define explicit IKEv1 key exchange mode
authorAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 7 Oct 2010 05:31:44 +0000 (07:31 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 7 Oct 2010 05:31:44 +0000 (07:31 +0200)
61 files changed:
testing/hosts/alice/etc/ipsec.conf
testing/hosts/bob/etc/ipsec.conf
testing/hosts/carol/etc/ipsec.conf
testing/hosts/dave/etc/ipsec.conf
testing/hosts/moon/etc/ipsec.conf
testing/hosts/sun/etc/ipsec.conf
testing/hosts/venus/etc/ipsec.conf
testing/tests/gcrypt-ikev1/alg-camellia/hosts/carol/etc/ipsec.conf
testing/tests/gcrypt-ikev1/alg-camellia/hosts/moon/etc/ipsec.conf
testing/tests/gcrypt-ikev1/alg-serpent/hosts/carol/etc/ipsec.conf
testing/tests/gcrypt-ikev1/alg-serpent/hosts/moon/etc/ipsec.conf
testing/tests/gcrypt-ikev1/alg-twofish/hosts/carol/etc/ipsec.conf
testing/tests/gcrypt-ikev1/alg-twofish/hosts/moon/etc/ipsec.conf
testing/tests/ike/rw-cert/hosts/dave/etc/ipsec.conf
testing/tests/ike/rw-cert/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/after-2038-certs/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/after-2038-certs/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/alg-blowfish/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/alg-blowfish/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/alg-sha256-96/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/alg-sha256-96/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/alg-sha256/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/alg-sha256/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/alg-sha384/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/alg-sha384/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/alg-sha512/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/alg-sha512/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/attr-cert/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/attr-cert/hosts/dave/etc/ipsec.conf
testing/tests/ikev1/attr-cert/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/compress/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/compress/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/crl-from-cache/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/crl-from-cache/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/crl-ldap/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/crl-ldap/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/crl-revoked/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/crl-revoked/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/crl-strict/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/crl-strict/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/crl-to-cache/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/crl-to-cache/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/default-keys/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/default-keys/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/double-nat-net/hosts/alice/etc/ipsec.conf
testing/tests/ikev1/double-nat-net/hosts/bob/etc/ipsec.conf
testing/tests/ikev1/double-nat/hosts/alice/etc/ipsec.conf
testing/tests/ikev1/dpd-clear/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/dpd-restart/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/dpd-restart/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/dynamic-initiator/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/ipsec.conf
testing/tests/ikev1/dynamic-initiator/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/dynamic-responder/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/dynamic-responder/hosts/dave/etc/ipsec.conf
testing/tests/ikev1/dynamic-responder/hosts/moon/etc/ipsec.conf
testing/tests/ikev1/dynamic-two-peers/hosts/carol/etc/ipsec.conf
testing/tests/ikev1/dynamic-two-peers/hosts/dave/etc/ipsec.conf
testing/tests/ikev1/dynamic-two-peers/hosts/moon/etc/ipsec.conf
testing/tests/openssl-ikev1/alg-camellia/hosts/carol/etc/ipsec.conf
testing/tests/openssl-ikev1/alg-camellia/hosts/moon/etc/ipsec.conf

index 312cadb..134c1c0 100755 (executable)
@@ -12,6 +12,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
                
 conn nat-t
        left=%defaultroute
index 0172c04..62c0ec7 100755 (executable)
@@ -12,6 +12,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn nat-t
        left=%defaultroute
index af5c71b..1def6ca 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn home
        left=PH_IP_CAROL
index 16e5299..c9d559f 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn home
        left=PH_IP_DAVE
index 9512fb7..b1e6549 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_MOON
        leftcert=moonCert.pem
        leftid=@moon.strongswan.org
index 77d3fb1..083e589 100755 (executable)
@@ -12,6 +12,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_SUN
        leftcert=sunCert.pem
        leftid=@sun.strongswan.org
index 524640c..86cd6c9 100755 (executable)
@@ -12,6 +12,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn nat-t
        left=%defaultroute
index a24c697..cf51269 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=camellia128-sha256-modp2048!
        esp=camellia128-sha256!
 
index a8e09f8..5571dc0 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=camellia128-sha256-modp2048!
        esp=camellia128-sha256!
 
index 0848c36..462427a 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=serpent256-sha2_512-modp4096!
        esp=serpent256-sha2_512!
 
index 05edfc7..de3c1d1 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=serpent256-sha2_512-modp4096!
        esp=serpent256-sha2_512!
 
index 838291f..4c02699 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=twofish256-sha2_512-modp4096!
        esp=twofish256-sha2_512!
 
index c2ef128..d608ac2 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=twofish256-sha2_512-modp4096!
        esp=twofish256-sha2_512!
 
index a42c7a5..3be21d0 100755 (executable)
@@ -9,6 +9,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev2
 
 conn home
        left=PH_IP_DAVE
@@ -17,5 +18,4 @@ conn home
        right=PH_IP_MOON
        rightid=@moon.strongswan.org
        rightsubnet=10.1.0.0/16
-       keyexchange=ikev2
        auto=add
index 340b1a1..d90ab48 100755 (executable)
@@ -9,6 +9,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1 
 
 conn rw
        left=PH_IP_MOON
index d556389..528e3f1 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn home
        left=PH_IP_CAROL
index 94517ec..991ae43 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn rw
        left=PH_IP_MOON
index 3517077..57394c2 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=blowfish256-sha2_512-modp4096!
        esp=blowfish256-sha2_512!
 
index 1b4cca2..427c5d1 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=blowfish256-sha2_512-modp4096!
        esp=blowfish256-sha2_512!
 
index 2611115..2d6f87b 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=aes128-sha256-modp2048!
        esp=aes128-sha256_96!
 
index 758c7a2..b2a686d 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=aes128-sha256-modp2048!
        esp=aes128-sha256_96!
 
index 0e1db6f..66476b8 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=aes128-sha256-modp2048!
        esp=aes128-sha256!
 
index 584ffda..2b97ff4 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=aes128-sha256-modp2048!
        esp=aes128-sha256!
 
index c60c661..42df1dc 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=aes192-sha384-modp3072!
        esp=aes192-sha384!
 
index 2d361b3..a75d370 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=aes192-sha384-modp3072!
        esp=aes192-sha384!
 
index 6bd3ac8..329de39 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=aes256-sha512-modp4096!
        esp=aes256-sha512!
 
index a282691..8da459a 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=aes256-sha512-modp4096!
        esp=aes256-sha512!
 
index cdd6929..a84b3a6 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_CAROL
        leftcert=carolCert.pem
        leftid=carol@strongswan.org
index 285dc72..ce39035 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_DAVE
        leftcert=daveCert.pem
        leftid=dave@strongswan.org
index a0250f5..604a264 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1l
        left=PH_IP_MOON
        leftcert=moonCert.pem
        leftid=@moon.strongswan.org
index 4511809..f5050fe 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        compress=yes
 
 conn home
index a370ca4..aaf13f5 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        compress=yes
 
 conn rw
index 98e7df6..bb1879b 100755 (executable)
@@ -12,6 +12,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_CAROL
        leftcert=carolCert.pem
        leftid=carol@strongswan.org
index 25906e8..ec0bc2e 100755 (executable)
@@ -12,6 +12,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_MOON
        leftcert=moonCert.pem
        leftid=@moon.strongswan.org
index 1bc6cf4..5a7668c 100755 (executable)
@@ -17,6 +17,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=2
+       keyexchange=ikev1
 
 conn home
        left=PH_IP_CAROL
index fdfff13..1b80c0d 100755 (executable)
@@ -17,6 +17,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=2
+       keyexchange=ikev1
        left=PH_IP_MOON
        leftcert=moonCert.pem
        leftid=@moon.strongswan.org
index e0c758e..77f6cfc 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_CAROL
        leftcert=carolRevokedCert.pem
        leftid=carol@strongswan.org
index d3603b7..1c011dc 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_MOON
        leftcert=moonCert.pem
        leftid=@moon.strongswan.org
index d240302..b4bc210 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_CAROL
        leftcert=carolCert.pem
        leftid=carol@strongswan.org
index d3603b7..1c011dc 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_MOON
        leftcert=moonCert.pem
        leftid=@moon.strongswan.org
index 6c2de2e..3fbad90 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_CAROL
        leftcert=carolCert.pem
        leftid=carol@strongswan.org
index 8d07e42..0b9f891 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=PH_IP_MOON
        leftcert=moonCert.pem
        leftid=@moon.strongswan.org
index 307d0b6..4d5bff6 100755 (executable)
@@ -12,6 +12,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn home
        left=PH_IP_CAROL
index ce7afba..dd7ae0b 100755 (executable)
@@ -12,6 +12,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn carol
        left=PH_IP_MOON
index 5c07637..caad279 100755 (executable)
@@ -12,6 +12,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
                
 conn nat-t
        left=%defaultroute
index e79b2ca..32d2ab0 100755 (executable)
@@ -12,6 +12,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn nat-t
        left=%defaultroute
index 3533c3f..7de7a95 100755 (executable)
@@ -12,6 +12,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
                
 conn nat-t
        left=%defaultroute
index a50275d..34490a1 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        dpdaction=clear
        dpddelay=10
        dpdtimeout=30
index e6938e7..3c0b0bf 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn moon 
        left=%defaultroute
index ae9b35e..9f1aded 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
         dpdaction=restart
         dpddelay=5
         dpdtimeout=25
index d8b885a..acf503f 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn moon 
        left=%defaultroute
index d8b885a..acf503f 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn moon 
        left=%defaultroute
index bf39d75..ee28eeb 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=%defaultroute
        leftnexthop=%direct
        leftsubnet=10.1.0.0/16
index d8b885a..acf503f 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn moon 
        left=%defaultroute
index d8b885a..acf503f 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn moon 
        left=%defaultroute
index bf39d75..ee28eeb 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=%defaultroute
        leftnexthop=%direct
        leftsubnet=10.1.0.0/16
index 1f964d0..0f37e61 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn moon 
        left=%defaultroute
index c098ffd..ec35eac 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
 
 conn moon
        left=%defaultroute
index 45ec809..21848bc 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        left=%defaultroute
        leftnexthop=%direct
        leftsubnet=10.1.0.0/16
index c226d97..982b2fd 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=camellia192-sha384-modp3072!
        esp=camellia192-sha384!
 
index e26d972..b6f7192 100755 (executable)
@@ -11,6 +11,7 @@ conn %default
        keylife=20m
        rekeymargin=3m
        keyingtries=1
+       keyexchange=ikev1
        ike=camellia192-sha384-modp3072!
        esp=camellia192-sha384!