summaryrefslogtreecommitdiff
path: root/regress/sbin/iked
AgeCommit message (Collapse)Author
2022-03-15Fix build after recent IKEv2 message fragment retransmit change.Tobias Heider
Found by anton@
2022-02-23Prints in iked fuzzer fill 77% of full regress output. Nobody wantsAlexander Bluhm
to see 23.2 MB text output unless when debugging a failure. And then a logfile is better than stderr. OK claudio@
2022-02-22The fuzzer logs everything to syslog, this is not what we want.Claudio Jeker
Call log_init() and set debug but clear verbose afterwards with log_setverbose(0) still the fuzzer is very verbose. OK millert@ some time ago
2021-12-21Add test cases for intermediate cert with 'set cert_partial_chain'.Tobias Heider
2021-12-13remove a couple hundred sys/param.h includes in userland code, andTheo de Raadt
also whack some sys/cdefs.h early includes which is such a brutally bad pattern ok bluhm mbuhl
2021-12-07Add test case for authentication with locally stored peer certificates.Tobias Heider
2021-12-05Add test case for policy matching on responder with multiple policies thatTobias Heider
only differ by srcid.
2021-11-29Avoid including sys/param.h. Make a local copy of MINIMUM() in test_helper.hTobias Heider
instead, like we did elsewhere. ok bluhm@
2021-11-11Add test case for INVALID_KE in IKE_SA_INIT fallback.Tobias Heider
2021-07-10Add test case for single static address in configuration payload intobhe
addition to existing "config address" test that uses an address pool.
2021-05-28Fix build and disable dhtest for sntrup761x25519. The test assumes atobhe
symmetric KE and does not work with this method.
2021-02-15Fix invalid config error in run-psk-fail.tobhe
2021-02-04'struct group' is now called 'struct dh_group'.tobhe
2020-12-17Remove echo headlines.Alexander Bluhm
2020-11-26Fix config_add_transform and config_free_proposal.tobhe
2020-11-21Fix ikev2_nat_detection().tobhe
2020-11-18Constify sa in ikev2_pld_eap(). The parser code must not change anytobhe
sa or policy state, this should help make it clearer. ok patrick@
2020-11-10Pass correct vars to FROM and TO.tobhe
2020-11-09Add test for dynamic IP assignment via "config address" and "request address".tobhe
Use the "dynamic" keyword to see generate flows from/to dynamic address.
2020-11-08Add seperate FROM/TO variables.tobhe
2020-11-05Make sure IPsec flows are loaded with srcid/dstid attributes.tobhe
2020-11-05Add test for ASN1_DN ids with existing certs.tobhe
2020-11-03Fix dh test after recent API refactoring. Remove outdated references totobhe
EC2N while we're at it.
2020-09-21Fix test_parser crash in ikev2_pld_eap. msg->msg_parent is always set intobhe
iked, so it should also be set in the test. ok patrick@
2020-09-20Fix changed eap_parse signature.tobhe
2020-09-15Make sure variable assignments are followed by '\', otherwisetobhe
make(1) ignores them.
2020-09-13More tests for policy matching via dstid.tobhe
2020-09-13Test for failure on dstid mismatch.tobhe
2020-09-13Add run-psk-fail test to check for failure on psk mismatch.tobhe
2020-09-13Refactor config setup boilerplate to allow asymmetric test setups.tobhe
Return _ret from TEST_FLOWS to allow known-negative tests.
2020-09-10Refactor initial cleanup.tobhe
2020-09-07Add 'run-ping-fail' subtest. Make sure to clean up left over statetobhe
before running tests.
2020-08-30Allow multiple global options.tobhe
2020-08-29Add 'enforcesingleikesa' test.tobhe
2020-07-21Add pf config to block unencrypted pings.tobhe
2020-07-21Make test work with IPv6 addresses.tobhe
2020-04-09The -6 option is ignored and will be removed in the future.tobhe
2020-04-01Properly handle multiple CERTREQ payloads in CA process. Only for thetobhe
last CERTREQ a mismatch should trigger the fallback case, otherwise the following CERTREQs are ignored. ok markus@
2020-02-21Add test for IPsec transport mode. Check not only flows but also SAs,tobhe
SA modes (tunnel/transport), and flow types (IPcomp/ESP).
2020-02-17Disable name resolution in tcpdump with -n. We always compare source andtobhe
destination addresses.
2020-02-17Generate public keys for newly generated local private keys.tobhe
2020-01-17Reset udpencap_port sysctl in cleanup in case the run-udpencap-porttobhe
test fails.
2020-01-16Add test for custom udp encapsulation port with set with '-p'.tobhe
2020-01-16Link iked live test to build. To operate it needs two remoteAlexander Bluhm
machines specified in the environment. Otherwise it is skipped.
2020-01-15Add multiple altname fields and test for different subjectAltName formatstobhe
and indices.
2020-01-15Restructure certificate generation to utilize make's build deps. Add testtobhe
with multiple CAs.
2020-01-15Rename the environment variables for ssh hosts and addressesAlexander Bluhm
consistently with other tests. OK tobhe@
2020-01-15Add automated certificate generation, psk and certificate authenticationtobhe
tests and fragmentation test.
2020-01-14Add live test for simple ikev2 handshake and encrypted ping between twotobhe
remote hosts. The hosts must be specified with SSHRIGHT and SSHLEFT, the IPsec gateway IPs with the LEFTGW and RIGHTGW environment variables. ok bluhm@
2019-11-14Fix undefined symbol for ikev2_ike_sa_setreason.tobhe