From: Andreas Steffen Date: Wed, 19 Dec 2007 00:11:20 +0000 (-0000) Subject: updated rw-eap-aka-rsa scenario X-Git-Tag: 4.1.10~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a37e8f32d8d76c7899656ed4f16df1a1a09ab763;p=thirdparty%2Fstrongswan.git updated rw-eap-aka-rsa scenario --- diff --git a/testing/tests/ikev2/reauth-early/evaltest.dat b/testing/tests/ikev2/reauth-early/evaltest.dat index 6d8e6f6ebc..b4cbe2f41b 100644 --- a/testing/tests/ikev2/reauth-early/evaltest.dat +++ b/testing/tests/ikev2/reauth-early/evaltest.dat @@ -1,7 +1,6 @@ moon::ipsec statusall::rw\[2\].*ESTABLISHED::YES carol::ipsec statusall::home\[2\].*ESTABLISHED::YES carol::cat /var/log/daemon.log::received AUTH_LIFETIME of 30s, scheduling reauthentication in 25s::YES -carol::cat /var/log/daemon.log::maximum IKE_SA lifetime 30s::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES diff --git a/testing/tests/ikev2/reauth-late/evaltest.dat b/testing/tests/ikev2/reauth-late/evaltest.dat index 507a85f30a..7ce2bf1477 100644 --- a/testing/tests/ikev2/reauth-late/evaltest.dat +++ b/testing/tests/ikev2/reauth-late/evaltest.dat @@ -2,7 +2,6 @@ moon::ipsec statusall::rw\[2\].*ESTABLISHED::YES carol::ipsec statusall::home\[2\].*ESTABLISHED::YES carol::cat /var/log/daemon.log::received AUTH_LIFETIME of 3600s, scheduling reauthentication in 3595s::YES carol::cat /var/log/daemon.log::scheduling reauthentication in 2[0-5]s::YES -carol::cat /var/log/daemon.log::maximum IKE_SA lifetime [23][0-9]s::YES carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES diff --git a/testing/tests/ikev2/rw-eapaka-rsa/description.txt b/testing/tests/ikev2/rw-eap-aka-rsa/description.txt similarity index 64% rename from testing/tests/ikev2/rw-eapaka-rsa/description.txt rename to testing/tests/ikev2/rw-eap-aka-rsa/description.txt index af3e53f6b9..b4f766d6fe 100644 --- a/testing/tests/ikev2/rw-eapaka-rsa/description.txt +++ b/testing/tests/ikev2/rw-eap-aka-rsa/description.txt @@ -2,6 +2,6 @@ The roadwarrior carol sets up a connection to gateway moon. carol uses the Extensible Authentication Protocol in association with the Authentication and Key Agreement protocol (EAP-AKA) to authenticate against the gateway. This protocol is used -in UMTS, but here a secret from ipsec.secrets is used instead of a USIM/(R)UIM. -Gateway moon additionaly uses an RSA signature to authenticate itself +in UMTS, but here a secret from ipsec.secrets is used instead of a USIM/(R)UIM. +Gateway moon additionaly uses an RSA signature to authenticate itself against carol. diff --git a/testing/tests/ikev2/rw-eapaka-rsa/evaltest.dat b/testing/tests/ikev2/rw-eap-aka-rsa/evaltest.dat similarity index 66% rename from testing/tests/ikev2/rw-eapaka-rsa/evaltest.dat rename to testing/tests/ikev2/rw-eap-aka-rsa/evaltest.dat index 4ab5fd73cd..5de841c035 100644 --- a/testing/tests/ikev2/rw-eapaka-rsa/evaltest.dat +++ b/testing/tests/ikev2/rw-eap-aka-rsa/evaltest.dat @@ -1,5 +1,5 @@ -carol::cat /var/log/daemon.log::authentication of '@moon.strongswan.org' with RSA signature successful::YES -carol::cat /var/log/daemon.log::authentication of '@moon.strongswan.org' with EAP successful::YES +carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with RSA signature successful::YES +carol::cat /var/log/daemon.log::authentication of 'moon.strongswan.org' with EAP successful::YES moon::cat /var/log/daemon.log::authentication of 'carol@strongswan.org' with EAP successful::YES moon::ipsec statusall::rw-eapaka.*ESTABLISHED::YES carol::ipsec statusall::home.*ESTABLISHED::YES diff --git a/testing/tests/ikev2/rw-eapaka-rsa/hosts/carol/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-aka-rsa/hosts/carol/etc/ipsec.conf similarity index 100% rename from testing/tests/ikev2/rw-eapaka-rsa/hosts/carol/etc/ipsec.conf rename to testing/tests/ikev2/rw-eap-aka-rsa/hosts/carol/etc/ipsec.conf diff --git a/testing/tests/ikev2/rw-eapaka-rsa/hosts/carol/etc/ipsec.secrets b/testing/tests/ikev2/rw-eap-aka-rsa/hosts/carol/etc/ipsec.secrets similarity index 54% rename from testing/tests/ikev2/rw-eapaka-rsa/hosts/carol/etc/ipsec.secrets rename to testing/tests/ikev2/rw-eap-aka-rsa/hosts/carol/etc/ipsec.secrets index ea73220d76..e03e89a0ff 100644 --- a/testing/tests/ikev2/rw-eapaka-rsa/hosts/carol/etc/ipsec.secrets +++ b/testing/tests/ikev2/rw-eap-aka-rsa/hosts/carol/etc/ipsec.secrets @@ -1,3 +1,3 @@ # /etc/ipsec.secrets - strongSwan IPsec secrets file -carol@strongswan.org : PSK "Ar3etTnp01qlpOgb" +carol@strongswan.org : EAP "Ar3etTnp01qlpOgb" diff --git a/testing/tests/ikev2/rw-eapaka-rsa/hosts/moon/etc/ipsec.conf b/testing/tests/ikev2/rw-eap-aka-rsa/hosts/moon/etc/ipsec.conf similarity index 100% rename from testing/tests/ikev2/rw-eapaka-rsa/hosts/moon/etc/ipsec.conf rename to testing/tests/ikev2/rw-eap-aka-rsa/hosts/moon/etc/ipsec.conf diff --git a/testing/tests/ikev2/rw-eapaka-rsa/hosts/moon/etc/ipsec.secrets b/testing/tests/ikev2/rw-eap-aka-rsa/hosts/moon/etc/ipsec.secrets similarity index 61% rename from testing/tests/ikev2/rw-eapaka-rsa/hosts/moon/etc/ipsec.secrets rename to testing/tests/ikev2/rw-eap-aka-rsa/hosts/moon/etc/ipsec.secrets index 64de708aff..aa38383855 100644 --- a/testing/tests/ikev2/rw-eapaka-rsa/hosts/moon/etc/ipsec.secrets +++ b/testing/tests/ikev2/rw-eap-aka-rsa/hosts/moon/etc/ipsec.secrets @@ -2,4 +2,4 @@ : RSA moonKey.pem -carol@strongswan.org : PSK "Ar3etTnp01qlpOgb" +carol@strongswan.org : EAP "Ar3etTnp01qlpOgb" diff --git a/testing/tests/ikev2/rw-eap-aka-rsa/posttest.dat b/testing/tests/ikev2/rw-eap-aka-rsa/posttest.dat new file mode 100644 index 0000000000..94a400606a --- /dev/null +++ b/testing/tests/ikev2/rw-eap-aka-rsa/posttest.dat @@ -0,0 +1,4 @@ +moon::ipsec stop +carol::ipsec stop +moon::/etc/init.d/iptables stop 2> /dev/null +carol::/etc/init.d/iptables stop 2> /dev/null diff --git a/testing/tests/ikev2/rw-eap-aka-rsa/pretest.dat b/testing/tests/ikev2/rw-eap-aka-rsa/pretest.dat new file mode 100644 index 0000000000..ed5498bfe3 --- /dev/null +++ b/testing/tests/ikev2/rw-eap-aka-rsa/pretest.dat @@ -0,0 +1,7 @@ +moon::/etc/init.d/iptables start 2> /dev/null +carol::/etc/init.d/iptables start 2> /dev/null +moon::ipsec start +carol::ipsec start +carol::sleep 1 +carol::ipsec up home +carol::sleep 1 diff --git a/testing/tests/ikev2/rw-eapaka-rsa/test.conf b/testing/tests/ikev2/rw-eap-aka-rsa/test.conf similarity index 100% rename from testing/tests/ikev2/rw-eapaka-rsa/test.conf rename to testing/tests/ikev2/rw-eap-aka-rsa/test.conf diff --git a/testing/tests/ikev2/rw-eapaka-rsa/posttest.dat b/testing/tests/ikev2/rw-eapaka-rsa/posttest.dat deleted file mode 100644 index c6d6235f9d..0000000000 --- a/testing/tests/ikev2/rw-eapaka-rsa/posttest.dat +++ /dev/null @@ -1,2 +0,0 @@ -moon::ipsec stop -carol::ipsec stop diff --git a/testing/tests/ikev2/rw-eapaka-rsa/pretest.dat b/testing/tests/ikev2/rw-eapaka-rsa/pretest.dat deleted file mode 100644 index 5e36462f8d..0000000000 --- a/testing/tests/ikev2/rw-eapaka-rsa/pretest.dat +++ /dev/null @@ -1,5 +0,0 @@ -moon::echo 1 > /proc/sys/net/ipv4/ip_forward -moon::ipsec start -carol::ipsec start -carol::sleep 1 -carol::ipsec up home