testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.d/ipsec.sql

   1 DROP TABLE IF EXISTS identities;
   2 CREATE TABLE identities (
   3   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
   4   type INTEGER NOT NULL,
   5   data BLOB NOT NULL,
   6   UNIQUE (type, data)
   7 );
   8
   9 DROP TABLE IF EXISTS child_configs;
  10 CREATE TABLE child_configs (
  11   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
  12   name TEXT NOT NULL,
  13   lifetime INTEGER NOT NULL DEFAULT '1200',
  14   rekeytime INTEGER NOT NULL DEFAULT '1020',
  15   jitter INTEGER NOT NULL DEFAULT '180',
  16   updown TEXT DEFAULT NULL,
  17   hostaccess INTEGER NOT NULL DEFAULT '0',
  18   mode INTEGER NOT NULL DEFAULT '1'
  19 );
  20 DROP INDEX IF EXISTS child_configs_name;
  21 CREATE INDEX child_configs_name ON child_configs (
  22   name
  23 );
  24
  25 DROP TABLE IF EXISTS child_config_traffic_selector;
  26 CREATE TABLE child_config_traffic_selector (
  27   child_cfg INTEGER NOT NULL,
  28   traffic_selector INTEGER NOT NULL,
  29   kind INTEGER NOT NULL
  30 );
  31 DROP INDEX IF EXISTS child_config_traffic_selector;
  32 CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector (
  33   child_cfg, traffic_selector
  34 );
  35
  36 DROP TABLE IF EXISTS ike_configs;
  37 CREATE TABLE ike_configs (
  38   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
  39   certreq INTEGER NOT NULL DEFAULT '1',
  40   force_encap INTEGER NOT NULL DEFAULT '0',
  41   local TEXT NOT NULL,
  42   remote TEXT NOT NULL
  43 );
  44
  45 DROP TABLE IF EXISTS peer_configs;
  46 CREATE TABLE peer_configs (
  47   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
  48   name TEXT NOT NULL,
  49   ike_version INTEGER NOT NULL DEFAULT '2',
  50   ike_cfg INTEGER NOT NULL,
  51   local_id TEXT NOT NULL,
  52   remote_id TEXT NOT NULL,
  53   cert_policy INTEGER NOT NULL DEFAULT '1',
  54   auth_method INTEGER NOT NULL DEFAULT '1',
  55   eap_type INTEGER NOT NULL DEFAULT '0',
  56   eap_vendor INTEGER NOT NULL DEFAULT '0',
  57   keyingtries INTEGER NOT NULL DEFAULT '1',
  58   rekeytime INTEGER NOT NULL DEFAULT '0',
  59   reauthtime INTEGER NOT NULL DEFAULT '3600',
  60   jitter INTEGER NOT NULL DEFAULT '180',
  61   overtime INTEGER NOT NULL DEFAULT '300',
  62   mobike INTEGER NOT NULL DEFAULT '1',
  63   dpd_delay INTEGER NOT NULL DEFAULT '120',
  64   dpd_action INTEGER NOT NULL DEFAULT '1',
  65   mediation INTEGER NOT NULL DEFAULT '0',
  66   mediated_by INTEGER NOT NULL DEFAULT '0',
  67   peer_id INTEGER NOT NULL DEFAULT '0'
  68 );
  69 DROP INDEX IF EXISTS peer_configs_name;
  70 CREATE INDEX peer_configs_name ON peer_configs (
  71   name
  72 );
  73
  74 DROP TABLE IF EXISTS peer_config_child_config;
  75 CREATE TABLE peer_config_child_config (
  76   peer_cfg INTEGER NOT NULL,
  77   child_cfg INTEGER NOT NULL,
  78   PRIMARY KEY (peer_cfg, child_cfg)
  79 );
  80
  81 DROP TABLE IF EXISTS traffic_selectors;
  82 CREATE TABLE traffic_selectors (
  83   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
  84   type INTEGER NOT NULL DEFAULT '7',
  85   protocol INTEGER NOT NULL DEFAULT '0',
  86   start_addr BLOB DEFAULT NULL,
  87   end_addr BLOB DEFAULT NULL,
  88   start_port INTEGER NOT NULL DEFAULT '0',
  89   end_port INTEGER NOT NULL DEFAULT '65535'
  90 );
  91
  92 DROP TABLE IF EXISTS certificates;
  93 CREATE TABLE certificates (
  94   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
  95   type INTEGER NOT NULL,
  96   keytype INTEGER NOT NULL,
  97   data BLOB NOT NULL
  98 );
  99
 100 DROP TABLE IF EXISTS certificate_identity;
 101 CREATE TABLE certificate_identity (
 102   certificate INTEGER NOT NULL,
 103   identity INTEGER NOT NULL,
 104   PRIMARY KEY (certificate, identity)
 105 );
 106
 107 DROP TABLE IF EXISTS private_keys;
 108 CREATE TABLE private_keys (
 109   id INTEGER NOT NULL  PRIMARY KEY AUTOINCREMENT,
 110   type INTEGER NOT NULL,
 111   data BLOB NOT NULL
 112 );
 113
 114 DROP TABLE IF EXISTS private_key_identity;
 115 CREATE TABLE private_key_identity (
 116   private_key INTEGER NOT NULL,
 117   identity INTEGER NOT NULL,
 118   PRIMARY KEY (private_key, identity)
 119 );
 120
 121 DROP TABLE IF EXISTS shared_secrets;
 122 CREATE TABLE shared_secrets (
 123   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
 124   type INTEGER NOT NULL,
 125   data BLOB NOT NULL
 126 );
 127
 128 DROP TABLE IF EXISTS shared_secret_identity;
 129 CREATE TABLE shared_secret_identity (
 130   shared_secret INTEGER NOT NULL,
 131   identity INTEGER NOT NULL,
 132   PRIMARY KEY (shared_secret, identity)
 133 );
 134
 135 DROP TABLE IF EXISTS ike_sas;
 136 CREATE TABLE ike_sas (
 137   local_spi BLOB NOT NULL PRIMARY KEY,
 138   remote_spi BLOB NOT NULL,
 139   id INTEGER NOT NULL,
 140   initiator INTEGER NOT NULL,
 141   local_id_type INTEGER NOT NULL,
 142   local_id_data BLOB NOT NULL,
 143   remote_id_type INTEGER NOT NULL,
 144   remote_id_data BLOB NOT NULL,
 145   host_family INTEGER NOT NULL,
 146   local_host_data BLOB NOT NULL,
 147   remote_host_data BLOB NOT NULL,
 148   created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP
 149 );
 150
 151 DROP TABLE IF EXISTS logs;
 152 CREATE TABLE logs (
 153   id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
 154   local_spi BLOB NOT NULL,
 155   signal INTEGER NOT NULL,
 156   level INTEGER NOT NULL,
 157   msg TEXT NOT NULL,
 158   time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP
 159 );
 160
 161 /* Identities */
 162
 163 INSERT INTO identities (
 164   type, data
 165 ) VALUES ( /* fec0::1 */
 166   5 , X'fec00000000000000000000000000001'
 167  );
 168
 169 INSERT INTO identities (
 170   type, data
 171 ) VALUES ( /* fec0::20 */
 172   5 , X'fec00000000000000000000000000020'
 173  );
 174
 175 /* Shared Secrets */
 176
 177 INSERT INTO shared_secrets (
 178    type, data
 179 ) VALUES (
 180   1, X'8d5cce342174da772c8224a59885deaa118d'
 181 );
 182
 183 INSERT INTO shared_secret_identity (
 184   shared_secret, identity
 185 ) VALUES (
 186   1, 1
 187 );
 188
 189 INSERT INTO shared_secret_identity (
 190   shared_secret, identity
 191 ) VALUES (
 192   1, 2
 193 );
 194
 195 /* Configurations */
 196
 197 INSERT INTO ike_configs (
 198   local, remote
 199 ) VALUES (
 200   'PH_IP6_DAVE', 'PH_IP6_MOON'
 201 );
 202
 203 INSERT INTO peer_configs (
 204   name, ike_cfg, local_id, remote_id, auth_method
 205 ) VALUES (
 206   'home', 1, 2, 1, 2
 207 );
 208
 209 INSERT INTO child_configs (
 210   name, updown
 211 ) VALUES (
 212   'home', 'ipsec _updown iptables'
 213 );
 214
 215 INSERT INTO peer_config_child_config (
 216   peer_cfg, child_cfg
 217 ) VALUES (
 218   1, 1
 219 );
 220
 221 INSERT INTO traffic_selectors (
 222   type, start_addr, end_addr
 223 ) VALUES ( /* fec1::/16 */
 224    8, X'fec10000000000000000000000000000', X'fec1ffffffffffffffffffffffffffff'
 225 );
 226
 227 INSERT INTO traffic_selectors (
 228   type
 229 ) VALUES ( /* dynamic/128 */
 230   8
 231 );
 232
 233 INSERT INTO child_config_traffic_selector (
 234   child_cfg, traffic_selector, kind
 235 ) VALUES (
 236   1, 1, 1
 237 );
 238
 239 INSERT INTO child_config_traffic_selector (
 240         child_cfg, traffic_selector, kind
 241 ) VALUES (
 242   1, 2, 2
 243 );
 244