From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 17 Jun 2016 09:18:25 +0000 (+0200)
Subject: testing: Fix race in tnc/tnccs-20-pdp-pt-tls scenario
X-Git-Tag: 5.5.0dr1~7
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=c423d0e8a124;p=thirdparty%2Fstrongswan.git

testing: Fix race in tnc/tnccs-20-pdp-pt-tls scenario

aacf84d837e7 ("testing: Add expect-connection calls for all tests and
hosts") removed the expect-connection call for the non-existing aaa
connection.  However, because the credentials were loaded asynchronously
via start-script the clients might have been connecting when the secrets
were not yet loaded.  As `swanctl --load-creds` is a synchronous call
this change avoids that issue without having to add a sleep or failing
expect-connection call.
---

diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf
index 8c67666161..b08a85bb4e 100644
--- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf
+++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/strongswan.conf
@@ -3,9 +3,6 @@
 charon {
   load = random nonce pem pkcs1 x509 openssl revocation constraints curl vici socket-default kernel-netlink tnc-pdp tnc-imv tnc-tnccs tnccs-20 sqlite
 
-  start-scripts {
-    creds = /usr/local/sbin/swanctl --load-creds 
-  }
   syslog {
     auth {
       default = 0
diff --git a/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat b/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat
index d64467c01d..918dd5383d 100644
--- a/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat
+++ b/testing/tests/tnc/tnccs-20-pdp-pt-tls/pretest.dat
@@ -15,6 +15,7 @@ alice::rm /etc/swanctl/x509/aliceCert.pem
 alice::rm /etc/swanctl/rsa/aliceKey.pem
 alice::service apache2 start
 alice::service charon start
+alice::swanctl --load-creds
 winnetou::ip route add 10.1.0.0/16 via 192.168.0.1
 dave::ip route add 10.1.0.0/16 via 192.168.0.1
 dave::cat /etc/pts/options