New commits:
commit f22ca063af1bece186346f1fdf02514ae089035c
Author: Andrew Cagney <[email protected]>
Date: Mon Sep 7 17:27:37 2020 -0400
testing: review and update ikev2-03-basic-rawrsa-ckaid
Querks when specifying the CKAID of a raw RSA key in a basic IKEv2
connection.
Connections involving rsasigkey are performed using two whack messages
which:
1. add the connection _without_ the raw key
2. add the raw key
This breaks "ipsec auto --add east-ckaid-rsasigkey":
- the first whack message tries to add the connection; since it
specifies ..ckaid=..., but rsasigkey hasn't yet been added, it fails
But there's a work-around:
1. "ipsec auto --add east-rsasigkey"
this adds east'ts rsasigkey to the database
2. "ipsec auto --add east-ckaid"
loads because the command above loaded the RSASIGKEY
_______________________________________________
Swan-commit mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-commit
