testing: Rename public keys in DNSSEC scenarios
authorTobias Brunner <tobias@strongswan.org>
Mon, 15 Apr 2019 16:20:20 +0000 (18:20 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 8 May 2019 12:56:48 +0000 (14:56 +0200)
We will generate PEM-encoded public keys with the script.

18 files changed:
testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der [deleted file]
testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.pem [new file with mode: 0644]
testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/ipsec.d/certs/sunPub.der [deleted file]
testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/ipsec.d/certs/sunPub.pem [new file with mode: 0644]
testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der [deleted file]
testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.pem [new file with mode: 0644]
testing/tests/swanctl/rw-dnssec/hosts/carol/etc/swanctl/pubkey/carolPub.der [deleted file]
testing/tests/swanctl/rw-dnssec/hosts/carol/etc/swanctl/pubkey/carolPub.pem [new file with mode: 0644]
testing/tests/swanctl/rw-dnssec/hosts/carol/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-dnssec/hosts/dave/etc/swanctl/pubkey/davePub.der [deleted file]
testing/tests/swanctl/rw-dnssec/hosts/dave/etc/swanctl/pubkey/davePub.pem [new file with mode: 0644]
testing/tests/swanctl/rw-dnssec/hosts/dave/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-dnssec/hosts/moon/etc/swanctl/pubkey/moonPub.der [deleted file]
testing/tests/swanctl/rw-dnssec/hosts/moon/etc/swanctl/pubkey/moonPub.pem [new file with mode: 0644]
testing/tests/swanctl/rw-dnssec/hosts/moon/etc/swanctl/swanctl.conf

index ea10eb0..a779943 100644 (file)
@@ -9,12 +9,12 @@ conn %default
        keyingtries=1
        keyexchange=ikev2
        mobike=no
-       
+
 conn net-net
        left=PH_IP_MOON
        leftid=moon.strongswan.org
        leftsubnet=10.1.0.0/16
-       leftsigkey=moonPub.der
+       leftsigkey=moonPub.pem
        leftauth=pubkey
        leftfirewall=yes
        right=sun.strongswan.org
diff --git a/testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der b/testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der
deleted file mode 100644 (file)
index 6724735..0000000
Binary files a/testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der and /dev/null differ
diff --git a/testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.pem b/testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.pem
new file mode 100644 (file)
index 0000000..6724735
Binary files /dev/null and b/testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.pem differ
index 9e31005..06704e6 100644 (file)
@@ -9,12 +9,12 @@ conn %default
        keyingtries=1
        keyexchange=ikev2
        mobike=no
-       
+
 conn net-net
        left=PH_IP_SUN
        leftid=sun.strongswan.org
        leftsubnet=10.2.0.0/16
-       leftsigkey=sunPub.der
+       leftsigkey=sunPub.pem
        leftauth=pubkey
        leftfirewall=yes
        right=moon.strongswan.org
diff --git a/testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/ipsec.d/certs/sunPub.der b/testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/ipsec.d/certs/sunPub.der
deleted file mode 100644 (file)
index 744c759..0000000
Binary files a/testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/ipsec.d/certs/sunPub.der and /dev/null differ
diff --git a/testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/ipsec.d/certs/sunPub.pem b/testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/ipsec.d/certs/sunPub.pem
new file mode 100644 (file)
index 0000000..744c759
Binary files /dev/null and b/testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/ipsec.d/certs/sunPub.pem differ
index 74ddc6e..3c5c64c 100644 (file)
@@ -2,19 +2,19 @@
 
 config setup
 
-conn %default 
+conn %default
        ikelifetime=60m
        keylife=20m
        rekeymargin=3m
        keyingtries=1
        keyexchange=ikev2
 
-conn rw 
+conn rw
        left=PH_IP_MOON
        leftsubnet=10.1.0.0/16
        leftid=moon.strongswan.org
        leftauth=pubkey
-       leftsigkey=moonPub.der
+       leftsigkey=moonPub.pem
        leftfirewall=yes
        right=%any
        rightauth=pubkey
diff --git a/testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der b/testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der
deleted file mode 100644 (file)
index 6724735..0000000
Binary files a/testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der and /dev/null differ
diff --git a/testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.pem b/testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.pem
new file mode 100644 (file)
index 0000000..6724735
Binary files /dev/null and b/testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.pem differ
diff --git a/testing/tests/swanctl/rw-dnssec/hosts/carol/etc/swanctl/pubkey/carolPub.der b/testing/tests/swanctl/rw-dnssec/hosts/carol/etc/swanctl/pubkey/carolPub.der
deleted file mode 100644 (file)
index 0c1140d..0000000
Binary files a/testing/tests/swanctl/rw-dnssec/hosts/carol/etc/swanctl/pubkey/carolPub.der and /dev/null differ
diff --git a/testing/tests/swanctl/rw-dnssec/hosts/carol/etc/swanctl/pubkey/carolPub.pem b/testing/tests/swanctl/rw-dnssec/hosts/carol/etc/swanctl/pubkey/carolPub.pem
new file mode 100644 (file)
index 0000000..0c1140d
Binary files /dev/null and b/testing/tests/swanctl/rw-dnssec/hosts/carol/etc/swanctl/pubkey/carolPub.pem differ
index edb9710..abcea5c 100755 (executable)
@@ -2,13 +2,13 @@ connections {
 
    home {
       local_addrs  = 192.168.0.100
-      remote_addrs = 192.168.0.1 
+      remote_addrs = 192.168.0.1
       vips = 0.0.0.0
 
       local {
          auth = pubkey
          id = carol.strongswan.org
-         pubkeys = carolPub.der
+         pubkeys = carolPub.pem
       }
       remote {
          auth = pubkey
@@ -16,7 +16,7 @@ connections {
       }
       children {
          home {
-            remote_ts = 10.1.0.0/16 
+            remote_ts = 10.1.0.0/16
 
             updown = /usr/local/libexec/ipsec/_updown iptables
             esp_proposals = aes128gcm128-x25519
diff --git a/testing/tests/swanctl/rw-dnssec/hosts/dave/etc/swanctl/pubkey/davePub.der b/testing/tests/swanctl/rw-dnssec/hosts/dave/etc/swanctl/pubkey/davePub.der
deleted file mode 100644 (file)
index fc36c65..0000000
Binary files a/testing/tests/swanctl/rw-dnssec/hosts/dave/etc/swanctl/pubkey/davePub.der and /dev/null differ
diff --git a/testing/tests/swanctl/rw-dnssec/hosts/dave/etc/swanctl/pubkey/davePub.pem b/testing/tests/swanctl/rw-dnssec/hosts/dave/etc/swanctl/pubkey/davePub.pem
new file mode 100644 (file)
index 0000000..fc36c65
Binary files /dev/null and b/testing/tests/swanctl/rw-dnssec/hosts/dave/etc/swanctl/pubkey/davePub.pem differ
index b894dc7..fe711c1 100755 (executable)
@@ -2,13 +2,13 @@ connections {
 
    home {
       local_addrs  = 192.168.0.200
-      remote_addrs = 192.168.0.1 
+      remote_addrs = 192.168.0.1
       vips = 0.0.0.0
 
       local {
          auth = pubkey
          id = dave.strongswan.org
-         pubkeys = davePub.der
+         pubkeys = davePub.pem
       }
       remote {
          auth = pubkey
@@ -16,7 +16,7 @@ connections {
       }
       children {
          home {
-            remote_ts = 10.1.0.0/16 
+            remote_ts = 10.1.0.0/16
 
             updown = /usr/local/libexec/ipsec/_updown iptables
             esp_proposals = aes128gcm128-x25519
diff --git a/testing/tests/swanctl/rw-dnssec/hosts/moon/etc/swanctl/pubkey/moonPub.der b/testing/tests/swanctl/rw-dnssec/hosts/moon/etc/swanctl/pubkey/moonPub.der
deleted file mode 100644 (file)
index 6724735..0000000
Binary files a/testing/tests/swanctl/rw-dnssec/hosts/moon/etc/swanctl/pubkey/moonPub.der and /dev/null differ
diff --git a/testing/tests/swanctl/rw-dnssec/hosts/moon/etc/swanctl/pubkey/moonPub.pem b/testing/tests/swanctl/rw-dnssec/hosts/moon/etc/swanctl/pubkey/moonPub.pem
new file mode 100644 (file)
index 0000000..6724735
Binary files /dev/null and b/testing/tests/swanctl/rw-dnssec/hosts/moon/etc/swanctl/pubkey/moonPub.pem differ
index 6b1a2c2..73aabd8 100755 (executable)
@@ -7,14 +7,14 @@ connections {
       local {
          auth = pubkey
          id = moon.strongswan.org
-         pubkeys = moonPub.der
+         pubkeys = moonPub.pem
       }
       remote {
          auth = pubkey
       }
       children {
          net {
-            local_ts  = 10.1.0.0/16 
+            local_ts  = 10.1.0.0/16
 
             updown = /usr/local/libexec/ipsec/_updown iptables
             esp_proposals = aes128gcm128-x25519