summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2006-07-21 12:32:17 +0000
committerHans-Joerg Hoexer <hshoexer@cvs.openbsd.org>2006-07-21 12:32:17 +0000
commitce4bb9e1757fcdbf87fd91961a6a37baa04d0215 (patch)
tree834128e83c145d484fffac5377dfff316adb4873
parentf160b89f7e62a1626d93d447019216da9ddd1889 (diff)
new tests for default peer usage
-rw-r--r--regress/sbin/ipsecctl/Makefile4
-rw-r--r--regress/sbin/ipsecctl/ike48.in1
-rw-r--r--regress/sbin/ipsecctl/ike48.ok40
-rw-r--r--regress/sbin/ipsecctl/ike49.in1
-rw-r--r--regress/sbin/ipsecctl/ike49.ok20
5 files changed, 64 insertions, 2 deletions
diff --git a/regress/sbin/ipsecctl/Makefile b/regress/sbin/ipsecctl/Makefile
index c2e71e44e5b..c3e91486b0b 100644
--- a/regress/sbin/ipsecctl/Makefile
+++ b/regress/sbin/ipsecctl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.37 2006/07/21 12:30:44 hshoexer Exp $
+# $OpenBSD: Makefile,v 1.38 2006/07/21 12:32:16 hshoexer Exp $
# TARGETS
# ipsec: feed ipsecNN.in through ipsecctl and check wether the output matches
@@ -18,7 +18,7 @@ IKEFAIL=1 3 4 5
IKETESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
IKETESTS+=16 17 18 19 20 21 22 23
IKETESTS+=29 30 31 32 33 34 35 36 37 38 39 40
-IKETESTS+=41 42 43 46 47
+IKETESTS+=41 42 43 46 47 48 49
IKEDELTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
IKEDELTESTS+=16 17 18 19 20 21 22 23
diff --git a/regress/sbin/ipsecctl/ike48.in b/regress/sbin/ipsecctl/ike48.in
new file mode 100644
index 00000000000..3ff035fb482
--- /dev/null
+++ b/regress/sbin/ipsecctl/ike48.in
@@ -0,0 +1 @@
+ike from any to any psk mekmitasdigoat
diff --git a/regress/sbin/ipsecctl/ike48.ok b/regress/sbin/ipsecctl/ike48.ok
new file mode 100644
index 00000000000..625c82d2a4c
--- /dev/null
+++ b/regress/sbin/ipsecctl/ike48.ok
@@ -0,0 +1,40 @@
+C set [Phase 1]:Default=peer-default force
+C set [peer-default]:Phase=1 force
+C set [peer-default]:Authentication=mekmitasdigoat force
+C set [peer-default]:Configuration=mm-default force
+C set [mm-default]:EXCHANGE_TYPE=ID_PROT force
+C add [mm-default]:Transforms=AES-SHA force
+C set [IPsec-0.0.0.0/0-0.0.0.0/0]:Phase=2 force
+C set [IPsec-0.0.0.0/0-0.0.0.0/0]:ISAKMP-peer=peer-default force
+C set [IPsec-0.0.0.0/0-0.0.0.0/0]:Configuration=qm-0.0.0.0/0-0.0.0.0/0 force
+C set [IPsec-0.0.0.0/0-0.0.0.0/0]:Local-ID=lid-0.0.0.0/0 force
+C set [IPsec-0.0.0.0/0-0.0.0.0/0]:Remote-ID=rid-0.0.0.0/0 force
+C set [qm-0.0.0.0/0-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
+C set [qm-0.0.0.0/0-0.0.0.0/0]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force
+C set [lid-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
+C set [lid-0.0.0.0/0]:Network=0.0.0.0 force
+C set [lid-0.0.0.0/0]:Netmask=0.0.0.0 force
+C set [rid-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
+C set [rid-0.0.0.0/0]:Network=0.0.0.0 force
+C set [rid-0.0.0.0/0]:Netmask=0.0.0.0 force
+C add [Phase 2]:Connections=IPsec-0.0.0.0/0-0.0.0.0/0
+C set [Phase 1]:Default=peer-default force
+C set [peer-default]:Phase=1 force
+C set [peer-default]:Authentication=mekmitasdigoat force
+C set [peer-default]:Configuration=mm-default force
+C set [mm-default]:EXCHANGE_TYPE=ID_PROT force
+C add [mm-default]:Transforms=AES-SHA force
+C set [IPsec-::/0-::/0]:Phase=2 force
+C set [IPsec-::/0-::/0]:ISAKMP-peer=peer-default force
+C set [IPsec-::/0-::/0]:Configuration=qm-::/0-::/0 force
+C set [IPsec-::/0-::/0]:Local-ID=lid-::/0 force
+C set [IPsec-::/0-::/0]:Remote-ID=rid-::/0 force
+C set [qm-::/0-::/0]:EXCHANGE_TYPE=QUICK_MODE force
+C set [qm-::/0-::/0]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force
+C set [lid-::/0]:ID-type=IPV6_ADDR_SUBNET force
+C set [lid-::/0]:Network=:: force
+C set [lid-::/0]:Netmask=:: force
+C set [rid-::/0]:ID-type=IPV6_ADDR_SUBNET force
+C set [rid-::/0]:Network=:: force
+C set [rid-::/0]:Netmask=:: force
+C add [Phase 2]:Connections=IPsec-::/0-::/0
diff --git a/regress/sbin/ipsecctl/ike49.in b/regress/sbin/ipsecctl/ike49.in
new file mode 100644
index 00000000000..5a53d3bf8f6
--- /dev/null
+++ b/regress/sbin/ipsecctl/ike49.in
@@ -0,0 +1 @@
+ike from 10.1.1.0/24 to 10.1.2.0/24 psk mekmitasdigoat
diff --git a/regress/sbin/ipsecctl/ike49.ok b/regress/sbin/ipsecctl/ike49.ok
new file mode 100644
index 00000000000..48b43dc2f5e
--- /dev/null
+++ b/regress/sbin/ipsecctl/ike49.ok
@@ -0,0 +1,20 @@
+C set [Phase 1]:Default=peer-default force
+C set [peer-default]:Phase=1 force
+C set [peer-default]:Authentication=mekmitasdigoat force
+C set [peer-default]:Configuration=mm-default force
+C set [mm-default]:EXCHANGE_TYPE=ID_PROT force
+C add [mm-default]:Transforms=AES-SHA force
+C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Phase=2 force
+C set [IPsec-10.1.1.0/24-10.1.2.0/24]:ISAKMP-peer=peer-default force
+C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Configuration=qm-10.1.1.0/24-10.1.2.0/24 force
+C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Local-ID=lid-10.1.1.0/24 force
+C set [IPsec-10.1.1.0/24-10.1.2.0/24]:Remote-ID=rid-10.1.2.0/24 force
+C set [qm-10.1.1.0/24-10.1.2.0/24]:EXCHANGE_TYPE=QUICK_MODE force
+C set [qm-10.1.1.0/24-10.1.2.0/24]:Suites=QM-ESP-AES-SHA2-256-PFS-SUITE force
+C set [lid-10.1.1.0/24]:ID-type=IPV4_ADDR_SUBNET force
+C set [lid-10.1.1.0/24]:Network=10.1.1.0 force
+C set [lid-10.1.1.0/24]:Netmask=255.255.255.0 force
+C set [rid-10.1.2.0/24]:ID-type=IPV4_ADDR_SUBNET force
+C set [rid-10.1.2.0/24]:Network=10.1.2.0 force
+C set [rid-10.1.2.0/24]:Netmask=255.255.255.0 force
+C add [Phase 2]:Connections=IPsec-10.1.1.0/24-10.1.2.0/24