ee0746e836f1ebca200a65927fd71e60ee8c020d
[strongswan.git] / testing / tests / sql / rw-psk-rsa-split / hosts / carol / etc / ipsec.d / ipsec.sql
1 DROP TABLE IF EXISTS identities;
2 CREATE TABLE identities (
3 id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
4 type INTEGER NOT NULL,
5 data BLOB NOT NULL,
6 UNIQUE (type, data)
7 );
8
9 DROP TABLE IF EXISTS child_configs;
10 CREATE TABLE child_configs (
11 id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
12 name TEXT NOT NULL,
13 lifetime INTEGER NOT NULL DEFAULT '1200',
14 rekeytime INTEGER NOT NULL DEFAULT '1020',
15 jitter INTEGER NOT NULL DEFAULT '180',
16 updown TEXT DEFAULT NULL,
17 hostaccess INTEGER NOT NULL DEFAULT '0',
18 mode INTEGER NOT NULL DEFAULT '1',
19 dpd_action INTEGER NOT NULL DEFAULT '0',
20 close_action INTEGER NOT NULL DEFAULT '0'
21 );
22 DROP INDEX IF EXISTS child_configs_name;
23 CREATE INDEX child_configs_name ON child_configs (
24 name
25 );
26
27 DROP TABLE IF EXISTS child_config_traffic_selector;
28 CREATE TABLE child_config_traffic_selector (
29 child_cfg INTEGER NOT NULL,
30 traffic_selector INTEGER NOT NULL,
31 kind INTEGER NOT NULL
32 );
33 DROP INDEX IF EXISTS child_config_traffic_selector;
34 CREATE INDEX child_config_traffic_selector_all ON child_config_traffic_selector (
35 child_cfg, traffic_selector
36 );
37
38 DROP TABLE IF EXISTS ike_configs;
39 CREATE TABLE ike_configs (
40 id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
41 certreq INTEGER NOT NULL DEFAULT '1',
42 force_encap INTEGER NOT NULL DEFAULT '0',
43 local TEXT NOT NULL,
44 remote TEXT NOT NULL
45 );
46
47 DROP TABLE IF EXISTS peer_configs;
48 CREATE TABLE peer_configs (
49 id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
50 name TEXT NOT NULL,
51 ike_version INTEGER NOT NULL DEFAULT '2',
52 ike_cfg INTEGER NOT NULL,
53 local_id TEXT NOT NULL,
54 remote_id TEXT NOT NULL,
55 cert_policy INTEGER NOT NULL DEFAULT '1',
56 uniqueid INTEGER NOT NULL DEFAULT '0',
57 auth_method INTEGER NOT NULL DEFAULT '1',
58 eap_type INTEGER NOT NULL DEFAULT '0',
59 eap_vendor INTEGER NOT NULL DEFAULT '0',
60 keyingtries INTEGER NOT NULL DEFAULT '1',
61 rekeytime INTEGER NOT NULL DEFAULT '0',
62 reauthtime INTEGER NOT NULL DEFAULT '3600',
63 jitter INTEGER NOT NULL DEFAULT '180',
64 overtime INTEGER NOT NULL DEFAULT '300',
65 mobike INTEGER NOT NULL DEFAULT '1',
66 dpd_delay INTEGER NOT NULL DEFAULT '120',
67 virtual TEXT DEFAULT NULL,
68 pool TEXT DEFAULT NULL,
69 mediation INTEGER NOT NULL DEFAULT '0',
70 mediated_by INTEGER NOT NULL DEFAULT '0',
71 peer_id INTEGER NOT NULL DEFAULT '0'
72 );
73 DROP INDEX IF EXISTS peer_configs_name;
74 CREATE INDEX peer_configs_name ON peer_configs (
75 name
76 );
77
78 DROP TABLE IF EXISTS peer_config_child_config;
79 CREATE TABLE peer_config_child_config (
80 peer_cfg INTEGER NOT NULL,
81 child_cfg INTEGER NOT NULL,
82 PRIMARY KEY (peer_cfg, child_cfg)
83 );
84
85 DROP TABLE IF EXISTS traffic_selectors;
86 CREATE TABLE traffic_selectors (
87 id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
88 type INTEGER NOT NULL DEFAULT '7',
89 protocol INTEGER NOT NULL DEFAULT '0',
90 start_addr BLOB DEFAULT NULL,
91 end_addr BLOB DEFAULT NULL,
92 start_port INTEGER NOT NULL DEFAULT '0',
93 end_port INTEGER NOT NULL DEFAULT '65535'
94 );
95
96 DROP TABLE IF EXISTS certificates;
97 CREATE TABLE certificates (
98 id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
99 type INTEGER NOT NULL,
100 keytype INTEGER NOT NULL,
101 data BLOB NOT NULL
102 );
103
104 DROP TABLE IF EXISTS certificate_identity;
105 CREATE TABLE certificate_identity (
106 certificate INTEGER NOT NULL,
107 identity INTEGER NOT NULL,
108 PRIMARY KEY (certificate, identity)
109 );
110
111 DROP TABLE IF EXISTS private_keys;
112 CREATE TABLE private_keys (
113 id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
114 type INTEGER NOT NULL,
115 data BLOB NOT NULL
116 );
117
118 DROP TABLE IF EXISTS private_key_identity;
119 CREATE TABLE private_key_identity (
120 private_key INTEGER NOT NULL,
121 identity INTEGER NOT NULL,
122 PRIMARY KEY (private_key, identity)
123 );
124
125 DROP TABLE IF EXISTS shared_secrets;
126 CREATE TABLE shared_secrets (
127 id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
128 type INTEGER NOT NULL,
129 data BLOB NOT NULL
130 );
131
132 DROP TABLE IF EXISTS shared_secret_identity;
133 CREATE TABLE shared_secret_identity (
134 shared_secret INTEGER NOT NULL,
135 identity INTEGER NOT NULL,
136 PRIMARY KEY (shared_secret, identity)
137 );
138
139 DROP TABLE IF EXISTS ike_sas;
140 CREATE TABLE ike_sas (
141 local_spi BLOB NOT NULL PRIMARY KEY,
142 remote_spi BLOB NOT NULL,
143 id INTEGER NOT NULL,
144 initiator INTEGER NOT NULL,
145 local_id_type INTEGER NOT NULL,
146 local_id_data BLOB NOT NULL,
147 remote_id_type INTEGER NOT NULL,
148 remote_id_data BLOB NOT NULL,
149 host_family INTEGER NOT NULL,
150 local_host_data BLOB NOT NULL,
151 remote_host_data BLOB NOT NULL,
152 created INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP
153 );
154
155 DROP TABLE IF EXISTS logs;
156 CREATE TABLE logs (
157 id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT,
158 local_spi BLOB NOT NULL,
159 signal INTEGER NOT NULL,
160 level INTEGER NOT NULL,
161 msg TEXT NOT NULL,
162 time INTEGER NOT NULL DEFAULT CURRENT_TIMESTAMP
163 );
164
165 /* Identities */
166
167 INSERT INTO identities (
168 type, data
169 ) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
170 9, X'3045310B300906035504061302434831193017060355040A13104C696E7578207374726F6E675377616E311B3019060355040313127374726F6E675377616E20526F6F74204341'
171 );
172
173 INSERT INTO identities (
174 type, data
175 ) VALUES ( /* keyid of 'C=CH, O=Linux strongSwan, CN=strongSwan Root CA' */
176 202, X'ae096b87b44886d3b820978623dabd0eae22ebbc'
177 );
178
179 INSERT INTO identities (
180 type, data
181 ) VALUES ( /* carol@strongswan.org */
182 3, X'6361726f6c407374726f6e677377616e2e6f7267'
183 );
184
185 INSERT INTO identities (
186 type, data
187 ) VALUES ( /* moon.strongswan.org */
188 2, X'6d6f6f6e2e7374726f6e677377616e2e6f7267'
189 );
190
191 /* Certificates */
192
193 INSERT INTO certificates (
194 type, keytype, data
195 ) VALUES ( /* C=CH, O=Linux strongSwan, CN=strongSwan Root CA */
196 1, 1, X'308203b53082029da003020102020100300d06092a864886f70d01010405003045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341301e170d3034303931303131303134355a170d3134303930383131303134355a3045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100bff25f62ea3d566e58b3c87a49caf3ac61cfa96377734d842db3f8fd6ea023f7b0132e66265012317386729c6d7c427a8d9f167be138e8ebae2b12b95933baef36a315c3ddf224cee4bb9bd578135d0467382629621ff96b8d45f6e002e5083662dce181805c140b3f2ce93f83aee3c861cff610a39f0189cb3a3c7cb9bf7e2a09544e2170efaa18fdd4ff20fa94be176d7fecff821f68d17152041d9b46f0cfcfc1e4cf43de5d3f3a587763afe9267f53b11699b3264fc55c5189f5682871166cb98307950569641fa30ffb50de134fed2f973cef1a392827862bc4ddaa97bbb01442e293c41070d07224d4be47ae2753eb2bed4bc1da91c68ec780c4620f0f0203010001a381af3081ac300f0603551d130101ff040530030101ff300b0603551d0f040403020106301d0603551d0e041604145da7dd700651327ee7b66db3b5e5e060ea2e4def306d0603551d230466306480145da7dd700651327ee7b66db3b5e5e060ea2e4defa149a4473045310b300906035504061302434831193017060355040a13104c696e7578207374726f6e675377616e311b3019060355040313127374726f6e675377616e20526f6f74204341820100300d06092a864886f70d010104050003820101009ad74e3e60592dfb9b21c78628bd76b63090c1720c74bf94753cad6fddadc9c776eb39d3bfaa52136bf528840078386308fcf79503bd3d1ad6c15ac38e10c846bff7888a03cfe7fa0e644b522b2af5aedf0bbc508dc48330a180757772771095059b2be148f58dc0c753b59e9d6bfb02e9b685a928a284531b187313fd2b835bc9ea27d0020739a8d485e88bdede9a45cde6d28ed553b0e8e92dabf877bed59abf9d151f15e4f2d00b5e6e49fcb665293d2296697926c2954dae367542ef6e98053e76d2728732f6ce69f284f0b856aa6c2823a9ee29b280a66f50828f9b5cf27f84feca3c31c24897db156c7a833768ab306f51286457a51f09dd53bbb4190f'
197 );
198
199 INSERT INTO certificate_identity (
200 certificate, identity
201 ) VALUES (
202 1, 1
203 );
204
205 INSERT INTO certificate_identity (
206 certificate, identity
207 ) VALUES (
208 1, 2
209 );
210
211 /* Shared Secrets */
212
213 INSERT INTO shared_secrets (
214 type, data
215 ) VALUES (
216 1, X'16964066a10de938bdb2ab7864fe4459cab1'
217 );
218
219 INSERT INTO shared_secret_identity (
220 shared_secret, identity
221 ) VALUES (
222 1, 3
223 );
224
225 INSERT INTO shared_secret_identity (
226 shared_secret, identity
227 ) VALUES (
228 1, 4
229 );
230
231 /* Configurations */
232
233 INSERT INTO ike_configs (
234 local, remote
235 ) VALUES (
236 'PH_IP_CAROL', 'PH_IP_MOON'
237 );
238
239 INSERT INTO peer_configs (
240 name, ike_cfg, local_id, remote_id, auth_method
241 ) VALUES (
242 'home', 1, 3, 4, 2
243 );
244
245 INSERT INTO child_configs (
246 name, updown
247 ) VALUES (
248 'home', 'ipsec _updown iptables'
249 );
250
251 INSERT INTO peer_config_child_config (
252 peer_cfg, child_cfg
253 ) VALUES (
254 1, 1
255 );
256
257 INSERT INTO traffic_selectors (
258 type, start_addr, end_addr
259 ) VALUES ( /* 10.1.0.0/16 */
260 7, X'0a010000', X'0a01ffff'
261 );
262
263 INSERT INTO traffic_selectors (
264 type
265 ) VALUES ( /* dynamic/32 */
266 7
267 );
268
269 INSERT INTO child_config_traffic_selector (
270 child_cfg, traffic_selector, kind
271 ) VALUES (
272 1, 1, 1
273 );
274
275 INSERT INTO child_config_traffic_selector (
276 child_cfg, traffic_selector, kind
277 ) VALUES (
278 1, 2, 2
279 );
280