Merge branch 'build-certs'
authorTobias Brunner <tobias@strongswan.org>
Wed, 8 May 2019 12:57:03 +0000 (14:57 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 8 May 2019 12:57:03 +0000 (14:57 +0200)
Adds a script to generate the keys and certificates used for regression
tests dynamically.  They are built with the pki version installed in the
root image so it's not necessary to have an up-to-date version with all
required plugins installed on the host system.

957 files changed:
src/libstrongswan/credentials/builder.c
src/libstrongswan/credentials/builder.h
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/plugins/x509/x509_crl.c
src/pki/commands/issue.c
src/pki/commands/keyid.c
src/pki/commands/self.c
src/pki/commands/signcrl.c
src/pki/man/pki---issue.1.in
src/pki/man/pki---keyid.1.in
src/pki/man/pki---self.1.in
src/pki/man/pki---signcrl.1.in
src/pki/pki.c
testing/Makefile.am
testing/config/kernel/config-5.1 [new file with mode: 0644]
testing/hosts/.gitignore [new file with mode: 0644]
testing/hosts/alice/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/hosts/alice/etc/ipsec.d/certs/aliceCert.pem [deleted file]
testing/hosts/alice/etc/ipsec.d/private/aliceKey.pem [deleted file]
testing/hosts/alice/etc/raddb/certs/aaaCert.pem [deleted file]
testing/hosts/alice/etc/raddb/certs/aaaKey.pem [deleted file]
testing/hosts/alice/etc/raddb/certs/strongswanCert.pem [deleted file]
testing/hosts/alice/etc/swanctl/rsa/aliceKey.pem [deleted file]
testing/hosts/alice/etc/swanctl/x509/aliceCert.pem [deleted file]
testing/hosts/alice/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/hosts/bob/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/hosts/bob/etc/ipsec.d/certs/bobCert.pem [deleted file]
testing/hosts/bob/etc/ipsec.d/private/bobKey.pem [deleted file]
testing/hosts/bob/etc/swanctl/rsa/bobKey.pem [deleted file]
testing/hosts/bob/etc/swanctl/x509/bobCert.pem [deleted file]
testing/hosts/bob/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/hosts/dave/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/hosts/dave/etc/ipsec.d/certs/daveCert.pem [deleted file]
testing/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/hosts/dave/etc/swanctl/rsa/daveKey.pem [deleted file]
testing/hosts/dave/etc/swanctl/x509/daveCert.pem [deleted file]
testing/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/hosts/moon/etc/ipsec.d/certs/moonCert.pem [deleted file]
testing/hosts/moon/etc/ipsec.d/private/moonKey.pem [deleted file]
testing/hosts/moon/etc/swanctl/rsa/moonKey.pem [deleted file]
testing/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/hosts/sun/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/hosts/sun/etc/ipsec.d/certs/sunCert.pem [deleted file]
testing/hosts/sun/etc/ipsec.d/private/sunKey.pem [deleted file]
testing/hosts/sun/etc/swanctl/rsa/sunKey.pem [deleted file]
testing/hosts/sun/etc/swanctl/x509/sunCert.pem [deleted file]
testing/hosts/sun/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/hosts/venus/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/hosts/venus/etc/ipsec.d/certs/venusCert.pem [deleted file]
testing/hosts/venus/etc/ipsec.d/private/venusKey.pem [deleted file]
testing/hosts/venus/etc/swanctl/rsa/venusKey.pem [deleted file]
testing/hosts/venus/etc/swanctl/x509/venusCert.pem [deleted file]
testing/hosts/venus/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/hosts/winnetou/etc/apache2/sites-enabled/001-ocsp_vhost.conf
testing/hosts/winnetou/etc/bind/db.strongswan.org
testing/hosts/winnetou/etc/ca/.gitignore [new file with mode: 0644]
testing/hosts/winnetou/etc/ca/generate-crl [new file with mode: 0755]
testing/hosts/winnetou/etc/ca/index.html [new file with mode: 0644]
testing/hosts/winnetou/etc/ca/index.txt.template [new file with mode: 0644]
testing/hosts/winnetou/etc/ca/ocsp/ocsp.cgi [new file with mode: 0755]
testing/hosts/winnetou/etc/ca/research/index.txt.template [new file with mode: 0644]
testing/hosts/winnetou/etc/ca/research/ocsp/ocsp.cgi [new file with mode: 0755]
testing/hosts/winnetou/etc/ca/sales/index.txt.template [new file with mode: 0644]
testing/hosts/winnetou/etc/ca/sales/ocsp/ocsp.cgi [new file with mode: 0755]
testing/hosts/winnetou/etc/ldap/ldif.txt
testing/hosts/winnetou/etc/ldap/slapd.conf
testing/hosts/winnetou/etc/openssl/bliss/strongswan_blissCert.der [deleted file]
testing/hosts/winnetou/etc/openssl/bliss/strongswan_blissKey.der [deleted file]
testing/hosts/winnetou/etc/openssl/certs/07de9420646e493941432a451e7c14fd28fb9307 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/16bf9080ac60d035d7a75ca7f634ed4427f00c0f [deleted file]
testing/hosts/winnetou/etc/openssl/certs/174b20a63b8469706e6695e185ac8cc90bb9e69f [deleted file]
testing/hosts/winnetou/etc/openssl/certs/24d9077c072f5a22ad0c6f65f9f20ebda2afa491 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/3b389ed7670f8698f37e8a90b4f99389d3c8e3c0 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/53c790f4502ef25e04d6924ac63e65ec224495db [deleted file]
testing/hosts/winnetou/etc/openssl/certs/548acbf0651d74df8175e709d52e24d9fcf1a1e5 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/55b8d682bccbba72d48faa4e31b885c589d94e35 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/57b8d46c89658ec3a53e7aec7fd99aa42636d8a8 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/5bd93cb213b4b31885da0a0efc2a79f4a7070708 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/65b352233dc5cf96ecd69271587e47eea59446f1 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/679aaf150f9eef2897cf419485667387a8b8579a [deleted file]
testing/hosts/winnetou/etc/openssl/certs/694f095095ab926875841456736263fe40696930 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/878cbc01427f1c1f5335b68604256705e85bfcd1 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/8c16a693aa59f4f4ed7eec7fd8a4ba7799e3c531 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/9319a45e2618f95fa64c539edb6bb6ef5e19a27e [deleted file]
testing/hosts/winnetou/etc/openssl/certs/982d8252943f432acfacb002a0e576442402ba50 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/cb516460e6f70eb2601effee6b7b6c7884c23fdb [deleted file]
testing/hosts/winnetou/etc/openssl/certs/e079576c2006eb01569cb79c6e39dbb488050a86 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/e1fc65a76e366f513effaba487ac6cf2c144b7a7 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/research/0855c55d208f71747b88da0fabcce348be495ac0 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/research/29d8bec44f188d61072bad52bfaf6f8553342f15 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/research/91b2e4f8a1612a34c646fb8320aaf374cc78ab7b [deleted file]
testing/hosts/winnetou/etc/openssl/certs/research/fc384911d10e35814a20c92642873925eada85c3 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/rfc3779/35ef6b73537e090d3b09359bfee642eafa6192eb [deleted file]
testing/hosts/winnetou/etc/openssl/certs/rfc3779/6645da3911d7f86e5410b698e2a441f1e2e4491a [deleted file]
testing/hosts/winnetou/etc/openssl/certs/rfc3779/e2d52f0f42f61f786f1c570a4acc8fa8d72a329f [deleted file]
testing/hosts/winnetou/etc/openssl/certs/rfc3779/f22389d26d00a7ddb5ff61f3b2e66022b18b2e3d [deleted file]
testing/hosts/winnetou/etc/openssl/certs/sales/3f24becda29cf44f0e4e89f894b925ab7e7a0aac [deleted file]
testing/hosts/winnetou/etc/openssl/certs/sales/937fb1c8fa8bb3b169c63c8f77562592e44cfb32 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/sales/a4317f76f97afb3b6308c4b3496eb09d9efeed00 [deleted file]
testing/hosts/winnetou/etc/openssl/certs/sales/fcc1991dae2d8444c841c386e1921c59882afcf2 [deleted file]
testing/hosts/winnetou/etc/openssl/crlnumber [deleted file]
testing/hosts/winnetou/etc/openssl/crlnumber.old [deleted file]
testing/hosts/winnetou/etc/openssl/duck/.rand [deleted file]
testing/hosts/winnetou/etc/openssl/duck/crlnumber [deleted file]
testing/hosts/winnetou/etc/openssl/duck/duckCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/duck/duckKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/duck/duckReq.pem [deleted file]
testing/hosts/winnetou/etc/openssl/duck/index.txt [deleted file]
testing/hosts/winnetou/etc/openssl/duck/index.txt.attr [deleted file]
testing/hosts/winnetou/etc/openssl/duck/index.txt.old [deleted file]
testing/hosts/winnetou/etc/openssl/duck/newcerts/01.pem [deleted file]
testing/hosts/winnetou/etc/openssl/duck/openssl.cnf [deleted file]
testing/hosts/winnetou/etc/openssl/duck/serial [deleted file]
testing/hosts/winnetou/etc/openssl/duck/serial.old [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/.rand [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber.old [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/index.txt [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr.old [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.old [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/01.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/02.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/03.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/04.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/05.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/06.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/08.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/09.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0A.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0B.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0C.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0D.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0E.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/0F.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/10.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/11.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/12.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/13.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/newcerts/14.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/openssl.cnf [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/serial [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/serial.old [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ecdsa/strongswan_ecKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/newcerts/carolCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/newcerts/carolPolicyCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/newcerts/daveCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/newcerts/moonCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/newcerts/sunCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/newkeys/carolKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/newkeys/daveKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/newkeys/moonKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/newkeys/sunKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/strongswan_ed25519.crl [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/strongswan_ed25519Cert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/strongswan_ed25519Key.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ed25519/strongswan_ed25519PolicyCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/generate-crl [deleted file]
testing/hosts/winnetou/etc/openssl/generate-hash-and-url [deleted file]
testing/hosts/winnetou/etc/openssl/index.html [deleted file]
testing/hosts/winnetou/etc/openssl/index.txt [deleted file]
testing/hosts/winnetou/etc/openssl/index.txt.attr [deleted file]
testing/hosts/winnetou/etc/openssl/index.txt.attr.old [deleted file]
testing/hosts/winnetou/etc/openssl/index.txt.old [deleted file]
testing/hosts/winnetou/etc/openssl/monster/crlnumber [deleted file]
testing/hosts/winnetou/etc/openssl/monster/index.txt [deleted file]
testing/hosts/winnetou/etc/openssl/monster/index.txt.attr [deleted file]
testing/hosts/winnetou/etc/openssl/monster/index.txt.attr.old [deleted file]
testing/hosts/winnetou/etc/openssl/monster/index.txt.old [deleted file]
testing/hosts/winnetou/etc/openssl/monster/newcerts/01.pem [deleted file]
testing/hosts/winnetou/etc/openssl/monster/newcerts/02.pem [deleted file]
testing/hosts/winnetou/etc/openssl/monster/openssl.cnf [deleted file]
testing/hosts/winnetou/etc/openssl/monster/serial [deleted file]
testing/hosts/winnetou/etc/openssl/monster/serial.old [deleted file]
testing/hosts/winnetou/etc/openssl/monster/strongswanCert-monster.pem [deleted file]
testing/hosts/winnetou/etc/openssl/monster/strongswanKey-monster.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/01.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/02.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/03.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/04.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/05.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/06.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/07.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/08.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/09.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/0A.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/0B.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/0C.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/0D.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/0E.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/0F.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/10.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/11.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/12.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/13.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/14.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/15.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/16.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/17.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/18.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/19.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/1A.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/1B.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/1C.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/1D.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/1E.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/1F.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/20.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/21.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/22.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/23.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/24.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/25.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/26.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/27.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/28.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/29.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/2A.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/2B.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/2D.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/2E.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/2F.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/30.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/31.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/32.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/33.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/34.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/35.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/36.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/37.pem [deleted file]
testing/hosts/winnetou/etc/openssl/newcerts/38.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi [deleted file]
testing/hosts/winnetou/etc/openssl/ocspCert-self.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ocspCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ocspKey-self.pem [deleted file]
testing/hosts/winnetou/etc/openssl/ocspKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/openssl.cnf [deleted file]
testing/hosts/winnetou/etc/openssl/research/.rand [deleted file]
testing/hosts/winnetou/etc/openssl/research/crlnumber [deleted file]
testing/hosts/winnetou/etc/openssl/research/crlnumber.old [deleted file]
testing/hosts/winnetou/etc/openssl/research/index.txt [deleted file]
testing/hosts/winnetou/etc/openssl/research/index.txt.attr [deleted file]
testing/hosts/winnetou/etc/openssl/research/index.txt.attr.old [deleted file]
testing/hosts/winnetou/etc/openssl/research/index.txt.old [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/01.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/02.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/03.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/04.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/05.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/06.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/07.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/08.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/09.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/0A.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/0B.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/newcerts/0C.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/ocsp/ocsp.cgi [deleted file]
testing/hosts/winnetou/etc/openssl/research/ocspCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/ocspKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/openssl.cnf [deleted file]
testing/hosts/winnetou/etc/openssl/research/researchCert.der [deleted file]
testing/hosts/winnetou/etc/openssl/research/researchCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/researchKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/research/serial [deleted file]
testing/hosts/winnetou/etc/openssl/research/serial.old [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/.rand [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/crl.pem [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber.old [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/index.txt [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr.old [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.old [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/01.pem [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/02.pem [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/03.pem [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/04.pem [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/05.pem [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/06.pem [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/07.pem [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/newcerts/08.pem [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/openssl.cnf [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/serial [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/serial.old [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/strongswanCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/rfc3779/strongswanKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/.rand [deleted file]
testing/hosts/winnetou/etc/openssl/sales/crlnumber [deleted file]
testing/hosts/winnetou/etc/openssl/sales/crlnumber.old [deleted file]
testing/hosts/winnetou/etc/openssl/sales/index.txt [deleted file]
testing/hosts/winnetou/etc/openssl/sales/index.txt.attr [deleted file]
testing/hosts/winnetou/etc/openssl/sales/index.txt.attr.old [deleted file]
testing/hosts/winnetou/etc/openssl/sales/index.txt.old [deleted file]
testing/hosts/winnetou/etc/openssl/sales/newcerts/01.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/newcerts/02.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/newcerts/03.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/newcerts/04.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/newcerts/05.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/newcerts/06.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/newcerts/07.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/newcerts/08.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/newcerts/09.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/newcerts/0A.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/ocsp/ocsp.cgi [deleted file]
testing/hosts/winnetou/etc/openssl/sales/ocspCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/ocspKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/openssl.cnf [deleted file]
testing/hosts/winnetou/etc/openssl/sales/salesCert.der [deleted file]
testing/hosts/winnetou/etc/openssl/sales/salesCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/salesKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sales/serial [deleted file]
testing/hosts/winnetou/etc/openssl/sales/serial.old [deleted file]
testing/hosts/winnetou/etc/openssl/serial [deleted file]
testing/hosts/winnetou/etc/openssl/serial.old [deleted file]
testing/hosts/winnetou/etc/openssl/sha3-rsa/carolCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sha3-rsa/carolKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sha3-rsa/daveCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sha3-rsa/daveKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sha3-rsa/moonCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sha3-rsa/moonKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sha3-rsa/strongswanCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sha3-rsa/strongswanKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sha3-rsa/sunCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/sha3-rsa/sunKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/strongswanCert.der [deleted file]
testing/hosts/winnetou/etc/openssl/strongswanCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/strongswanKey.pem [deleted file]
testing/hosts/winnetou/etc/openssl/winnetouCert.pem [deleted file]
testing/hosts/winnetou/etc/openssl/winnetouKey.pem [deleted file]
testing/hosts/winnetou/etc/strongswan.conf
testing/scripts/build-certs [new file with mode: 0755]
testing/scripts/build-certs-chroot [new file with mode: 0755]
testing/scripts/build-guestimages
testing/scripts/build-strongswan
testing/testing.conf
testing/tests/botan/.gitignore [new file with mode: 0644]
testing/tests/botan/net2net-ed25519/hosts/moon/etc/swanctl/pkcs8/moonKey.pem [deleted file]
testing/tests/botan/net2net-ed25519/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/botan/net2net-ed25519/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/botan/net2net-ed25519/hosts/sun/etc/swanctl/pkcs8/sunKey.pem [deleted file]
testing/tests/botan/net2net-ed25519/hosts/sun/etc/swanctl/x509/sunCert.pem [deleted file]
testing/tests/botan/net2net-ed25519/hosts/sun/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/botan/net2net-pkcs12/hosts/moon/etc/swanctl/pkcs12/moonCert.p12 [deleted file]
testing/tests/botan/net2net-pkcs12/hosts/sun/etc/swanctl/pkcs12/sunCert.p12 [deleted file]
testing/tests/botan/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/rsa/moonKey.pem [deleted file]
testing/tests/botan/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/botan/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/botan/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/rsa/sunKey.pem [deleted file]
testing/tests/botan/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509/sunCert.pem [deleted file]
testing/tests/botan/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/botan/rw-cert/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/botan/rw-ecp256/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/botan/rw-modp3072/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/ha/.gitignore [new file with mode: 0644]
testing/tests/ha/active-passive/hosts/alice/etc/ipsec.d/certs/marsCert.pem [deleted file]
testing/tests/ha/active-passive/hosts/alice/etc/ipsec.d/private/marsKey.pem [deleted file]
testing/tests/ha/active-passive/hosts/moon/etc/ipsec.d/certs/marsCert.pem [deleted file]
testing/tests/ha/active-passive/hosts/moon/etc/ipsec.d/private/marsKey.pem [deleted file]
testing/tests/ha/both-active/hosts/alice/etc/ipsec.d/certs/marsCert.pem [deleted file]
testing/tests/ha/both-active/hosts/alice/etc/ipsec.d/private/marsKey.pem [deleted file]
testing/tests/ha/both-active/hosts/moon/etc/ipsec.d/certs/marsCert.pem [deleted file]
testing/tests/ha/both-active/hosts/moon/etc/ipsec.d/private/marsKey.pem [deleted file]
testing/tests/ikev1/.gitignore [new file with mode: 0644]
testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev1/dynamic-responder/hosts/dave/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev1/dynamic-responder/hosts/dave/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-init/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/multi-level-ca-cr-init/hosts/carol/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-init/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-init/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-init/hosts/dave/etc/ipsec.conf
testing/tests/ikev1/multi-level-ca-cr-init/hosts/dave/etc/ipsec.d/cacerts/salesCert.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-init/hosts/dave/etc/ipsec.d/certs/daveCert.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-init/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-init/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/multi-level-ca-cr-resp/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/multi-level-ca-cr-resp/hosts/carol/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-resp/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-resp/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-resp/hosts/dave/etc/ipsec.conf
testing/tests/ikev1/multi-level-ca-cr-resp/hosts/dave/etc/ipsec.d/cacerts/salesCert.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-resp/hosts/dave/etc/ipsec.d/certs/daveCert.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-resp/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/tests/ikev1/multi-level-ca-cr-resp/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/multi-level-ca/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/multi-level-ca/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev1/multi-level-ca/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev1/multi-level-ca/hosts/dave/etc/ipsec.conf
testing/tests/ikev1/multi-level-ca/hosts/dave/etc/ipsec.d/certs/daveCert.pem [deleted file]
testing/tests/ikev1/multi-level-ca/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/tests/ikev1/multi-level-ca/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/multi-level-ca/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev1/multi-level-ca/hosts/moon/etc/ipsec.d/cacerts/salesCert.pem [deleted file]
testing/tests/ikev2/.gitignore [new file with mode: 0644]
testing/tests/ikev2/acert-cached/hosts/moon/etc/ipsec.d/aacerts/aa.pem [deleted file]
testing/tests/ikev2/acert-cached/hosts/moon/etc/ipsec.d/acerts/carol-sales-finance.pem [deleted file]
testing/tests/ikev2/acert-cached/hosts/moon/etc/ipsec.d/acerts/dave-marketing.pem [deleted file]
testing/tests/ikev2/acert-cached/hosts/moon/etc/ipsec.d/acerts/dave-sales-expired.pem [deleted file]
testing/tests/ikev2/acert-cached/hosts/moon/etc/ipsec.d/private/aa.pem [deleted file]
testing/tests/ikev2/acert-cached/posttest.dat
testing/tests/ikev2/acert-cached/reissue.txt [deleted file]
testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-finance-expired.pem [deleted file]
testing/tests/ikev2/acert-fallback/hosts/carol/etc/ipsec.d/acerts/carol-sales.pem [deleted file]
testing/tests/ikev2/acert-fallback/hosts/moon/etc/ipsec.d/aacerts/aa.pem [deleted file]
testing/tests/ikev2/acert-fallback/hosts/moon/etc/ipsec.d/private/aa.pem [deleted file]
testing/tests/ikev2/acert-fallback/posttest.dat
testing/tests/ikev2/acert-fallback/reissue.txt [deleted file]
testing/tests/ikev2/acert-inline/evaltest.dat
testing/tests/ikev2/acert-inline/hosts/carol/etc/ipsec.d/acerts/carol-sales.pem [deleted file]
testing/tests/ikev2/acert-inline/hosts/dave/etc/ipsec.d/acerts/dave-expired-aa.pem [deleted file]
testing/tests/ikev2/acert-inline/hosts/dave/etc/ipsec.d/acerts/dave-marketing.pem [deleted file]
testing/tests/ikev2/acert-inline/hosts/moon/etc/ipsec.d/aacerts/aa-expired.pem [deleted file]
testing/tests/ikev2/acert-inline/hosts/moon/etc/ipsec.d/aacerts/aa.pem [deleted file]
testing/tests/ikev2/acert-inline/hosts/moon/etc/ipsec.d/private/aa-expired.pem [deleted file]
testing/tests/ikev2/acert-inline/hosts/moon/etc/ipsec.d/private/aa.pem [deleted file]
testing/tests/ikev2/acert-inline/posttest.dat
testing/tests/ikev2/acert-inline/reissue.txt [deleted file]
testing/tests/ikev2/after-2038-certs/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/tests/ikev2/after-2038-certs/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/after-2038-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/after-2038-certs/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/tests/ikev2/after-2038-certs/hosts/moon/etc/ipsec.d/certs/moonCert.pem [deleted file]
testing/tests/ikev2/after-2038-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem [deleted file]
testing/tests/ikev2/any-interface/hosts/bob/etc/ipsec.conf
testing/tests/ikev2/any-interface/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/critical-extension/evaltest.dat
testing/tests/ikev2/critical-extension/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/critical-extension/hosts/moon/etc/ipsec.d/certs/moonCert.der [deleted file]
testing/tests/ikev2/critical-extension/hosts/moon/etc/ipsec.d/private/moonKey.pem [deleted file]
testing/tests/ikev2/critical-extension/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/critical-extension/hosts/sun/etc/ipsec.d/certs/sunCert.der [deleted file]
testing/tests/ikev2/critical-extension/hosts/sun/etc/ipsec.d/private/sunKey.pem [deleted file]
testing/tests/ikev2/crl-ldap/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/crl-ldap/hosts/carol/etc/ipsec.d/crls/5da7dd700651327ee7b66db3b5e5e060ea2e4def.crl [deleted file]
testing/tests/ikev2/crl-ldap/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/crl-ldap/hosts/moon/etc/ipsec.d/crls/5da7dd700651327ee7b66db3b5e5e060ea2e4def.crl [deleted file]
testing/tests/ikev2/crl-revoked/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/crl-revoked/hosts/carol/etc/ipsec.d/certs/carolRevokedCert.pem [deleted file]
testing/tests/ikev2/crl-revoked/hosts/carol/etc/ipsec.d/private/carolRevokedKey.pem [deleted file]
testing/tests/ikev2/crl-revoked/hosts/carol/etc/ipsec.secrets
testing/tests/ikev2/crl-revoked/posttest.dat
testing/tests/ikev2/crl-to-cache/evaltest.dat
testing/tests/ikev2/dynamic-initiator/hosts/dave/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/dynamic-initiator/hosts/dave/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-init/hosts/carol/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-init/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-init/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-init/hosts/dave/etc/ipsec.d/cacerts/salesCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-init/hosts/dave/etc/ipsec.d/certs/daveCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-init/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-resp/hosts/carol/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-resp/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-resp/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-resp/hosts/dave/etc/ipsec.d/cacerts/salesCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-resp/hosts/dave/etc/ipsec.d/certs/daveCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-cr-resp/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-ldap/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/multi-level-ca-ldap/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-ldap/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-ldap/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/multi-level-ca-ldap/hosts/dave/etc/ipsec.d/certs/daveCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-ldap/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-ldap/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/multi-level-ca-ldap/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-ldap/hosts/moon/etc/ipsec.d/cacerts/salesCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-loop/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-loop/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-loop/hosts/moon/etc/ipsec.d/cacerts/research_by_salesCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-loop/hosts/moon/etc/ipsec.d/cacerts/sales_by_researchCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-pathlen/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-pathlen/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-pathlen/hosts/moon/etc/ipsec.d/cacerts/duckCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-pathlen/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-revoked/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/multi-level-ca-revoked/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-revoked/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-revoked/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/multi-level-ca-revoked/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-skipped/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/multi-level-ca-skipped/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-strict/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/multi-level-ca-strict/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-strict/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-strict/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/multi-level-ca-strict/hosts/dave/etc/ipsec.d/certs/daveCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-strict/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca-strict/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/multi-level-ca-strict/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca-strict/hosts/moon/etc/ipsec.d/cacerts/salesCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca/hosts/dave/etc/ipsec.d/certs/daveCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/tests/ikev2/multi-level-ca/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/multi-level-ca/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev2/multi-level-ca/hosts/moon/etc/ipsec.d/cacerts/salesCert.pem [deleted file]
testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der [deleted file]
testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/ipsec.d/certs/sunPub.der [deleted file]
testing/tests/ikev2/net2net-ed25519/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/tests/ikev2/net2net-ed25519/hosts/moon/etc/ipsec.d/certs/moonCert.pem [deleted file]
testing/tests/ikev2/net2net-ed25519/hosts/moon/etc/ipsec.d/private/moonKey.pem [deleted file]
testing/tests/ikev2/net2net-ed25519/hosts/sun/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/tests/ikev2/net2net-ed25519/hosts/sun/etc/ipsec.d/certs/sunCert.pem [deleted file]
testing/tests/ikev2/net2net-ed25519/hosts/sun/etc/ipsec.d/private/sunKey.pem [deleted file]
testing/tests/ikev2/net2net-fragmentation/hosts/moon/etc/strongswan.conf
testing/tests/ikev2/net2net-fragmentation/hosts/sun/etc/strongswan.conf
testing/tests/ikev2/net2net-pkcs12/hosts/moon/etc/ipsec.d/private/moonCert.p12 [deleted file]
testing/tests/ikev2/net2net-pkcs12/hosts/sun/etc/ipsec.d/private/sunCert.p12 [deleted file]
testing/tests/ikev2/net2net-pubkey/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/net2net-pubkey/hosts/moon/etc/ipsec.d/certs/moonPub.der [deleted file]
testing/tests/ikev2/net2net-pubkey/hosts/moon/etc/ipsec.d/certs/sunPub.der [deleted file]
testing/tests/ikev2/net2net-pubkey/hosts/moon/etc/ipsec.d/private/moonKey.der [deleted file]
testing/tests/ikev2/net2net-pubkey/hosts/moon/etc/ipsec.secrets [deleted file]
testing/tests/ikev2/net2net-pubkey/hosts/sun/etc/ipsec.conf
testing/tests/ikev2/net2net-pubkey/hosts/sun/etc/ipsec.d/certs/moonPub.der [deleted file]
testing/tests/ikev2/net2net-pubkey/hosts/sun/etc/ipsec.d/certs/sunPub.der [deleted file]
testing/tests/ikev2/net2net-pubkey/hosts/sun/etc/ipsec.d/private/sunKey.der [deleted file]
testing/tests/ikev2/net2net-pubkey/hosts/sun/etc/ipsec.secrets [deleted file]
testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/ipsec.d/certs/moonCert.pem [deleted file]
testing/tests/ikev2/net2net-rfc3779/hosts/moon/etc/ipsec.d/private/moonKey.pem [deleted file]
testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/ipsec.d/cacerts/strongswanCert.pem [deleted file]
testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/ipsec.d/certs/sunCert.pem [deleted file]
testing/tests/ikev2/net2net-rfc3779/hosts/sun/etc/ipsec.d/private/sunKey.pem [deleted file]
testing/tests/ikev2/net2net-rsa/.gitignore [new file with mode: 0644]
testing/tests/ikev2/net2net-rsa/hosts/moon/etc/ipsec.conf [deleted file]
testing/tests/ikev2/net2net-rsa/hosts/moon/etc/ipsec.conf.in [new file with mode: 0644]
testing/tests/ikev2/net2net-rsa/hosts/moon/etc/ipsec.d/private/moonKey.der [deleted file]
testing/tests/ikev2/net2net-rsa/hosts/sun/etc/ipsec.conf [deleted file]
testing/tests/ikev2/net2net-rsa/hosts/sun/etc/ipsec.conf.in [new file with mode: 0644]
testing/tests/ikev2/net2net-rsa/hosts/sun/etc/ipsec.d/private/sunKey.der [deleted file]
testing/tests/ikev2/ocsp-local-cert/hosts/carol/etc/ipsec.d/ocspcerts/ocspCert-self.pem [deleted file]
testing/tests/ikev2/ocsp-local-cert/hosts/moon/etc/ipsec.d/ocspcerts/ocspCert-self.pem [deleted file]
testing/tests/ikev2/ocsp-local-cert/hosts/winnetou/etc/ca/ocsp/ocsp.cgi [new file with mode: 0755]
testing/tests/ikev2/ocsp-local-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi [deleted file]
testing/tests/ikev2/ocsp-multi-level/hosts/carol/etc/ipsec.d/certs/carolCert.pem [deleted file]
testing/tests/ikev2/ocsp-multi-level/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/ocsp-multi-level/hosts/dave/etc/ipsec.d/certs/daveCert.pem [deleted file]
testing/tests/ikev2/ocsp-multi-level/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/tests/ikev2/ocsp-multi-level/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/ocsp-multi-level/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev2/ocsp-multi-level/hosts/moon/etc/ipsec.d/cacerts/salesCert.pem [deleted file]
testing/tests/ikev2/ocsp-multi-level/pretest.dat
testing/tests/ikev2/ocsp-no-signer-cert/hosts/winnetou/etc/ca/ocsp/ocsp.cgi [new file with mode: 0755]
testing/tests/ikev2/ocsp-no-signer-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi [deleted file]
testing/tests/ikev2/ocsp-revoked/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/ocsp-revoked/hosts/carol/etc/ipsec.d/certs/carolRevokedCert.pem [deleted file]
testing/tests/ikev2/ocsp-revoked/hosts/carol/etc/ipsec.d/private/carolRevokedKey.pem [deleted file]
testing/tests/ikev2/ocsp-revoked/hosts/carol/etc/ipsec.secrets
testing/tests/ikev2/ocsp-revoked/posttest.dat
testing/tests/ikev2/ocsp-signer-cert/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/ocsp-signer-cert/hosts/carol/etc/ipsec.d/certs/carolCert-ocsp.pem [deleted file]
testing/tests/ikev2/ocsp-signer-cert/hosts/carol/etc/ipsec.d/private/carolKey-ocsp.pem [deleted file]
testing/tests/ikev2/ocsp-signer-cert/hosts/carol/etc/ipsec.secrets
testing/tests/ikev2/ocsp-signer-cert/posttest.dat
testing/tests/ikev2/ocsp-strict-ifuri/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/ocsp-strict-ifuri/hosts/carol/etc/ipsec.d/certs/carolCert-ifuri.pem [deleted file]
testing/tests/ikev2/ocsp-strict-ifuri/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/ocsp-strict-ifuri/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/ocsp-strict-ifuri/hosts/dave/etc/ipsec.d/certs/daveCert-ifuri.pem [deleted file]
testing/tests/ikev2/ocsp-strict-ifuri/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/tests/ikev2/ocsp-strict-ifuri/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/ocsp-strict-ifuri/hosts/moon/etc/ipsec.d/cacerts/researchCert.pem [deleted file]
testing/tests/ikev2/ocsp-strict-ifuri/hosts/moon/etc/ipsec.d/cacerts/salesCert.pem [deleted file]
testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.d/certs/carolCert-ocsp.pem [deleted file]
testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.d/private/carolKey-ocsp.pem [deleted file]
testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.secrets
testing/tests/ikev2/ocsp-timeouts-good/posttest.dat
testing/tests/ikev2/ocsp-untrusted-cert/hosts/winnetou/etc/ca/ocsp/ocsp.cgi [new file with mode: 0755]
testing/tests/ikev2/ocsp-untrusted-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi [deleted file]
testing/tests/ikev2/redirect-active/hosts/alice/etc/ipsec.d/certs/marsCert.pem [deleted file]
testing/tests/ikev2/redirect-active/hosts/alice/etc/ipsec.d/private/marsKey.pem [deleted file]
testing/tests/ikev2/redirect-active/hosts/moon/etc/ipsec.d/certs/marsCert.pem [deleted file]
testing/tests/ikev2/redirect-active/hosts/moon/etc/ipsec.d/private/marsKey.pem [deleted file]
testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der [deleted file]
testing/tests/ikev2/rw-eap-peap-md5/evaltest.dat
testing/tests/ikev2/rw-eap-peap-md5/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/rw-eap-peap-md5/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/rw-eap-peap-mschapv2/evaltest.dat
testing/tests/ikev2/rw-eap-peap-mschapv2/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/rw-eap-peap-mschapv2/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/rw-eap-peap-radius/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/rw-eap-peap-radius/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/rw-eap-tls-only/evaltest.dat
testing/tests/ikev2/rw-eap-tls-only/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/rw-eap-tls-radius/evaltest.dat
testing/tests/ikev2/rw-eap-tls-radius/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/rw-eap-tls-radius/hosts/moon/etc/ipsec.conf
testing/tests/ikev2/rw-eap-ttls-only/evaltest.dat
testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/ipsec.conf
testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/ipsec.conf
testing/tests/ikev2/rw-newhope-bliss/hosts/carol/etc/ipsec.d/cacerts/strongswan_blissCert.der [deleted file]
testing/tests/ikev2/rw-newhope-bliss/hosts/carol/etc/ipsec.d/certs/carolCert.der [deleted file]
testing/tests/ikev2/rw-newhope-bliss/hosts/carol/etc/ipsec.d/private/carolKey.der [deleted file]
testing/tests/ikev2/rw-newhope-bliss/hosts/dave/etc/ipsec.d/cacerts/strongswan_blissCert.der [deleted file]
testing/tests/ikev2/rw-newhope-bliss/hosts/dave/etc/ipsec.d/certs/daveCert.der [deleted file]
testing/tests/ikev2/rw-newhope-bliss/hosts/dave/etc/ipsec.d/private/daveKey.der [deleted file]
testing/tests/ikev2/rw-newhope-bliss/hosts/moon/etc/ipsec.d/cacerts/strongswan_blissCert.der [deleted file]
testing/tests/ikev2/rw-newhope-bliss/hosts/moon/etc/ipsec.d/certs/moonCert.der [deleted file]
testing/tests/ikev2/rw-newhope-bliss/hosts/moon/etc/ipsec.d/private/moonKey.der [deleted file]
testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/ipsec.d/cacerts/strongswan_blissCert.der [deleted file]
testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/ipsec.d/certs/carolCert.der [deleted file]
testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/ipsec.d/private/carolKey.der [deleted file]
testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/ipsec.d/cacerts/strongswan_blissCert.der [deleted file]
testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/ipsec.d/certs/daveCert.der [deleted file]
testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/ipsec.d/private/daveKey.der [deleted file]
testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/ipsec.d/cacerts/strongswan_blissCert.der [deleted file]
testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/ipsec.d/certs/moonCert.der [deleted file]
testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/ipsec.d/private/moonKey.der [deleted file]
testing/tests/ikev2/rw-pkcs8/description.txt
testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.d/private/carolKey.pem [deleted file]
testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.d/private/daveKey.pem [deleted file]
testing/tests/ikev2/rw-pkcs8/hosts/moon/etc/ipsec.d/private/moonKey.pem [deleted file]
testing/tests/ikev2/strong-keys-certs/description.txt
testing/tests/ikev2/strong-keys-certs/hosts/carol/etc/ipsec.d/certs/carolCert-sha384.pem [deleted file]
testing/tests/ikev2/strong-keys-certs/hosts/carol/etc/ipsec.d/private/carolKey-aes192.pem [deleted file]
testing/tests/ikev2/strong-keys-certs/hosts/dave/etc/ipsec.d/certs/daveCert-sha512.pem [deleted file]
testing/tests/ikev2/strong-keys-certs/hosts/dave/etc/ipsec.d/private/daveKey-aes256.pem [deleted file]
testing/tests/ikev2/strong-keys-certs/hosts/moon/etc/ipsec.d/certs/moonCert-sha224.pem [deleted file]
testing/tests/ikev2/strong-keys-certs/hosts/moon/etc/ipsec.d/private/moonKey-aes128.pem [deleted file]
testing/tests/ikev2/two-certs/hosts/carol/etc/ipsec.d/certs/carolCert-002.pem [deleted file]
testing/tests/ikev2/two-certs/hosts/carol/etc/ipsec.d/private/carolKey-002.pem [deleted file]
testing/tests/ikev2/wildcards/hosts/moon/etc/ipsec.conf
testing/tests/ipv6/.gitignore [new file with mode: 0644]
testing/tests/ipv6/net2net-rfc3779-ikev2/hosts/moon/etc/swanctl/rsa/moonKey.pem [deleted file]
testing/tests/ipv6/net2net-rfc3779-ikev2/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/ipv6/net2net-rfc3779-ikev2/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/ipv6/net2net-rfc3779-ikev2/hosts/sun/etc/swanctl/rsa/sunKey.pem [deleted file]
testing/tests/ipv6/net2net-rfc3779-ikev2/hosts/sun/etc/swanctl/x509/sunCert.pem [deleted file]
testing/tests/ipv6/net2net-rfc3779-ikev2/hosts/sun/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/ipv6/rw-rfc3779-ikev2/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/ipv6/rw-rfc3779-ikev2/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/tests/ipv6/rw-rfc3779-ikev2/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/ipv6/rw-rfc3779-ikev2/hosts/dave/etc/swanctl/rsa/daveKey.pem [deleted file]
testing/tests/ipv6/rw-rfc3779-ikev2/hosts/dave/etc/swanctl/x509/daveCert.pem [deleted file]
testing/tests/ipv6/rw-rfc3779-ikev2/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/ipv6/rw-rfc3779-ikev2/hosts/moon/etc/swanctl/rsa/moonKey.pem [deleted file]
testing/tests/ipv6/rw-rfc3779-ikev2/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/ipv6/rw-rfc3779-ikev2/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/openssl-ikev1/ecdsa-certs/hosts/.gitignore [new file with mode: 0644]
testing/tests/openssl-ikev1/ecdsa-certs/hosts/carol/etc/swanctl/ecdsa/carolKey.pem [deleted file]
testing/tests/openssl-ikev1/ecdsa-certs/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/tests/openssl-ikev1/ecdsa-certs/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/openssl-ikev1/ecdsa-certs/hosts/dave/etc/swanctl/ecdsa/daveKey.pem [deleted file]
testing/tests/openssl-ikev1/ecdsa-certs/hosts/dave/etc/swanctl/x509/daveCert.pem [deleted file]
testing/tests/openssl-ikev1/ecdsa-certs/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/swanctl/ecdsa/moonKey.pem [deleted file]
testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/openssl-ikev2/.gitignore [new file with mode: 0644]
testing/tests/openssl-ikev2/critical-extension/hosts/moon/etc/ipsec.conf [deleted file]
testing/tests/openssl-ikev2/critical-extension/hosts/moon/etc/swanctl/rsa/moonKey.pem [deleted file]
testing/tests/openssl-ikev2/critical-extension/hosts/moon/etc/swanctl/x509/moonCert.der [deleted file]
testing/tests/openssl-ikev2/critical-extension/hosts/sun/etc/ipsec.conf [deleted file]
testing/tests/openssl-ikev2/critical-extension/hosts/sun/etc/swanctl/rsa/sunKey.pem [deleted file]
testing/tests/openssl-ikev2/critical-extension/hosts/sun/etc/swanctl/x509/sunCert.der [deleted file]
testing/tests/openssl-ikev2/critical-extension/posttest.dat
testing/tests/openssl-ikev2/critical-extension/pretest.dat
testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/swanctl/ecdsa/carolKey.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/swanctl/ecdsa/daveKey.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/swanctl/x509/daveCert.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/swanctl/ecdsa/moonKey.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/swanctl/pkcs8/carolKey.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/swanctl/pkcs8/daveKey.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/swanctl/x509/daveCert.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/swanctl/ecdsa/moonKey.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/openssl-ikev2/net2net-pkcs12/hosts/moon/etc/swanctl/pkcs12/moonCert.p12 [deleted file]
testing/tests/openssl-ikev2/net2net-pkcs12/hosts/sun/etc/swanctl/pkcs12/sunCert.p12 [deleted file]
testing/tests/sql/.gitignore [new file with mode: 0644]
testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-split-pools-db/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-split-pools-db/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-split-pools-db/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-split-pools-db/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/ip-split-pools-db/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/ip-split-pools-db/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/multi-level-ca/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/multi-level-ca/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/multi-level-ca/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/multi-level-ca/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/multi-level-ca/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/multi-level-ca/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/net2net-route-pem/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/net2net-route-pem/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/net2net-route-pem/hosts/sun/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/net2net-route-pem/hosts/sun/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/net2net-start-pem/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/net2net-start-pem/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/net2net-start-pem/hosts/sun/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/net2net-start-pem/hosts/sun/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-rsa-keyid/evaltest.dat
testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-rsa/hosts/carol/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-rsa/hosts/carol/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-rsa/hosts/dave/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-rsa/hosts/dave/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/rw-rsa/hosts/moon/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/rw-rsa/hosts/moon/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/shunt-policies-nat-rw/hosts/alice/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/shunt-policies-nat-rw/hosts/alice/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/shunt-policies-nat-rw/hosts/sun/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/shunt-policies-nat-rw/hosts/sun/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/sql/shunt-policies-nat-rw/hosts/venus/etc/ipsec.d/data.sql [deleted file]
testing/tests/sql/shunt-policies-nat-rw/hosts/venus/etc/ipsec.d/data.sql.in [new file with mode: 0644]
testing/tests/swanctl/.gitignore [new file with mode: 0644]
testing/tests/swanctl/crl-to-cache/evaltest.dat
testing/tests/swanctl/crl-to-cache/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/tests/swanctl/crl-to-cache/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/swanctl/multi-level-ca/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/swanctl/multi-level-ca/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/tests/swanctl/multi-level-ca/hosts/carol/etc/swanctl/x509ca/researchCert.pem [deleted file]
testing/tests/swanctl/multi-level-ca/hosts/dave/etc/swanctl/rsa/daveKey.pem [deleted file]
testing/tests/swanctl/multi-level-ca/hosts/dave/etc/swanctl/x509/daveCert.pem [deleted file]
testing/tests/swanctl/multi-level-ca/hosts/dave/etc/swanctl/x509ca/salesCert.pem [deleted file]
testing/tests/swanctl/multi-level-ca/hosts/moon/etc/ipsec.conf [deleted file]
testing/tests/swanctl/multi-level-ca/hosts/moon/etc/swanctl/swanctl.conf
testing/tests/swanctl/multi-level-ca/hosts/moon/etc/swanctl/x509ca/researchCert.pem [deleted file]
testing/tests/swanctl/multi-level-ca/hosts/moon/etc/swanctl/x509ca/salesCert.pem [deleted file]
testing/tests/swanctl/net2net-ed25519/hosts/moon/etc/swanctl/pkcs8/moonKey.pem [deleted file]
testing/tests/swanctl/net2net-ed25519/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/swanctl/net2net-ed25519/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/swanctl/net2net-ed25519/hosts/sun/etc/swanctl/pkcs8/sunKey.pem [deleted file]
testing/tests/swanctl/net2net-ed25519/hosts/sun/etc/swanctl/x509/sunCert.pem [deleted file]
testing/tests/swanctl/net2net-ed25519/hosts/sun/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/swanctl/net2net-pubkey/hosts/moon/etc/swanctl/pubkey/moonPub.pem [deleted file]
testing/tests/swanctl/net2net-pubkey/hosts/moon/etc/swanctl/pubkey/sunPub.pem [deleted file]
testing/tests/swanctl/net2net-pubkey/hosts/sun/etc/swanctl/pubkey/moonPub.pem [deleted file]
testing/tests/swanctl/net2net-pubkey/hosts/sun/etc/swanctl/pubkey/sunPub.pem [deleted file]
testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/strongswan.conf
testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/rsa/moonKey.pem [deleted file]
testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/strongswan.conf
testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/rsa/sunKey.pem [deleted file]
testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509/sunCert.pem [deleted file]
testing/tests/swanctl/net2net-sha3-rsa-cert/hosts/sun/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/swanctl/ocsp-disabled/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/swanctl/ocsp-disabled/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/tests/swanctl/ocsp-multi-level/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/swanctl/ocsp-multi-level/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/tests/swanctl/ocsp-multi-level/hosts/carol/etc/swanctl/x509ca/researchCert.pem [deleted file]
testing/tests/swanctl/ocsp-multi-level/hosts/dave/etc/swanctl/rsa/daveKey.pem [deleted file]
testing/tests/swanctl/ocsp-multi-level/hosts/dave/etc/swanctl/x509/daveCert.pem [deleted file]
testing/tests/swanctl/ocsp-multi-level/hosts/dave/etc/swanctl/x509ca/salesCert.pem [deleted file]
testing/tests/swanctl/ocsp-multi-level/hosts/moon/etc/ipsec.conf [deleted file]
testing/tests/swanctl/ocsp-multi-level/hosts/moon/etc/swanctl/x509ca/researchCert.pem [deleted file]
testing/tests/swanctl/ocsp-multi-level/hosts/moon/etc/swanctl/x509ca/salesCert.pem [deleted file]
testing/tests/swanctl/ocsp-signer-cert/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/swanctl/ocsp-signer-cert/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/tests/swanctl/rw-cert-ppk/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/swanctl/rw-cert-pss/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/swanctl/rw-cert/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/swanctl/rw-dnssec/hosts/carol/etc/swanctl/pubkey/carolPub.der [deleted file]
testing/tests/swanctl/rw-dnssec/hosts/carol/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-dnssec/hosts/dave/etc/swanctl/pubkey/davePub.der [deleted file]
testing/tests/swanctl/rw-dnssec/hosts/dave/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-dnssec/hosts/moon/etc/swanctl/pubkey/moonPub.der [deleted file]
testing/tests/swanctl/rw-dnssec/hosts/moon/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-peap-md5/evaltest.dat
testing/tests/swanctl/rw-eap-peap-md5/hosts/carol/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-peap-md5/hosts/dave/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-peap-mschapv2/evaltest.dat
testing/tests/swanctl/rw-eap-peap-mschapv2/hosts/carol/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-peap-mschapv2/hosts/dave/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-peap-radius/hosts/carol/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-peap-radius/hosts/dave/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-tls-only/evaltest.dat
testing/tests/swanctl/rw-eap-tls-only/hosts/carol/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-tls-radius/evaltest.dat
testing/tests/swanctl/rw-eap-tls-radius/hosts/carol/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-tls-radius/hosts/moon/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/strongswan.conf
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/strongswan.conf
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/rsa/daveKey.pem [deleted file]
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/x509/daveCert.pem [deleted file]
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/strongswan.conf
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/rsa/moonKey.pem [deleted file]
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/swanctl/rw-eap-tls-sha3-rsa/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/swanctl/rw-eap-ttls-only/evaltest.dat
testing/tests/swanctl/rw-eap-ttls-only/hosts/carol/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-ttls-only/hosts/dave/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-ttls-radius/hosts/carol/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-eap-ttls-radius/hosts/dave/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/pkcs8/carolKey.pem [deleted file]
testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/x509/carolCert.pem [deleted file]
testing/tests/swanctl/rw-ed25519-certpol/hosts/carol/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/pkcs8/daveKey.pem [deleted file]
testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/x509/daveCert.pem [deleted file]
testing/tests/swanctl/rw-ed25519-certpol/hosts/dave/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/pkcs8/moonKey.pem [deleted file]
testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/x509/moonCert.pem [deleted file]
testing/tests/swanctl/rw-ed25519-certpol/hosts/moon/etc/swanctl/x509ca/strongswanCert.pem [deleted file]
testing/tests/swanctl/rw-newhope-bliss/hosts/carol/etc/swanctl/bliss/carolKey.der [deleted file]
testing/tests/swanctl/rw-newhope-bliss/hosts/carol/etc/swanctl/x509/carolCert.der [deleted file]
testing/tests/swanctl/rw-newhope-bliss/hosts/carol/etc/swanctl/x509ca/strongswan_blissCert.der [deleted file]
testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/bliss/daveKey.der [deleted file]
testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/x509/daveCert.der [deleted file]
testing/tests/swanctl/rw-newhope-bliss/hosts/dave/etc/swanctl/x509ca/strongswan_blissCert.der [deleted file]
testing/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/swanctl/bliss/moonKey.der [deleted file]
testing/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/swanctl/x509/moonCert.der [deleted file]
testing/tests/swanctl/rw-newhope-bliss/hosts/moon/etc/swanctl/x509ca/strongswan_blissCert.der [deleted file]
testing/tests/swanctl/rw-ntru-bliss/hosts/carol/etc/swanctl/bliss/carolKey.der [deleted file]
testing/tests/swanctl/rw-ntru-bliss/hosts/carol/etc/swanctl/x509/carolCert.der [deleted file]
testing/tests/swanctl/rw-ntru-bliss/hosts/carol/etc/swanctl/x509ca/strongswan_blissCert.der [deleted file]
testing/tests/swanctl/rw-ntru-bliss/hosts/dave/etc/swanctl/bliss/daveKey.der [deleted file]
testing/tests/swanctl/rw-ntru-bliss/hosts/dave/etc/swanctl/x509/daveCert.der [deleted file]
testing/tests/swanctl/rw-ntru-bliss/hosts/dave/etc/swanctl/x509ca/strongswan_blissCert.der [deleted file]
testing/tests/swanctl/rw-ntru-bliss/hosts/moon/etc/swanctl/bliss/moonKey.der [deleted file]
testing/tests/swanctl/rw-ntru-bliss/hosts/moon/etc/swanctl/x509/moonCert.der [deleted file]
testing/tests/swanctl/rw-ntru-bliss/hosts/moon/etc/swanctl/x509ca/strongswan_blissCert.der [deleted file]
testing/tests/swanctl/rw-pubkey-anon/evaltest.dat
testing/tests/swanctl/rw-pubkey-anon/hosts/carol/etc/swanctl/pubkey/carolPub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-anon/hosts/carol/etc/swanctl/pubkey/moonPub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-anon/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/swanctl/rw-pubkey-anon/hosts/carol/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-pubkey-anon/hosts/dave/etc/swanctl/pubkey/davePub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-anon/hosts/dave/etc/swanctl/pubkey/moonPub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-anon/hosts/moon/etc/swanctl/pubkey/carolPub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-anon/hosts/moon/etc/swanctl/pubkey/davePub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-anon/hosts/moon/etc/swanctl/pubkey/moonPub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-anon/hosts/moon/etc/swanctl/pubkey/sunPub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-keyid/evaltest.dat
testing/tests/swanctl/rw-pubkey-keyid/hosts/carol/etc/swanctl/pubkey/carolPub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-keyid/hosts/carol/etc/swanctl/pubkey/moonPub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-keyid/hosts/carol/etc/swanctl/rsa/carolKey.pem [deleted file]
testing/tests/swanctl/rw-pubkey-keyid/hosts/carol/etc/swanctl/swanctl.conf
testing/tests/swanctl/rw-pubkey-keyid/hosts/dave/etc/swanctl/pubkey/davePub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-keyid/hosts/dave/etc/swanctl/pubkey/moonPub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-keyid/hosts/moon/etc/swanctl/pubkey/carolPub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-keyid/hosts/moon/etc/swanctl/pubkey/davePub.pem [deleted file]
testing/tests/swanctl/rw-pubkey-keyid/hosts/moon/etc/swanctl/pubkey/moonPub.pem [deleted file]
testing/tests/tkm/.gitignore [new file with mode: 0644]
testing/tests/tkm/host2host-initiator/hosts/moon/etc/tkm/moonKey.der [deleted file]
testing/tests/tkm/host2host-initiator/hosts/moon/etc/tkm/strongswanCert.der [deleted file]
testing/tests/tkm/host2host-responder/hosts/moon/etc/tkm/moonKey.der [deleted file]
testing/tests/tkm/host2host-responder/hosts/moon/etc/tkm/strongswanCert.der [deleted file]
testing/tests/tkm/host2host-xfrmproxy/hosts/moon/etc/tkm/moonKey.der [deleted file]
testing/tests/tkm/host2host-xfrmproxy/hosts/moon/etc/tkm/strongswanCert.der [deleted file]
testing/tests/tkm/multiple-clients/hosts/sun/etc/tkm/strongswanCert.der [deleted file]
testing/tests/tkm/multiple-clients/hosts/sun/etc/tkm/sunKey.der [deleted file]
testing/tests/tkm/net2net-initiator/hosts/moon/etc/tkm/moonKey.der [deleted file]
testing/tests/tkm/net2net-xfrmproxy/hosts/moon/etc/tkm/moonKey.der [deleted file]
testing/tests/tkm/net2net-xfrmproxy/hosts/moon/etc/tkm/strongswanCert.der [deleted file]
testing/tests/tkm/xfrmproxy-expire/hosts/moon/etc/tkm/moonKey.der [deleted file]
testing/tests/tkm/xfrmproxy-expire/hosts/moon/etc/tkm/strongswanCert.der [deleted file]
testing/tests/tkm/xfrmproxy-rekey/hosts/moon/etc/tkm/moonKey.der [deleted file]
testing/tests/tkm/xfrmproxy-rekey/hosts/moon/etc/tkm/strongswanCert.der [deleted file]
testing/tests/tnc/.gitignore [new file with mode: 0644]
testing/tests/tnc/tnccs-20-ev-pt-tls/evaltest.dat
testing/tests/tnc/tnccs-20-ev-pt-tls/hosts/alice/etc/swanctl/rsa/aaaKey.pem [deleted file]
testing/tests/tnc/tnccs-20-ev-pt-tls/hosts/alice/etc/swanctl/x509/aaaCert.pem [deleted file]
testing/tests/tnc/tnccs-20-hcd-eap/hosts/alice/etc/swanctl/rsa/aaaKey.pem [deleted file]
testing/tests/tnc/tnccs-20-hcd-eap/hosts/alice/etc/swanctl/x509/aaaCert.pem [deleted file]
testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/swanctl/rsa/aaaKey.pem [deleted file]
testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/swanctl/x509/aaaCert.pem [deleted file]
testing/tests/tnc/tnccs-20-pdp-pt-tls/evaltest.dat
testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/swanctl/rsa/aaaKey.pem [deleted file]
testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/swanctl/x509/aaaCert.pem [deleted file]
testing/tests/tnc/tnccs-20-tls/evaltest.dat

index 61dfbbc..a663636 100644 (file)
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2008 Martin Willi
- * Copyright (C) 2016 Andreas Steffen
+ * Copyright (C) 2016-2019 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -75,5 +75,6 @@ ENUM(builder_part_names, BUILD_FROM_FILE, BUILD_END,
        "BUILD_THRESHOLD",
        "BUILD_EDDSA_PUB",
        "BUILD_EDDSA_PRIV_ASN1_DER",
+       "BUILD_CRITICAL_EXTENSION",
        "BUILD_END",
 );
index b283bd1..b623646 100644 (file)
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2008 Martin Willi
- * Copyright (C) 2016 Andreas Steffen
+ * Copyright (C) 2016-2019 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -160,6 +160,8 @@ enum builder_part_t {
        BUILD_EDDSA_PUB,
        /** DER encoded ASN.1 EdDSA private key */
        BUILD_EDDSA_PRIV_ASN1_DER,
+       /** OID of an [unsupported] critical extension */
+       BUILD_CRITICAL_EXTENSION,
        /** end of variable argument builder list */
        BUILD_END,
 };
index f3d4377..7311708 100644 (file)
@@ -172,6 +172,11 @@ struct private_x509_cert_t {
        chunk_t authKeySerialNumber;
 
        /**
+        * Optional OID of an [unsupported] critical extension
+        */
+       chunk_t critical_extension_oid;
+
+       /**
         * Path Length Constraint
         */
        u_char pathLenConstraint;
@@ -1951,6 +1956,7 @@ METHOD(certificate_t, destroy, void,
                chunk_free(&this->authKeyIdentifier);
                chunk_free(&this->encoding);
                chunk_free(&this->encoding_hash);
+               chunk_free(&this->critical_extension_oid);
                if (!this->parsed)
                {       /* only parsed certificates point these fields to "encoded" */
                        chunk_free(&this->signature);
@@ -2203,6 +2209,7 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
        chunk_t policyConstraints = chunk_empty, inhibitAnyPolicy = chunk_empty;
        chunk_t ikeIntermediate = chunk_empty, msSmartcardLogon = chunk_empty;
        chunk_t ipAddrBlocks = chunk_empty, sig_scheme = chunk_empty;
+       chunk_t criticalExtension = chunk_empty;
        identification_t *issuer, *subject;
        chunk_t key_info;
        hasher_t *hasher;
@@ -2570,17 +2577,25 @@ static bool generate(private_x509_cert_t *cert, certificate_t *sign_cert,
                                                chunk_from_thing(cert->inhibit_any))));
        }
 
+       if (cert->critical_extension_oid.len > 0)
+       {
+               criticalExtension = asn1_wrap(ASN1_SEQUENCE, "mmm",
+                                       asn1_simple_object(ASN1_OID, cert->critical_extension_oid),
+                                       asn1_simple_object(ASN1_BOOLEAN, chunk_from_chars(0xFF)),
+                                       asn1_simple_object(ASN1_OCTET_STRING, chunk_empty));
+       }
+
        if (basicConstraints.ptr || subjectAltNames.ptr || authKeyIdentifier.ptr ||
                crlDistributionPoints.ptr || nameConstraints.ptr || ipAddrBlocks.ptr)
        {
                extensions = asn1_wrap(ASN1_CONTEXT_C_3, "m",
-                                               asn1_wrap(ASN1_SEQUENCE, "mmmmmmmmmmmmmm",
+                                               asn1_wrap(ASN1_SEQUENCE, "mmmmmmmmmmmmmmm",
                                                        basicConstraints, keyUsage, subjectKeyIdentifier,
                                                        authKeyIdentifier, subjectAltNames,
                                                        extendedKeyUsage, crlDistributionPoints,
                                                        authorityInfoAccess, nameConstraints, certPolicies,
                                                        policyMappings, policyConstraints, inhibitAnyPolicy,
-                                                       ipAddrBlocks));
+                                                       ipAddrBlocks, criticalExtension));
        }
 
        cert->tbsCertificate = asn1_wrap(ASN1_SEQUENCE, "mmccmcmm",
@@ -2864,6 +2879,9 @@ x509_cert_t *x509_cert_gen(certificate_type_t type, va_list args)
                        case BUILD_DIGEST_ALG:
                                digest_alg = va_arg(args, int);
                                continue;
+                       case BUILD_CRITICAL_EXTENSION:
+                               cert->critical_extension_oid = chunk_clone(va_arg(args, chunk_t));
+                               continue;
                        case BUILD_END:
                                break;
                        default:
index 95cb11c..a315c62 100644 (file)
@@ -117,6 +117,11 @@ struct private_x509_crl_t {
        chunk_t authKeySerialNumber;
 
        /**
+        * Optional OID of an [unsupported] critical extension
+        */
+       chunk_t critical_extension_oid;
+
+       /**
         * Number of BaseCRL, if a delta CRL
         */
        chunk_t baseCrlNumber;
@@ -605,6 +610,7 @@ METHOD(certificate_t, destroy, void,
                DESTROY_IF(this->issuer);
                free(this->authKeyIdentifier.ptr);
                free(this->encoding.ptr);
+               free(this->critical_extension_oid.ptr);
                if (this->generated)
                {
                        free(this->crlNumber.ptr);
@@ -718,7 +724,7 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert,
 {
        chunk_t extensions = chunk_empty, certList = chunk_empty, serial;
        chunk_t crlDistributionPoints = chunk_empty, baseCrlNumber = chunk_empty;
-       chunk_t sig_scheme = chunk_empty;
+       chunk_t sig_scheme = chunk_empty, criticalExtension = chunk_empty;
        enumerator_t *enumerator;
        crl_reason_t reason;
        time_t date;
@@ -784,8 +790,16 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert,
                                                                asn1_integer("c", this->baseCrlNumber)));
        }
 
+       if (this->critical_extension_oid.len > 0)
+       {
+               criticalExtension = asn1_wrap(ASN1_SEQUENCE, "mmm",
+                                       asn1_simple_object(ASN1_OID, this->critical_extension_oid),
+                                       asn1_simple_object(ASN1_BOOLEAN, chunk_from_chars(0xFF)),
+                                       asn1_simple_object(ASN1_OCTET_STRING, chunk_empty));
+       }
+
        extensions = asn1_wrap(ASN1_CONTEXT_C_0, "m",
-                                       asn1_wrap(ASN1_SEQUENCE, "mmmm",
+                                       asn1_wrap(ASN1_SEQUENCE, "mmmmm",
                                                asn1_wrap(ASN1_SEQUENCE, "mm",
                                                        asn1_build_known_oid(OID_AUTHORITY_KEY_ID),
                                                        asn1_wrap(ASN1_OCTET_STRING, "m",
@@ -796,7 +810,8 @@ static bool generate(private_x509_crl_t *this, certificate_t *cert,
                                                        asn1_build_known_oid(OID_CRL_NUMBER),
                                                        asn1_wrap(ASN1_OCTET_STRING, "m",
                                                                asn1_integer("c", this->crlNumber))),
-                                               crlDistributionPoints, baseCrlNumber));
+                                               crlDistributionPoints, baseCrlNumber,
+                                               criticalExtension));
 
        this->tbsCertList = asn1_wrap(ASN1_SEQUENCE, "cccmmmm",
                                                        ASN1_INTEGER_1,
@@ -887,6 +902,9 @@ x509_crl_t *x509_crl_gen(certificate_type_t type, va_list args)
                                enumerator->destroy(enumerator);
                                continue;
                        }
+                       case BUILD_CRITICAL_EXTENSION:
+                               crl->critical_extension_oid = chunk_clone(va_arg(args, chunk_t));
+                               continue;
                        case BUILD_END:
                                break;
                        default:
index b117fa1..4f11e7a 100644 (file)
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2009 Martin Willi
- * Copyright (C) 2015-2017 Andreas Steffen
+ * Copyright (C) 2015-2019 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -77,6 +77,7 @@ static int issue()
        int inhibit_mapping = X509_NO_CONSTRAINT, require_explicit = X509_NO_CONSTRAINT;
        chunk_t serial = chunk_empty;
        chunk_t encoding = chunk_empty;
+       chunk_t critical_extension_oid = chunk_empty;
        time_t not_before, not_after, lifetime = 1095 * 24 * 60 * 60;
        char *datenb = NULL, *datena = NULL, *dateform = NULL;
        x509_flag_t flags = 0;
@@ -333,6 +334,10 @@ static int issue()
                        case 'o':
                                ocsp->insert_last(ocsp, arg);
                                continue;
+                       case 'X':
+                               chunk_free(&critical_extension_oid);
+                               critical_extension_oid = asn1_oid_from_string(arg);
+                               continue;
                        case EOF:
                                break;
                        default:
@@ -558,6 +563,7 @@ static int issue()
                                        BUILD_POLICY_REQUIRE_EXPLICIT, require_explicit,
                                        BUILD_POLICY_INHIBIT_MAPPING, inhibit_mapping,
                                        BUILD_POLICY_INHIBIT_ANY, inhibit_any,
+                                       BUILD_CRITICAL_EXTENSION, critical_extension_oid,
                                        BUILD_SIGNATURE_SCHEME, scheme,
                                        BUILD_END);
        if (!cert)
@@ -593,6 +599,7 @@ end:
        cdps->destroy_function(cdps, (void*)destroy_cdp);
        ocsp->destroy(ocsp);
        signature_params_destroy(scheme);
+       free(critical_extension_oid.ptr);
        free(encoding.ptr);
        free(serial.ptr);
 
@@ -612,6 +619,7 @@ usage:
        mappings->destroy_function(mappings, (void*)destroy_policy_mapping);
        cdps->destroy_function(cdps, (void*)destroy_cdp);
        ocsp->destroy(ocsp);
+       free(critical_extension_oid.ptr);
        return command_usage(error);
 }
 
@@ -632,7 +640,7 @@ static void __attribute__ ((constructor))reg()
                 "[--policy-explicit len] [--policy-inhibit len] [--policy-any len]",
                 "[--cert-policy oid [--cps-uri uri] [--user-notice text]]+",
                 "[--digest md5|sha1|sha224|sha256|sha384|sha512|sha3_224|sha3_256|sha3_384|sha3_512]",
-                "[--rsa-padding pkcs1|pss]",
+                "[--rsa-padding pkcs1|pss] [--critical oid]",
                 "[--outform der|pem]"},
                {
                        {"help",                        'h', 0, "show usage information"},
@@ -666,6 +674,7 @@ static void __attribute__ ((constructor))reg()
                        {"ocsp",                        'o', 1, "OCSP AuthorityInfoAccess URI to include"},
                        {"digest",                      'g', 1, "digest for signature creation, default: key-specific"},
                        {"rsa-padding",         'R', 1, "padding for RSA signatures, default: pkcs1"},
+                       {"critical",            'X', 1, "critical extension OID to include"},
                        {"outform",                     'f', 1, "encoding of generated cert, default: der"},
                }
        });
index 001b9ff..10651f5 100644 (file)
 #include <credentials/certificates/certificate.h>
 #include <credentials/certificates/x509.h>
 
+typedef enum {
+               FORMAT_PRETTY,
+               FORMAT_HEX,
+               FORMAT_BASE64,
+               FORMAT_BINARY,
+} format_t;
+
+/**
+ * Print a single keyid in the requested format
+ */
+static bool print_id(chunk_t id, format_t format, char *desc)
+{
+       chunk_t chunk;
+
+       switch (format)
+       {
+               case FORMAT_PRETTY:
+                       printf("%s:\n             %#B\n", desc, &id);
+                       break;
+               case FORMAT_HEX:
+                       chunk = chunk_to_hex(id, NULL, FALSE);
+                       printf("%.*s\n", (int)chunk.len, chunk.ptr);
+                       chunk_free(&chunk);
+                       break;
+               case FORMAT_BASE64:
+                       chunk = chunk_to_base64(id, NULL);
+                       printf("%.*s\n", (int)chunk.len, chunk.ptr);
+                       chunk_free(&chunk);
+                       break;
+               case FORMAT_BINARY:
+                       if (fwrite(id.ptr, id.len, 1, stdout) != 1)
+                       {
+                               fprintf(stderr, "writing %s failed\n", desc);
+                               return FALSE;
+                       }
+                       break;
+       }
+       return TRUE;
+}
+
 /**
  * Calculate the keyid of a key/certificate
  */
@@ -31,9 +71,15 @@ static int keyid()
        certificate_t *cert;
        private_key_t *private;
        public_key_t *public;
+       format_t format = FORMAT_PRETTY;
+       enum {
+               ID_TYPE_ALL,
+               ID_TYPE_SPK,
+               ID_TYPE_SPKI,
+       } id_type = FORMAT_PRETTY;
        char *file = NULL, *keyid = NULL;
        void *cred;
-       chunk_t id;
+       chunk_t id, spk = chunk_empty, spki = chunk_empty;
        char *arg;
 
        while (TRUE)
@@ -86,6 +132,38 @@ static int keyid()
                                        return command_usage( "invalid input type");
                                }
                                continue;
+                       case 'I':
+                               if (streq(arg, "spk"))
+                               {
+                                       id_type = ID_TYPE_SPK;
+                               }
+                               else if (streq(arg, "spki"))
+                               {
+                                       id_type = ID_TYPE_SPKI;
+                               }
+                               else if (!streq(arg, "all"))
+                               {
+                                       return command_usage( "invalid id type");
+                               }
+                               continue;
+                       case 'f':
+                               if (streq(arg, "hex"))
+                               {
+                                       format = FORMAT_HEX;
+                               }
+                               else if (streq(arg, "base64"))
+                               {
+                                       format = FORMAT_BASE64;
+                               }
+                               else if (streq(arg, "bin"))
+                               {
+                                       format = FORMAT_BINARY;
+                               }
+                               else if (!streq(arg, "pretty"))
+                               {
+                                       return command_usage( "invalid output format");
+                               }
+                               continue;
                        case 'i':
                                file = arg;
                                continue;
@@ -138,11 +216,11 @@ static int keyid()
                private = cred;
                if (private->get_fingerprint(private, KEYID_PUBKEY_SHA1, &id))
                {
-                       printf("subjectKeyIdentifier:      %#B\n", &id);
+                       spk = chunk_clone(id);
                }
                if (private->get_fingerprint(private, KEYID_PUBKEY_INFO_SHA1, &id))
                {
-                       printf("subjectPublicKeyInfo hash: %#B\n", &id);
+                       spki = chunk_clone(id);
                }
                private->destroy(private);
        }
@@ -151,11 +229,11 @@ static int keyid()
                public = cred;
                if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id))
                {
-                       printf("subjectKeyIdentifier:      %#B\n", &id);
+                       spk = chunk_clone(id);
                }
                if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &id))
                {
-                       printf("subjectPublicKeyInfo hash: %#B\n", &id);
+                       spki = chunk_clone(id);
                }
                public->destroy(public);
        }
@@ -170,15 +248,34 @@ static int keyid()
                }
                if (public->get_fingerprint(public, KEYID_PUBKEY_SHA1, &id))
                {
-                       printf("subjectKeyIdentifier:      %#B\n", &id);
+                       spk = chunk_clone(id);
                }
                if (public->get_fingerprint(public, KEYID_PUBKEY_INFO_SHA1, &id))
                {
-                       printf("subjectPublicKeyInfo hash: %#B\n", &id);
+                       spki = chunk_clone(id);
                }
                public->destroy(public);
                cert->destroy(cert);
        }
+
+       if (id_type == ID_TYPE_ALL || id_type == ID_TYPE_SPK)
+       {
+               if (!spk.len ||
+                       !print_id(spk, format, "subjkey (SHA-1 of subjectPublicKey)"))
+               {
+                       return 1;
+               }
+       }
+       if (id_type == ID_TYPE_ALL || id_type == ID_TYPE_SPKI)
+       {
+               if (!spki.len ||
+                       !print_id(spki, format, "keyid (SHA-1 of subjectPublicKeyInfo)"))
+               {
+                       return 1;
+               }
+       }
+       chunk_free(&spk);
+       chunk_free(&spki);
        return 0;
 }
 
@@ -190,12 +287,15 @@ static void __attribute__ ((constructor))reg()
        command_register((command_t)
                { keyid, 'k', "keyid",
                "calculate key identifiers of a key/certificate",
-               {"[--in file|--keyid hex] [--type priv|rsa|ecdsa|bliss|pub|pkcs10|x509]"},
+               {"[--in file|--keyid hex] [--type priv|rsa|ecdsa|bliss|pub|pkcs10|x509]",
+                "[--id all|spk|spki] [--format pretty|hex|base64|bin]"},
                {
                        {"help",        'h', 0, "show usage information"},
                        {"in",          'i', 1, "input file, default: stdin"},
                        {"keyid",       'x', 1, "smartcard or TPM private key object handle"},
                        {"type",        't', 1, "type of key, default: priv"},
+                       {"id",          'I', 1, "type of identifier, default: all"},
+                       {"format",      'f', 1, "output format, default: pretty"},
                }
        });
 }
index a08ee99..31018e8 100644 (file)
@@ -1,6 +1,6 @@
 /*
  * Copyright (C) 2009 Martin Willi
- * Copyright (C) 2015-2017 Andreas Steffen
+ * Copyright (C) 2015-2019 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -65,6 +65,7 @@ static int self()
        int require_explicit = X509_NO_CONSTRAINT;
        chunk_t serial = chunk_empty;
        chunk_t encoding = chunk_empty;
+       chunk_t critical_extension_oid = chunk_empty;
        time_t not_before, not_after, lifetime = 1095 * 24 * 60 * 60;
        char *datenb = NULL, *datena = NULL, *dateform = NULL;
        x509_flag_t flags = 0;
@@ -289,6 +290,10 @@ static int self()
                        case 'o':
                                ocsp->insert_last(ocsp, arg);
                                continue;
+                       case 'X':
+                               chunk_free(&critical_extension_oid);
+                               critical_extension_oid = asn1_oid_from_string(arg);
+                               continue;
                        case EOF:
                                break;
                        default:
@@ -399,6 +404,7 @@ static int self()
                                                BUILD_POLICY_REQUIRE_EXPLICIT, require_explicit,
                                                BUILD_POLICY_INHIBIT_MAPPING, inhibit_mapping,
                                                BUILD_POLICY_INHIBIT_ANY, inhibit_any,
+                                               BUILD_CRITICAL_EXTENSION, critical_extension_oid,
                                                BUILD_END);
        if (!cert)
        {
@@ -430,6 +436,7 @@ end:
        mappings->destroy_function(mappings, (void*)destroy_policy_mapping);
        ocsp->destroy(ocsp);
        signature_params_destroy(scheme);
+       free(critical_extension_oid.ptr);
        free(encoding.ptr);
        free(serial.ptr);
 
@@ -448,6 +455,7 @@ usage:
        policies->destroy_function(policies, (void*)destroy_cert_policy);
        mappings->destroy_function(mappings, (void*)destroy_policy_mapping);
        ocsp->destroy(ocsp);
+       free(critical_extension_oid.ptr);
        return command_usage(error);
 }
 
@@ -468,7 +476,7 @@ static void __attribute__ ((constructor))reg()
                 "[--policy-explicit len] [--policy-inhibit len] [--policy-any len]",
                 "[--cert-policy oid [--cps-uri uri] [--user-notice text]]+",
                 "[--digest md5|sha1|sha224|sha256|sha384|sha512|sha3_224|sha3_256|sha3_384|sha3_512]",
-                "[--rsa-padding pkcs1|pss]",
+                "[--rsa-padding pkcs1|pss] [--critical oid]",
                 "[--outform der|pem]"},
                {
                        {"help",                        'h', 0, "show usage information"},
@@ -498,6 +506,7 @@ static void __attribute__ ((constructor))reg()
                        {"ocsp",                        'o', 1, "OCSP AuthorityInfoAccess URI to include"},
                        {"digest",                      'g', 1, "digest for signature creation, default: key-specific"},
                        {"rsa-padding",         'R', 1, "padding for RSA signatures, default: pkcs1"},
+                       {"critical",            'X', 1, "critical extension OID to include for test purposes"},
                        {"outform",                     'f', 1, "encoding of generated cert, default: der"},
                }
        });
index 8c234fe..dfe1ce0 100644 (file)
@@ -2,7 +2,7 @@
  * Copyright (C) 2010 Martin Willi
  * Copyright (C) 2010 revosec AG
  *
- * Copyright (C) 2017 Andreas Steffen
+ * Copyright (C) 2017-2019 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -25,6 +25,7 @@
 #include <credentials/certificates/certificate.h>
 #include <credentials/certificates/x509.h>
 #include <credentials/certificates/crl.h>
+#include <asn1/asn1.h>
 
 
 /**
@@ -133,6 +134,7 @@ static int sign_crl()
        enumerator_t *enumerator, *lastenum = NULL;
        x509_cdp_t *cdp;
        chunk_t crl_serial = chunk_empty, baseCrlNumber = chunk_empty;
+       chunk_t critical_extension_oid = chunk_empty;
        chunk_t encoding = chunk_empty;
        bool pss = lib->settings->get_bool(lib->settings, "%s.rsa_pss", FALSE,
                                                                           lib->ns);
@@ -279,6 +281,10 @@ static int sign_crl()
                                        goto usage;
                                }
                                continue;
+                       case 'X':
+                               chunk_free(&critical_extension_oid);
+                               critical_extension_oid = asn1_oid_from_string(arg);
+                               continue;
                        case EOF:
                                break;
                        default:
@@ -414,6 +420,7 @@ static int sign_crl()
                        BUILD_REVOKED_ENUMERATOR, enumerator,
                        BUILD_REVOKED_ENUMERATOR, lastenum, BUILD_SIGNATURE_SCHEME, scheme,
                        BUILD_CRL_DISTRIBUTION_POINTS, cdps, BUILD_BASE_CRL, baseCrlNumber,
+                       BUILD_CRITICAL_EXTENSION, critical_extension_oid,
                        BUILD_END);
        enumerator->destroy(enumerator);
 
@@ -442,6 +449,7 @@ error:
        DESTROY_IF(lastenum);
        DESTROY_IF((certificate_t*)lastcrl);
        signature_params_destroy(scheme);
+       free(critical_extension_oid.ptr);
        free(encoding.ptr);
        free(baseCrlNumber.ptr);
        free(crl_serial.ptr);
@@ -457,6 +465,7 @@ error:
 usage:
        list->destroy_function(list, (void*)revoked_destroy);
        cdps->destroy_function(cdps, (void*)x509_cdp_destroy);
+       free(critical_extension_oid.ptr);
        return command_usage(error);
 }
 
@@ -474,7 +483,7 @@ static void __attribute__ ((constructor))reg()
                 "           superseded|cessation-of-operation|certificate-hold]",
                 " [--date timestamp] --cert file|--serial hex]*",
                 "[--digest md5|sha1|sha224|sha256|sha384|sha512|sha3_224|sha3_256|sha3_384|sha3_512]",
-                "[--rsa-padding pkcs1|pss]",
+                "[--rsa-padding pkcs1|pss] [--critical oid]",
                 "[--outform der|pem]"},
                {
                        {"help",                'h', 0, "show usage information"},
@@ -494,6 +503,7 @@ static void __attribute__ ((constructor))reg()
                        {"date",                'd', 1, "revocation date as unix timestamp, default: now"},
                        {"digest",              'g', 1, "digest for signature creation, default: key-specific"},
                        {"rsa-padding", 'R', 1, "padding for RSA signatures, default: pkcs1"},
+                       {"critical",    'X', 1, "critical extension OID to include for test purposes"},
                        {"outform",             'f', 1, "encoding of generated crl, default: der"},
                }
        });
index 8aec653..99dcaca 100644 (file)
@@ -1,4 +1,4 @@
-.TH "PKI \-\-ISSUE" 1 "2016-12-13" "@PACKAGE_VERSION@" "strongSwan"
+.TH "PKI \-\-ISSUE" 1 "2019-05-06" "@PACKAGE_VERSION@" "strongSwan"
 .
 .SH "NAME"
 .
@@ -24,9 +24,10 @@ pki \-\-issue \- Issue a certificate using a CA certificate and key
 .OP \-\-crl uri\ \fR[\fB\-\-crlissuer\ \fIissuer\fR]
 .OP \-\-ocsp uri
 .OP \-\-pathlen len
-.OP \-\-nc-permitted name
 .OP \-\-addrblock block
+.OP \-\-nc-permitted name
 .OP \-\-nc-excluded name
+.OP \-\-critical oid
 .OP \-\-policy\-mapping mapping
 .OP \-\-policy\-explicit len
 .OP \-\-policy\-inhibit len
@@ -181,6 +182,9 @@ or
 .B email:
 prefix to force a constraint type.
 .TP
+.BI "\-X, \-\-critical " oid
+Add a critical extension with the given OID.
+.TP
 .BI "\-M, \-\-policy-mapping " issuer-oid:subject-oid
 Add policyMapping from issuer to subject OID.
 .TP
index 148b95e..594643a 100644 (file)
@@ -1,4 +1,4 @@
-.TH "PKI \-\-KEYID" 1 "2013-07-31" "@PACKAGE_VERSION@" "strongSwan"
+.TH "PKI \-\-KEYID" 1 "2019-04-29" "@PACKAGE_VERSION@" "strongSwan"
 .
 .SH "NAME"
 .
@@ -11,6 +11,8 @@ pki \-\-keyid \- Calculate key identifiers of a key or certificate
 .IR file | \fB\-\-keyid\fR
 .IR hex ]
 .OP \-\-type type
+.OP \-\-id id-type
+.OP \-\-format format
 .OP \-\-debug level
 .YS
 .
@@ -54,23 +56,44 @@ Type of input. One of \fIpriv\fR (private key), \fIrsa\fR (RSA private key),
 \fIecdsa\fR (ECDSA private key), \fIbliss\fR (BLISS private key),
 \fIpub\fR (public key), \fIpkcs10\fR (PKCS#10 certificate request),
 \fIx509\fR (X.509 certificate), defaults to \fIpriv\fR.
+.TP
+.BI "\-I, \-\-id " id-type
+Type of identifier. One of \fIall\fR (all identifiers), \fIspk\fR (SHA-1 hash
+of subjectPublicKey), \fIspki\fR (SHA-1 hash of subjectPublicKeyInfo), defaults
+to \fIall\fR.
+.TP
+.BI "\-f, \-\-format " format
+Output format. One of \fIpretty\fR (user-readable output), \fIhex\fR
+(hexadecimal encoding), \fIbase64\fR (Base64 encoding), \fIbin\fR (raw binary
+data), defaults to \fIpretty\fR.
 .
 .SH "EXAMPLES"
 .
 Calculate key identifiers of an RSA private key:
 .PP
 .EX
-  pki --keyid --in key.der
-  subjectKeyIdentifier:      6a:9c:74:d1:f8:89:79:89:f6:5a:94:e9:89:f1...
-  subjectPublicKeyInfo hash: 6e:55:dc:7e:9c:a5:58:d9:5b:e3:c7:13:14:e1...
+  $ pki --keyid --in key.der
+  subjkey (SHA-1 of subjectPublicKey):
+               6a:9c:74:d1:f8:89:79:89:f6:5a:94:e9:89:f1...
+  keyid (SHA-1 of subjectPublicKeyInfo):
+               6e:55:dc:7e:9c:a5:58:d9:5b:e3:c7:13:14:e1...
 .EE
 .PP
 Calculate key identifiers of an X.509 certificate:
 .PP
 .EX
-  pki --keyid --in cert.der --type x509
-  subjectKeyIdentifier:      6a:9c:74:d1:f8:89:79:89:f6:5a:94:e9:89:f1...
-  subjectPublicKeyInfo hash: 6e:55:dc:7e:9c:a5:58:d9:5b:e3:c7:13:14:e1...
+  $ pki --keyid --in cert.der --type x509
+  subjkey (SHA-1 of subjectPublicKey):
+               6a:9c:74:d1:f8:89:79:89:f6:5a:94:e9:89:f1...
+  keyid (SHA-1 of subjectPublicKeyInfo):
+               6e:55:dc:7e:9c:a5:58:d9:5b:e3:c7:13:14:e1...
+.EE
+.PP
+Calculate keyid in simple hex encoding of an X.509 certificate:
+.PP
+.EX
+  $ pki --keyid --in cert.der --type x509 --id spki --format hex
+  6e55dc7e9ca558d95be3c71314e1...
 .EE
 .PP
 .
index 5f7e421..6e04609 100644 (file)
@@ -1,4 +1,4 @@
-.TH "PKI \-\-SELF" 1 "2016-12-13" "@PACKAGE_VERSION@" "strongSwan"
+.TH "PKI \-\-SELF" 1 "2019-05-06" "@PACKAGE_VERSION@" "strongSwan"
 .
 .SH "NAME"
 .
@@ -26,6 +26,7 @@ pki \-\-self \- Create a self-signed certificate
 .OP \-\-addrblock block
 .OP \-\-nc-permitted name
 .OP \-\-nc-excluded name
+.OP \-\-critical oid
 .OP \-\-policy\-mapping mapping
 .OP \-\-policy\-explicit len
 .OP \-\-policy\-inhibit len
@@ -160,6 +161,9 @@ or
 .B email:
 prefix to force a constraint type.
 .TP
+.BI "\-X, \-\-critical " oid
+Add a critical extension with the given OID.
+.TP
 .BI "\-M, \-\-policy-mapping " issuer-oid:subject-oid
 Add policyMapping from issuer to subject OID.
 .TP
index 0abd166..781de8b 100644 (file)
@@ -1,4 +1,4 @@
-.TH "PKI \-\-SIGNCRL" 1 "2013-08-12" "@PACKAGE_VERSION@" "strongSwan"
+.TH "PKI \-\-SIGNCRL" 1 "2019-05-06" "@PACKAGE_VERSION@" "strongSwan"
 .
 .SH "NAME"
 .
@@ -18,6 +18,7 @@ pki \-\-signcrl \- Issue a Certificate Revocation List (CRL) using a CA certific
 .OP \-\-digest digest
 .OP \-\-rsa\-padding padding
 .OP \fR[\fB\-\-reason\ \fIreason\fR]\ \fR[\fB\-\-date\ \fIts\fR]\ \fB\-\-cert\ \fIfile\fB|\-\-serial\ \fIhex\fR
+.OP \-\-critical oid
 .OP \-\-outform encoding
 .OP \-\-debug level
 .YS
@@ -107,6 +108,9 @@ determined based on the type and size of the signature key.
 Padding to use for RSA signatures. Either \fIpkcs1\fR or \fIpss\fR, defaults
 to \fIpkcs1\fR.
 .TP
+.BI "\-X, \-\-critical " oid
+Add a critical extension with the given OID.
+.TP
 .BI "\-f, \-\-outform " encoding
 Encoding of the created certificate file. Either \fIder\fR (ASN.1 DER) or
 \fIpem\fR (Base64 PEM), defaults to \fIder\fR.
index d03e96f..bb6b278 100644 (file)
@@ -427,6 +427,8 @@ static void remove_callback()
  */
 int main(int argc, char *argv[])
 {
+       char *plugins;
+
        atexit(library_deinit);
        if (!library_init(NULL, "pki"))
        {
@@ -438,8 +440,12 @@ int main(int argc, char *argv[])
                fprintf(stderr, "integrity check of pki failed\n");
                exit(SS_RC_DAEMON_INTEGRITY);
        }
-       if (!lib->plugins->load(lib->plugins,
-                       lib->settings->get_str(lib->settings, "pki.load", PLUGINS)))
+       plugins = getenv("PKI_PLUGINS");
+       if (!plugins)
+       {
+               plugins = lib->settings->get_str(lib->settings, "pki.load", PLUGINS);
+       }
+       if (!lib->plugins->load(lib->plugins, plugins))
        {
                exit(SS_RC_INITIALIZATION_FAILED);
        }
index 0195c89..0ad9f17 100644 (file)
@@ -2,3 +2,11 @@ EXTRA_DIST = do-tests make-testing ssh start-testing stop-testing \
              testing.conf ssh_config config hosts images scripts tests \
                         README
 
+# exclude all files ignored by Git from the tarball
+dist-hook:
+       if git -C $(srcdir) ls-files --error-unmatch hosts > /dev/null 2>&1; then \
+               find $(abs_srcdir)/hosts $(abs_srcdir)/tests -print0 | \
+                       sed -z -e "s|^$(abs_srcdir)/||" | \
+                       git -C $(srcdir) check-ignore -z --stdin | \
+                       xargs -0 -I{} rm -rf $(distdir)/{}; \
+       fi
diff --git a/testing/config/kernel/config-5.1 b/testing/config/kernel/config-5.1
new file mode 100644 (file)
index 0000000..cfad130
--- /dev/null
@@ -0,0 +1,2724 @@
+#
+# Automatically generated file; DO NOT EDIT.
+# Linux/x86 5.1.0 Kernel Configuration
+#
+
+#
+# Compiler: gcc (Ubuntu 7.4.0-1ubuntu1~18.04) 7.4.0
+#
+CONFIG_CC_IS_GCC=y
+CONFIG_GCC_VERSION=70400
+CONFIG_CLANG_VERSION=0
+CONFIG_CC_HAS_ASM_GOTO=y
+CONFIG_CC_HAS_WARN_MAYBE_UNINITIALIZED=y
+CONFIG_CC_DISABLE_WARN_MAYBE_UNINITIALIZED=y
+CONFIG_IRQ_WORK=y
+CONFIG_BUILDTIME_EXTABLE_SORT=y
+CONFIG_THREAD_INFO_IN_TASK=y
+
+#
+# General setup
+#
+CONFIG_BROKEN_ON_SMP=y
+CONFIG_INIT_ENV_ARG_LIMIT=32
+# CONFIG_COMPILE_TEST is not set
+CONFIG_LOCALVERSION=""
+CONFIG_LOCALVERSION_AUTO=y
+CONFIG_BUILD_SALT=""
+CONFIG_HAVE_KERNEL_GZIP=y
+CONFIG_HAVE_KERNEL_BZIP2=y
+CONFIG_HAVE_KERNEL_LZMA=y
+CONFIG_HAVE_KERNEL_XZ=y
+CONFIG_HAVE_KERNEL_LZO=y
+CONFIG_HAVE_KERNEL_LZ4=y
+CONFIG_KERNEL_GZIP=y
+# CONFIG_KERNEL_BZIP2 is not set
+# CONFIG_KERNEL_LZMA is not set
+# CONFIG_KERNEL_XZ is not set
+# CONFIG_KERNEL_LZO is not set
+# CONFIG_KERNEL_LZ4 is not set
+CONFIG_DEFAULT_HOSTNAME="(none)"
+CONFIG_SWAP=y
+CONFIG_SYSVIPC=y
+CONFIG_SYSVIPC_SYSCTL=y
+CONFIG_POSIX_MQUEUE=y
+CONFIG_POSIX_MQUEUE_SYSCTL=y
+CONFIG_CROSS_MEMORY_ATTACH=y
+CONFIG_USELIB=y
+# CONFIG_AUDIT is not set
+CONFIG_HAVE_ARCH_AUDITSYSCALL=y
+
+#
+# IRQ subsystem
+#
+CONFIG_GENERIC_IRQ_PROBE=y
+CONFIG_GENERIC_IRQ_SHOW=y
+CONFIG_IRQ_DOMAIN=y
+CONFIG_IRQ_DOMAIN_HIERARCHY=y
+CONFIG_GENERIC_MSI_IRQ=y
+CONFIG_GENERIC_MSI_IRQ_DOMAIN=y
+CONFIG_GENERIC_IRQ_MATRIX_ALLOCATOR=y
+CONFIG_GENERIC_IRQ_RESERVATION_MODE=y
+CONFIG_IRQ_FORCED_THREADING=y
+CONFIG_SPARSE_IRQ=y
+CONFIG_CLOCKSOURCE_WATCHDOG=y
+CONFIG_ARCH_CLOCKSOURCE_DATA=y
+CONFIG_ARCH_CLOCKSOURCE_INIT=y
+CONFIG_CLOCKSOURCE_VALIDATE_LAST_CYCLE=y
+CONFIG_GENERIC_TIME_VSYSCALL=y
+CONFIG_GENERIC_CLOCKEVENTS=y
+CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y
+CONFIG_GENERIC_CLOCKEVENTS_MIN_ADJUST=y
+CONFIG_GENERIC_CMOS_UPDATE=y
+
+#
+# Timers subsystem
+#
+CONFIG_TICK_ONESHOT=y
+CONFIG_NO_HZ_COMMON=y
+# CONFIG_HZ_PERIODIC is not set
+CONFIG_NO_HZ_IDLE=y
+CONFIG_NO_HZ=y
+CONFIG_HIGH_RES_TIMERS=y
+CONFIG_PREEMPT_NONE=y
+# CONFIG_PREEMPT_VOLUNTARY is not set
+# CONFIG_PREEMPT is not set
+
+#
+# CPU/Task time and stats accounting
+#
+CONFIG_TICK_CPU_ACCOUNTING=y
+# CONFIG_VIRT_CPU_ACCOUNTING_GEN is not set
+# CONFIG_IRQ_TIME_ACCOUNTING is not set
+CONFIG_BSD_PROCESS_ACCT=y
+# CONFIG_BSD_PROCESS_ACCT_V3 is not set
+# CONFIG_TASKSTATS is not set
+# CONFIG_PSI is not set
+
+#
+# RCU Subsystem
+#
+CONFIG_TINY_RCU=y
+# CONFIG_RCU_EXPERT is not set
+CONFIG_SRCU=y
+CONFIG_TINY_SRCU=y
+CONFIG_BUILD_BIN2C=y
+CONFIG_IKCONFIG=y
+CONFIG_IKCONFIG_PROC=y
+CONFIG_LOG_BUF_SHIFT=14
+CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT=13
+CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
+CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
+CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y
+CONFIG_ARCH_SUPPORTS_INT128=y
+CONFIG_CGROUPS=y
+CONFIG_PAGE_COUNTER=y
+CONFIG_MEMCG=y
+CONFIG_MEMCG_SWAP=y
+CONFIG_MEMCG_SWAP_ENABLED=y
+CONFIG_MEMCG_KMEM=y
+CONFIG_BLK_CGROUP=y
+# CONFIG_DEBUG_BLK_CGROUP is not set
+CONFIG_CGROUP_WRITEBACK=y
+CONFIG_CGROUP_SCHED=y
+CONFIG_FAIR_GROUP_SCHED=y
+CONFIG_CFS_BANDWIDTH=y
+# CONFIG_RT_GROUP_SCHED is not set
+CONFIG_CGROUP_PIDS=y
+# CONFIG_CGROUP_RDMA is not set
+CONFIG_CGROUP_FREEZER=y
+CONFIG_CGROUP_DEVICE=y
+CONFIG_CGROUP_CPUACCT=y
+CONFIG_CGROUP_PERF=y
+# CONFIG_CGROUP_DEBUG is not set
+CONFIG_SOCK_CGROUP_DATA=y
+CONFIG_NAMESPACES=y
+# CONFIG_UTS_NS is not set
+# CONFIG_IPC_NS is not set
+# CONFIG_USER_NS is not set
+# CONFIG_PID_NS is not set
+CONFIG_NET_NS=y
+# CONFIG_CHECKPOINT_RESTORE is not set
+# CONFIG_SCHED_AUTOGROUP is not set
+# CONFIG_SYSFS_DEPRECATED is not set
+# CONFIG_RELAY is not set
+# CONFIG_BLK_DEV_INITRD is not set
+# CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE is not set
+CONFIG_CC_OPTIMIZE_FOR_SIZE=y
+CONFIG_SYSCTL=y
+CONFIG_ANON_INODES=y
+CONFIG_SYSCTL_EXCEPTION_TRACE=y
+CONFIG_HAVE_PCSPKR_PLATFORM=y
+CONFIG_BPF=y
+# CONFIG_EXPERT is not set
+CONFIG_MULTIUSER=y
+CONFIG_SGETMASK_SYSCALL=y
+CONFIG_SYSFS_SYSCALL=y
+CONFIG_FHANDLE=y
+CONFIG_POSIX_TIMERS=y
+CONFIG_PRINTK=y
+CONFIG_PRINTK_NMI=y
+CONFIG_BUG=y
+CONFIG_ELF_CORE=y
+CONFIG_PCSPKR_PLATFORM=y
+CONFIG_BASE_FULL=y
+CONFIG_FUTEX=y
+CONFIG_FUTEX_PI=y
+CONFIG_EPOLL=y
+CONFIG_SIGNALFD=y
+CONFIG_TIMERFD=y
+CONFIG_EVENTFD=y
+CONFIG_SHMEM=y
+CONFIG_AIO=y
+CONFIG_IO_URING=y
+CONFIG_ADVISE_SYSCALLS=y
+CONFIG_MEMBARRIER=y
+CONFIG_KALLSYMS=y
+# CONFIG_KALLSYMS_ALL is not set
+CONFIG_KALLSYMS_BASE_RELATIVE=y
+# CONFIG_BPF_SYSCALL is not set
+# CONFIG_USERFAULTFD is not set
+CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y
+CONFIG_RSEQ=y
+# CONFIG_EMBEDDED is not set
+CONFIG_HAVE_PERF_EVENTS=y
+
+#
+# Kernel Performance Events And Counters
+#
+CONFIG_PERF_EVENTS=y
+# CONFIG_DEBUG_PERF_USE_VMALLOC is not set
+CONFIG_VM_EVENT_COUNTERS=y
+CONFIG_COMPAT_BRK=y
+CONFIG_SLAB=y
+# CONFIG_SLUB is not set
+CONFIG_SLAB_MERGE_DEFAULT=y
+# CONFIG_SLAB_FREELIST_RANDOM is not set
+# CONFIG_PROFILING is not set
+CONFIG_64BIT=y
+CONFIG_X86_64=y
+CONFIG_X86=y
+CONFIG_INSTRUCTION_DECODER=y
+CONFIG_OUTPUT_FORMAT="elf64-x86-64"
+CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig"
+CONFIG_LOCKDEP_SUPPORT=y
+CONFIG_STACKTRACE_SUPPORT=y
+CONFIG_MMU=y
+CONFIG_ARCH_MMAP_RND_BITS_MIN=28
+CONFIG_ARCH_MMAP_RND_BITS_MAX=32
+CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8
+CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16
+CONFIG_GENERIC_ISA_DMA=y
+CONFIG_GENERIC_BUG=y
+CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y
+CONFIG_GENERIC_HWEIGHT=y
+CONFIG_ARCH_MAY_HAVE_PC_FDC=y
+CONFIG_RWSEM_XCHGADD_ALGORITHM=y
+CONFIG_GENERIC_CALIBRATE_DELAY=y
+CONFIG_ARCH_HAS_CPU_RELAX=y
+CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
+CONFIG_ARCH_HAS_FILTER_PGPROT=y
+CONFIG_HAVE_SETUP_PER_CPU_AREA=y
+CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y
+CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
+CONFIG_ARCH_HIBERNATION_POSSIBLE=y
+CONFIG_ARCH_SUSPEND_POSSIBLE=y
+CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y
+CONFIG_ARCH_WANT_GENERAL_HUGETLB=y
+CONFIG_ZONE_DMA32=y
+CONFIG_AUDIT_ARCH=y
+CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y
+CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y
+CONFIG_ARCH_SUPPORTS_UPROBES=y
+CONFIG_FIX_EARLYCON_MEM=y
+CONFIG_PGTABLE_LEVELS=4
+CONFIG_CC_HAS_SANE_STACKPROTECTOR=y
+
+#
+# Processor type and features
+#
+CONFIG_ZONE_DMA=y
+# CONFIG_SMP is not set
+CONFIG_X86_FEATURE_NAMES=y
+CONFIG_X86_MPPARSE=y
+# CONFIG_GOLDFISH is not set
+CONFIG_RETPOLINE=y
+# CONFIG_X86_CPU_RESCTRL is not set
+CONFIG_X86_EXTENDED_PLATFORM=y
+# CONFIG_X86_GOLDFISH is not set
+# CONFIG_X86_INTEL_MID is not set
+# CONFIG_X86_INTEL_LPSS is not set
+# CONFIG_X86_AMD_PLATFORM_DEVICE is not set
+CONFIG_IOSF_MBI=y
+CONFIG_SCHED_OMIT_FRAME_POINTER=y
+# CONFIG_HYPERVISOR_GUEST is not set
+# CONFIG_MK8 is not set
+# CONFIG_MPSC is not set
+CONFIG_MCORE2=y
+# CONFIG_MATOM is not set
+# CONFIG_GENERIC_CPU is not set
+CONFIG_X86_INTERNODE_CACHE_SHIFT=6
+CONFIG_X86_L1_CACHE_SHIFT=6
+CONFIG_X86_INTEL_USERCOPY=y
+CONFIG_X86_USE_PPRO_CHECKSUM=y
+CONFIG_X86_P6_NOP=y
+CONFIG_X86_TSC=y
+CONFIG_X86_CMPXCHG64=y
+CONFIG_X86_CMOV=y
+CONFIG_X86_MINIMUM_CPU_FAMILY=64
+CONFIG_X86_DEBUGCTLMSR=y
+CONFIG_CPU_SUP_INTEL=y
+CONFIG_CPU_SUP_AMD=y
+CONFIG_CPU_SUP_HYGON=y
+CONFIG_CPU_SUP_CENTAUR=y
+CONFIG_HPET_TIMER=y
+CONFIG_DMI=y
+CONFIG_GART_IOMMU=y
+# CONFIG_CALGARY_IOMMU is not set
+CONFIG_NR_CPUS_RANGE_BEGIN=1
+CONFIG_NR_CPUS_RANGE_END=1
+CONFIG_NR_CPUS_DEFAULT=1
+CONFIG_NR_CPUS=1
+CONFIG_UP_LATE_INIT=y
+CONFIG_X86_LOCAL_APIC=y
+CONFIG_X86_IO_APIC=y
+# CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS is not set
+# CONFIG_X86_MCE is not set
+
+#
+# Performance monitoring
+#
+CONFIG_PERF_EVENTS_INTEL_UNCORE=y
+CONFIG_PERF_EVENTS_INTEL_RAPL=y
+CONFIG_PERF_EVENTS_INTEL_CSTATE=y
+# CONFIG_PERF_EVENTS_AMD_POWER is not set
+CONFIG_X86_16BIT=y
+CONFIG_X86_ESPFIX64=y
+CONFIG_X86_VSYSCALL_EMULATION=y
+# CONFIG_I8K is not set
+CONFIG_MICROCODE=y
+CONFIG_MICROCODE_INTEL=y
+# CONFIG_MICROCODE_AMD is not set
+CONFIG_MICROCODE_OLD_INTERFACE=y
+# CONFIG_X86_MSR is not set
+# CONFIG_X86_CPUID is not set
+# CONFIG_X86_5LEVEL is not set
+CONFIG_X86_DIRECT_GBPAGES=y
+CONFIG_ARCH_HAS_MEM_ENCRYPT=y
+# CONFIG_AMD_MEM_ENCRYPT is not set
+CONFIG_ARCH_SPARSEMEM_ENABLE=y
+CONFIG_ARCH_SPARSEMEM_DEFAULT=y
+CONFIG_ARCH_SELECT_MEMORY_MODEL=y
+CONFIG_ARCH_MEMORY_PROBE=y
+CONFIG_ARCH_PROC_KCORE_TEXT=y
+CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000
+# CONFIG_X86_PMEM_LEGACY is not set
+# CONFIG_X86_CHECK_BIOS_CORRUPTION is not set
+CONFIG_X86_RESERVE_LOW=64
+CONFIG_MTRR=y
+CONFIG_MTRR_SANITIZER=y
+CONFIG_MTRR_SANITIZER_ENABLE_DEFAULT=0
+CONFIG_MTRR_SANITIZER_SPARE_REG_NR_DEFAULT=1
+CONFIG_X86_PAT=y
+CONFIG_ARCH_USES_PG_UNCACHED=y
+CONFIG_ARCH_RANDOM=y
+CONFIG_X86_SMAP=y
+CONFIG_X86_INTEL_UMIP=y
+# CONFIG_X86_INTEL_MPX is not set
+CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS=y
+# CONFIG_EFI is not set
+CONFIG_SECCOMP=y
+# CONFIG_HZ_100 is not set
+CONFIG_HZ_250=y
+# CONFIG_HZ_300 is not set
+# CONFIG_HZ_1000 is not set
+CONFIG_HZ=250
+CONFIG_SCHED_HRTICK=y
+# CONFIG_KEXEC is not set
+# CONFIG_KEXEC_FILE is not set
+# CONFIG_CRASH_DUMP is not set
+CONFIG_PHYSICAL_START=0x1000000
+CONFIG_RELOCATABLE=y
+# CONFIG_RANDOMIZE_BASE is not set
+CONFIG_PHYSICAL_ALIGN=0x1000000
+CONFIG_LEGACY_VSYSCALL_EMULATE=y
+# CONFIG_LEGACY_VSYSCALL_NONE is not set
+# CONFIG_CMDLINE_BOOL is not set
+CONFIG_MODIFY_LDT_SYSCALL=y
+CONFIG_HAVE_LIVEPATCH=y
+CONFIG_ARCH_HAS_ADD_PAGES=y
+CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
+CONFIG_ARCH_ENABLE_MEMORY_HOTREMOVE=y
+CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y
+
+#
+# Power management and ACPI options
+#
+CONFIG_SUSPEND=y
+CONFIG_SUSPEND_FREEZER=y
+# CONFIG_HIBERNATION is not set
+CONFIG_PM_SLEEP=y
+# CONFIG_PM_AUTOSLEEP is not set
+# CONFIG_PM_WAKELOCKS is not set
+CONFIG_PM=y
+# CONFIG_PM_DEBUG is not set
+CONFIG_PM_CLK=y
+# CONFIG_WQ_POWER_EFFICIENT_DEFAULT is not set
+CONFIG_ARCH_SUPPORTS_ACPI=y
+CONFIG_ACPI=y
+CONFIG_ACPI_LEGACY_TABLES_LOOKUP=y
+CONFIG_ARCH_MIGHT_HAVE_ACPI_PDC=y
+CONFIG_ACPI_SYSTEM_POWER_STATES_SUPPORT=y
+# CONFIG_ACPI_DEBUGGER is not set
+CONFIG_ACPI_SPCR_TABLE=y
+CONFIG_ACPI_LPIT=y
+CONFIG_ACPI_SLEEP=y
+# CONFIG_ACPI_PROCFS_POWER is not set
+CONFIG_ACPI_REV_OVERRIDE_POSSIBLE=y
+# CONFIG_ACPI_EC_DEBUGFS is not set
+CONFIG_ACPI_AC=y
+CONFIG_ACPI_BATTERY=y
+CONFIG_ACPI_BUTTON=y
+CONFIG_ACPI_FAN=y
+# CONFIG_ACPI_TAD is not set
+# CONFIG_ACPI_DOCK is not set
+CONFIG_ACPI_CPU_FREQ_PSS=y
+CONFIG_ACPI_PROCESSOR_CSTATE=y
+CONFIG_ACPI_PROCESSOR_IDLE=y
+CONFIG_ACPI_PROCESSOR=y
+# CONFIG_ACPI_PROCESSOR_AGGREGATOR is not set
+CONFIG_ACPI_THERMAL=y
+CONFIG_ARCH_HAS_ACPI_TABLE_UPGRADE=y
+# CONFIG_ACPI_DEBUG is not set
+# CONFIG_ACPI_PCI_SLOT is not set
+# CONFIG_ACPI_CONTAINER is not set
+# CONFIG_ACPI_HOTPLUG_MEMORY is not set
+CONFIG_ACPI_HOTPLUG_IOAPIC=y
+# CONFIG_ACPI_SBS is not set
+# CONFIG_ACPI_HED is not set
+# CONFIG_ACPI_NFIT is not set
+CONFIG_HAVE_ACPI_APEI=y
+CONFIG_HAVE_ACPI_APEI_NMI=y
+# CONFIG_ACPI_APEI is not set
+# CONFIG_DPTF_POWER is not set
+# CONFIG_PMIC_OPREGION is not set
+# CONFIG_ACPI_CONFIGFS is not set
+CONFIG_X86_PM_TIMER=y
+# CONFIG_SFI is not set
+
+#
+# CPU Frequency scaling
+#
+# CONFIG_CPU_FREQ is not set
+
+#
+# CPU Idle
+#
+CONFIG_CPU_IDLE=y
+CONFIG_CPU_IDLE_GOV_LADDER=y
+CONFIG_CPU_IDLE_GOV_MENU=y
+# CONFIG_CPU_IDLE_GOV_TEO is not set
+# CONFIG_INTEL_IDLE is not set
+
+#
+# Bus options (PCI etc.)
+#
+CONFIG_PCI_DIRECT=y
+# CONFIG_PCI_MMCONFIG is not set
+CONFIG_ISA_DMA_API=y
+CONFIG_AMD_NB=y
+# CONFIG_X86_SYSFB is not set
+
+#
+# Binary Emulations
+#
+# CONFIG_IA32_EMULATION is not set
+# CONFIG_X86_X32 is not set
+CONFIG_X86_DEV_DMA_OPS=y
+CONFIG_HAVE_GENERIC_GUP=y
+
+#
+# Firmware Drivers
+#
+# CONFIG_EDD is not set
+CONFIG_FIRMWARE_MEMMAP=y
+CONFIG_DMIID=y
+# CONFIG_DMI_SYSFS is not