Currently the code just warns when trying to add a connection with no private key. Instead much much later - during the auth exchange - the code tries to find the private key. Presumably this is because the end may not need the private key.
I'm wondering if there's enough information available to determine that the private key is required when the connection is being added. If a connection can specify multiple optional auth methods then probably not? (a case when there isn't is with rsasigkey - that only arrives after the connection is added; grrrr)
_______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
