testing: Config changes for FreeRADIUS 3.0

author Tobias Brunner <tobias@strongswan.org>

Tue, 25 Sep 2018 15:08:32 +0000 (17:08 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Wed, 21 Nov 2018 13:32:25 +0000 (14:32 +0100)
author Tobias Brunner <tobias@strongswan.org>
Tue, 25 Sep 2018 15:08:32 +0000 (17:08 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Wed, 21 Nov 2018 13:32:25 +0000 (14:32 +0100)
diff --git a/testing/hosts/alice/etc/freeradius/3.0/clients.conf b/testing/hosts/alice/etc/freeradius/3.0/clients.conf

new file mode 100644 (file)

index 0000000..7fad83c
--- /dev/null
+++ b/testing/hosts/alice/etc/freeradius/3.0/clients.conf
@@ -0,0 +1,5 @@
+client moon {
+  ipaddr = 10.1.0.1
+  secret = gv6URkSs
+  require_message_authenticator = yes
+}
diff --git a/testing/hosts/alice/etc/freeradius/3.0/radiusd.conf b/testing/hosts/alice/etc/freeradius/3.0/radiusd.conf

new file mode 100644 (file)

index 0000000..6139bb9
--- /dev/null
+++ b/testing/hosts/alice/etc/freeradius/3.0/radiusd.conf
@@ -0,0 +1,99 @@
+# radiusd.conf -- FreeRADIUS server configuration file.
+
+prefix = /usr
+exec_prefix = /usr
+sysconfdir = /etc
+localstatedir = /var
+sbindir = ${exec_prefix}/sbin
+logdir = /var/log/freeradius
+raddbdir = /etc/freeradius/3.0
+radacctdir = ${logdir}/radacct
+
+#  name of the running server.  See also the "-n" command-line option.
+name = freeradius
+
+#  Location of config and logfiles.
+confdir = ${raddbdir}
+modconfdir = ${confdir}/mods-config
+certdir = ${sysconfdir}/raddb/certs
+cadir   = ${sysconfdir}/raddb/certs
+run_dir = ${localstatedir}/run/${name}
+
+# Should likely be ${localstatedir}/lib/radiusd
+db_dir = ${raddbdir}
+
+# libdir: Where to find the rlm_* modules.
+libdir = ${exec_prefix}/lib
+
+#  pidfile: Where to place the PID of the RADIUS server.
+pidfile = ${run_dir}/${name}.pid
+
+#  correct_escapes: use correct backslash escaping
+correct_escapes = true
+
+#  max_request_time: The maximum time (in seconds) to handle a request.
+max_request_time = 30
+
+#  cleanup_delay: The time to wait (in seconds) before cleaning up
+cleanup_delay = 5
+
+#  max_requests: The maximum number of requests which the server keeps
+max_requests = 1024
+
+#  hostname_lookups: Log the names of clients or just their IP addresses
+hostname_lookups = no
+
+#  Logging section
+log {
+  destination = files
+  colourise = yes
+  file = ${logdir}/radius.log
+  syslog_facility = daemon
+  stripped_names = no
+  auth = yes
+  auth_badpass = yes
+  auth_goodpass = yes
+}
+
+#  The program to execute to do concurrency checks.
+checkrad = ${sbindir}/checkrad
+
+#  SECURITY CONFIGURATION
+security {
+  user = freerad
+  group = freerad
+  allow_core_dumps = no
+  max_attributes = 200
+  reject_delay = 1
+  status_server = yes
+}
+
+# PROXY CONFIGURATION
+proxy_requests = yes
+$INCLUDE proxy.conf
+
+# CLIENTS CONFIGURATION
+$INCLUDE clients.conf
+
+# THREAD POOL CONFIGURATION
+thread pool {
+  start_servers = 5
+  max_servers = 32
+  min_spare_servers = 3
+  max_spare_servers = 10
+  max_requests_per_server = 0
+  auto_limit_acct = no
+}
+
+# MODULE CONFIGURATION
+modules {
+  $INCLUDE ${confdir}/mods-enabled/
+}
+
+# Policies
+policy {
+  $INCLUDE policy.d/
+}
+
+# Include all enabled virtual hosts
+$INCLUDE sites-enabled/
diff --git a/testing/hosts/alice/etc/freeradius/radiusd.conf b/testing/hosts/alice/etc/freeradius/radiusd.conf

index e4f7217380b348334cd050a4adf23fc988a45323..bcdc369d2bd30f3af1c6b1d97a2ec86d443450ee 100644 (file)
--- a/testing/hosts/alice/etc/freeradius/radiusd.conf
+++ b/testing/hosts/alice/etc/freeradius/radiusd.conf
@@ -101,8 +101,6 @@ thread pool {
  modules {
    $INCLUDE ${confdir}/modules/
    $INCLUDE eap.conf
-  $INCLUDE sql.conf
-  $INCLUDE sql/mysql/counter.conf
  }
  
  # Instantiation
diff --git a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..b2072d1
--- /dev/null
+++ b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,5 @@
+eap {
+  default_eap_type = md5
+  md5 {
+  }
+}
+\ No newline at end of file
diff --git a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..23cba8d
--- /dev/null
+++ b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/proxy.conf
@@ -0,0 +1,5 @@
+realm strongswan.org {
+  type     = radius
+  authhost = LOCAL
+  accthost = LOCAL
+}
diff --git a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..07178dc
--- /dev/null
+++ b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,56 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  suffix
+  files
+  eap {
+    ok = return
+  }
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..4fb07b9
--- /dev/null
+++ b/testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1 @@
+carol  Cleartext-Password := "4iChxLT3"
diff --git a/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..23cba8d
--- /dev/null
+++ b/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/proxy.conf
@@ -0,0 +1,5 @@
+realm strongswan.org {
+  type     = radius
+  authhost = LOCAL
+  accthost = LOCAL
+}
diff --git a/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..27a42d0
--- /dev/null
+++ b/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,53 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  suffix
+  files
+  pap
+}
+
+authenticate {
+  Auth-Type PAP {
+    pap
+  }
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+}
+
+}
diff --git a/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..4fb07b9
--- /dev/null
+++ b/testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1 @@
+carol  Cleartext-Password := "4iChxLT3"
diff --git a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..7d80239
--- /dev/null
+++ b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,5 @@
+eap {
+  default_eap_type = sim
+  sim {
+  }
+}
diff --git a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..2057b51
--- /dev/null
+++ b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,58 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  files
+  eap {
+    ok = return
+  }
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..aa6f980
--- /dev/null
+++ b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1,2 @@
+228060123456001        EAP-Type := SIM, EAP-Sim-RAND1 := 0x30000000000000000000000000000000, EAP-Sim-SRES1 := 0x30112233, EAP-Sim-KC1 := 0x305566778899AABB, EAP-Sim-RAND2 := 0x31000000000000000000000000000000, EAP-Sim-SRES2 := 0x31112233, EAP-Sim-KC2 := 0x315566778899AABB, EAP-Sim-RAND3 := 0x32000000000000000000000000000000, EAP-Sim-SRES3 := 0x32112233, EAP-Sim-KC3 := 0x325566778899AABB
+228060123456002        EAP-Type := SIM, EAP-Sim-RAND1 := 0x33000000000000000000000000000000, EAP-Sim-SRES1 := 0x33112233, EAP-Sim-KC1 := 0x335566778899AABB, EAP-Sim-RAND2 := 0x34000000000000000000000000000000, EAP-Sim-SRES2 := 0x34112233, EAP-Sim-KC2 := 0x345566778899AABB, EAP-Sim-RAND3 := 0x35000000000000000000000000000000, EAP-Sim-SRES3 := 0x35112233, EAP-Sim-KC3 := 0x355566778899AABB
diff --git a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/modules/sim_files b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/modules/sim_files

deleted file mode 100644 (file)

index 10c26aa..0000000
--- a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/modules/sim_files
+++ /dev/null
@@ -1,3 +0,0 @@
-sim_files {
-       simtriplets = "/etc/freeradius/triplets.dat"
-}
diff --git a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/sites-available/default b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/sites-available/default

index 91425f812a211d16ea6470bd1905f64885d2b366..2968646e54f8b8bb835919bb0c977a190e3f58e2 100644 (file)
--- a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/sites-available/default
+++ b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/sites-available/default
@@ -2,13 +2,23 @@ authorize {
    preprocess
    chap
    mschap
-  sim_files
    suffix
+  files
+  update reply {
+    EAP-Sim-Rand1 := "%{control:EAP-Sim-Rand1}"
+    EAP-Sim-Rand2 := "%{control:EAP-Sim-Rand2}"
+    EAP-Sim-Rand3 := "%{control:EAP-Sim-Rand3}"
+    EAP-Sim-SRES1 := "%{control:EAP-Sim-SRES1}"
+    EAP-Sim-SRES2 := "%{control:EAP-Sim-SRES2}"
+    EAP-Sim-SRES3 := "%{control:EAP-Sim-SRES3}"
+    EAP-Sim-KC1   := "%{control:EAP-Sim-KC1}"
+    EAP-Sim-KC2   := "%{control:EAP-Sim-KC2}"
+    EAP-Sim-KC3   := "%{control:EAP-Sim-KC3}"
+  }
    eap {
      ok = return
    }
    unix
-  files
    expiration
    logintime
    pap
diff --git a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/triplets.dat b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/triplets.dat

deleted file mode 100644 (file)

index aaabab8..0000000
--- a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/triplets.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-228060123456001,30000000000000000000000000000000,30112233,305566778899AABB
-228060123456001,31000000000000000000000000000000,31112233,315566778899AABB
-228060123456001,32000000000000000000000000000000,32112233,325566778899AABB
-228060123456002,33000000000000000000000000000000,33112233,335566778899AABB
-228060123456002,34000000000000000000000000000000,34112233,345566778899AABB
-228060123456002,35000000000000000000000000000000,35112233,355566778899AABB
diff --git a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users

index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..aa6f98076acf4de9422ab90d108c6df141cd5da4 100644 (file)
--- a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users
+++ b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users
@@ -0,0 +1,2 @@
+228060123456001        EAP-Type := SIM, EAP-Sim-RAND1 := 0x30000000000000000000000000000000, EAP-Sim-SRES1 := 0x30112233, EAP-Sim-KC1 := 0x305566778899AABB, EAP-Sim-RAND2 := 0x31000000000000000000000000000000, EAP-Sim-SRES2 := 0x31112233, EAP-Sim-KC2 := 0x315566778899AABB, EAP-Sim-RAND3 := 0x32000000000000000000000000000000, EAP-Sim-SRES3 := 0x32112233, EAP-Sim-KC3 := 0x325566778899AABB
+228060123456002        EAP-Type := SIM, EAP-Sim-RAND1 := 0x33000000000000000000000000000000, EAP-Sim-SRES1 := 0x33112233, EAP-Sim-KC1 := 0x335566778899AABB, EAP-Sim-RAND2 := 0x34000000000000000000000000000000, EAP-Sim-SRES2 := 0x34112233, EAP-Sim-KC2 := 0x345566778899AABB, EAP-Sim-RAND3 := 0x35000000000000000000000000000000, EAP-Sim-SRES3 := 0x35112233, EAP-Sim-KC3 := 0x355566778899AABB
diff --git a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/pretest.dat b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/pretest.dat

index dffe66db9edc1d97326cd3687206dfc6949e6ebc..f3fdfe6fff8f61aa936c81656602072bdb0b1d9f 100644 (file)
--- a/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/pretest.dat
+++ b/testing/tests/ikev2/mult-auth-rsa-eap-sim-id/pretest.dat
@@ -1,7 +1,3 @@
-alice::cat /etc/freeradius/clients.conf
-alice::cat /etc/freeradius/eap.conf
-alice::cat /etc/freeradius/proxy.conf
-alice::cat /etc/freeradius/triplets.dat
  carol::cat /etc/ipsec.d/triplets.dat
  dave::cat /etc/ipsec.d/triplets.dat
  alice::freeradius
diff --git a/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..623f429
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,5 @@
+eap {
+  default_eap_type = md5
+  md5 {
+  }
+}
diff --git a/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..1dc69d9
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,58 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  eap {
+    ok = return
+  }
+  files
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..ba92f00
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1,4 @@
+carol  Cleartext-Password := "Ar3etTnp"
+               Framed-IP-Address = 10.3.0.1
+dave   Cleartext-Password := "W7R0g3do"
+               Framed-IP-Address = 10.3.0.2
diff --git a/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..623f429
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,5 @@
+eap {
+  default_eap_type = md5
+  md5 {
+  }
+}
diff --git a/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..1dc69d9
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,58 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  eap {
+    ok = return
+  }
+  files
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..62d4591
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1,4 @@
+carol  Cleartext-Password := "Ar3etTnp"
+               Class = "Research"
+dave   Cleartext-Password := "W7R0g3do"
+               Class = "Accounting"
diff --git a/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..623f429
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,5 @@
+eap {
+  default_eap_type = md5
+  md5 {
+  }
+}
diff --git a/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..1dc69d9
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,58 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  eap {
+    ok = return
+  }
+  files
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..247b918
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1 @@
+carol  Cleartext-Password := "Ar3etTnp"
diff --git a/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..623f429
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,5 @@
+eap {
+  default_eap_type = md5
+  md5 {
+  }
+}
diff --git a/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..23cba8d
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/proxy.conf
@@ -0,0 +1,5 @@
+realm strongswan.org {
+  type     = radius
+  authhost = LOCAL
+  accthost = LOCAL
+}
diff --git a/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..2bbe1d7
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,59 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  suffix
+  eap {
+    ok = return
+  }
+  files
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..247b918
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1 @@
+carol  Cleartext-Password := "Ar3etTnp"
diff --git a/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..0ae8bef
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,21 @@
+eap {
+  md5 {
+  }
+  default_eap_type = peap
+
+  tls-config tls-common {
+    private_key_file = ${certdir}/aaaKey.pem
+    certificate_file = ${certdir}/aaaCert.pem
+    ca_file = ${cadir}/strongswanCert.pem
+    cipher_list = "DEFAULT"
+    dh_file = ${certdir}/dh
+    random_file = ${certdir}/random
+  }
+
+  peap {
+    tls = tls-common
+    default_eap_type = md5
+    use_tunneled_reply = yes
+    virtual_server = "inner-tunnel"
+  }
+}
diff --git a/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..23cba8d
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/proxy.conf
@@ -0,0 +1,5 @@
+realm strongswan.org {
+  type     = radius
+  authhost = LOCAL
+  accthost = LOCAL
+}
diff --git a/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..2bbe1d7
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,59 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  suffix
+  eap {
+    ok = return
+  }
+  files
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..6ce9d63
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel
@@ -0,0 +1,38 @@
+server inner-tunnel {
+
+authorize {
+  filter_username
+  suffix
+  eap {
+    ok = return
+  }
+  files
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    update outer.session-state {
+      &Module-Failure-Message := &request:Module-Failure-Message
+    }
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+} # inner-tunnel server block
diff --git a/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..50ccf3e
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1,2 @@
+carol  Cleartext-Password := "Ar3etTnp"
+dave   Cleartext-Password := "W7R0g3do"
diff --git a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..7d80239
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,5 @@
+eap {
+  default_eap_type = sim
+  sim {
+  }
+}
diff --git a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..2057b51
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,58 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  files
+  eap {
+    ok = return
+  }
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..1c281a9
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1 @@
+228060123456001        EAP-Type := SIM, EAP-Sim-RAND1 := 0x30000000000000000000000000000000, EAP-Sim-SRES1 := 0x30112233, EAP-Sim-KC1 := 0x305566778899AABB, EAP-Sim-RAND2 := 0x31000000000000000000000000000000, EAP-Sim-SRES2 := 0x31112233, EAP-Sim-KC2 := 0x315566778899AABB, EAP-Sim-RAND3 := 0x32000000000000000000000000000000, EAP-Sim-SRES3 := 0x32112233, EAP-Sim-KC3 := 0x325566778899AABB
diff --git a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/modules/sim_files b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/modules/sim_files

deleted file mode 100644 (file)

index 10c26aa..0000000
--- a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/modules/sim_files
+++ /dev/null
@@ -1,3 +0,0 @@
-sim_files {
-       simtriplets = "/etc/freeradius/triplets.dat"
-}
diff --git a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/sites-available/default b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/sites-available/default

index 893529324086b9661408a855a113c663801de35c..1dc66699296aacabbc2ee0a8b525bda7dc8f790a 100644 (file)
--- a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/sites-available/default
+++ b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/sites-available/default
@@ -1,5 +1,16 @@
  authorize {
-  sim_files
+  files
+  update reply {
+    EAP-Sim-Rand1 := "%{control:EAP-Sim-Rand1}"
+    EAP-Sim-Rand2 := "%{control:EAP-Sim-Rand2}"
+    EAP-Sim-Rand3 := "%{control:EAP-Sim-Rand3}"
+    EAP-Sim-SRES1 := "%{control:EAP-Sim-SRES1}"
+    EAP-Sim-SRES2 := "%{control:EAP-Sim-SRES2}"
+    EAP-Sim-SRES3 := "%{control:EAP-Sim-SRES3}"
+    EAP-Sim-KC1   := "%{control:EAP-Sim-KC1}"
+    EAP-Sim-KC2   := "%{control:EAP-Sim-KC2}"
+    EAP-Sim-KC3   := "%{control:EAP-Sim-KC3}"
+  }
    eap {
      ok = return
    }
diff --git a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/triplets.dat b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/triplets.dat

deleted file mode 100644 (file)

index c167ba9..0000000
--- a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/triplets.dat
+++ /dev/null
@@ -1,3 +0,0 @@
-228060123456001,30000000000000000000000000000000,30112233,305566778899AABB
-228060123456001,31000000000000000000000000000000,31112233,315566778899AABB
-228060123456001,32000000000000000000000000000000,32112233,325566778899AABB
diff --git a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/users b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/users

index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..1c281a9742846b20ec48611eb495be8486f0a469 100644 (file)
--- a/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/users
+++ b/testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/users
@@ -0,0 +1 @@
+228060123456001        EAP-Type := SIM, EAP-Sim-RAND1 := 0x30000000000000000000000000000000, EAP-Sim-SRES1 := 0x30112233, EAP-Sim-KC1 := 0x305566778899AABB, EAP-Sim-RAND2 := 0x31000000000000000000000000000000, EAP-Sim-SRES2 := 0x31112233, EAP-Sim-KC2 := 0x315566778899AABB, EAP-Sim-RAND3 := 0x32000000000000000000000000000000, EAP-Sim-SRES3 := 0x32112233, EAP-Sim-KC3 := 0x325566778899AABB
diff --git a/testing/tests/ikev2/rw-eap-sim-id-radius/pretest.dat b/testing/tests/ikev2/rw-eap-sim-id-radius/pretest.dat

index 1836881ef45ffcb7db7cdc731bcf5a258d2c0bba..53aa83f0cba89f1e5fbce176a29fcd2784d97ad5 100644 (file)
--- a/testing/tests/ikev2/rw-eap-sim-id-radius/pretest.dat
+++ b/testing/tests/ikev2/rw-eap-sim-id-radius/pretest.dat
@@ -1,6 +1,5 @@
  moon::iptables-restore < /etc/iptables.rules
  carol::iptables-restore < /etc/iptables.rules
-alice::cat /etc/freeradius/triplets.dat
  carol::cat /etc/ipsec.d/triplets.dat
  alice::freeradius
  moon::ipsec start
diff --git a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..7d80239
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,5 @@
+eap {
+  default_eap_type = sim
+  sim {
+  }
+}
diff --git a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..71fa4f1
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,59 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  suffix
+  files
+  eap {
+    ok = return
+  }
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..a74267d
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1,2 @@
+carol@strongswan.org   EAP-Type := SIM, EAP-Sim-RAND1 := 0x30000000000000000000000000000000, EAP-Sim-SRES1 := 0x30112233, EAP-Sim-KC1 := 0x305566778899AABB, EAP-Sim-RAND2 := 0x31000000000000000000000000000000, EAP-Sim-SRES2 := 0x31112233, EAP-Sim-KC2 := 0x315566778899AABB, EAP-Sim-RAND3 := 0x32000000000000000000000000000000, EAP-Sim-SRES3 := 0x32112233, EAP-Sim-KC3 := 0x325566778899AABB
+dave@strongswan.org    EAP-Type := SIM, EAP-Sim-RAND1 := 0x33000000000000000000000000000000, EAP-Sim-SRES1 := 0x33112233, EAP-Sim-KC1 := 0x335566778899AABB, EAP-Sim-RAND2 := 0x34000000000000000000000000000000, EAP-Sim-SRES2 := 0x34112233, EAP-Sim-KC2 := 0x345566778899AABB, EAP-Sim-RAND3 := 0x35000000000000000000000000000000, EAP-Sim-SRES3 := 0x35112233, EAP-Sim-KC3 := 0x355566778899AABB
diff --git a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/modules/sim_files b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/modules/sim_files

deleted file mode 100644 (file)

index 10c26aa..0000000
--- a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/modules/sim_files
+++ /dev/null
@@ -1,3 +0,0 @@
-sim_files {
-       simtriplets = "/etc/freeradius/triplets.dat"
-}
diff --git a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/sites-available/default b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/sites-available/default

index fbdf75f4c1af0f5c15e0d65b560453503f437eb3..8d68b81fc22fa26562fcd841f30132040f242d9e 100644 (file)
--- a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/sites-available/default
+++ b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/sites-available/default
@@ -1,6 +1,17 @@
  authorize {
-  sim_files
+  files
    suffix
+  update reply {
+    EAP-Sim-Rand1 := "%{control:EAP-Sim-Rand1}"
+    EAP-Sim-Rand2 := "%{control:EAP-Sim-Rand2}"
+    EAP-Sim-Rand3 := "%{control:EAP-Sim-Rand3}"
+    EAP-Sim-SRES1 := "%{control:EAP-Sim-SRES1}"
+    EAP-Sim-SRES2 := "%{control:EAP-Sim-SRES2}"
+    EAP-Sim-SRES3 := "%{control:EAP-Sim-SRES3}"
+    EAP-Sim-KC1   := "%{control:EAP-Sim-KC1}"
+    EAP-Sim-KC2   := "%{control:EAP-Sim-KC2}"
+    EAP-Sim-KC3   := "%{control:EAP-Sim-KC3}"
+  }
    eap {
      ok = return
    }
diff --git a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/triplets.dat b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/triplets.dat

deleted file mode 100644 (file)

index 3e9a644..0000000
--- a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/triplets.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-carol@strongswan.org,30000000000000000000000000000000,30112233,305566778899AABB
-carol@strongswan.org,31000000000000000000000000000000,31112233,315566778899AABB
-carol@strongswan.org,32000000000000000000000000000000,32112233,325566778899AABB
-dave@strongswan.org,33000000000000000000000000000000,33112233,335566778899AABB
-dave@strongswan.org,34000000000000000000000000000000,34112233,345566778899AABB
-dave@strongswan.org,35000000000000000000000000000000,35112233,355566778899AABB
diff --git a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/users b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/users

index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..a74267d30e8c710a24c52cac2aa737092188fd77 100644 (file)
--- a/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/users
+++ b/testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/users
@@ -0,0 +1,2 @@
+carol@strongswan.org   EAP-Type := SIM, EAP-Sim-RAND1 := 0x30000000000000000000000000000000, EAP-Sim-SRES1 := 0x30112233, EAP-Sim-KC1 := 0x305566778899AABB, EAP-Sim-RAND2 := 0x31000000000000000000000000000000, EAP-Sim-SRES2 := 0x31112233, EAP-Sim-KC2 := 0x315566778899AABB, EAP-Sim-RAND3 := 0x32000000000000000000000000000000, EAP-Sim-SRES3 := 0x32112233, EAP-Sim-KC3 := 0x325566778899AABB
+dave@strongswan.org    EAP-Type := SIM, EAP-Sim-RAND1 := 0x33000000000000000000000000000000, EAP-Sim-SRES1 := 0x33112233, EAP-Sim-KC1 := 0x335566778899AABB, EAP-Sim-RAND2 := 0x34000000000000000000000000000000, EAP-Sim-SRES2 := 0x34112233, EAP-Sim-KC2 := 0x345566778899AABB, EAP-Sim-RAND3 := 0x35000000000000000000000000000000, EAP-Sim-SRES3 := 0x35112233, EAP-Sim-KC3 := 0x355566778899AABB
diff --git a/testing/tests/ikev2/rw-eap-sim-only-radius/pretest.dat b/testing/tests/ikev2/rw-eap-sim-only-radius/pretest.dat

index 75bac653fac62860c8d72f1e984ec674e9f2ed96..04b824def890b54747449236771e0693f13f1995 100644 (file)
--- a/testing/tests/ikev2/rw-eap-sim-only-radius/pretest.dat
+++ b/testing/tests/ikev2/rw-eap-sim-only-radius/pretest.dat
@@ -7,7 +7,6 @@ dave::iptables-restore < /etc/iptables.rules
  moon::rm /etc/ipsec.d/cacerts/*
  carol::rm /etc/ipsec.d/cacerts/*
  dave::rm /etc/ipsec.d/cacerts/*
-alice::cat /etc/freeradius/triplets.dat
  carol::cat /etc/ipsec.d/triplets.dat
  dave::cat /etc/ipsec.d/triplets.dat
  alice::freeradius
diff --git a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..7d80239
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,5 @@
+eap {
+  default_eap_type = sim
+  sim {
+  }
+}
diff --git a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..71fa4f1
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,59 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  suffix
+  files
+  eap {
+    ok = return
+  }
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..a74267d
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1,2 @@
+carol@strongswan.org   EAP-Type := SIM, EAP-Sim-RAND1 := 0x30000000000000000000000000000000, EAP-Sim-SRES1 := 0x30112233, EAP-Sim-KC1 := 0x305566778899AABB, EAP-Sim-RAND2 := 0x31000000000000000000000000000000, EAP-Sim-SRES2 := 0x31112233, EAP-Sim-KC2 := 0x315566778899AABB, EAP-Sim-RAND3 := 0x32000000000000000000000000000000, EAP-Sim-SRES3 := 0x32112233, EAP-Sim-KC3 := 0x325566778899AABB
+dave@strongswan.org    EAP-Type := SIM, EAP-Sim-RAND1 := 0x33000000000000000000000000000000, EAP-Sim-SRES1 := 0x33112233, EAP-Sim-KC1 := 0x335566778899AABB, EAP-Sim-RAND2 := 0x34000000000000000000000000000000, EAP-Sim-SRES2 := 0x34112233, EAP-Sim-KC2 := 0x345566778899AABB, EAP-Sim-RAND3 := 0x35000000000000000000000000000000, EAP-Sim-SRES3 := 0x35112233, EAP-Sim-KC3 := 0x355566778899AABB
diff --git a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/modules/sim_files b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/modules/sim_files

deleted file mode 100644 (file)

index 10c26aa..0000000
--- a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/modules/sim_files
+++ /dev/null
@@ -1,3 +0,0 @@
-sim_files {
-       simtriplets = "/etc/freeradius/triplets.dat"
-}
diff --git a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/sites-available/default b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/sites-available/default

index 91425f812a211d16ea6470bd1905f64885d2b366..51b64a74b38ed4c4fb93a5e084029e4e7495ae47 100644 (file)
--- a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/sites-available/default
+++ b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/sites-available/default
@@ -2,8 +2,19 @@ authorize {
    preprocess
    chap
    mschap
-  sim_files
+  files
    suffix
+  update reply {
+    EAP-Sim-Rand1 := "%{control:EAP-Sim-Rand1}"
+    EAP-Sim-Rand2 := "%{control:EAP-Sim-Rand2}"
+    EAP-Sim-Rand3 := "%{control:EAP-Sim-Rand3}"
+    EAP-Sim-SRES1 := "%{control:EAP-Sim-SRES1}"
+    EAP-Sim-SRES2 := "%{control:EAP-Sim-SRES2}"
+    EAP-Sim-SRES3 := "%{control:EAP-Sim-SRES3}"
+    EAP-Sim-KC1   := "%{control:EAP-Sim-KC1}"
+    EAP-Sim-KC2   := "%{control:EAP-Sim-KC2}"
+    EAP-Sim-KC3   := "%{control:EAP-Sim-KC3}"
+  }
    eap {
      ok = return
    }
diff --git a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/triplets.dat b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/triplets.dat

deleted file mode 100644 (file)

index 3e9a644..0000000
--- a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/triplets.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-carol@strongswan.org,30000000000000000000000000000000,30112233,305566778899AABB
-carol@strongswan.org,31000000000000000000000000000000,31112233,315566778899AABB
-carol@strongswan.org,32000000000000000000000000000000,32112233,325566778899AABB
-dave@strongswan.org,33000000000000000000000000000000,33112233,335566778899AABB
-dave@strongswan.org,34000000000000000000000000000000,34112233,345566778899AABB
-dave@strongswan.org,35000000000000000000000000000000,35112233,355566778899AABB
diff --git a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/users b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/users

index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..a74267d30e8c710a24c52cac2aa737092188fd77 100644 (file)
--- a/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/users
+++ b/testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/users
@@ -0,0 +1,2 @@
+carol@strongswan.org   EAP-Type := SIM, EAP-Sim-RAND1 := 0x30000000000000000000000000000000, EAP-Sim-SRES1 := 0x30112233, EAP-Sim-KC1 := 0x305566778899AABB, EAP-Sim-RAND2 := 0x31000000000000000000000000000000, EAP-Sim-SRES2 := 0x31112233, EAP-Sim-KC2 := 0x315566778899AABB, EAP-Sim-RAND3 := 0x32000000000000000000000000000000, EAP-Sim-SRES3 := 0x32112233, EAP-Sim-KC3 := 0x325566778899AABB
+dave@strongswan.org    EAP-Type := SIM, EAP-Sim-RAND1 := 0x33000000000000000000000000000000, EAP-Sim-SRES1 := 0x33112233, EAP-Sim-KC1 := 0x335566778899AABB, EAP-Sim-RAND2 := 0x34000000000000000000000000000000, EAP-Sim-SRES2 := 0x34112233, EAP-Sim-KC2 := 0x345566778899AABB, EAP-Sim-RAND3 := 0x35000000000000000000000000000000, EAP-Sim-SRES3 := 0x35112233, EAP-Sim-KC3 := 0x355566778899AABB
diff --git a/testing/tests/ikev2/rw-eap-sim-radius/pretest.dat b/testing/tests/ikev2/rw-eap-sim-radius/pretest.dat

index 623e1c3940b6be9d92fc512f6b447747ee89ec6f..e171997bc39575a68d4db895a866c4b63f1e4948 100644 (file)
--- a/testing/tests/ikev2/rw-eap-sim-radius/pretest.dat
+++ b/testing/tests/ikev2/rw-eap-sim-radius/pretest.dat
@@ -1,10 +1,6 @@
  moon::iptables-restore < /etc/iptables.rules
  carol::iptables-restore < /etc/iptables.rules
  dave::iptables-restore < /etc/iptables.rules
-alice::cat /etc/freeradius/clients.conf
-alice::cat /etc/freeradius/eap.conf
-alice::cat /etc/freeradius/proxy.conf
-alice::cat /etc/freeradius/triplets.dat
  carol::cat /etc/ipsec.d/triplets.dat
  dave::cat /etc/ipsec.d/triplets.dat
  alice::freeradius
diff --git a/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..e8670db
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,16 @@
+eap {
+  default_eap_type = tls
+
+  tls-config tls-common {
+    private_key_file = ${certdir}/aaaKey.pem
+    certificate_file = ${certdir}/aaaCert.pem
+    ca_file = ${cadir}/strongswanCert.pem
+    cipher_list = "DEFAULT"
+    dh_file = ${certdir}/dh
+    random_file = ${certdir}/random
+  }
+
+  tls {
+    tls = tls-common
+  }
+}
diff --git a/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..0607027
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,55 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  eap {
+    ok = return
+  }
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/strongswan.conf b/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/strongswan.conf

index ef566691420de420e380661517e7d7d6179101e8..6907b765706d901c81cd8491b592a513d6b3d29e 100644 (file)
--- a/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/strongswan.conf
+++ b/testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/strongswan.conf
@@ -9,7 +9,3 @@ charon {
      }
    }
  }
-
-libtls {
-  suites = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
-}
diff --git a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..7450c71
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,21 @@
+eap {
+  md5 {
+  }
+  default_eap_type = ttls
+
+  tls-config tls-common {
+    private_key_file = ${certdir}/aaaKey.pem
+    certificate_file = ${certdir}/aaaCert.pem
+    ca_file = ${cadir}/strongswanCert.pem
+    cipher_list = "DEFAULT"
+    dh_file = ${certdir}/dh
+    random_file = ${certdir}/random
+  }
+
+  ttls {
+    tls = tls-common
+    default_eap_type = md5
+    use_tunneled_reply = yes
+    virtual_server = "inner-tunnel"
+  }
+}
diff --git a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..23cba8d
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/proxy.conf
@@ -0,0 +1,5 @@
+realm strongswan.org {
+  type     = radius
+  authhost = LOCAL
+  accthost = LOCAL
+}
diff --git a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..2bbe1d7
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,59 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  suffix
+  eap {
+    ok = return
+  }
+  files
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..6ce9d63
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel
@@ -0,0 +1,38 @@
+server inner-tunnel {
+
+authorize {
+  filter_username
+  suffix
+  eap {
+    ok = return
+  }
+  files
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    update outer.session-state {
+      &Module-Failure-Message := &request:Module-Failure-Message
+    }
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+} # inner-tunnel server block
diff --git a/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..50ccf3e
--- /dev/null
+++ b/testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1,2 @@
+carol  Cleartext-Password := "Ar3etTnp"
+dave   Cleartext-Password := "W7R0g3do"
diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..623f429
--- /dev/null
+++ b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,5 @@
+eap {
+  default_eap_type = md5
+  md5 {
+  }
+}
diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..dafe7f0
--- /dev/null
+++ b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,64 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+listen {
+  type = acct
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  eap {
+    ok = return
+  }
+  files
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/users b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..247b918
--- /dev/null
+++ b/testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1 @@
+carol  Cleartext-Password := "Ar3etTnp"
diff --git a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/mods-available/eap b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/mods-available/eap

new file mode 100644 (file)

index 0000000..7d80239
--- /dev/null
+++ b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/mods-available/eap
@@ -0,0 +1,5 @@
+eap {
+  default_eap_type = sim
+  sim {
+  }
+}
diff --git a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/proxy.conf b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/proxy.conf

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/default b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/default

new file mode 100644 (file)

index 0000000..2057b51
--- /dev/null
+++ b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/default
@@ -0,0 +1,58 @@
+server default {
+
+listen {
+  type = auth
+  ipaddr = 10.1.0.10
+  port = 0
+}
+
+authorize {
+  preprocess
+  files
+  eap {
+    ok = return
+  }
+  expiration
+  logintime
+}
+
+authenticate {
+  eap
+}
+
+preacct {
+  preprocess
+  acct_unique
+  suffix
+  files
+}
+
+accounting {
+  detail
+  unix
+  radutmp
+  exec
+  attr_filter.accounting_response
+}
+
+session {
+  radutmp
+}
+
+post-auth {
+  exec
+  Post-Auth-Type REJECT {
+    attr_filter.access_reject
+    eap
+    remove_reply_message_if_eap
+  }
+}
+
+pre-proxy {
+}
+
+post-proxy {
+  eap
+}
+
+}
diff --git a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel

new file mode 100644 (file)

index 0000000..e69de29
diff --git a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/users b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/users

new file mode 100644 (file)

index 0000000..aa6f980
--- /dev/null
+++ b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/users
@@ -0,0 +1,2 @@
+228060123456001        EAP-Type := SIM, EAP-Sim-RAND1 := 0x30000000000000000000000000000000, EAP-Sim-SRES1 := 0x30112233, EAP-Sim-KC1 := 0x305566778899AABB, EAP-Sim-RAND2 := 0x31000000000000000000000000000000, EAP-Sim-SRES2 := 0x31112233, EAP-Sim-KC2 := 0x315566778899AABB, EAP-Sim-RAND3 := 0x32000000000000000000000000000000, EAP-Sim-SRES3 := 0x32112233, EAP-Sim-KC3 := 0x325566778899AABB
+228060123456002        EAP-Type := SIM, EAP-Sim-RAND1 := 0x33000000000000000000000000000000, EAP-Sim-SRES1 := 0x33112233, EAP-Sim-KC1 := 0x335566778899AABB, EAP-Sim-RAND2 := 0x34000000000000000000000000000000, EAP-Sim-SRES2 := 0x34112233, EAP-Sim-KC2 := 0x345566778899AABB, EAP-Sim-RAND3 := 0x35000000000000000000000000000000, EAP-Sim-SRES3 := 0x35112233, EAP-Sim-KC3 := 0x355566778899AABB
diff --git a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/modules/sim_files b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/modules/sim_files

deleted file mode 100644 (file)

index 10c26aa..0000000
--- a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/modules/sim_files
+++ /dev/null
@@ -1,3 +0,0 @@
-sim_files {
-       simtriplets = "/etc/freeradius/triplets.dat"
-}
diff --git a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/sites-available/default b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/sites-available/default

index 91425f812a211d16ea6470bd1905f64885d2b366..51b64a74b38ed4c4fb93a5e084029e4e7495ae47 100644 (file)
--- a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/sites-available/default
+++ b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/sites-available/default
@@ -2,8 +2,19 @@ authorize {
    preprocess
    chap
    mschap
-  sim_files
+  files
    suffix
+  update reply {
+    EAP-Sim-Rand1 := "%{control:EAP-Sim-Rand1}"
+    EAP-Sim-Rand2 := "%{control:EAP-Sim-Rand2}"
+    EAP-Sim-Rand3 := "%{control:EAP-Sim-Rand3}"
+    EAP-Sim-SRES1 := "%{control:EAP-Sim-SRES1}"
+    EAP-Sim-SRES2 := "%{control:EAP-Sim-SRES2}"
+    EAP-Sim-SRES3 := "%{control:EAP-Sim-SRES3}"
+    EAP-Sim-KC1   := "%{control:EAP-Sim-KC1}"
+    EAP-Sim-KC2   := "%{control:EAP-Sim-KC2}"
+    EAP-Sim-KC3   := "%{control:EAP-Sim-KC3}"
+  }
    eap {
      ok = return
    }
diff --git a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/triplets.dat b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/triplets.dat

deleted file mode 100644 (file)

index aaabab8..0000000
--- a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/triplets.dat
+++ /dev/null
@@ -1,6 +0,0 @@
-228060123456001,30000000000000000000000000000000,30112233,305566778899AABB
-228060123456001,31000000000000000000000000000000,31112233,315566778899AABB
-228060123456001,32000000000000000000000000000000,32112233,325566778899AABB
-228060123456002,33000000000000000000000000000000,33112233,335566778899AABB
-228060123456002,34000000000000000000000000000000,34112233,345566778899AABB
-228060123456002,35000000000000000000000000000000,35112233,355566778899AABB
diff --git a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users

index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..aa6f98076acf4de9422ab90d108c6df141cd5da4 100644 (file)
--- a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users
+++ b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users
@@ -0,0 +1,2 @@
+228060123456001        EAP-Type := SIM, EAP-Sim-RAND1 := 0x30000000000000000000000000000000, EAP-Sim-SRES1 := 0x30112233, EAP-Sim-KC1 := 0x305566778899AABB, EAP-Sim-RAND2 := 0x31000000000000000000000000000000, EAP-Sim-SRES2 := 0x31112233, EAP-Sim-KC2 := 0x315566778899AABB, EAP-Sim-RAND3 := 0x32000000000000000000000000000000, EAP-Sim-SRES3 := 0x32112233, EAP-Sim-KC3 := 0x325566778899AABB
+228060123456002        EAP-Type := SIM, EAP-Sim-RAND1 := 0x33000000000000000000000000000000, EAP-Sim-SRES1 := 0x33112233, EAP-Sim-KC1 := 0x335566778899AABB, EAP-Sim-RAND2 := 0x34000000000000000000000000000000, EAP-Sim-SRES2 := 0x34112233, EAP-Sim-KC2 := 0x345566778899AABB, EAP-Sim-RAND3 := 0x35000000000000000000000000000000, EAP-Sim-SRES3 := 0x35112233, EAP-Sim-KC3 := 0x355566778899AABB
diff --git a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/pretest.dat b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/pretest.dat

index 0e63ac8a545dc03af533c967fd92286375aee61f..10150f03c42939e376b2b9203dad3fd36d1e2ac3 100644 (file)
--- a/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/pretest.dat
+++ b/testing/tests/swanctl/mult-auth-rsa-eap-sim-id/pretest.dat
@@ -1,7 +1,3 @@
-alice::cat /etc/freeradius/clients.conf
-alice::cat /etc/freeradius/eap.conf
-alice::cat /etc/freeradius/proxy.conf
-alice::cat /etc/freeradius/triplets.dat
  carol::cat /etc/ipsec.d/triplets.dat
  dave::cat /etc/ipsec.d/triplets.dat
  alice::freeradius
author	Tobias Brunner <tobias@strongswan.org>
	Tue, 25 Sep 2018 15:08:32 +0000 (17:08 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Wed, 21 Nov 2018 13:32:25 +0000 (14:32 +0100)
testing/hosts/alice/etc/freeradius/3.0/clients.conf	[new file with mode: 0644]	patch \| blob
testing/hosts/alice/etc/freeradius/3.0/radiusd.conf	[new file with mode: 0644]	patch \| blob
testing/hosts/alice/etc/freeradius/radiusd.conf		patch \| blob \| blame \| history
testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/modules/sim_files	[deleted file]	patch \| blob \| blame \| history
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/sites-available/default		patch \| blob \| blame \| history
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/triplets.dat	[deleted file]	patch \| blob \| blame \| history
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users		patch \| blob \| blame \| history
testing/tests/ikev2/mult-auth-rsa-eap-sim-id/pretest.dat		patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/modules/sim_files	[deleted file]	patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/sites-available/default		patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/triplets.dat	[deleted file]	patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/users		patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-id-radius/pretest.dat		patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/modules/sim_files	[deleted file]	patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/sites-available/default		patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/triplets.dat	[deleted file]	patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/users		patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-only-radius/pretest.dat		patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/modules/sim_files	[deleted file]	patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/sites-available/default		patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/triplets.dat	[deleted file]	patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/users		patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-sim-radius/pretest.dat		patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/strongswan.conf		patch \| blob \| blame \| history
testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/mods-available/eap	[new file with mode: 0644]	patch \| blob
testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/proxy.conf	[new file with mode: 0644]	patch \| blob
testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/default	[new file with mode: 0644]	patch \| blob
testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/sites-available/inner-tunnel	[new file with mode: 0644]	patch \| blob
testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/3.0/users	[new file with mode: 0644]	patch \| blob
testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/modules/sim_files	[deleted file]	patch \| blob \| blame \| history
testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/sites-available/default		patch \| blob \| blame \| history
testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/triplets.dat	[deleted file]	patch \| blob \| blame \| history
testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users		patch \| blob \| blame \| history
testing/tests/swanctl/mult-auth-rsa-eap-sim-id/pretest.dat		patch \| blob \| blame \| history