]> git.ipfire.org Git - thirdparty/strongswan.git/commitdiff
projects / thirdparty / strongswan.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c9418d4)
use DNs in tnc/tnccs-20-tls scenario
authorAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 3 Mar 2013 09:47:17 +0000 (10:47 +0100)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 3 Mar 2013 09:47:17 +0000 (10:47 +0100)
testing/tests/tnc/tnccs-20-tls/evaltest.dat patch | blob | blame | history
testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf patch | blob | blame | history
testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf patch | blob | blame | history
testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf patch | blob | blame | history

diff --git a/testing/tests/tnc/tnccs-20-tls/evaltest.dat b/testing/tests/tnc/tnccs-20-tls/evaltest.dat
index bac7294b276e24b7ccda9b6386313754820dfb79..40d5e24d5b3de17706d70c7aa5e2c7a906be88f0 100644 (file)
--- a/testing/tests/tnc/tnccs-20-tls/evaltest.dat
+++ b/testing/tests/tnc/tnccs-20-tls/evaltest.dat
@@ -7,9 +7,9 @@ dave:: cat /var/log/daemon.log::EAP method EAP_TTLS succeeded, MSK established::
 dave:: cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES
 dave:: cat /var/log/daemon.log::CHILD_SA home{1} established.*TS 192.168.0.200/32 === 10.1.0.16/28::YES
 moon:: cat /var/log/daemon.log::added group membership 'allow'::YES
-moon:: cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES
+moon:: cat /var/log/daemon.log::authentication of 'C=CH, O=Linux strongSwan, OU=Research, CN=carol@strongswan.org' with EAP successful::YES
 moon:: cat /var/log/daemon.log::added group membership 'isolate'::YES
-moon:: cat /var/log/daemon.log::authentication of 'dave@strongswan.org' with EAP successful::YES
+moon:: cat /var/log/daemon.log::authentication of 'C=CH, O=Linux strongSwan, OU=Accounting, CN=dave@strongswan.org' with EAP successful::YES
 moon:: ipsec statusall 2> /dev/null::rw-allow.*10.1.0.0/28 === 192.168.0.100/32::YES
 moon:: ipsec statusall 2> /dev/null::rw-isolate.*10.1.0.16/28 === 192.168.0.200/32::YES
 carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_req=1::YES
diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf
index e9b78bc01bdab645be0fa1eed021b015edf65d33..eece9f2944dde086de938d9ef0544712548a8de2 100644 (file)
--- a/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20-tls/hosts/carol/etc/ipsec.conf
@@ -13,7 +13,6 @@ conn %default
 conn home
        left=PH_IP_CAROL
        leftcert=carolCert.pem
-       leftid=carol@strongswan.org
        leftauth=eap
        leftfirewall=yes
        right=PH_IP_MOON
diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf
index 75d84e25a7ee49603c3185032cd4832f38ac6495..362042656510d2f7c7809f5f18b451b2561c76e6 100644 (file)
--- a/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20-tls/hosts/dave/etc/ipsec.conf
@@ -13,7 +13,6 @@ conn %default
 conn home
        left=PH_IP_DAVE
        leftcert=daveCert.pem
-       leftid=dave@strongswan.org
        leftauth=eap
        leftfirewall=yes
        right=PH_IP_MOON
diff --git a/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf b/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf
index 2ffc7e9ae4e4748a81bd00b35c4da991b319c752..0ec930286807920314784e04a6ccbf683f1159cb 100644 (file)
--- a/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf
+++ b/testing/tests/tnc/tnccs-20-tls/hosts/moon/etc/ipsec.conf
@@ -29,6 +29,6 @@ conn rw-eap
        leftauth=eap-ttls
        leftfirewall=yes
        rightauth=eap-ttls
-       rightid=*@strongswan.org
+       rightid="C=CH, O=Linux strongSwan, OU=*, CN=*"
        rightsendcert=never
        right=%any
Unnamed repository; edit this file 'description' to name the repository.