[Swan-commit] Changes to ref refs/heads/main
Andrew Cagney
cagney at vault.libreswan.fi
Thu Apr 1 17:50:44 UTC 2021
New commits:
commit 3d5570dfe98ff3087b79ef0e13352e9b5f7135d2
Merge: f31a748 7f2a510
Author: Andrew Cagney <cagney at gnu.org>
Date: Thu Apr 1 13:50:05 2021 -0400
crypto: merge authenticated using <cert> messages
Try to update tests.
Merge commit '7f2a5100dc9367633b05c5b62c3caa79071550fd'
commit 7f2a5100dc9367633b05c5b62c3caa79071550fd
Author: Andrew Cagney <cagney at gnu.org>
Date: Thu Apr 1 10:25:46 2021 -0400
testing: expect reworked authenticated using PKI messages
commit 3e037f16ceb052fb60c3e04840a845576b628985
Author: Andrew Cagney <cagney at gnu.org>
Date: Fri Feb 26 13:26:14 2021 -0500
crypto: eliminate "N""error" magic, merge log lines, first pass
Pass:
- list pubkey and hash algorithms
- the certificate source (peer, preloaded) is specified
- CA==%any omitted
- don't log earlier failed certs
authenticated using RSA with SHA1 and preloaded certificate '@east'
authenticated using RSA with SHA2_512 and peer certificate 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east at testing.libreswan.org' issued by CA 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=Libreswan test CA for mainca, E=testing at libreswan.org'
Fail:
- list pubkey and hash algorithms
- list any keys tried
- list id
authentication failed: no certificate matched RSA with SHA2_512 and 'C=CA, ST=Ontario, L=Toronto, O=Libreswan, OU=Test Department, CN=east.testing.libreswan.org, E=user-east at testing.libreswan.org'
authentication failed: using RSA with SHA1 for '@east-v1' tried preloaded: *000000000
An astute reader will also notice that several earlier log lines, such
as:
certificate verified OK: CN=strongEast,O=strongSwan,C=CH
IKEv2 mode peer ID is ID_DER_ASN1_DN: 'C=CH, O=strongSwan, CN=strongEast'
are looking redundant
More information about the Swan-commit
mailing list