On Sun, 10 Nov 2019, Andrew Cagney wrote:
BTW, just a sanity check. Have you tried the "fixed test" on the code prior to commit 9bc... (i.e., with all the SKIP cruft?).
It also fails there.
It looks like it is checking that there's a root ca, and when there isn't barf. A correctly set up and installed self signed cert should have been returned?
These are actually not self-signed certs. These are "hardcoded" certs in leftcert= and rightcert=
Removing the hunk fixed my issue. Is there a problem later in the code that assumes root_certs != NULL ?
introduced this code: if (!pexpect(root_certs != NULL) || CERT_LIST_EMPTY(root_certs)) { libreswan_log("No Certificate Authority in NSS Certificate DB! Certificate payloads discarded."); return NULL; }
I still think this check should go away. Paul _______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
