├── AUTHORS ├── debian ├── compat ├── strongswan.docs ├── libstrongswan.docs ├── source │ ├── format │ └── options ├── strongswan-nm.install ├── po │ └── POTFILES.in ├── charon-cmd.install ├── libstrongswan.strongswan.logcheck.violations.ignore ├── charon-systemd.install ├── strongswan-starter.links ├── watch ├── patches │ └── series └── strongswan-scepclient.install ├── testing ├── hosts │ ├── bob │ │ └── etc │ │ │ ├── hostname │ │ │ ├── ipsec.secrets │ │ │ └── ipsec.d │ │ │ └── ipsec.sql │ ├── sun │ │ └── etc │ │ │ ├── hostname │ │ │ ├── ipsec.secrets │ │ │ └── ipsec.d │ │ │ └── ipsec.sql │ ├── alice │ │ └── etc │ │ │ ├── hostname │ │ │ ├── freeradius │ │ │ └── clients.conf │ │ │ ├── raddb │ │ │ └── certs │ │ │ │ └── random │ │ │ └── ipsec.secrets │ ├── carol │ │ └── etc │ │ │ ├── hostname │ │ │ └── ipsec.secrets │ ├── dave │ │ └── etc │ │ │ ├── hostname │ │ │ ├── ipsec.secrets │ │ │ └── ipsec.d │ │ │ └── ipsec.sql │ ├── moon │ │ └── etc │ │ │ ├── hostname │ │ │ ├── ipsec.secrets │ │ │ └── ipsec.d │ │ │ └── ipsec.sql │ ├── venus │ │ └── etc │ │ │ ├── hostname │ │ │ └── ipsec.secrets │ ├── winnetou │ │ └── etc │ │ │ ├── hostname │ │ │ ├── openssl │ │ │ ├── serial │ │ │ ├── crlnumber │ │ │ ├── duck │ │ │ │ ├── serial │ │ │ │ ├── crlnumber │ │ │ │ ├── serial.old │ │ │ │ ├── index.txt.attr │ │ │ │ ├── index.txt │ │ │ │ └── .rand │ │ │ ├── serial.old │ │ │ ├── crlnumber.old │ │ │ ├── ecdsa │ │ │ │ ├── crlnumber │ │ │ │ ├── serial │ │ │ │ ├── serial.old │ │ │ │ ├── crlnumber.old │ │ │ │ ├── index.txt.attr │ │ │ │ ├── index.txt.attr.old │ │ │ │ └── .rand │ │ │ ├── monster │ │ │ │ ├── serial │ │ │ │ ├── crlnumber │ │ │ │ ├── serial.old │ │ │ │ ├── index.txt.attr │ │ │ │ ├── index.txt.attr.old │ │ │ │ └── index.txt.old │ │ │ ├── research │ │ │ │ ├── serial │ │ │ │ ├── crlnumber │ │ │ │ ├── serial.old │ │ │ │ ├── crlnumber.old │ │ │ │ ├── index.txt.attr │ │ │ │ ├── index.txt.attr.old │ │ │ │ ├── .rand │ │ │ │ └── researchCert.der │ │ │ ├── rfc3779 │ │ │ │ ├── serial │ │ │ │ ├── crlnumber │ │ │ │ ├── crlnumber.old │ │ │ │ ├── serial.old │ │ │ │ ├── index.txt.attr │ │ │ │ ├── index.txt.attr.old │ │ │ │ └── .rand │ │ │ ├── sales │ │ │ │ ├── crlnumber │ │ │ │ ├── serial │ │ │ │ ├── serial.old │ │ │ │ ├── crlnumber.old │ │ │ │ ├── index.txt.attr │ │ │ │ ├── index.txt.attr.old │ │ │ │ ├── .rand │ │ │ │ └── salesCert.der │ │ │ ├── index.txt.attr │ │ │ ├── index.txt.attr.old │ │ │ ├── strongswanCert.der │ │ │ └── bliss │ │ │ │ ├── strongswan_blissKey.der │ │ │ │ └── strongswan_blissCert.der │ │ │ └── apache2 │ │ │ ├── conf.d │ │ │ └── testresults-as-text │ │ │ └── conf-enabled │ │ │ └── testresults-as-text.conf │ └── default │ │ ├── etc │ │ ├── ld.so.conf.d │ │ │ └── strongswan.conf │ │ ├── fstab │ │ ├── strongswan.conf.testing │ │ └── ip6tables.flush │ │ └── root │ │ └── .ssh │ │ └── config ├── tests │ ├── ikev2 │ │ ├── rw-eap-sim-id-radius │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── users │ │ │ │ │ ├── eap.conf │ │ │ │ │ ├── modules │ │ │ │ │ └── sim_files │ │ │ │ │ └── proxy.conf │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-eap-sim-radius │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── users │ │ │ │ │ ├── eap.conf │ │ │ │ │ ├── modules │ │ │ │ │ └── sim_files │ │ │ │ │ └── proxy.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── mult-auth-rsa-eap-sim-id │ │ │ ├── hosts │ │ │ │ ├── alice │ │ │ │ │ └── etc │ │ │ │ │ │ └── freeradius │ │ │ │ │ │ ├── users │ │ │ │ │ │ ├── eap.conf │ │ │ │ │ │ ├── modules │ │ │ │ │ │ └── sim_files │ │ │ │ │ │ └── proxy.conf │ │ │ │ ├── dave │ │ │ │ │ └── etc │ │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── moon │ │ │ │ │ └── etc │ │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── rw-eap-sim-only-radius │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── users │ │ │ │ │ ├── eap.conf │ │ │ │ │ ├── modules │ │ │ │ │ └── sim_files │ │ │ │ │ └── proxy.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── dpd-hold │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── dpd-restart │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── rw-dnssec │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── resolv.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── resolv.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── resolv.conf │ │ │ │ └── ipsec.d │ │ │ │ └── certs │ │ │ │ └── moonPub.der │ │ ├── net2net-dnscert │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── resolv.conf │ │ │ │ └── sun │ │ │ │ └── etc │ │ │ │ └── resolv.conf │ │ ├── net2net-dnssec │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── resolv.conf │ │ │ │ └── sun │ │ │ │ └── etc │ │ │ │ └── resolv.conf │ │ ├── ocsp-root-cert │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── trap-any │ │ │ ├── hosts │ │ │ │ ├── carol │ │ │ │ │ └── etc │ │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── dave │ │ │ │ │ └── etc │ │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── moon │ │ │ │ │ └── etc │ │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── sun │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── wildcards │ │ │ └── posttest.dat │ │ ├── rw-eap-md5-radius │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── users │ │ │ │ │ ├── eap.conf │ │ │ │ │ └── proxy.conf │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-eap-tls-radius │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── users │ │ │ │ │ └── proxy.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── ocsp-no-signer-cert │ │ │ └── posttest.dat │ │ ├── ocsp-untrusted-cert │ │ │ └── posttest.dat │ │ ├── rw-eap-md5-id-radius │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── users │ │ │ │ │ ├── eap.conf │ │ │ │ │ └── proxy.conf │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-radius-accounting │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── users │ │ │ │ │ ├── eap.conf │ │ │ │ │ └── proxy.conf │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-eap-md5-id-prompt │ │ │ ├── hosts │ │ │ │ ├── carol │ │ │ │ │ └── etc │ │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── multi-level-ca-loop │ │ │ ├── posttest.dat │ │ │ └── hosts │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── multi-level-ca-pathlen │ │ │ ├── posttest.dat │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── pretest.dat │ │ ├── multi-level-ca-revoked │ │ │ ├── posttest.dat │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── pretest.dat │ │ ├── ip-two-pools-v4v6 │ │ │ └── posttest.dat │ │ ├── net2net-rsa │ │ │ └── hosts │ │ │ │ ├── sun │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── dpd-clear │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── inactivity-timeout │ │ │ └── posttest.dat │ │ ├── ip-two-pools-v4v6-db │ │ │ └── posttest.dat │ │ ├── multi-level-ca │ │ │ ├── posttest.dat │ │ │ └── hosts │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── net2net-pgp-v3 │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── sun │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── net2net-pgp-v4 │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── sun │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── net2net-pubkey │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── sun │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── redirect-active │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── alice │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-eap-dynamic │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-eap-framed-ip-radius │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── eap.conf │ │ │ │ │ └── proxy.conf │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-eap-md5-class-radius │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── eap.conf │ │ │ │ │ ├── proxy.conf │ │ │ │ │ └── users │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-ntru-bliss │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-sig-auth │ │ │ └── hosts │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── crl-revoked │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── ocsp-multi-level │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── ocsp-strict-ifuri │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── rw-eap-peap-radius │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── users │ │ │ │ │ └── proxy.conf │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-eap-ttls-radius │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── users │ │ │ │ │ └── proxy.conf │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── crl-from-cache │ │ │ └── posttest.dat │ │ ├── crl-to-cache │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── multi-level-ca-cr-init │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── multi-level-ca-cr-resp │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── multi-level-ca-ldap │ │ │ └── hosts │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── multi-level-ca-strict │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── ocsp-revoked │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── ocsp-signer-cert │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── ocsp-timeouts-good │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── ocsp-timeouts-unknown │ │ │ └── posttest.dat │ │ ├── rw-eap-tls-fragments │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── reauth-mbb-revoked │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── rw-pkcs8 │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── net2net-pkcs12 │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── sun │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── ocsp-local-cert │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── rw-eap-aka-id-rsa │ │ │ ├── hosts │ │ │ │ ├── carol │ │ │ │ │ └── etc │ │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── rw-eap-md5-rsa │ │ │ ├── hosts │ │ │ │ ├── carol │ │ │ │ │ └── etc │ │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── rw-eap-peap-md5 │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-eap-ttls-only │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── dynamic-initiator │ │ │ └── hosts │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-eap-mschapv2-id-rsa │ │ │ ├── hosts │ │ │ │ ├── carol │ │ │ │ │ └── etc │ │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── rw-eap-peap-mschapv2 │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-psk-ipv4 │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-eap-aka-rsa │ │ │ ├── hosts │ │ │ │ ├── carol │ │ │ │ │ └── etc │ │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── compress │ │ │ └── posttest.dat │ │ ├── host2host-ah │ │ │ └── posttest.dat │ │ ├── nat-rw-psk │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── venus │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── net2net-ah │ │ │ └── posttest.dat │ │ ├── net2net-psk │ │ │ └── posttest.dat │ │ ├── rw-eap-ttls-phase2-piggyback │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-psk-fqdn │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-psk-no-idr │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── alg-3des-md5 │ │ │ └── posttest.dat │ │ ├── alg-aes-ccm │ │ │ └── posttest.dat │ │ ├── alg-aes-ctr │ │ │ └── posttest.dat │ │ ├── alg-aes-gcm │ │ │ └── posttest.dat │ │ ├── alg-aes-xcbc │ │ │ └── posttest.dat │ │ ├── alg-sha256-96 │ │ │ └── posttest.dat │ │ ├── alg-sha256 │ │ │ └── posttest.dat │ │ ├── alg-sha384 │ │ │ └── posttest.dat │ │ ├── alg-sha512 │ │ │ └── posttest.dat │ │ ├── esp-alg-null │ │ │ └── posttest.dat │ │ ├── host2host-cert │ │ │ └── posttest.dat │ │ ├── host2host-swapped │ │ │ └── posttest.dat │ │ ├── net2net-cert │ │ │ └── posttest.dat │ │ ├── net2net-esn │ │ │ └── posttest.dat │ │ ├── net2net-psk-fail │ │ │ └── posttest.dat │ │ ├── net2net-route │ │ │ └── posttest.dat │ │ ├── net2net-start │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── reauth-early │ │ │ └── posttest.dat │ │ ├── reauth-late │ │ │ └── posttest.dat │ │ ├── reauth-mbb │ │ │ └── posttest.dat │ │ ├── rw-psk-rsa-mixed │ │ │ └── hosts │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-psk-rsa-split │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── strong-keys-certs │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── after-2038-certs │ │ │ └── posttest.dat │ │ ├── esp-alg-aes-gmac │ │ │ └── posttest.dat │ │ ├── esp-alg-md5-128 │ │ │ └── posttest.dat │ │ ├── esp-alg-sha1-160 │ │ │ └── posttest.dat │ │ ├── host2host-transport │ │ │ └── posttest.dat │ │ ├── net2net-cert-sha2 │ │ │ └── posttest.dat │ │ ├── net2net-ntru-cert │ │ │ └── posttest.dat │ │ ├── net2net-rfc3779 │ │ │ └── posttest.dat │ │ ├── protoport-dual │ │ │ └── posttest.dat │ │ ├── protoport-route │ │ │ └── posttest.dat │ │ ├── rw-eap-sim-rsa │ │ │ └── posttest.dat │ │ ├── rw-eap-tls-only │ │ │ └── posttest.dat │ │ ├── alg-chacha20poly1305 │ │ │ └── posttest.dat │ │ ├── critical-extension │ │ │ └── posttest.dat │ │ ├── net2net-fragmentation │ │ │ └── posttest.dat │ │ ├── net2net-ntru-bandwidth │ │ │ └── posttest.dat │ │ ├── reauth-mbb-virtual-ip │ │ │ └── posttest.dat │ │ ├── shunt-policies-nat-rw │ │ │ └── posttest.dat │ │ ├── two-certs │ │ │ └── hosts │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── ip-split-pools-db │ │ │ └── posttest.dat │ │ ├── net2net-psk-dscp │ │ │ └── hosts │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ └── mobike-nat │ │ │ └── posttest.dat │ ├── tnc │ │ ├── tnccs-11-fhh │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── tnc │ │ │ │ │ └── dummyimc.file │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── tnc │ │ │ │ │ └── dummyimv.policy │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── tnc │ │ │ │ └── dummyimc.file │ │ ├── tnccs-20-fhh │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── tnc │ │ │ │ │ └── dummyimc.file │ │ │ │ │ └── tnc_config │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ ├── tnc │ │ │ │ │ └── dummyimv.policy │ │ │ │ │ └── tnc_config │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ ├── tnc │ │ │ │ └── dummyimc.file │ │ │ │ └── tnc_config │ │ ├── tnccs-20-hcd-eap │ │ │ └── hosts │ │ │ │ └── alice │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ └── tnc_config │ │ ├── tnccs-20-mutual-pt-tls │ │ │ ├── hosts │ │ │ │ ├── sun │ │ │ │ │ └── etc │ │ │ │ │ │ └── swantcl │ │ │ │ │ │ └── swanctl.conf │ │ │ │ └── moon │ │ │ │ │ └── etc │ │ │ │ │ └── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── tnccs-20-pdp-eap │ │ │ └── hosts │ │ │ │ └── alice │ │ │ │ └── etc │ │ │ │ └── apache2 │ │ │ │ └── sites-available │ │ │ │ └── default │ │ ├── tnccs-20-pdp-pt-tls │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ └── strongswan.conf │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ ├── apache2 │ │ │ │ │ └── sites-available │ │ │ │ │ │ └── default │ │ │ │ │ └── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ └── ipsec.sql │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── swanctl │ │ │ │ └── swanctl.conf │ │ ├── tnccs-11-supplicant │ │ │ ├── hosts │ │ │ │ ├── carol │ │ │ │ │ └── etc │ │ │ │ │ │ └── swanctl │ │ │ │ │ │ └── swanctl.conf │ │ │ │ ├── dave │ │ │ │ │ └── etc │ │ │ │ │ │ └── swanctl │ │ │ │ │ │ └── swanctl.conf │ │ │ │ └── alice │ │ │ │ │ └── etc │ │ │ │ │ └── freeradius │ │ │ │ │ ├── users │ │ │ │ │ └── proxy.conf │ │ │ └── evaltest.dat │ │ ├── tnccs-11-radius │ │ │ └── hosts │ │ │ │ └── alice │ │ │ │ └── etc │ │ │ │ └── freeradius │ │ │ │ ├── users │ │ │ │ └── proxy.conf │ │ ├── tnccs-11-radius-block │ │ │ └── hosts │ │ │ │ └── alice │ │ │ │ └── etc │ │ │ │ └── freeradius │ │ │ │ ├── users │ │ │ │ └── proxy.conf │ │ ├── tnccs-11-radius-pts │ │ │ └── hosts │ │ │ │ └── alice │ │ │ │ └── etc │ │ │ │ └── freeradius │ │ │ │ ├── users │ │ │ │ └── proxy.conf │ │ ├── tnccs-20-os │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── tnc_config │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── tnc_config │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── tnc_config │ │ ├── tnccs-20-fail-init │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── tnc_config │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── tnc_config │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── tnc_config │ │ ├── tnccs-20-fail-resp │ │ │ ├── hosts │ │ │ │ ├── carol │ │ │ │ │ └── etc │ │ │ │ │ │ └── tnc_config │ │ │ │ └── moon │ │ │ │ │ └── etc │ │ │ │ │ └── tnc_config │ │ │ └── posttest.dat │ │ ├── tnccs-20-pts │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── tnc_config │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── .strongswan.conf.swp │ │ ├── tnccs-20-mutual-eap │ │ │ └── posttest.dat │ │ └── tnccs-20-mutual-eap-fail │ │ │ └── posttest.dat │ ├── swanctl │ │ ├── mult-auth-rsa-eap-sim-id │ │ │ └── hosts │ │ │ │ └── alice │ │ │ │ └── etc │ │ │ │ └── freeradius │ │ │ │ ├── users │ │ │ │ ├── eap.conf │ │ │ │ ├── modules │ │ │ │ └── sim_files │ │ │ │ └── proxy.conf │ │ └── rw-dnssec │ │ │ └── hosts │ │ │ ├── dave │ │ │ └── etc │ │ │ │ └── resolv.conf │ │ │ ├── moon │ │ │ └── etc │ │ │ │ └── resolv.conf │ │ │ └── carol │ │ │ └── etc │ │ │ └── resolv.conf │ ├── ikev1 │ │ ├── compress │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── dpd-restart │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── esp-alg-aes-xcbc │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── rw-cert-unity │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── xauth-rsa-radius │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ ├── freeradius │ │ │ │ │ ├── users │ │ │ │ │ ├── eap.conf │ │ │ │ │ └── proxy.conf │ │ │ │ │ └── strongswan.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── xauth-rsa-eap-md5-radius │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ ├── freeradius │ │ │ │ │ ├── users │ │ │ │ │ ├── eap.conf │ │ │ │ │ └── proxy.conf │ │ │ │ │ └── strongswan.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── dpd-clear │ │ │ ├── posttest.dat │ │ │ └── pretest.dat │ │ ├── multi-level-ca │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── multi-level-ca-cr-init │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── multi-level-ca-cr-resp │ │ │ ├── hosts │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── xauth-id-rsa-hybrid │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── dynamic-initiator │ │ │ └── hosts │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── dynamic-responder │ │ │ └── hosts │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-psk-ipv4 │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── host2host-ah │ │ │ └── posttest.dat │ │ ├── net2net-ah │ │ │ └── posttest.dat │ │ ├── net2net-psk │ │ │ └── posttest.dat │ │ ├── rw-psk-fqdn │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── alg-3des-md5 │ │ │ └── posttest.dat │ │ ├── alg-sha256 │ │ │ └── posttest.dat │ │ ├── alg-sha384 │ │ │ └── posttest.dat │ │ ├── alg-sha512 │ │ │ └── posttest.dat │ │ ├── esp-alg-null │ │ │ └── posttest.dat │ │ ├── host2host-cert │ │ │ └── posttest.dat │ │ ├── net2net-cert │ │ │ └── posttest.dat │ │ ├── net2net-esn │ │ │ └── posttest.dat │ │ ├── net2net-psk-fail │ │ │ └── posttest.dat │ │ ├── rw-psk-aggressive │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── xauth-id-rsa-config │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── esp-alg-aes-ccm │ │ │ └── posttest.dat │ │ ├── esp-alg-aes-ctr │ │ │ └── posttest.dat │ │ ├── esp-alg-aes-gcm │ │ │ └── posttest.dat │ │ ├── esp-alg-aes-gmac │ │ │ └── posttest.dat │ │ ├── host2host-transport │ │ │ └── posttest.dat │ │ ├── net2net-ntru-cert │ │ │ └── posttest.dat │ │ ├── protoport-dual │ │ │ └── posttest.dat │ │ ├── xauth-id-rsa-aggressive │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── xauth-rsa │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── net2net-fragmentation │ │ │ └── posttest.dat │ │ └── xauth-id-psk-config │ │ │ └── hosts │ │ │ └── dave │ │ │ └── etc │ │ │ └── ipsec.secrets │ ├── ike │ │ ├── rw-cert │ │ │ └── posttest.dat │ │ └── rw_v1-net_v2 │ │ │ └── posttest.dat │ ├── gcrypt-ikev1 │ │ ├── alg-serpent │ │ │ └── posttest.dat │ │ └── alg-twofish │ │ │ └── posttest.dat │ ├── sql │ │ ├── ip-pool-db │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── net2net-psk │ │ │ └── hosts │ │ │ │ ├── sun │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── rw-cert │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── rw-rsa │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── multi-level-ca │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ └── ipsec.secrets │ │ ├── net2net-cert │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── sun │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── rw-eap-aka-rsa │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── rw-psk-ipv4 │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── rw-psk-ipv6 │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── rw-rsa-keyid │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── ip-pool-db-expired │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── ip-pool-db-restart │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── ip-split-pools-db │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── net2net-route-pem │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── sun │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── net2net-start-pem │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── sun │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── rw-psk-rsa-split │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ ├── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ │ ├── ipsec.secrets │ │ │ │ │ └── ipsec.conf │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ ├── shunt-policies-nat-rw │ │ │ └── hosts │ │ │ │ ├── sun │ │ │ │ └── etc │ │ │ │ │ └── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── swanctl │ │ │ │ │ └── swanctl.conf │ │ │ │ └── venus │ │ │ │ └── etc │ │ │ │ └── swanctl │ │ │ │ └── swanctl.conf │ │ └── ip-split-pools-db-restart │ │ │ └── hosts │ │ │ ├── dave │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ │ ├── moon │ │ │ └── etc │ │ │ │ ├── swanctl │ │ │ │ └── swanctl.conf │ │ │ │ ├── ipsec.secrets │ │ │ │ └── ipsec.conf │ │ │ └── carol │ │ │ └── etc │ │ │ ├── swanctl │ │ │ └── swanctl.conf │ │ │ ├── ipsec.secrets │ │ │ └── ipsec.conf │ ├── ha │ │ ├── both-active │ │ │ └── hosts │ │ │ │ ├── alice │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ └── active-passive │ │ │ └── hosts │ │ │ ├── alice │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ │ └── moon │ │ │ └── etc │ │ │ └── ipsec.secrets │ ├── libipsec │ │ ├── rw-suite-b │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── net2net-3des │ │ │ └── posttest.dat │ │ ├── net2net-cert │ │ │ └── posttest.dat │ │ └── net2net-null │ │ │ └── posttest.dat │ ├── ipv6 │ │ ├── rw-rfc3779-ikev2 │ │ │ └── hosts │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-psk-ikev1 │ │ │ └── hosts │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ └── rw-psk-ikev2 │ │ │ └── hosts │ │ │ ├── carol │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ │ └── dave │ │ │ └── etc │ │ │ └── ipsec.secrets │ ├── openssl-ikev2 │ │ ├── net2net-pgp-v3 │ │ │ └── hosts │ │ │ │ ├── sun │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── ecdsa-certs │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── ecdsa-pkcs8 │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── carol │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── dave │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-eap-tls-only │ │ │ ├── hosts │ │ │ │ ├── moon │ │ │ │ │ └── etc │ │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ └── posttest.dat │ │ ├── rw-suite-b-128 │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── rw-suite-b-192 │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── net2net-pkcs12 │ │ │ └── hosts │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── sun │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ ├── alg-camellia │ │ │ └── posttest.dat │ │ └── critical-extension │ │ │ └── posttest.dat │ ├── openssl-ikev1 │ │ ├── ecdsa-certs │ │ │ └── hosts │ │ │ │ ├── dave │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ ├── moon │ │ │ │ └── etc │ │ │ │ │ └── ipsec.secrets │ │ │ │ └── carol │ │ │ │ └── etc │ │ │ │ └── ipsec.secrets │ │ └── alg-camellia │ │ │ └── posttest.dat │ ├── pfkey │ │ ├── compress │ │ │ └── posttest.dat │ │ ├── alg-aes-xcbc │ │ │ └── posttest.dat │ │ ├── alg-sha384 │ │ │ └── posttest.dat │ │ ├── alg-sha512 │ │ │ └── posttest.dat │ │ ├── esp-alg-null │ │ │ └── posttest.dat │ │ ├── net2net-route │ │ │ └── posttest.dat │ │ ├── host2host-transport │ │ │ └── posttest.dat │ │ ├── protoport-dual │ │ │ └── posttest.dat │ │ ├── protoport-route │ │ │ └── posttest.dat │ │ └── shunt-policies-nat-rw │ │ │ └── posttest.dat │ ├── gcrypt-ikev2 │ │ └── alg-camellia │ │ │ └── posttest.dat │ └── tkm │ │ ├── multiple-clients │ │ └── hosts │ │ │ └── sun │ │ │ └── etc │ │ │ ├── tkm │ │ │ ├── sunKey.der │ │ │ └── strongswanCert.der │ │ │ └── strongswan.conf │ │ ├── net2net-initiator │ │ ├── hosts │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── tkm │ │ │ │ └── moonKey.der │ │ │ │ └── strongswan.conf │ │ └── posttest.dat │ │ ├── net2net-xfrmproxy │ │ └── hosts │ │ │ └── moon │ │ │ └── etc │ │ │ ├── tkm │ │ │ └── moonKey.der │ │ │ └── strongswan.conf │ │ ├── xfrmproxy-expire │ │ └── hosts │ │ │ └── moon │ │ │ └── etc │ │ │ ├── tkm │ │ │ └── moonKey.der │ │ │ └── strongswan.conf │ │ ├── host2host-initiator │ │ ├── hosts │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── tkm │ │ │ │ └── moonKey.der │ │ │ │ └── strongswan.conf │ │ └── posttest.dat │ │ ├── host2host-responder │ │ ├── hosts │ │ │ └── moon │ │ │ │ └── etc │ │ │ │ ├── tkm │ │ │ │ └── moonKey.der │ │ │ │ └── strongswan.conf │ │ └── posttest.dat │ │ └── host2host-xfrmproxy │ │ └── hosts │ │ └── moon │ │ └── etc │ │ ├── tkm │ │ └── moonKey.der │ │ └── strongswan.conf ├── images │ ├── a-m-c.png │ ├── m-c-w.png │ ├── m-w-s.png │ ├── a-m-c-w.png │ ├── a-m-c-w-d.png │ ├── a-m-w-s-b.png │ ├── m-w-s-ip6.png │ ├── a-m-c-w-d-s.png │ ├── a-m-c-w-ip6.png │ ├── a-v-m-c-w-d.png │ ├── a-v-m-w-s-b.png │ ├── a-m-c-w-d-ip6.png │ ├── a-m-c-w-s-b-med.png │ ├── a-m-w-s-b-ip6.png │ ├── a-v-m-c-w-med.png │ ├── a-m-w-s-b-ip4-in-ip6.png │ ├── a-m-w-s-b-ip6-in-ip4.png │ ├── umlArchitecture_large.png │ └── umlArchitecture_small.png └── Makefile.am ├── src ├── charon-tkm │ ├── src │ │ └── tkm │ │ │ └── .gitignore │ └── tests │ │ └── .gitignore ├── libcharon │ └── plugins │ │ ├── vici │ │ └── python │ │ │ ├── vici │ │ │ ├── test │ │ │ │ └── __init__.py │ │ │ └── __init__.py │ │ │ └── MANIFEST.in │ │ └── maemo │ │ └── org.strongswan.charon.service.in ├── manager │ └── templates │ │ ├── footer.cs │ │ ├── error.cs │ │ └── static │ │ ├── close.png │ │ ├── pipe.png │ │ ├── router.png │ │ ├── initiate.png │ │ ├── pipe-bad.png │ │ ├── client-left.png │ │ ├── pipe-good.png │ │ ├── pipe-thin.png │ │ ├── strongswan.png │ │ ├── client-right.png │ │ ├── gateway-left.png │ │ ├── gateway-right.png │ │ ├── pipe-thin-green.png │ │ ├── pipe-thin-left.png │ │ ├── pipe-thin-right.png │ │ ├── pipe-thin-left-green.png │ │ └── pipe-thin-right-green.png ├── medsrv │ └── templates │ │ ├── footer.cs │ │ └── static │ │ ├── favicon.ico │ │ └── strongswan.png ├── dumm │ └── ext │ │ └── README ├── include │ └── Makefile.am └── swanctl │ └── swanctl.conf.5.tail.in ├── .gitignore ├── conf ├── options │ ├── swanctl.opt │ ├── pki.opt │ ├── aikgen.opt │ ├── scepclient.opt │ ├── tnc.opt │ ├── pki.conf │ ├── swanctl.conf │ ├── aikgen.conf │ ├── scepclient.conf │ ├── tnc.conf │ └── starter.opt ├── plugins │ ├── eap-aka-3ggp2.opt │ ├── eap-aka.opt │ ├── eap-sim.opt │ ├── imv-test.opt │ ├── led.opt │ ├── dnscert.opt │ ├── ipseckey.opt │ ├── android_log.opt │ ├── eap-gtc.opt │ ├── vici.opt │ ├── eap-simaka-sql.opt │ ├── imc-scanner.opt │ ├── imv-os.opt │ ├── imv-scanner.opt │ ├── lookip.opt │ ├── bliss.opt │ ├── tnccs-11.opt │ ├── error-notify.opt │ ├── gcrypt.opt │ ├── xauth-eap.opt │ ├── osx-attr.opt │ ├── kernel-pfroute.opt │ ├── imc-hcd.conf │ ├── imc-os.conf │ ├── imc-swid.conf │ ├── imc-test.conf │ ├── imv-os.conf │ ├── imv-swid.conf │ ├── imv-test.conf │ ├── tnc-imc.opt │ ├── imc-scanner.conf │ ├── imv-scanner.conf │ ├── imc-attestation.conf │ └── imv-attestation.conf ├── default.opt └── default.conf ├── man └── Makefile.am └── ChangeLog /AUTHORS: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /debian/compat: -------------------------------------------------------------------------------- 1 | 9 2 | -------------------------------------------------------------------------------- /debian/strongswan.docs: -------------------------------------------------------------------------------- 1 | README 2 | -------------------------------------------------------------------------------- /debian/libstrongswan.docs: -------------------------------------------------------------------------------- 1 | README 2 | -------------------------------------------------------------------------------- /debian/source/format: -------------------------------------------------------------------------------- 1 | 3.0 (quilt) 2 | -------------------------------------------------------------------------------- /testing/hosts/bob/etc/hostname: -------------------------------------------------------------------------------- 1 | bob 2 | -------------------------------------------------------------------------------- /testing/hosts/sun/etc/hostname: -------------------------------------------------------------------------------- 1 | sun 2 | -------------------------------------------------------------------------------- /src/charon-tkm/src/tkm/.gitignore: -------------------------------------------------------------------------------- 1 | obj 2 | -------------------------------------------------------------------------------- /testing/hosts/alice/etc/hostname: -------------------------------------------------------------------------------- 1 | alice 2 | -------------------------------------------------------------------------------- /testing/hosts/carol/etc/hostname: -------------------------------------------------------------------------------- 1 | carol 2 | -------------------------------------------------------------------------------- /testing/hosts/dave/etc/hostname: -------------------------------------------------------------------------------- 1 | dave 2 | -------------------------------------------------------------------------------- /testing/hosts/moon/etc/hostname: -------------------------------------------------------------------------------- 1 | moon 2 | -------------------------------------------------------------------------------- /testing/hosts/venus/etc/hostname: -------------------------------------------------------------------------------- 1 | venus 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *~ 2 | *.old 3 | *.orig 4 | *.rej 5 | -------------------------------------------------------------------------------- /src/charon-tkm/tests/.gitignore: -------------------------------------------------------------------------------- 1 | test_runner 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/hostname: -------------------------------------------------------------------------------- 1 | winnetou 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/serial: -------------------------------------------------------------------------------- 1 | 35 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/crlnumber: -------------------------------------------------------------------------------- 1 | 05 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/duck/serial: -------------------------------------------------------------------------------- 1 | 02 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/serial.old: -------------------------------------------------------------------------------- 1 | 34 2 | -------------------------------------------------------------------------------- /debian/strongswan-nm.install: -------------------------------------------------------------------------------- 1 | usr/lib/ipsec/charon-nm 2 | -------------------------------------------------------------------------------- /src/libcharon/plugins/vici/python/vici/test/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/crlnumber.old: -------------------------------------------------------------------------------- 1 | 04 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/duck/crlnumber: -------------------------------------------------------------------------------- 1 | 01 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/duck/serial.old: -------------------------------------------------------------------------------- 1 | 01 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber: -------------------------------------------------------------------------------- 1 | 04 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/ecdsa/serial: -------------------------------------------------------------------------------- 1 | 0E 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/ecdsa/serial.old: -------------------------------------------------------------------------------- 1 | 06 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/monster/serial: -------------------------------------------------------------------------------- 1 | 03 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/research/serial: -------------------------------------------------------------------------------- 1 | 0D 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/rfc3779/serial: -------------------------------------------------------------------------------- 1 | 09 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/sales/crlnumber: -------------------------------------------------------------------------------- 1 | 05 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/sales/serial: -------------------------------------------------------------------------------- 1 | 0B 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/sales/serial.old: -------------------------------------------------------------------------------- 1 | 0A 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/ecdsa/crlnumber.old: -------------------------------------------------------------------------------- 1 | 03 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/monster/crlnumber: -------------------------------------------------------------------------------- 1 | 05 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/monster/serial.old: -------------------------------------------------------------------------------- 1 | 02 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/research/crlnumber: -------------------------------------------------------------------------------- 1 | 03 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/research/serial.old: -------------------------------------------------------------------------------- 1 | 0C 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber: -------------------------------------------------------------------------------- 1 | 03 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/rfc3779/crlnumber.old: -------------------------------------------------------------------------------- 1 | 02 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/rfc3779/serial.old: -------------------------------------------------------------------------------- 1 | 08 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/sales/crlnumber.old: -------------------------------------------------------------------------------- 1 | O4 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/research/crlnumber.old: -------------------------------------------------------------------------------- 1 | 02 2 | -------------------------------------------------------------------------------- /conf/options/swanctl.opt: -------------------------------------------------------------------------------- 1 | swanctl.load = 2 | Plugins to load in swanctl. -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/index.txt.attr: -------------------------------------------------------------------------------- 1 | unique_subject = no 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-fhh/hosts/dave/etc/tnc/dummyimc.file: -------------------------------------------------------------------------------- 1 | isolate -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-fhh/hosts/moon/etc/tnc/dummyimv.policy: -------------------------------------------------------------------------------- 1 | 1 2 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fhh/hosts/dave/etc/tnc/dummyimc.file: -------------------------------------------------------------------------------- 1 | isolate -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fhh/hosts/moon/etc/tnc/dummyimv.policy: -------------------------------------------------------------------------------- 1 | 1 2 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-hcd-eap/hosts/alice/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /conf/options/pki.opt: -------------------------------------------------------------------------------- 1 | pki.load = 2 | Plugins to load in ipsec pki tool. 3 | -------------------------------------------------------------------------------- /conf/plugins/eap-aka-3ggp2.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.eap-aka-3ggp2.seq_check = 2 | -------------------------------------------------------------------------------- /conf/plugins/eap-aka.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.eap-aka.request_identity = yes 2 | -------------------------------------------------------------------------------- /conf/plugins/eap-sim.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.eap-sim.request_identity = yes 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/index.txt.attr.old: -------------------------------------------------------------------------------- 1 | unique_subject = no 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-fhh/hosts/carol/etc/tnc/dummyimc.file: -------------------------------------------------------------------------------- 1 | allow 2 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fhh/hosts/carol/etc/tnc/dummyimc.file: -------------------------------------------------------------------------------- 1 | allow 2 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-mutual-pt-tls/hosts/sun/etc/swantcl/swanctl.conf: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /debian/po/POTFILES.in: -------------------------------------------------------------------------------- 1 | [type: gettext/rfc822deb] strongswan-starter.templates 2 | -------------------------------------------------------------------------------- /src/libcharon/plugins/vici/python/vici/__init__.py: -------------------------------------------------------------------------------- 1 | from .session import Session 2 | -------------------------------------------------------------------------------- /testing/hosts/default/etc/ld.so.conf.d/strongswan.conf: -------------------------------------------------------------------------------- 1 | /usr/local/lib/ipsec 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/duck/index.txt.attr: -------------------------------------------------------------------------------- 1 | unique_subject = yes 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr: -------------------------------------------------------------------------------- 1 | unique_subject = no 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/ecdsa/index.txt.attr.old: -------------------------------------------------------------------------------- 1 | unique_subject = no 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/monster/index.txt.attr: -------------------------------------------------------------------------------- 1 | unique_subject = no 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/research/index.txt.attr: -------------------------------------------------------------------------------- 1 | unique_subject = yes 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr: -------------------------------------------------------------------------------- 1 | unique_subject = yes 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/sales/index.txt.attr: -------------------------------------------------------------------------------- 1 | unique_subject = yes 2 | -------------------------------------------------------------------------------- /testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-mutual-pt-tls/posttest.dat: -------------------------------------------------------------------------------- 1 | sun::service charon stop 2 | -------------------------------------------------------------------------------- /conf/options/aikgen.opt: -------------------------------------------------------------------------------- 1 | aikgen.load = 2 | Plugins to load in ipsec aikgen tool. 3 | -------------------------------------------------------------------------------- /debian/charon-cmd.install: -------------------------------------------------------------------------------- 1 | usr/sbin/charon-cmd 2 | usr/share/man/man8/charon-cmd.8 3 | -------------------------------------------------------------------------------- /src/libcharon/plugins/vici/python/MANIFEST.in: -------------------------------------------------------------------------------- 1 | include LICENSE 2 | include README.rst 3 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/monster/index.txt.attr.old: -------------------------------------------------------------------------------- 1 | unique_subject = yes 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/research/index.txt.attr.old: -------------------------------------------------------------------------------- 1 | unique_subject = yes 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/rfc3779/index.txt.attr.old: -------------------------------------------------------------------------------- 1 | unique_subject = yes 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/sales/index.txt.attr.old: -------------------------------------------------------------------------------- 1 | unique_subject = yes 2 | -------------------------------------------------------------------------------- /testing/tests/ikev1/compress/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | -------------------------------------------------------------------------------- /testing/tests/ikev1/dpd-restart/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | -------------------------------------------------------------------------------- /testing/tests/ikev2/dpd-hold/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | -------------------------------------------------------------------------------- /testing/tests/ikev2/dpd-restart/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-dnssec/hosts/carol/etc/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver PH_IP_WINNETOU 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-dnssec/hosts/dave/etc/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver PH_IP_WINNETOU 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-dnssec/hosts/moon/etc/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver PH_IP_WINNETOU 2 | -------------------------------------------------------------------------------- /testing/tests/swanctl/rw-dnssec/hosts/dave/etc/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver PH_IP_WINNETOU 2 | -------------------------------------------------------------------------------- /testing/tests/swanctl/rw-dnssec/hosts/moon/etc/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver PH_IP_WINNETOU 2 | -------------------------------------------------------------------------------- /debian/source/options: -------------------------------------------------------------------------------- 1 | extend-diff-ignore = "(^|/)(config\.sub|config\.guess|Makefile)$" 2 | -------------------------------------------------------------------------------- /src/manager/templates/footer.cs: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | -------------------------------------------------------------------------------- /src/medsrv/templates/footer.cs: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/esp-alg-aes-xcbc/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | -------------------------------------------------------------------------------- /testing/tests/ikev1/rw-cert-unity/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-dnscert/hosts/moon/etc/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver PH_IP_WINNETOU 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-dnscert/hosts/sun/etc/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver PH_IP_WINNETOU 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-dnssec/hosts/moon/etc/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver PH_IP_WINNETOU 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-dnssec/hosts/sun/etc/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver PH_IP_WINNETOU 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-root-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | -------------------------------------------------------------------------------- /testing/tests/swanctl/rw-dnssec/hosts/carol/etc/resolv.conf: -------------------------------------------------------------------------------- 1 | nameserver PH_IP_WINNETOU 2 | -------------------------------------------------------------------------------- /conf/options/scepclient.opt: -------------------------------------------------------------------------------- 1 | scepclient.load = 2 | Plugins to load in ipsec scepclient tool. 3 | -------------------------------------------------------------------------------- /debian/libstrongswan.strongswan.logcheck.violations.ignore: -------------------------------------------------------------------------------- 1 | ipsec_setup: KLIPS debug `none' 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/trap-any/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL -------------------------------------------------------------------------------- /testing/tests/ikev2/trap-any/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL -------------------------------------------------------------------------------- /testing/tests/ikev2/trap-any/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL -------------------------------------------------------------------------------- /testing/tests/ikev2/trap-any/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL -------------------------------------------------------------------------------- /conf/options/tnc.opt: -------------------------------------------------------------------------------- 1 | charon.tnc.tnc_config = /etc/tnc_config 2 | TNC IMC/IMV configuration file. 3 | -------------------------------------------------------------------------------- /conf/plugins/imv-test.opt: -------------------------------------------------------------------------------- 1 | libimcv.plugins.imv-test.rounds = 0 2 | Number of IMC-IMV retry rounds. 3 | -------------------------------------------------------------------------------- /conf/plugins/led.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.led.activity_led = 2 | 3 | charon.plugins.led.blink_time = 50 4 | -------------------------------------------------------------------------------- /testing/tests/ike/rw-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | -------------------------------------------------------------------------------- /conf/plugins/dnscert.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.dnscert.enable = no 2 | Enable fetching of CERT RRs via DNS. 3 | -------------------------------------------------------------------------------- /debian/charon-systemd.install: -------------------------------------------------------------------------------- 1 | lib/systemd/system/strongswan-swanctl.service 2 | usr/sbin/charon-systemd 3 | -------------------------------------------------------------------------------- /debian/strongswan-starter.links: -------------------------------------------------------------------------------- 1 | lib/systemd/system/strongswan.service lib/systemd/system/ipsec.service 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/apache2/conf.d/testresults-as-text: -------------------------------------------------------------------------------- 1 | AddType text/plain .iptables .log .sql 2 | -------------------------------------------------------------------------------- /testing/tests/ike/rw_v1-net_v2/posttest.dat: -------------------------------------------------------------------------------- 1 | carol::ipsec stop 2 | moon::ipsec stop 3 | sun::ipsec stop 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/wildcards/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | -------------------------------------------------------------------------------- /conf/plugins/ipseckey.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.ipseckey.enable = no 2 | Enable fetching of IPSECKEY RRs via DNS. 3 | -------------------------------------------------------------------------------- /testing/hosts/default/root/.ssh/config: -------------------------------------------------------------------------------- 1 | Host * 2 | StrictHostKeyChecking no 3 | UserKnownHostsFile /dev/null 4 | -------------------------------------------------------------------------------- /testing/tests/gcrypt-ikev1/alg-serpent/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::service charon stop 2 | carol::service charon stop 3 | -------------------------------------------------------------------------------- /testing/tests/gcrypt-ikev1/alg-twofish/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::service charon stop 2 | carol::service charon stop 3 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "4iChxLT3" 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "Ar3etTnp" 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "Ar3etTnp" 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-psk/hosts/sun/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-cert/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-cert/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-cert/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /conf/options/pki.conf: -------------------------------------------------------------------------------- 1 | pki { 2 | 3 | # Plugins to load in ipsec pki tool. 4 | # load = 5 | 6 | } 7 | 8 | -------------------------------------------------------------------------------- /conf/options/swanctl.conf: -------------------------------------------------------------------------------- 1 | swanctl { 2 | 3 | # Plugins to load in swanctl. 4 | # load = 5 | 6 | } 7 | 8 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/apache2/conf-enabled/testresults-as-text.conf: -------------------------------------------------------------------------------- 1 | AddType text/plain .iptables .log .sql 2 | -------------------------------------------------------------------------------- /testing/images/a-m-c.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-m-c.png -------------------------------------------------------------------------------- /testing/images/m-c-w.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/m-c-w.png -------------------------------------------------------------------------------- /testing/images/m-w-s.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/m-w-s.png -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-no-signer-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables -F 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-untrusted-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables -F 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "Ar3etTnp" 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "Ar3etTnp" 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/multi-level-ca/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/multi-level-ca/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/multi-level-ca/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-cert/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-cert/hosts/sun/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-psk/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /conf/options/aikgen.conf: -------------------------------------------------------------------------------- 1 | aikgen { 2 | 3 | # Plugins to load in ipsec aikgen tool. 4 | # load = 5 | 6 | } 7 | 8 | -------------------------------------------------------------------------------- /testing/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/images/a-m-c-w.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-m-c-w.png -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "4iChxLT3" 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-radius/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-route-pem/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-route-pem/hosts/sun/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-start-pem/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-start-pem/hosts/sun/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/shunt-policies-nat-rw/hosts/sun/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-pdp-eap/hosts/alice/etc/apache2/sites-available/default: -------------------------------------------------------------------------------- 1 | Include sites-available/000-default.conf -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # this file is not used in this scenario 2 | -------------------------------------------------------------------------------- /conf/plugins/android_log.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.android_log.loglevel = 1 2 | Loglevel for logging to Android specific logger. 3 | -------------------------------------------------------------------------------- /conf/plugins/eap-gtc.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.eap-gtc.backend = pam 2 | XAuth backend to be used for credential verification. 3 | -------------------------------------------------------------------------------- /conf/plugins/vici.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.vici.socket = unix://${piddir}/charon.vici 2 | Socket the vici plugin serves clients. 3 | -------------------------------------------------------------------------------- /debian/watch: -------------------------------------------------------------------------------- 1 | version=3 2 | opts=pgpsigurlmangle=s/$/.sig/ \ 3 | http://download.strongswan.org/strongswan-([\d.]+)\.tar\.bz2 4 | -------------------------------------------------------------------------------- /testing/hosts/alice/etc/freeradius/clients.conf: -------------------------------------------------------------------------------- 1 | client 10.1.0.1 { 2 | secret = gv6URkSs 3 | shortname = moon 4 | } 5 | -------------------------------------------------------------------------------- /testing/images/a-m-c-w-d.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-m-c-w-d.png -------------------------------------------------------------------------------- /testing/images/a-m-w-s-b.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-m-w-s-b.png -------------------------------------------------------------------------------- /testing/images/m-w-s-ip6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/m-w-s-ip6.png -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/strongswan.conf: -------------------------------------------------------------------------------- 1 | # /etc/strongswan.conf - strongSwan configuration file 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-id-prompt/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-id-radius/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-only-radius/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-only-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-radius/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | -------------------------------------------------------------------------------- /testing/tests/ikev2/trap-any/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | carol::ipsec stop 4 | dave::ipsec stop 5 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/shunt-policies-nat-rw/hosts/alice/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/sql/shunt-policies-nat-rw/hosts/venus/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/apache2/sites-available/default: -------------------------------------------------------------------------------- 1 | Include sites-available/000-default.conf -------------------------------------------------------------------------------- /conf/plugins/eap-simaka-sql.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.eap-simaka-sql.database = 2 | 3 | charon.plugins.eap-simaka-sql.remove_used = no 4 | -------------------------------------------------------------------------------- /conf/plugins/imc-scanner.opt: -------------------------------------------------------------------------------- 1 | libimcv.plugins.imc-scanner.push_info = yes 2 | Send open listening ports without being prompted. 3 | -------------------------------------------------------------------------------- /conf/plugins/imv-os.opt: -------------------------------------------------------------------------------- 1 | libimcv.plugins.imv-os.remediation_uri = 2 | URI pointing to operating system remediation instructions. 3 | -------------------------------------------------------------------------------- /conf/plugins/imv-scanner.opt: -------------------------------------------------------------------------------- 1 | libimcv.plugins.imv-scanner.remediation_uri = 2 | URI pointing to scanner remediation instructions. 3 | -------------------------------------------------------------------------------- /conf/plugins/lookip.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.lookip.socket = unix://${piddir}/charon.lkp 2 | Socket provided by the lookip plugin. 3 | -------------------------------------------------------------------------------- /testing/images/a-m-c-w-d-s.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-m-c-w-d-s.png -------------------------------------------------------------------------------- /testing/images/a-m-c-w-ip6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-m-c-w-ip6.png -------------------------------------------------------------------------------- /testing/images/a-v-m-c-w-d.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-v-m-c-w-d.png -------------------------------------------------------------------------------- /testing/images/a-v-m-w-s-b.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-v-m-w-s-b.png -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-only-radius/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # configuration is read from SQLite database 2 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-supplicant/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # The strongSwan IMCs are loaded by the WPA supplicant 2 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-supplicant/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # The strongSwan IMCs are loaded by the WPA supplicant 2 | -------------------------------------------------------------------------------- /conf/options/scepclient.conf: -------------------------------------------------------------------------------- 1 | scepclient { 2 | 3 | # Plugins to load in ipsec scepclient tool. 4 | # load = 5 | 6 | } 7 | 8 | -------------------------------------------------------------------------------- /conf/plugins/bliss.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.bliss.use_bliss_b = yes 2 | Use the enhanced BLISS-B key generation and signature algorithm. 3 | -------------------------------------------------------------------------------- /testing/images/a-m-c-w-d-ip6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-m-c-w-d-ip6.png -------------------------------------------------------------------------------- /testing/images/a-m-c-w-s-b-med.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-m-c-w-s-b-med.png -------------------------------------------------------------------------------- /testing/images/a-m-w-s-b-ip6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-m-w-s-b-ip6.png -------------------------------------------------------------------------------- /testing/images/a-v-m-c-w-med.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-v-m-c-w-med.png -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/strongswan.conf: -------------------------------------------------------------------------------- 1 | # /etc/strongswan.conf - strongSwan configuration file 2 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = md5 3 | md5 { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-loop/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::rm /etc/ipsec.d/cacerts/* 4 | 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-pathlen/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::rm /etc/ipsec.d/cacerts/* 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-revoked/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::rm /etc/ipsec.d/cacerts/* 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = md5 3 | md5 { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = sim 3 | sim { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /conf/plugins/tnccs-11.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.tnccs-11.max_message_size = 45000 2 | Maximum size of a PA-TNC message (XML & Base64 encoding). 3 | -------------------------------------------------------------------------------- /testing/hosts/bob/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA bobKey.pem 4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /testing/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA daveKey.pem 4 | 5 | 6 | 7 | 8 | -------------------------------------------------------------------------------- /testing/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA sunKey.pem 4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /testing/tests/ha/both-active/hosts/alice/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA marsKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ha/both-active/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA marsKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ip-two-pools-v4v6/posttest.dat: -------------------------------------------------------------------------------- 1 | alice::ip -6 route del default via fec1:\:1 2 | carol::ipsec stop 3 | moon::ipsec stop 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-rsa/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA sunKey.der 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = md5 3 | md5 { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = sim 3 | sim { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = sim 3 | sim { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = md5 3 | md5 { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /conf/plugins/error-notify.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.error-notify.socket = unix://${piddir}/charon.enfy 2 | Socket provided by the error-notify plugin. 3 | -------------------------------------------------------------------------------- /conf/plugins/gcrypt.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.gcrypt.quick_random = no 2 | Use faster random numbers in gcrypt; for testing only, produces weak keys! 3 | -------------------------------------------------------------------------------- /conf/plugins/xauth-eap.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.xauth-eap.backend = radius 2 | EAP plugin to be used as backend for XAuth credential verification. 3 | -------------------------------------------------------------------------------- /src/manager/templates/error.cs: -------------------------------------------------------------------------------- 1 | 2 |
3 | 4 | -------------------------------------------------------------------------------- /src/manager/templates/static/close.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/close.png -------------------------------------------------------------------------------- /src/manager/templates/static/pipe.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/pipe.png -------------------------------------------------------------------------------- /src/manager/templates/static/router.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/router.png -------------------------------------------------------------------------------- /src/medsrv/templates/static/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/medsrv/templates/static/favicon.ico -------------------------------------------------------------------------------- /testing/hosts/venus/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA venusKey.pem 4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/duck/index.txt: -------------------------------------------------------------------------------- 1 | V 190225221822Z 01 unknown /C=CH/O=Linux strongSwan/OU=Duck Research/CN=carol@strongswan.org 2 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/monster/index.txt.old: -------------------------------------------------------------------------------- 1 | V 390321140608Z 01 unknown /C=CH/O=Linux strongSwan/OU=Monster/CN=carol@strongswan.org 2 | -------------------------------------------------------------------------------- /testing/images/a-m-w-s-b-ip4-in-ip6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-m-w-s-b-ip4-in-ip6.png -------------------------------------------------------------------------------- /testing/images/a-m-w-s-b-ip6-in-ip4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/a-m-w-s-b-ip6-in-ip4.png -------------------------------------------------------------------------------- /testing/tests/ha/active-passive/hosts/alice/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA marsKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ha/active-passive/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA marsKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/dpd-clear/posttest.dat: -------------------------------------------------------------------------------- 1 | carol::iptables -D INPUT -i eth0 -s PH_IP_MOON -j DROP 2 | moon::ipsec stop 3 | carol::ipsec stop 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = md5 3 | md5 { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/dpd-clear/posttest.dat: -------------------------------------------------------------------------------- 1 | carol::iptables -D INPUT -i eth0 -s PH_IP_MOON -j DROP 2 | moon::ipsec stop 3 | carol::ipsec stop 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/inactivity-timeout/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | carol::iptables-restore < /etc/iptables.flush 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ip-two-pools-v4v6-db/posttest.dat: -------------------------------------------------------------------------------- 1 | alice::ip -6 route del default via fec1:\:1 2 | carol::ipsec stop 3 | moon::ipsec stop 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = sim 3 | sim { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/mult-auth-rsa-eap-sim-id/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | alice::killall radiusd 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | moon::rm /etc/ipsec.d/cacerts/* 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-pgp-v3/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.asc 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-pgp-v3/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA sunKey.asc 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-pgp-v4/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.asc 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-pgp-v4/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA sunKey.asc 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-pubkey/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.der 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-pubkey/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA sunKey.der 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-rsa/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.der 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/redirect-active/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA marsKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-dynamic/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA daveKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = md5 3 | md5 { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = md5 3 | md5 { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-ntru-bliss/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : BLISS daveKey.der 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-ntru-bliss/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : BLISS moonKey.der 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-sig-auth/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/trap-any/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | sun::ipsec start 3 | carol::ipsec start 4 | dave::ipsec start 5 | moon::sleep 1 6 | -------------------------------------------------------------------------------- /testing/tests/libipsec/rw-suite-b/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA daveKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/libipsec/rw-suite-b/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/eap.conf: -------------------------------------------------------------------------------- 1 | eap { 2 | default_eap_type = sim 3 | sim { 4 | } 5 | } 6 | -------------------------------------------------------------------------------- /src/manager/templates/static/initiate.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/initiate.png -------------------------------------------------------------------------------- /src/manager/templates/static/pipe-bad.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/pipe-bad.png -------------------------------------------------------------------------------- /testing/hosts/default/etc/fstab: -------------------------------------------------------------------------------- 1 | /dev/vda1 / ext3 defaults,relatime,barrier=1 0 1 2 | /hostshare /root/shared 9p trans=virtio,version=9p2000.L 0 0 3 | -------------------------------------------------------------------------------- /testing/images/umlArchitecture_large.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/umlArchitecture_large.png -------------------------------------------------------------------------------- /testing/images/umlArchitecture_small.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/images/umlArchitecture_small.png -------------------------------------------------------------------------------- /testing/tests/ikev1/multi-level-ca/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/multi-level-ca/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | moon::rm /etc/ipsec.d/cacerts/* 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/crl-revoked/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolRevokedKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-multi-level/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-strict-ifuri/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/redirect-active/hosts/alice/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA marsKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-id-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-peap-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-id-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-tls-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-ttls-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-ntru-bliss/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : BLISS carolKey.der 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-radius-accounting/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ipv6/rw-rfc3779-ikev2/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/libipsec/rw-suite-b/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/net2net-pgp-v3/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA sunKey.asc 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "Ar3etTnp" 2 | dave Cleartext-Password := "W7R0g3do" 3 | -------------------------------------------------------------------------------- /conf/plugins/osx-attr.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.osx-attr.append = yes 2 | Whether DNS servers are appended to existing entries, instead of replacing 3 | them. 4 | -------------------------------------------------------------------------------- /debian/patches/series: -------------------------------------------------------------------------------- 1 | 01_fix-manpages.patch 2 | 03_systemd-service.patch 3 | 04_disable-libtls-tests.patch 4 | 05_network-manager-strongswan-1.4.patch 5 | -------------------------------------------------------------------------------- /src/dumm/ext/README: -------------------------------------------------------------------------------- 1 | DUMM Ruby Extension 2 | =================== 3 | 4 | Build and Install 5 | 6 | $ ruby extconf.rb 7 | $ make 8 | # make install 9 | -------------------------------------------------------------------------------- /src/manager/templates/static/client-left.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/client-left.png -------------------------------------------------------------------------------- /src/manager/templates/static/pipe-good.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/pipe-good.png -------------------------------------------------------------------------------- /src/manager/templates/static/pipe-thin.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/pipe-thin.png -------------------------------------------------------------------------------- /src/manager/templates/static/strongswan.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/strongswan.png -------------------------------------------------------------------------------- /src/medsrv/templates/static/strongswan.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/medsrv/templates/static/strongswan.png -------------------------------------------------------------------------------- /testing/hosts/alice/etc/raddb/certs/random: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/hosts/alice/etc/raddb/certs/random -------------------------------------------------------------------------------- /testing/tests/ikev1/multi-level-ca-cr-init/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/multi-level-ca-cr-resp/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/crl-from-cache/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::rm /etc/ipsec.d/crls/* 4 | carol::rm /etc/ipsec.d/crls/* 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/crl-to-cache/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::rm /etc/ipsec.d/crls/* 4 | carol::rm /etc/ipsec.d/crls/* 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA daveKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-cr-init/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-cr-resp/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-ldap/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-loop/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-pathlen/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-revoked/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-strict/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-multi-level/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | moon::rm /etc/ipsec.d/cacerts/* 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-revoked/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolRevokedKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-signer-cert/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey-ocsp.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-strict-ifuri/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | moon::rm /etc/ipsec.d/cacerts/* 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-timeouts-good/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey-ocsp.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-timeouts-unknown/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables -F OUTPUT 4 | carol::iptables -F OUTPUT 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-class-radius/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "Ar3etTnp" 2 | dave Cleartext-Password := "W7R0g3do" 3 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/modules/sim_files: -------------------------------------------------------------------------------- 1 | sim_files { 2 | simtriplets = "/etc/freeradius/triplets.dat" 3 | } 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/modules/sim_files: -------------------------------------------------------------------------------- 1 | sim_files { 2 | simtriplets = "/etc/freeradius/triplets.dat" 3 | } 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-tls-fragments/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carol_key.der 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-tls-fragments/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moon_key.der 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "Ar3etTnp" 2 | dave Cleartext-Password := "W7R0g3do" 3 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev1/ecdsa-certs/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA daveKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev1/ecdsa-certs/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/ecdsa-certs/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA daveKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/ecdsa-certs/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/net2net-pgp-v3/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.asc 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/rw-eap-tls-only/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/rw-suite-b-128/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA daveKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/rw-suite-b-128/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/rw-suite-b-192/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA daveKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/rw-suite-b-192/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA moonKey.pem 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-radius-block/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "Ar3etTnp" 2 | dave Cleartext-Password := "W7R0g3do" 3 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-radius-pts/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "Ar3etTnp" 2 | dave Cleartext-Password := "W7R0g3do" 3 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-supplicant/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "Ar3etTnp" 2 | dave Cleartext-Password := "W7R0g3do" 3 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fhh/hosts/moon/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMV configuration file for strongSwan server 2 | 3 | IMV "Dummy" /usr/local/lib/libdummyimv.so 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-mutual-pt-tls/hosts/moon/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # the PT-TLS client reads its configuration and secrets via the command line 2 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/carol/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # the PT-TLS client reads its configuration and secrets via the command line 2 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/dave/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | # the PT-TLS client reads its configuration and secrets via the command line 2 | -------------------------------------------------------------------------------- /conf/default.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.@PLUGIN_NAME@.load := yes 2 | Whether to load the plugin. Can also be an integer to increase the priority 3 | of this plugin. 4 | -------------------------------------------------------------------------------- /src/manager/templates/static/client-right.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/client-right.png -------------------------------------------------------------------------------- /src/manager/templates/static/gateway-left.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/gateway-left.png -------------------------------------------------------------------------------- /src/manager/templates/static/gateway-right.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/gateway-right.png -------------------------------------------------------------------------------- /testing/hosts/alice/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA aliceKey.pem 4 | 5 | 6 | 7 | 8 | 9 | 10 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/duck/.rand: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/hosts/winnetou/etc/openssl/duck/.rand -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/ecdsa/.rand: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/hosts/winnetou/etc/openssl/ecdsa/.rand -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/sales/.rand: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/hosts/winnetou/etc/openssl/sales/.rand -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol : XAUTH "4iChxLT3" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-id-rsa-hybrid/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave : XAUTH "ryftzG4A" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/crl-revoked/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | carol::rm /etc/ipsec.d/private/* 4 | carol::rm /etc/ipsec.d/certs/* 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/modules/sim_files: -------------------------------------------------------------------------------- 1 | sim_files { 2 | simtriplets = "/etc/freeradius/triplets.dat" 3 | } 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-strict/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | moon::rm /etc/ipsec.d/cacerts/* 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-revoked/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | carol::rm /etc/ipsec.d/private/* 4 | carol::rm /etc/ipsec.d/certs/* 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/reauth-mbb-revoked/posttest.dat: -------------------------------------------------------------------------------- 1 | winnetou::cp /var/www/strongswan.crl.bak /var/www/strongswan.crl 2 | moon::ipsec stop 3 | carol::ipsec stop 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave : EAP "W7R0g3do" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-class-radius/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-class-radius/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave : EAP "W7R0g3do" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-id-radius/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/modules/sim_files: -------------------------------------------------------------------------------- 1 | sim_files { 2 | simtriplets = "/etc/freeradius/triplets.dat" 3 | } 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-pkcs8/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-radius-accounting/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/modules/sim_files: -------------------------------------------------------------------------------- 1 | sim_files { 2 | simtriplets = "/etc/freeradius/triplets.dat" 3 | } 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fhh/hosts/carol/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMC configuration file for strongSwan client 2 | 3 | IMC "Dummy" /usr/local/lib/libdummyimc.so 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fhh/hosts/dave/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMC configuration file for strongSwan client 2 | 3 | IMC "Dummy" /usr/local/lib/libdummyimc.so 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-os/hosts/carol/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMC configuration file for strongSwan client 2 | 3 | IMC "OS" /usr/local/lib/ipsec/imcvs/imc-os.so 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-os/hosts/dave/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMC configuration file for strongSwan client 2 | 3 | IMC "OS" /usr/local/lib/ipsec/imcvs/imc-os.so 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-os/hosts/moon/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMV configuration file for strongSwan client 2 | 3 | IMV "OS" /usr/local/lib/ipsec/imcvs/imv-os.so 4 | -------------------------------------------------------------------------------- /src/manager/templates/static/pipe-thin-green.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/pipe-thin-green.png -------------------------------------------------------------------------------- /src/manager/templates/static/pipe-thin-left.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/pipe-thin-left.png -------------------------------------------------------------------------------- /src/manager/templates/static/pipe-thin-right.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/pipe-thin-right.png -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/research/.rand: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/hosts/winnetou/etc/openssl/research/.rand -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/rfc3779/.rand: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/hosts/winnetou/etc/openssl/rfc3779/.rand -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-pkcs12/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : P12 moonCert.p12 "kUqd8O7mzbjXNJKQ" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-local-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::rm /etc/ipsec.d/ocspcerts/* 4 | carol::rm /etc/ipsec.d/ocspcerts/* 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-signer-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | carol::rm /etc/ipsec.d/certs/* 4 | carol::rm /etc/ipsec.d/private/* 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-timeouts-good/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | carol::rm /etc/ipsec.d/certs/* 4 | carol::rm /etc/ipsec.d/private/* 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol : EAP "Ar3etTnp01qlpOgb" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-dynamic/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-rsa/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-peap-md5/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave@strongswan.org : EAP "UgaM65Va" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-ttls-only/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave@strongswan.org : EAP "UgaM65Va" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-pkcs8/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA daveKey.pem "OJlNZBx+80dLh4wC6fw5LmBd" 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/multi-level-ca/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/multi-level-ca/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/multi-level-ca/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /conf/plugins/kernel-pfroute.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.kernel-pfroute.vip_wait = 1000 2 | Time in ms to wait until virtual IP addresses appear/disappear before 3 | failing. 4 | -------------------------------------------------------------------------------- /man/Makefile.am: -------------------------------------------------------------------------------- 1 | man_MANS = 2 | 3 | if USE_FILE_CONFIG 4 | man_MANS += \ 5 | ipsec.conf.5 \ 6 | ipsec.secrets.5 7 | endif 8 | 9 | CLEANFILES = $(man_MANS) 10 | -------------------------------------------------------------------------------- /testing/tests/ikev1/dynamic-initiator/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/dynamic-responder/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/rw-psk-ipv4/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | 192.168.0.200 : PSK 0sjVzONCF02ncsgiSlmIXeqhGN 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/dynamic-initiator/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm LOCAL { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-radius/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol : EAP "Ar3etTnp01qlpOgb" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-peap-md5/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-peap-mschapv2/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave@strongswan.org : EAP "UgaM65Va" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-peap-radius/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-peap-radius/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave@strongswan.org : EAP "UgaM65Va" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm LOCAL { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-ttls-only/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-ttls-radius/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-ttls-radius/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave@strongswan.org : EAP "UgaM65Va" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-psk-ipv4/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | PH_IP_CAROL : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-psk-ipv4/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | PH_IP_DAVE : PSK 0sjVzONCF02ncsgiSlmIXeqhGN 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-radius-accounting/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm LOCAL { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ipv6/rw-psk-ikev1/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | PH_IP6_CAROL : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx 4 | -------------------------------------------------------------------------------- /testing/tests/ipv6/rw-psk-ikev1/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | PH_IP6_DAVE : PSK 0sjVzONCF02ncsgiSlmIXeqhGN 4 | -------------------------------------------------------------------------------- /testing/tests/ipv6/rw-psk-ikev2/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | PH_IP6_CAROL : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx 4 | -------------------------------------------------------------------------------- /testing/tests/ipv6/rw-psk-ikev2/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | PH_IP6_DAVE : PSK 0sjVzONCF02ncsgiSlmIXeqhGN 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-route-pem/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-route-pem/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-start-pem/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-start-pem/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fail-init/hosts/carol/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMC configuration file for strongSwan client 2 | 3 | IMC "Test" /usr/local/lib/ipsec/imcvs/imc-test.so 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fail-init/hosts/dave/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMC configuration file for strongSwan client 2 | 3 | IMC "Test" /usr/local/lib/ipsec/imcvs/imc-test.so 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fail-init/hosts/moon/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMV configuration file for strongSwan client 2 | 3 | IMV "Test" /usr/local/lib/ipsec/imcvs/imv-test.so 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fail-resp/hosts/carol/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMC configuration file for strongSwan client 2 | 3 | IMC "Test" /usr/local/lib/ipsec/imcvs/imc-test.so 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fail-resp/hosts/moon/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMV configuration file for strongSwan client 2 | 3 | IMV "Test" /usr/local/lib/ipsec/imcvs/imv-test.so 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-hcd-eap/hosts/alice/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMV configuration file for strongSwan client 2 | 3 | IMV "HCD" /usr/local/lib/ipsec/imcvs/imv-hcd.so 4 | -------------------------------------------------------------------------------- /src/manager/templates/static/pipe-thin-left-green.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/pipe-thin-left-green.png -------------------------------------------------------------------------------- /src/manager/templates/static/pipe-thin-right-green.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/src/manager/templates/static/pipe-thin-right-green.png -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/sales/salesCert.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/hosts/winnetou/etc/openssl/sales/salesCert.der -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/strongswanCert.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/hosts/winnetou/etc/openssl/strongswanCert.der -------------------------------------------------------------------------------- /testing/tests/ikev1/compress/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/dpd-clear/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/dpd-restart/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/rw-psk-ipv4/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | 192.168.0.100 : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/crl-revoked/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/dpd-clear/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/dpd-hold/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/dpd-restart/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-aka-rsa/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : EAP "Ar3etTnp01qlpOgb" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-framed-ip-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm LOCAL { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm LOCAL { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-peap-mschapv2/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-tls-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev1/ecdsa-certs/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/ecdsa-certs/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/net2net-pkcs12/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : P12 moonCert.p12 "kUqd8O7mzbjXNJKQ" 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/rw-suite-b-128/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/rw-suite-b-192/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-radius-pts/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-supplicant/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/alice/etc/swanctl/swanctl.conf: -------------------------------------------------------------------------------- 1 | secrets { 2 | 3 | eap-carol { 4 | id = carol 5 | secret = "Ar3etTnp" 6 | } 7 | } 8 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/moon/etc/strongswan.conf: -------------------------------------------------------------------------------- 1 | # /etc/strongswan.conf - strongSwan configuration file 2 | 3 | # this file is not used in this scenario 4 | -------------------------------------------------------------------------------- /testing/hosts/default/etc/strongswan.conf.testing: -------------------------------------------------------------------------------- 1 | charon { 2 | retransmit_tries = 2 3 | retransmit_timeout = 1.0 4 | retransmit_base = 1 5 | } 6 | 7 | include strongswan.conf -------------------------------------------------------------------------------- /testing/tests/ikev1/esp-alg-aes-xcbc/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/host2host-ah/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/net2net-ah/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/net2net-psk/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/rw-cert-unity/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/rw-psk-fqdn/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/rw-psk-fqdn/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave@strongswan.org : PSK 0sjVzONCF02ncsgiSlmIXeqhGN 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/compress/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/crl-to-cache/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/host2host-ah/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/nat-rw-psk/hosts/alice/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | PH_IP_ALICE : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/nat-rw-psk/hosts/venus/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | PH_IP_VENUS : PSK 0s8PjpI8z+Ym5A9zPvh7+opyyV9NcZp8Br 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-ah/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-psk/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-local-cert/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-revoked/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-root-cert/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-signer-cert/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-peap-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-only-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : EAP "Ar3etTnp" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-ttls-phase2-piggyback/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave@strongswan.org : EAP "UgaM65Va" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-ttls-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-psk-fqdn/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-psk-fqdn/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave@strongswan.org : PSK 0sjVzONCF02ncsgiSlmIXeqhGN 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-psk-no-idr/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-psk-no-idr/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave@strongswan.org : PSK 0sjVzONCF02ncsgiSlmIXeqhGN 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/ecdsa-pkcs8/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA daveKey.pem "OJlNZBx+80dLh4wC6fw5LmBd" 4 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/rw-eap-tls-only/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : ECDSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | -------------------------------------------------------------------------------- /testing/tests/pfkey/compress/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | # secrets are read from SQLite database 4 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-radius-block/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-pts/hosts/moon/etc/tnc_config: -------------------------------------------------------------------------------- 1 | #IMV configuration file for strongSwan client 2 | 3 | IMV "Attestation" /usr/local/lib/ipsec/imcvs/imv-attestation.so 4 | -------------------------------------------------------------------------------- /src/libcharon/plugins/maemo/org.strongswan.charon.service.in: -------------------------------------------------------------------------------- 1 | [D-BUS Service] 2 | Name=org.strongswan.charon 3 | Exec=/usr/bin/run-standalone.sh @LIBEXECDIR@/ipsec/charon 4 | User=root 5 | -------------------------------------------------------------------------------- /testing/Makefile.am: -------------------------------------------------------------------------------- 1 | EXTRA_DIST = do-tests make-testing ssh start-testing stop-testing \ 2 | testing.conf ssh_config config hosts images scripts tests \ 3 | README 4 | 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/alg-3des-md5/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/alg-sha256/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/alg-sha384/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/alg-sha512/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/esp-alg-null/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/host2host-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/net2net-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/net2net-esn/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/net2net-psk-fail/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/rw-psk-aggressive/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/rw-psk-aggressive/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave@strongswan.org : PSK 0sjVzONCF02ncsgiSlmIXeqhGN 4 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-id-rsa-config/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA daveKey.pem 4 | 5 | dave : XAUTH "ryftzG4A" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa-eap-md5-radius/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/alg-3des-md5/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/alg-aes-ccm/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/alg-aes-ctr/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/alg-aes-gcm/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/alg-aes-xcbc/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/alg-sha256-96/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/alg-sha256/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/alg-sha384/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/alg-sha512/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/esp-alg-null/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/host2host-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/host2host-swapped/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-esn/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-psk-fail/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-route/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-start/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ocsp-timeouts-good/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/reauth-early/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/reauth-late/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/reauth-mbb-revoked/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection rw 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/reauth-mbb/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-id-prompt/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | 5 | carol : EAP "Ar3etTnp" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-psk-rsa-mixed/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-psk-rsa-split/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | carol@strongswan.org : PSK 0sFpZAZqEN6Ti9sqt4ZP5EWcqx 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-psk-rsa-split/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | dave@strongswan.org : PSK 0sjVzONCF02ncsgiSlmIXeqhGN 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/strong-keys-certs/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey-aes128.pem "gOQHdrSWeFuiZtYPetWuyzHW" 4 | -------------------------------------------------------------------------------- /testing/tests/libipsec/net2net-3des/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/libipsec/net2net-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/libipsec/net2net-null/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/pfkey/alg-aes-xcbc/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/pfkey/alg-sha384/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/pfkey/alg-sha512/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/pfkey/esp-alg-null/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/pfkey/net2net-route/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-cert/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-cert/hosts/dave/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-cert/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa/hosts/dave/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/swanctl/mult-auth-rsa-eap-sim-id/hosts/alice/etc/freeradius/proxy.conf: -------------------------------------------------------------------------------- 1 | realm strongswan.org { 2 | type = radius 3 | authhost = LOCAL 4 | accthost = LOCAL 5 | } 6 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-11-supplicant/evaltest.dat: -------------------------------------------------------------------------------- 1 | carol::cat /var/log/daemon.log::IMC.*changed state.*Allowed::YES 2 | dave:: cat /var/log/daemon.log::IMC.*changed state.*Isolate::YES 3 | -------------------------------------------------------------------------------- /conf/default.conf: -------------------------------------------------------------------------------- 1 | @PLUGIN_NAME@ { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /conf/options/tnc.conf: -------------------------------------------------------------------------------- 1 | charon { 2 | 3 | tnc { 4 | 5 | # TNC IMC/IMV configuration file. 6 | # tnc_config = /etc/tnc_config 7 | 8 | } 9 | 10 | } 11 | 12 | -------------------------------------------------------------------------------- /conf/plugins/imc-hcd.conf: -------------------------------------------------------------------------------- 1 | imc-hcd { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /conf/plugins/imc-os.conf: -------------------------------------------------------------------------------- 1 | imc-os { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /conf/plugins/imc-swid.conf: -------------------------------------------------------------------------------- 1 | imc-swid { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /conf/plugins/imc-test.conf: -------------------------------------------------------------------------------- 1 | imc-test { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /conf/plugins/imv-os.conf: -------------------------------------------------------------------------------- 1 | imv-os { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /conf/plugins/imv-swid.conf: -------------------------------------------------------------------------------- 1 | imv-swid { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /conf/plugins/imv-test.conf: -------------------------------------------------------------------------------- 1 | imv-test { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /src/include/Makefile.am: -------------------------------------------------------------------------------- 1 | EXTRA_DIST = linux/if_alg.h linux/ipsec.h linux/netlink.h linux/rtnetlink.h \ 2 | linux/pfkeyv2.h linux/udp.h linux/socket.h linux/xfrm.h sys/queue.h 3 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/research/researchCert.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/hosts/winnetou/etc/openssl/research/researchCert.der -------------------------------------------------------------------------------- /testing/tests/ikev1/esp-alg-aes-ccm/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/esp-alg-aes-ctr/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/esp-alg-aes-gcm/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/esp-alg-aes-gmac/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/host2host-transport/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/multi-level-ca-cr-init/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | carol::rm /etc/ipsec.d/cacerts/* 5 | dave::rm /etc/ipsec.d/cacerts/* 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/multi-level-ca-cr-resp/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | carol::rm /etc/ipsec.d/cacerts/* 5 | dave::rm /etc/ipsec.d/cacerts/* 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/net2net-ntru-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/protoport-dual/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA daveKey.pem 4 | 5 | dave : XAUTH "ryftzG4A" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA daveKey.pem 4 | 5 | dave@strongswan.org : XAUTH "ryftzG4A" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/after-2038-certs/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/esp-alg-aes-gmac/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/esp-alg-md5-128/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/esp-alg-sha1-160/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/host2host-transport/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-cr-init/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | carol::rm /etc/ipsec.d/cacerts/* 5 | dave::rm /etc/ipsec.d/cacerts/* 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-cr-resp/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | dave::ipsec stop 4 | carol::rm /etc/ipsec.d/cacerts/* 5 | dave::rm /etc/ipsec.d/cacerts/* 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-pathlen/pretest.dat: -------------------------------------------------------------------------------- 1 | carol::ipsec start 2 | moon::ipsec start 3 | moon::expect-connection duck 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/multi-level-ca-revoked/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec start 2 | carol::ipsec start 3 | moon::expect-connection alice 4 | carol::expect-connection home 5 | carol::ipsec up home 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-cert-sha2/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-ntru-cert/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-pkcs12/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : P12 sunCert.p12 "IxjQVCF3JGI+MoPi" 4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-rfc3779/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/protoport-dual/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/protoport-route/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | 5 | carol : EAP "Ar3etTnp01qlpOgb" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-aka-id-rsa/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-aka-rsa/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-rsa/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-sim-rsa/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-tls-only/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/pfkey/host2host-transport/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/pfkey/protoport-dual/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/pfkey/protoport-route/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db/hosts/dave/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-cert/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-cert/hosts/sun/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-psk/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-psk/hosts/sun/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv4/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv4/hosts/dave/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv4/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv6/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv6/hosts/dave/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-ipv6/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-mutual-pt-tls/pretest.dat: -------------------------------------------------------------------------------- 1 | sun::service charon start 2 | moon::cat /etc/pts/options 3 | moon::sleep 1 4 | moon::ipsec pt-tls-client --optionsfrom /etc/pts/options 5 | -------------------------------------------------------------------------------- /conf/options/starter.opt: -------------------------------------------------------------------------------- 1 | starter.config_file = ${sysconfdir}/ipsec.conf 2 | Location of the ipsec.conf file 3 | 4 | starter.load_warning = yes 5 | Disable charon plugin load option warning. 6 | -------------------------------------------------------------------------------- /conf/plugins/tnc-imc.opt: -------------------------------------------------------------------------------- 1 | charon.plugins.tnc-imc.dlclose = yes 2 | Unload IMC after use. 3 | 4 | charon.plugins.tnc-imc.preferred_language = en 5 | Preferred language for TNC recommendations. 6 | -------------------------------------------------------------------------------- /src/swanctl/swanctl.conf.5.tail.in: -------------------------------------------------------------------------------- 1 | .SH FILES 2 | . 3 | .nf 4 | .na 5 | /etc/swanctl/swanctl.conf configuration file 6 | .ad 7 | .fi 8 | . 9 | .SH SEE ALSO 10 | .BR swanctl (8) 11 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/bliss/strongswan_blissKey.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/hosts/winnetou/etc/openssl/bliss/strongswan_blissKey.der -------------------------------------------------------------------------------- /testing/tests/gcrypt-ikev2/alg-camellia/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/net2net-fragmentation/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/alg-chacha20poly1305/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/critical-extension/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-fragmentation/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-ntru-bandwidth/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/reauth-mbb-virtual-ip/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-dynamic/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | 5 | carol@strongswan.org : EAP "Ar3etTnp" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-id-prompt/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-rsa/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | 5 | carol@strongswan.org : EAP "Ar3etTnp" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | 5 | carol : EAP "Ar3etTnp01qlpOgb" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-mschapv2-id-rsa/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/ikev2/shunt-policies-nat-rw/posttest.dat: -------------------------------------------------------------------------------- 1 | sun::ipsec stop 2 | alice::ipsec stop 3 | venus::ipsec stop 4 | sun::iptables-restore < /etc/iptables.flush 5 | moon::iptables -t nat -F 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/strong-keys-certs/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey-aes192.pem "ITP/H4lSHqGpUGmCpgNDklbzTNV+swjA" 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/two-certs/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | 5 | : RSA carolKey-002.pem 6 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev1/alg-camellia/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/alg-camellia/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/net2net-pkcs12/hosts/sun/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : P12 sunCert.p12 "IxjQVCF3JGI+MoPi" 4 | 5 | 6 | 7 | 8 | 9 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/rw-eap-tls-only/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | carol::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/pfkey/shunt-policies-nat-rw/posttest.dat: -------------------------------------------------------------------------------- 1 | sun::ipsec stop 2 | alice::ipsec stop 3 | venus::ipsec stop 4 | sun::iptables-restore < /etc/iptables.flush 5 | moon::iptables -t nat -F 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-expired/hosts/dave/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-restart/hosts/dave/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db/hosts/dave/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-route-pem/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-route-pem/hosts/sun/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-start-pem/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/net2net-start-pem/hosts/sun/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-eap-aka-rsa/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-eap-aka-rsa/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-rsa-split/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-rsa-split/hosts/dave/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/rw-psk-rsa-split/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/tkm/multiple-clients/hosts/sun/etc/tkm/sunKey.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/tests/tkm/multiple-clients/hosts/sun/etc/tkm/sunKey.der -------------------------------------------------------------------------------- /ChangeLog: -------------------------------------------------------------------------------- 1 | A summary of changes is available in the NEWS file. For a more 2 | detailed Changelog, use the repository (see HACKING) or the 3 | online interface available at http://git.strongswan.org. 4 | -------------------------------------------------------------------------------- /conf/plugins/imc-scanner.conf: -------------------------------------------------------------------------------- 1 | imc-scanner { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /conf/plugins/imv-scanner.conf: -------------------------------------------------------------------------------- 1 | imv-scanner { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /testing/hosts/winnetou/etc/openssl/bliss/strongswan_blissCert.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/hosts/winnetou/etc/openssl/bliss/strongswan_blissCert.der -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-start/pretest.dat: -------------------------------------------------------------------------------- 1 | moon::iptables-restore < /etc/iptables.rules 2 | sun::iptables-restore < /etc/iptables.rules 3 | sun::ipsec start 4 | moon::ipsec start 5 | moon::sleep 1 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-aka-rsa/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA moonKey.pem 4 | 5 | carol@strongswan.org : EAP "Ar3etTnp01qlpOgb" 6 | -------------------------------------------------------------------------------- /testing/tests/openssl-ikev2/critical-extension/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::ipsec stop 2 | sun::ipsec stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-expired/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-pool-db-restart/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/tkm/net2net-initiator/hosts/moon/etc/tkm/moonKey.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/tests/tkm/net2net-initiator/hosts/moon/etc/tkm/moonKey.der -------------------------------------------------------------------------------- /testing/tests/tkm/net2net-xfrmproxy/hosts/moon/etc/tkm/moonKey.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/tests/tkm/net2net-xfrmproxy/hosts/moon/etc/tkm/moonKey.der -------------------------------------------------------------------------------- /testing/tests/tkm/xfrmproxy-expire/hosts/moon/etc/tkm/moonKey.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/tests/tkm/xfrmproxy-expire/hosts/moon/etc/tkm/moonKey.der -------------------------------------------------------------------------------- /conf/plugins/imc-attestation.conf: -------------------------------------------------------------------------------- 1 | imc-attestation { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /conf/plugins/imv-attestation.conf: -------------------------------------------------------------------------------- 1 | imv-attestation { 2 | 3 | # Whether to load the plugin. Can also be an integer to increase the 4 | # priority of this plugin. 5 | load = yes 6 | 7 | } 8 | 9 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-id-rsa-config/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | 5 | carol : XAUTH "4iChxLT3" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/ip-split-pools-db/posttest.dat: -------------------------------------------------------------------------------- 1 | carol::ipsec stop 2 | dave::ipsec stop 3 | moon::ipsec stop 4 | moon::ipsec pool --del pool0 2> /dev/null 5 | moon::ipsec pool --del pool1 2> /dev/null 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/net2net-psk-dscp/hosts/moon/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | @moon-be @moon-ef @sun-be @sun-ef : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL 4 | -------------------------------------------------------------------------------- /testing/tests/ikev2/strong-keys-certs/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA daveKey-aes256.pem "MeFnDN7VUbj+qU/bkgRIFvbCketIk2wrrs5Ii8297N2v" 4 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db-restart/hosts/carol/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db-restart/hosts/dave/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/sql/ip-split-pools-db-restart/hosts/moon/etc/ipsec.conf: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.conf - strongSwan IPsec configuration file 2 | 3 | config setup 4 | 5 | # configuration is read from SQLite database 6 | -------------------------------------------------------------------------------- /testing/tests/tkm/host2host-initiator/hosts/moon/etc/tkm/moonKey.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/tests/tkm/host2host-initiator/hosts/moon/etc/tkm/moonKey.der -------------------------------------------------------------------------------- /testing/tests/tkm/host2host-responder/hosts/moon/etc/tkm/moonKey.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/tests/tkm/host2host-responder/hosts/moon/etc/tkm/moonKey.der -------------------------------------------------------------------------------- /testing/tests/tkm/host2host-xfrmproxy/hosts/moon/etc/tkm/moonKey.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/tests/tkm/host2host-xfrmproxy/hosts/moon/etc/tkm/moonKey.der -------------------------------------------------------------------------------- /testing/tests/tkm/multiple-clients/hosts/sun/etc/strongswan.conf: -------------------------------------------------------------------------------- 1 | # /etc/strongswan.conf - strongSwan configuration file 2 | 3 | charon-tkm { 4 | dh_mapping { 5 | 15 = 1 6 | 16 = 2 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /testing/tests/tkm/net2net-initiator/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::DAEMON_NAME=charon-tkm ipsec stop 2 | moon::killall tkm_keymanager 3 | moon::rm -f /tmp/tkm.rpc.ike /tmp/tkm.rpc.ees /tmp/tkm.log 4 | sun::ipsec stop 5 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-mutual-eap/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::service charon stop 2 | sun::service charon stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-pts/hosts/carol/etc/.strongswan.conf.swp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/tests/tnc/tnccs-20-pts/hosts/carol/etc/.strongswan.conf.swp -------------------------------------------------------------------------------- /debian/strongswan-scepclient.install: -------------------------------------------------------------------------------- 1 | usr/lib/ipsec/scepclient 2 | usr/share/man/man8/scepclient.8 3 | usr/share/strongswan/templates/config/strongswan.d/scepclient.conf 4 | etc/strongswan.d/scepclient.conf 5 | -------------------------------------------------------------------------------- /testing/hosts/bob/etc/ipsec.d/ipsec.sql: -------------------------------------------------------------------------------- 1 | /* strongSwan SQLite database */ 2 | 3 | /* configuration is read from swanctl.conf or ipsec.conf */ 4 | /* credentials are read from swanctl.conf or ipsec.secrets */ 5 | -------------------------------------------------------------------------------- /testing/hosts/dave/etc/ipsec.d/ipsec.sql: -------------------------------------------------------------------------------- 1 | /* strongSwan SQLite database */ 2 | 3 | /* configuration is read from swanctl.conf or ipsec.conf */ 4 | /* credentials are read from swanctl.conf or ipsec.secrets */ 5 | -------------------------------------------------------------------------------- /testing/hosts/default/etc/ip6tables.flush: -------------------------------------------------------------------------------- 1 | *filter 2 | 3 | -F 4 | 5 | -P INPUT ACCEPT 6 | -P OUTPUT ACCEPT 7 | -P FORWARD ACCEPT 8 | 9 | COMMIT 10 | 11 | *mangle 12 | 13 | -F 14 | 15 | COMMIT 16 | -------------------------------------------------------------------------------- /testing/hosts/moon/etc/ipsec.d/ipsec.sql: -------------------------------------------------------------------------------- 1 | /* strongSwan SQLite database */ 2 | 3 | /* configuration is read from swanctl.conf or ipsec.conf */ 4 | /* credentials are read from swanctl.conf or ipsec.secrets */ 5 | -------------------------------------------------------------------------------- /testing/hosts/sun/etc/ipsec.d/ipsec.sql: -------------------------------------------------------------------------------- 1 | /* strongSwan SQLite database */ 2 | 3 | /* configuration is read from swanctl.conf or ipsec.conf */ 4 | /* credentials are read from swanctl.conf or ipsec.secrets */ 5 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-id-psk-config/hosts/dave/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : PSK 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL 4 | 5 | dave : XAUTH "ryftzG4A" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-id-rsa-aggressive/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | 5 | carol : XAUTH "4iChxLT3" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev1/xauth-rsa/hosts/carol/etc/ipsec.secrets: -------------------------------------------------------------------------------- 1 | # /etc/ipsec.secrets - strongSwan IPsec secrets file 2 | 3 | : RSA carolKey.pem "nH5ZQEWtku0RJEZ6" 4 | 5 | carol@strongswan.org : XAUTH "4iChxLT3" 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/mobike-nat/posttest.dat: -------------------------------------------------------------------------------- 1 | alice::ipsec stop 2 | sun::ipsec stop 3 | alice::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | moon::iptables -t nat -F 6 | -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/tests/ikev2/rw-dnssec/hosts/moon/etc/ipsec.d/certs/moonPub.der -------------------------------------------------------------------------------- /testing/tests/ikev2/rw-eap-md5-class-radius/hosts/alice/etc/freeradius/users: -------------------------------------------------------------------------------- 1 | carol Cleartext-Password := "Ar3etTnp" 2 | Class = "Research" 3 | dave Cleartext-Password := "W7R0g3do" 4 | Class = "Accounting" 5 | -------------------------------------------------------------------------------- /testing/tests/tkm/host2host-initiator/hosts/moon/etc/strongswan.conf: -------------------------------------------------------------------------------- 1 | # /etc/strongswan.conf - strongSwan configuration file 2 | 3 | charon-tkm { 4 | dh_mapping { 5 | 15 = 1 6 | 16 = 2 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /testing/tests/tkm/host2host-initiator/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::DAEMON_NAME=charon-tkm ipsec stop 2 | moon::killall tkm_keymanager 3 | moon::rm -f /tmp/tkm.rpc.ike /tmp/tkm.rpc.ees /tmp/tkm.log 4 | sun::ipsec stop 5 | -------------------------------------------------------------------------------- /testing/tests/tkm/host2host-responder/hosts/moon/etc/strongswan.conf: -------------------------------------------------------------------------------- 1 | # /etc/strongswan.conf - strongSwan configuration file 2 | 3 | charon-tkm { 4 | dh_mapping { 5 | 15 = 1 6 | 16 = 2 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /testing/tests/tkm/host2host-responder/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::DAEMON_NAME=charon-tkm ipsec stop 2 | moon::killall tkm_keymanager 3 | moon::rm -f /tmp/tkm.rpc.ike /tmp/tkm.rpc.ees /tmp/tkm.log 4 | sun::ipsec stop 5 | -------------------------------------------------------------------------------- /testing/tests/tkm/host2host-xfrmproxy/hosts/moon/etc/strongswan.conf: -------------------------------------------------------------------------------- 1 | # /etc/strongswan.conf - strongSwan configuration file 2 | 3 | charon-tkm { 4 | dh_mapping { 5 | 15 = 1 6 | 16 = 2 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /testing/tests/tkm/multiple-clients/hosts/sun/etc/tkm/strongswanCert.der: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ramiro/strongswan-debian-package/master/testing/tests/tkm/multiple-clients/hosts/sun/etc/tkm/strongswanCert.der -------------------------------------------------------------------------------- /testing/tests/tkm/net2net-initiator/hosts/moon/etc/strongswan.conf: -------------------------------------------------------------------------------- 1 | # /etc/strongswan.conf - strongSwan configuration file 2 | 3 | charon-tkm { 4 | dh_mapping { 5 | 15 = 1 6 | 16 = 2 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /testing/tests/tkm/net2net-xfrmproxy/hosts/moon/etc/strongswan.conf: -------------------------------------------------------------------------------- 1 | # /etc/strongswan.conf - strongSwan configuration file 2 | 3 | charon-tkm { 4 | dh_mapping { 5 | 15 = 1 6 | 16 = 2 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /testing/tests/tkm/xfrmproxy-expire/hosts/moon/etc/strongswan.conf: -------------------------------------------------------------------------------- 1 | # /etc/strongswan.conf - strongSwan configuration file 2 | 3 | charon-tkm { 4 | dh_mapping { 5 | 15 = 1 6 | 16 = 2 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-fail-resp/posttest.dat: -------------------------------------------------------------------------------- 1 | carol::service charon stop 2 | moon::service charon stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | carol::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-mutual-eap-fail/posttest.dat: -------------------------------------------------------------------------------- 1 | moon::service charon stop 2 | sun::service charon stop 3 | moon::iptables-restore < /etc/iptables.flush 4 | sun::iptables-restore < /etc/iptables.flush 5 | -------------------------------------------------------------------------------- /testing/tests/tnc/tnccs-20-pdp-pt-tls/hosts/carol/etc/ipsec.sql: -------------------------------------------------------------------------------- 1 | /* strongSwan SQLite database */ 2 | 3 | /* configuration is read from the command line */ 4 | /* credentials are read from the command line */ 5 | --------------------------------------------------------------------------------