85def15b75c9ac5e4a232363824ab666b60ca0a102818100879dbf8083960fccb75a165f05ec658aaefe7aec3e9fb5e3adc611767263291632c0d4b699bf3261aa875d7c576a4d5bfd7a05c4375611792ef495a4dccc182819aa2f201c15065653882271454bb9b3ce7ca1d8675f80983bec95716990be8dc593471cd048f1614da4905a1650701934e85af4edeb083156ef50aad324bb5502818100814232ca9eb5a4d8499f2266e40bb8e275f708d3b0b502879ea777353d9f9b2bf4f46543affd896437b294a21bc24759b52e43aa4868e0f78e3804e80034f17f4edcc5c397686f0fd0b37ea72cdfbb0ce31fbc9abbd4c95afb0728e33e3fe1ff9faac510acb2278537a631c501fd6f1c6400d45412ce642207be3d662d3ec54102818055a928e09d9801f683ebb625e6ed97396ac1cd55b358d7aa06c8801759c2a51d517de1f88c537f532fea6cf563766d7818dc1de70b48d31c0102cad3562b7bf03a310b631428c22eabdc5555a90a5fc5310660a795d916ba1b57c09587f697d09dc092ac469e71f0e42fc6153c35ffe177898ea1e92aa6f28d3b86bfe30ad58c'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 3
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_DAVE', 'PH_IP_MOON'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'home', 1, 1, 2
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'home', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 2
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of dave@strongswan.org */
+ 11, X'DAVE_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of moon.strongswan.org */
+ 11, X'MOON_SPK_HEX'
+ );
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* dave@strongswan.org */
+ 6, 1, X'DAVE_PUB_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* moon.strongswan.org */
+ 6, 1, X'MOON_PUB_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+$INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of dave@strongswan.org */
+ 1, X'DAVE_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 3
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_DAVE', 'PH_IP_MOON'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'home', 1, 1, 2
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'home', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 2
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* moon.strongswan.org */
- 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* carol@strongswan.org */
- 3, X'6361726f6c407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* dave@strongswan.org */
- 3, X'64617665407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of moon.strongswan.org */
- 11, X'6a9c74d1f8897989f65a94e989f1fac3649d292e'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of carol@strongswan.org */
- 11, X'1fa1a988d9648cb5a0a2546439b4f23d745d6e7c'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of dave@strongswan.org */
- 11, X'ee7f38daeea1b81a41777f78f2674be8439d8e0e'
- );
-
-/* Raw RSA public keys */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* moon.strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100ca2f633dd4bbba0586215b15a0312f73f533124f0b339b9ae13bb648b02b4c468e0f01e630fbef92197b7708f5dbffea7e496286966d75acf13bd5e4377a1821d82de102eadf9963b489041a0b0f9f76b79e2150aa39020e3fa52a677dbb879c986291e4f1542fe2f0494e9c5c954d4faa75a17aa7b56652f1b16efbdcb46697f7d0b7f520bc990205365938d2cd31f2beed30e761a56c02d9dc82f0cdefc9d43447b6a98f7628aed2ac127a4a9504838f66e7517e5e0b0672c8165474bce689f73a6fc6e3c72b2c45498ddbbc0b17b04915606fe94f256cc777c42c534560ffbbe5aacdd944cc8db4d2abaf8a294af55b03a6a01a54d78430ab78389753c2870203010001'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* carol@strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100d05d594f8117bc78972a3ec479ebe1400e53cf72410b93e6f74fa17cf1ea444fb23600bae92d81747e49a2e4407c3f6118033d22a3e67ce69a53907ffad646bfbc3b6abe0bdd9a5080a690dbd919a9a8e70d9694e319e93e5d9361eff9033ac53fc6cd6c95af574c62effbb72c03d41c3b696fc7aa4444483bbaabde555aef8bce0e9797108d11ecf462c66b37f7c2e812f6ab3280a8c05b207156f0e3a787e9c4638205e40ce466716bc35d8623bd99f3cda9c3dee5c8ac19852cff18c405049c7eae735dc393f5209c13946e4f51da030ad7bf31caf58a203eccea2fc79e71d46a06c5dba85d65397a0adfd4cb5a9517fd3dcf17af8ab7584293026b19ad510203010001'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* dave@strongswan.org */
- 6, 1, X'30820122300d06092a864886f70d01010105000382010f003082010a0282010100c007f2536f0558e68345d3ef017a175b73434e797f9b97448e720a5985aea76cc0503b8d63b4e239af95db83db0af65f8360e9d941912c121215643a0af32188fc520413e81645ff8e2e623c9362be1b57649530bf54fdad6563106105ace949d7de2895a4771c237090aaa2567bd7d9b08b2ad09f63f61bba87d7462046e89fa4570cb3c8e4322220a737af48c31cd0ec2140f3723b94742c4a14232e1d409f6b53c18aaa63e693fa5d3d06808e948db8273563d33dbd9ac44ecfd71e60426570885898b3e5538767eaf4ef713719e7fd89b32e4e3f60d972ef1617437d4dba14af4691fb8ec275a78552bae9d8aaf71c3d42aca793ef0ad09e1af353daab750203010001'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 5
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 3, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 3, 7
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of CN=moon.strongswan.org' */
- 1, X'308204a30201000282010100ca2f633dd4bbba0586215b15a0312f73f533124f0b339b9ae13bb648b02b4c468e0f01e630fbef92197b7708f5dbffea7e496286966d75acf13bd5e4377a1821d82de102eadf9963b489041a0b0f9f76b79e2150aa39020e3fa52a677dbb879c986291e4f1542fe2f0494e9c5c954d4faa75a17aa7b56652f1b16efbdcb46697f7d0b7f520bc990205365938d2cd31f2beed30e761a56c02d9dc82f0cdefc9d43447b6a98f7628aed2ac127a4a9504838f66e7517e5e0b0672c8165474bce689f73a6fc6e3c72b2c45498ddbbc0b17b04915606fe94f256cc777c42c534560ffbbe5aacdd944cc8db4d2abaf8a294af55b03a6a01a54d78430ab78389753c287020301000102820100204507f5ea6a3bfa7db9fd2baa71af3d36b97c0699a71702d5480e83f37a35a65d2e10038975ec7ac90e67a54a785e9432abcbc9e7607913ad3cfb9a7d304381c35b2f3aa3fa242541bf4ca44b77a6dfefd69142aaa886a777890907938dc6cb3b971fea068a854a1747dc0020d6c38c1f8cbec530d747099e01cfd0eb1ceff2b077bd07aaef4989b75594614b16a778891a2e490369d2a9571ddf5cd165331638a8a3c96184a8259eb588caab3bbfab9c0f77b66c830ecf0f294dc1b67a5f36b75e3e095e247864f19ab212fdbf34e0925316ca13c342b4ba464ecf93d2a8e39eee24dd63dddd938101a9f4b8f0de90765e1c1fda5c62e161cc712794aeaea102818100f85d60a6990447926da1ab9db7f094a5d435b11f70c5fef9541a89e05898001190cfdc651b8a23ccbfe8e7bdacd225776f01699d06be5ae5abc4690fe99b81fd9f369e973437fbcba2efdbe1dc6f8389fb2be78e3847f4f05323b2c7b6b6a4c85ca0aa72642747434f4358f0baf10ab173f9c3f24e9674570179dde23c6c248d02818100d06693eb5c92b6d516f630b79b1b98ea3910cbc4c442a4779ce16f5b09825c858ea4dfcc4d33eeb3e4de971a7fa5d2a153e9a83e65f7527ca77b93efc257960eadd8ce5b57e590d9189e542652ae3677c623343a39c1d16dbef3069406eaa4913eeba06e0a3af3c8539dbd4be7d9caf3ccd654ae397ae7faa72ba823e4b0206302818100ef2bc4f249f28415ef7b3bafd33d5b7861e61e9e7f543c18d0340a4840288810625ab90ba8bc9b8305dffca27c75965cf049f4f1a157d862c9c987bf2a2075cacdf2a44049aa0bd16b23fea3ff4a67ea8d351774aea024b0f5ef2fb00134db749336a94d254369edd8bbab3f8f56a60c82f9a807844480de746e6e0cfa50cdd50281807b32d8e93fadc00612eff176e96c14270b1b41cb0dd6f3d17e5dcaedbf9e6041d844e1c4ae33303f0ae307e2f3693d2e8023d68124d863dc2b4aa3f70e25a7210066f5ff0be43b900bbcb5b47e165d3ecb544e70c96a29fbbdf17f870cdbb3f3e585782ef53f4a94b7d1bd715d1be49de20f26ba6462a3370b928470cba5cf4f028180324ffacf705e6746f741d24ff6aa0bb14aad55cba41eb7758e6cc0d51f40feac6b4a459ce374af424287f602b0614520079b436b8e90cde0ddff679304e9efdd74a2ffbfe6e4e1bd1236c360413f2d2656e00b3e3cb217567671bf73a722a222e5e85d109fe2c77caf5951f5b9f4171c744afa717fe7e9306488e6ab87341298'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_MOON', '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id
-) VALUES (
- 'rw', 1, 1, 4
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'rw', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* moon.strongswan.org */
+ 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* carol@strongswan.org */
+ 3, X'6361726f6c407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* dave@strongswan.org */
+ 3, X'64617665407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of moon.strongswan.org */
+ 11, X'MOON_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of carol@strongswan.org */
+ 11, X'CAROL_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of dave@strongswan.org */
+ 11, X'DAVE_SPK_HEX'
+ );
+
+/* Raw RSA public keys */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* moon.strongswan.org */
+ 6, 1, X'MOON_PUB_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* carol@strongswan.org */
+ 6, 1, X'CAROL_PUB_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* dave@strongswan.org */
+ 6, 1, X'DAVE_PUB_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 5
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 3, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 3, 7
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of CN=moon.strongswan.org' */
+ 1, X'MOON_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_MOON', '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id
+) VALUES (
+ 'rw', 1, 1, 4
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'rw', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* alice@strongswan.org */
- 3, X'616c696365407374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* sun.strongswan.org */
- 2, X'73756e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, OU=Sales, CN=alice@strongswan.org' */
- 11, X'fb35c1df730e1570ee56ba1b6e1cf7f3ae48fcd9'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, OU=Sales, CN=alice@strongswan.org */
- 1, 1, X'3082041f30820307a00302010202012d300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134353433365a170d3139303832363134353433365a3057310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e310e300c060355040b130553616c6573311d301b06035504031414616c696365407374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100b46c93f8a9e1e8d05729c41a6bc5f7eaa1d8c212d828b7ab5b3eed5031e3b8b8beedae3c1c5bd3ae1a872170e311b4f27cf87b04cbc3bb20af1873ed89a2f151d8dfd635c15914163c0d178f896cbdaf076a6b1677f57b036669ade16f2449ceee008daf284d6d11298da8edc322d2bc93668f57a27eead5c2dd1d96f8056fda4d8cca70ba3b16c9a382f6ea58a553a25ac8d3bdba5cf2c27b5bbe72f064018d4e9698e33b5a56889dc927f706d68440f0fc6034bba95f7e94051b71c352eba2f8a9eee38aad285a6d0fa5cd3480e3e179801f10e1580ad738a434c5a5edd205aac3f5d10715ae7911180384dfdf1f5d9d58a00a0298ea82be0b175bbcb793570203010001a38201063082010230090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414fb35c1df730e1570ee56ba1b6e1cf7f3ae48fcd9306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301f0603551d11041830168114616c696365407374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b050003820101004b5d12120923b1178967f3eb9ba1a1d3b3526f7c214a090def3915a3ae7b5df2ff1243ddb119106b4f9a026ad6954e23db430a6175270e977efb6144141060ce4a96cd443d00bb967556bc8fff4d81e34d5349bae967b0d9c809f14ac47a0f3f256c2b56d462c2a44cc5771352562e63df493cc9e080cb554860208fb2a350a73888158bb3ad0f3bc743f553d5b4c541341875836bbf4b464913bfcb89c09e1128c93c1c79da73bc2cf726eb853f2cbf7a1702ff0b44de33153abe61158e9bc847ff406118c2918ba4b3bdd2b58bce77706e0dec8d81eb49ac3b69f494390f0201fc10113a211a5dd8376b5c7e94c84c0402226b74659130d2690fb3885d287a'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, OU=Sales, CN=alice@strongswan.org' */
- 1, X'308204a40201000282010100b46c93f8a9e1e8d05729c41a6bc5f7eaa1d8c212d828b7ab5b3eed5031e3b8b8beedae3c1c5bd3ae1a872170e311b4f27cf87b04cbc3bb20af1873ed89a2f151d8dfd635c15914163c0d178f896cbdaf076a6b1677f57b036669ade16f2449ceee008daf284d6d11298da8edc322d2bc93668f57a27eead5c2dd1d96f8056fda4d8cca70ba3b16c9a382f6ea58a553a25ac8d3bdba5cf2c27b5bbe72f064018d4e9698e33b5a56889dc927f706d68440f0fc6034bba95f7e94051b71c352eba2f8a9eee38aad285a6d0fa5cd3480e3e179801f10e1580ad738a434c5a5edd205aac3f5d10715ae7911180384dfdf1f5d9d58a00a0298ea82be0b175bbcb793570203010001028201005075a33f5f331989df7506b8e99aed463b4ad8b162a835d03aeec311e24db550de044c910dec7d67c4f8c216ff8c23ef877fa00cb179e5f75b5e424489fe9a336fcdd24f429c20f311709d332b8bccc3434157e43b36c3d6ee52ee71fc0868c9d9257209cca54aa03eb1a7c5f021956cf726e381a73b862a31ae3dc5d77145418a9333073e0a99c2bcf32d92df386a45bbd8ad996174796fae1b21e540221e7fc0e410622c936dcdfc48184cbdb65e0f05b7d0e5fa57302ca0e2bf6d34deb83593df773a040c86f8759a99773385ba8aa30241d705fd559df1e80899e68181480ccc3d514dfa3601891c6e3765d30a477da52fcd42efaf3cd4f3b7d580043b5102818100ebeb3067086f417350b99828fd4b173ecbbb02e56b44ce96cadd05cc2b3ba384eac8a8650a07e460edf5f2a87ffe473708d607836f0e65d2338be6f84f2619204d6a449f2cd22a216c2c1519327fafca26904ce1968d6cea40158278a815abfaf3fef4c1578a7258c9848e1e441f0eb713172f22a7a9064f384dadb168bf4cd502818100c3c820f1f2876cbd38c12f31157596421d5ab5c2b77d3bcd4d8f61ab02688cd381a3eb25cd7c9c2700b9b6a838dc0643633184989ac7e7f6ae81c95031de1e7c777455843182d011e595e9c9879384c75f6ff1ead4ad7824edfe6d0cd41ec0284467c059f414c1a34f2ded28e8490f5979e7a0b54c487fcc202df21703d7857b02818100b9c353358dfaacbab451af72771fed89d0b9ccaa013108cacbaa05aaa2502f8db5a192971cb2e22d40b26d0428e47c06e5ba41e8484639feadfff73a86782548be2c73243312b981dfbf464db4e9bded9b37fc91950e7f3864858b5a9e5f922fe4785918f4695b6876251e12cee8f5994a3af32e827e212db7d3d274e359de9102818100834a78f5678bf39aed2d77e5359bd638de108fa5558151123b79f4a8468430344252d7855148c83acb9cbee60ec3561be8b03358572bc9ddbe66e0c6bbba55bd682a069310d4c58dcae57e931c2d0c34db4669f7edc9aab1313c968aacd136518a95fd0315d0b98e37b1f7c1a00c2693fd511c8f97e9627253fe1bc3dd5ab1730281807e4554fa27b5ead10f774ec25c4a1545645d27af649bb6a00c82a6dd2eff191f3245e7e5bf9ef57963d66a0776827109f9bc2c9acd27d942ab17331a27b8e85aada7c6cc4651695ffb0cec56d4459b8d37cc95902faeeb83f3c05efef18df3320bd42bb5479856a3094a8fef9f0aa86a17701aba1e84b5f016425a8d4ad6afdd'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 6
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_ALICE', 'PH_IP_SUN'
-);
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- '%any', '%any'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'nat-t', 1, 4, 5, '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, auth_method
-) VALUES (
- 'shunts', 2, 7, 7, 0
-);
-
-INSERT INTO child_configs (
- name
-) VALUES (
- 'nat-t'
-);
-
-INSERT INTO child_configs (
- name, mode, start_action
-) VALUES (
- 'local-net', 4, 1
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 2, 2
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 0.0.0.0/0 */
- 7, X'00000000', X'ffffffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 3, 2
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 1, 1
-);
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* alice@strongswan.org */
+ 3, X'616c696365407374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* sun.strongswan.org */
+ 2, X'73756e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, OU=Sales, CN=alice@strongswan.org' */
+ 11, X'ALICE_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, OU=Sales, CN=alice@strongswan.org */
+ 1, 1, X'ALICE_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, OU=Sales, CN=alice@strongswan.org' */
+ 1, X'ALICE_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 6
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_ALICE', 'PH_IP_SUN'
+);
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ '%any', '%any'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'nat-t', 1, 4, 5, '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, auth_method
+) VALUES (
+ 'shunts', 2, 7, 7, 0
+);
+
+INSERT INTO child_configs (
+ name
+) VALUES (
+ 'nat-t'
+);
+
+INSERT INTO child_configs (
+ name, mode, start_action
+) VALUES (
+ 'local-net', 4, 1
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 2, 2
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 0.0.0.0/0 */
+ 7, X'00000000', X'ffffffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 3, 2
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 1, 1
+);
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* sun.strongswan.org */
- 2, X'73756e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=sun.strongswan.org' */
- 11, X'edcd6347cdd12fb63000b605430713544c9d318a'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=sun.strongswan.org */
- 1, 1, X'3082042030820308a00302010202012a300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134343234355a170d3139303832363134343234355a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b30190603550403131273756e2e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100c72220047d4a5b330c984612d46af5e08501835db4bddb0bb8dc10bb3bb6daa2079d6201481d8bd2590b381634018777c22f443579dbd0c3894c57c4e582758294990a74b79bd1ea8139a661e677995c520b84c95aeda854abe8b314a8e5f015be3555434f3d1ed8c8b31d8147fd2a2d0f65676754b544a7f64a218d4e6aa64b4e7c9f57b93423f5d05f6b96e940c2682d40401963cc47eb0f6814706f7e14ba5be6a0ec8865328612c1fa733518d3e766f2250a9a43fb4b77c4423cefe7a0e4df3ac9705cbb8a3f3bbaef5693f5ec6ae1c0ab98c744470c149c043a3f5913443ab9fcfd0f6341496bcb4ebed02855618f91df6f251c00646a81ffac1eb925210203010001a38201193082011530090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e04160414edcd6347cdd12fb63000b605430713544c9d318a306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301d0603551d1104163014821273756e2e7374726f6e677377616e2e6f726730130603551d25040c300a06082b0601050507030130390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b050003820101005677bfe472a991bbfbe5e1e4c78e1a315593d0307a485ea75eb3904b317b395d45c8d8f6be26c0f6001a8959c15cffabefdf0c0edc03ff4377dd3425408476ac626a92872c0937148905bac4b0cee8098908101a25b7394448cd4fe1e77638ccb108e7d4dc98f2141bca8c3564e439e37cc263e025ec0dd8714b4848b2c7e043083f73a7d4f14cdab58c52ad47a12a36925ec0c2ffa892fa2ac7a49feff4b69a3ddd606bfee5e015a209012f79910971291870bee9ee955b99c661260844f901443d85e22981e3e298511ef8191a29a1a7ad1ff4c545b0ea8925817f62f73e8dad5c43e27c8be481abd45c89feb5d80c850f41a5537cc8480f5cb33959d69f56'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 5
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=sun.strongswan.org' */
- 1, X'308204a30201000282010100c72220047d4a5b330c984612d46af5e08501835db4bddb0bb8dc10bb3bb6daa2079d6201481d8bd2590b381634018777c22f443579dbd0c3894c57c4e582758294990a74b79bd1ea8139a661e677995c520b84c95aeda854abe8b314a8e5f015be3555434f3d1ed8c8b31d8147fd2a2d0f65676754b544a7f64a218d4e6aa64b4e7c9f57b93423f5d05f6b96e940c2682d40401963cc47eb0f6814706f7e14ba5be6a0ec8865328612c1fa733518d3e766f2250a9a43fb4b77c4423cefe7a0e4df3ac9705cbb8a3f3bbaef5693f5ec6ae1c0ab98c744470c149c043a3f5913443ab9fcfd0f6341496bcb4ebed02855618f91df6f251c00646a81ffac1eb92521020301000102820100061dd137f2153f99e0d0288ed981738df2e7e9fe0dd82b0b40215a4e35f656ded5370b5498bf7794fd712fc6d6d019361f7bce2f8a4fab28e665b6e87058427dc14cb61a81ad42945e65c3eb8be5ae8b3c65e82d3b22c3a1de29e69e42d5d53b05bda3a1cea444f749aadec422ceeee5b56c5af1bc9358c983f220f7b329e973a6d337152995f99de4ce319bf43a62c016e1e037db9f68d0fdb03fd1a5a4312e34c698d4ded8ff3de546a41046d60540468631a90c70d5b7e5523154a034fa638693a6075a3f6bdce539ac08cd110b30fb12d41c777471651e01bba65fbfcf60fbca09642794e926450d0f0d762ffc015b29be4da88efcf8ae47d1f872d05cf502818100ea6aff13b6f5b6b68f0408bf3835eef245a3d8fa38b4d8dbc04899e7119b835b531ec4ec4e9155a6e2d36d27ae8b145709338249f8cf33e3393b95e660aabb86aaff39cf52075fdc975250c039c13fe1999f63e16a9fb3bd056148eeb37329287803801808a0e4daf25885729ad422ce53d8f33b18e2d386248bc4342bf0463702818100d97780eed84257e60d9616647e41c48556e45ec31d7332796f446becc1fdadae24467263352396d01d6c690fa3c40a4de2128bf523f36c62a4c51ff6388e569d8a6f1dcf0b1d325b61d32862123ed0a67f7983d4ebda01e0e0524d6758c0413f9a2457bc559930ea50d69aafa09b43519725b94869bd9f5dcbcfcb447877c3670281802664ebee60b3120008a092862f40b6283c3bbfd80bdda2ff2b19390bdd9869055631ddf30e53438217f8a51230c65ac87e9b4f25aa78d578cbf0f4764d32e98fff05da84185d58d81a78c2fd18f88bebf96b5fc295e21e60413753e8b4bf91e82ceff5d4f9e4d057040677a4f3b2f7187027427f556e2153013d5b1f686aec3502818100be0e0f04aec3ec860641b1784a4fb82cc06ffdd1901f69716fa8e0999e40d2556b269639d5eb3096d9e0314195e2730ef61137781adf574e2eaa88f06b251ad5bc72b81e869c11b283a0439ed24b4b96f7b97f59ca765145f3467a97639d42690f91cb8bb1539cc86bb5e2a2b33e7e6b0429d7f04d5987ba35b178f8724058e90281804c5d9b475b2868c77cffa037e7faf6c12e1f85c5466231483ce3d7ffd951447845a9fb388900132edc63f4a6bb852171e252e9af8e8c641d84aff0ccd5713fbf805be74bf89a4e2fe36edd32fdb8c80d142941d58d2d27bc033c93e692ee88df8e89cbfd1209c96079740f443e641c08b100370eb644a7923a23c23f154403cf'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 5
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_SUN', '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, pool
-) VALUES (
- 'nat-t', 1, 4, 6, 'vips'
-);
-
-INSERT INTO child_configs (
- name, updown
-) VALUES (
- 'nat-t', '/usr/local/libexec/ipsec/_updown iptables'
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 0.0.0.0/0 */
- 7, X'00000000', X'ffffffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 3
-);
-
-/* Pools */
-
-INSERT INTO pools (
- name, start, end, timeout
-) VALUES (
- 'vips', X'0a030001', X'0a030006', 0
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030001'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030002'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030003'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030004'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030005'
-);
-
-INSERT INTO addresses (
- pool, address
-) VALUES (
- 1, X'0a030006'
-);
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* sun.strongswan.org */
+ 2, X'73756e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=sun.strongswan.org' */
+ 11, X'SUN_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=sun.strongswan.org */
+ 1, 1, X'SUN_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 5
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=sun.strongswan.org' */
+ 1, X'SUN_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 5
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_SUN', '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, pool
+) VALUES (
+ 'nat-t', 1, 4, 6, 'vips'
+);
+
+INSERT INTO child_configs (
+ name, updown
+) VALUES (
+ 'nat-t', '/usr/local/libexec/ipsec/_updown iptables'
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 0.0.0.0/0 */
+ 7, X'00000000', X'ffffffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 3
+);
+
+/* Pools */
+
+INSERT INTO pools (
+ name, start, end, timeout
+) VALUES (
+ 'vips', X'0a030001', X'0a030006', 0
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030001'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030002'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030003'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030004'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030005'
+);
+
+INSERT INTO addresses (
+ pool, address
+) VALUES (
+ 1, X'0a030006'
+);
+++ /dev/null
-/* Identities */
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'5da7dd700651327ee7b66db3b5e5e060ea2e4def'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
- 11, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* venus.strongswan.org */
- 2, X'76656e75732e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* sun.strongswan.org */
- 2, X'73756e2e7374726f6e677377616e2e6f7267'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* subjkey of 'C=CH, O=Linux strongSwan, CN=venus.strongswan.org' */
- 11, X'8ab59d2d99cb02fc9b00358b3b16cd7ce7ce8d0c'
- );
-
-INSERT INTO identities (
- type, data
-) VALUES ( /* %any */
- 0, '%any'
-);
-
-/* Certificates */
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
- 1, 1, X'308203b8308202a0a003020102020100300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303130303131385a170d3139303930373130303131385a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381b23081af30120603551d130101ff040830060101ff020101300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d01010b0500038201010023929aa101b412d1f5a577532088f209b34798a72ed7bd6945d74beaa2b3a1768764ad7f8b0df8d97a1a3ed1102e92a5f107e3059dc2250be49d02261ca83a342e0e5de7d43c37744e3fcea3197720ca1184d4ef94e6beeb0d241746b0b92b7fb1004c08e88bf9eb4ce60f3e149466f3e9fc3f98bce449f448f9d465e52b59f0101e6203cfad0d89e23509fa043d4c12021e8f32be7db8b2edbada641d64aa1a04af64a2ee5b814a753dd76b30e3de04f3c6b61166e632f8364d51cf3730a9564a4d93b9227c28b09b0f5595d92a632f72fe509a129ca9ee54df2b0edc6c3d38564f10256efcd8be82b2ec64977e3a6f5ef098eaa7f00662a6cded16cb80637c'
-);
-
-INSERT INTO certificates (
- type, keytype, data
-) VALUES ( /* C=CH, O=Linux strongSwan, CN=venus.strongswan.org */
- 1, 1, X'3082040f308202f7a00302010202012c300d06092a864886f70d01010b05003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3134303832373134353232375a170d3139303832363134353232375a3047310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311d301b0603550403131476656e75732e7374726f6e677377616e2e6f726730820122300d06092a864886f70d01010105000382010f003082010a0282010100b3434949425bb7271d14cbca27f765b1a1596f272cb586dc1a3999b4e649a4ebef2490790c443226dde1f205943a3d6e3aafff95a082eb1e773fb390a6c1c042964562feea7a8d46b4346a80d0c8670496fcf99a0476d24ca9b0955053401b6827750c10f7dbd194aebe65bbefab745b74d1e801de954db66a3078f84453331133f249c45eb063680ba02f5dbd5855c6586ff639246659910ed52ae144957efc46927381f9bde22f674ce1bb495fd0b81ce0d0a1d823ce9fc715037aaf31af8025caef4ddbda759fe163ed8a96aabf21ce4207bf476db6001fdfffa8f3cd73e7c83693053c64dccb39f13652337d25d981ae2933f3660e72936b2b8ac341914f0203010001a38201063082010230090603551d1304023000300b0603551d0f0404030203a8301d0603551d0e041604148ab59d2d99cb02fc9b00358b3b16cd7ce7ce8d0c306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100301f0603551d1104183016821476656e75732e7374726f6e677377616e2e6f726730390603551d1f04323030302ea02ca02a8628687474703a2f2f63726c2e7374726f6e677377616e2e6f72672f7374726f6e677377616e2e63726c300d06092a864886f70d01010b050003820101005041aae28bfc721cfcd8f1cdb0c57f2452509a25396fdeca58c09598d5387c8e5ea485539be7bab675397eb0c3ece8309de53ffdfa48e2c6383285976418f27dd89d98e90ec0c477001e53be781bd1dcd7b38310a32e720c0f17030d06ca1d83a650dde68f307bfb28bf9b87b74ad927c493e52d2cdaeee531b30046895a841a6aa6cf3481d437e69490ff4a904fe8a354bf165515bca57d93335f6523338e1014c1862e76715acb427925aff2bee101429cc59e8541d5ec431a1049054077506bc279971f712e72b9ceb145f0a3ba8f65d1acf1b08a2a22bbbc83c5da60554d2e5c843032c4f52702c19eaa4772bec5ffbe20efe5e1544b8699f8d0f50ce827'
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 1
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 2
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 1, 3
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 4
-);
-
-INSERT INTO certificate_identity (
- certificate, identity
-) VALUES (
- 2, 6
-);
-
-/* Private Keys */
-
-INSERT INTO private_keys (
- type, data
-) VALUES ( /* key of 'C=CH, O=Linux strongSwan, CN=venus.strongswan.org' */
- 1, X'308204a40201000282010100b3434949425bb7271d14cbca27f765b1a1596f272cb586dc1a3999b4e649a4ebef2490790c443226dde1f205943a3d6e3aafff95a082eb1e773fb390a6c1c042964562feea7a8d46b4346a80d0c8670496fcf99a0476d24ca9b0955053401b6827750c10f7dbd194aebe65bbefab745b74d1e801de954db66a3078f84453331133f249c45eb063680ba02f5dbd5855c6586ff639246659910ed52ae144957efc46927381f9bde22f674ce1bb495fd0b81ce0d0a1d823ce9fc715037aaf31af8025caef4ddbda759fe163ed8a96aabf21ce4207bf476db6001fdfffa8f3cd73e7c83693053c64dccb39f13652337d25d981ae2933f3660e72936b2b8ac341914f020301000102820100520109d9757db73f31527e17304940400deb77a9980e426f15a01bec611c775166c8773ea899d9c765e12271e2e8f1892757b3b7a301c0c4e31044f87b104eff26f6fede562d51cb724c381c4d661f9a3de7e3d6cd0bfe100be037add3279462050aca4648dc49f796288b2979ee19006d644899f254a2843bf7889f29c255ad58bff1a6f5c54ba888e57638c870be2f69b5c2b3647f96ca444965b3615b8aa164089a7e60b434624f49923aa9b8559cb9396bc8de77fcf55609b40390ad1040220e6444e73eda5aa25b57375b16f1112bd145473f23e950291bfc67fa6998ebbd2ce524a1de53f2911ec7847ea643445e6f6a04c0ad1e00cdb5139ce3df112102818100e01ee775841d611f416199dd05b639626c207e7b44013483058ed5e1097ada02a2311791723dccb13f24367a39e265d6db1f7145a8a64ed94a7fb85773769cd908536e84f8508434278a32a0f5d7b5202ecdf22b841edec34e8d0b36d6af6e6e91b906f585ed02eff59d2aaac2de3a70c1a2ac970d5e2d20028e4c2ff908c80d02818100ccc2ef36187682b216ab353b52d35771e4d1f98669f34efb90cf1c3a10b0ffecc6d3a8753b8c9c261af104061b857bea2e7916edfa8a7bbbcdeac4ca74a9e26a063816e82553591266d5957459c29312e5f70788dd11a110bc5118f57cfae164aac95a971db26109ea3f45ee3a1e4574d3afbd5657db6b91ed8be0888783ebcb0281800d1e41f602f1a549ab0e076f84721211ccba6a2cd4e22d2cae1a9a323dd7cf02f0736729c04215c51a29087747041569ea118113ceb74d4e32aa1f241f4206143e0484278c514a2bb354c779dc69efd41e69378f8c803211c47b44f8c4c027fa98d4f7af4f537c24877fd78b7f347abf36d64abbdcb0727bb92a93130bc493d1028181009f421ac60b5ed9a6642543a0e179c970a7557d6b432adfcaa045c6218f6beb9220ceed1e4973c2db8c66db07590e88638b43d946bd704a6eb6e91ba88ff6b6485a8ff39919b6eaf77a0e33512ca33ebb1b2bf8ab45ae7984c7c397d310231d7dabac328e88a57dfe3538834e97db859029396ddd233661433dec66762a58bbe302818100cc5398746e05d11474133a76f39ff7ae4c9535cad47e1195075627c29314e5864481d2ebf50f6650f20f76d9d8842f0eaa050818ea48eb53dc836f68310ed732cff1bf96247e3fd3bc8f4adaae994ce24979fdf631810cfc88c82ccdc98b2928e577a18abbb8bf715569fbb8efa38731f23837edf716b315fc868169968b75bd'
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 4
-);
-
-INSERT INTO private_key_identity (
- private_key, identity
-) VALUES (
- 1, 6
-);
-
-/* Configurations */
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- 'PH_IP_VENUS', 'PH_IP_SUN'
-);
-
-INSERT INTO ike_configs (
- local, remote
-) VALUES (
- '%any', '%any'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, virtual
-) VALUES (
- 'nat-t', 1, 4, 5, '0.0.0.0'
-);
-
-INSERT INTO peer_configs (
- name, ike_cfg, local_id, remote_id, auth_method
-) VALUES (
- 'shunts', 2, 7, 7, 0
-);
-
-INSERT INTO child_configs (
- name
-) VALUES (
- 'nat-t'
-);
-
-INSERT INTO child_configs (
- name, mode, start_action
-) VALUES (
- 'local-net', 4, 1
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 1, 1
-);
-
-INSERT INTO peer_config_child_config (
- peer_cfg, child_cfg
-) VALUES (
- 2, 2
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 10.1.0.0/16 */
- 7, X'0a010000', X'0a01ffff'
-);
-
-INSERT INTO traffic_selectors (
- type, start_addr, end_addr
-) VALUES ( /* 0.0.0.0/0 */
- 7, X'00000000', X'ffffffff'
-);
-
-INSERT INTO traffic_selectors (
- type
-) VALUES ( /* dynamic/32 */
- 7
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 2, 1
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 1, 3, 2
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 1, 0
-);
-
-INSERT INTO child_config_traffic_selector (
- child_cfg, traffic_selector, kind
-) VALUES (
- 2, 1, 1
-);
--- /dev/null
+/* Identities */
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 9, X'3047310b3009060355040613024348311b3019060355040a13127374726f6e675377616e2050726f6a656374311b3019060355040313127374726f6e675377616e20526f6f74204341'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPK_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* keyid of 'C=CH, O=strongSwan Project, CN=strongSwan Root CA' */
+ 11, X'CA_SPKI_HEX'
+);
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* venus.strongswan.org */
+ 2, X'76656e75732e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* sun.strongswan.org */
+ 2, X'73756e2e7374726f6e677377616e2e6f7267'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* subjkey of 'C=CH, O=strongSwan Project, CN=venus.strongswan.org' */
+ 11, X'VENUS_SPK_HEX'
+ );
+
+INSERT INTO identities (
+ type, data
+) VALUES ( /* %any */
+ 0, '%any'
+);
+
+/* Certificates */
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=strongSwan Root CA */
+ 1, 1, X'CA_CERT_HEX'
+);
+
+INSERT INTO certificates (
+ type, keytype, data
+) VALUES ( /* C=CH, O=strongSwan Project, CN=venus.strongswan.org */
+ 1, 1, X'VENUS_CERT_HEX'
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 2
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 1, 3
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 4
+);
+
+INSERT INTO certificate_identity (
+ certificate, identity
+) VALUES (
+ 2, 6
+);
+
+/* Private Keys */
+
+INSERT INTO private_keys (
+ type, data
+) VALUES ( /* key of 'C=CH, O=strongSwan Project, CN=venus.strongswan.org' */
+ 1, X'VENUS_KEY_HEX'
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 4
+);
+
+INSERT INTO private_key_identity (
+ private_key, identity
+) VALUES (
+ 1, 6
+);
+
+/* Configurations */
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ 'PH_IP_VENUS', 'PH_IP_SUN'
+);
+
+INSERT INTO ike_configs (
+ local, remote
+) VALUES (
+ '%any', '%any'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, virtual
+) VALUES (
+ 'nat-t', 1, 4, 5, '0.0.0.0'
+);
+
+INSERT INTO peer_configs (
+ name, ike_cfg, local_id, remote_id, auth_method
+) VALUES (
+ 'shunts', 2, 7, 7, 0
+);
+
+INSERT INTO child_configs (
+ name
+) VALUES (
+ 'nat-t'
+);
+
+INSERT INTO child_configs (
+ name, mode, start_action
+) VALUES (
+ 'local-net', 4, 1
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 1, 1
+);
+
+INSERT INTO peer_config_child_config (
+ peer_cfg, child_cfg
+) VALUES (
+ 2, 2
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 10.1.0.0/16 */
+ 7, X'0a010000', X'0a01ffff'
+);
+
+INSERT INTO traffic_selectors (
+ type, start_addr, end_addr
+) VALUES ( /* 0.0.0.0/0 */
+ 7, X'00000000', X'ffffffff'
+);
+
+INSERT INTO traffic_selectors (
+ type
+) VALUES ( /* dynamic/32 */
+ 7
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 2, 1
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 1, 3, 2
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 1, 0
+);
+
+INSERT INTO child_config_traffic_selector (
+ child_cfg, traffic_selector, kind
+) VALUES (
+ 2, 1, 1
+);
projects / thirdparty / strongswan.git / commitdiff
