From 1e9b62ad5039f5e8c6edb27dcac0e2dfd475aa78 Mon Sep 17 00:00:00 2001 From: Andreas Steffen Date: Fri, 4 May 2012 12:11:57 +0200 Subject: [PATCH] deleted unneeded openssl-ikev1 files --- .../moon/etc/ipsec.d/certs/moon_ec256_Cert.pem | 18 ---------------- .../moon/etc/ipsec.d/certs/moon_ec384_Cert.pem | 19 ---------------- .../moon/etc/ipsec.d/private/moon_ec256_Key.pem | 5 ----- .../moon/etc/ipsec.d/private/moon_ec384_Key.pem | 6 ------ .../tests/openssl-ikev1/rw-cert/description.txt | 12 ----------- testing/tests/openssl-ikev1/rw-cert/evaltest.dat | 10 --------- .../rw-cert/hosts/carol/etc/ipsec.conf | 25 ---------------------- .../rw-cert/hosts/carol/etc/strongswan.conf | 15 ------------- .../rw-cert/hosts/dave/etc/ipsec.conf | 25 ---------------------- .../rw-cert/hosts/dave/etc/strongswan.conf | 16 -------------- .../rw-cert/hosts/moon/etc/ipsec.conf | 24 --------------------- .../rw-cert/hosts/moon/etc/strongswan.conf | 16 -------------- testing/tests/openssl-ikev1/rw-cert/posttest.dat | 6 ------ testing/tests/openssl-ikev1/rw-cert/pretest.dat | 9 -------- testing/tests/openssl-ikev1/rw-cert/test.conf | 21 ------------------ 15 files changed, 227 deletions(-) delete mode 100644 testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moon_ec256_Cert.pem delete mode 100644 testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moon_ec384_Cert.pem delete mode 100644 testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moon_ec256_Key.pem delete mode 100644 testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moon_ec384_Key.pem delete mode 100644 testing/tests/openssl-ikev1/rw-cert/description.txt delete mode 100644 testing/tests/openssl-ikev1/rw-cert/evaltest.dat delete mode 100755 testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/ipsec.conf delete mode 100644 testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/strongswan.conf delete mode 100755 testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/ipsec.conf delete mode 100644 testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/strongswan.conf delete mode 100755 testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/ipsec.conf delete mode 100644 testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/strongswan.conf delete mode 100644 testing/tests/openssl-ikev1/rw-cert/posttest.dat delete mode 100644 testing/tests/openssl-ikev1/rw-cert/pretest.dat delete mode 100644 testing/tests/openssl-ikev1/rw-cert/test.conf diff --git a/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moon_ec256_Cert.pem b/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moon_ec256_Cert.pem deleted file mode 100644 index d5e6155..0000000 --- a/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moon_ec256_Cert.pem +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC7DCCAk+gAwIBAgIBBTAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD -VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv -b3QgQ0EwHhcNMDkwNjEyMTYwNjMzWhcNMTQwNjExMTYwNjMzWjBeMQswCQYDVQQG -EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg -MjU2IGJpdDEcMBoGA1UEAxMTbW9vbi5zdHJvbmdzd2FuLm9yZzBZMBMGByqGSM49 -AgEGCCqGSM49AwEHA0IABIU/UvJ7ro2AYsFWXZKH9K4FD9O5kNfi3/H3+10kAy6s -eQUab8qaAhTahBHuywzanVTiJPK5caQSvnpt+z1RJDqjggETMIIBDzAJBgNVHRME -AjAAMAsGA1UdDwQEAwIDqDAdBgNVHQ4EFgQUq1PybZZ+RZuJICuoDUhXdLy/iacw -eAYDVR0jBHEwb4AUul35cbYTtWrR3bo2t6rSwe6P2NKhTKRKMEgxCzAJBgNVBAYT -AkNIMRkwFwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdT -d2FuIEVDIFJvb3QgQ0GCCQD2onV+Iu+miTAeBgNVHREEFzAVghNtb29uLnN0cm9u -Z3N3YW4ub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuc3Ryb25nc3dh -bi5vcmcvc3Ryb25nc3dhbl9lYy5jcmwwCQYHKoZIzj0EAQOBiwAwgYcCQWYZnZLl -iimVcAs5p7SXpHmcnlIX9C4EFzNtY+zoDfPM9Qx/vGY2hKa65tyhepn5RFyNqH6d -slr5EBqoT5Vt86kJAkIAx/dyiLLqT0+lJiyxjLQuAaLRWHwlgq7jaUhoQusxno62 -dIfe0U1QjgumA+zXoAnbLBF3KnnrKvHByv7ejeH0Ys4= ------END CERTIFICATE----- diff --git a/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moon_ec384_Cert.pem b/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moon_ec384_Cert.pem deleted file mode 100644 index 45224b0..0000000 --- a/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/certs/moon_ec384_Cert.pem +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDCjCCAmygAwIBAgIBBjAJBgcqhkjOPQQBMEgxCzAJBgNVBAYTAkNIMRkwFwYD -VQQKExBMaW51eCBzdHJvbmdTd2FuMR4wHAYDVQQDExVzdHJvbmdTd2FuIEVDIFJv -b3QgQ0EwHhcNMDkwNjEyMTYwNzA2WhcNMTQwNjExMTYwNzA2WjBeMQswCQYDVQQG -EwJDSDEZMBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEWMBQGA1UECxMNRUNEU0Eg -Mzg0IGJpdDEcMBoGA1UEAxMTbW9vbi5zdHJvbmdzd2FuLm9yZzB2MBAGByqGSM49 -AgEGBSuBBAAiA2IABK4TajAd1pgzhJJsmyjw1Zb/CdEe0eWKmEyP1OjmwRwS37Tx -3wV9C9ZzCYBsJlvbH53kyeZYoAojUL5sXDVBq8qu23jSjBCesypSiNt/8akt+4bg -a4qMN2zutd/U1fC5C6OCARMwggEPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0G -A1UdDgQWBBT43sZUBjwcO+QW4PXk7KoOxxkm3jB4BgNVHSMEcTBvgBS6XflxthO1 -atHduja3qtLB7o/Y0qFMpEowSDELMAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4 -IHN0cm9uZ1N3YW4xHjAcBgNVBAMTFXN0cm9uZ1N3YW4gRUMgUm9vdCBDQYIJAPai -dX4i76aJMB4GA1UdEQQXMBWCE21vb24uc3Ryb25nc3dhbi5vcmcwPAYDVR0fBDUw -MzAxoC+gLYYraHR0cDovL2NybC5zdHJvbmdzd2FuLm9yZy9zdHJvbmdzd2FuX2Vj -LmNybDAJBgcqhkjOPQQBA4GMADCBiAJCAUfrzEnQUA0dqpo9I2YaFh3Y+QnFosTg -b46jcbxm/LbIeWDxwU2HK3Qfo+tGsXJnh73lKo8B0o+OsXt4gP+GQutCAkIBu7Aw -0iUx8d84SqHiBZBDIk/X6NV62YZXVhO9rPON0r/kdmeZ8OvPD53JgE64irFf6Wp+ -3ictLD61ItW0nxNHlcE= ------END CERTIFICATE----- diff --git a/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moon_ec256_Key.pem b/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moon_ec256_Key.pem deleted file mode 100644 index 66b6315..0000000 --- a/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moon_ec256_Key.pem +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIE+rz/5axOOEvTVs9nnmKyF1v/rgmdIvam+BfSSS1SGpoAoGCCqGSM49 -AwEHoUQDQgAEhT9S8nuujYBiwVZdkof0rgUP07mQ1+Lf8ff7XSQDLqx5BRpvypoC -FNqEEe7LDNqdVOIk8rlxpBK+em37PVEkOg== ------END EC PRIVATE KEY----- diff --git a/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moon_ec384_Key.pem b/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moon_ec384_Key.pem deleted file mode 100644 index 64f7fcf..0000000 --- a/testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.d/private/moon_ec384_Key.pem +++ /dev/null @@ -1,6 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -MIGkAgEBBDDvvge4iZDHIaL0IDBs4gVesErZZWOud3NysAEayGW4iTb6wjQLtIVF -1i7d8lV6Uc2gBwYFK4EEACKhZANiAASuE2owHdaYM4SSbJso8NWW/wnRHtHliphM -j9To5sEcEt+08d8FfQvWcwmAbCZb2x+d5MnmWKAKI1C+bFw1QavKrtt40owQnrMq -Uojbf/GpLfuG4GuKjDds7rXf1NXwuQs= ------END EC PRIVATE KEY----- diff --git a/testing/tests/openssl-ikev1/rw-cert/description.txt b/testing/tests/openssl-ikev1/rw-cert/description.txt deleted file mode 100644 index 5185b52..0000000 --- a/testing/tests/openssl-ikev1/rw-cert/description.txt +++ /dev/null @@ -1,12 +0,0 @@ -The roadwarrior carol and the gateway moon use the openssl -plugin based on the OpenSSL library for all cryptographical and X.509 -certificate functions whereas roadwarrior dave uses the default strongSwan -cryptographical plugins aes des sha1 sha2 md5 gmp and x509. -

-The roadwarriors carol and dave set up a connection each -to gateway moon. The authentication is based on X.509 certificates. -Upon the successful establishment of the IPsec tunnels, leftfirewall=yes -automatically inserts iptables-based firewall rules that let pass the tunneled traffic. -In order to test both tunnel and firewall, both carol and dave ping -the client alice behind the gateway moon. - diff --git a/testing/tests/openssl-ikev1/rw-cert/evaltest.dat b/testing/tests/openssl-ikev1/rw-cert/evaltest.dat deleted file mode 100644 index 1a9b915..0000000 --- a/testing/tests/openssl-ikev1/rw-cert/evaltest.dat +++ /dev/null @@ -1,10 +0,0 @@ -moon::ipsec statusall::IPsec SA established::YES -carol::ipsec statusall::IPsec SA established::YES -dave::ipsec statusall::IPsec SA established::YES -carol::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES -dave::ping -c 1 PH_IP_ALICE::64 bytes from PH_IP_ALICE: icmp_seq=1::YES -moon::tcpdump::IP carol.strongswan.org > moon.strongswan.org: ESP::YES -moon::tcpdump::IP moon.strongswan.org > carol.strongswan.org: ESP::YES -moon::tcpdump::IP dave.strongswan.org > moon.strongswan.org: ESP::YES -moon::tcpdump::IP moon.strongswan.org > dave.strongswan.org: ESP::YES - diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/ipsec.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/ipsec.conf deleted file mode 100755 index 80dae37..0000000 --- a/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/ipsec.conf +++ /dev/null @@ -1,25 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - crlcheckinterval=180 - strictcrlpolicy=no - charonstart=no - plutodebug=control - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - ike=3des-sha1-modp1536! - -conn home - left=PH_IP_CAROL - leftcert=carolCert.pem - leftid=carol@strongswan.org - leftfirewall=yes - right=PH_IP_MOON - rightid=@moon.strongswan.org - rightsubnet=10.1.0.0/16 - auto=add diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/strongswan.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/strongswan.conf deleted file mode 100644 index a8fecbc..0000000 --- a/testing/tests/openssl-ikev1/rw-cert/hosts/carol/etc/strongswan.conf +++ /dev/null @@ -1,15 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -pluto { - load = test-vectors pem pkcs1 openssl random hmac curl kernel-netlink -} - -# pluto uses optimized DH exponent sizes (RFC 3526) - -libstrongswan { - dh_exponent_ansi_x9_42 = no - integrity_test = yes - crypto_test { - on_add = yes - } -} diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/ipsec.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/ipsec.conf deleted file mode 100755 index 73167ca..0000000 --- a/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/ipsec.conf +++ /dev/null @@ -1,25 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - crlcheckinterval=180 - strictcrlpolicy=no - charonstart=no - plutodebug=control - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - ike=aes256-sha256-modp2048! - -conn home - left=PH_IP_DAVE - leftcert=daveCert.pem - leftid=dave@strongswan.org - leftfirewall=yes - right=PH_IP_MOON - rightid=@moon.strongswan.org - rightsubnet=10.1.0.0/16 - auto=add diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/strongswan.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/strongswan.conf deleted file mode 100644 index 85164ee..0000000 --- a/testing/tests/openssl-ikev1/rw-cert/hosts/dave/etc/strongswan.conf +++ /dev/null @@ -1,16 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -pluto { - load = test-vectors aes des sha1 sha2 md5 pem pkcs1 x509 gmp random hmac curl kernel-netlink -} - -# pluto uses optimized DH exponent sizes (RFC 3526) - -libstrongswan { - dh_exponent_ansi_x9_42 = no - integrity_test = yes - crypto_test { - required = yes - on_add = yes - } -} diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/ipsec.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/ipsec.conf deleted file mode 100755 index f365b07..0000000 --- a/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/ipsec.conf +++ /dev/null @@ -1,24 +0,0 @@ -# /etc/ipsec.conf - strongSwan IPsec configuration file - -config setup - crlcheckinterval=180 - strictcrlpolicy=no - charonstart=no - plutodebug=control - -conn %default - ikelifetime=60m - keylife=20m - rekeymargin=3m - keyingtries=1 - keyexchange=ikev1 - ike=aes256-sha256-modp2048,3des-sha1-modp1536! - -conn rw - left=PH_IP_MOON - leftcert=moonCert.pem - leftid=@moon.strongswan.org - leftsubnet=10.1.0.0/16 - leftfirewall=yes - right=%any - auto=add diff --git a/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/strongswan.conf b/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/strongswan.conf deleted file mode 100644 index 763503e..0000000 --- a/testing/tests/openssl-ikev1/rw-cert/hosts/moon/etc/strongswan.conf +++ /dev/null @@ -1,16 +0,0 @@ -# /etc/strongswan.conf - strongSwan configuration file - -pluto { - load = test-vectors pem pkcs1 openssl random hmac curl kernel-netlink -} - -# pluto uses optimized DH exponent sizes (RFC 3526) - -libstrongswan { - dh_exponent_ansi_x9_42 = no - integrity_test = yes - crypto_test { - on_add = yes - } -} - diff --git a/testing/tests/openssl-ikev1/rw-cert/posttest.dat b/testing/tests/openssl-ikev1/rw-cert/posttest.dat deleted file mode 100644 index 7cebd7f..0000000 --- a/testing/tests/openssl-ikev1/rw-cert/posttest.dat +++ /dev/null @@ -1,6 +0,0 @@ -moon::ipsec stop -carol::ipsec stop -dave::ipsec stop -moon::/etc/init.d/iptables stop 2> /dev/null -carol::/etc/init.d/iptables stop 2> /dev/null -dave::/etc/init.d/iptables stop 2> /dev/null diff --git a/testing/tests/openssl-ikev1/rw-cert/pretest.dat b/testing/tests/openssl-ikev1/rw-cert/pretest.dat deleted file mode 100644 index 42e9d7c..0000000 --- a/testing/tests/openssl-ikev1/rw-cert/pretest.dat +++ /dev/null @@ -1,9 +0,0 @@ -moon::/etc/init.d/iptables start 2> /dev/null -carol::/etc/init.d/iptables start 2> /dev/null -dave::/etc/init.d/iptables start 2> /dev/null -moon::ipsec start -carol::ipsec start -dave::ipsec start -carol::sleep 1 -carol::ipsec up home -dave::ipsec up home diff --git a/testing/tests/openssl-ikev1/rw-cert/test.conf b/testing/tests/openssl-ikev1/rw-cert/test.conf deleted file mode 100644 index 7041682..0000000 --- a/testing/tests/openssl-ikev1/rw-cert/test.conf +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# -# This configuration file provides information on the -# UML instances used for this test - -# All UML instances that are required for this test -# -UMLHOSTS="alice moon carol winnetou dave" - -# Corresponding block diagram -# -DIAGRAM="a-m-c-w-d.png" - -# UML instances on which tcpdump is to be started -# -TCPDUMPHOSTS="moon" - -# UML instances on which IPsec is started -# Used for IPsec logging purposes -# -IPSECHOSTS="moon carol dave" -- 2.7.4