testing: Adapt some checks as SHA-384 is now preferred for TLS signatures
authorTobias Brunner <tobias@strongswan.org>
Thu, 18 Feb 2021 11:01:02 +0000 (12:01 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 18 Feb 2021 11:02:54 +0000 (12:02 +0100)
testing/tests/ikev2/rw-eap-tls-only/evaltest.dat
testing/tests/swanctl/rw-eap-tls-only/evaltest.dat

index 2c1b69e..100919a 100644 (file)
@@ -1,6 +1,6 @@
 carol::cat /var/log/daemon.log::server requested EAP_TLS authentication::YES
 carol::cat /var/log/daemon.log::allow mutual EAP-only authentication::YES
-carol::cat /var/log/daemon.log::negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256::YES
+carol::cat /var/log/daemon.log::negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384::YES
 carol::cat /var/log/daemon.log::authentication of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' with EAP successful::YES
 moon:: cat /var/log/daemon.log::authentication of 'C=CH, O=strongSwan Project, OU=Research, CN=carol@strongswan.org' with EAP successful::YES
 moon:: ipsec status 2> /dev/null::rw-eap.*ESTABLISHED::YES
index 48a706d..c9f3462 100644 (file)
@@ -1,6 +1,6 @@
 carol::cat /var/log/daemon.log::server requested EAP_TLS authentication::YES
 carol::cat /var/log/daemon.log::allow mutual EAP-only authentication::YES
-carol::cat /var/log/daemon.log::negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_128_GCM_SHA256::YES
+carol::cat /var/log/daemon.log::negotiated TLS 1.2 using suite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384::YES
 carol::cat /var/log/daemon.log::authentication of 'C=CH, O=strongSwan Project, CN=moon.strongswan.org' with EAP successful::YES
 moon:: cat /var/log/daemon.log::authentication of 'C=CH, O=strongSwan Project, OU=Research, CN=carol@strongswan.org' with EAP successful::YES
 carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_.eq=1::YES