deleted
authorAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 15 Mar 2007 13:52:32 +0000 (13:52 -0000)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Thu, 15 Mar 2007 13:52:32 +0000 (13:52 -0000)
32 files changed:
testing/tests/ikev2/nat-rw-one/description.txt [deleted file]
testing/tests/ikev2/nat-rw-one/evaltest.dat [deleted file]
testing/tests/ikev2/nat-rw-one/hosts/alice/etc/ipsec.conf [deleted file]
testing/tests/ikev2/nat-rw-one/hosts/alice/etc/ipsec.d/certs/sunCert.pem [deleted file]
testing/tests/ikev2/nat-rw-one/hosts/sun/etc/ipsec.conf [deleted file]
testing/tests/ikev2/nat-rw-one/hosts/sun/etc/ipsec.d/certs/aliceCert.pem [deleted file]
testing/tests/ikev2/nat-rw-one/posttest.dat [deleted file]
testing/tests/ikev2/nat-rw-one/pretest.dat [deleted file]
testing/tests/ikev2/nat-rw-one/test.conf [deleted file]
testing/tests/ikev2/nat-rw-two/description.txt [deleted file]
testing/tests/ikev2/nat-rw-two/evaltest.dat [deleted file]
testing/tests/ikev2/nat-rw-two/hosts/alice/etc/ipsec.conf [deleted file]
testing/tests/ikev2/nat-rw-two/hosts/alice/etc/ipsec.d/certs/sunCert.pem [deleted file]
testing/tests/ikev2/nat-rw-two/hosts/sun/etc/ipsec.conf [deleted file]
testing/tests/ikev2/nat-rw-two/hosts/sun/etc/ipsec.d/certs/aliceCert.pem [deleted file]
testing/tests/ikev2/nat-rw-two/hosts/sun/etc/ipsec.d/certs/venusCert.pem [deleted file]
testing/tests/ikev2/nat-rw-two/hosts/venus/etc/ipsec.conf [deleted file]
testing/tests/ikev2/nat-rw-two/hosts/venus/etc/ipsec.d/certs/sunCert.pem [deleted file]
testing/tests/ikev2/nat-rw-two/posttest.dat [deleted file]
testing/tests/ikev2/nat-rw-two/pretest.dat [deleted file]
testing/tests/ikev2/nat-rw-two/test.conf [deleted file]
testing/tests/ikev2/ocsp-local-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi [new file with mode: 0755]
testing/tests/ikev2/ocsp-local-cert/hosts/winnetou/etc/openssl/start-ocsp [deleted file]
testing/tests/ikev2/ocsp-local-cert/pretest.dat
testing/tests/ikev2/ocsp-revoked/pretest.dat
testing/tests/ikev2/ocsp-root-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi [new file with mode: 0755]
testing/tests/ikev2/ocsp-root-cert/pretest.dat
testing/tests/ikev2/ocsp-signer-cert/pretest.dat
testing/tests/ikev2/ocsp-timeouts/pretest.dat
testing/tests/ikev2/ocsp-untrusted-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi [new file with mode: 0755]
testing/tests/ikev2/ocsp-untrusted-cert/hosts/winnetou/etc/openssl/start-ocsp [deleted file]
testing/tests/ikev2/ocsp-untrusted-cert/pretest.dat

diff --git a/testing/tests/ikev2/nat-rw-one/description.txt b/testing/tests/ikev2/nat-rw-one/description.txt
deleted file mode 100644 (file)
index b2d798d..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-The roadwarrior <b>alice</b> sitting behind the NAT router <b>moon</b> sets up a connection 
-to gateway <b>sun</b> using IKEv2. UDP encapsulation is used to traverse the NAT router.
-The authentication is based on locally loaded <b>X.509 certificates</b>.
-In order to test the tunnel the NAT-ed host <b>alice</b> pings the client
-<b>bob</b> behind the gateway <b>sun</b>.
diff --git a/testing/tests/ikev2/nat-rw-one/evaltest.dat b/testing/tests/ikev2/nat-rw-one/evaltest.dat
deleted file mode 100644 (file)
index 2945f4a..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-sun::ipsec statusall::rw-alice.*ESTABLISHED::YES
-alice::ipsec statusall::home.*ESTABLISHED::YES
-alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
-moon::tcpdumpcount::IP moon.strongswan.org.* > sun.strongswan.org.ipsec-nat-t: UDP::2
-moon::tcpdumpcount::IP sun.strongswan.org.ipsec-nat-t > moon.strongswan.org.*: UDP::2
\ No newline at end of file
diff --git a/testing/tests/ikev2/nat-rw-one/hosts/alice/etc/ipsec.conf b/testing/tests/ikev2/nat-rw-one/hosts/alice/etc/ipsec.conf
deleted file mode 100644 (file)
index cd9de53..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-version        2.0     # conforms to second version of ipsec.conf specification
-
-config setup
-       plutostart=no
-
-conn home
-       left=PH_IP_ALICE
-       leftcert=aliceCert.pem
-       leftid=alice@strongswan.org
-       right=PH_IP_SUN
-       rightcert=sunCert.pem
-       rightid=@sun.strongswan.org
-       rightsubnet=10.2.0.0/16
-       keyexchange=ikev2
-       auto=add
diff --git a/testing/tests/ikev2/nat-rw-one/hosts/alice/etc/ipsec.d/certs/sunCert.pem b/testing/tests/ikev2/nat-rw-one/hosts/alice/etc/ipsec.d/certs/sunCert.pem
deleted file mode 100644 (file)
index e7825e3..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIECzCCAvOgAwIBAgIBAjANBgkqhkiG9w0BAQQFADBFMQswCQYDVQQGEwJDSDEZ
-MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
-b290IENBMB4XDTA0MDkxMDExMTU1M1oXDTA5MDkwOTExMTU1M1owRTELMAkGA1UE
-BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN1bi5z
-dHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOQ8
-foB9h5BZ92gA5JkQTJNuoF6FAzoq91Gh7To27/g74p01+SUnsSaBfPmNfGp4avdS
-Ewy2dWMA/7uj0Dbe8MEKssNztp0JQubp2s7n8mrrQLGsqB6YAS09l75XDjS3yqTC
-AtH1kD4zAl/j/AyeQBuLR4CyJEmC/rqD3/a+pr42CaljuFBgBRpCTUpU4mlslZSe
-zv9wu61PwTFxb8VDlBHUd/lwkXThKgU3uEhWRxLahpSldEGmiTTmx30k/XbOMF2n
-HObEHt5EY9uWRGGbj81ZRWiNk0dNtbpneUHv/NvdWLc591M8cEGEQdWW2XTVbL2G
-N67q8hdzGgIvb7QJPMcCAwEAAaOCAQQwggEAMAkGA1UdEwQCMAAwCwYDVR0PBAQD
-AgOoMB0GA1UdDgQWBBQ9xLkyCBbyQmRet0vvV1Fg6z5q2DBtBgNVHSMEZjBkgBRd
-p91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoT
-EExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIB
-ADAdBgNVHREEFjAUghJzdW4uc3Ryb25nc3dhbi5vcmcwOQYDVR0fBDIwMDAuoCyg
-KoYoaHR0cDovL2NybC5zdHJvbmdzd2FuLm9yZy9zdHJvbmdzd2FuLmNybDANBgkq
-hkiG9w0BAQQFAAOCAQEAGQQroiAa0SwwhJprGd7OM+rfBJAGbsa3DPzFCfHX1R7i
-ZyDs9aph1DK+IgUa377Ev1U7oB0EldpmOoJJugCjtNLfpW3t1RXBERL/QfpO2+VP
-Wt3SfZ0Oq48jiqB1MVLMZRPCICZEQjT4sJ3HYs5ZuucuvoxeMx3rQ4HxUtHtMD3S
-5JNMwFFiOXAjyIyrTlb7YuRJTT5hE+Rms8GUQ5Xnt7zKZ7yfoSLFzy0/cLFPdQvE
-JA7w8crODCZpDgEKVHVyUWuyt1O46N3ydUfDcnKJoQ9HWHm3xCbDex5MHTnvm1lk
-Stx71CGM7TE6VPy028UlrSw0JqEwCVwstei2cMzwgA==
------END CERTIFICATE-----
diff --git a/testing/tests/ikev2/nat-rw-one/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/nat-rw-one/hosts/sun/etc/ipsec.conf
deleted file mode 100644 (file)
index a772214..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-version        2.0     # conforms to second version of ipsec.conf specification
-
-config setup
-       plutostart=no
-
-conn %default
-       left=PH_IP_SUN
-       leftcert=sunCert.pem
-       leftid=@sun.strongswan.org
-       leftsubnet=10.2.0.0/16
-       keyexchange=ikev2
-       
-conn rw-alice
-       right=%any
-       rightcert=aliceCert.pem
-       rightid=alice@strongswan.org
-       rightsubnet=10.1.0.0/16
-       auto=add
diff --git a/testing/tests/ikev2/nat-rw-one/hosts/sun/etc/ipsec.d/certs/aliceCert.pem b/testing/tests/ikev2/nat-rw-one/hosts/sun/etc/ipsec.d/certs/aliceCert.pem
deleted file mode 100644 (file)
index e99ae8e..0000000
+++ /dev/null
@@ -1,25 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEHzCCAwegAwIBAgIBBTANBgkqhkiG9w0BAQQFADBFMQswCQYDVQQGEwJDSDEZ
-MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
-b290IENBMB4XDTA0MDkxMDExMjQzOVoXDTA5MDkwOTExMjQzOVowVzELMAkGA1UE
-BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xDjAMBgNVBAsTBVNhbGVz
-MR0wGwYDVQQDFBRhbGljZUBzdHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAK7FyvkE18/oujCaTd8GXBNOH+Cvoy0ibJ8j2sNsBrer
-GS1lgxRs8zaVfK9fosadu0UZeWIHsOKkew5469sPvkKK2SGGH+pu+x+xO/vuaEG4
-FlkAu8iGFWLQycLt6BJfcqw7FT8rwNuD18XXBXmP7hRavi/TEElbVYHbO7lm8T5W
-6hTr/sYddiSB7X9/ba7JBy6lxmBcUAx5bjiiHLaW/llefkqyhc6dw5nvPZ2DchvH
-v/HWvLF9bsvxbBkHU0/z/CEsRuMBI7EPEL4rx3UqmuCUAqiMJTS3IrDaIlfJOLWc
-KlbsnE6hHpwmt9oDB9iWBY9WeZUSAtJGFw4b7FCZvQ0CAwEAAaOCAQYwggECMAkG
-A1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBRZmh0JtiNTjBsQsfD7ECNa
-60iG2jBtBgNVHSMEZjBkgBRdp91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkG
-A1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0
-cm9uZ1N3YW4gUm9vdCBDQYIBADAfBgNVHREEGDAWgRRhbGljZUBzdHJvbmdzd2Fu
-Lm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3Jn
-L3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBBAUAA4IBAQADdQIlJkFtmHEjtuyo
-2aIcrsUx98FtvVgB7RpQB8JZlly7UEjvX0CIIvW/7Al5/8h9s1rhrRffX7nXQKAQ
-AmPnvD2Pp47obDnHqm/L109S1fcL5BiPN1AlgsseUBwzdqBpyRncPXZoAuBh/BU5
-D/1Dip0hXgB/X6+QymSzRJoSKfpeXVICj1kYH1nIkn0YXthYF3BTrCheCzBlKn0S
-CixbCUYsUjtSqld0nG76jyGb/gnWntNettH+RXWe1gm6qREJwfEFdeYviTqx2Uxi
-6sBKG/XjNAcMArXb7V6w0YAwCyjwCl49B+mLZaFH+9izzBJ7NyVqhH8ToB1gt0re
-JGhV
------END CERTIFICATE-----
diff --git a/testing/tests/ikev2/nat-rw-one/posttest.dat b/testing/tests/ikev2/nat-rw-one/posttest.dat
deleted file mode 100644 (file)
index c949b83..0000000
+++ /dev/null
@@ -1,5 +0,0 @@
-sun::ipsec stop
-alice::ipsec stop
-sun::rm /etc/ipsec.d/certs/*
-alice::rm /etc/ipsec.d/certs/*
-moon::iptables -t nat -F
diff --git a/testing/tests/ikev2/nat-rw-one/pretest.dat b/testing/tests/ikev2/nat-rw-one/pretest.dat
deleted file mode 100644 (file)
index 17cc4b0..0000000
+++ /dev/null
@@ -1,9 +0,0 @@
-sun::echo 1 > /proc/sys/net/ipv4/ip_forward
-moon::echo 1 > /proc/sys/net/ipv4/ip_forward
-moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p udp -j SNAT --to-source PH_IP_MOON:1024-1100
-moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-source PH_IP_MOON:2000-2100
-sun::ipsec start
-alice::ipsec start
-alice::sleep 1
-alice::ipsec up home
-alice::sleep 1 
diff --git a/testing/tests/ikev2/nat-rw-one/test.conf b/testing/tests/ikev2/nat-rw-one/test.conf
deleted file mode 100644 (file)
index d84149a..0000000
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# UML instances used for this test
-
-# All UML instances that are required for this test
-#
-UMLHOSTS="alice moon winnetou sun bob"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-m-w-s-b.png"
-
-# UML instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# UML instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="alice sun"
diff --git a/testing/tests/ikev2/nat-rw-two/description.txt b/testing/tests/ikev2/nat-rw-two/description.txt
deleted file mode 100644 (file)
index 6e542b0..0000000
+++ /dev/null
@@ -1,6 +0,0 @@
-The roadwarriors <b>alice</b> and <b>venus</b> sitting behind the NAT router <b>moon</b>
- set up a connection to gateway <b>sun</b> using IKEv2. UDP encapsulation is used to 
-traverse the NAT router.
-The authentication is based on locally loaded <b>X.509 certificates</b>.
-In order to test the tunnel the NAT-ed hosts <b>alice</b> and <b>venus</b> ping the client
-<b>bob</b> behind the gateway <b>sun</b>.
diff --git a/testing/tests/ikev2/nat-rw-two/evaltest.dat b/testing/tests/ikev2/nat-rw-two/evaltest.dat
deleted file mode 100644 (file)
index 9410d54..0000000
+++ /dev/null
@@ -1,8 +0,0 @@
-sun::ipsec statusall::rw-alice.*ESTABLISHED::YES
-sun::ipsec statusall::rw-venus.*ESTABLISHED::YES
-alice::ipsec statusall::home.*ESTABLISHED::YES
-venus::ipsec statusall::home.*ESTABLISHED::YES
-alice::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
-venus::ping -c 1 PH_IP_BOB::64 bytes from PH_IP_BOB: icmp_seq=1::YES
-moon::tcpdumpcount::IP moon.strongswan.org.* > sun.strongswan.org.ipsec-nat-t: UDP::4
-moon::tcpdumpcount::IP sun.strongswan.org.ipsec-nat-t > moon.strongswan.org.*: UDP::4
diff --git a/testing/tests/ikev2/nat-rw-two/hosts/alice/etc/ipsec.conf b/testing/tests/ikev2/nat-rw-two/hosts/alice/etc/ipsec.conf
deleted file mode 100644 (file)
index cd9de53..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-version        2.0     # conforms to second version of ipsec.conf specification
-
-config setup
-       plutostart=no
-
-conn home
-       left=PH_IP_ALICE
-       leftcert=aliceCert.pem
-       leftid=alice@strongswan.org
-       right=PH_IP_SUN
-       rightcert=sunCert.pem
-       rightid=@sun.strongswan.org
-       rightsubnet=10.2.0.0/16
-       keyexchange=ikev2
-       auto=add
diff --git a/testing/tests/ikev2/nat-rw-two/hosts/alice/etc/ipsec.d/certs/sunCert.pem b/testing/tests/ikev2/nat-rw-two/hosts/alice/etc/ipsec.d/certs/sunCert.pem
deleted file mode 100644 (file)
index e7825e3..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIECzCCAvOgAwIBAgIBAjANBgkqhkiG9w0BAQQFADBFMQswCQYDVQQGEwJDSDEZ
-MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
-b290IENBMB4XDTA0MDkxMDExMTU1M1oXDTA5MDkwOTExMTU1M1owRTELMAkGA1UE
-BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN1bi5z
-dHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOQ8
-foB9h5BZ92gA5JkQTJNuoF6FAzoq91Gh7To27/g74p01+SUnsSaBfPmNfGp4avdS
-Ewy2dWMA/7uj0Dbe8MEKssNztp0JQubp2s7n8mrrQLGsqB6YAS09l75XDjS3yqTC
-AtH1kD4zAl/j/AyeQBuLR4CyJEmC/rqD3/a+pr42CaljuFBgBRpCTUpU4mlslZSe
-zv9wu61PwTFxb8VDlBHUd/lwkXThKgU3uEhWRxLahpSldEGmiTTmx30k/XbOMF2n
-HObEHt5EY9uWRGGbj81ZRWiNk0dNtbpneUHv/NvdWLc591M8cEGEQdWW2XTVbL2G
-N67q8hdzGgIvb7QJPMcCAwEAAaOCAQQwggEAMAkGA1UdEwQCMAAwCwYDVR0PBAQD
-AgOoMB0GA1UdDgQWBBQ9xLkyCBbyQmRet0vvV1Fg6z5q2DBtBgNVHSMEZjBkgBRd
-p91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoT
-EExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIB
-ADAdBgNVHREEFjAUghJzdW4uc3Ryb25nc3dhbi5vcmcwOQYDVR0fBDIwMDAuoCyg
-KoYoaHR0cDovL2NybC5zdHJvbmdzd2FuLm9yZy9zdHJvbmdzd2FuLmNybDANBgkq
-hkiG9w0BAQQFAAOCAQEAGQQroiAa0SwwhJprGd7OM+rfBJAGbsa3DPzFCfHX1R7i
-ZyDs9aph1DK+IgUa377Ev1U7oB0EldpmOoJJugCjtNLfpW3t1RXBERL/QfpO2+VP
-Wt3SfZ0Oq48jiqB1MVLMZRPCICZEQjT4sJ3HYs5ZuucuvoxeMx3rQ4HxUtHtMD3S
-5JNMwFFiOXAjyIyrTlb7YuRJTT5hE+Rms8GUQ5Xnt7zKZ7yfoSLFzy0/cLFPdQvE
-JA7w8crODCZpDgEKVHVyUWuyt1O46N3ydUfDcnKJoQ9HWHm3xCbDex5MHTnvm1lk
-Stx71CGM7TE6VPy028UlrSw0JqEwCVwstei2cMzwgA==
------END CERTIFICATE-----
diff --git a/testing/tests/ikev2/nat-rw-two/hosts/sun/etc/ipsec.conf b/testing/tests/ikev2/nat-rw-two/hosts/sun/etc/ipsec.conf
deleted file mode 100644 (file)
index 9520f17..0000000
+++ /dev/null
@@ -1,27 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-version        2.0     # conforms to second version of ipsec.conf specification
-
-config setup
-       plutostart=no
-
-conn %default
-       left=PH_IP_SUN
-       leftcert=sunCert.pem
-       leftid=@sun.strongswan.org
-       leftsubnet=10.2.0.0/16
-       keyexchange=ikev2
-       
-conn rw-alice
-       right=%any
-       rightcert=aliceCert.pem
-       rightid=alice@strongswan.org
-       rightsubnet=10.1.0.0/16
-       auto=add
-
-conn rw-venus
-       right=%any
-       rightcert=venusCert.pem
-       rightid=venus@strongswan.org
-       rightsubnet=10.1.0.0/16
-       auto=add
diff --git a/testing/tests/ikev2/nat-rw-two/hosts/sun/etc/ipsec.d/certs/aliceCert.pem b/testing/tests/ikev2/nat-rw-two/hosts/sun/etc/ipsec.d/certs/aliceCert.pem
deleted file mode 100644 (file)
index e99ae8e..0000000
+++ /dev/null
@@ -1,25 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEHzCCAwegAwIBAgIBBTANBgkqhkiG9w0BAQQFADBFMQswCQYDVQQGEwJDSDEZ
-MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
-b290IENBMB4XDTA0MDkxMDExMjQzOVoXDTA5MDkwOTExMjQzOVowVzELMAkGA1UE
-BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xDjAMBgNVBAsTBVNhbGVz
-MR0wGwYDVQQDFBRhbGljZUBzdHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEB
-BQADggEPADCCAQoCggEBAK7FyvkE18/oujCaTd8GXBNOH+Cvoy0ibJ8j2sNsBrer
-GS1lgxRs8zaVfK9fosadu0UZeWIHsOKkew5469sPvkKK2SGGH+pu+x+xO/vuaEG4
-FlkAu8iGFWLQycLt6BJfcqw7FT8rwNuD18XXBXmP7hRavi/TEElbVYHbO7lm8T5W
-6hTr/sYddiSB7X9/ba7JBy6lxmBcUAx5bjiiHLaW/llefkqyhc6dw5nvPZ2DchvH
-v/HWvLF9bsvxbBkHU0/z/CEsRuMBI7EPEL4rx3UqmuCUAqiMJTS3IrDaIlfJOLWc
-KlbsnE6hHpwmt9oDB9iWBY9WeZUSAtJGFw4b7FCZvQ0CAwEAAaOCAQYwggECMAkG
-A1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBRZmh0JtiNTjBsQsfD7ECNa
-60iG2jBtBgNVHSMEZjBkgBRdp91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkG
-A1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0
-cm9uZ1N3YW4gUm9vdCBDQYIBADAfBgNVHREEGDAWgRRhbGljZUBzdHJvbmdzd2Fu
-Lm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4ub3Jn
-L3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBBAUAA4IBAQADdQIlJkFtmHEjtuyo
-2aIcrsUx98FtvVgB7RpQB8JZlly7UEjvX0CIIvW/7Al5/8h9s1rhrRffX7nXQKAQ
-AmPnvD2Pp47obDnHqm/L109S1fcL5BiPN1AlgsseUBwzdqBpyRncPXZoAuBh/BU5
-D/1Dip0hXgB/X6+QymSzRJoSKfpeXVICj1kYH1nIkn0YXthYF3BTrCheCzBlKn0S
-CixbCUYsUjtSqld0nG76jyGb/gnWntNettH+RXWe1gm6qREJwfEFdeYviTqx2Uxi
-6sBKG/XjNAcMArXb7V6w0YAwCyjwCl49B+mLZaFH+9izzBJ7NyVqhH8ToB1gt0re
-JGhV
------END CERTIFICATE-----
diff --git a/testing/tests/ikev2/nat-rw-two/hosts/sun/etc/ipsec.d/certs/venusCert.pem b/testing/tests/ikev2/nat-rw-two/hosts/sun/etc/ipsec.d/certs/venusCert.pem
deleted file mode 100644 (file)
index 25a6941..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEDzCCAvegAwIBAgIBBDANBgkqhkiG9w0BAQQFADBFMQswCQYDVQQGEwJDSDEZ
-MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
-b290IENBMB4XDTA0MDkxMDExMTgyNloXDTA5MDkwOTExMTgyNlowRzELMAkGA1UE
-BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xHTAbBgNVBAMTFHZlbnVz
-LnN0cm9uZ3N3YW4ub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-mlQ2s9J7bw73onkw0ZwwcM2JDJuU3KmmuzETlmLdtg7m8yFCdhoDg6cxrsIvPAWy
-Gs++1e+1qzy7LTnNHckaHHFwJQf0JoIGE1bbUrJidX8B1T3sDdvZFbyfmQTWSEyJ
-thrdqdPS92VJW/9XQOPeEhudIHr+NtWQfCm3OQFKDXGCEkHOjpVNHn3BPUiL99ON
-FiLZX3gZy6vTERpEE8ga66fHtpM3RJfIxYoUQUdRw8iIa8iOvRGtJa/MfOWX6L/H
-wquRv3SuCl4iMSph7e/VE+z5xx3OyKSAki914DgRFnQITKjyGxw1lORlDQlZy2w/
-nu0BAbXS1pb/2AiF8jDpbQIDAQABo4IBBjCCAQIwCQYDVR0TBAIwADALBgNVHQ8E
-BAMCA6gwHQYDVR0OBBYEFEqPlXBYJh1knX0Q61HMcn9LOZ6sMG0GA1UdIwRmMGSA
-FF2n3XAGUTJ+57Zts7Xl4GDqLk3voUmkRzBFMQswCQYDVQQGEwJDSDEZMBcGA1UE
-ChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBSb290IENB
-ggEAMB8GA1UdEQQYMBaCFHZlbnVzLnN0cm9uZ3N3YW4ub3JnMDkGA1UdHwQyMDAw
-LqAsoCqGKGh0dHA6Ly9jcmwuc3Ryb25nc3dhbi5vcmcvc3Ryb25nc3dhbi5jcmww
-DQYJKoZIhvcNAQEEBQADggEBAEx3kXh2Z5CMH+tX6cJPyi6gSeOgXy7NBiNsEdXN
-rwGp4DwN6uiSog4EYZJA203oqE3eaoYdBXKiOGvjW4vyigvpDr8H+MeW2HsNuMKX
-PFpY4NucV0fJlzFhtkp31zTLHNESCgTqNIwGj+CbN0rxhHGE6502krnu+C12nJ7B
-fdMzml1RmVp4JlZC5yfiTy0F2s/aH+8xQ2x509UoD+boNM9GR+IlWS2dDypISGid
-hbM4rpiMLBj2riWD8HiuljkKQ6LemBXeZQXuIPlusl7cH/synNkHk8iiALM8xfGh
-wTEmdo5Tp5sDI3cj3LVvhcsTxjiOA81her1F0itlxpEA/gA=
------END CERTIFICATE-----
diff --git a/testing/tests/ikev2/nat-rw-two/hosts/venus/etc/ipsec.conf b/testing/tests/ikev2/nat-rw-two/hosts/venus/etc/ipsec.conf
deleted file mode 100644 (file)
index fe02e91..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-# /etc/ipsec.conf - strongSwan IPsec configuration file
-
-version        2.0     # conforms to second version of ipsec.conf specification
-
-config setup
-       plutostart=no
-
-conn home
-       left=PH_IP_VENUS
-       leftcert=venusCert.pem
-       leftid=venus@strongswan.org
-       right=PH_IP_SUN
-       rightcert=sunCert.pem
-       rightid=@sun.strongswan.org
-       rightsubnet=10.2.0.0/16
-       keyexchange=ikev2
-       auto=add
diff --git a/testing/tests/ikev2/nat-rw-two/hosts/venus/etc/ipsec.d/certs/sunCert.pem b/testing/tests/ikev2/nat-rw-two/hosts/venus/etc/ipsec.d/certs/sunCert.pem
deleted file mode 100644 (file)
index e7825e3..0000000
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIECzCCAvOgAwIBAgIBAjANBgkqhkiG9w0BAQQFADBFMQswCQYDVQQGEwJDSDEZ
-MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS
-b290IENBMB4XDTA0MDkxMDExMTU1M1oXDTA5MDkwOTExMTU1M1owRTELMAkGA1UE
-BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN1bi5z
-dHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOQ8
-foB9h5BZ92gA5JkQTJNuoF6FAzoq91Gh7To27/g74p01+SUnsSaBfPmNfGp4avdS
-Ewy2dWMA/7uj0Dbe8MEKssNztp0JQubp2s7n8mrrQLGsqB6YAS09l75XDjS3yqTC
-AtH1kD4zAl/j/AyeQBuLR4CyJEmC/rqD3/a+pr42CaljuFBgBRpCTUpU4mlslZSe
-zv9wu61PwTFxb8VDlBHUd/lwkXThKgU3uEhWRxLahpSldEGmiTTmx30k/XbOMF2n
-HObEHt5EY9uWRGGbj81ZRWiNk0dNtbpneUHv/NvdWLc591M8cEGEQdWW2XTVbL2G
-N67q8hdzGgIvb7QJPMcCAwEAAaOCAQQwggEAMAkGA1UdEwQCMAAwCwYDVR0PBAQD
-AgOoMB0GA1UdDgQWBBQ9xLkyCBbyQmRet0vvV1Fg6z5q2DBtBgNVHSMEZjBkgBRd
-p91wBlEyfue2bbO15eBg6i5N76FJpEcwRTELMAkGA1UEBhMCQ0gxGTAXBgNVBAoT
-EExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9uZ1N3YW4gUm9vdCBDQYIB
-ADAdBgNVHREEFjAUghJzdW4uc3Ryb25nc3dhbi5vcmcwOQYDVR0fBDIwMDAuoCyg
-KoYoaHR0cDovL2NybC5zdHJvbmdzd2FuLm9yZy9zdHJvbmdzd2FuLmNybDANBgkq
-hkiG9w0BAQQFAAOCAQEAGQQroiAa0SwwhJprGd7OM+rfBJAGbsa3DPzFCfHX1R7i
-ZyDs9aph1DK+IgUa377Ev1U7oB0EldpmOoJJugCjtNLfpW3t1RXBERL/QfpO2+VP
-Wt3SfZ0Oq48jiqB1MVLMZRPCICZEQjT4sJ3HYs5ZuucuvoxeMx3rQ4HxUtHtMD3S
-5JNMwFFiOXAjyIyrTlb7YuRJTT5hE+Rms8GUQ5Xnt7zKZ7yfoSLFzy0/cLFPdQvE
-JA7w8crODCZpDgEKVHVyUWuyt1O46N3ydUfDcnKJoQ9HWHm3xCbDex5MHTnvm1lk
-Stx71CGM7TE6VPy028UlrSw0JqEwCVwstei2cMzwgA==
------END CERTIFICATE-----
diff --git a/testing/tests/ikev2/nat-rw-two/posttest.dat b/testing/tests/ikev2/nat-rw-two/posttest.dat
deleted file mode 100644 (file)
index a9c9db1..0000000
+++ /dev/null
@@ -1,7 +0,0 @@
-sun::ipsec stop
-alice::ipsec stop
-venus::ipsec stop
-sun::rm /etc/ipsec.d/certs/*
-alice::rm /etc/ipsec.d/certs/*
-venus::rm /etc/ipsec.d/certs/*
-moon::iptables -t nat -F
diff --git a/testing/tests/ikev2/nat-rw-two/pretest.dat b/testing/tests/ikev2/nat-rw-two/pretest.dat
deleted file mode 100644 (file)
index 8e1c0eb..0000000
+++ /dev/null
@@ -1,11 +0,0 @@
-sun::echo 1 > /proc/sys/net/ipv4/ip_forward
-moon::echo 1 > /proc/sys/net/ipv4/ip_forward
-moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p udp -j SNAT --to-source PH_IP_MOON:1024-1100
-moon::iptables -t nat -A POSTROUTING -o eth0 -s 10.1.0.0/16 -p tcp -j SNAT --to-source PH_IP_MOON:2000-2100
-sun::ipsec start
-alice::ipsec start
-venus::ipsec start
-alice::sleep 1
-alice::ipsec up home
-venus::ipsec up home
-alice::sleep 1 
diff --git a/testing/tests/ikev2/nat-rw-two/test.conf b/testing/tests/ikev2/nat-rw-two/test.conf
deleted file mode 100644 (file)
index 84317fd..0000000
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-#
-# This configuration file provides information on the
-# UML instances used for this test
-
-# All UML instances that are required for this test
-#
-UMLHOSTS="alice venus moon winnetou sun bob"
-
-# Corresponding block diagram
-#
-DIAGRAM="a-v-m-w-s-b.png"
-
-# UML instances on which tcpdump is to be started
-#
-TCPDUMPHOSTS="moon"
-
-# UML instances on which IPsec is started
-# Used for IPsec logging purposes
-#
-IPSECHOSTS="alice venus sun"
diff --git a/testing/tests/ikev2/ocsp-local-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi b/testing/tests/ikev2/ocsp-local-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi
new file mode 100755 (executable)
index 0000000..dda793f
--- /dev/null
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+cd /etc/openssl
+
+echo "Content-type: application/ocsp-response"
+echo ""
+
+/usr/bin/openssl ocsp -index index.txt -CA strongswanCert.pem \
+                      -rkey ocspKey-self.pem -rsigner ocspCert-self.pem \
+                     -resp_no_certs -nmin 5 \
+                     -reqin /dev/stdin -respout /dev/stdout
diff --git a/testing/tests/ikev2/ocsp-local-cert/hosts/winnetou/etc/openssl/start-ocsp b/testing/tests/ikev2/ocsp-local-cert/hosts/winnetou/etc/openssl/start-ocsp
deleted file mode 100755 (executable)
index 1a15bf5..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-#! /bin/sh
-# start an OpenSSL-based OCSP server
-#
-# Copyright (C) 2004  Andreas Steffen
-# Zuercher Hochschule Winterthur
-#
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-# for more details.
-#
-# RCSID $Id: start-ocsp,v 1.3 2005/01/01 18:12:14 as Exp $
-
-cd /etc/openssl
-openssl ocsp -index index.txt -CA strongswanCert.pem -port 8880 -rkey ocspKey-self.pem -rsigner ocspCert-self.pem -resp_no_certs -nmin 5 < /dev/null > /dev/null 2>&1 &
index d5516fd..d92333d 100644 (file)
@@ -1,4 +1,3 @@
-winnetou::/etc/openssl/start-ocsp
 moon::ipsec start
 carol::ipsec start
 carol::sleep 2
index d5516fd..d92333d 100644 (file)
@@ -1,4 +1,3 @@
-winnetou::/etc/openssl/start-ocsp
 moon::ipsec start
 carol::ipsec start
 carol::sleep 2
diff --git a/testing/tests/ikev2/ocsp-root-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi b/testing/tests/ikev2/ocsp-root-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi
new file mode 100755 (executable)
index 0000000..e998b6a
--- /dev/null
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+cd /etc/openssl
+
+echo "Content-type: application/ocsp-response"
+echo ""
+
+/usr/bin/openssl ocsp -index index.txt -CA strongswanCert.pem \
+                      -rkey strongswanKey.pem -rsigner strongswanCert.pem \
+                     -resp_no_certs -nmin 5 \
+                     -reqin /dev/stdin -respout /dev/stdout
index d5516fd..d92333d 100644 (file)
@@ -1,4 +1,3 @@
-winnetou::/etc/openssl/start-ocsp
 moon::ipsec start
 carol::ipsec start
 carol::sleep 2
index d5516fd..d92333d 100644 (file)
@@ -1,4 +1,3 @@
-winnetou::/etc/openssl/start-ocsp
 moon::ipsec start
 carol::ipsec start
 carol::sleep 2
index d5516fd..d92333d 100644 (file)
@@ -1,4 +1,3 @@
-winnetou::/etc/openssl/start-ocsp
 moon::ipsec start
 carol::ipsec start
 carol::sleep 2
diff --git a/testing/tests/ikev2/ocsp-untrusted-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi b/testing/tests/ikev2/ocsp-untrusted-cert/hosts/winnetou/etc/openssl/ocsp/ocsp.cgi
new file mode 100755 (executable)
index 0000000..20c4b2a
--- /dev/null
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+cd /etc/openssl
+
+echo "Content-type: application/ocsp-response"
+echo ""
+
+/usr/bin/openssl ocsp -index index.txt -CA strongswanCert.pem \
+                      -rkey ocspKey-self.pem -rsigner ocspCert-self.pem \
+                     -nmin 5 \
+                     -reqin /dev/stdin -respout /dev/stdout
diff --git a/testing/tests/ikev2/ocsp-untrusted-cert/hosts/winnetou/etc/openssl/start-ocsp b/testing/tests/ikev2/ocsp-untrusted-cert/hosts/winnetou/etc/openssl/start-ocsp
deleted file mode 100755 (executable)
index 7eff288..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-#! /bin/sh
-# start an OpenSSL-based OCSP server
-#
-# Copyright (C) 2004  Andreas Steffen
-# Zuercher Hochschule Winterthur
-#
-# This program is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 2 of the License, or (at your
-# option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
-# for more details.
-#
-# RCSID $Id: start-ocsp,v 1.3 2005/01/01 18:12:14 as Exp $
-
-cd /etc/openssl
-openssl ocsp -index index.txt -CA strongswanCert.pem -port 8880 -rkey ocspKey-self.pem -rsigner ocspCert-self.pem -nmin 5 < /dev/null > /dev/null 2>&1 &
index d5516fd..d92333d 100644 (file)
@@ -1,4 +1,3 @@
-winnetou::/etc/openssl/start-ocsp
 moon::ipsec start
 carol::ipsec start
 carol::sleep 2