diff options
author | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2006-07-21 12:32:17 +0000 |
---|---|---|
committer | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2006-07-21 12:32:17 +0000 |
commit | ce4bb9e1757fcdbf87fd91961a6a37baa04d0215 (patch) | |
tree | 834128e83c145d484fffac5377dfff316adb4873 | |
parent | f160b89f7e62a1626d93d447019216da9ddd1889 (diff) |
new tests for default peer usage
-rw-r--r-- | regress/sbin/ipsecctl/Makefile | 4 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike48.in | 1 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike48.ok | 40 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike49.in | 1 | ||||
-rw-r--r-- | regress/sbin/ipsecctl/ike49.ok | 20 |
5 files changed, 64 insertions, 2 deletions
diff --git a/regress/sbin/ipsecctl/Makefile b/regress/sbin/ipsecctl/Makefile index c2e71e44e5b..c3e91486b0b 100644 --- a/regress/sbin/ipsecctl/Makefile +++ b/regress/sbin/ipsecctl/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.37 2006/07/21 12:30:44 hshoexer Exp $ +# $OpenBSD: Makefile,v 1.38 2006/07/21 12:32:16 hshoexer Exp $ # TARGETS # ipsec: feed ipsecNN.in through ipsecctl and check wether the output matches @@ -18,7 +18,7 @@ IKEFAIL=1 3 4 5 IKETESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 IKETESTS+=16 17 18 19 20 21 22 23 IKETESTS+=29 30 31 32 33 34 35 36 37 38 39 40 -IKETESTS+=41 42 43 46 47 +IKETESTS+=41 42 43 46 47 48 49 IKEDELTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 IKEDELTESTS+=16 17 18 19 20 21 22 23 diff --git a/regress/sbin/ipsecctl/ike48.in b/regress/sbin/ipsecctl/ike48.in new file mode 100644 index 00000000000..3ff035fb482 --- /dev/null +++ b/regress/sbin/ipsecctl/ike48.in @@ -0,0 +1 @@ +ike from any to any psk mekmitasdigoat diff --git a/regress/sbin/ipsecctl/ike48.ok b/regress/sbin/ipsecctl/ike48.ok new file mode 100644 index 00000000000..625c82d2a4c --- /dev/null +++ b/regress/sbin/ipsecctl/ike48.ok @@ -0,0 +1,40 @@ +C set [Phase 1]:Default=peer-default force +C set [peer-default]:Phase=1 force +C set [peer-default]:Authentication=mekmitasdigoat force +C set [peer-default]:Configuration=mm-default force +C set [mm-default]:EXCHANGE_TYPE=ID_PROT force +C add [mm-default]:Transforms=AES-SHA force +C set [IPsec-0.0.0.0/0-0.0.0.0/0]:Phase=2 force +C set [IPsec-0.0.0.0/0-0.0.0.0/0]:ISAKMP-peer=peer-default force +C set [IPsec-0.0.0.0/0-0.0.0.0/0]:Configuration=qm-0.0.0.0/0-0.0.0.0/0 force +C set [IPsec-0.0.0.0/0-0.0.0.0/0]:Local-ID=lid-0.0.0.0/0 force +C set [IPsec-0.0.0.0/0-0.0.0.0/0]:Remote-ID=rid-0.0.0.0/0 force +C set [qm-0.0.0.0/0-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-0.0.0.0/0-0.0.0.0/0]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force +C set [lid-0.0.0.0/0]:Network=0.0.0.0 force +C set [lid-0.0.0.0/0]:Netmask=0.0.0.0 force +C set [rid-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force +C set [rid-0.0.0.0/0]:Network=0.0.0.0 force +C set [rid-0.0.0.0/0]:Netmask=0.0.0.0 force +C add [Phase 2]:Connections=IPsec-0.0.0.0/0-0.0.0.0/0 +C set [Phase 1]:Default=peer-default force +C set [peer-default]:Phase=1 force +C set [peer-default]:Authentication=mekmitasdigoat force +C set [peer-default]:Configuration=mm-default force +C set [mm-default]:EXCHANGE_TYPE=ID_PROT force +C add [mm-default]:Transforms=AES-SHA force +C set [IPsec-::/0-::/0]:Phase=2 force +C set [IPsec-::/0-::/0]:ISAKMP-peer=peer-default force +C set [IPsec-::/0-::/0]:Configuration=qm-::/0-::/0 force +C set [IPsec-::/0-::/0]:Local-ID=lid-::/0 force +C set [IPsec-::/0-::/0]:Remote-ID=rid-::/0 force +C set [qm-::/0-::/0]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-::/0-::/0]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-::/0]:ID-type=IPV6_ADDR_SUBNET force +C set [lid-::/0]:Network=:: force +C set [lid-::/0]:Netmask=:: force +C set [rid-::/0]:ID-type=IPV6_ADDR_SUBNET force +C set [rid-::/0]:Network=:: force +C set [rid-::/0]:Netmask=:: force +C add [Phase 2]:Connections=IPsec-::/0-::/0 diff --git a/regress/sbin/ipsecctl/ike49.in b/regress/sbin/ipsecctl/ike49.in new file mode 100644 index 00000000000..5a53d3bf8f6 --- /dev/null +++ b/regress/sbin/ipsecctl/ike49.in @@ -0,0 +1 @@ +ike from 10.1.1.0/24 to 10.1.2.0/24 psk mekmitasdigoat diff --git a/regress/sbin/ipsecctl/ike49.ok b/regress/sbin/ipsecctl/ike49.ok new file mode 100644 index 00000000000..48b43dc2f5e --- /dev/null +++ b/regress/sbin/ipsecctl/ike49.ok @@ -0,0 +1,20 @@ +C set [Phase 1]:Default=peer-default force +C set [peer-default]:Phase=1 force +C set [peer-default]:Authentication=mekmitasdigoat force +C set [peer-default]:Configuration=mm-default force +C set [mm-default]:EXCHANGE_TYPE=ID_PROT force +C add [mm-default]:Transforms=AES-SHA force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Phase=2 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:ISAKMP-peer=peer-default force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Configuration=qm-10.1.1.0/24-10.1.2.0/24 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Local-ID=lid-10.1.1.0/24 force +C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Remote-ID=rid-10.1.2.0/24 force +C set [qm-10.1.1.0/24-10.1.2.0/24]:EXCHANGE_TYPE=QUICK_MODE force +C set [qm-10.1.1.0/24-10.1.2.0/24]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force +C set [lid-10.1.1.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [lid-10.1.1.0/24]:Network=10.1.1.0 force +C set [lid-10.1.1.0/24]:Netmask=255.255.255.0 force +C set [rid-10.1.2.0/24]:ID-type=IPV4_ADDR_SUBNET force +C set [rid-10.1.2.0/24]:Network=10.1.2.0 force +C set [rid-10.1.2.0/24]:Netmask=255.255.255.0 force +C add [Phase 2]:Connections=IPsec-10.1.1.0/24-10.1.2.0/24 |