On Tue, 3 Mar 2020, Andrew Cagney wrote:
Testing offloading of AUTH on the initiator (vs the responder where
much of this is hidden) turned up an interesting logging change,
consider this log:
-002 "westnet-eastnet-ikev2" #2: certificate verified OK:
[email protected],...
+002 "westnet-eastnet-ikev2" #1: certificate verified OK:
[email protected],...
That seems more correct. The logging should really be with the IKE SA
and not the IPsec SA.
Paul
_______________________________________________
Swan-dev mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan-dev
