summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2008-12-22 14:08:46 +0000
committerHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2008-12-22 14:08:46 +0000
commit50a7942c418595f8a6df8c986580e908b897ed93 (patch)
treecb7ce4df7386ab57d2fe58e04b46031457841056
parent68713e50691cb4d52cb2861763880110249b767f (diff)
add regression test for aes-{128,192,256} being used with main and quick
mode.
Diffstat
-rw-r--r--regress/sbin/ipsecctl/Makefile4
-rw-r--r--regress/sbin/ipsecctl/ike60.in3
-rw-r--r--regress/sbin/ipsecctl/ike60.ok108
3 files changed, 113 insertions, 2 deletions
diff --git a/regress/sbin/ipsecctl/Makefile b/regress/sbin/ipsecctl/Makefile
index 339b0ed7ba7..0153dc7698e 100644
--- a/regress/sbin/ipsecctl/Makefile
+++ b/regress/sbin/ipsecctl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.51 2008/07/01 14:08:39 bluhm Exp $
+# $OpenBSD: Makefile,v 1.52 2008/12/22 14:08:45 hshoexer Exp $
# you can update the *.ok files with: make -i | patch
# TARGETS
@@ -19,7 +19,7 @@ IKEFAIL=1 3 4 5 6 8 9 10 11 12
IKETESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
IKETESTS+=16 17 18 19 20 21 22 23
IKETESTS+=29 30 31 32 33 34 35 36 37 38 39 40
-IKETESTS+=41 42 43 46 47 48 49 50 51 52 53 54 55 56 57 58 59
+IKETESTS+=41 42 43 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60
IKEDELTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
IKEDELTESTS+=16 17 18 19 20 21 22 23
diff --git a/regress/sbin/ipsecctl/ike60.in b/regress/sbin/ipsecctl/ike60.in
new file mode 100644
index 00000000000..11d3b51077e
--- /dev/null
+++ b/regress/sbin/ipsecctl/ike60.in
@@ -0,0 +1,3 @@
+ike from egress to any main enc aes-128 quick enc aes-128
+ike from egress to any main enc aes-192 quick enc aes-192
+ike from egress to any main enc aes-256 quick enc aes-256
diff --git a/regress/sbin/ipsecctl/ike60.ok b/regress/sbin/ipsecctl/ike60.ok
new file mode 100644
index 00000000000..e9f653d90d9
--- /dev/null
+++ b/regress/sbin/ipsecctl/ike60.ok
@@ -0,0 +1,108 @@
+C set [Phase 1]:Default=peer-default force
+C set [peer-default]:Phase=1 force
+C set [peer-default]:Configuration=phase1-peer-default force
+C set [phase1-peer-default]:EXCHANGE_TYPE=ID_PROT force
+C add [phase1-peer-default]:Transforms=AES-128-SHA-RSA_SIG force
+C set [from-sk0-to-0.0.0.0/0]:Phase=2 force
+C set [from-sk0-to-0.0.0.0/0]:ISAKMP-peer=peer-default force
+C set [from-sk0-to-0.0.0.0/0]:Configuration=phase2-from-sk0-to-0.0.0.0/0 force
+C set [from-sk0-to-0.0.0.0/0]:Local-ID=from-sk0 force
+C set [from-sk0-to-0.0.0.0/0]:Remote-ID=to-0.0.0.0/0 force
+C set [phase2-from-sk0-to-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
+C set [phase2-from-sk0-to-0.0.0.0/0]:Suites=QM-ESP-AES-128-SHA2-256-PFS-SUITE force
+C set [from-sk0]:ID-type=IPV4_ADDR force
+C set [from-sk0]:Address=sk0 force
+C set [to-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
+C set [to-0.0.0.0/0]:Network=0.0.0.0 force
+C set [to-0.0.0.0/0]:Netmask=0.0.0.0 force
+C add [Phase 2]:Connections=from-sk0-to-0.0.0.0/0
+C set [Phase 1]:Default=peer-default force
+C set [peer-default]:Phase=1 force
+C set [peer-default]:Configuration=phase1-peer-default force
+C set [phase1-peer-default]:EXCHANGE_TYPE=ID_PROT force
+C add [phase1-peer-default]:Transforms=AES-128-SHA-RSA_SIG force
+C set [from-sk0-to-0.0.0.0/0]:Phase=2 force
+C set [from-sk0-to-0.0.0.0/0]:ISAKMP-peer=peer-default force
+C set [from-sk0-to-0.0.0.0/0]:Configuration=phase2-from-sk0-to-0.0.0.0/0 force
+C set [from-sk0-to-0.0.0.0/0]:Local-ID=from-sk0 force
+C set [from-sk0-to-0.0.0.0/0]:Remote-ID=to-0.0.0.0/0 force
+C set [phase2-from-sk0-to-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
+C set [phase2-from-sk0-to-0.0.0.0/0]:Suites=QM-ESP-AES-128-SHA2-256-PFS-SUITE force
+C set [from-sk0]:ID-type=IPV4_ADDR force
+C set [from-sk0]:Address=sk0 force
+C set [to-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
+C set [to-0.0.0.0/0]:Network=0.0.0.0 force
+C set [to-0.0.0.0/0]:Netmask=0.0.0.0 force
+C add [Phase 2]:Connections=from-sk0-to-0.0.0.0/0
+C set [Phase 1]:Default=peer-default force
+C set [peer-default]:Phase=1 force
+C set [peer-default]:Configuration=phase1-peer-default force
+C set [phase1-peer-default]:EXCHANGE_TYPE=ID_PROT force
+C add [phase1-peer-default]:Transforms=AES-192-SHA-RSA_SIG force
+C set [from-sk0-to-0.0.0.0/0]:Phase=2 force
+C set [from-sk0-to-0.0.0.0/0]:ISAKMP-peer=peer-default force
+C set [from-sk0-to-0.0.0.0/0]:Configuration=phase2-from-sk0-to-0.0.0.0/0 force
+C set [from-sk0-to-0.0.0.0/0]:Local-ID=from-sk0 force
+C set [from-sk0-to-0.0.0.0/0]:Remote-ID=to-0.0.0.0/0 force
+C set [phase2-from-sk0-to-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
+C set [phase2-from-sk0-to-0.0.0.0/0]:Suites=QM-ESP-AES-192-SHA2-256-PFS-SUITE force
+C set [from-sk0]:ID-type=IPV4_ADDR force
+C set [from-sk0]:Address=sk0 force
+C set [to-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
+C set [to-0.0.0.0/0]:Network=0.0.0.0 force
+C set [to-0.0.0.0/0]:Netmask=0.0.0.0 force
+C add [Phase 2]:Connections=from-sk0-to-0.0.0.0/0
+C set [Phase 1]:Default=peer-default force
+C set [peer-default]:Phase=1 force
+C set [peer-default]:Configuration=phase1-peer-default force
+C set [phase1-peer-default]:EXCHANGE_TYPE=ID_PROT force
+C add [phase1-peer-default]:Transforms=AES-192-SHA-RSA_SIG force
+C set [from-sk0-to-0.0.0.0/0]:Phase=2 force
+C set [from-sk0-to-0.0.0.0/0]:ISAKMP-peer=peer-default force
+C set [from-sk0-to-0.0.0.0/0]:Configuration=phase2-from-sk0-to-0.0.0.0/0 force
+C set [from-sk0-to-0.0.0.0/0]:Local-ID=from-sk0 force
+C set [from-sk0-to-0.0.0.0/0]:Remote-ID=to-0.0.0.0/0 force
+C set [phase2-from-sk0-to-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
+C set [phase2-from-sk0-to-0.0.0.0/0]:Suites=QM-ESP-AES-192-SHA2-256-PFS-SUITE force
+C set [from-sk0]:ID-type=IPV4_ADDR force
+C set [from-sk0]:Address=sk0 force
+C set [to-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
+C set [to-0.0.0.0/0]:Network=0.0.0.0 force
+C set [to-0.0.0.0/0]:Netmask=0.0.0.0 force
+C add [Phase 2]:Connections=from-sk0-to-0.0.0.0/0
+C set [Phase 1]:Default=peer-default force
+C set [peer-default]:Phase=1 force
+C set [peer-default]:Configuration=phase1-peer-default force
+C set [phase1-peer-default]:EXCHANGE_TYPE=ID_PROT force
+C add [phase1-peer-default]:Transforms=AES-256-SHA-RSA_SIG force
+C set [from-sk0-to-0.0.0.0/0]:Phase=2 force
+C set [from-sk0-to-0.0.0.0/0]:ISAKMP-peer=peer-default force
+C set [from-sk0-to-0.0.0.0/0]:Configuration=phase2-from-sk0-to-0.0.0.0/0 force
+C set [from-sk0-to-0.0.0.0/0]:Local-ID=from-sk0 force
+C set [from-sk0-to-0.0.0.0/0]:Remote-ID=to-0.0.0.0/0 force
+C set [phase2-from-sk0-to-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
+C set [phase2-from-sk0-to-0.0.0.0/0]:Suites=QM-ESP-AES-256-SHA2-256-PFS-SUITE force
+C set [from-sk0]:ID-type=IPV4_ADDR force
+C set [from-sk0]:Address=sk0 force
+C set [to-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
+C set [to-0.0.0.0/0]:Network=0.0.0.0 force
+C set [to-0.0.0.0/0]:Netmask=0.0.0.0 force
+C add [Phase 2]:Connections=from-sk0-to-0.0.0.0/0
+C set [Phase 1]:Default=peer-default force
+C set [peer-default]:Phase=1 force
+C set [peer-default]:Configuration=phase1-peer-default force
+C set [phase1-peer-default]:EXCHANGE_TYPE=ID_PROT force
+C add [phase1-peer-default]:Transforms=AES-256-SHA-RSA_SIG force
+C set [from-sk0-to-0.0.0.0/0]:Phase=2 force
+C set [from-sk0-to-0.0.0.0/0]:ISAKMP-peer=peer-default force
+C set [from-sk0-to-0.0.0.0/0]:Configuration=phase2-from-sk0-to-0.0.0.0/0 force
+C set [from-sk0-to-0.0.0.0/0]:Local-ID=from-sk0 force
+C set [from-sk0-to-0.0.0.0/0]:Remote-ID=to-0.0.0.0/0 force
+C set [phase2-from-sk0-to-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
+C set [phase2-from-sk0-to-0.0.0.0/0]:Suites=QM-ESP-AES-256-SHA2-256-PFS-SUITE force
+C set [from-sk0]:ID-type=IPV4_ADDR force
+C set [from-sk0]:Address=sk0 force
+C set [to-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
+C set [to-0.0.0.0/0]:Network=0.0.0.0 force
+C set [to-0.0.0.0/0]:Netmask=0.0.0.0 force
+C add [Phase 2]:Connections=from-sk0-to-0.0.0.0/0
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-21 08:29:14 +0000